, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {0x0}, {0x0}, {0x0}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:32 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  279.767030] x86/PAT: syz-executor.4:12922 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:33 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140), 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  279.917354] x86/PAT: syz-executor.4:12922 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  279.940513] x86/PAT: syz-executor.4:12922 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:33 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:33 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f0000000880)=""/144, 0x90}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:33 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:33 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:33 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  280.128024] x86/PAT: syz-executor.4:12947 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:33 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:33 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x2, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:33 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  280.211334] x86/PAT: syz-executor.4:12947 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  280.245647] x86/PAT: syz-executor.4:12947 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:33 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:33 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:33 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x3, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:33 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:33 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  280.494960] x86/PAT: syz-executor.4:12975 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:33 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:33 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x4, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:33 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:33 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  280.646977] x86/PAT: syz-executor.4:12975 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  280.663424] x86/PAT: syz-executor.4:12975 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:33 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x5, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:33 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:33 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:34 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:34 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:34 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x6, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:34 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x7, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:34 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:34 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:34 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x8, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:34 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:34 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:34 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x9, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:34 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 2:
pipe2(0x0, 0x0)
pipe2$9p(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, 0x0, 0x0, 0x0, @perf_config_ext={0x8}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x83e4}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0)
fchdir(r0)
preadv(0xffffffffffffffff, &(0x7f0000000080), 0x169, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000100)=0x1ff, 0x4)
r4 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000180)={0xc0000002})
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = dup(r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000240)={0x0, 0x40000, <r7=>r6})
ioctl$DRM_IOCTL_RES_CTX(r7, 0xc0106426, &(0x7f0000000300)={0x2, &(0x7f00000002c0)=[{}, {}]})
r8 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
preadv(r9, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000140)={<r10=>0xffffffffffffffff})
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(r10, 0x0, r11, &(0x7f0000000b00), 0x6, 0x0)
r12 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r12, 0x84, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x14)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r11, 0x84, 0x75, &(0x7f00000000c0)={0x0, 0x9}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x9, 0x1, 0x1, 0x3, 0x28d8}, &(0x7f00000000c0)=0x14)
umount2(&(0x7f0000000540)='./file0\x00', 0x0)

22:36:34 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:34 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xb, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:34 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:34 executing program 2:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:34 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:34 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xc, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:34 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:34 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:35 executing program 2:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {0x0}, {0x0}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:35 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:35 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:35 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x10, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:35 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:35 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:35 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0x14, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:35 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:35 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:35 executing program 2:
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
semop(0x0, &(0x7f0000000080), 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x2, 0x9, 0x1000}, {0x3, 0x5, 0x1000}], 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0)
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x4000082)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6}}, {{@in=@initdev}, 0x0, @in=@broadcast}}, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r5 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r6 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r7 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
write$nbd(r1, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYRESOCT=r7, @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES16=r3], @ANYRES64=r4, @ANYRESHEX=r5, @ANYRES32=r6]], 0x1)
sendfile(r1, r1, &(0x7f0000000200)=0x3, 0xa198)

22:36:35 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:35 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:35 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:35 executing program 3:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:35 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:35 executing program 2:
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
semop(0x0, &(0x7f0000000080), 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x2, 0x9, 0x1000}, {0x3, 0x5, 0x1000}], 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0)
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x4000082)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6}}, {{@in=@initdev}, 0x0, @in=@broadcast}}, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r5 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r6 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r7 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
write$nbd(r1, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYRESOCT=r7, @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES16=r3], @ANYRES64=r4, @ANYRESHEX=r5, @ANYRES32=r6]], 0x1)
sendfile(r1, r1, &(0x7f0000000200)=0x3, 0xa198)

22:36:35 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:35 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x2, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:35 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {0x0}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:35 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:35 executing program 3:
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
semop(0x0, &(0x7f0000000080), 0x0)
semop(0x0, &(0x7f00000000c0)=[{0x2, 0x9, 0x1000}, {0x3, 0x5, 0x1000}], 0x2)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000080)='.\x00', 0xfe)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x200c2, 0x0)
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x4000082)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6}}, {{@in=@initdev}, 0x0, @in=@broadcast}}, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r5 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r6 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r7 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
write$nbd(r1, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYRESOCT=r7, @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES16=r3], @ANYRES64=r4, @ANYRESHEX=r5, @ANYRES32=r6]], 0x1)
sendfile(r1, r1, &(0x7f0000000200)=0x3, 0xa198)

22:36:35 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:35 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x3, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:36 executing program 2 (fault-call:9 fault-nth:0):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:36 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:36 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {0x0}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:36 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x4, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:36 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  282.973372] x86/PAT: syz-executor.2:13183 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  283.016102] FAULT_INJECTION: forcing a failure.
[  283.016102] name failslab, interval 1, probability 0, space 0, times 0
[  283.041613] CPU: 1 PID: 13183 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  283.048597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  283.057964] Call Trace:
[  283.060599]  dump_stack+0x172/0x1f0
[  283.064258]  should_fail.cold+0xa/0x1b
[  283.068186]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  283.073315]  ? lock_downgrade+0x880/0x880
[  283.077493]  __should_failslab+0x121/0x190
[  283.081748]  should_failslab+0x9/0x14
[  283.085571]  kmem_cache_alloc_node+0x26c/0x710
[  283.090160]  ? lockdep_hardirqs_on+0x415/0x5d0
[  283.094753]  ? trace_hardirqs_on+0x67/0x220
[  283.099088]  ? kasan_check_read+0x11/0x20
[  283.103250]  copy_process.part.0+0x1ce0/0x7a30
[  283.107871]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  283.113561]  ? proc_fail_nth_write+0x9d/0x1e0
[  283.118083]  ? proc_cwd_link+0x1d0/0x1d0
[  283.122245]  ? __f_unlock_pos+0x19/0x20
[  283.126309]  ? find_held_lock+0x35/0x130
[  283.130405]  ? __cleanup_sighand+0x70/0x70
[  283.134660]  ? lock_downgrade+0x880/0x880
[  283.138844]  ? kasan_check_write+0x14/0x20
[  283.143111]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  283.147990]  _do_fork+0x257/0xfd0
[  283.151475]  ? fork_idle+0x1d0/0x1d0
[  283.155213]  ? fput+0x128/0x1a0
[  283.158519]  ? ksys_write+0x1f1/0x2d0
22:36:36 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil)
mmap(&(0x7f00008da000/0x1000)=nil, 0x1000, 0x0, 0xb4972, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil)
shmat(r2, &(0x7f0000ffd000/0x2000)=nil, 0x7000)
fcntl$setstatus(r1, 0x4, 0x46000)
io_setup(0x2344, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000)=0x6, 0x4)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x21000002}, 0xc, &(0x7f00000003c0)={&(0x7f0000000580)={0x324, r6, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x7c, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x84}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x33}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xdfd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}]}, @TIPC_NLA_LINK={0x5c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffff7}]}]}, @TIPC_NLA_LINK={0xb8, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x64}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffff001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7e4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK={0x2c, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3fc}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3f}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x73b}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffff8}]}, @TIPC_NLA_MEDIA={0xd0, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x47ef}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1c9a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc2}]}]}, @TIPC_NLA_NET={0x14, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x72e7}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_BEARER={0x4c, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xd48, @mcast1, 0x7123}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1ff}]}]}, 0x324}, 0x1, 0x0, 0x0, 0x450}, 0x4000000)
dup(r5)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_SET(r5, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xcc, r7, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x4}, @TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7f}]}, @TIPC_NLA_LINK={0x78, 0x4, [@TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9f0c}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc5f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xf7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x213}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x2002}, 0x20000000)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000480)={<r8=>0x0, @remote, @loopback}, &(0x7f00000004c0)=0xc)
ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000500)={@remote, 0x45, r8})
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$EXT4_IOC_SWAP_BOOT(r9, 0x6611)
io_submit(r3, 0x732, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}])

22:36:36 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x5, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:36 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x6, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  283.162479]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  283.167256]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  283.172025]  ? do_syscall_64+0x26/0x620
[  283.176014]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  283.181402]  ? do_syscall_64+0x26/0x620
[  283.185391]  __x64_sys_clone+0xbf/0x150
[  283.185411]  do_syscall_64+0xfd/0x620
[  283.185428]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  283.185442] RIP: 0033:0x459a59
[  283.185453] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  283.185459] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  283.185472] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  283.185478] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  283.185484] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  283.185490] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  283.185496] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:36 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  283.327829] x86/PAT: syz-executor.2:13183 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  283.364910] x86/PAT: syz-executor.2:13183 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:36 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {0x0}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:36 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x7, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:36 executing program 2 (fault-call:9 fault-nth:1):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:36 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:36 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil)
mmap(&(0x7f00008da000/0x1000)=nil, 0x1000, 0x0, 0xb4972, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r2 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffd000/0x2000)=nil)
shmat(r2, &(0x7f0000ffd000/0x2000)=nil, 0x7000)
fcntl$setstatus(r1, 0x4, 0x46000)
io_setup(0x2344, &(0x7f0000000100)=<r3=>0x0)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000)=0x6, 0x4)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x21000002}, 0xc, &(0x7f00000003c0)={&(0x7f0000000580)={0x324, r6, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x7c, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x84}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x33}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xdfd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}]}, @TIPC_NLA_LINK={0x5c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffff7}]}]}, @TIPC_NLA_LINK={0xb8, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x64}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x81}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffff001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7e4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}]}, @TIPC_NLA_SOCK={0x2c, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3fc}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3f}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x73b}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffff8}]}, @TIPC_NLA_MEDIA={0xd0, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x47ef}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1c9a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc2}]}]}, @TIPC_NLA_NET={0x14, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x72e7}, @TIPC_NLA_NET_ID={0x8}]}, @TIPC_NLA_BEARER={0x4c, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xd48, @mcast1, 0x7123}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1ff}]}]}, 0x324}, 0x1, 0x0, 0x0, 0x450}, 0x4000000)
dup(r5)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_SET(r5, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0xcc, r7, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x4}, @TIPC_NLA_NET={0x10, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7f}]}, @TIPC_NLA_LINK={0x78, 0x4, [@TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9f0c}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc5f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xf7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x213}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x2002}, 0x20000000)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000480)={<r8=>0x0, @remote, @loopback}, &(0x7f00000004c0)=0xc)
ioctl$sock_inet6_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000500)={@remote, 0x45, r8})
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$EXT4_IOC_SWAP_BOOT(r9, 0x6611)
io_submit(r3, 0x732, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}])

22:36:36 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  283.616590] x86/PAT: syz-executor.2:13421 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  283.641266] FAULT_INJECTION: forcing a failure.
[  283.641266] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  283.669185] CPU: 1 PID: 13421 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  283.676193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  283.685823] Call Trace:
[  283.688424]  dump_stack+0x172/0x1f0
[  283.692059]  should_fail.cold+0xa/0x1b
[  283.695966]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  283.701152]  ? __might_sleep+0x95/0x190
[  283.705204]  __alloc_pages_nodemask+0x1ee/0x750
[  283.709896]  ? __alloc_pages_slowpath+0x2870/0x2870
[  283.714940]  copy_process.part.0+0x3e0/0x7a30
[  283.719456]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  283.725009]  ? proc_fail_nth_write+0x9d/0x1e0
[  283.729516]  ? proc_cwd_link+0x1d0/0x1d0
[  283.733589]  ? __f_unlock_pos+0x19/0x20
[  283.737579]  ? find_held_lock+0x35/0x130
[  283.741658]  ? __cleanup_sighand+0x70/0x70
[  283.745900]  ? lock_downgrade+0x880/0x880
[  283.750068]  ? kasan_check_write+0x14/0x20
[  283.754309]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  283.759173]  _do_fork+0x257/0xfd0
[  283.762640]  ? fork_idle+0x1d0/0x1d0
[  283.766367]  ? fput+0x128/0x1a0
[  283.769659]  ? ksys_write+0x1f1/0x2d0
[  283.773476]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  283.778247]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  283.783015]  ? do_syscall_64+0x26/0x620
[  283.786999]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  283.792373]  ? do_syscall_64+0x26/0x620
[  283.796367]  __x64_sys_clone+0xbf/0x150
[  283.800359]  do_syscall_64+0xfd/0x620
[  283.804179]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  283.809427] RIP: 0033:0x459a59
[  283.812658] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  283.831566] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  283.840341] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  283.848656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  283.855940] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
22:36:37 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:37 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x8, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:37 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  283.863215] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  283.870474] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  283.904111] x86/PAT: syz-executor.2:13421 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:37 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10032, 0xffffffffffffffff, 0x0)
userfaultfd(0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x70, 0x0, &(0x7f0000002000))
openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x4000, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
write$P9_ROPEN(0xffffffffffffffff, 0x0, 0xfffffffffffffecf)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8})
mkdir(0x0, 0x0)
fcntl$getflags(0xffffffffffffffff, 0x401)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nullb0\x00', 0x0, 0x0)
io_setup(0x105, &(0x7f00000004c0)=<r3=>0x0)
io_submit(r3, 0x2, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffe7c}])
ioctl$BLKRRPART(r2, 0x125f, 0x0)
setgroups(0x0, &(0x7f0000000480))
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x40040, 0x0)
ioctl$KVM_ASSIGN_PCI_DEVICE(r4, 0x8040ae69, &(0x7f0000000080)={0x0, 0x2, 0x6, 0x1, 0x4})
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x7ff)
ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, 0x0)
unshare(0x48000000)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x26100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x40000000)

[  283.957800] x86/PAT: syz-executor.2:13421 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:37 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x9, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:37 executing program 2 (fault-call:9 fault-nth:2):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:37 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:37 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:37 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:37 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xa, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  284.205912] x86/PAT: syz-executor.2:13453 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  284.264032] FAULT_INJECTION: forcing a failure.
[  284.264032] name failslab, interval 1, probability 0, space 0, times 0
[  284.266019] IPVS: ftp: loaded support on port[0] = 21
[  284.319797] CPU: 1 PID: 13519 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  284.326789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  284.336154] Call Trace:
[  284.338748]  dump_stack+0x172/0x1f0
[  284.338771]  should_fail.cold+0xa/0x1b
[  284.338789]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  284.338801]  ? lock_downgrade+0x880/0x880
[  284.338820]  __should_failslab+0x121/0x190
[  284.338834]  should_failslab+0x9/0x14
[  284.338844]  kmem_cache_alloc+0x2ae/0x700
[  284.338929]  ? creds_are_invalid+0x59/0x150
[  284.346539]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  284.346555]  ? __validate_process_creds+0x1d9/0x300
[  284.346571]  prepare_creds+0x3e/0x400
[  284.355799]  copy_creds+0x7b/0x610
[  284.355815]  ? lockdep_init_map+0x9/0x10
[  284.355831]  copy_process.part.0+0xb54/0x7a30
[  284.367980]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  284.367995]  ? proc_fail_nth_write+0x9d/0x1e0
[  284.368008]  ? proc_cwd_link+0x1d0/0x1d0
[  284.368024]  ? __f_unlock_pos+0x19/0x20
22:36:37 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:37 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  284.368039]  ? find_held_lock+0x35/0x130
[  284.368060]  ? __cleanup_sighand+0x70/0x70
[  284.377887]  ? lock_downgrade+0x880/0x880
[  284.377914]  ? kasan_check_write+0x14/0x20
[  284.377930]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  284.386741]  _do_fork+0x257/0xfd0
[  284.386761]  ? fork_idle+0x1d0/0x1d0
[  284.386775]  ? fput+0x128/0x1a0
[  284.386790]  ? ksys_write+0x1f1/0x2d0
[  284.386814]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  284.394377]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  284.394393]  ? do_syscall_64+0x26/0x620
22:36:37 executing program 4:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  284.394408]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  284.394422]  ? do_syscall_64+0x26/0x620
[  284.394437]  __x64_sys_clone+0xbf/0x150
[  284.394453]  do_syscall_64+0xfd/0x620
[  284.404468]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  284.404479] RIP: 0033:0x459a59
[  284.404494] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  284.404501] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  284.413041] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  284.413050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  284.413058] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  284.413067] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  284.413075] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  284.437579] x86/PAT: syz-executor.2:13519 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  284.462758] x86/PAT: syz-executor.2:13519 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:37 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {0x0}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:37 executing program 2 (fault-call:9 fault-nth:3):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  284.807916] x86/PAT: syz-executor.2:13585 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  284.818048] FAULT_INJECTION: forcing a failure.
[  284.818048] name failslab, interval 1, probability 0, space 0, times 0
[  284.830013] CPU: 1 PID: 13585 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  284.836975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  284.846340] Call Trace:
[  284.848937]  dump_stack+0x172/0x1f0
[  284.852562]  should_fail.cold+0xa/0x1b
[  284.856443]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  284.861552]  ? lock_downgrade+0x880/0x880
[  284.865702]  __should_failslab+0x121/0x190
[  284.869931]  should_failslab+0x9/0x14
[  284.873844]  __kmalloc_track_caller+0x2de/0x750
[  284.878514]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  284.884142]  ? selinux_cred_prepare+0x49/0xb0
[  284.888701]  kmemdup+0x27/0x60
[  284.891882]  selinux_cred_prepare+0x49/0xb0
[  284.896194]  security_prepare_creds+0x77/0xc0
[  284.900678]  prepare_creds+0x32a/0x400
[  284.904562]  copy_creds+0x7b/0x610
[  284.908200]  ? lockdep_init_map+0x9/0x10
[  284.912405]  copy_process.part.0+0xb54/0x7a30
[  284.916948]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  284.922513]  ? proc_fail_nth_write+0x9d/0x1e0
[  284.927001]  ? proc_cwd_link+0x1d0/0x1d0
[  284.931050]  ? __f_unlock_pos+0x19/0x20
[  284.935016]  ? find_held_lock+0x35/0x130
[  284.939081]  ? __cleanup_sighand+0x70/0x70
[  284.943299]  ? lock_downgrade+0x880/0x880
[  284.947436]  ? kasan_check_write+0x14/0x20
[  284.951654]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  284.956485]  _do_fork+0x257/0xfd0
[  284.959924]  ? fork_idle+0x1d0/0x1d0
[  284.963619]  ? fput+0x128/0x1a0
[  284.966881]  ? ksys_write+0x1f1/0x2d0
[  284.970685]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  284.975448]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  284.980197]  ? do_syscall_64+0x26/0x620
[  284.984168]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  284.989517]  ? do_syscall_64+0x26/0x620
[  284.993491]  __x64_sys_clone+0xbf/0x150
[  284.997459]  do_syscall_64+0xfd/0x620
[  285.001315]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  285.006518] RIP: 0033:0x459a59
[  285.009701] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  285.028625] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  285.036579] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  285.043895] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  285.051290] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  285.058544] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  285.065800] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  285.090825] x86/PAT: syz-executor.2:13585 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  285.099813] x86/PAT: syz-executor.2:13585 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:38 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:38 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xf, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:38 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {0x0}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:38 executing program 4 (fault-call:11 fault-nth:0):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:38 executing program 2 (fault-call:9 fault-nth:4):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:38 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = inotify_init()
msgctl$MSG_STAT(0x0, 0xb, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x3)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$EVIOCGBITSW(r2, 0x80404525, &(0x7f0000000000)=""/112)
open(&(0x7f0000000300)='./file0\x00', 0x67a8bea5b85e1378, 0x80)
write$cgroup_int(r2, &(0x7f00000002c0)=0x20, 0x12)
getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000080)={'TPROXY\x00'}, &(0x7f00000000c0)=0x1e)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0x1)
setreuid(0x0, r4)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r6 = dup(r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$IMSETDEVNAME(r6, 0x80184947, &(0x7f0000000340)={0x3, 'syz0\x00'})
syz_mount_image$erofs(&(0x7f0000000100)='erofs\x00', &(0x7f0000000140)='./file0\x00', 0xfffffffffffffff7, 0x1, &(0x7f0000000200)=[{&(0x7f0000000180)="dd32ca48a825122a25f24187e15e590a7e8849f2fc67b5a00ebefd9fdfcf7f2abe8869174e3c4cd7831809a6e26c4c4bb8dac9ac0d19a0a33eaccc56da25a7f596bdeb1035f7a816f1e5fc32e245d923ac83b6a3b77ff2a355cb01493347d0580613a1dbb95c067431273b18e2", 0x6d, 0x6}], 0x2801840, &(0x7f0000000240)={[{@acl='acl'}, {@fault_injection={'fault_injection', 0x3d, 0x100000000}}, {@nouser_xattr='nouser_xattr'}, {@acl='acl'}, {@acl='acl'}, {@acl='acl'}], [{@context={'context', 0x3d, 'system_u'}}, {@fowner_gt={'fowner>', r4}}, {@obj_type={'obj_type', 0x3d, ')'}}]})

22:36:38 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:38 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x10, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  285.239035] x86/PAT: syz-executor.4:13597 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  285.270260] x86/PAT: syz-executor.2:13601 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  285.287217] FAULT_INJECTION: forcing a failure.
[  285.287217] name failslab, interval 1, probability 0, space 0, times 0
22:36:38 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x6, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  285.333455] CPU: 0 PID: 13601 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  285.340446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  285.349812] Call Trace:
[  285.352415]  dump_stack+0x172/0x1f0
[  285.356061]  should_fail.cold+0xa/0x1b
[  285.359969]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  285.365088]  ? lock_downgrade+0x880/0x880
[  285.369267]  __should_failslab+0x121/0x190
[  285.373521]  should_failslab+0x9/0x14
[  285.377340]  kmem_cache_alloc+0x2ae/0x700
[  285.381502]  ? creds_are_invalid+0x59/0x150
[  285.385159] FAULT_INJECTION: forcing a failure.
[  285.385159] name failslab, interval 1, probability 0, space 0, times 0
[  285.385832]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  285.385857]  ? selinux_is_enabled+0x43/0x60
[  285.406872]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  285.412409]  ? creds_are_invalid+0x59/0x150
[  285.416741]  __delayacct_tsk_init+0x20/0x80
[  285.421062]  copy_process.part.0+0x350b/0x7a30
[  285.425650]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  285.431191]  ? proc_fail_nth_write+0x9d/0x1e0
[  285.435684]  ? proc_cwd_link+0x1d0/0x1d0
[  285.439743]  ? __f_unlock_pos+0x19/0x20
[  285.443717]  ? find_held_lock+0x35/0x130
[  285.447789]  ? __cleanup_sighand+0x70/0x70
[  285.452020]  ? lock_downgrade+0x880/0x880
[  285.456172]  ? kasan_check_write+0x14/0x20
[  285.460401]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  285.465248]  _do_fork+0x257/0xfd0
[  285.468704]  ? fork_idle+0x1d0/0x1d0
[  285.472415]  ? fput+0x128/0x1a0
[  285.476063]  ? ksys_write+0x1f1/0x2d0
[  285.479868]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  285.484621]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  285.489376]  ? do_syscall_64+0x26/0x620
[  285.493349]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  285.498714]  ? do_syscall_64+0x26/0x620
[  285.502695]  __x64_sys_clone+0xbf/0x150
[  285.506672]  do_syscall_64+0xfd/0x620
[  285.510473]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  285.515757] RIP: 0033:0x459a59
[  285.518950] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  285.537845] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  285.545553] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  285.552817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  285.560083] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  285.567352] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  285.574628] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  285.581915] CPU: 1 PID: 13597 Comm: syz-executor.4 Not tainted 4.19.79 #0
[  285.588857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  285.598216] Call Trace:
[  285.600815]  dump_stack+0x172/0x1f0
[  285.604457]  should_fail.cold+0xa/0x1b
[  285.608351]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  285.613445]  ? lock_downgrade+0x880/0x880
[  285.617608]  __should_failslab+0x121/0x190
[  285.621832]  should_failslab+0x9/0x14
[  285.625621]  kmem_cache_alloc_node+0x26c/0x710
[  285.630188]  ? lockdep_hardirqs_on+0x415/0x5d0
[  285.634757]  ? trace_hardirqs_on+0x67/0x220
[  285.639066]  ? kasan_check_read+0x11/0x20
[  285.643215]  copy_process.part.0+0x1ce0/0x7a30
[  285.647792]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  285.653318]  ? proc_fail_nth_write+0x9d/0x1e0
[  285.657826]  ? proc_cwd_link+0x1d0/0x1d0
[  285.661875]  ? __f_unlock_pos+0x19/0x20
[  285.665835]  ? find_held_lock+0x35/0x130
[  285.669897]  ? __cleanup_sighand+0x70/0x70
[  285.674116]  ? lock_downgrade+0x880/0x880
[  285.678354]  ? kasan_check_write+0x14/0x20
[  285.682575]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  285.687410]  _do_fork+0x257/0xfd0
[  285.690851]  ? fork_idle+0x1d0/0x1d0
[  285.694549]  ? fput+0x128/0x1a0
[  285.697830]  ? ksys_write+0x1f1/0x2d0
[  285.701619]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  285.706364]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  285.711105]  ? do_syscall_64+0x26/0x620
[  285.715079]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  285.720430]  ? do_syscall_64+0x26/0x620
[  285.724393]  __x64_sys_clone+0xbf/0x150
[  285.728365]  do_syscall_64+0xfd/0x620
[  285.732153]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  285.737332] RIP: 0033:0x459a59
[  285.740510] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  285.759396] RSP: 002b:00007fefe22aec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  285.767091] RAX: ffffffffffffffda RBX: 00007fefe22aec90 RCX: 0000000000459a59
[  285.774347] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:36:38 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x11, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:38 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {0x0}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  285.781610] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  285.788867] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fefe22af6d4
[  285.796131] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007
22:36:39 executing program 4 (fault-call:11 fault-nth:1):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:39 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0x20000201, &(0x7f0000000200)="14"})
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$VIDIOC_TRY_ENCODER_CMD(r3, 0xc028564e, &(0x7f00000000c0)={0x0, 0x1, [0xfffffc01, 0x8000, 0x1, 0xd1b1, 0xfffffffa, 0x3f, 0x1, 0x1]})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000180)='SEG6\x00')
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = socket(0x10, 0x800000000080002, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video2\x00', 0x2, 0x0)
sendmsg(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)="24000000180007121dff18946f610500020000001f003e0100000100080005000400ff7e280000001100ff000000000000eff24d8238cfa50223f7efbf7600000000000000000000000b0000", 0xfffffe23}], 0x1}, 0x0)

22:36:39 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x60, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  285.978771] x86/PAT: syz-executor.2:13601 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  286.011269] x86/PAT: syz-executor.4:13726 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:39 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:39 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  286.028009] x86/PAT: syz-executor.2:13722 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  286.051046] x86/PAT: syz-executor.2:13601 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  286.063174] FAULT_INJECTION: forcing a failure.
[  286.063174] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  286.071682] x86/PAT: syz-executor.2:13722 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  286.105367] CPU: 0 PID: 13726 Comm: syz-executor.4 Not tainted 4.19.79 #0
[  286.112347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  286.121709] Call Trace:
[  286.121732]  dump_stack+0x172/0x1f0
[  286.121752]  should_fail.cold+0xa/0x1b
[  286.121769]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  286.121786]  ? __might_sleep+0x95/0x190
[  286.121802]  __alloc_pages_nodemask+0x1ee/0x750
[  286.121821]  ? __alloc_pages_slowpath+0x2870/0x2870
[  286.121841]  ? lockdep_hardirqs_on+0x415/0x5d0
[  286.121856]  ? trace_hardirqs_on+0x67/0x220
[  286.121867]  ? kasan_check_read+0x11/0x20
[  286.121885]  copy_process.part.0+0x3e0/0x7a30
[  286.168253]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  286.173812]  ? proc_fail_nth_write+0x9d/0x1e0
[  286.178334]  ? proc_cwd_link+0x1d0/0x1d0
[  286.182420]  ? __f_unlock_pos+0x19/0x20
[  286.186412]  ? find_held_lock+0x35/0x130
[  286.190494]  ? __cleanup_sighand+0x70/0x70
[  286.194736]  ? lock_downgrade+0x880/0x880
[  286.198903]  ? kasan_check_write+0x14/0x20
[  286.203150]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  286.208008]  _do_fork+0x257/0xfd0
[  286.211473]  ? fork_idle+0x1d0/0x1d0
[  286.215197]  ? fput+0x128/0x1a0
[  286.218488]  ? ksys_write+0x1f1/0x2d0
[  286.222302]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  286.227067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  286.231828]  ? do_syscall_64+0x26/0x620
[  286.235908]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  286.241271]  ? do_syscall_64+0x26/0x620
[  286.245256]  __x64_sys_clone+0xbf/0x150
[  286.249240]  do_syscall_64+0xfd/0x620
22:36:39 executing program 2 (fault-call:9 fault-nth:5):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  286.253051]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  286.258244] RIP: 0033:0x459a59
[  286.261444] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  286.280346] RSP: 002b:00007fefe22aec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  286.288055] RAX: ffffffffffffffda RBX: 00007fefe22aec90 RCX: 0000000000459a59
[  286.295318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:36:39 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xfc, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  286.302582] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  286.309849] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fefe22af6d4
[  286.317109] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007
22:36:39 executing program 3:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
socket$bt_cmtp(0x1f, 0x3, 0x5)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r2=>0x0, @dev, @multicast2}, &(0x7f0000000100)=0xc)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000140)={@empty, r2}, 0x14)

22:36:39 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(0x0, 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:39 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x12c, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:39 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  286.443891] x86/PAT: syz-executor.2:13846 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  286.476356] x86/PAT: syz-executor.4:13726 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  286.488470] FAULT_INJECTION: forcing a failure.
[  286.488470] name failslab, interval 1, probability 0, space 0, times 0
[  286.530512] x86/PAT: syz-executor.4:13726 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  286.549530] CPU: 1 PID: 13846 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  286.556518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  286.565878] Call Trace:
[  286.568481]  dump_stack+0x172/0x1f0
[  286.572149]  should_fail.cold+0xa/0x1b
[  286.576045]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  286.581160]  ? lock_downgrade+0x880/0x880
[  286.585322]  __should_failslab+0x121/0x190
[  286.589571]  should_failslab+0x9/0x14
[  286.593387]  kmem_cache_alloc+0x2ae/0x700
[  286.597542]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  286.603149]  ? perf_event_init_task+0x19f/0x7a0
[  286.607838]  ? trace_hardirqs_on+0x67/0x220
[  286.612168]  dup_fd+0x85/0xb30
[  286.615375]  ? selinux_task_alloc+0xaf/0xd0
[  286.619702]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  286.625239]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  286.630784]  copy_process.part.0+0x1e6a/0x7a30
[  286.635372]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  286.640906]  ? proc_fail_nth_write+0x9d/0x1e0
[  286.645401]  ? proc_cwd_link+0x1d0/0x1d0
[  286.649466]  ? __f_unlock_pos+0x19/0x20
[  286.653452]  ? __cleanup_sighand+0x70/0x70
[  286.657685]  ? lock_downgrade+0x880/0x880
[  286.661844]  ? kasan_check_write+0x14/0x20
[  286.666081]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  286.670937]  _do_fork+0x257/0xfd0
[  286.674397]  ? fork_idle+0x1d0/0x1d0
[  286.678109]  ? fput+0x128/0x1a0
[  286.681392]  ? ksys_write+0x1f1/0x2d0
[  286.685200]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  286.689959]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  286.694717]  ? do_syscall_64+0x26/0x620
[  286.698693]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  286.704059]  ? do_syscall_64+0x26/0x620
[  286.708034]  __x64_sys_clone+0xbf/0x150
[  286.712013]  do_syscall_64+0xfd/0x620
[  286.715839]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  286.721025] RIP: 0033:0x459a59
[  286.724223] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
22:36:39 executing program 4 (fault-call:11 fault-nth:2):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:39 executing program 3:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x80045700, &(0x7f0000000180))

22:36:39 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(0x0, 0x0, 0x0)
fsync(0xffffffffffffffff)

[  286.743124] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  286.750836] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  286.758100] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  286.765368] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  286.772635] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  286.779902] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:40 executing program 3:
openat$rtc(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rtc\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)}, 0x0)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x61883bea5100b932, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0xf17)
unshare(0x40040400)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000080)={{0x100000000, 0x0, 0x12000, 0x0, 0x774}})
syz_open_dev$ndb(&(0x7f0000000140)='/dev/nbd#\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x200e80, 0x14)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x0, 0x0, r3, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x3)
ioctl$VHOST_GET_VRING_BASE(r1, 0xc008af12, &(0x7f00000003c0))
close(0xffffffffffffffff)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r5 = dup(r4)
ioctl$sock_inet6_tcp_SIOCATMARK(r5, 0x8905, &(0x7f0000000100))
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe0, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000180)={0xffffffffffffffff, r0, 0x9f5, 0x60, &(0x7f0000000040)="afadd26e7504c5f39e22000b0b9b81136075d19d7e724c84e17330c2b77f599eaa454d42859a1b4ae09d7840cc7d1abca1fb636017f91eca69b09982011b18b41ab97877596225a1c1143898b8b5175ccf09dd7b3854112c49ecc0548ee15a0d", 0x9439, 0x400, 0x6, 0x8, 0x0, 0x0, 0x80000000, 'syz1\x00'})
prctl$PR_GET_ENDIAN(0x13, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
syz_open_dev$sg(0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0)

22:36:40 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x300, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:40 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  287.057211] x86/PAT: syz-executor.4:14010 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  287.077892] IPVS: ftp: loaded support on port[0] = 21
[  287.084953] FAULT_INJECTION: forcing a failure.
[  287.084953] name failslab, interval 1, probability 0, space 0, times 0
[  287.134369] CPU: 1 PID: 14010 Comm: syz-executor.4 Not tainted 4.19.79 #0
[  287.141352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  287.150716] Call Trace:
[  287.153322]  dump_stack+0x172/0x1f0
[  287.156974]  should_fail.cold+0xa/0x1b
[  287.160893]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  287.166038]  ? lock_downgrade+0x880/0x880
[  287.170209]  __should_failslab+0x121/0x190
[  287.174467]  should_failslab+0x9/0x14
[  287.178283]  kmem_cache_alloc+0x2ae/0x700
[  287.182439]  ? creds_are_invalid+0x59/0x150
[  287.186778]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  287.192326]  ? __validate_process_creds+0x1d9/0x300
[  287.197342]  prepare_creds+0x3e/0x400
[  287.197357]  copy_creds+0x7b/0x610
[  287.197371]  ? lockdep_init_map+0x9/0x10
[  287.197392]  copy_process.part.0+0xb54/0x7a30
[  287.213260]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  287.218812]  ? proc_fail_nth_write+0x9d/0x1e0
[  287.223322]  ? proc_cwd_link+0x1d0/0x1d0
[  287.227396]  ? __f_unlock_pos+0x19/0x20
[  287.231390]  ? find_held_lock+0x35/0x130
[  287.235473]  ? __cleanup_sighand+0x70/0x70
[  287.239713]  ? lock_downgrade+0x880/0x880
[  287.243876]  ? kasan_check_write+0x14/0x20
[  287.248119]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  287.252978]  _do_fork+0x257/0xfd0
[  287.256442]  ? fork_idle+0x1d0/0x1d0
[  287.260157]  ? fput+0x128/0x1a0
[  287.263442]  ? ksys_write+0x1f1/0x2d0
[  287.267267]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  287.272023]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  287.276781]  ? do_syscall_64+0x26/0x620
[  287.280755]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.286117]  ? do_syscall_64+0x26/0x620
[  287.290095]  __x64_sys_clone+0xbf/0x150
[  287.294073]  do_syscall_64+0xfd/0x620
[  287.297879]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.303066] RIP: 0033:0x459a59
[  287.306263] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  287.325267] RSP: 002b:00007fefe22aec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  287.332979] RAX: ffffffffffffffda RBX: 00007fefe22aec90 RCX: 0000000000459a59
[  287.340426] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  287.347695] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  287.354962] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fefe22af6d4
[  287.362234] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007
[  287.378873] x86/PAT: syz-executor.2:13846 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  287.378900] x86/PAT: syz-executor.2:13846 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:40 executing program 2 (fault-call:9 fault-nth:6):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:40 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(0x0, 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:40 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x500, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:40 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {0x0}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:40 executing program 3:
prctl$PR_SET_FPEXC(0xc, 0x1)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000100)=[{&(0x7f0000000380)="800000003804000019000300e60100006c000000000000000100000001000000000b00000040000080000000000000006d5ebe5a0000ffff53ef40790a6dcffec134d4da6fe57266b52e87b9b2", 0x4d, 0x400}], 0x0, 0x0)

[  287.475487] x86/PAT: syz-executor.4:14010 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  287.534834] x86/PAT: syz-executor.4:14010 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:40 executing program 5 (fault-call:6 fault-nth:0):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  287.580987] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  287.636922] EXT4-fs (loop3): invalid first ino: 0
22:36:40 executing program 4 (fault-call:11 fault-nth:3):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:40 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x5c0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:40 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {0x0}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  287.658833] x86/PAT: syz-executor.2:14095 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  287.683732] FAULT_INJECTION: forcing a failure.
[  287.683732] name failslab, interval 1, probability 0, space 0, times 0
[  287.696901] CPU: 1 PID: 14095 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  287.703881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  287.713236] Call Trace:
[  287.713257]  dump_stack+0x172/0x1f0
[  287.713281]  should_fail.cold+0xa/0x1b
[  287.713296]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  287.713311]  ? lock_downgrade+0x880/0x880
[  287.713337]  __should_failslab+0x121/0x190
[  287.736979]  should_failslab+0x9/0x14
[  287.740784]  kmem_cache_alloc_trace+0x2cc/0x760
[  287.745464]  ? lock_downgrade+0x880/0x880
[  287.749626]  ? __lock_is_held+0xb6/0x140
[  287.753697]  alloc_fdtable+0x86/0x290
[  287.757510]  dup_fd+0x743/0xb30
[  287.760805]  copy_process.part.0+0x1e6a/0x7a30
[  287.765402]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  287.770938]  ? proc_fail_nth_write+0x9d/0x1e0
[  287.775432]  ? proc_cwd_link+0x1d0/0x1d0
[  287.779493]  ? __f_unlock_pos+0x19/0x20
[  287.783480]  ? __cleanup_sighand+0x70/0x70
[  287.787714]  ? lock_downgrade+0x880/0x880
[  287.791871]  ? kasan_check_write+0x14/0x20
[  287.796104]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  287.800952]  _do_fork+0x257/0xfd0
[  287.804413]  ? fork_idle+0x1d0/0x1d0
[  287.808129]  ? fput+0x128/0x1a0
[  287.811409]  ? ksys_write+0x1f1/0x2d0
[  287.815218]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  287.819975]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  287.824732]  ? do_syscall_64+0x26/0x620
[  287.828706]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.834069]  ? do_syscall_64+0x26/0x620
[  287.838049]  __x64_sys_clone+0xbf/0x150
[  287.842028]  do_syscall_64+0xfd/0x620
[  287.845834]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  287.851024] RIP: 0033:0x459a59
[  287.854218] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  287.873123] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  287.880838] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  287.888124] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  287.895398] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  287.902683] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  287.909951] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  287.950782] x86/PAT: syz-executor.2:14095 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:41 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x9fe, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8001)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev_snmp6\x00')
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x1c083, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f00003b9fdc))
r4 = syz_open_pts(r3, 0x4000000000000002)
r5 = dup3(r4, r2, 0x0)
ioctl$KIOCSOUND(r4, 0x4b2f, 0xff)
flistxattr(r3, &(0x7f00000001c0)=""/118, 0x76)
r6 = fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
write$P9_RSTATFS(r6, &(0x7f0000000140)={0x43, 0x9, 0x1, {0x3, 0x101, 0x5, 0xffffffffffffffff, 0x20, 0x100, 0xffffffffffffff80, 0x6, 0x3f}}, 0x43)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
poll(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1000000005, 0x0, &(0x7f000087fff8)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
recvmmsg(r7, &(0x7f0000000bc0), 0x4000000000002e5, 0x0, 0x0)
sendmmsg$unix(r8, &(0x7f0000004e00)=[{0x0, 0x36b, 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000f6b73859e9a3ac000100006f3c7525cd09908b2131b62245f8711e07a435d0b5af4d7c0fa3ffbac46028fe53e07db8e161173ff90e48fac8dac37c4fcb74ec0e330e1646a6dcfc048062f8440000000000000000000000000000000000000000000000000000a0d2537bf748c60e5c2d19b9fffe6dbfbde523355c1448068d542c398fdaafb70f1bc173cf9004b824602859ae4fac899413e67d11048da8ece6e77b074f0ecb16e431dbde7d202b7ad61bbe36952abb9c4f7ceaf38bf820fd0ad9a61964eb14b2860c23fcd018983da32804aa4940d1491970a1e7acaf30147253e3982be096a760448c8e1b99a764070ae35cf7124e4a0fcaf3c0855193b558ef0863b6b239bca040aaf8bf9ff157e1c3d6b357d8", @ANYRES32, @ANYRES32], 0x18}], 0x492492492492556, 0x0)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x23, &(0x7f0000000000)=0x7, 0x4)
write$binfmt_misc(r5, &(0x7f0000000640)=ANY=[@ANYBLOB="7351a2dd0870cae0fe9b03ca1e31f2a6317cb7d93912bc3f7a7f1881f351107ded54345b0c5effd01869baccecabb7003eeee8c3754593e80aafaa06b642f85ed5c5c0f0a643ac451670ec704250f3c9cc3a3f0e0ac5dd44acf76cde9083b640eb9ae6224d3e723034fc67646891653b71e3c2549f31ef9eeec90000ffffffffe7ff19555fac9b010cbc45cbe2b47e79c784fe580940ad7065be83b137920cb7f57de26941db7d92aac2c4908114d099ad5996ee5007592451807413bbc871003a2f5655921e30e9162c346b2ca9a60400f00c8b36499e6f4a5a1dae465908d729d32e1d91203a935a9f9d2f33acebf21b840cd4bbefedc230a250da5b0cd0787c5f4c003eb4f9ad9fac786f6482f9cfbfe708ea08415ab36d242fdd05646d652eb85195832d152b73f6ccdd92235e0b0f55bd68925c7e3fd6e17f34c7757fd212f5ec5c550b7f7c466d5a1a9f477eb20bf1ddb4b01929c4ea83d9d4713ebfa3e80aaa38dfb974aa7805fb96cc1dac844b4aae4751413661905d5a145ad87991ccf82183a442f8ee911a97bf94c82a2ac96a7e3f36ce40746d066467c2be39eb36d62248c9d6fd74c7dd0e4de6554df1eab76bc98b7b2484781ec90dec48257b36a12f3fd85406e2e2f961f60b7bea02968cf7"], 0x9e)
r9 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x0, 0x0)
ioctl$TIOCGWINSZ(r9, 0x5413, &(0x7f0000000240))

[  287.994471] x86/PAT: syz-executor.2:14095 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:41 executing program 2 (fault-call:9 fault-nth:7):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:41 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:41 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x5c4, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  288.126516] x86/PAT: syz-executor.4:14108 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:41 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {0x0}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  288.200031] x86/PAT: syz-executor.2:14121 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  288.244879] FAULT_INJECTION: forcing a failure.
[  288.244879] name failslab, interval 1, probability 0, space 0, times 0
22:36:41 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x2}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  288.292282] x86/PAT: syz-executor.4:14106 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  288.325451] CPU: 1 PID: 14121 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  288.328981] x86/PAT: syz-executor.4:14106 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  288.332426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  288.332432] Call Trace:
[  288.332453]  dump_stack+0x172/0x1f0
[  288.332473]  should_fail.cold+0xa/0x1b
[  288.360579]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  288.365696]  ? lock_downgrade+0x880/0x880
[  288.369868]  __should_failslab+0x121/0x190
[  288.374110]  should_failslab+0x9/0x14
[  288.377919]  kmem_cache_alloc_trace+0x2cc/0x760
[  288.382599]  ? lock_downgrade+0x880/0x880
[  288.386755]  ? __lock_is_held+0xb6/0x140
[  288.390831]  alloc_fdtable+0x86/0x290
[  288.394661]  dup_fd+0x743/0xb30
[  288.397964]  copy_process.part.0+0x1e6a/0x7a30
[  288.402564]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  288.408111]  ? proc_fail_nth_write+0x9d/0x1e0
[  288.412616]  ? proc_cwd_link+0x1d0/0x1d0
[  288.416685]  ? __f_unlock_pos+0x19/0x20
[  288.420674]  ? __cleanup_sighand+0x70/0x70
[  288.424908]  ? lock_downgrade+0x880/0x880
[  288.429075]  ? kasan_check_write+0x14/0x20
[  288.433318]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  288.438172]  _do_fork+0x257/0xfd0
[  288.441639]  ? fork_idle+0x1d0/0x1d0
[  288.445352]  ? fput+0x128/0x1a0
[  288.448632]  ? ksys_write+0x1f1/0x2d0
[  288.452436]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  288.457193]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  288.461952]  ? do_syscall_64+0x26/0x620
[  288.465927]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  288.471290]  ? do_syscall_64+0x26/0x620
[  288.475271]  __x64_sys_clone+0xbf/0x150
[  288.479249]  do_syscall_64+0xfd/0x620
[  288.483056]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  288.488243] RIP: 0033:0x459a59
[  288.491434] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  288.510347] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  288.518060] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  288.525348] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  288.532623] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
22:36:41 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:41 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  288.539903] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  288.547191] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  288.563568] x86/PAT: syz-executor.2:14121 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:41 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x600, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  288.621552] x86/PAT: syz-executor.2:14121 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:41 executing program 2 (fault-call:9 fault-nth:8):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  288.718653] x86/PAT: syz-executor.4:14289 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:41 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {0x0}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:42 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:42 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x700, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  288.827660] x86/PAT: syz-executor.2:14345 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:42 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x3}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  288.911744] FAULT_INJECTION: forcing a failure.
[  288.911744] name failslab, interval 1, probability 0, space 0, times 0
[  288.954544] CPU: 0 PID: 14353 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  288.961526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  288.970891] Call Trace:
[  288.973504]  dump_stack+0x172/0x1f0
[  288.977158]  should_fail.cold+0xa/0x1b
[  288.981074]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  288.986197]  ? lock_downgrade+0x880/0x880
[  288.990379]  __should_failslab+0x121/0x190
[  288.994630]  should_failslab+0x9/0x14
[  288.998443]  kmem_cache_alloc_node_trace+0x274/0x720
[  289.003558]  ? alloc_fdtable+0x86/0x290
[  289.007544]  ? kasan_unpoison_shadow+0x35/0x50
[  289.012147]  __kmalloc_node+0x3d/0x80
[  289.015961]  kvmalloc_node+0x68/0x100
[  289.019775]  alloc_fdtable+0x142/0x290
[  289.023781]  dup_fd+0x743/0xb30
[  289.027081]  copy_process.part.0+0x1e6a/0x7a30
[  289.031688]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  289.037235]  ? proc_fail_nth_write+0x9d/0x1e0
[  289.041744]  ? proc_cwd_link+0x1d0/0x1d0
[  289.045835]  ? __f_unlock_pos+0x19/0x20
[  289.049829]  ? __cleanup_sighand+0x70/0x70
22:36:42 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  289.054070]  ? lock_downgrade+0x880/0x880
[  289.058245]  ? kasan_check_write+0x14/0x20
[  289.062491]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  289.067355]  _do_fork+0x257/0xfd0
[  289.070827]  ? fork_idle+0x1d0/0x1d0
[  289.074557]  ? fput+0x128/0x1a0
[  289.077849]  ? ksys_write+0x1f1/0x2d0
[  289.081663]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  289.086430]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  289.091197]  ? do_syscall_64+0x26/0x620
[  289.095329]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.100703]  ? do_syscall_64+0x26/0x620
22:36:42 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x900, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  289.104692]  __x64_sys_clone+0xbf/0x150
[  289.108680]  do_syscall_64+0xfd/0x620
[  289.112490]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.117689] RIP: 0033:0x459a59
[  289.120891] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  289.139802] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  289.147513] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
22:36:42 executing program 3:
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040))
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
lseek(r1, 0x7ffffc, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0xfd14)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0506617, &(0x7f00000000c0)={{0x5, 0x0, @reserved="eb2d554bdc3dda5019962dc8cdd96bbe90991461c76062fced0032061d656a02"}, 0x1a, [], "ce7394be725771c75c141c078e405e7040f47c4b1aa4c8182fdd"})
fallocate(r1, 0x100000003, 0x0, 0x28120001)
fallocate(r0, 0x100000003, 0x804000, 0x28120001)

22:36:42 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xa00, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  289.154786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  289.154794] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  289.154801] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  289.154809] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  289.208216] x86/PAT: syz-executor.2:14344 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  289.289795] x86/PAT: syz-executor.4:14269 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  289.304511] x86/PAT: syz-executor.2:14344 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  289.332516] x86/PAT: syz-executor.4:14269 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:42 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xf00, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:42 executing program 2 (fault-call:9 fault-nth:9):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:42 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x5}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:42 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:42 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x2, 0x0, 0x0, 0x0, 0x0)

22:36:42 executing program 3:
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000000)={0x9a, {{0x2, 0x0, @local}}}, 0x88)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffffffffffff)
pivot_root(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00')
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x102000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x276, 0x0, 0x0, 0xfffffe3d)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xd, 0xffffffffffffffff, 0xe10193f3bfdcbd86)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$netrom_NETROM_T1(r4, 0x103, 0x1, &(0x7f00000001c0)=0x200, 0x4)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000180)={'veth1\x00', {0x2, 0x4e22, @rand_addr=0x7}})
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

22:36:42 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:42 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  289.586328] x86/PAT: syz-executor.2:14489 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  289.597861] x86/PAT: syz-executor.4:14493 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  289.642833] FAULT_INJECTION: forcing a failure.
[  289.642833] name failslab, interval 1, probability 0, space 0, times 0
[  289.668013] CPU: 0 PID: 14498 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  289.674988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  289.674995] Call Trace:
[  289.675018]  dump_stack+0x172/0x1f0
22:36:42 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x1100, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  289.675036]  should_fail.cold+0xa/0x1b
[  289.675053]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  289.675066]  ? lock_downgrade+0x880/0x880
[  289.675092]  __should_failslab+0x121/0x190
[  289.675109]  should_failslab+0x9/0x14
[  289.675121]  kmem_cache_alloc+0x2ae/0x700
[  289.675138]  ? dup_fd+0x5c1/0xb30
[  289.719467]  copy_fs_struct+0x43/0x2d0
[  289.719484]  copy_process.part.0+0x377d/0x7a30
[  289.727953]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  289.733507]  ? proc_fail_nth_write+0x9d/0x1e0
[  289.738014]  ? proc_cwd_link+0x1d0/0x1d0
[  289.742072]  ? __f_unlock_pos+0x19/0x20
[  289.746065]  ? __cleanup_sighand+0x70/0x70
[  289.750307]  ? lock_downgrade+0x880/0x880
[  289.754475]  ? kasan_check_write+0x14/0x20
[  289.758728]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  289.763594]  _do_fork+0x257/0xfd0
[  289.767069]  ? fork_idle+0x1d0/0x1d0
[  289.770796]  ? fput+0x128/0x1a0
[  289.774086]  ? ksys_write+0x1f1/0x2d0
[  289.777902]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  289.782670]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  289.787437]  ? do_syscall_64+0x26/0x620
[  289.791420]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.796783]  ? do_syscall_64+0x26/0x620
[  289.796801]  __x64_sys_clone+0xbf/0x150
[  289.796817]  do_syscall_64+0xfd/0x620
[  289.796834]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  289.796845] RIP: 0033:0x459a59
[  289.796858] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  289.796865] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  289.796879] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  289.796886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  289.796899] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  289.836038] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  289.836049] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:43 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x2000, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:43 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  289.898847] x86/PAT: syz-executor.4:14492 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:43 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000180), &(0x7f0000000200)=0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000040)="25bca274769e620aa734fa0095e0612687463915e38802a9d8aea872943afd874e2f98b479a7316270146d0e02f8e63ba8863cd7dcc6760253ef", 0x3a, 0x400}], 0x0, &(0x7f0000000080)={[{@journal_async_commit='journal_async_commit'}]})

[  289.960730] x86/PAT: syz-executor.4:14492 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:43 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x4, 0x0, 0x0, 0x0, 0x0)

[  290.062123] EXT4-fs (loop3): Unsupported filesystem blocksize 0 (1923657432 log_block_size)
[  290.109162] x86/PAT: syz-executor.4:14724 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  290.213787] x86/PAT: syz-executor.2:14488 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  290.249445] x86/PAT: syz-executor.4:14723 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:43 executing program 2 (fault-call:9 fault-nth:10):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:43 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:43 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x2c01, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:43 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:43 executing program 3:
r0 = syz_open_dev$admmidi(&(0x7f0000000300)='/dev/admmidi#\x00', 0x7ff, 0x2)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000380)=<r1=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2528, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/checkreqprot\x00', 0x101600, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
sendto$inet(r2, 0x0, 0x3bd, 0x200007fd, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='scalable\x00', 0x9)
sendmmsg$inet(r2, &(0x7f0000000b40)=[{{0x0, 0xfffffffffffffcfb, &(0x7f0000000200)=[{&(0x7f0000000100)="8cb08f70aca1f2e24e7dc4636db1607852800ad7239bfbb123065f68cd67943bc81a1d56defee801abbb295542689614ad3cf075062ecc8fff703998f05b4a75cd21c51a0cdf5c1d22ec6c88b2f328c35d2284ce373751008f2fe11265fc7b892d9211b9f2b8d60d65de6a11b376b8379dea0e24d9d54997f9b0c35fdbb691b6a85b1dd235877eaf2c6b56cdebc12feefdd198891969cc07ec80aa29bcc95a7fa0866e97a784c0ac21edab15d06cfb51b0f47e5f4404000000000000", 0x19}, {&(0x7f0000000340)="4520d8c1ee8e08b9ee293229", 0x28c}], 0x2}}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000500)='B', 0x3c9}], 0x1}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000640)="6704848d55e654ad6f06f85d5c8caed968361a080c9a53252ca10c8e9f2257b4300eccf6f7e8f49e10382d24c8e304851ba9f674097b80c63dc396090a3762753a1400aba6fc2b7dcec89c4c03bb4f4a995e7f0d40", 0x98}], 0x1}}], 0x308, 0x40000)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8b04, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00$\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00\x00', @ANYRES32=0x0, @ANYBLOB='\v\x00'/12]}}, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

22:36:43 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x8, 0x0, 0x0, 0x0, 0x0)

[  290.251007] x86/PAT: syz-executor.2:14488 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  290.277556] x86/PAT: syz-executor.4:14723 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:43 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xa}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:43 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x3f00, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  290.408295] x86/PAT: syz-executor.2:14945 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  290.423928] x86/PAT: syz-executor.4:14946 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:43 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  290.511722] FAULT_INJECTION: forcing a failure.
[  290.511722] name failslab, interval 1, probability 0, space 0, times 0
[  290.566059] CPU: 0 PID: 14945 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  290.573043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  290.582404] Call Trace:
[  290.585009]  dump_stack+0x172/0x1f0
[  290.588648]  should_fail.cold+0xa/0x1b
[  290.592549]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  290.597662]  ? lock_downgrade+0x880/0x880
[  290.601827]  __should_failslab+0x121/0x190
[  290.606076]  should_failslab+0x9/0x14
[  290.609884]  kmem_cache_alloc+0x2ae/0x700
[  290.614037]  ? do_raw_spin_unlock+0x57/0x270
[  290.618451]  ? _raw_spin_unlock+0x2d/0x50
[  290.622632]  copy_process.part.0+0x1fd7/0x7a30
[  290.627225]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  290.632763]  ? proc_fail_nth_write+0x9d/0x1e0
[  290.637260]  ? proc_cwd_link+0x1d0/0x1d0
[  290.641327]  ? __f_unlock_pos+0x19/0x20
[  290.645316]  ? __cleanup_sighand+0x70/0x70
[  290.649548]  ? lock_downgrade+0x880/0x880
[  290.653706]  ? kasan_check_write+0x14/0x20
[  290.657945]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  290.662794]  _do_fork+0x257/0xfd0
[  290.666256]  ? fork_idle+0x1d0/0x1d0
[  290.669974]  ? fput+0x128/0x1a0
[  290.673253]  ? ksys_write+0x1f1/0x2d0
[  290.677061]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  290.681815]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  290.686575]  ? do_syscall_64+0x26/0x620
[  290.690551]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.695920]  ? do_syscall_64+0x26/0x620
[  290.699896]  __x64_sys_clone+0xbf/0x150
[  290.703876]  do_syscall_64+0xfd/0x620
[  290.707687]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  290.712875] RIP: 0033:0x459a59
[  290.716070] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  290.734976] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  290.742700] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  290.749968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  290.757236] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
22:36:43 executing program 3:
openat$audio(0xffffffffffffff9c, 0x0, 0x88001, 0x0)
r0 = open(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgget(0x0, 0x400)
syz_open_dev$sndseq(0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
signalfd4(r1, &(0x7f0000000000)={0x1ff}, 0x8, 0x1879200d8c1efc6b)
write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0x0)
keyctl$get_keyring_id(0x0, r2, 0xffff)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, &(0x7f0000001100))
ioctl$TCSETX(r0, 0x5433, &(0x7f00000002c0)={0xae6d, 0x0, [0xffff, 0xfffb, 0x0, 0x0, 0x3], 0x24d9})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000023c0))
syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="02000f00000a00000000ff07000000000000000000000000000000000000000000004200000000000000018000"/62, 0x3e, 0x1c0}])

[  290.764504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  290.771774] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:44 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x10}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  290.869381] x86/PAT: syz-executor.4:14942 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  290.911818] x86/PAT: syz-executor.4:14942 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x4000, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  291.025324] x86/PAT: syz-executor.2:14945 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  291.043381] x86/PAT: syz-executor.2:14945 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  291.056122] Dev loop3: unable to read RDB block 1
[  291.090814]  loop3: unable to read partition table
22:36:44 executing program 2 (fault-call:9 fault-nth:11):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:44 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x10, 0x0, 0x0, 0x0, 0x0)

22:36:44 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:44 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x48}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  291.117979] loop3: partition table beyond EOD, truncated
[  291.150522] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
22:36:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x6000, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  291.226522] x86/PAT: syz-executor.4:15182 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:44 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4c}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  291.343675] x86/PAT: syz-executor.2:15254 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  291.369213] x86/PAT: syz-executor.4:15177 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  291.379663] x86/PAT: syz-executor.4:15177 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:44 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x80fe, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  291.404695] FAULT_INJECTION: forcing a failure.
[  291.404695] name failslab, interval 1, probability 0, space 0, times 0
[  291.478851] CPU: 0 PID: 15374 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  291.485834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  291.495191] Call Trace:
[  291.497792]  dump_stack+0x172/0x1f0
[  291.501436]  should_fail.cold+0xa/0x1b
[  291.505341]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  291.510902]  ? lock_downgrade+0x880/0x880
[  291.515070]  __should_failslab+0x121/0x190
[  291.519307]  should_failslab+0x9/0x14
[  291.523116]  kmem_cache_alloc+0x2ae/0x700
[  291.527279]  ? trace_hardirqs_on+0x67/0x220
[  291.531603]  ? kasan_check_read+0x11/0x20
[  291.535759]  copy_process.part.0+0x2139/0x7a30
[  291.540349]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  291.545891]  ? proc_fail_nth_write+0x9d/0x1e0
[  291.550385]  ? proc_cwd_link+0x1d0/0x1d0
[  291.554447]  ? __f_unlock_pos+0x19/0x20
[  291.558434]  ? __cleanup_sighand+0x70/0x70
[  291.562666]  ? lock_downgrade+0x880/0x880
[  291.566824]  ? kasan_check_write+0x14/0x20
[  291.571058]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  291.575907]  _do_fork+0x257/0xfd0
22:36:44 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x68}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  291.579364]  ? fork_idle+0x1d0/0x1d0
[  291.583083]  ? fput+0x128/0x1a0
[  291.586455]  ? ksys_write+0x1f1/0x2d0
[  291.590260]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  291.595024]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  291.599782]  ? do_syscall_64+0x26/0x620
[  291.603755]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  291.609116]  ? do_syscall_64+0x26/0x620
[  291.613098]  __x64_sys_clone+0xbf/0x150
[  291.617087]  do_syscall_64+0xfd/0x620
[  291.620898]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  291.626092] RIP: 0033:0x459a59
[  291.629289] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  291.648194] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  291.655919] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  291.663194] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  291.670494] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
22:36:44 executing program 3:
openat$audio(0xffffffffffffff9c, 0x0, 0x88001, 0x0)
r0 = open(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgget(0x0, 0x400)
syz_open_dev$sndseq(0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
signalfd4(r1, &(0x7f0000000000)={0x1ff}, 0x8, 0x1879200d8c1efc6b)
write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0x0)
keyctl$get_keyring_id(0x0, r2, 0xffff)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, &(0x7f0000001100))
ioctl$TCSETX(r0, 0x5433, &(0x7f00000002c0)={0xae6d, 0x0, [0xffff, 0xfffb, 0x0, 0x0, 0x3], 0x24d9})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000023c0))
syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="02000f00000a00000000ff07000000000000000000000000000000000000000000004200000000000000018000"/62, 0x3e, 0x1c0}])

22:36:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xc005, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:44 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x11, 0x0, 0x0, 0x0, 0x0)

[  291.677766] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  291.685040] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  291.836652] x86/PAT: syz-executor.4:15443 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:45 executing program 2 (fault-call:9 fault-nth:12):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:45 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:45 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xc0fe, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:45 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6c}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:45 executing program 3:
openat$audio(0xffffffffffffff9c, 0x0, 0x88001, 0x0)
r0 = open(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgget(0x0, 0x400)
syz_open_dev$sndseq(0x0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
signalfd4(r1, &(0x7f0000000000)={0x1ff}, 0x8, 0x1879200d8c1efc6b)
write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0x0)
keyctl$get_keyring_id(0x0, r2, 0xffff)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, &(0x7f0000001100))
ioctl$TCSETX(r0, 0x5433, &(0x7f00000002c0)={0xae6d, 0x0, [0xffff, 0xfffb, 0x0, 0x0, 0x3], 0x24d9})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000023c0))
syz_read_part_table(0x0, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)="02000f00000a00000000ff07000000000000000000000000000000000000000000004200000000000000018000"/62, 0x3e, 0x1c0}])

[  291.952584] x86/PAT: syz-executor.2:15254 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  291.970749] x86/PAT: syz-executor.2:15254 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  292.042210] x86/PAT: syz-executor.4:15418 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  292.115217] x86/PAT: syz-executor.4:15418 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:45 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xc405, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:45 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x30, 0x0, 0x0, 0x0, 0x0)

22:36:45 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:45 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x74}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  292.170263] x86/PAT: syz-executor.2:15638 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  292.228457] FAULT_INJECTION: forcing a failure.
[  292.228457] name failslab, interval 1, probability 0, space 0, times 0
[  292.252982] CPU: 1 PID: 15642 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  292.259963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  292.269319] Call Trace:
[  292.271914]  dump_stack+0x172/0x1f0
[  292.275550]  should_fail.cold+0xa/0x1b
[  292.279446]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  292.284555]  ? lock_downgrade+0x880/0x880
[  292.288715]  __should_failslab+0x121/0x190
[  292.292955]  should_failslab+0x9/0x14
[  292.296757]  kmem_cache_alloc+0x2ae/0x700
[  292.300910]  ? lockdep_init_map+0x9/0x10
[  292.304970]  ? debug_mutex_init+0x2d/0x60
[  292.309126]  copy_process.part.0+0x2ad6/0x7a30
[  292.313716]  ? proc_fail_nth_write+0x9d/0x1e0
[  292.318231]  ? __cleanup_sighand+0x70/0x70
[  292.322463]  ? lock_downgrade+0x880/0x880
[  292.326621]  ? kasan_check_write+0x14/0x20
[  292.330855]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  292.335705]  _do_fork+0x257/0xfd0
[  292.339167]  ? fork_idle+0x1d0/0x1d0
[  292.342884]  ? fput+0x128/0x1a0
[  292.346167]  ? ksys_write+0x1f1/0x2d0
[  292.349976]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  292.354733]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  292.359491]  ? do_syscall_64+0x26/0x620
[  292.363466]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  292.368830]  ? do_syscall_64+0x26/0x620
[  292.372808]  __x64_sys_clone+0xbf/0x150
[  292.376791]  do_syscall_64+0xfd/0x620
[  292.380600]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  292.386052] RIP: 0033:0x459a59
[  292.389248] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  292.408149] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  292.415863] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  292.423131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  292.430398] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  292.437662] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  292.444930] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  292.497497] Dev loop3: unable to read RDB block 1
[  292.527179]  loop3: unable to read partition table
22:36:45 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xfc00, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  292.556886] loop3: partition table beyond EOD, truncated
[  292.577696] x86/PAT: syz-executor.4:15653 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  292.580645] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
22:36:45 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {0x0}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:45 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7a}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  292.691226] x86/PAT: syz-executor.4:15652 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  292.734364] x86/PAT: syz-executor.4:15652 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:46 executing program 2 (fault-call:9 fault-nth:13):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:46 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xfe80, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:46 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x1100, 0x0, 0x0, 0x0, 0x0)

22:36:46 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="020700001000000000000000000000000800120000000100000000000000000006000000000000000000000000000200e00040e0ff00000020000000000000000000ada8008004000000200000000000030006000000000002000080ac14ffbbf00000000000000003000500000000000200423b1d632bd7b8200000000000c7"], 0x80}}, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r0, &(0x7f0000000180), 0x32bc45944b084a6, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x22, &(0x7f00000000c0)=0x7, 0x4)

22:36:46 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x300}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:46 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  292.898558] x86/PAT: syz-executor.2:15638 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  292.925975] x86/PAT: syz-executor.2:15638 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  293.009629] x86/PAT: syz-executor.4:15776 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:46 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xfec0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  293.102708] x86/PAT: syz-executor.2:15790 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:46 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x500}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  293.176542] x86/PAT: syz-executor.4:15774 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  293.196152] FAULT_INJECTION: forcing a failure.
[  293.196152] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  293.259531] x86/PAT: syz-executor.4:15774 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:46 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  293.361721] CPU: 0 PID: 15994 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  293.368711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  293.378071] Call Trace:
[  293.380679]  dump_stack+0x172/0x1f0
[  293.384326]  should_fail.cold+0xa/0x1b
[  293.388237]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  293.393364]  ? __might_sleep+0x95/0x190
[  293.397361]  __alloc_pages_nodemask+0x1ee/0x750
[  293.402050]  ? __alloc_pages_slowpath+0x2870/0x2870
[  293.407093]  ? find_held_lock+0x35/0x130
[  293.411241]  ? percpu_ref_put_many+0x94/0x190
[  293.415749]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  293.421305]  alloc_pages_current+0x107/0x210
[  293.425727]  __get_free_pages+0xc/0x40
[  293.429686]  pgd_alloc+0x8b/0x3f0
[  293.433154]  ? pgd_page_get_mm+0x40/0x40
[  293.437222]  ? __lockdep_init_map+0x10c/0x5b0
[  293.441741]  ? __lockdep_init_map+0x10c/0x5b0
[  293.446246]  mm_init+0x59e/0x9d0
[  293.449616]  copy_process.part.0+0x2b3d/0x7a30
[  293.454215]  ? proc_fail_nth_write+0x9d/0x1e0
[  293.458738]  ? __cleanup_sighand+0x70/0x70
[  293.462976]  ? lock_downgrade+0x880/0x880
[  293.467140]  ? kasan_check_write+0x14/0x20
[  293.471411]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  293.476274]  _do_fork+0x257/0xfd0
[  293.479745]  ? fork_idle+0x1d0/0x1d0
[  293.483468]  ? fput+0x128/0x1a0
[  293.486755]  ? ksys_write+0x1f1/0x2d0
[  293.490570]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  293.495336]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  293.500102]  ? do_syscall_64+0x26/0x620
[  293.504085]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  293.509455]  ? do_syscall_64+0x26/0x620
[  293.513451]  __x64_sys_clone+0xbf/0x150
[  293.517436]  do_syscall_64+0xfd/0x620
[  293.521257]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  293.526455] RIP: 0033:0x459a59
[  293.529655] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  293.548571] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
22:36:46 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0xff00, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:46 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x1f00, 0x0, 0x0, 0x0, 0x0)

[  293.556301] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  293.563582] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  293.570858] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  293.578131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  293.585400] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  293.603207] x86/PAT: syz-executor.2:15783 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:46 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x600}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  293.654408] x86/PAT: syz-executor.2:15783 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:46 executing program 2 (fault-call:9 fault-nth:14):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:46 executing program 3:
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/create\x00', 0x2, 0x0)
write$selinux_create(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c6f61645f706f6c6963795f657865235f743a7330202f7573722f7362696e2f6e747064203030303030303030303030303030303030303037202e2f66696c65302f2e2e2f66696c653000fd409fc6c9469924888a3d2fde4051b0963dc3476450e8755cdc2c11830624d0f127459f00c77f347088ce908286e8b2bb786c8e516784d21356e6894280"], 0x5d)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
splice(r2, 0x0, r0, 0x0, 0x1000000000000003, 0x0)
r3 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000087fff8)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r4, 0x5452, &(0x7f0000008ff8)=0x3f)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
fcntl$setsig(r4, 0xa, 0x12)
fcntl$setownex(r4, 0xf, &(0x7f0000000140)={0x0, r3})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
recvmsg(r5, &(0x7f0000172fc8)={0x0, 0x0, 0x0}, 0x0)
mkdir(&(0x7f0000042ff6)='./file0\x00', 0x80)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
rmdir(0x0)
dup2(r4, r5)
r7 = open(&(0x7f00000001c0)='./file0\x00', 0x400000008044, 0x0)
sync_file_range(r7, 0x2, 0x0, 0x5)
r8 = gettid()
tkill(r8, 0x16)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040)}, 0x18)
sendto$packet(r2, &(0x7f0000000640)="dfbfe6034523b770ba82d52e605e575bda08461c54d27822d7e313edc8a40388cd424f5b70094e99d91056653cf27494b7428fd30000544a4a11e363064732c176026bd5ebcd38812f0d2857fccebddcfdabd9425cb5547f0effc2ef972f48bef299a1886ddc3124f4f89219a41bc6d8c721c2b3834bc39b2d9f044f7ee50b6888e97b0591f70b8a9cc73b088ca94797e4638a22560f6fa8e60fd19c4206b0c4859a6654afe232f9907b635f84577d23e9419045ef59ac340da36116c6b345c30300776e9ac8ecadb6cc58535b3b1f21460badbaa4cf1886d5a0f57513ab26ff77f8507b0edb49ba5204145ad32d8c0b1c9834201ffcd1a6fbc91a84916002165e8fd7b45d982b50c4491b448f675f677011c910582a15f803901b75ba03df4e36e0e685b21101a1de34dbc743149d5d8f7758af1a1edc097589401f779206af5f9399304106c816082ee1268f872a00000000000000", 0xff8a, 0x3ffffff, 0x0, 0x7065eb39)

22:36:46 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  293.783347] x86/PAT: syz-executor.4:16064 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:47 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x700}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:47 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  293.844090] x86/PAT: syz-executor.2:16076 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  293.890166] FAULT_INJECTION: forcing a failure.
[  293.890166] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  293.931411] x86/PAT: syz-executor.4:16063 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  293.961384] x86/PAT: syz-executor.4:16063 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  293.970833] CPU: 0 PID: 16076 Comm: syz-executor.2 Not tainted 4.19.79 #0
22:36:47 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xa00}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  293.977789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  293.987148] Call Trace:
[  293.989750]  dump_stack+0x172/0x1f0
[  293.993397]  should_fail.cold+0xa/0x1b
[  293.997308]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  294.002431]  ? __might_sleep+0x95/0x190
[  294.006424]  __alloc_pages_nodemask+0x1ee/0x750
[  294.011109]  ? __alloc_pages_slowpath+0x2870/0x2870
[  294.016144]  ? find_held_lock+0x35/0x130
[  294.020220]  ? percpu_ref_put_many+0x94/0x190
[  294.024730]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
22:36:47 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x2000, 0x0, 0x0, 0x0, 0x0)

[  294.030279]  alloc_pages_current+0x107/0x210
[  294.034699]  __get_free_pages+0xc/0x40
[  294.038594]  pgd_alloc+0x8b/0x3f0
[  294.042059]  ? pgd_page_get_mm+0x40/0x40
[  294.046133]  ? __lockdep_init_map+0x10c/0x5b0
[  294.050641]  ? __lockdep_init_map+0x10c/0x5b0
[  294.055148]  mm_init+0x59e/0x9d0
[  294.058527]  copy_process.part.0+0x2b3d/0x7a30
[  294.063119]  ? proc_fail_nth_write+0x9d/0x1e0
[  294.067648]  ? __cleanup_sighand+0x70/0x70
[  294.071891]  ? lock_downgrade+0x880/0x880
[  294.076053]  ? kasan_check_write+0x14/0x20
[  294.080291]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  294.085144]  _do_fork+0x257/0xfd0
[  294.088607]  ? fork_idle+0x1d0/0x1d0
[  294.092325]  ? fput+0x128/0x1a0
[  294.095602]  ? ksys_write+0x1f1/0x2d0
[  294.099403]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  294.104140]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  294.108880]  ? do_syscall_64+0x26/0x620
[  294.112849]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  294.118197]  ? do_syscall_64+0x26/0x620
[  294.122169]  __x64_sys_clone+0xbf/0x150
[  294.126147]  do_syscall_64+0xfd/0x620
[  294.129946]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  294.135124] RIP: 0033:0x459a59
[  294.138308] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  294.157251] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  294.164970] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  294.172236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:36:47 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x2, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:47 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:47 executing program 3:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='btrfs\x00', 0x0, 0x0)

[  294.179498] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  294.186761] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  294.194133] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  294.235665] x86/PAT: syz-executor.2:16076 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  294.284582] x86/PAT: syz-executor.2:16076 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  294.332919] x86/PAT: syz-executor.4:16301 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:47 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x3, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:47 executing program 3:
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x1000)=nil, 0x100000, 0x0, 0x52, 0xffffffffffffffff, 0x0)
ioctl(0xffffffffffffffff, 0x7f, 0x0)
r0 = socket(0x400020000000010, 0x0, 0x0)
r1 = gettid()
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/status\x00', 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
recvmmsg(r3, &(0x7f0000002f00)=[{{&(0x7f0000000340)=@alg, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/166, 0xa6}], 0x1, &(0x7f0000000600)}, 0x200}, {{&(0x7f0000000680)=@can={0x1d, <r4=>0x0}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000700)=""/248, 0xf8}, {&(0x7f0000000800)=""/21, 0x15}], 0x2, &(0x7f0000000880)=""/194, 0xc2}, 0xe30}, {{&(0x7f0000000980)=@ipx, 0x80, &(0x7f0000002dc0)=[{&(0x7f0000000a00)=""/175, 0xaf}, {&(0x7f0000000ac0)=""/255, 0xff}, {&(0x7f0000000bc0)=""/4096, 0x1000}, {&(0x7f0000001bc0)=""/131, 0x83}, {&(0x7f0000001c80)=""/237, 0xed}, {&(0x7f0000001d80)=""/49, 0x31}, {&(0x7f0000001dc0)=""/4096, 0x1000}], 0x7, &(0x7f0000002e40)=""/180, 0xb4}, 0x9}], 0x3, 0x3, &(0x7f0000002fc0))
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f0000003000)=r4)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000100), &(0x7f0000000240)=0x4)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000140)={{0x55f48f84b55022f7, 0x0, @identifier="b128035daf7f442707071c6bb666219d"}})
r5 = creat(&(0x7f0000000280)='./file0\x00', 0x1)
write$binfmt_script(r5, &(0x7f00000002c0)=ANY=[@ANYPTR64=&(0x7f0000000240)=ANY=[]], 0x8)
prctl$PR_SET_PTRACER(0x59616d61, r1)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r5)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
syz_open_dev$mouse(&(0x7f0000000400)='/dev/input/mouse#\x00', 0x400, 0x408200)
preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x2cb, 0x400000000000)
syz_open_dev$cec(&(0x7f0000000000)='$\xd2(\x90\x9b\x00T\x01\x00', 0x0, 0x2)
r6 = socket$inet(0x2, 0x6000000000000003, 0x6)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10)
sendto$inet(r6, 0x0, 0x0, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendto$inet(r6, &(0x7f0000000200)="0dcc72eceb6c5cc1db78d90df7d01e81ca0c21a42ff29d34db233dd42f1ef1c3ae8d360e4844115fc9280775b51310d621eb800fca90f499a24bd835", 0x3c, 0x0, &(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
getsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000440)={{{@in6=@empty, @in=@dev}}, {{@in6=@empty}, 0x0, @in6=@empty}}, &(0x7f0000000640)=0xe8)

22:36:47 executing program 2 (fault-call:9 fault-nth:15):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:47 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:47 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4800}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  294.500081] x86/PAT: syz-executor.2:16340 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  294.527878] FAULT_INJECTION: forcing a failure.
[  294.527878] name failslab, interval 1, probability 0, space 0, times 0
22:36:47 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x4, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  294.571619] x86/PAT: syz-executor.4:16297 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  294.603737] CPU: 1 PID: 16340 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  294.610721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  294.620081] Call Trace:
[  294.622681]  dump_stack+0x172/0x1f0
[  294.626330]  should_fail.cold+0xa/0x1b
[  294.630234]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  294.635355]  ? lock_downgrade+0x880/0x880
[  294.639527]  __should_failslab+0x121/0x190
[  294.643772]  should_failslab+0x9/0x14
[  294.647582]  kmem_cache_alloc+0x2ae/0x700
[  294.651740]  ? get_mm_exe_file+0x289/0x3e0
[  294.655989]  ? trace_event_raw_event_task_newtask+0x440/0x440
[  294.661900]  __khugepaged_enter+0x3b/0x390
[  294.666149]  copy_process.part.0+0x7299/0x7a30
[  294.670746]  ? proc_fail_nth_write+0x9d/0x1e0
[  294.675269]  ? __cleanup_sighand+0x70/0x70
[  294.679504]  ? lock_downgrade+0x880/0x880
[  294.683664]  ? kasan_check_write+0x14/0x20
[  294.687905]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  294.692764]  _do_fork+0x257/0xfd0
[  294.696233]  ? fork_idle+0x1d0/0x1d0
[  294.699950]  ? fput+0x128/0x1a0
[  294.703277]  ? ksys_write+0x1f1/0x2d0
[  294.707078]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  294.707092]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  294.707109]  ? do_syscall_64+0x26/0x620
[  294.720552]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  294.725938]  ? do_syscall_64+0x26/0x620
[  294.729925]  __x64_sys_clone+0xbf/0x150
[  294.733922]  do_syscall_64+0xfd/0x620
[  294.737741]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  294.742936] RIP: 0033:0x459a59
[  294.746132] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  294.765042] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
22:36:47 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x5, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:47 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x6, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  294.766417] x86/PAT: syz-executor.4:16297 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  294.772757] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  294.772766] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  294.772774] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  294.772783] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  294.772791] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  294.794740] x86/PAT: syz-executor.2:16340 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:48 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x3000, 0x0, 0x0, 0x0, 0x0)

22:36:48 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:48 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4c00}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  294.848673] x86/PAT: syz-executor.2:16340 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:48 executing program 2 (fault-call:9 fault-nth:16):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:48 executing program 3:
openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000440)='./bus\x00', &(0x7f0000000480)='trusted.overlay.opaque\x00', &(0x7f00000004c0)='y\x00', 0x2, 0x6)
openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x0, 0x0)
open(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff57a, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x14107e, 0x0)
write$binfmt_aout(r1, &(0x7f0000000640)=ANY=[@ANYBLOB="bcef637615f704c4f004000010006b2fe0cc7ba626ab04a14f42ff858272a3203613c6118f7999487de970dc0ef7ceebfe9cff2d213855b50792461597723e24a4386f19cd199d1609bc6e9d0600000000000000a67f74525be599daad5d7827cab0accce71e2ff18fb62af355057747eb4961042386e187e68f1f957520b59bee0300000000000000f3a2e080d4d81661021fb75a00000000005f1e9c2198ddceeed6d6745537aae7e67027c8d24c07bb31defc9d2dab9d565b40f151d67cde67d5c7261c2d75e80f2f2f449b1014009cc5f1536dbca6a9ba1fee7ac79191ec43d61c69ef6bea73be075e67cd19d68c5ee3dc6cc9a27beac684fbb143d181410a1c9adb1990c740dacb82e6afba829ac330fb144b82ce5ab0e9c3bf5dcca823262020493182f7c114ff141f8fbdcc27742ab3aabced7a19b04750c6f6f55f"], 0x7b)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(r1, r1, &(0x7f00000001c0), 0x8080fffffffe)
open(&(0x7f0000000140)='./bus\x00', 0x4002, 0x7)
r2 = socket$alg(0x26, 0x5, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r3 = accept4$llc(0xffffffffffffffff, &(0x7f00000003c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000400)=0x10, 0xc1800)
fcntl$setsig(r3, 0xa, 0x3a)
r4 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
r5 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='trusted.overlay.opaque\x00', &(0x7f0000000380)='y\x00', 0x2, 0x1)
fchdir(r5)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000400)=ANY=[], 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000240), 0x7fff)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
recvfrom(0xffffffffffffffff, &(0x7f0000003240)=""/4096, 0x100000205, 0x0, 0x0, 0x415)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4008220d}, 0xc, &(0x7f0000000280)={&(0x7f0000000600)={0x2c, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {{}, 0x0, 0x4108, 0x0, {0x10, 0x18, {0x8cf7, @bearer=@l2={'ib', 0x3a, 'nr0\x00'}}}}, ["", "", "", "", "", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x600c404}, 0x4004000)

22:36:48 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x7, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:48 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:48 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6800}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  295.072456] x86/PAT: syz-executor.4:16544 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  295.088201] x86/PAT: syz-executor.2:16548 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  295.124680] FAULT_INJECTION: forcing a failure.
[  295.124680] name failslab, interval 1, probability 0, space 0, times 0
[  295.137538] CPU: 0 PID: 16548 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  295.144603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  295.153977] Call Trace:
[  295.154000]  dump_stack+0x172/0x1f0
[  295.160214]  should_fail.cold+0xa/0x1b
[  295.164120]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  295.169236]  ? lock_downgrade+0x880/0x880
[  295.173405]  __should_failslab+0x121/0x190
[  295.177648]  should_failslab+0x9/0x14
[  295.177663]  kmem_cache_alloc+0x2ae/0x700
[  295.177678]  ? kasan_check_read+0x11/0x20
[  295.177695]  ? do_raw_spin_unlock+0x57/0x270
[  295.194189]  vm_area_dup+0x21/0x170
[  295.197829]  copy_process.part.0+0x3407/0x7a30
[  295.202450]  ? __cleanup_sighand+0x70/0x70
[  295.206702]  ? lock_downgrade+0x880/0x880
[  295.210865]  ? kasan_check_write+0x14/0x20
[  295.215114]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  295.219971]  _do_fork+0x257/0xfd0
[  295.223440]  ? fork_idle+0x1d0/0x1d0
[  295.227151]  ? fput+0x128/0x1a0
[  295.230426]  ? ksys_write+0x1f1/0x2d0
[  295.234240]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  295.239006]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  295.243770]  ? do_syscall_64+0x26/0x620
[  295.247763]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  295.253137]  ? do_syscall_64+0x26/0x620
[  295.257130]  __x64_sys_clone+0xbf/0x150
[  295.261115]  do_syscall_64+0xfd/0x620
[  295.264929]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  295.270120] RIP: 0033:0x459a59
[  295.273314] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  295.292308] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  295.300028] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  295.307417] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  295.314697] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
22:36:48 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x8, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:48 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6c00}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  295.321971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  295.329253] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:48 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:48 executing program 3:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
syncfs(r1)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_open_dev$sndpcmc(0x0, 0x1020, 0x40a900)
connect$bt_sco(0xffffffffffffffff, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
setresgid(0x0, 0xee01, 0x0)
unlink(&(0x7f0000000400)='./bus\x00')
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)=""/23, &(0x7f0000000300)=0x17)
getsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x61c000)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(0xffffffffffffffff, 0xc0bc5351, &(0x7f0000000340)={0x0, 0x0, 'client0\x00', 0x2, "ecded70180000050", "8cb325891806f5e50c80c6ffc3877947e115692ca5e56792b0e5696a95f5ee21"})
syz_open_dev$dmmidi(&(0x7f0000000640)='/dev/dmmidi#\x00', 0x401, 0x800)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r6, 0x0)
readv(r6, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0x1000}], 0x3b6)
getpeername$unix(r4, &(0x7f00000007c0)=@abs, &(0x7f0000000440)=0xffffffbb)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000013000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, <r8=>0x0}, &(0x7f0000000280)=0x5)
setuid(r8)

[  295.371480] x86/PAT: syz-executor.2:16548 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  295.391649] x86/PAT: syz-executor.2:16548 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  295.490470] x86/PAT: syz-executor.4:16543 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  295.513472] x86/PAT: syz-executor.4:16543 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:48 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x3f00, 0x0, 0x0, 0x0, 0x0)

22:36:48 executing program 2 (fault-call:9 fault-nth:17):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:48 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x9, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:48 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7400}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  295.636674] x86/PAT: syz-executor.2:16782 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  295.696903] FAULT_INJECTION: forcing a failure.
[  295.696903] name failslab, interval 1, probability 0, space 0, times 0
[  295.730537] x86/PAT: syz-executor.4:16789 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:48 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:48 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xa, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  295.753401] CPU: 1 PID: 16782 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  295.760526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  295.769881] Call Trace:
[  295.769907]  dump_stack+0x172/0x1f0
[  295.769930]  should_fail.cold+0xa/0x1b
[  295.769949]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  295.769963]  ? lock_downgrade+0x880/0x880
[  295.769988]  __should_failslab+0x121/0x190
[  295.770009]  should_failslab+0x9/0x14
[  295.789326]  kmem_cache_alloc+0x2ae/0x700
22:36:49 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xf, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  295.797338]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  295.797353]  ? __vm_enough_memory+0x324/0x5a0
[  295.797373]  vm_area_dup+0x21/0x170
[  295.797390]  copy_process.part.0+0x3407/0x7a30
[  295.819230]  ? __cleanup_sighand+0x70/0x70
[  295.823481]  ? lock_downgrade+0x880/0x880
[  295.827660]  ? kasan_check_write+0x14/0x20
[  295.831908]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  295.836765]  _do_fork+0x257/0xfd0
[  295.840231]  ? fork_idle+0x1d0/0x1d0
[  295.843953]  ? fput+0x128/0x1a0
[  295.847253]  ? ksys_write+0x1f1/0x2d0
[  295.851075]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  295.855845]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  295.860620]  ? do_syscall_64+0x26/0x620
[  295.864600]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  295.864616]  ? do_syscall_64+0x26/0x620
[  295.864634]  __x64_sys_clone+0xbf/0x150
[  295.864651]  do_syscall_64+0xfd/0x620
[  295.864670]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  295.873985] RIP: 0033:0x459a59
[  295.890096] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  295.909003] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  295.909020] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  295.909028] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  295.909036] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  295.909045] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  295.909053] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:49 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x30f, &(0x7f0000000040)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000001500000008ffffffbd0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad43010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x13}, 0x48)

[  295.949788] x86/PAT: syz-executor.2:16782 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:49 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7a00}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  296.028695] x86/PAT: syz-executor.4:16788 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  296.044507] x86/PAT: syz-executor.2:16782 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:49 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x10, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:49 executing program 2 (fault-call:9 fault-nth:18):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  296.111552] x86/PAT: syz-executor.4:16788 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:49 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x4000, 0x0, 0x0, 0x0, 0x0)

22:36:49 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:49 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x100000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:49 executing program 3:
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
clone(0x13102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$rds(0x15, 0x5, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
socket(0x10, 0x0, 0x0)
poll(0x0, 0x0, 0x8000000000000200)
r2 = memfd_create(&(0x7f0000000540)='\x97&\x89\\\xd0\xe7\xca\x16ZO\x94:\xe1\x01\xe5`iq@Nse;\xa8Fpj\x0e\x04!\xd5\xc5YBz\x94\xaf\x13\xe9\xd2\x0f\xc2G\x86Xe\xf1/V\x8cvS\xa6K&u\x9dX\xcc\r\x12\x11\x99\xe7\xce\xaeA\xb8-E\xa1\xf8\xe4~IS\xc1\x04\xf78\xf1\'\xdfv\x90\xbc\xd1\xda\x88j\x16\xeb>\x8c\xa1\x03\xf3\xaf\xfd\xf4&a?\xcaG\n\xe5j\x9b}\xc6G\x86\xb2\xdeY\x17yX $\xfcU\x9d\x80dX\xcc\xab\x84\xd1\x01_\x7f\xf4tW.\x81\n\xf3\v\x8d\x12pa\x91\x9b\x8cxd\x06\xa7k\n\x86\xc3\xb6\x910\xf2L\xf0\xaf\xe1jd\xda\x1f\x8bVrd\xa4\xb34\xfcUj\x1ad:#\x96\xf9\xd3\x1c]ImZlU\".\x18)\xcf\x1am\xd5\xe0\xdb\xdc\xd7\x8e\xe0\xa3\x82\xec\x9b\xfb\xc9\x81\x9c\xdc\xb7\x0f\xdd\xd3\xd7\xbe\x89\x7f3\x1d\x1c@\x8eu\x85\xces\x89\x95&3FX\xb1\xaf\xa6\x96\xa2\x13\x1f-\b\xcf', 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setown(r2, 0x8, 0x0)
execveat(r2, &(0x7f0000000500)='\x00', 0x0, 0x0, 0x1000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000140)={{{@in=@multicast2, @in6=@mcast2}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000000440)=0x38e)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x802, 0x0)
ioctl$RTC_ALM_READ(r3, 0x80247008, &(0x7f0000000000))
ioctl$EVIOCSABS0(r3, 0x401845c0, &(0x7f0000000080)={0x9, 0xac, 0x6, 0xd2, 0x0, 0x8})

[  296.293280] x86/PAT: syz-executor.2:17119 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:49 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x11, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  296.335673] x86/PAT: syz-executor.4:17129 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  296.366153] FAULT_INJECTION: forcing a failure.
[  296.366153] name failslab, interval 1, probability 0, space 0, times 0
[  296.402944] CPU: 0 PID: 17133 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  296.409928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.419322] Call Trace:
[  296.421941]  dump_stack+0x172/0x1f0
[  296.425588]  should_fail.cold+0xa/0x1b
[  296.429489]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  296.434607]  ? find_held_lock+0x35/0x130
[  296.438679]  ? percpu_ref_put_many+0x94/0x190
[  296.443193]  __should_failslab+0x121/0x190
[  296.447440]  should_failslab+0x9/0x14
[  296.451246]  kmem_cache_alloc+0x47/0x700
[  296.455315]  ? __lock_is_held+0xb6/0x140
[  296.459457]  anon_vma_clone+0xde/0x480
[  296.463369]  anon_vma_fork+0x8f/0x4a0
[  296.467257]  ? dup_userfaultfd+0x15e/0x6c0
[  296.471506]  ? memcpy+0x46/0x50
[  296.474803]  copy_process.part.0+0x34e5/0x7a30
[  296.479424]  ? __cleanup_sighand+0x70/0x70
[  296.483666]  ? lock_downgrade+0x880/0x880
[  296.487833]  ? kasan_check_write+0x14/0x20
[  296.492076]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  296.496940]  _do_fork+0x257/0xfd0
22:36:49 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:49 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xf0ff7f}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:49 executing program 3:
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
clone(0x13102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$rds(0x15, 0x5, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000000, 0x13, r0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
socket(0x10, 0x0, 0x0)
poll(0x0, 0x0, 0x8000000000000200)
r2 = memfd_create(&(0x7f0000000540)='\x97&\x89\\\xd0\xe7\xca\x16ZO\x94:\xe1\x01\xe5`iq@Nse;\xa8Fpj\x0e\x04!\xd5\xc5YBz\x94\xaf\x13\xe9\xd2\x0f\xc2G\x86Xe\xf1/V\x8cvS\xa6K&u\x9dX\xcc\r\x12\x11\x99\xe7\xce\xaeA\xb8-E\xa1\xf8\xe4~IS\xc1\x04\xf78\xf1\'\xdfv\x90\xbc\xd1\xda\x88j\x16\xeb>\x8c\xa1\x03\xf3\xaf\xfd\xf4&a?\xcaG\n\xe5j\x9b}\xc6G\x86\xb2\xdeY\x17yX $\xfcU\x9d\x80dX\xcc\xab\x84\xd1\x01_\x7f\xf4tW.\x81\n\xf3\v\x8d\x12pa\x91\x9b\x8cxd\x06\xa7k\n\x86\xc3\xb6\x910\xf2L\xf0\xaf\xe1jd\xda\x1f\x8bVrd\xa4\xb34\xfcUj\x1ad:#\x96\xf9\xd3\x1c]ImZlU\".\x18)\xcf\x1am\xd5\xe0\xdb\xdc\xd7\x8e\xe0\xa3\x82\xec\x9b\xfb\xc9\x81\x9c\xdc\xb7\x0f\xdd\xd3\xd7\xbe\x89\x7f3\x1d\x1c@\x8eu\x85\xces\x89\x95&3FX\xb1\xaf\xa6\x96\xa2\x13\x1f-\b\xcf', 0x0)
fcntl$setlease(r2, 0x400, 0x1)
fcntl$setown(r2, 0x8, 0x0)
execveat(r2, &(0x7f0000000500)='\x00', 0x0, 0x0, 0x1000)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000140)={{{@in=@multicast2, @in6=@mcast2}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000000440)=0x38e)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x802, 0x0)
ioctl$RTC_ALM_READ(r3, 0x80247008, &(0x7f0000000000))
ioctl$EVIOCSABS0(r3, 0x401845c0, &(0x7f0000000080)={0x9, 0xac, 0x6, 0xd2, 0x0, 0x8})

[  296.500405]  ? fork_idle+0x1d0/0x1d0
[  296.504133]  ? fput+0x128/0x1a0
[  296.507420]  ? ksys_write+0x1f1/0x2d0
[  296.511229]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  296.515991]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  296.520339] x86/PAT: syz-executor.4:17123 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  296.520748]  ? do_syscall_64+0x26/0x620
[  296.533368]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  296.538740]  ? do_syscall_64+0x26/0x620
[  296.538761]  __x64_sys_clone+0xbf/0x150
[  296.546684]  do_syscall_64+0xfd/0x620
[  296.546704]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  296.546714] RIP: 0033:0x459a59
[  296.546728] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  296.546735] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  296.546748] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  296.546759] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:36:49 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x551e, 0x0, 0x0, 0x0, 0x0)

[  296.556033] x86/PAT: syz-executor.4:17123 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  296.558890] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  296.558903] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  296.558915] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:49 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x60, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:49 executing program 2 (fault-call:9 fault-nth:19):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  296.668176] x86/PAT: syz-executor.2:17347 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  296.686444] x86/PAT: syz-executor.2:17347 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:50 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x1000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:50 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

[  296.821361] x86/PAT: syz-executor.4:17445 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  296.849939] x86/PAT: syz-executor.2:17463 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:50 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {0x0}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  296.913236] FAULT_INJECTION: forcing a failure.
[  296.913236] name failslab, interval 1, probability 0, space 0, times 0
[  296.932991] CPU: 1 PID: 17480 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  296.939978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.949336] Call Trace:
[  296.951929]  dump_stack+0x172/0x1f0
[  296.955573]  should_fail.cold+0xa/0x1b
[  296.959477]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  296.964596]  ? find_held_lock+0x35/0x130
[  296.968669]  ? percpu_ref_put_many+0x94/0x190
[  296.973179]  __should_failslab+0x121/0x190
[  296.977426]  should_failslab+0x9/0x14
[  296.981233]  kmem_cache_alloc+0x47/0x700
[  296.985340]  ? __lock_is_held+0xb6/0x140
[  296.989422]  anon_vma_clone+0xde/0x480
[  296.993326]  anon_vma_fork+0x8f/0x4a0
[  296.997133]  ? dup_userfaultfd+0x15e/0x6c0
[  297.001379]  ? memcpy+0x46/0x50
[  297.004675]  copy_process.part.0+0x34e5/0x7a30
[  297.009319]  ? __cleanup_sighand+0x70/0x70
[  297.013562]  ? lock_downgrade+0x880/0x880
[  297.017731]  ? kasan_check_write+0x14/0x20
[  297.021976]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  297.026832]  _do_fork+0x257/0xfd0
[  297.030301]  ? fork_idle+0x1d0/0x1d0
[  297.034020]  ? fput+0x128/0x1a0
[  297.037308]  ? ksys_write+0x1f1/0x2d0
[  297.041118]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  297.045876]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  297.045891]  ? do_syscall_64+0x26/0x620
[  297.045907]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  297.045918]  ? do_syscall_64+0x26/0x620
22:36:50 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfc, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:50 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x12c, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  297.045936]  __x64_sys_clone+0xbf/0x150
[  297.045954]  do_syscall_64+0xfd/0x620
[  297.045972]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  297.045990] RIP: 0033:0x459a59
[  297.068035] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  297.068044] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  297.068060] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  297.068068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  297.068076] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  297.068084] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  297.068092] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:50 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x7597, 0x0, 0x0, 0x0, 0x0)

[  297.069822] audit: type=1400 audit(1570833410.093:100): avc:  denied  { name_bind } for  pid=17491 comm="syz-executor.3" src=20004 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1
22:36:50 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x2000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  297.208912] x86/PAT: syz-executor.2:17480 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  297.221834] audit: type=1400 audit(1570833410.093:101): avc:  denied  { node_bind } for  pid=17491 comm="syz-executor.3" saddr=fe80::25 src=20004 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1
22:36:50 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  297.290346] x86/PAT: syz-executor.2:17578 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  297.315396] x86/PAT: syz-executor.2:17480 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  297.329788] x86/PAT: syz-executor.4:17584 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:50 executing program 2 (fault-call:9 fault-nth:20):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:50 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x3000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:50 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x300, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  297.410932] x86/PAT: syz-executor.2:17578 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:50 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

[  297.455138] x86/PAT: syz-executor.4:17581 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:50 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  297.507894] x86/PAT: syz-executor.4:17581 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:50 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x9775, 0x0, 0x0, 0x0, 0x0)

22:36:50 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  297.594081] x86/PAT: syz-executor.2:17804 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  297.662646] FAULT_INJECTION: forcing a failure.
[  297.662646] name failslab, interval 1, probability 0, space 0, times 0
22:36:50 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x500, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  297.703021] x86/PAT: syz-executor.4:17845 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  297.731595] CPU: 0 PID: 17850 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  297.738582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  297.747945] Call Trace:
[  297.750553]  dump_stack+0x172/0x1f0
[  297.754196]  should_fail.cold+0xa/0x1b
[  297.758102]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  297.763223]  ? lock_downgrade+0x880/0x880
[  297.767404]  __should_failslab+0x121/0x190
[  297.771656]  should_failslab+0x9/0x14
[  297.775466]  kmem_cache_alloc+0x2ae/0x700
[  297.779623]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  297.784647]  ? __vm_enough_memory+0x324/0x5a0
[  297.789157]  vm_area_dup+0x21/0x170
[  297.792805]  copy_process.part.0+0x3407/0x7a30
[  297.797421]  ? __cleanup_sighand+0x70/0x70
[  297.801677]  ? lock_downgrade+0x880/0x880
[  297.805850]  ? kasan_check_write+0x14/0x20
[  297.810092]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  297.814959]  _do_fork+0x257/0xfd0
[  297.818431]  ? fork_idle+0x1d0/0x1d0
[  297.822158]  ? fput+0x128/0x1a0
[  297.825450]  ? ksys_write+0x1f1/0x2d0
[  297.829262]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  297.834204]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  297.835716] x86/PAT: syz-executor.4:17825 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  297.838964]  ? do_syscall_64+0x26/0x620
22:36:51 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xff0f, 0x0, 0x0, 0x0, 0x0)

[  297.838981]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  297.838992]  ? do_syscall_64+0x26/0x620
[  297.839010]  __x64_sys_clone+0xbf/0x150
[  297.854341] x86/PAT: syz-executor.4:17825 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  297.857000]  do_syscall_64+0xfd/0x620
[  297.857022]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  297.857035] RIP: 0033:0x459a59
22:36:51 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x5c0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:51 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  297.885766] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  297.904677] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  297.912406] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  297.919686] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  297.926964] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  297.934234] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  297.934243] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:51 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x5000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  297.956805] x86/PAT: syz-executor.2:17850 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  297.999658] x86/PAT: syz-executor.2:17850 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:51 executing program 2 (fault-call:9 fault-nth:21):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:51 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

22:36:51 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x5c4, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  298.098136] x86/PAT: syz-executor.4:18039 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:51 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  298.238941] x86/PAT: syz-executor.2:18110 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  298.260205] x86/PAT: syz-executor.4:18034 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:51 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  298.282649] x86/PAT: syz-executor.4:18034 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:51 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x20010, 0x0, 0x0, 0x0, 0x0)

[  298.320151] FAULT_INJECTION: forcing a failure.
[  298.320151] name failslab, interval 1, probability 0, space 0, times 0
22:36:51 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:51 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x600, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  298.404536] CPU: 0 PID: 18110 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  298.411515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  298.420872] Call Trace:
[  298.423474]  dump_stack+0x172/0x1f0
[  298.427126]  should_fail.cold+0xa/0x1b
[  298.431037]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  298.436151]  ? lock_downgrade+0x880/0x880
[  298.440321]  __should_failslab+0x121/0x190
[  298.444578]  should_failslab+0x9/0x14
[  298.448389]  kmem_cache_alloc+0x2ae/0x700
[  298.452537]  ? anon_vma_clone+0x320/0x480
[  298.456697]  anon_vma_fork+0xfc/0x4a0
[  298.460504]  ? dup_userfaultfd+0x15e/0x6c0
[  298.464742]  ? memcpy+0x46/0x50
[  298.468038]  copy_process.part.0+0x34e5/0x7a30
[  298.472649]  ? __cleanup_sighand+0x70/0x70
[  298.476891]  ? lock_downgrade+0x880/0x880
[  298.481054]  ? kasan_check_write+0x14/0x20
[  298.483646] x86/PAT: syz-executor.4:18159 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  298.485291]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  298.485313]  _do_fork+0x257/0xfd0
22:36:51 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  298.485331]  ? fork_idle+0x1d0/0x1d0
[  298.485345]  ? fput+0x128/0x1a0
[  298.485361]  ? ksys_write+0x1f1/0x2d0
[  298.513152]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  298.517914]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  298.523658]  ? do_syscall_64+0x26/0x620
[  298.527624]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  298.532978]  ? do_syscall_64+0x26/0x620
[  298.536945]  __x64_sys_clone+0xbf/0x150
[  298.540911]  do_syscall_64+0xfd/0x620
[  298.544706]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  298.549881] RIP: 0033:0x459a59
[  298.553060] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  298.571947] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  298.579653] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  298.586905] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  298.594156] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
22:36:51 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x700, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  298.601411] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  298.608668] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:51 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xa000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:51 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

[  298.778848] x86/PAT: syz-executor.4:18158 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  298.800922] x86/PAT: syz-executor.4:18158 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  298.803393] x86/PAT: syz-executor.2:18110 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:52 executing program 2 (fault-call:9 fault-nth:22):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:52 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x900, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:52 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x20200, 0x0, 0x0, 0x0, 0x0)

22:36:52 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)

22:36:52 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x48000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  298.917298] x86/PAT: syz-executor.2:18110 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  298.989933] x86/PAT: syz-executor.4:18293 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:52 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:36:52 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xa00, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  299.105812] x86/PAT: syz-executor.2:18368 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  299.120209] x86/PAT: syz-executor.4:18290 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:52 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

22:36:52 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4c000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  299.155971] x86/PAT: syz-executor.4:18290 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  299.169980] FAULT_INJECTION: forcing a failure.
[  299.169980] name failslab, interval 1, probability 0, space 0, times 0
[  299.195742] CPU: 0 PID: 18405 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  299.202721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  299.212082] Call Trace:
[  299.214682]  dump_stack+0x172/0x1f0
[  299.218335]  should_fail.cold+0xa/0x1b
[  299.222261]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  299.227373]  ? lock_downgrade+0x880/0x880
[  299.231539]  __should_failslab+0x121/0x190
[  299.235783]  should_failslab+0x9/0x14
[  299.239589]  kmem_cache_alloc+0x2ae/0x700
[  299.243738]  ? anon_vma_clone+0x320/0x480
[  299.247905]  anon_vma_fork+0x1ea/0x4a0
[  299.251792]  ? dup_userfaultfd+0x15e/0x6c0
[  299.256040]  copy_process.part.0+0x34e5/0x7a30
[  299.260650]  ? __cleanup_sighand+0x70/0x70
[  299.264883]  ? lock_downgrade+0x880/0x880
[  299.269044]  ? kasan_check_write+0x14/0x20
[  299.273282]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  299.278140]  _do_fork+0x257/0xfd0
[  299.281601]  ? fork_idle+0x1d0/0x1d0
[  299.285319]  ? fput+0x128/0x1a0
[  299.288610]  ? ksys_write+0x1f1/0x2d0
[  299.292425]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  299.297190]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  299.301948]  ? do_syscall_64+0x26/0x620
22:36:52 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x0, 0x0)

[  299.305926]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.311295]  ? do_syscall_64+0x26/0x620
[  299.315280]  __x64_sys_clone+0xbf/0x150
[  299.319259]  do_syscall_64+0xfd/0x620
[  299.323059]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.328232] RIP: 0033:0x459a59
[  299.331406] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
22:36:52 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x7ffff, 0x0, 0x0, 0x0, 0x0)

22:36:52 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xf00, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  299.350331] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  299.358029] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  299.365294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  299.372547] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  299.379799] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  299.387049] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  299.425338] x86/PAT: syz-executor.2:18405 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  299.488722] x86/PAT: syz-executor.2:18405 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:52 executing program 2 (fault-call:9 fault-nth:23):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:52 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x1100, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  299.541639] x86/PAT: syz-executor.4:18424 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:52 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x68000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:52 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

[  299.682905] x86/PAT: syz-executor.2:18564 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  299.717960] x86/PAT: syz-executor.4:18420 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:52 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x0, 0x0)

[  299.760255] FAULT_INJECTION: forcing a failure.
[  299.760255] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  299.785695] x86/PAT: syz-executor.4:18420 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  299.794590] CPU: 1 PID: 18564 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  299.801542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  299.810903] Call Trace:
[  299.813515]  dump_stack+0x172/0x1f0
[  299.817150]  should_fail.cold+0xa/0x1b
[  299.821065]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  299.826185]  ? __might_sleep+0x95/0x190
[  299.830172]  __alloc_pages_nodemask+0x1ee/0x750
[  299.834854]  ? __alloc_pages_slowpath+0x2870/0x2870
[  299.839883]  ? kasan_slab_alloc+0xf/0x20
[  299.843957]  ? kmem_cache_alloc+0x12e/0x700
[  299.848284]  ? anon_vma_fork+0x1ea/0x4a0
[  299.852357]  ? __lock_acquire+0x6ee/0x49c0
[  299.856600]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  299.862154]  alloc_pages_current+0x107/0x210
[  299.866578]  get_zeroed_page+0x14/0x50
[  299.870477]  __pud_alloc+0x3b/0x250
[  299.874112]  pud_alloc+0xde/0x150
[  299.877573]  copy_page_range+0x37a/0x1f90
[  299.881728]  ? anon_vma_fork+0x371/0x4a0
[  299.885800]  ? find_held_lock+0x35/0x130
[  299.889864]  ? anon_vma_fork+0x371/0x4a0
[  299.893931]  ? copy_process.part.0+0x30f9/0x7a30
[  299.898693]  ? copy_process.part.0+0x30f9/0x7a30
[  299.903454]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  299.903472]  ? pmd_alloc+0x180/0x180
[  299.912187]  ? __vma_link_rb+0x279/0x370
[  299.916249]  copy_process.part.0+0x543d/0x7a30
[  299.916286]  ? __cleanup_sighand+0x70/0x70
[  299.925093]  ? lock_downgrade+0x880/0x880
[  299.925118]  ? kasan_check_write+0x14/0x20
[  299.933478]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  299.938338]  _do_fork+0x257/0xfd0
[  299.941804]  ? fork_idle+0x1d0/0x1d0
[  299.945522]  ? fput+0x128/0x1a0
[  299.948807]  ? ksys_write+0x1f1/0x2d0
[  299.952622]  ? trace_hardirqs_on_thunk+0x1a/0x1c
22:36:52 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x2000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:53 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x2c01, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  299.957379]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  299.957396]  ? do_syscall_64+0x26/0x620
[  299.957413]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.957427]  ? do_syscall_64+0x26/0x620
[  299.957446]  __x64_sys_clone+0xbf/0x150
[  299.957464]  do_syscall_64+0xfd/0x620
[  299.957483]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.957494] RIP: 0033:0x459a59
22:36:53 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x80000, 0x0, 0x0, 0x0, 0x0)

22:36:53 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6c000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  299.957508] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  299.957516] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  299.957531] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  299.957538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  299.957545] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  299.957556] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  299.971614] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  299.983603] x86/PAT: syz-executor.2:18564 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:53 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x3f00, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:53 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x74000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  300.212346] x86/PAT: syz-executor.2:18564 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:53 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xfffff, 0x0, 0x0, 0x0, 0x0)

22:36:53 executing program 2 (fault-call:9 fault-nth:24):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:53 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x4000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:53 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7a000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  300.423796] x86/PAT: syz-executor.4:18773 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  300.497480] x86/PAT: syz-executor.2:18782 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:53 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

22:36:53 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x0, 0x0)

22:36:53 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x6000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:53 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7fffeefa}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  300.547004] FAULT_INJECTION: forcing a failure.
[  300.547004] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  300.597161] x86/PAT: syz-executor.4:18771 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  300.630601] CPU: 0 PID: 18825 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  300.637586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  300.642080] x86/PAT: syz-executor.4:18771 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  300.646943] Call Trace:
[  300.646965]  dump_stack+0x172/0x1f0
[  300.646988]  should_fail.cold+0xa/0x1b
[  300.647006]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  300.647025]  ? __might_sleep+0x95/0x190
[  300.647043]  __alloc_pages_nodemask+0x1ee/0x750
[  300.647055]  ? __pud_alloc+0x1d3/0x250
[  300.647072]  ? __alloc_pages_slowpath+0x2870/0x2870
[  300.688416]  ? __pud_alloc+0x1d3/0x250
[  300.692317]  ? lock_downgrade+0x880/0x880
22:36:53 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x100000, 0x0, 0x0, 0x0, 0x0)

[  300.696479]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  300.702030]  alloc_pages_current+0x107/0x210
[  300.706446]  ? do_raw_spin_unlock+0x57/0x270
[  300.710866]  __pmd_alloc+0x41/0x460
[  300.714494]  ? pmd_val+0x100/0x100
[  300.718044]  pmd_alloc+0x10c/0x180
[  300.721598]  copy_page_range+0x633/0x1f90
[  300.725750]  ? anon_vma_fork+0x371/0x4a0
[  300.729828]  ? find_held_lock+0x35/0x130
[  300.733895]  ? anon_vma_fork+0x371/0x4a0
[  300.737993]  ? copy_process.part.0+0x30f9/0x7a30
[  300.742761]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
22:36:53 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

22:36:53 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x80fe, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  300.747790]  ? pmd_alloc+0x180/0x180
[  300.751516]  ? __vma_link_rb+0x279/0x370
[  300.755596]  copy_process.part.0+0x543d/0x7a30
[  300.760215]  ? __cleanup_sighand+0x70/0x70
[  300.764456]  ? lock_downgrade+0x880/0x880
[  300.768639]  ? kasan_check_write+0x14/0x20
[  300.772884]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  300.777998]  _do_fork+0x257/0xfd0
[  300.781469]  ? fork_idle+0x1d0/0x1d0
[  300.785190]  ? fput+0x128/0x1a0
[  300.788484]  ? ksys_write+0x1f1/0x2d0
[  300.792295]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  300.792311]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  300.792329]  ? do_syscall_64+0x26/0x620
[  300.805790]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  300.805806]  ? do_syscall_64+0x26/0x620
[  300.805824]  __x64_sys_clone+0xbf/0x150
[  300.805841]  do_syscall_64+0xfd/0x620
[  300.805857]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  300.805868] RIP: 0033:0x459a59
[  300.805880] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  300.805891] RSP: 002b:00007fae07335c78 EFLAGS: 00000246
[  300.822951]  ORIG_RAX: 0000000000000038
[  300.822962] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  300.822970] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  300.822979] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  300.822988] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  300.822996] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:54 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xc005, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:54 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7fffefbc}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  300.907819] x86/PAT: syz-executor.2:18825 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  300.976579] x86/PAT: syz-executor.4:18910 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  301.007010] x86/PAT: syz-executor.2:18825 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:54 executing program 2 (fault-call:9 fault-nth:25):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:54 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xc0fe, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:54 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7ffff000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  301.148997] x86/PAT: syz-executor.2:18930 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:54 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

22:36:54 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xc405, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  301.197861] FAULT_INJECTION: forcing a failure.
[  301.197861] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  301.246283] x86/PAT: syz-executor.4:18910 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:54 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

[  301.288391] CPU: 0 PID: 18976 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  301.295394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  301.304777] Call Trace:
[  301.304801]  dump_stack+0x172/0x1f0
[  301.304823]  should_fail.cold+0xa/0x1b
[  301.304841]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  301.304859]  ? __might_sleep+0x95/0x190
[  301.304876]  __alloc_pages_nodemask+0x1ee/0x750
[  301.304891]  ? find_held_lock+0x35/0x130
[  301.304906]  ? __alloc_pages_slowpath+0x2870/0x2870
22:36:54 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xbcefff7f}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  301.314998]  ? lock_downgrade+0x880/0x880
[  301.315017]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  301.315037]  alloc_pages_current+0x107/0x210
[  301.315057]  pte_alloc_one+0x1b/0x1a0
[  301.315072]  __pte_alloc+0x2a/0x360
[  301.315093]  copy_page_range+0x151f/0x1f90
[  301.363540]  ? anon_vma_fork+0x371/0x4a0
[  301.367614]  ? find_held_lock+0x35/0x130
[  301.367632]  ? anon_vma_fork+0x371/0x4a0
[  301.367651]  ? copy_process.part.0+0x30f9/0x7a30
[  301.367673]  ? pmd_alloc+0x180/0x180
[  301.375864]  ? __vma_link_rb+0x279/0x370
[  301.375885]  copy_process.part.0+0x543d/0x7a30
[  301.375923]  ? __cleanup_sighand+0x70/0x70
[  301.375935]  ? lock_downgrade+0x880/0x880
[  301.375962]  ? kasan_check_write+0x14/0x20
[  301.384425]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  301.393044]  _do_fork+0x257/0xfd0
[  301.393063]  ? fork_idle+0x1d0/0x1d0
[  301.393077]  ? fput+0x128/0x1a0
[  301.393093]  ? ksys_write+0x1f1/0x2d0
[  301.401475]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  301.401492]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  301.401506]  ? do_syscall_64+0x26/0x620
[  301.401524]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  301.410573]  ? do_syscall_64+0x26/0x620
[  301.410594]  __x64_sys_clone+0xbf/0x150
[  301.410610]  do_syscall_64+0xfd/0x620
[  301.410629]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  301.417757] RIP: 0033:0x459a59
[  301.417773] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  301.417782] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  301.417798] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  301.417806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  301.417817] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  301.417825] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  301.417833] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  301.470883] x86/PAT: syz-executor.2:18976 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:54 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x200000, 0x0, 0x0, 0x0, 0x0)

22:36:54 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfc00, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:54 executing program 2 (fault-call:9 fault-nth:26):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  301.483472] x86/PAT: syz-executor.4:18910 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  301.507250] x86/PAT: syz-executor.2:18976 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:54 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfe80, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  301.680214] x86/PAT: syz-executor.2:19053 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  301.709247] FAULT_INJECTION: forcing a failure.
[  301.709247] name failslab, interval 1, probability 0, space 0, times 0
22:36:54 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xfaeeff7f}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  301.740618] CPU: 0 PID: 19053 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  301.747590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  301.756942] Call Trace:
[  301.756965]  dump_stack+0x172/0x1f0
[  301.756987]  should_fail.cold+0xa/0x1b
[  301.757006]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  301.757022]  ? lock_downgrade+0x880/0x880
[  301.757044]  __should_failslab+0x121/0x190
[  301.757063]  should_failslab+0x9/0x14
[  301.780607]  kmem_cache_alloc+0x2ae/0x700
[  301.780625]  ? alloc_pages_current+0x10f/0x210
[  301.780644]  ? do_raw_spin_unlock+0x57/0x270
[  301.788577]  __pmd_alloc+0xc9/0x460
[  301.797533]  ? pmd_val+0x100/0x100
[  301.797549]  pmd_alloc+0x10c/0x180
[  301.797567]  copy_page_range+0x633/0x1f90
[  301.797580]  ? anon_vma_fork+0x371/0x4a0
[  301.797597]  ? find_held_lock+0x35/0x130
[  301.797611]  ? anon_vma_fork+0x371/0x4a0
[  301.797630]  ? copy_process.part.0+0x30f9/0x7a30
[  301.812549]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  301.812569]  ? pmd_alloc+0x180/0x180
[  301.820669]  ? __vma_link_rb+0x279/0x370
[  301.820693]  copy_process.part.0+0x543d/0x7a30
[  301.834508]  ? __cleanup_sighand+0x70/0x70
[  301.834526]  ? lock_downgrade+0x880/0x880
[  301.834550]  ? kasan_check_write+0x14/0x20
[  301.834564]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  301.834579]  _do_fork+0x257/0xfd0
[  301.834595]  ? fork_idle+0x1d0/0x1d0
[  301.834609]  ? fput+0x128/0x1a0
[  301.834627]  ? ksys_write+0x1f1/0x2d0
[  301.851188]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  301.851200]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  301.851215]  ? do_syscall_64+0x26/0x620
[  301.858277] x86/PAT: syz-executor.4:19056 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  301.859575]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  301.859594]  ? do_syscall_64+0x26/0x620
[  301.910011]  __x64_sys_clone+0xbf/0x150
[  301.913977]  do_syscall_64+0xfd/0x620
[  301.917769]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  301.922944] RIP: 0033:0x459a59
[  301.926214] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  301.945111] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  301.952814] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  301.960071] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  301.967334] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  301.974593] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  301.981859] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:55 executing program 2 (fault-call:9 fault-nth:27):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  302.036234] x86/PAT: syz-executor.4:19056 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:55 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000500)={{0x7, 0x1, 0x0, 0x8, 0x4, 0x9}, 0x9, 0x557, 0x9d07, 0x7ff, 0x81, "3d9c313f7c083054e060bc8577119d4c0d8d1fe17d1c80768e993c0a36eaf10b664fc6dcd4bab9809610be96ffeba41a4d582dde93380f94fd945eaafa35bee79cc889535e7d915f1ac7a4664f3015f7d9d62751cb070e6c2da59b78026379681a4614edc19e9cf804ce2c11589a37e5997afe190137ee7d24ddfbd8da6d0ee8"})
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
read(r2, &(0x7f0000367fe4)=""/91, 0x275)
perf_event_open(&(0x7f00000005c0)={0x4, 0x70, 0x6, 0x1, 0x3, 0x8, 0x0, 0x3, 0x10020, 0xd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, @perf_bp={&(0x7f0000000140)}, 0xf8b5e8d57695e2c, 0x3, 0x6, 0x9, 0x6, 0x5, 0x9}, 0x0, 0x10, r2, 0x9)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
mount(&(0x7f0000000200)=@md0='/dev/md0\x00', &(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='ext2\x00', 0x20000, &(0x7f00000006c0)='\x00')
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r4, &(0x7f0000000700)={0xa, 0x4e24, 0x6, @dev={0xfe, 0x80, [], 0x25}}, 0x1c)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000040)={0x1, 0x99, "b7ee1280b2c610ee889637239696ab159f50a7512558f6abb458cdcc16f78930a82a4826cbf13468d177861e97bb5ae0c149682300053f1aa094f2679d5fec6ab45d3aaa9fd58d2f9ad452532ccfc3e585f37ff5007625cae503fa175b72a4ee90b4bbd9d62fddb84bdaf32102a28f8a80fa0b8348414c83c8b93f5f7dab9257524f73021b1fb291e432aa83d40a42d2299f9c41ca6dfc9203"})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="ac010000170001000000000000000000e0000001000000000000000000000000000000000000000000000000000000000000ffffac1414007f0000010000000000000000000000000000000000000000000000000000000100"/104, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000e000000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084000500fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000d24639b3899290965e8add75ed0afdd8000000003c000000000000007f0000010000000000000000000000000000000000000000000000000000000000000000f3fee85cb8e09931a3c49bb1540317ce92250200a084380c435fc8efb8ee2c110d2cf3d83971014121390fd34cda821763547b0b9d41e8a22408a311436a57df9f4ff10ccd35394afe3b8d0730f96ddb7f7896d2f0e339d6489c847850df9ca662470a35a570533b2b015f76ebc011119f7d835fca9be55c7f32e4cba4d00c357b7299be1e1a441a3bc1dd"], 0x1ac}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)={0x14, 0x22, 0x829, 0x0, 0x0, {0x4, 0x1000000}}, 0x14}, 0x1, 0xfdffffff00000000}, 0x0)

22:36:55 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfec0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  302.164402] x86/PAT: syz-executor.4:19056 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  302.223130] x86/PAT: syz-executor.2:19071 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  302.301286] FAULT_INJECTION: forcing a failure.
[  302.301286] name failslab, interval 1, probability 0, space 0, times 0
[  302.341390] x86/PAT: syz-executor.4:19054 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  302.354489] CPU: 1 PID: 19106 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  302.361442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  302.361449] Call Trace:
[  302.361470]  dump_stack+0x172/0x1f0
[  302.361491]  should_fail.cold+0xa/0x1b
[  302.373432]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  302.373450]  ? lock_downgrade+0x880/0x880
[  302.380941]  __should_failslab+0x121/0x190
[  302.380958]  should_failslab+0x9/0x14
[  302.390168]  kmem_cache_alloc+0x2ae/0x700
[  302.390181]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  302.390198]  ? __vm_enough_memory+0x324/0x5a0
[  302.398196]  vm_area_dup+0x21/0x170
[  302.398213]  copy_process.part.0+0x3407/0x7a30
[  302.407361]  ? __cleanup_sighand+0x70/0x70
[  302.407373]  ? lock_downgrade+0x880/0x880
[  302.407396]  ? kasan_check_write+0x14/0x20
[  302.415476]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  302.415497]  _do_fork+0x257/0xfd0
[  302.415515]  ? fork_idle+0x1d0/0x1d0
[  302.424306]  ? fput+0x128/0x1a0
[  302.424322]  ? ksys_write+0x1f1/0x2d0
[  302.424340]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  302.424356]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  302.432697]  ? do_syscall_64+0x26/0x620
[  302.432711]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  302.432727]  ? do_syscall_64+0x26/0x620
[  302.440980]  __x64_sys_clone+0xbf/0x150
[  302.441002]  do_syscall_64+0xfd/0x620
[  302.447957]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  302.447967] RIP: 0033:0x459a59
[  302.447983] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  302.456486] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  302.456501] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  302.456510] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  302.456518] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  302.456524] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  302.456535] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  302.470095] x86/PAT: syz-executor.4:19054 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  302.502169] x86/PAT: syz-executor.2:19106 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  302.523055] x86/PAT: syz-executor.2:19106 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:55 executing program 3 (fault-call:6 fault-nth:0):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:36:55 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7ffffffff000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:55 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x300000, 0x0, 0x0, 0x0, 0x0)

22:36:55 executing program 2 (fault-call:9 fault-nth:28):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:55 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xff00, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:55 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x10000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  302.692028] x86/PAT: syz-executor.4:19184 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  302.725806] x86/PAT: syz-executor.2:19191 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:55 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$TIOCGISO7816(0xffffffffffffffff, 0x80285442, &(0x7f00000001c0))
setxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.capability\x00', &(0x7f0000000240)=@v2={0x2000000, [{0x7fffffff, 0x1}, {0x7, 0x200}]}, 0x14, 0x0)
getxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='security.capability\x00', &(0x7f0000227f74)=""/140, 0x8c)

[  302.762339] FAULT_INJECTION: forcing a failure.
[  302.762339] name failslab, interval 1, probability 0, space 0, times 0
22:36:56 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x34000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  302.805100] FAULT_INJECTION: forcing a failure.
[  302.805100] name failslab, interval 1, probability 0, space 0, times 0
[  302.814943] CPU: 1 PID: 19191 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  302.823324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  302.832680] Call Trace:
[  302.835282]  dump_stack+0x172/0x1f0
[  302.838933]  should_fail.cold+0xa/0x1b
[  302.842848]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  302.847967]  ? find_held_lock+0x35/0x130
[  302.852044]  ? percpu_ref_put_many+0x94/0x190
[  302.856554]  __should_failslab+0x121/0x190
[  302.860797]  should_failslab+0x9/0x14
[  302.864608]  kmem_cache_alloc+0x47/0x700
[  302.868682]  ? __lock_is_held+0xb6/0x140
[  302.872759]  anon_vma_clone+0xde/0x480
[  302.876667]  anon_vma_fork+0x8f/0x4a0
[  302.880475]  ? dup_userfaultfd+0x15e/0x6c0
[  302.884721]  ? memcpy+0x46/0x50
[  302.888018]  copy_process.part.0+0x34e5/0x7a30
[  302.892638]  ? __cleanup_sighand+0x70/0x70
[  302.896880]  ? lock_downgrade+0x880/0x880
[  302.901047]  ? kasan_check_write+0x14/0x20
22:36:56 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x40000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  302.905292]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  302.910153]  _do_fork+0x257/0xfd0
[  302.913621]  ? fork_idle+0x1d0/0x1d0
[  302.917347]  ? fput+0x128/0x1a0
[  302.920639]  ? ksys_write+0x1f1/0x2d0
[  302.924447]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  302.929210]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  302.933968]  ? do_syscall_64+0x26/0x620
[  302.937951]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  302.943321]  ? do_syscall_64+0x26/0x620
[  302.947301]  __x64_sys_clone+0xbf/0x150
[  302.951291]  do_syscall_64+0xfd/0x620
22:36:56 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xf0ff7f00000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  302.955105]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  302.960298] RIP: 0033:0x459a59
[  302.963494] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  302.982401] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  302.990117] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  302.997396] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  303.004671] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  303.011958] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  303.019234] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  303.027584] CPU: 0 PID: 19210 Comm: syz-executor.3 Not tainted 4.19.79 #0
[  303.034540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  303.036791] x86/PAT: syz-executor.4:19183 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  303.043892] Call Trace:
[  303.055129]  dump_stack+0x172/0x1f0
[  303.058775]  should_fail.cold+0xa/0x1b
[  303.062686]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  303.063555] x86/PAT: syz-executor.4:19183 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  303.067789]  ? lock_downgrade+0x880/0x880
[  303.067811]  __should_failslab+0x121/0x190
[  303.067833]  should_failslab+0x9/0x14
[  303.067845]  __kmalloc+0x2e2/0x750
[  303.067855]  ? __lock_acquire+0x6ee/0x49c0
[  303.067929]  ? get_pid_task+0xd4/0x190
[  303.067947]  ? rw_copy_check_uvector+0x28c/0x330
[  303.105184]  rw_copy_check_uvector+0x28c/0x330
[  303.109758]  ? mark_held_locks+0x100/0x100
[  303.114055]  import_iovec+0xc2/0x3e0
[  303.117760]  ? dup_iter+0x270/0x270
[  303.121374]  ? find_held_lock+0x35/0x130
[  303.125421]  ? __fget+0x340/0x540
[  303.128866]  vfs_readv+0xc6/0x160
[  303.132305]  ? compat_rw_copy_check_uvector+0x400/0x400
[  303.137657]  ? kasan_check_read+0x11/0x20
[  303.141924]  ? __fget+0x367/0x540
[  303.145375]  ? iterate_fd+0x360/0x360
[  303.149285]  ? __fget_light+0x1a9/0x230
[  303.153261]  do_preadv+0x1c4/0x280
[  303.156797]  ? do_readv+0x370/0x370
[  303.160440]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  303.165198]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  303.169949]  ? do_syscall_64+0x26/0x620
[  303.173915]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  303.179269]  ? do_syscall_64+0x26/0x620
[  303.183247]  __x64_sys_preadv+0x9a/0xf0
[  303.187211]  do_syscall_64+0xfd/0x620
[  303.191003]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  303.196180] RIP: 0033:0x459a59
[  303.199363] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  303.218249] RSP: 002b:00007f1f24627c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  303.225955] RAX: ffffffffffffffda RBX: 00007f1f24627c90 RCX: 0000000000459a59
[  303.233208] RDX: 00000000000002a9 RSI: 00000000200009c0 RDI: 0000000000000005
[  303.240470] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  303.247732] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1f246286d4
22:36:56 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x400000, 0x0, 0x0, 0x0, 0x0)

[  303.254992] R13: 00000000004c6fa7 R14: 00000000004dc6c0 R15: 0000000000000006
22:36:56 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
tkill(0x0, 0x9)
r1 = socket$inet6(0xa, 0x802, 0x0)
bind$inet6(r1, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRES32, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000002540), 0x1000)
write$FUSE_INIT(r2, &(0x7f0000000080)={0x50, 0x0, 0x1}, 0x50)
read$FUSE(r2, &(0x7f0000000480), 0x93f)
write$FUSE_ENTRY(r2, &(0x7f0000000280)={0x90, 0x0, 0x2, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000002c0f}}}, 0x90)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r4 = dup3(r0, r3, 0x80000)
ioctl$SG_GET_PACK_ID(r4, 0x227c, &(0x7f0000000100))
ioctl$int_in(r2, 0x5452, &(0x7f00000000c0))
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
connect$inet6(r1, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote, @local, {[], @udp={0x0, 0x0, 0x8}}}}}}, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000600)={'team_slave_0\x00'})
mkdirat(r5, &(0x7f0000000740)='./bus\x00', 0x0)
write$FUSE_INIT(r5, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x1f, 0xfffffffffffffffd, 0x80, 0x2, 0x0, 0x0, 0x628}}, 0x50)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
mknodat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
rmdir(&(0x7f0000000200)='./file0\x00')

[  303.303969] x86/PAT: syz-executor.2:19411 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  303.382832] x86/PAT: syz-executor.2:19411 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  303.419024] x86/PAT: syz-executor.4:19421 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:56 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:36:56 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x100000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:56 executing program 2 (fault-call:9 fault-nth:29):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:56 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xf0ffffff7f0000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:56 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x400300, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  303.629434] x86/PAT: syz-executor.2:19434 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:56 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x100000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  303.691038] x86/PAT: syz-executor.4:19416 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  303.719346] x86/PAT: syz-executor.4:19416 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  303.719997] FAULT_INJECTION: forcing a failure.
[  303.719997] name failslab, interval 1, probability 0, space 0, times 0
22:36:56 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
tkill(0x0, 0x9)
r1 = socket$inet6(0xa, 0x802, 0x0)
bind$inet6(r1, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRES32, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000002540), 0x1000)
write$FUSE_INIT(r2, &(0x7f0000000080)={0x50, 0x0, 0x1}, 0x50)
read$FUSE(r2, &(0x7f0000000480), 0x93f)
write$FUSE_ENTRY(r2, &(0x7f0000000280)={0x90, 0x0, 0x2, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000002c0f}}}, 0x90)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r4 = dup3(r0, r3, 0x80000)
ioctl$SG_GET_PACK_ID(r4, 0x227c, &(0x7f0000000100))
ioctl$int_in(r2, 0x5452, &(0x7f00000000c0))
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
connect$inet6(r1, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote, @local, {[], @udp={0x0, 0x0, 0x8}}}}}}, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000600)={'team_slave_0\x00'})
mkdirat(r5, &(0x7f0000000740)='./bus\x00', 0x0)
write$FUSE_INIT(r5, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x1f, 0xfffffffffffffffd, 0x80, 0x2, 0x0, 0x0, 0x628}}, 0x50)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
mknodat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
rmdir(&(0x7f0000000200)='./file0\x00')

22:36:56 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x6b6b6b, 0x0, 0x0, 0x0, 0x0)

[  303.826100] CPU: 0 PID: 19434 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  303.833088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  303.842448] Call Trace:
[  303.845052]  dump_stack+0x172/0x1f0
[  303.848694]  should_fail.cold+0xa/0x1b
[  303.852600]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  303.857729]  ? find_held_lock+0x35/0x130
[  303.861808]  ? percpu_ref_put_many+0x94/0x190
[  303.866320]  __should_failslab+0x121/0x190
[  303.870569]  should_failslab+0x9/0x14
[  303.874372]  kmem_cache_alloc+0x47/0x700
[  303.878444]  ? __lock_is_held+0xb6/0x140
[  303.882523]  anon_vma_clone+0xde/0x480
[  303.886427]  anon_vma_fork+0x8f/0x4a0
[  303.890232]  ? dup_userfaultfd+0x15e/0x6c0
[  303.894469]  ? memcpy+0x46/0x50
[  303.897758]  copy_process.part.0+0x34e5/0x7a30
[  303.902370]  ? __cleanup_sighand+0x70/0x70
[  303.906611]  ? lock_downgrade+0x880/0x880
[  303.910775]  ? kasan_check_write+0x14/0x20
[  303.915018]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  303.919872]  _do_fork+0x257/0xfd0
[  303.923333]  ? fork_idle+0x1d0/0x1d0
[  303.927049]  ? fput+0x128/0x1a0
[  303.930340]  ? ksys_write+0x1f1/0x2d0
[  303.934149]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  303.938908]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  303.943671]  ? do_syscall_64+0x26/0x620
[  303.947647]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  303.953012]  ? do_syscall_64+0x26/0x620
[  303.956994]  __x64_sys_clone+0xbf/0x150
[  303.960975]  do_syscall_64+0xfd/0x620
[  303.964797]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  303.969985] RIP: 0033:0x459a59
[  303.973182] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  303.992092] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  303.999818] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  304.007095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  304.014375] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
22:36:57 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x10)

22:36:57 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x200000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:57 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x1000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:57 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
tkill(0x0, 0x9)
r1 = socket$inet6(0xa, 0x802, 0x0)
bind$inet6(r1, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRES32, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000002540), 0x1000)
write$FUSE_INIT(r2, &(0x7f0000000080)={0x50, 0x0, 0x1}, 0x50)
read$FUSE(r2, &(0x7f0000000480), 0x93f)
write$FUSE_ENTRY(r2, &(0x7f0000000280)={0x90, 0x0, 0x2, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000002c0f}}}, 0x90)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r4 = dup3(r0, r3, 0x80000)
ioctl$SG_GET_PACK_ID(r4, 0x227c, &(0x7f0000000100))
ioctl$int_in(r2, 0x5452, &(0x7f00000000c0))
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
connect$inet6(r1, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote, @local, {[], @udp={0x0, 0x0, 0x8}}}}}}, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000600)={'team_slave_0\x00'})
mkdirat(r5, &(0x7f0000000740)='./bus\x00', 0x0)
write$FUSE_INIT(r5, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x1f, 0xfffffffffffffffd, 0x80, 0x2, 0x0, 0x0, 0x628}}, 0x50)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
mknodat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
rmdir(&(0x7f0000000200)='./file0\x00')

[  304.021653] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  304.028940] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:57 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x300000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  304.135033] x86/PAT: syz-executor.2:19657 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  304.172031] x86/PAT: syz-executor.4:19663 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:57 executing program 2 (fault-call:9 fault-nth:30):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  304.262691] x86/PAT: syz-executor.2:19657 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  304.286541] x86/PAT: syz-executor.4:19658 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:57 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x2000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  304.348810] x86/PAT: syz-executor.4:19658 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:57 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x700101, 0x0, 0x0, 0x0, 0x0)

22:36:57 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x400000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:57 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x3000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  304.511983] x86/PAT: syz-executor.2:19876 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:57 executing program 0:
bind$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, {0xffffffffffffffff, 0x0, 0x2}}, 0xa)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, {0xffffffffffffffff}}, 0xa)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="78904340c7e8508f01311927b946e7cd4e30cc4c1bb43574fd423c2359bada583f1f", @ANYPTR64], 0x8)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="0008006de78b6bda"], 0xda00)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$VHOST_SET_VRING_ENDIAN(r4, 0x4008af13, &(0x7f0000000100)={0x0, 0x5e})
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_int(r2, &(0x7f0000000200), 0x43400)

22:36:57 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x500000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:57 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fstat(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in=@broadcast, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@loopback}, 0x0, @in6=@ipv4={[], [], @initdev}}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000a00)={0x0, 0x0, <r3=>0x0}, 0x0)
lchown(&(0x7f0000000300)='./file0\x00', r2, r3)
chown(&(0x7f0000000000)='./file0\x00', r1, r3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000b40)=@nat={'nat\x00', 0x1b, 0x5, 0x568, 0x0, 0x130, 0x130, 0x130, 0x278, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x5, &(0x7f0000000ac0), {[{{@ip={@local, @rand_addr=0x3, 0xff000000, 0x0, 'nr0\x00', 'lapb0\x00', {0xff}, {0x657f457c3d9b353e}, 0x6c, 0x0, 0x1}, 0x0, 0xf8, 0x130, 0x0, {}, [@common=@unspec=@quota={0x38, 'quota\x00', 0x0, {0x0, 0x0, 0x4000000000000000, 0x9}}, @common=@ttl={0x28, 'ttl\x00', 0x0, {0x3, 0x7}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x2, @local, @empty, @icmp_id=0x68, @icmp_id=0x68}}}}, {{@uncond, 0x0, 0x110, 0x148, 0x0, {}, [@common=@osf={0x50, 'osf\x00', 0x0, {'syz0\x00', 0x4, 0x4, 0x0, 0x1}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x3, 0xff, 0xff, 0x1}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xc, @remote, @rand_addr=0x800, @gre_key, @icmp_id=0x68}}}}, {{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0xff, 0xffffffff, 'team0\x00', 'veth0\x00', {0xe969fed041d9d738}, {0xff}, 0x4, 0x2, 0x8}, 0x0, 0xf0, 0x128, 0x0, {}, [@common=@ah={0x30, 'ah\x00', 0x0, {0x43, 0x101}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x0, 0x81, 0xdf}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x2, @multicast2, @dev={0xac, 0x14, 0x14, 0x18}, @port=0x4e22, @gre_key}}}}, {{@uncond, 0x0, 0xf8, 0x130, 0x0, {}, [@common=@set={0x40, 'set\x00', 0x0, {{0x6, [0x3, 0x400, 0x4, 0x6, 0x81, 0x80000000], 0x6e, 0x9}}}, @common=@socket0={0x20, 'socket\x00'}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x2, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @gre_key=0x4000, @gre_key=0x5}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x5c8)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000440)='trusted.overlay.origin\x00', &(0x7f0000001140)='y\x00', 0x2, 0x0)
preadv(r6, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000a40)="8dc3266d60ac0b618cb78d243fe86da56df9f2cf799cc28cc46785f1c888b9d119810284527e7b64df7d02c2a596094820221813db1d74dd58b67d111e2601832e", 0x41}, {&(0x7f00000000c0)="fadd071b9a452b1260a3b732bcfad7387efa75ef4248830ae90803da2cc6494c88555525ef1bf19e5c6c07b23681329aff50aa", 0x33}], 0x2)
open(0x0, 0x141042, 0x0)

[  304.625932] x86/PAT: syz-executor.4:19886 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  304.661895] FAULT_INJECTION: forcing a failure.
[  304.661895] name failslab, interval 1, probability 0, space 0, times 0
[  304.687112] CPU: 1 PID: 19888 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  304.694105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  304.703473] Call Trace:
[  304.706082]  dump_stack+0x172/0x1f0
[  304.709737]  should_fail.cold+0xa/0x1b
[  304.713645]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  304.718776]  ? __lock_is_held+0xb6/0x140
[  304.722863]  __should_failslab+0x121/0x190
[  304.727115]  should_failslab+0x9/0x14
[  304.730938]  kmem_cache_alloc+0x47/0x700
[  304.735017]  ? anon_vma_chain_link+0x154/0x1c0
[  304.739615]  anon_vma_clone+0xde/0x480
[  304.743526]  anon_vma_fork+0x8f/0x4a0
[  304.747332]  ? dup_userfaultfd+0x15e/0x6c0
[  304.751573]  ? memcpy+0x46/0x50
[  304.754876]  copy_process.part.0+0x34e5/0x7a30
[  304.759490]  ? __cleanup_sighand+0x70/0x70
[  304.763777]  ? lock_downgrade+0x880/0x880
[  304.767931]  ? kasan_check_write+0x14/0x20
[  304.767946]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  304.767963]  _do_fork+0x257/0xfd0
[  304.767979]  ? fork_idle+0x1d0/0x1d0
[  304.767996]  ? fput+0x128/0x1a0
[  304.777056]  ? ksys_write+0x1f1/0x2d0
[  304.777077]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  304.777090]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  304.777102]  ? do_syscall_64+0x26/0x620
[  304.777118]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  304.777130]  ? do_syscall_64+0x26/0x620
[  304.777148]  __x64_sys_clone+0xbf/0x150
[  304.777162]  do_syscall_64+0xfd/0x620
[  304.777179]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  304.784317] RIP: 0033:0x459a59
[  304.784331] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  304.784338] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  304.784352] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  304.784359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  304.784366] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  304.784373] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
22:36:57 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x600000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:57 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x4000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:58 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f00000002c0)={&(0x7f0000000180), &(0x7f0000000240)=""/66, 0x42})
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101480, 0x0)
r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/status\x00', 0x0, 0x0)
bind$bt_sco(r3, &(0x7f0000000340)={0x1f, {0x8, 0x65, 0x2, 0x97, 0x4, 0x5}}, 0x8)
openat(r2, &(0x7f00000000c0)='./file0\x00', 0x20000, 0x10)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r4 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r5, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/61, 0xfdfa}], 0x8, 0x0)
open(0x0, 0x141042, 0x0)
bind(0xffffffffffffffff, &(0x7f0000000a40)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(aes-aesni)\x00'}, 0x80)

[  304.784381] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  304.911000] x86/PAT: syz-executor.2:19888 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  304.993599] x86/PAT: syz-executor.4:19886 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  305.029419] x86/PAT: syz-executor.2:19888 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:58 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x700000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  305.059152] x86/PAT: syz-executor.4:19886 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:58 executing program 2 (fault-call:9 fault-nth:31):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:58 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x5000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:58 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x1000000, 0x0, 0x0, 0x0, 0x0)

22:36:58 executing program 0:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fstat(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000340)={{{@in=@broadcast, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@loopback}, 0x0, @in6=@ipv4={[], [], @initdev}}}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000a00)={0x0, 0x0, <r3=>0x0}, 0x0)
lchown(&(0x7f0000000300)='./file0\x00', r2, r3)
chown(&(0x7f0000000000)='./file0\x00', r1, r3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000b40)=@nat={'nat\x00', 0x1b, 0x5, 0x568, 0x0, 0x130, 0x130, 0x130, 0x278, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x4d0, 0x5, &(0x7f0000000ac0), {[{{@ip={@local, @rand_addr=0x3, 0xff000000, 0x0, 'nr0\x00', 'lapb0\x00', {0xff}, {0x657f457c3d9b353e}, 0x6c, 0x0, 0x1}, 0x0, 0xf8, 0x130, 0x0, {}, [@common=@unspec=@quota={0x38, 'quota\x00', 0x0, {0x0, 0x0, 0x4000000000000000, 0x9}}, @common=@ttl={0x28, 'ttl\x00', 0x0, {0x3, 0x7}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x2, @local, @empty, @icmp_id=0x68, @icmp_id=0x68}}}}, {{@uncond, 0x0, 0x110, 0x148, 0x0, {}, [@common=@osf={0x50, 'osf\x00', 0x0, {'syz0\x00', 0x4, 0x4, 0x0, 0x1}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x3, 0xff, 0xff, 0x1}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0xc, @remote, @rand_addr=0x800, @gre_key, @icmp_id=0x68}}}}, {{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, 0xff, 0xffffffff, 'team0\x00', 'veth0\x00', {0xe969fed041d9d738}, {0xff}, 0x4, 0x2, 0x8}, 0x0, 0xf0, 0x128, 0x0, {}, [@common=@ah={0x30, 'ah\x00', 0x0, {0x43, 0x101}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x0, 0x81, 0xdf}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x2, @multicast2, @dev={0xac, 0x14, 0x14, 0x18}, @port=0x4e22, @gre_key}}}}, {{@uncond, 0x0, 0xf8, 0x130, 0x0, {}, [@common=@set={0x40, 'set\x00', 0x0, {{0x6, [0x3, 0x400, 0x4, 0x6, 0x81, 0x80000000], 0x6e, 0x9}}}, @common=@socket0={0x20, 'socket\x00'}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x2, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @gre_key=0x4000, @gre_key=0x5}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x5c8)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
setxattr$trusted_overlay_origin(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000440)='trusted.overlay.origin\x00', &(0x7f0000001140)='y\x00', 0x2, 0x0)
preadv(r6, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000a40)="8dc3266d60ac0b618cb78d243fe86da56df9f2cf799cc28cc46785f1c888b9d119810284527e7b64df7d02c2a596094820221813db1d74dd58b67d111e2601832e", 0x41}, {&(0x7f00000000c0)="fadd071b9a452b1260a3b732bcfad7387efa75ef4248830ae90803da2cc6494c88555525ef1bf19e5c6c07b23681329aff50aa", 0x33}], 0x2)
open(0x0, 0x141042, 0x0)

22:36:58 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xa00000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:58 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x1, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:36:58 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x6000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:36:58 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000040)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]})
write$P9_RAUTH(r1, &(0x7f0000000080)={0x14}, 0x14)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)

[  305.300445] x86/PAT: syz-executor.4:20230 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  305.320263] x86/PAT: syz-executor.2:20232 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  305.372393] FAULT_INJECTION: forcing a failure.
[  305.372393] name failslab, interval 1, probability 0, space 0, times 0
22:36:58 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4800000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  305.436753] CPU: 1 PID: 20239 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  305.443734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  305.453098] Call Trace:
[  305.455698]  dump_stack+0x172/0x1f0
[  305.459343]  should_fail.cold+0xa/0x1b
[  305.463264]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  305.468380]  ? lock_downgrade+0x880/0x880
[  305.472546]  __should_failslab+0x121/0x190
[  305.476797]  should_failslab+0x9/0x14
[  305.480612]  kmem_cache_alloc+0x2ae/0x700
22:36:58 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x7000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  305.484764]  ? anon_vma_clone+0x320/0x480
[  305.488923]  anon_vma_fork+0xfc/0x4a0
[  305.492734]  ? dup_userfaultfd+0x15e/0x6c0
[  305.496978]  ? memcpy+0x46/0x50
[  305.500269]  copy_process.part.0+0x34e5/0x7a30
[  305.504887]  ? __cleanup_sighand+0x70/0x70
[  305.509131]  ? lock_downgrade+0x880/0x880
[  305.513303]  ? kasan_check_write+0x14/0x20
[  305.517551]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  305.522402]  _do_fork+0x257/0xfd0
[  305.525865]  ? fork_idle+0x1d0/0x1d0
[  305.529585]  ? fput+0x128/0x1a0
[  305.532876]  ? ksys_write+0x1f1/0x2d0
22:36:58 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x8000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  305.536688]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  305.541457]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  305.546231]  ? do_syscall_64+0x26/0x620
[  305.550218]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  305.555675]  ? do_syscall_64+0x26/0x620
[  305.559765]  __x64_sys_clone+0xbf/0x150
[  305.563754]  do_syscall_64+0xfd/0x620
[  305.567570]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  305.572769] RIP: 0033:0x459a59
22:36:58 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x9000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  305.575975] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  305.594986] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  305.602801] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  305.610089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  305.617376] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  305.624681] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  305.631960] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:36:58 executing program 2 (fault-call:9 fault-nth:32):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:36:58 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xa000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  305.719792] x86/PAT: syz-executor.2:20239 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  305.724905] x86/PAT: syz-executor.4:20230 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  305.729155] x86/PAT: syz-executor.2:20239 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  305.750690] x86/PAT: syz-executor.4:20230 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:58 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x1017000, 0x0, 0x0, 0x0, 0x0)

22:36:58 executing program 0:
r0 = shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000ffe000/0x1000)=nil)
shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000000))
r1 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000002fc8)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="5500000018007f0212fe01b2a4a280930a06000000a84306910000000b000f0035020000060003d91900154004000001d40240dc000000002afaf984136ef75afb83de441100d13d0d0005000000060cec4faba7d4", 0x55}], 0xa7}, 0x0)
prctl$PR_GET_CHILD_SUBREAPER(0x25)
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/current\x00', 0x2, 0x0)

22:36:58 executing program 3:
r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7f, 0x200)
getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000000300)={'nat\x00', 0x0, 0x3, 0x17, [], 0x9, &(0x7f0000000240)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f00000000c0)=""/23}, &(0x7f0000000180)=0x78)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:36:58 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x4c00000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:59 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xf000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  305.855989] netlink: 'syz-executor.0': attribute type 15 has an invalid length.
[  305.907305] netlink: 'syz-executor.0': attribute type 21 has an invalid length.
[  305.936508] IPv6: NLM_F_CREATE should be specified when creating new route
[  305.946478] x86/PAT: syz-executor.2:20548 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  305.980736] FAULT_INJECTION: forcing a failure.
[  305.980736] name failslab, interval 1, probability 0, space 0, times 0
[  305.994559] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  306.001123] IPv6: NLM_F_CREATE should be set when creating new route
[  306.007685] IPv6: NLM_F_CREATE should be set when creating new route
[  306.031393] CPU: 0 PID: 20548 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  306.038375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  306.047741] Call Trace:
[  306.050360]  dump_stack+0x172/0x1f0
[  306.053999]  should_fail.cold+0xa/0x1b
[  306.057900]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  306.063015]  ? lock_downgrade+0x880/0x880
[  306.067187]  __should_failslab+0x121/0x190
[  306.071429]  should_failslab+0x9/0x14
[  306.075235]  kmem_cache_alloc+0x2ae/0x700
22:36:59 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6800000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:59 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
write$binfmt_script(r2, &(0x7f0000000a40)={'#! ', './file0', [{}, {0x20, 'cgroup2\x00'}], 0xa, "ee1f4e265620ad2006243ee827803d8901586d326dc5ad382285bd7ae9b03e8d421a1d5f50aace9460a14d378c6df135c853aae177a9834c73eb21bed79501c45025166ac282d5961ba7ca86a38f9358fedfc9a970298caca9fd807571312e5acbec41f07cce4d7869f192d7106f1f9e9832bd64c15669019b51c7c3b88ec8b076b8277257a284319451e3daac9b8d1c4068a2a68fbc8e4a04f1a2f648bf586b109ed4d97a75f60674280de82d20524669a3214559572cb042adaf8307b2d6955e310ca522dbce849072f25fc5e53214c79f3825211b70aa01069f1d13b7c6b0f9b897d309195d0736a048162c122d7086c1b03b5851d42cfbad868bcdc0e4a69672abeb9d9404f055cb57e41010afed896e336b0bf2ac63640673024b684eb38d1d36e1a6b83e1bb2b92e904e4e4ba1b5403130c64208bf106fdfac46136a10513d1391fe194bc874f54996befc4242e3c2f366df2009372e75e4533b88052125910b77ce4e2b1ebcf400c61a9f0baa0fcd23d5f9c7cb1505ec88c032cf91b36265c0c650f2f5210fed1a891e688bd6f56ed850a4c7f0494a507ad005dbc82735c923027e267690bf1ea5dbf710053e68d7481f2e220effc49f95ebe6c5e1a65665b845566f6753596e538f902f6a69c820c053d391898672348508987f0e2cf2bb300645d5d6a400f143c9a07d18756257e6726e79490d6a07b308143b7001fdde1c161aee11822788f05e7ccd7a71dbb694b4f76f25e3831e82c2b0fb560785edfe71920fc5fcd062a016afcb99073fd9f98fb466bbf1ef37251e29d4763569891eba468c9160668c8b5836dc92088c7aff814ec0b1bee64f887d14496a306132e84a878d40105b6c5e0bd37812077a93c3783c7c864da47a6eea76592c4dc42d2c7380c75c2cb65223142d23045a060d473770d43f680d31abf11e202ddbfb0bd89bd37a5d0bf014d71d5f9933c707ff73942c0ad31f8e3f94170c266ad12aaac8c5ed7c9b78f05776a65a06647ad814c97a9cc07103a420320b1e59e0e022ef9217f658c31dd7560f32a3269b4e949561bfc3d41fda96a3e78c88f8e82913373161e76580be3678f0e0296781daa51e23756d479f532fd60cf8105262d8a3e75bb790c6f4b555767d47a8e3101ea6be131f8d03bac6026f80b3ce767b93bfd7ad03a8126df192374d52305744fcf61ac4760c1bb98d0eec1858191b82287b38659c1653b0068a3e34998dc336f49f959df43c34f1a417cf6faa74222ca024b1756a317b973907d20bbd38c1fae18df55ef2b688866d9b95ff6a28973456981a9f4550bc9cb35e56c76aee6162109eef72b8bbddb28b81d56712a665ba5959127742e257298f148e06aeb617d07a9e4e7fc28cb991a0647817a875ecbac7df99da1a6d92e180f0bfaa5074a92fd54efb4037dee6a10d6e5226140e6c4dd118b897e0e63964def93b7fdf9d8e3651005c565f83f564455ecb63d7a60a0dd83f5e647ae4d49af8c183669d277abc2af8633a2e48194c67eadb7e15c6b60f03dad6c458f463a7bbb846382030e6ebdeeba6491c7df220d7f94640628da05842db1230df651d9de016fe4a9426948c5dde0fec5d0c3c3634240c00e595e4cbbce19d072f040130c107b7e61e750d2a6c791d4029d0ec6d86702cf03591aff6646aacb0a57e47e9ecf927ee3546baa0c0d0979cee05017a8203e6d4dbb35891c4428739fa45fbed0ef7dfe13b8bb96c35ec1c8bb3be69a5ce0a82797c08e26595a8cac1ff89e9e547f3888d44cc7a46c1d426d04beeacfbeeb29cb1c871a1852be1269614b23bf29121456f86ae413455d18b4cc3eab959f31e8d538b05075f61fbc92144db1f6e559dd572bddd0b85e6ec09d9003a56d73f19f38f85f7075bde1a8b7a30860b3723befa0d223b6204a4983b96882d143d3e5e9fd2c119190fff151c073081feb05650e92769c90f7bfe60ff889e270571cdb723f75be7886c2f4439c67c2301f18caaa154a8c8a603717af4bc9432bec83330876ab495f1a1e9432721e83c3ede00bebd7f218cd6aced7f2f22bcc037d5f7d912800750c9e31bf93633b341b60805c03880629eea4c315ae07b752e36a004dd678a555db75990e66186bc2f56a2aca11540b13e02c4f28b06bd7788105681ddf2f3b5dc00d0dedb736c21078b60594579069f29d3b2231a54df51f164c77367895816ec689b8d6748ce2e1b14496d81243c0aa3d682feaf7b8baefd6dbfd2ceb47ee7a998d2647fc72346931cd7c8ffc344032e27dca9d95ac259172719a575e50f1b8e89331c5c301c7dc291f2367add7f6f504f6a105b6b7c8b26e6440f22b3c1cd74d7e8ba5cc5796c72c2fd33501dc01ed6a3b265927f680f956f69dc6729b71a5ed7a9dd483f4db1f7da7a807969a89b9a81cf8d908c449fdb5c16d746ff1f0dc2e4188700b00e88da5e18ecf624a6a69bdd26c12ae59440ef78ea2c11c11d15466aa62dce610f7f765ff8a7bcc386ff638723d3ae268b57a89ddd13d9914ad26135672e9e3bab3cbf71fd50a8cb283a707cc1a17678617122820e633f1955baf8bb98f5aa534e244ddf72bf5348c5e3cf589e87a9f2fc8c97c1e253f0faa144ec086c2ac9707b1597e3b4b35a5bf94a61f059a78b501212f38e0a8964b08cb6a4b453bed0706e749409b93aebe56bbd5dc3de05a8a9f307361b8511c4cd698477b0b065d97caf58aa953be1e494719ed9f9bdd4c336c6b3c34a011727dfa2b8253181ccf10dafee1acc9327d7744bf37d627c4119dfc77ac63518d9204c2bc1b4a980e4aa98bdc59d8cb266c16d69e91d3de37987884e358d4b2bcf0fed7f8e2e080d6bfbf162b741e10495ce6669e5bb4adb21228bf5413e3f92292f26771bf0047166fad00fc895869d9bd058b3d6a90d22e75dc1f86b749469d76228d279035398bad8a92ba3272b87cf9cc07bf4a444ecf2d526c97d5beee35026dd9d229a28e984e930af2be33a6e836830ace047b0fbf73086e80325ee6491a54e11d64a32cf351af771199d54e750036b50b68a56d76d12afc260d95b7d20c443fc5726f850464d76d70f1b8089063600d70c5bf9ae60e0642badc56a670a96627b1a37ab5e3d9ce77d59cf9a1301db6ce3d1df02db5b27b466c7153372090ce690da7cb17ed972355c890cb96c92b79fbc7b111ebadb502623e4ace19bd519823bdec005f8403f00f5c1f88b7e7ceccf0c5531e06ea0ea6300f826aabe6bbe8580c8bc642724606f3ded1cb8bf0c92d7c1129cc09202f33e6feb25ab5ee49bf06676bbc19522976c4ad2ca8c8060fb09ce6e562915c2a06ce91b1b12589990b9d5c25e4a72bb54e4a63fdc53959f14acdd00aabdfc97ab758858c9c04d4715b3020e15aedf9933dbc3a775233e0d5dce8881530cd345ad7c69949cabb8276a58254871224b82c160d40f3f4c1bd0688926cbb0c480fa3949036fd0fed47901d845c414c72377d15c79c3907a1dc2668facdd0b9052ea8daef970e8da2478b16722878532c1accb9628fbd0ce6e5dee78a3ee9d5bb62782653c93a591ca30602024332bc1849358007fce79e7c27f698b2114d77edabb7606b4b80cf9a2a65c8f883287b3ad60ad9a511bc5bad195e00a78fe2a39a6410328ea03223492e058bd9876bc1ca53c9ab1040c77d7121f5104d983b39e3b1cabe6a2d71ef55b904e7a97fd77639511b403232bfc1fa726fffa9e900c3a6c95464a26e57f6e7cc4c68bc7ce051c24f667ba3e1ddf665c1da0c989ab1b38953d5b2b47373cdffaa03630478bd4ebc6abefd92091bf247a54e7e54dc98d5e1521a88add2ffd239c41ae06acc0f499486a2be875e6a93e823daaaeb88c750fbf54feb95f9fb1f50bc3107766f710dbc56de2ffc896c5cf2b27e3021dacde5da0d35c8df602574def33a0ebd0cae7eea2049d5a7558142e980131372d7f2dd92265f884ae4438e1f258e1e5a658c036bb76a3f36084521ffb7d123f606735620fd4141362674f37c3de7b70e4f5afa912187760b1f6bc8fc6497f1439a99576f8f663be96b0ee12ad2ca28de39988abde7b1da0a79a629c7148605ad0c9dde6038074b5fb4ad6ba8a65ac80c25bf5345ecc048337429e3f7a0f9c889e638e971e1835d6a563c93d4af70e063f456db15a2da9a5fe11c3bd3ff5aa049e9eb5eaae6718d9f43ba317be0a0dbca8ab14ff1969054fcaba8393c3b0ed8c06577ef031f3e0b3403ea6f68698f0adbccd3b54a9f230c161d5c2ef03699198f8b903e32173ea4b9365427df69580094a8fce2adf6134309d354e721e58bdc7b7808e68e8db4da1c94656e8a89ad976fc41475151f3c171473fbe56a458e88dc3b1e8132149249c64485e7697ade534c7e59af60fdb6a3d0f3236be95b2561f5f825165d1957eb3f3578887bf2769a448646b190951f6e28c1098b09116b7c3a2bb1862675581d158b4940543ced7e88c577d8a46b11bc6d0c004a84f6b6f257fed949c7661f4ef875a76301fd3cd34fe5a8034d3b8ca39e31d3bdb5d9cfce78af3e3a9ce06134c7d1c071f4d8d70420116024afb626a3b04f15b4a3ebe04ab4db4e580945fb32c3449280058893cb55a0b73a3e799ae1ed120a5031427627959d805d192051e78f89db4bc903999d924cda4c98f104d0add5289bcd2de7bcdd2d8ede44b88ec12609b58ebb3cd5e6988ab1ad7d313c4c3887285d92553489102715106a64fac2111f834ca19b4cf4f84d38dae810348ed3329178a9e7baf02e0a6423bca6b68613f668026f1369d26e94670f3696eeff40c08862088f05e9624763e8d7f01d5a527c5f28a0972fb5d1b63f1d4d90a48e155abd38f83550d3850c1ba8d5f5ac57d2e20f8c886cbdb541b2e97a7b4edc2a6e643e93d799fe806de93d0782a377760ead12fe808ff2adf81129fc224eba6bbe6e0b97968ade7400bdffc05cb6f176686daace6b0eb3ec70742e9434d99e3eb6ed289a30ff412da18e9a392bb1c6f54819a5df0fa222ea1bfc78a60fe3cab1c8abc5bf4b23b3e3777d9b75331a7e94246806a47c7df9a2378e7d7064d51d7b7cce32e1b9ba15965c1069c4bcbb3c605022f690b721500055f3dc6fbf9d6100df6d3e83733ab4dc80887b7ae226c4fdc5275a70e1f1e84fa91afd0229dfe9b05968dd99e7eaffd54a777ae59cfb710b93a63f02fbb61675bd86bc88f8040731ce4e61c96e3f200be0f0477131dfda7ac2ab4226b3c6889d41eeab8c968ca97d4af65de8e7addea3ad76c94683c33a1b6fe6ecba964e243306b49add9c9211904718282c0febfc2cd9a9a750617a6bcff6f7be5fc4740957498896a42b7e636e8278a82fb512011bdb49cdf60a542896b45e502a977dc291034991d764a86565372bc76bb8df70ab894a27058661288283891dca881227d3f4e7924b2b59be3ee33a1cba905cc8be8d85e686c66017e0b01f5e487a5d856b37134aa84e47ad29725a8327d33d48f5ade650e5801174f09abab907971cd847196ad5147be6f762d2fdb3179ec9aeb57d27f931caa8911fca1ef798d6bdc198500c14e816c937b982bbf3c158204f369cc2a726ede2d62841518b1364ab24284929cb3f81766ebdad5423ec1e7ec6b697a61258235d02bd63b308bd0c41703d3814760fed62c27adbe848f5399c37967a7a9d72ddb9fc641c9630d8c33fa1dde308c6e4e115f8812aa430b69515578e5365316ca9c7c6465091f5309c72c752cec4b43934d67e96faf2f237b485fe307a4041247adc2e64125a1a47ebab7d68cca336595440d"}, 0x1015)
open(0x0, 0x141042, 0x0)

[  306.080444]  ? anon_vma_clone+0x320/0x480
[  306.084605]  anon_vma_fork+0xfc/0x4a0
[  306.088422]  ? dup_userfaultfd+0x15e/0x6c0
[  306.092658]  ? memcpy+0x46/0x50
[  306.095953]  copy_process.part.0+0x34e5/0x7a30
[  306.100566]  ? __cleanup_sighand+0x70/0x70
[  306.104802]  ? lock_downgrade+0x880/0x880
[  306.108974]  ? kasan_check_write+0x14/0x20
[  306.113214]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  306.118073]  _do_fork+0x257/0xfd0
[  306.121545]  ? fork_idle+0x1d0/0x1d0
[  306.125271]  ? fput+0x128/0x1a0
[  306.128565]  ? ksys_write+0x1f1/0x2d0
[  306.132366]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  306.137113]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  306.141857]  ? do_syscall_64+0x26/0x620
[  306.145841]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  306.151197]  ? do_syscall_64+0x26/0x620
[  306.155180]  __x64_sys_clone+0xbf/0x150
[  306.159150]  do_syscall_64+0xfd/0x620
[  306.162942]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  306.168115] RIP: 0033:0x459a59
[  306.171293] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  306.190176] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  306.197874] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  306.205133] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  306.212393] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  306.219652] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  306.226916] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  306.243437] netlink: 'syz-executor.0': attribute type 15 has an invalid length.
[  306.251123] netlink: 'syz-executor.0': attribute type 21 has an invalid length.
[  306.268427] x86/PAT: syz-executor.2:20548 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:36:59 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x2000000, 0x0, 0x0, 0x0, 0x0)

[  306.270517] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
22:36:59 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x220101, 0x0)
fchdir(r0)
socket$alg(0x26, 0x5, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
io_setup(0x1ff, &(0x7f00000004c0)=<r2=>0x0)
io_submit(r2, 0x0, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0xfffffffffffffe8a, 0x0, 0x0, 0x1}])
connect$vsock_stream(r1, &(0x7f00000001c0)={0x28, 0x0, 0x2711, @my=0x1}, 0x10)
ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000080)={0x673, 0x1, 0x1})
getresuid(&(0x7f0000000340), &(0x7f0000000500)=<r3=>0x0, &(0x7f0000000580))
stat(&(0x7f00000005c0)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
syz_mount_image$gfs2(&(0x7f0000000140)='gfs2\x00', &(0x7f0000000180)='./bus\x00', 0x7, 0x2, &(0x7f0000000300)=[{&(0x7f00000003c0)="aa3429a39cdeb00b81a4345a3da39d3ef3d56c176e78e579ac79ba6bc11595f2f2fa6fd26323c2b4f6330c46bbf5be7c26c583bfabb1e3563832e2a531f9212872555beeb9b25d00a6630bc9c69c7a31aae74842d36cab7c9b6c675066d71d9ddfe494b81d529dc1f7783c514302fac366671434674da4358fedb86bb67741f8c0f584a83772e7247a385209c072ee27f31f394d92f0c3023e5bb580576cf7732b3734ee8b9b2bf98ef71315070c32b8f0f6672acb7e1703c557c4e947866dadf4cdffd776da9a320f30e7e8844035af648ecabff5e9e3a59f6f90693f0dcecd17bab6af0e85da041a", 0xe9}, {&(0x7f0000000240)="669d80a130ce1ccddf7a89cf68300661e159812f80cec4bc34671a04010dbc3df95d76458e2c83a96f6e371923e38317f363951cbe78e2fae0a982d0", 0x3c, 0x10001}], 0x40, &(0x7f0000000680)={[{@data_writeback='data=writeback'}, {@nosuiddir='nosuiddir'}, {@lockproto_nolock='lockproto=lock_nolock'}, {@norecovery='norecovery'}], [{@dont_hash='dont_hash'}, {@dont_measure='dont_measure'}, {@euid_gt={'euid>', r3}}, {@dont_appraise='dont_appraise'}, {@pcr={'pcr', 0x3d, 0x38}}, {@fowner_eq={'fowner', 0x3d, r4}}, {@obj_user={'obj_user', 0x3d, ')ppp0'}}, {@subj_role={'subj_role', 0x3d, 'securityposix_acl_access\x9b\\vmnet1#'}}, {@appraise_type='appraise_type=imasig'}]})
creat(0x0, 0xf000000)
fallocate(0xffffffffffffffff, 0x4000000000000010, 0x0, 0x7fff)

22:36:59 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x10000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  306.327027] x86/PAT: syz-executor.2:20548 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:59 executing program 2 (fault-call:9 fault-nth:33):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  306.385393] x86/PAT: syz-executor.4:20698 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:36:59 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x6c00000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:36:59 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x11000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  306.606688] x86/PAT: syz-executor.2:20800 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  306.622063] x86/PAT: syz-executor.4:20697 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  306.639455] x86/PAT: syz-executor.4:20697 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:36:59 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x4000000, 0x0, 0x0, 0x0, 0x0)

22:36:59 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
close(r0)
inotify_init1(0x0)
io_setup(0x300, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x20000103, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

[  306.699966] FAULT_INJECTION: forcing a failure.
[  306.699966] name failslab, interval 1, probability 0, space 0, times 0
22:36:59 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7400000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  306.768837] x86/PAT: syz-executor.4:20923 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  306.819805] CPU: 1 PID: 20800 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  306.826788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  306.836154] Call Trace:
[  306.838758]  dump_stack+0x172/0x1f0
[  306.842404]  should_fail.cold+0xa/0x1b
[  306.846307]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  306.851424]  ? __lock_is_held+0xb6/0x140
[  306.855507]  __should_failslab+0x121/0x190
[  306.859776]  should_failslab+0x9/0x14
[  306.863583]  kmem_cache_alloc+0x47/0x700
22:37:00 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x6, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r4, 0xc018620c, &(0x7f0000000a40)={0x1})
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r5 = accept(r2, 0x0, &(0x7f0000000440))
ioctl$RTC_PLL_GET(r1, 0x80207011, &(0x7f00000000c0))
r6 = accept4$tipc(r5, &(0x7f0000000000), &(0x7f0000002080)=0xfffffffffffffe64, 0x800)
sendmsg(r6, &(0x7f0000000380)={&(0x7f0000000240)=@nfc_llcp={0x27, 0x0, 0x0, 0x7, 0x10, 0x80, "ac33d9c5069f43b4af05fc4a4d0083efa8b1bcad9a23f95887be643faa85e16e8240dde0d00b152ec442da8c9d0d193533987ec795cbae2b830952a793266b", 0x3b}, 0x80, &(0x7f0000000340)=[{&(0x7f00000002c0)="4b0c494bd56467423d4f7d505edf6be6fd194b83c281d1d6c26414ce0980c26cab4b30a12fb5e7e56210aeb34bb4001e51d36f38586e4ebbaa27e6f9f07f33b92ce3a79f8b4cb80cb2c6cdaf48d2da2997d0ee1d7e94335114cae8aecde6b1674c9880b380c7ef1ee7de7ad8885e8c8f4e5152dedc69c7c657c4a7", 0x7b}, {&(0x7f0000000180)="7d857126403a7c3c000c3deaeeed5285ebdefc128a8c36d659b628f44cdbd89ca502482e0a2247f890b532d3e03310d0a5c8e708ba8b11ecf8a84010a93e", 0x3e}], 0x2, &(0x7f0000003180)=ANY=[@ANYBLOB="800000000000000001010000070000006ba2af216531ef53756e00b61ed296e55e794329c5e46f96c2a717ebe2ec8e42d3c457b0ed8478b30e3721f29307cbbd26f912ff83badde8b7b6eb278293f8e604e877c1b2660911f85e900945db94721981f63df8cbc3b97cac682e4c92cd77b1dda13ae699486c6d9ab20d00000000000100000000000099a3c276090000007c46dd1685d0d3d1c3d91c44a3c1b84bc996a0b7f23793e2f4058e96343e44a4f8f671524fbf0a8c4455b973e5ea85e994f87e8aacef9cdc6b6ecd724cd7f437f7297fba7b2f0990bbd134959e5b5bb5fe948e4cdcc413b780f6573fa7fed11450295429b33abebf484755a20511d2ee94729d6fafe1ff6461f65c7c6fb3ad6dec1a0238d3d339cde2b528f8defa36e43e56270539ec8cdc5d76e7058ac9ba0e9df55e2384203c60c5e5f5d86e59779a58645d1e35cfd96ccc6cb7d368a0f314c7d59dc247625bfe40bf26b360f809fe507dc480d3b66dbeeda32b2b71b762545ff9e17fb2f798420c3d7b0000000000100000000000000001000000000000001010000000000000090100007f0000007ab4e7415baf47a6eefcefb859fa127ea2b12206c0292acf14befedc1f0cc594146c041e3575e35f45636e021b3b5df07bb9f22326816ea1125e39355195d119352834719251ad8b1fb982736a29c7a62f81ed0837da3176b4c2b3c957883f5d9d20db05e977da84303e2919d195a2036da8e85c054e88a8f7143c546d5d6a6f47f2655ecdc8dede3a7fba08ff01ffbfcbf76b009a2afd7544596676636b5d2479d36306462a77ca4bc96cf068c6cd982a2c347d3b4930aca0be927d70a2a5a47aac56aeeb02ac4d007c88793188fccf52e689baefa36ca77ee64a5d7a03fa9011aae39da722d8609cc4915d600ad8c25fb0005248dcf6bb4f664133344df1a97bee71c33fcf42719f6de05476dc820c2b6c47ef0d18d641b9ed7faa9641b1c96ac934b6fea72d1346d67164e5300524251db2e0b2a78e6555835c39c5d4b80a58aa0584f09e334c434c45d27ebe026bcb43ea65f1a374fb4f540929dd56a60d834606bddb089d0a92f8667582a351d6fd55131298cb6cdf13c773685e768d9874c0f8a7679192de616afa26d956f263edd29f55fbaa344dabaccb92fc36f9283f85729a0a2ae6cfa9daf7c2d2186af2b3c5b02819fdab6d228a716ac27d16f6ec53df6e3cfa91770143c3a44f5f361842e95b37ae4f63a3aa7ceb3b279e7517d18bba5cf4bc8622d077c444945e4251b816e4d02a84804e47a14f5b176ea7cd218335218ea8a1dcb127d49baacfa556079924409cac9cae2973d581488ba357a9eeb4aa4b0b5996686c4e78b395922f8deb9deb23bc94d03f724728c7398fff05a4d0a978f4b4cce0a4481368c738bb982f5b93f39ee6f03f134b6e4553c87d1fb3844515856162f83e0d6224f0d548bfa64cc7e706d7b2c990d4858148386542017348877c2ab24281c98ea3bc67095166e41e29d633a53d9aa04cbbaa70278c224432a6a93553072d1f36bcc4dc29a92d8ea9743ba09a925da44f4a117507128eca99a0f382dbac4ca443ff6481839ed4afe4bdc5a3888c3d973001bace7d0ba84829008c2e9e226484ea3d275e410e3c8c5487f132ca7b36ed27b0f283bb241c1c2afaa14fcb18b392b821e407d1f95501706abe55429a43a5453d507320025d470f4249fa9c2bb1ed060a455af63e33a9a34eb7b3d87cb2cac87cae25a4d97188450dfb1c3195d1cfa7339ffcefaf06f718856fb0043321d77c605a71b4a909f29b62360f855d2068c24ac75ff3ea67a2925eec7a045078e8a4a4d6b93f12f35c4b6f141a1e883af4bab5866c5d83f4e225f016e180359eba8e635cc7bfb357ebd5bd5d2276f1826c1e0bbe163b6a768835d51ba484a81057fd8c62d26070b0eb6ab212453293f8d227f29be7735d25a163640cd395a21fb403b98dfcf544977c16764fa304f387647187f41ebc50abfd43d435d9da4aeef78121364f9dc781d7967e6dc0dba573f9bf401ae43681d5443627a50f7256891e543538dbf325d9c43d6bfc3556855de7f5a47368b6095e95f55fa6eda41816ec14a57f5d2c81f88f9d60d4da834f41f75f27beffdebabe41b3c98e4a64d2e42ce716db6d1d72e42785c1274b622b07bc814b05b0794dcd4a8f47fee539f933a1b04ded1f09e29e12ee9db882e2709ef19c393605472bb0df7f0704e55990d063bcf345857202539e5a1aa4e3c2247db123569b1760ef0feadf73a34d628a3df0b272d33c35efefbc9d6f207e9cc3b6737bed61ab9106bd78d27189c40ec2687e536f2a012a75d06e28df8fbe15176bad58bf20964e5c28b5a6edaaf4e09e93d3201cf71baade94dda4ec0989e1086a24b445fe5ff9cb552b4cd11f0853384ac243d0b622f6c44b6ee42aa981bbbefacc1db9b6bb7ac8d4be81020e85c2941d8ee9b073f1745e528895828d450f099d012a3b03c16b680e4d178f929f55ba3d68a851aa7924fad7e83c54195a6317659c4ecc1dad6773735491431669e6a6d14dfad1bf25b3d695dc8dd9429b10eae63aabf6a8e35d3c8b4260a55090ff953b676d4a5fdadfb8b4f5ec7b24357a2a6078965cef343578f96c23cacba816e3fcfa127dc84fc169e1aa4d158329aa82f2ff3b79d2c7269c92811a8ae924ce15ac5a1751a7a1be856308e8e68ca74d49b72234dadb88841f57f55e3fc00ff4b4d2fa10b587e049a647fd72030f20e6630bb2dede3233862166cab3bf918d31f15f67b117185ed0aab6c0dd5e17519c4c0a71b5dfb8297f1c65afd2f1fd3f23da73fe86aab5ac001145eb35d1a6127849f82c9ef08f16ddce2f411f5b965ccb5c678ffd011e22608ba188ed40a4cc84506e45c9b3fda9c335e0faf93e0e0fe2638bb0ec36bad186a711d24138b1bf8e796def438ec7f16d3a762f116b8a3b34c6e6b327d7fbe02b53d46556cb29a2357fd3e0408d9a8e2b4a3d959df967bf7bc688085e57478e71c90da71aa07e2e4b162dd41ea07d46182d419d8eb471f24c7bbc22de24a24d2898dba9c4af801fd30ccc956d0648944d57eecd6e64e210eccbe5381eac731679604d8ad8bdb210022382347266f550accce7cf59912670165072ab2454bd24b11a682376dd0439d33d2e51e864db5513c2aa658d2288326623251404ca5ee0dfe0e29e508a8e8f62b013568f88cbbda641040828c7ebd9dfc686b10c1c18ab0df9790ed5fc008365543d6ff922b56420c0846cde188c76eb8da3a68f8bf6ce5fe62ca546672338b9631e49abb95373884222d9a7ffbab3ce133b020cd27777645eaed58299010dc979d6ef51280136e3ecbf3d73a4e2b835d4d58d1ea835eb38a56f376d8536bbd8d529a06dfaa513ab1f31811b6f31c144b4fcd3a66b9a4f063ee017326b424a34e70ba70819cf98f60cf61735070f256f630b62d0d47393f32837a68163515e34214510989642cf06ae95c68444e17cdbab3966306c787218fc8d51b103de3cf33ffbf49d238f37f6794105b5f8f88e23f80c43fd437b2dfcb48030c8950a6fbe0e716fcb27ff38bc676501f546e8ce5071a4c82889998044878aab50253aefe800adeabcbefbf7de417f9b74a0b0bf14f3862ecf61d3cc7d7f902f239ef5eb8d3d29efb10041d5868966480bf63a1436f886f9bda93ffe293442331f93358b59e08c85fa9be85546949fce3018f6cd693009d4f0704b62c28574ac7d18706708a3199f401b52f92019a069757b95181f648516d627cb2cbbbdf172b9cc2fc03bb2a340616d5d088a7c6df283bda777111a9b327e03f9fbeccb724ce35ea944a543444bef6a639fde30bdd4a0e823cc25bd2aa468e024b4991355b06602722c9208805707aeb291a05a991c0522f52b37b061da184071b8d0d12306b43517cb9bf08d7a4946d7c985eb81ef94aba5f73ba4478f1b3f3d79990af23dbea856ebf1d3a5162f1dda464d2c57e33c7795503f5babd13e7ae2ad124664f67879da83fd43446e93abb6e68f27e51d52abd05c0fb3512eba10e120b66927b6d29a859cc4494f15828867e63f2d3d6afb0a6c1451e09198a21347f64fbfa275cb319c5c21a7a003f6a6d56c2347f253c40a8e5cf4ab4aa92a37e9b1df4cbee7d199b44f7b3dad31cf2a9a546edd9798727380fdd376b4b012d9e4c1663951f08c85ca70f0e70aec5b803adde8ab08e5f0c616de197bd162f424559b454d672a5ad6a4fba24e5e989e0ef3d0d3ca95701f98c4b7e08fdb26c2a2feb9cf8071cc87486d291243576af3e8d867c5c6e9580dc45a872fa6525d4fbdd9caf1bc910353e60ada1981b5e0255d0f43272fd076829f2431972b3ad683a890f342db7d08e71bb489903b4f48f5ceb1d826534c19ee7108fd7b0a8742b20ed9b29b1057aeb35c1b8f6b80221d55b9499e881b6a1dfcbb69d50e6912789f1b09ac6dcad98e8f35f95514ffcb4e569d0b2637cf5b17167bf0b14fa7d57064c97252ecb37615f1baf51b991e9bfba96b0d6f3b4594cade0badea4701376bda0e29c489b011b62ca7ffd9dd5ffcaf4cfb2e2a5606078209825234a1fabbfb5ca6e2fc625d5786fd612e1f81331a127d471d76b4e5b6dda6f0eec35f286535c06a3aaf8dc53d4e3d4e58ff6a84cf3d931fab88353d73f5892fbf7e43ad76d66dece4c5323713ccb7b60800ca73f241c8b25db8faae9132eb76b32f9843251dc04a12a8567ddf3678f5ccb73a178241843639304ddcf7832bdc46eb3af1156888668782aa4a5a004e053da3ed0984d0888ad85e9d1dffec5a59545633b3103d5c9233e2a87a5829c552a65ba8b4804196796156d8c4ae1506258639b0c0d00ac8384a1d6c9cc5d391f0ffeef49416691b1aaf017ad2d1c8c1c21604ceea4c550c8b8cc3d963fb676563a872349717b9f342f469f1c61a0cc198bb51ba6ff89ec294f17eeaf87cd2b3a5de74db42fdb1a13113054355b01c908cbd23caccdc454966f9fdc373cd87765a3f69010d5934605bbea88d245eafc2bd4c2c761e35e11677e111c1872dff7b53a0af664d9ad156a7c9cd703b1d0393ce95227c9bd6e7661e4da20562d9ec088f71557df6dbc32bb41ae673eceeffcf3dacac46163d45e482ef08b1bfa87fcb9805592f925b095161ce4c4993a367c4a98c6d4a3f66d38e6254c91b2f2052d364346dd7e893359b6cd55b1178f1dac9ea843d86e38a04e9266da43255cd9531baaf1674ff08c6d87a117171b8b5b34599ee7bf97bd7c977f4cc4b11d1808525dc518284f107a10f552915df4480f822ce39b7dc460fb7d5fdee6233ca55aa42bbedd05085bd4e3bcdba294d450f924da4562e1cb1b2617b1484ffb9b96aa2d686a7564165c786b157d63442583eab932445876b38783443891f47589eda8a57c2972a8c72cd81dd45a23818c8093682ce8841aa2149f67838a42c2ac7c21b64c1ed175597ad532e84940288bc3f7fdcf652d17de22c9c2d6563a8abb03a2b4e273d17311553d1658f0b254524b531af8a174906a568c9f5362601845c605a1ecdaa57e13d812e86eb1a4f78ac610cc88693ccb0fc065380ae142cd8f1af6ad096a1bf5509240f3a2256bb8029d8f87277a6ea078a68912d5ffdbbbbcbb904b9823ddb847d4c5f534f536a6811bedbde09000000000000004237d18f386d464bc92ae26c5d87a5313654c727e2e05bd0c8f49e90218f868786eb26c51219a0834c934ac3321acd7b2b16fed18b822b65ed8a76418ebbd3113e1bb0973ebfa30f3c97791f83f26c7637f2110e73ab9b231313519984109015cec38d30959abddb61426383a7d3ea288b3ee881dae353a722e4b8e331dcf7ba288158765544b6da1c6054dfd7178cf7ec0ef0cc0960fde89a54b33666f7694947a1ccac722430854f3a7d97a077be71bf03963ca160f328b4ef26f3b725e74cd48d20b25199699b3adc11c38cc031079a948818c6f07ea77d42e8d5924f09922a2b077a29a9a39078d0d57c6393baf3fbac464f5e337dae46ef871beb51dbc2a7196e998864913f12e6096dc8cbcad0099d494a81123730d007b0c5f66171cb9edb861df478111580de699e99e7680098f75ddf7bc65e3a71c78cc69afc91c2487627d05210a708b7700f674930cb28bb6cfaf41836e27148f473bf2e3ac76a659a26db641eed5611e464d757d34c5ecff710d34028e86231905e1436084ffead8bf8a2ec7dbad94f79251eabb88e4e915cc4b0b400d8da1fa3cc8c580b5a161633678fa794b8bf7fc4e02604e8d4aeeb7fba95b6a9a6fe0d91e49fe097eff715ec2d5effbdc5b416cb45bda00b546be1d615dcf1d17560ee0c59f4ef28ed976b433f3953f13e3000000000000000ef00000020000000fc30a2afb9514a589dd0c59c1ad7c6dcf7911bfb952c18d3df9700000000000010010000000000001401000001000000ebe3cdd28f5cbaea069b9422595cb0f6ecea89bc6ae6f4062b14c8fd54b328987f7fe1774d4b0a12fa4fe116b2df398e2def203a3ca5a496ae640d600de332615e81ab9b2b60d047d46bfebe2cc109bcbfeeb54baf758567dd5ad24af6bd23ece1ab34f57c53912e03837a14ab5c832418e2a863c6bab4d97fc9cc6a41f302705710147198c24f7fc48292092742da3a43b7cbd3d15e653794fda37279b04f307384084171158b73cac07b35fd6e08425264e799ceaf779a97c67ced394d6b21a7ab91c143eb300c7b20d9a55b0f499950dad9fb98cadaf593adfd3a6afbe34f60e1a768255878f2a29d49f4b108000000000000009088ea8467000000000000f80000000000000015010000070000000c6d4e3c2a79926010ba65ef0af498c5bf29d485599a7d625a91e64987c11e107544a3115c162dc6d1ff68365bedbcf7fa854c679d206d020744aa6e6f607f6eaba9586445998f52b24cf05732b9a009d9444ab681ced56e93b54d0e6dd0def2caa7d638e94b1b1dfc8142ed8dc0c6ccf13c7cae93cb209918722d04e4a4a8052065350c3952c95808e558f189462ee72c2f03a6f9279ac9b037a8b53883f3cd9b824cf07718d5b6989f854b94c2c96e062da05a85fc2bb460bfec5a2f29e657d8b1ea016cf982cb358dcf433c6691360d0deab7dd5210599ddcbecec2ca42997cf500b18cf60000c800000000000000000000000600000035210f398fc857f7d1803d31933eef48826ad99bb42ac520734eda914cb43d8e294ca6a22e681f77f485b88f53bf8d3615305504e0b1c82523310cca7611b2380da5e652caad618664a2c4055033b499ef8ca047fdca3840e19e4b1e8abad864a421e3524f286762e10e07db5dce4dc26336f440a26b5791d87aa9543a8199db477dd06fb8692d936a478b55e8dca2dc7ed0750adc83283dd6bd16c4b248b208130398976abbfd658468b6a0c6f445ec14ee390000000000a8000000000000000f01000004000000563dc358a538d2224dca32eb31b34e173dde1a63b1c47268a48f7a1b73c6d9f9f55199ccb35a597c0df464f8dc4f08bef89b5e4fe825fb951de32bfb41f563c06db4122c44312411fea1604ed83804d15ecfb1a32a518bf3aff0c680f7d7c959badc82cfd5fb4360bc86635f7fe60d6c8de3ea399540f309421b0fbe5fae2200bcc8a11014a465c259304b7caaff6d145aa6000000000000c0000000000000007289c9af0200000089b7df0996986f55ac2e312d2683c211c4aea0e5d2f35e0ecbe288781c47fe11cff6940cec37bb4eda20cdb123bfc3301558920e20ea8f2c85e62fff92d27ee743a4d49d61cb38132b4985f3a0802b852431b75eb26b68dd31fa0db0b274bfe85966fe1f315ea4ba8e3b56719bc63329e0708520e599908e84ed3f494c75d9be7415e42e1a961245909301bc02a71f576a81fe16b6cfd8edac22d516d9bdea659537a625ca62f6e14c955fcd1a512b7c937abd91d4969d3e06b0d9e51431031439cef5ff978ed4d0e21035bfdc4d2b774adeeee75ba082d2e0fefa3b7d0cfc7a9e1dcc8463d46c9f468215443d0765597d9923d2909534fdebcde112278ecb3a2877a230136e35698d1f3ae6188dc3ac6ed5e63e936c41804eeb3f012f0a6b823ae01f71e680cd6a6d22c038237718d584b928463e87c093cd033209f67eee85824c87b246"], 0x1608}, 0x4000020)
r7 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r8, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
fcntl$getflags(0xffffffffffffffff, 0xb)

22:37:00 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x20000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  306.867660]  ? anon_vma_chain_link+0x154/0x1c0
[  306.872256]  anon_vma_clone+0xde/0x480
[  306.876166]  anon_vma_fork+0x8f/0x4a0
[  306.879978]  ? dup_userfaultfd+0x15e/0x6c0
[  306.884218]  ? memcpy+0x46/0x50
[  306.887514]  copy_process.part.0+0x34e5/0x7a30
[  306.892142]  ? __cleanup_sighand+0x70/0x70
[  306.896379]  ? lock_downgrade+0x880/0x880
[  306.896407]  ? kasan_check_write+0x14/0x20
[  306.896419]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  306.896439]  _do_fork+0x257/0xfd0
[  306.904907]  ? fork_idle+0x1d0/0x1d0
[  306.904924]  ? fput+0x128/0x1a0
22:37:00 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x2c010000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  306.904937]  ? ksys_write+0x1f1/0x2d0
[  306.904957]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  306.904969]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  306.904986]  ? do_syscall_64+0x26/0x620
[  306.937488]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  306.942875]  ? do_syscall_64+0x26/0x620
[  306.946863]  __x64_sys_clone+0xbf/0x150
[  306.950861]  do_syscall_64+0xfd/0x620
[  306.954691]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  306.959912] RIP: 0033:0x459a59
22:37:00 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x3f000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  306.963119] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  306.982039] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  306.989871] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  306.997150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  307.004433] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  307.011709] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  307.018986] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:00 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$sock_inet6_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000000))
setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f0000000080)={@pptp={0x18, 0x2, {0x3, @multicast2}}, {}, &(0x7f0000000040), 0x62}, 0xa0)
unshare(0x8000000)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000000340)={0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'lblcr\x00'}, 0x2c)

[  307.105094] x86/PAT: syz-executor.4:20922 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:00 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x40000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:00 executing program 2 (fault-call:9 fault-nth:34):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:00 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x8000000, 0x0, 0x0, 0x0, 0x0)

[  307.151808] x86/PAT: syz-executor.4:20922 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:00 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0x7a00000000000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  307.235456] x86/PAT: syz-executor.2:20974 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  307.248158] x86/PAT: syz-executor.2:20974 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:00 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
close(r0)
syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r1)
r3 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r3, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r4, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x2, 0x0, 0x0, 0xe1)
r5 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r5, 0x8, 0x6, 0xfffffffffffffff7, 0x1})

22:37:00 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x60000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:00 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=<r2=>0x0)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000000c0)=r2)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x80000, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:00 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xbcefff7f00000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  307.368613] x86/PAT: syz-executor.4:21136 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:00 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={<r7=>r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8)

[  307.456567] x86/PAT: syz-executor.2:21176 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  307.514939] FAULT_INJECTION: forcing a failure.
[  307.514939] name failslab, interval 1, probability 0, space 0, times 0
22:37:00 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0, 0xfaeeff7f00000000}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  307.611092] x86/PAT: syz-executor.4:21110 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  307.630649] CPU: 1 PID: 21185 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  307.637632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  307.646998] Call Trace:
[  307.649600]  dump_stack+0x172/0x1f0
[  307.653248]  should_fail.cold+0xa/0x1b
[  307.657246]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  307.662364]  ? lock_downgrade+0x880/0x880
[  307.663783] x86/PAT: syz-executor.4:21110 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  307.666530]  __should_failslab+0x121/0x190
[  307.666547]  should_failslab+0x9/0x14
[  307.666561]  kmem_cache_alloc+0x2ae/0x700
[  307.666574]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  307.666591]  ? __vm_enough_memory+0x324/0x5a0
[  307.696897]  vm_area_dup+0x21/0x170
[  307.700529]  copy_process.part.0+0x3407/0x7a30
[  307.705140]  ? __cleanup_sighand+0x70/0x70
[  307.709376]  ? lock_downgrade+0x880/0x880
[  307.713538]  ? kasan_check_write+0x14/0x20
[  307.717775]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  307.722634]  _do_fork+0x257/0xfd0
[  307.726101]  ? fork_idle+0x1d0/0x1d0
[  307.729820]  ? fput+0x128/0x1a0
[  307.733103]  ? ksys_write+0x1f1/0x2d0
[  307.736913]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  307.741674]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  307.746433]  ? do_syscall_64+0x26/0x620
[  307.750419]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  307.755788]  ? do_syscall_64+0x26/0x620
22:37:00 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uhid\x00', 0xd1aa0e20b18cafbc, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000240)={0x8, 0x120, 0xfa00, {0x1, {0x7, 0xffff, "1f36f150c68de4e4aac56236e77961bfabb480a89e4c09239ef84bf11ce23ed4b2068087773e53f12b5bc9131c2919d7d4d67849ee1c04c0e20cc987fd0c9552ae85bc58b9f082db7d8d8700b7b151a8ea0dd64095d2dbd27b3fb4d34bff78c64a8216a4fed1d415ee460bcb630851763ce8b02456d3eb7b3f2d61c185c9d3d7ab57523de7bbe2cbdae2e4495f854ea840b069cef6a6c473bc00fec909b3b0e372d8c98d6d444adfa6be8bcdce1964f5db4e89e2de8a269f89200e4d9108ce1df9bba83d2986103bd344ccf8b1ca066be624cd3aef7a8ccfe362e7e020160435478d9c83aa44809dcfa409b157a5a245cf5209b5dd5c9487bb7f55dfa11ad656", 0x43, 0x3, 0x47, 0x0, 0x1, 0xff, 0x1}, r4}}, 0x128)
open(0x0, 0x141042, 0x0)

[  307.759771]  __x64_sys_clone+0xbf/0x150
[  307.763751]  do_syscall_64+0xfd/0x620
[  307.767561]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  307.772752] RIP: 0033:0x459a59
[  307.775957] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  307.794871] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  307.802593] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
22:37:01 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x8dffffff, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:01 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x10000200, 0x0, 0x0, 0x0, 0x0)

[  307.809873] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  307.817175] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  307.824457] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  307.831732] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  307.908020] x86/PAT: syz-executor.2:21185 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  307.965909] x86/PAT: syz-executor.4:21404 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  307.994534] x86/PAT: syz-executor.2:21185 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:01 executing program 2 (fault-call:9 fault-nth:35):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:01 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={<r7=>r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8)

22:37:01 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xc0050000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:01 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x2}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  308.120393] x86/PAT: syz-executor.4:21401 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  308.180276] x86/PAT: syz-executor.2:21591 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  308.183017] x86/PAT: syz-executor.4:21401 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:01 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xc4050000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:01 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x11000000, 0x0, 0x0, 0x0, 0x0)

22:37:01 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x4}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  308.287063] FAULT_INJECTION: forcing a failure.
[  308.287063] name failslab, interval 1, probability 0, space 0, times 0
[  308.342162] CPU: 0 PID: 21624 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  308.349175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  308.358536] Call Trace:
[  308.361156]  dump_stack+0x172/0x1f0
[  308.364802]  should_fail.cold+0xa/0x1b
[  308.368706]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  308.373820]  ? find_held_lock+0x35/0x130
[  308.377894]  ? percpu_ref_put_many+0x94/0x190
[  308.382405]  __should_failslab+0x121/0x190
[  308.386699]  should_failslab+0x9/0x14
[  308.390536]  kmem_cache_alloc+0x47/0x700
[  308.394597]  ? __lock_is_held+0xb6/0x140
[  308.398674]  anon_vma_clone+0xde/0x480
[  308.402553]  anon_vma_fork+0x8f/0x4a0
[  308.406350]  ? dup_userfaultfd+0x15e/0x6c0
[  308.410634]  ? memcpy+0x46/0x50
[  308.413951]  copy_process.part.0+0x34e5/0x7a30
[  308.418540]  ? __cleanup_sighand+0x70/0x70
[  308.422775]  ? finish_task_switch+0x146/0x7c0
[  308.427267]  ? lockdep_hardirqs_on+0x415/0x5d0
[  308.431836]  ? trace_hardirqs_on+0x67/0x220
[  308.436152]  ? kasan_check_read+0x11/0x20
[  308.440297]  _do_fork+0x257/0xfd0
[  308.443734]  ? fork_idle+0x1d0/0x1d0
[  308.447437]  ? pci_mmcfg_check_reserved+0x170/0x170
[  308.452452]  ? prepare_exit_to_usermode+0x293/0x2f0
[  308.457476]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  308.462229]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  308.466987]  ? do_syscall_64+0x26/0x620
[  308.470948]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  308.476313]  ? do_syscall_64+0x26/0x620
[  308.480294]  __x64_sys_clone+0xbf/0x150
[  308.484267]  do_syscall_64+0xfd/0x620
[  308.488069]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  308.493242] RIP: 0033:0x459a59
[  308.496426] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  308.515329] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  308.523040] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  308.530317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:37:01 executing program 3:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:01 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={<r7=>r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8)

[  308.537588] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  308.544858] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  308.552122] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  308.665422] x86/PAT: syz-executor.4:21639 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:01 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x6}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:01 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xf5ffffff, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  308.752489] x86/PAT: syz-executor.2:21591 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  308.791901] x86/PAT: syz-executor.2:21591 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  308.820337] x86/PAT: syz-executor.4:21636 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:02 executing program 2 (fault-call:9 fault-nth:36):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:02 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfc000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  308.875395] x86/PAT: syz-executor.4:21636 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:02 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x8}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:02 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={<r7=>r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8)

22:37:02 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x1e550000, 0x0, 0x0, 0x0, 0x0)

22:37:02 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000000)={0x9, 0x9, 0x9, 0xfff, 0x14, 0x9, 0x88, 0x8f, 0xc5e, 0x7f, 0x4, 0xde88})
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  309.093576] x86/PAT: syz-executor.2:21855 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:02 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfe800000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  309.161861] x86/PAT: syz-executor.4:21864 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  309.170206] FAULT_INJECTION: forcing a failure.
[  309.170206] name failslab, interval 1, probability 0, space 0, times 0
[  309.203285] CPU: 0 PID: 21871 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  309.210278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  309.219736] Call Trace:
[  309.222350]  dump_stack+0x172/0x1f0
[  309.226002]  should_fail.cold+0xa/0x1b
[  309.226023]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  309.226045]  ? __lock_is_held+0xb6/0x140
[  309.235024]  ? __lock_is_held+0xb6/0x140
[  309.235050]  __should_failslab+0x121/0x190
[  309.235068]  should_failslab+0x9/0x14
[  309.235082]  kmem_cache_alloc+0x47/0x700
[  309.235098]  ? anon_vma_chain_link+0x154/0x1c0
[  309.235119]  anon_vma_clone+0xde/0x480
[  309.263784]  anon_vma_fork+0x8f/0x4a0
[  309.267608]  ? dup_userfaultfd+0x15e/0x6c0
[  309.271862]  ? memcpy+0x46/0x50
[  309.275171]  copy_process.part.0+0x34e5/0x7a30
[  309.279806]  ? __cleanup_sighand+0x70/0x70
[  309.284051]  ? lock_downgrade+0x880/0x880
[  309.288231]  ? kasan_check_write+0x14/0x20
[  309.292482]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  309.297346]  _do_fork+0x257/0xfd0
[  309.300823]  ? fork_idle+0x1d0/0x1d0
[  309.304557]  ? fput+0x128/0x1a0
[  309.307854]  ? ksys_write+0x1f1/0x2d0
[  309.311680]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  309.316453]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  309.321226]  ? do_syscall_64+0x26/0x620
[  309.325218]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  309.330609]  ? do_syscall_64+0x26/0x620
[  309.334606]  __x64_sys_clone+0xbf/0x150
[  309.338605]  do_syscall_64+0xfd/0x620
[  309.342434]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  309.347637] RIP: 0033:0x459a59
22:37:02 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0xa}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:02 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={<r7=>r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8)

[  309.350844] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  309.358378] x86/PAT: syz-executor.4:21863 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  309.369770] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  309.369786] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  309.369795] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:37:02 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfec00000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  309.369803] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  309.369812] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  309.369820] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  309.447657] x86/PAT: syz-executor.2:22074 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:02 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0xec, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd3, 0x10001}, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200)
fchmodat(r2, &(0x7f00000000c0)='./file0/file0\x00', 0x110)
write$FUSE_POLL(r0, &(0x7f0000000180)={0x18, 0x0, 0x7, {0x8}}, 0x18)

[  309.510553] x86/PAT: syz-executor.2:22074 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:02 executing program 2 (fault-call:9 fault-nth:37):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:02 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xff000000, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:02 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0xc}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  309.634756] x86/PAT: syz-executor.4:21863 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:02 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={<r7=>r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r7}, &(0x7f0000000140)=0x8)

22:37:02 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x1f000000, 0x0, 0x0, 0x0, 0x0)

22:37:02 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xffffff7f, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  309.762123] x86/PAT: syz-executor.2:22102 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:03 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0xe}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  309.815784] FAULT_INJECTION: forcing a failure.
[  309.815784] name failslab, interval 1, probability 0, space 0, times 0
[  309.847956] x86/PAT: syz-executor.4:22161 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  309.944170] audit: type=1400 audit(1570833423.103:102): avc:  denied  { sys_admin } for  pid=22160 comm="syz-executor.4" capability=21  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
[  309.995700] CPU: 1 PID: 22195 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  310.002695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  310.012334] Call Trace:
[  310.014949]  dump_stack+0x172/0x1f0
[  310.018606]  should_fail.cold+0xa/0x1b
[  310.022522]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  310.027651]  ? __lock_is_held+0xb6/0x140
[  310.031760]  __should_failslab+0x121/0x190
[  310.036010]  should_failslab+0x9/0x14
[  310.039853]  kmem_cache_alloc+0x47/0x700
22:37:03 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)

22:37:03 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f00000000c0))
r2 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
openat$cgroup_procs(r2, &(0x7f0000000000)='tasks\x00', 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r4, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  310.043932]  ? anon_vma_chain_link+0x154/0x1c0
[  310.048542]  anon_vma_clone+0xde/0x480
[  310.052454]  anon_vma_fork+0x8f/0x4a0
[  310.056271]  ? dup_userfaultfd+0x15e/0x6c0
[  310.060520]  ? memcpy+0x46/0x50
[  310.063816]  copy_process.part.0+0x34e5/0x7a30
[  310.068437]  ? __cleanup_sighand+0x70/0x70
[  310.072684]  ? lock_downgrade+0x880/0x880
[  310.076853]  ? kasan_check_write+0x14/0x20
[  310.081115]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  310.081140]  _do_fork+0x257/0xfd0
[  310.089433]  ? fork_idle+0x1d0/0x1d0
22:37:03 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xffffff8d, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  310.089449]  ? fput+0x128/0x1a0
[  310.089465]  ? ksys_write+0x1f1/0x2d0
[  310.089483]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  310.089499]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  310.105027]  ? do_syscall_64+0x26/0x620
[  310.105044]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  310.105058]  ? do_syscall_64+0x26/0x620
[  310.105080]  __x64_sys_clone+0xbf/0x150
[  310.119191]  do_syscall_64+0xfd/0x620
[  310.119212]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  310.119225] RIP: 0033:0x459a59
22:37:03 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)

[  310.139449] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  310.158370] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  310.166103] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  310.173392] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.180673] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  310.187975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  310.195263] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:03 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x10}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  310.246844] x86/PAT: syz-executor.2:22227 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:03 executing program 2 (fault-call:9 fault-nth:38):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:03 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0xfffffff5, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  310.385186] x86/PAT: syz-executor.4:22160 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  310.390979] x86/PAT: syz-executor.2:22227 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  310.406020] x86/PAT: syz-executor.4:22160 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:03 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x3f000000, 0x0, 0x0, 0x0, 0x0)

22:37:03 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x12}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:03 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000000000)={r6, 0x0, 0x7, [0x0, 0x5, 0x5, 0x5, 0x400, 0x4b5c, 0x6]}, &(0x7f00000000c0)=0x16)

22:37:03 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x10}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  310.650464] x86/PAT: syz-executor.4:22451 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:03 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000280)='/selinux/policy\x00', 0x0, 0x0)
read$FUSE(r2, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
getsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a40)=[{{&(0x7f0000000ac0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/45, 0x2d}], 0x1, &(0x7f00000002c0)=""/138, 0x8a}, 0x6}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000180)=""/17, 0x11}], 0x1}, 0x2}], 0x2, 0x2, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  310.723442] x86/PAT: syz-executor.2:22452 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  310.740109] FAULT_INJECTION: forcing a failure.
[  310.740109] name failslab, interval 1, probability 0, space 0, times 0
[  310.754481] CPU: 0 PID: 22452 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  310.761452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  310.770828] Call Trace:
[  310.773441]  dump_stack+0x172/0x1f0
[  310.777090]  should_fail.cold+0xa/0x1b
[  310.781000]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  310.786112]  ? lock_downgrade+0x880/0x880
[  310.790278]  __should_failslab+0x121/0x190
[  310.794528]  should_failslab+0x9/0x14
[  310.798334]  kmem_cache_alloc+0x2ae/0x700
[  310.802490]  ? anon_vma_clone+0x320/0x480
[  310.806655]  anon_vma_fork+0xfc/0x4a0
[  310.810460]  ? dup_userfaultfd+0x15e/0x6c0
[  310.810473]  ? memcpy+0x46/0x50
[  310.810492]  copy_process.part.0+0x34e5/0x7a30
22:37:03 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000180)={r6, 0x42, 0x9, 0x4, 0x2, 0x9, 0x0, 0x1, {0x0, @in6={{0xa, 0x4e20, 0x7, @rand_addr="0b3637a357840fa6723e1d39bf0c3cd0"}}, 0x6, 0x2, 0x3988, 0x0, 0x64c}}, &(0x7f0000000240)=0xb0)

[  310.822577]  ? __cleanup_sighand+0x70/0x70
[  310.826825]  ? lock_downgrade+0x880/0x880
[  310.830993]  ? kasan_check_write+0x14/0x20
[  310.835237]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  310.840095]  _do_fork+0x257/0xfd0
[  310.843562]  ? fork_idle+0x1d0/0x1d0
[  310.847291]  ? fput+0x128/0x1a0
[  310.850590]  ? ksys_write+0x1f1/0x2d0
[  310.854408]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  310.859168]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  310.863934]  ? do_syscall_64+0x26/0x620
[  310.867922]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  310.873298]  ? do_syscall_64+0x26/0x620
[  310.877282]  __x64_sys_clone+0xbf/0x150
[  310.881265]  do_syscall_64+0xfd/0x620
[  310.885079]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  310.890278] RIP: 0033:0x459a59
[  310.893474] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  310.912385] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
22:37:04 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r6}, 0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000080)={r6, 0x20, 0x0, 0x6}, 0x10)

22:37:04 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:04 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x14}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  310.920220] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  310.927499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.934782] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  310.942058] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  310.942068] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:04 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x2]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  311.118054] x86/PAT: syz-executor.4:22450 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  311.173057] x86/PAT: syz-executor.4:22450 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  311.262786] x86/PAT: syz-executor.2:22452 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  311.278467] x86/PAT: syz-executor.2:22452 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:04 executing program 2 (fault-call:9 fault-nth:39):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:04 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x16}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:04 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x40000000, 0x0, 0x0, 0x0, 0x0)

22:37:04 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x3]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:04 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r5}, 0x8)

[  311.411378] x86/PAT: syz-executor.4:22691 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:04 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x18}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:04 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
accept(r0, &(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000180)=0x80)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='bpf\x00', 0x2000000, &(0x7f00000002c0)=ANY=[@ANYBLOB="6d6f64653d303030303030303030306c691fd06acac6a6f3ed3f60c8cf303030303030303030303230302c6d6f64653d30303030303030303030303030303030303134343432312c6d6f64653d30313737373737373737373737373737373737373035332c7063723d30303030303030303030303030303030303033302c00"])
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$TIOCGICOUNT(r4, 0x545d, 0x0)

[  311.498598] x86/PAT: syz-executor.2:22698 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:04 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r5}, 0x8)

[  311.550575] IPVS: ftp: loaded support on port[0] = 21
22:37:04 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x4]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:04 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x1a}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  311.665764] FAULT_INJECTION: forcing a failure.
[  311.665764] name failslab, interval 1, probability 0, space 0, times 0
[  311.734751] CPU: 1 PID: 22704 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  311.741850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  311.751208] Call Trace:
[  311.753814]  dump_stack+0x172/0x1f0
[  311.757466]  should_fail.cold+0xa/0x1b
[  311.761377]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  311.766496]  ? lock_downgrade+0x880/0x880
[  311.770670]  __should_failslab+0x121/0x190
[  311.774917]  should_failslab+0x9/0x14
[  311.778725]  kmem_cache_alloc+0x2ae/0x700
[  311.782883]  ? anon_vma_clone+0x320/0x480
[  311.787050]  anon_vma_fork+0x1ea/0x4a0
[  311.790948]  ? dup_userfaultfd+0x15e/0x6c0
[  311.795193]  copy_process.part.0+0x34e5/0x7a30
[  311.799809]  ? __cleanup_sighand+0x70/0x70
[  311.804043]  ? lock_downgrade+0x880/0x880
[  311.808206]  ? kasan_check_write+0x14/0x20
[  311.812449]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  311.817309]  _do_fork+0x257/0xfd0
[  311.820769]  ? fork_idle+0x1d0/0x1d0
[  311.824491]  ? fput+0x128/0x1a0
[  311.827776]  ? ksys_write+0x1f1/0x2d0
[  311.831586]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  311.836603]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  311.841361]  ? do_syscall_64+0x26/0x620
[  311.845337]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  311.850702]  ? do_syscall_64+0x26/0x620
[  311.854683]  __x64_sys_clone+0xbf/0x150
[  311.858664]  do_syscall_64+0xfd/0x620
[  311.862471]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  311.867662] RIP: 0033:0x459a59
22:37:05 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0}}], 0x1, 0x4100, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:05 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r5=>0x0]}, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340)={r5}, 0x8)

[  311.870863] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  311.889854] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  311.897579] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  311.904851] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  311.904859] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  311.904867] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  311.904874] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:05 executing program 2 (fault-call:9 fault-nth:40):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:05 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x5]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  312.055734] x86/PAT: syz-executor.2:22698 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  312.072670] x86/PAT: syz-executor.2:22698 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  312.226570] x86/PAT: syz-executor.4:22691 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  312.250474] x86/PAT: syz-executor.2:22975 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  312.267420] FAULT_INJECTION: forcing a failure.
[  312.267420] name failslab, interval 1, probability 0, space 0, times 0
[  312.272251] x86/PAT: syz-executor.4:22691 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  312.285347] CPU: 0 PID: 22975 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  312.294379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  312.303742] Call Trace:
[  312.306346]  dump_stack+0x172/0x1f0
[  312.309993]  should_fail.cold+0xa/0x1b
[  312.313893]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  312.313909]  ? __lock_is_held+0xb6/0x140
[  312.313931]  __should_failslab+0x121/0x190
[  312.313943]  should_failslab+0x9/0x14
[  312.313953]  kmem_cache_alloc+0x47/0x700
[  312.313965]  ? anon_vma_chain_link+0x154/0x1c0
[  312.313978]  anon_vma_clone+0xde/0x480
[  312.313992]  anon_vma_fork+0x8f/0x4a0
[  312.314004]  ? dup_userfaultfd+0x15e/0x6c0
[  312.351805]  ? memcpy+0x46/0x50
[  312.355184]  copy_process.part.0+0x34e5/0x7a30
[  312.359792]  ? __cleanup_sighand+0x70/0x70
[  312.364059]  ? lock_downgrade+0x880/0x880
[  312.368228]  ? kasan_check_write+0x14/0x20
[  312.372476]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  312.377339]  _do_fork+0x257/0xfd0
[  312.380803]  ? fork_idle+0x1d0/0x1d0
[  312.384522]  ? fput+0x128/0x1a0
[  312.387816]  ? ksys_write+0x1f1/0x2d0
[  312.391626]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  312.396391]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  312.401159]  ? do_syscall_64+0x26/0x620
[  312.405140]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  312.410509]  ? do_syscall_64+0x26/0x620
[  312.414495]  __x64_sys_clone+0xbf/0x150
[  312.418484]  do_syscall_64+0xfd/0x620
[  312.422296]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  312.427496] RIP: 0033:0x459a59
[  312.430693] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  312.449595] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  312.457343] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  312.464608] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:37:05 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x6b6b6b00, 0x0, 0x0, 0x0, 0x0)

22:37:05 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x1c}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:05 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, 0x0)

22:37:05 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x6]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  312.471873] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  312.479133] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  312.486396] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:05 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x20)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x4, 0x3, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lsetxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@loopback, @in6=@mcast2}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, 0x0)
rmdir(0x0)
open(0x0, 0x8040, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x2)
getpgrp(0x0)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="3c010000100013070000ea54797a73449e3da443cf7e000000000000fe8000"/76, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff0200000000000000accf3748000000000000010000000032000000e0000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff0002000000000000000000469496bbbd8b457bc2549d13feb28100004c001200726663343130362867636d28616573292900"/259], 0x13c}}, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000000))
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)

[  312.588890] x86/PAT: syz-executor.2:22975 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:05 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x1e}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:05 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x7]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  312.638572] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.3'.
[  312.658157] x86/PAT: syz-executor.2:22975 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:05 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)

22:37:05 executing program 2 (fault-call:9 fault-nth:41):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:06 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x75970000, 0x0, 0x0, 0x0, 0x0)

22:37:06 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x22}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  312.928914] x86/PAT: syz-executor.4:23269 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  312.947945] x86/PAT: syz-executor.2:23268 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:06 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x8]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  313.011486] FAULT_INJECTION: forcing a failure.
[  313.011486] name failslab, interval 1, probability 0, space 0, times 0
22:37:06 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)

22:37:06 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x8, 0x9, 0x1e, 0x8, "efb2b8625788033e2cde023630c3905ce5cb1c2550e1f18b2bcfdaef5d746cc6c0adf1e167fd0f2cf4a3c60a915fa61fda8de6bd4980f0d28fa341162d098a58", "389f453b6d8065f08442f7118c2dce3b3810e23b62bc4de369e9c6c1cbb781eb", [0xfff, 0x8]})
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  313.181308] x86/PAT: syz-executor.4:23266 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:06 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x24}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  313.222499] x86/PAT: syz-executor.4:23266 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  313.232311] CPU: 1 PID: 23274 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  313.239274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  313.248636] Call Trace:
[  313.251241]  dump_stack+0x172/0x1f0
[  313.254890]  should_fail.cold+0xa/0x1b
[  313.258801]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  313.263917]  ? lock_downgrade+0x880/0x880
[  313.268086]  __should_failslab+0x121/0x190
[  313.272336]  should_failslab+0x9/0x14
[  313.276143]  kmem_cache_alloc+0x2ae/0x700
[  313.280297]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  313.285851]  ptlock_alloc+0x20/0x70
[  313.289499]  pte_alloc_one+0x6d/0x1a0
[  313.293302]  __pte_alloc+0x2a/0x360
[  313.296933]  copy_page_range+0x151f/0x1f90
[  313.296945]  ? anon_vma_fork+0x371/0x4a0
[  313.296961]  ? find_held_lock+0x35/0x130
[  313.296973]  ? anon_vma_fork+0x371/0x4a0
[  313.296993]  ? vma_compute_subtree_gap+0x158/0x230
[  313.318301]  ? vma_gap_callbacks_rotate+0x62/0x80
[  313.323161]  ? pmd_alloc+0x180/0x180
[  313.326889]  ? __vma_link_rb+0x279/0x370
[  313.330964]  copy_process.part.0+0x543d/0x7a30
[  313.335583]  ? __cleanup_sighand+0x70/0x70
[  313.339825]  ? lock_downgrade+0x880/0x880
[  313.343993]  ? kasan_check_write+0x14/0x20
[  313.348233]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  313.353094]  _do_fork+0x257/0xfd0
[  313.356557]  ? fork_idle+0x1d0/0x1d0
[  313.360281]  ? fput+0x128/0x1a0
[  313.363570]  ? ksys_write+0x1f1/0x2d0
[  313.367383]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  313.372148]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  313.377083]  ? do_syscall_64+0x26/0x620
[  313.381066]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  313.386439]  ? do_syscall_64+0x26/0x620
[  313.390426]  __x64_sys_clone+0xbf/0x150
[  313.394422]  do_syscall_64+0xfd/0x620
[  313.398229]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  313.403431] RIP: 0033:0x459a59
22:37:06 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)

22:37:06 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r3)

22:37:06 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x9]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  313.406630] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  313.425533] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  313.425548] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  313.425555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  313.425563] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  313.425575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  313.462357] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:06 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0xa]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:06 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xf4ffffff, 0x0, 0x0, 0x0, 0x0)

[  313.589606] x86/PAT: syz-executor.2:23274 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  313.666207] x86/PAT: syz-executor.2:23274 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  313.686210] x86/PAT: syz-executor.4:23475 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:07 executing program 2 (fault-call:9 fault-nth:42):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:07 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r3)

22:37:07 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x26}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:07 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0xf]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  313.907175] x86/PAT: syz-executor.4:23472 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:07 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0xffffffffffffffe0}}], 0x1, 0x10101, 0x0)
preadv(r1, &(0x7f00000009c0), 0x0, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x1)
open(0x0, 0x202, 0x40)

22:37:07 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x28}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  313.968417] x86/PAT: syz-executor.2:23620 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  314.007282] x86/PAT: syz-executor.4:23472 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  314.025560] FAULT_INJECTION: forcing a failure.
[  314.025560] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  314.054076] CPU: 1 PID: 23624 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  314.061067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  314.070434] Call Trace:
22:37:07 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x2a}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  314.073038]  dump_stack+0x172/0x1f0
[  314.076689]  should_fail.cold+0xa/0x1b
[  314.080612]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  314.085743]  ? __might_sleep+0x95/0x190
[  314.089740]  __alloc_pages_nodemask+0x1ee/0x750
[  314.094424]  ? __lock_is_held+0xb6/0x140
[  314.098500]  ? __alloc_pages_slowpath+0x2870/0x2870
[  314.103531]  ? find_held_lock+0x35/0x130
[  314.107603]  ? find_held_lock+0x35/0x130
[  314.111679]  ? copy_page_range+0x124f/0x1f90
[  314.116109]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  314.121658]  alloc_pages_current+0x107/0x210
[  314.126079]  pte_alloc_one+0x1b/0x1a0
[  314.129893]  __pte_alloc+0x2a/0x360
[  314.133619]  copy_page_range+0x151f/0x1f90
[  314.137872]  ? anon_vma_fork+0x371/0x4a0
[  314.141971]  ? pmd_alloc+0x180/0x180
[  314.145710]  ? __vma_link_rb+0x279/0x370
[  314.149793]  copy_process.part.0+0x543d/0x7a30
[  314.154416]  ? __cleanup_sighand+0x70/0x70
[  314.158665]  ? lock_downgrade+0x880/0x880
[  314.162838]  ? kasan_check_write+0x14/0x20
[  314.167076]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  314.171946]  _do_fork+0x257/0xfd0
[  314.175411]  ? fork_idle+0x1d0/0x1d0
[  314.179128]  ? fput+0x128/0x1a0
[  314.182409]  ? ksys_write+0x1f1/0x2d0
[  314.186217]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.190976]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.195732]  ? do_syscall_64+0x26/0x620
[  314.199709]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.205074]  ? do_syscall_64+0x26/0x620
[  314.209056]  __x64_sys_clone+0xbf/0x150
[  314.213034]  do_syscall_64+0xfd/0x620
[  314.216841]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.222031] RIP: 0033:0x459a59
[  314.225221] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  314.244141] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  314.251958] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  314.259233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  314.266520] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
22:37:07 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r3)

[  314.273804] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  314.281086] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:07 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x10]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:07 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xff0f0000, 0x0, 0x0, 0x0, 0x0)

[  314.319931] x86/PAT: syz-executor.2:23624 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  314.348665] x86/PAT: syz-executor.2:23624 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:07 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:07 executing program 2 (fault-call:9 fault-nth:43):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:07 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x2c}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  314.494991] x86/PAT: syz-executor.4:23742 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:07 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x11]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  314.599939] x86/PAT: syz-executor.2:23752 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:07 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  314.671562] FAULT_INJECTION: forcing a failure.
[  314.671562] name failslab, interval 1, probability 0, space 0, times 0
[  314.699545] x86/PAT: syz-executor.4:23740 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:07 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x2e}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  314.744924] x86/PAT: syz-executor.4:23740 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:07 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x6, 0x181400)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x1, 0x0)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x30, 0xfa00, {&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x0, {0xa, 0x4e24, 0x0, @local}}}, 0x38)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(r1, &(0x7f00000000c0)={0x11, 0x10, 0xfa00, {&(0x7f0000000080), r2}}, 0x18)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000300)={0x11, 0x10, 0xfa00, {&(0x7f0000000180), r2}}, 0x18)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r4, &(0x7f00000009c0)=[{&(0x7f0000000240)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0x25c}, {&(0x7f00000006c0)=""/189, 0xbd}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000000)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x10000000000001b6, 0x0)
open(0x0, 0x141042, 0x0)

[  314.793201] CPU: 1 PID: 23849 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  314.800185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  314.809551] Call Trace:
[  314.812149]  dump_stack+0x172/0x1f0
[  314.815785]  should_fail.cold+0xa/0x1b
[  314.819685]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  314.824795]  ? lock_downgrade+0x880/0x880
[  314.828972]  __should_failslab+0x121/0x190
[  314.833217]  should_failslab+0x9/0x14
[  314.837025]  kmem_cache_alloc+0x2ae/0x700
[  314.841188]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  314.846735]  ptlock_alloc+0x20/0x70
[  314.850389]  pte_alloc_one+0x6d/0x1a0
[  314.854191]  __pte_alloc+0x2a/0x360
[  314.857823]  copy_page_range+0x151f/0x1f90
[  314.862062]  ? anon_vma_fork+0x371/0x4a0
[  314.866148]  ? pmd_alloc+0x180/0x180
[  314.869864]  ? __vma_link_rb+0x279/0x370
[  314.873929]  copy_process.part.0+0x543d/0x7a30
[  314.878541]  ? __cleanup_sighand+0x70/0x70
[  314.882773]  ? lock_downgrade+0x880/0x880
[  314.886932]  ? kasan_check_write+0x14/0x20
[  314.891168]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  314.896019]  _do_fork+0x257/0xfd0
[  314.899481]  ? fork_idle+0x1d0/0x1d0
[  314.903193]  ? fput+0x128/0x1a0
[  314.906474]  ? ksys_write+0x1f1/0x2d0
[  314.910282]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.915041]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.919800]  ? do_syscall_64+0x26/0x620
[  314.923778]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.929140]  ? do_syscall_64+0x26/0x620
[  314.933120]  __x64_sys_clone+0xbf/0x150
[  314.937097]  do_syscall_64+0xfd/0x620
[  314.940919]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.946107] RIP: 0033:0x459a59
[  314.949409] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  314.968414] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  314.976130] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  314.983395] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:37:08 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x60]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:08 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xffff0700, 0x0, 0x0, 0x0, 0x0)

[  314.990660] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  314.997930] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  315.005200] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  315.089343] x86/PAT: syz-executor.2:23849 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:08 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x30}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:08 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0x2, @mcast2, 0x7}, 0x1c)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  315.177286] x86/PAT: syz-executor.4:23976 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  315.191949] x86/PAT: syz-executor.2:23849 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:08 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0xfc]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:08 executing program 2 (fault-call:9 fault-nth:44):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  315.352086] x86/PAT: syz-executor.4:23973 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:08 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000000))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/143, 0x8f}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xbc}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(0x0, 0x141042, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r3, &(0x7f0000000300)="ec5e18e17fdb262ac5ae020000000000000058fadda7d0960eaff0fa2ab1ba6f8118f003de97544e6600f617c63cb58ced3bab3e45133d00"/68, &(0x7f0000000240)="ed96889caf13cfd3bda433dd7ed74bb4ff8adbc4a394dadf6ee0c6354fe7e88535237e423fd363cb0e68db350c40160f0b65a9f4e228efc1c91a6c55bbc10fc89966fff3d5556d07d69071ea3140e36e0ff6fdff729f09d2aa2b079c2ae768e1036e909421edfa952349da1a5f14ec87a0c54fb547f0faf7e0737b9c8ae639260fb4a0689c3c43cfaa92544858b4bf44528a385983a669fe7fb5396fa3aa82306c6a83284837af052178112dad8b6ee76cd39a99570a4eb8484089dac1"}, 0x20)
pipe2(&(0x7f00000000c0), 0x18c800)

22:37:08 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x32}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  315.400166] x86/PAT: syz-executor.4:23973 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  315.426016] x86/PAT: syz-executor.2:24191 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:08 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xffff0f00, 0x0, 0x0, 0x0, 0x0)

[  315.470133] FAULT_INJECTION: forcing a failure.
[  315.470133] name failslab, interval 1, probability 0, space 0, times 0
22:37:08 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:08 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  315.622353] x86/PAT: syz-executor.4:24209 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:08 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$FS_IOC_GETFSLABEL(r3, 0x81009431, &(0x7f0000000280))
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={<r4=>0x0, 0x4}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={r4, 0x18, "7dc7999a0dd4eb57506bd8b3dbc563fdd9f90ea606014ea7"}, &(0x7f0000000240)=0x20)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146, 0xfffffffffffffd90}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13, 0xffffff81}, {&(0x7f0000000a40)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:08 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x34}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:08 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x2]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  315.806473] x86/PAT: syz-executor.4:24200 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:09 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  315.849542] x86/PAT: syz-executor.4:24200 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:09 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xfffffff4, 0x0, 0x0, 0x0, 0x0)

[  315.945392] CPU: 0 PID: 24191 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  315.952382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  315.961746] Call Trace:
[  315.964355]  dump_stack+0x172/0x1f0
[  315.968129]  should_fail.cold+0xa/0x1b
[  315.972050]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  315.977170]  ? lock_downgrade+0x880/0x880
[  315.981346]  __should_failslab+0x121/0x190
[  315.985592]  should_failslab+0x9/0x14
[  315.989401]  kmem_cache_alloc+0x2ae/0x700
22:37:09 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x36}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  315.993553]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  315.998570]  ? __vm_enough_memory+0x324/0x5a0
[  315.998589]  vm_area_dup+0x21/0x170
[  315.998603]  copy_process.part.0+0x3407/0x7a30
[  315.998637]  ? __cleanup_sighand+0x70/0x70
[  315.998649]  ? lock_downgrade+0x880/0x880
[  315.998671]  ? kasan_check_write+0x14/0x20
[  315.998683]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  315.998698]  _do_fork+0x257/0xfd0
[  315.998714]  ? fork_idle+0x1d0/0x1d0
[  315.998728]  ? fput+0x128/0x1a0
[  315.998745]  ? ksys_write+0x1f1/0x2d0
[  316.043038]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.047823]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.052585]  ? do_syscall_64+0x26/0x620
[  316.056568]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.061940]  ? do_syscall_64+0x26/0x620
[  316.065923]  __x64_sys_clone+0xbf/0x150
[  316.069938]  do_syscall_64+0xfd/0x620
[  316.073776]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.078971] RIP: 0033:0x459a59
[  316.082169] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  316.101076] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  316.108805] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  316.116079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  316.123357] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  316.130644] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  316.137936] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  316.184652] x86/PAT: syz-executor.4:24527 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:09 executing program 2 (fault-call:9 fault-nth:45):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:09 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x3]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:09 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000000))
r1 = open(&(0x7f0000000180)='./file0\x00', 0x128140, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
ioctl$EVIOCGBITSW(0xffffffffffffffff, 0x80404525, &(0x7f00000000c0)=""/52)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000280)={{{@in=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000380)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='9p\x00', 0x80000, &(0x7f0000000a40)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno'}, 0x2c, {[{@uname={'uname', 0x3d, 'cgroup2\x00'}}, {@fscache='fscache'}, {@mmap='mmap'}, {@access_client='access=client'}, {@dfltuid={'dfltuid', 0x3d, r3}}, {@uname={'uname', 0x3d, 'cgroup.procs\x00'}}, {@loose='loose'}], [{@measure='measure'}]}})
open(0x0, 0x141042, 0x0)

22:37:09 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:09 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x38}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  316.268086] x86/PAT: syz-executor.2:24191 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  316.277057] x86/PAT: syz-executor.2:24191 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  316.292371] x86/PAT: syz-executor.4:24526 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  316.304829] x86/PAT: syz-executor.4:24526 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:09 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x21fffffff, 0x0, 0x0, 0x0, 0x0)

22:37:09 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x3a}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:09 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  316.437094] x86/PAT: syz-executor.2:24646 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:09 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x4]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  316.490196] FAULT_INJECTION: forcing a failure.
[  316.490196] name failslab, interval 1, probability 0, space 0, times 0
[  316.584519] x86/PAT: syz-executor.4:24756 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:09 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x3c}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  316.744555] CPU: 1 PID: 24730 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  316.751561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  316.760926] Call Trace:
[  316.763534]  dump_stack+0x172/0x1f0
[  316.767181]  should_fail.cold+0xa/0x1b
[  316.771092]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  316.772342] x86/PAT: syz-executor.4:24753 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  316.776210]  ? find_held_lock+0x35/0x130
[  316.776230]  ? percpu_ref_put_many+0x94/0x190
[  316.776250]  __should_failslab+0x121/0x190
[  316.776265]  should_failslab+0x9/0x14
[  316.776279]  kmem_cache_alloc+0x47/0x700
[  316.785130] x86/PAT: syz-executor.4:24753 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  316.788989]  ? __lock_is_held+0xb6/0x140
[  316.789015]  anon_vma_clone+0xde/0x480
[  316.822166]  anon_vma_fork+0x8f/0x4a0
[  316.825984]  ? dup_userfaultfd+0x15e/0x6c0
[  316.830227]  ? memcpy+0x46/0x50
[  316.830247]  copy_process.part.0+0x34e5/0x7a30
[  316.838108]  ? __cleanup_sighand+0x70/0x70
[  316.838123]  ? lock_downgrade+0x880/0x880
[  316.846499]  ? kasan_check_write+0x14/0x20
[  316.850749]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  316.855656]  _do_fork+0x257/0xfd0
[  316.859135]  ? fork_idle+0x1d0/0x1d0
[  316.862856]  ? fput+0x128/0x1a0
[  316.866153]  ? ksys_write+0x1f1/0x2d0
[  316.869963]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.869978]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.869994]  ? do_syscall_64+0x26/0x620
[  316.883466]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.888857]  ? do_syscall_64+0x26/0x620
[  316.892846]  __x64_sys_clone+0xbf/0x150
[  316.896844]  do_syscall_64+0xfd/0x620
[  316.900665]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.905859] RIP: 0033:0x459a59
[  316.909069] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  316.909078] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  316.909092] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
22:37:10 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f00000000c0)='./file0\x00'}, 0x10)
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8, 0x1, 'sfb\x00'}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28}}}]}, 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="340000002c00010700"/20, @ANYRES32=r4, @ANYBLOB="1000000000000000030700000c000100090000007570010004000200"], 0x34}}, 0x0)
recvfrom(r0, &(0x7f0000000240)=""/38, 0x26, 0x20002102, &(0x7f0000000280)=@hci={0x1f, r4, 0x1}, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = dup(r7)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r6, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r9 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$kcm(r9, &(0x7f0000000580)={&(0x7f0000000080)=@nfc={0x27, 0x1, 0x1, 0x1}, 0x80, &(0x7f0000000140)=[{&(0x7f00000005c0)="769b58a84effca10f29d18327a130368a239c62befc59149879c9c3375db026039f53fef1c28cb0f94f98a2753095a63d3040fc2f6241fe8b23b869483f8a73fd615c4c7c79102346d0c1f770dd116787fa9dac29281ba92b30a1e2f8c2b46461a33bab28969860bee32fb998fc24d48b01c5aafaf30ff27e0d6a8480397b9a80c3bc967e957dde7d6e4fdaa4b24e40d1aa8d26b40d493ad75a8e5cf58c3505f166380b901a3778abf21500e1252c56271c49d05ef48f0c68444479ea8a4d15291f2152b146735298bf68988fc2c6e5ff47bb0664a9fbcd45e866b14f76cf4959f5e15e6219dd03acc1b035160d6846f883a738d712c9cbd047a3856bbe84c0ae4e433f089e1e25b8a72a46c502af5f6b9e9c86ef22ccfdb3eef8d44bb64a3ba64f60ab1d8265b21c860ce2e4f5aca4ff41c60fc1a31da299d2546975a13003b55e4600dbcc59dc5d1003a05f07e038f28bf6a0b7da730a53a569bd5966d0ccd95361f5fc7601d696802fb3bab8a2961d67fabc187c73b366e900de0f651d80b4c2db2f734d9554f5c986bedc1bb4aef7172ca4dac41966074bde73b05ffbebd4518b5d3983a60b3024945ee20324e281ae80ec05cc076c6e50072bb7b473258be60281199efd42197ba107c441824002dee91d59ea609b2164fe754427bff90df7c4849ad7a5460d6f5ff0300008cedbf41bb81c50901cc1eeff8fd4bc2ec38387de9e1a7476009654b9161c66fe14795188cbcf072c23441f8907145ec0eab52f0d2ea2ff14c7be176fdd58e889460d86d8da598e5b812d9cf8e57674f476cfda0b73e8e8b7b333621e4fc08a43366efeda92b3beecacb5f5472637d61a7f2acedc6c664e674df9769cf948b49e4a8253d841e29d853bb829b7d0e3e132d6227016f7052d14fd8d2a105e9e2578bce4b3b4adbc2436d4eda84eb7448258f4efe3368ef6d94f4d1e60941dfe345d6d3820ddf47d5cda86dd27a56170498b2f803dd7b907aef7381e5158c9d02c262661271e99197a5dd071c304ad3c98dc9405add9e7b2c7c8ee09713f9327926881938b2e7881e4027ca09bcc509d154cfa25140fbbc243d94c1ed6ffe0b5011255efcd682d829970ee54dadea3a0598c27239ab43a123259b4d2bca808d9eb34c032703561d89ebc6ab024c8af542831d34bfed54af42691f852ddc20ee2eebbfcfa6712d296a2a317fae6f78a0e555af174b22dd330d1d49553e04c0c28e725861dc745cb9f333c2b2ce25ae8af82f04499e30ee5d4485fa1b1b50cacd680862217f88fd89a22dfaecfd183960fce392e1b3ab4906a160083f4f1589dbf24bb4b70e693ee6979d3a2f2781ded84def126b0aa16ca6a8f3361070cdb501a22dfa8877ae9e0258b625e112f2f583efdbcdaf94c4681e6bedf53a9f871d0b8e137d3ab2252b4abdc2dc029e7e4efe3237e4cd31ee8580c37ff42a134eaae53b207ce98b6001577c9b047ac15f2b79528369e3be24e81cc7feb9a59f5e292f522998f060cb80e2472dd8b19c131ec3089d442c4d02c46e98de4c9ca1b35b8e65ce71dd757a6f19b944353e7426d96cb11a24f84d8f52d571cb3397cb3fd03f10c69c4530d7dfcda5cf528a4dce7506af9c1eab51f6559a22a2dcb6c0ace10795cdaf5e8cab40afa329ccfa3c128d90dcb62cd58743fd97d3eaa9a8311cb07460c136c68bfd1d60310ee2154105304981ce5cd785f46b2c6893c278063d993e61a5d530a2cd0c7cd299f7156a22329738a88ec0967ffbaeb9abed51bd31bddcf314cf90228ae71ff1d3a78ef88317dcd8da7aaa19ebdfa02b62d83ccfbe8afc65301d627c6e1b1598dfb194c20cdf5e3143080b66db11355a4d6becc6a46a66af7eed1880c606f07b47f01de98f4dfd2e3bb5e97c54a8b680c1a506d5d5e931f3bc1b6af3cdff46ad5ed60e6fc5964597e990b77cde66f86a44bfa8555966bc2ce23471c21e703794574e05", 0xfffffffffffffd2e}], 0x1}, 0xe003)
sendmsg$kcm(r9, &(0x7f00000031c0)={0x0, 0x0, &(0x7f0000003180)=[{&(0x7f0000003140)="cb", 0x1}], 0x1}, 0x8040)
sendmsg$kcm(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000280)="e4022f5def39273a0a498ad911b4", 0xe}], 0x1}, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
connect$bt_rfcomm(r3, &(0x7f0000000440)={0x1f, {0x4, 0x7, 0x90, 0x3, 0x7, 0x20}, 0x7}, 0xa)
socket$inet6_sctp(0xa, 0x5, 0x84)

22:37:10 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x5]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  316.909103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  316.950360] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  316.957771] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  316.965059] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:10 executing program 2 (fault-call:9 fault-nth:46):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:10 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x1b11820000, 0x0, 0x0, 0x0, 0x0)

22:37:10 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
socket$inet6(0xa, 0x6, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:10 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x3e}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:10 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x6]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:10 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  317.321351] x86/PAT: syz-executor.2:24979 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  317.330413] x86/PAT: syz-executor.2:24979 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  317.411219] x86/PAT: syz-executor.4:24981 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:10 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
socket$inet6(0xa, 0x6, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:10 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x42}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:10 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x7]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  317.520551] x86/PAT: syz-executor.2:25039 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:10 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
open(0x0, 0x141042, 0x0)

[  317.604755] x86/PAT: syz-executor.4:24980 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  317.617176] FAULT_INJECTION: forcing a failure.
[  317.617176] name failslab, interval 1, probability 0, space 0, times 0
[  317.636032] x86/PAT: syz-executor.4:24980 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:10 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x10000000000, 0x0, 0x0, 0x0, 0x0)

[  317.769742] CPU: 0 PID: 25204 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  317.776731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  317.786099] Call Trace:
[  317.788710]  dump_stack+0x172/0x1f0
[  317.792360]  should_fail.cold+0xa/0x1b
[  317.796269]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  317.801390]  ? find_held_lock+0x35/0x130
[  317.805486]  ? percpu_ref_put_many+0x94/0x190
[  317.810001]  __should_failslab+0x121/0x190
[  317.814253]  should_failslab+0x9/0x14
22:37:10 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0xc0}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  317.818060]  kmem_cache_alloc+0x47/0x700
[  317.822133]  ? __lock_is_held+0xb6/0x140
[  317.826213]  anon_vma_clone+0xde/0x480
[  317.830121]  anon_vma_fork+0x8f/0x4a0
[  317.833930]  ? dup_userfaultfd+0x15e/0x6c0
[  317.838188]  ? memcpy+0x46/0x50
[  317.841479]  copy_process.part.0+0x34e5/0x7a30
[  317.846089]  ? __cleanup_sighand+0x70/0x70
[  317.850335]  ? lock_downgrade+0x880/0x880
[  317.854512]  ? kasan_check_write+0x14/0x20
[  317.858752]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  317.863610]  _do_fork+0x257/0xfd0
[  317.867081]  ? fork_idle+0x1d0/0x1d0
[  317.870805]  ? fput+0x128/0x1a0
[  317.874094]  ? ksys_write+0x1f1/0x2d0
[  317.877910]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  317.882679]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  317.887447]  ? do_syscall_64+0x26/0x620
[  317.891430]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  317.896800]  ? do_syscall_64+0x26/0x620
[  317.900786]  __x64_sys_clone+0xbf/0x150
[  317.904773]  do_syscall_64+0xfd/0x620
[  317.908589]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  317.913784] RIP: 0033:0x459a59
[  317.916983] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  317.935981] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  317.943730] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  317.951017] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  317.958296] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  317.965589] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  317.972877] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  318.095304] x86/PAT: syz-executor.4:25321 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  318.242705] x86/PAT: syz-executor.4:25320 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  318.260603] x86/PAT: syz-executor.2:25000 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  318.262301] x86/PAT: syz-executor.4:25320 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:11 executing program 2 (fault-call:9 fault-nth:47):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:11 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x8]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:11 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:11 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='auto\xa9s\x00\xa6\xe0\x9d\xab\xeb\x7f\vC\xefp\x89\xd3D\xb5Bp\xebP\xc3\x92\xcf\xa5\xa1\xa0\x0faZ\x8c\xf5\xa0\xcb\x0e\xde:\xaa\x9d\x96\x03\xbaO)D\x19?\xc3\xc8\x82@\xd3=\xcd\xf8\x82\x83\xa1`\xd4\x05\xf8kle=\xb14TM\x81\xd1u\x1f\x01\xfd\xeb\tL\xda\xfc:\xb4\x9euH\xb7uQ\x81\xef\xa8\xe5\x9a\xcfo\x03\xd9-\x02\f\r\xcd\xbb\xdcCN\x01\xab\x8fK\xf2\xb6', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = epoll_create1(0x80000)
mount(&(0x7f00000000c0)=@sg0='/dev/sg0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='pstore\x00', 0x2, &(0x7f0000000200)='%cgroup!')
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x10000, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r2)
r3 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000040)=[{{&(0x7f00000002c0)=@ipx, 0x80, 0x0, 0xfe93}, 0x10001}], 0x400000000000367, 0x40000000, 0x0)
preadv(r3, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
write$binfmt_script(r4, &(0x7f0000000a40)={'#! ', './file0', [{0x20, '/selinux/enforce\x00'}, {0x20, 'cgroup.procs\x00'}, {0x20, 'cgroup.procs\x00'}, {0x20, 'cgroup.procs\x00'}, {0x20, 'bdev'}, {0x20, '%cgroup!'}], 0xa, "a98e40e1053ed144f318580343ea4877cc2c791158105054b4afe502793f1e9a74f7c3998afbb11b9afaf00a61a5c88fa170e4661ff628a6be4944b9b9ee6c16a3a9cbb329a02a1476f7c159389e5417b38d40a95ed3abd2902de951f4e9f5718668b046a55e2148951d7d2b94eb04516a02b1deea8a32cf94337cd35daaa453c2d5e3eb9b758cca2cdf4bbfdbd5c9771d485904f8e073d56484de5930d5fd23893b686501cb8c3e29251221c41d2220591c99c39adf9d2c59cb852d2e6ca96b856d72ca1bb0d4b04cf46ff7344d17"}, 0x124)
open(0x0, 0x141042, 0x0)

22:37:11 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x20000404}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:11 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x200000000000, 0x0, 0x0, 0x0, 0x0)

[  318.286049] x86/PAT: syz-executor.2:25000 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  318.436853] x86/PAT: syz-executor.4:25440 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:11 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
r1 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:11 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x9]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:11 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x7ffff000}, {0x0}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:11 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
r2 = open(0x0, 0x141042, 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r2, 0x4020565b, &(0x7f0000000000)={0x5, 0x3f, 0x1})

[  318.544515] x86/PAT: syz-executor.2:25507 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  318.623554] FAULT_INJECTION: forcing a failure.
[  318.623554] name failslab, interval 1, probability 0, space 0, times 0
[  318.653617] x86/PAT: syz-executor.4:25435 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  318.670389] CPU: 0 PID: 25637 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  318.677373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  318.686737] Call Trace:
[  318.689243] x86/PAT: syz-executor.4:25435 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  318.689336]  dump_stack+0x172/0x1f0
[  318.689357]  should_fail.cold+0xa/0x1b
[  318.705523]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  318.710637]  ? __lock_is_held+0xb6/0x140
[  318.714711]  __should_failslab+0x121/0x190
[  318.718968]  should_failslab+0x9/0x14
[  318.722772]  kmem_cache_alloc+0x47/0x700
[  318.726844]  ? anon_vma_chain_link+0x154/0x1c0
[  318.731444]  anon_vma_clone+0xde/0x480
[  318.735347]  anon_vma_fork+0x8f/0x4a0
[  318.739156]  ? dup_userfaultfd+0x15e/0x6c0
[  318.743397]  ? memcpy+0x46/0x50
[  318.746687]  copy_process.part.0+0x34e5/0x7a30
[  318.751309]  ? __cleanup_sighand+0x70/0x70
[  318.755549]  ? lock_downgrade+0x880/0x880
[  318.759713]  ? kasan_check_write+0x14/0x20
[  318.763955]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  318.768815]  _do_fork+0x257/0xfd0
[  318.772277]  ? fork_idle+0x1d0/0x1d0
[  318.776091]  ? fput+0x128/0x1a0
[  318.779377]  ? ksys_write+0x1f1/0x2d0
[  318.783183]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  318.787938]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  318.792701]  ? do_syscall_64+0x26/0x620
[  318.796684]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  318.802056]  ? do_syscall_64+0x26/0x620
[  318.806045]  __x64_sys_clone+0xbf/0x150
[  318.810035]  do_syscall_64+0xfd/0x620
[  318.813850]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  318.819044] RIP: 0033:0x459a59
22:37:12 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
socket$inet6(0xa, 0x6, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:12 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0xa]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  318.822244] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  318.841148] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  318.848854] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  318.848862] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  318.848868] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  318.848875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  318.848882] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:12 executing program 2 (fault-call:9 fault-nth:48):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:12 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x400000000000, 0x0, 0x0, 0x0, 0x0)

22:37:12 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x2}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:12 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0xf]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:12 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
socket$inet6(0xa, 0x6, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:12 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/52, 0x34}, {&(0x7f00000005c0)=""/209, 0xd1}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000240)=""/87, 0x57}], 0x8, 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000000c0)=<r3=>0x0)
write$cgroup_pid(r2, &(0x7f0000000180)=r3, 0x12)
open(0x0, 0x141042, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000000)={0x7, 0xffff, 0x7, 0xb285, 0x2574})

[  319.113798] x86/PAT: syz-executor.2:25507 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  319.122815] x86/PAT: syz-executor.2:25507 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  319.174025] x86/PAT: syz-executor.4:25774 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:12 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x3}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  319.271161] x86/PAT: syz-executor.2:25789 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  319.312567] FAULT_INJECTION: forcing a failure.
[  319.312567] name failslab, interval 1, probability 0, space 0, times 0
22:37:12 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x10]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:12 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
socket$inet6(0xa, 0x6, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  319.368294] CPU: 1 PID: 25789 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  319.375279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  319.384638] Call Trace:
[  319.384664]  dump_stack+0x172/0x1f0
[  319.384690]  should_fail.cold+0xa/0x1b
[  319.394780]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  319.399894]  ? lock_downgrade+0x880/0x880
[  319.399917]  __should_failslab+0x121/0x190
[  319.408302]  should_failslab+0x9/0x14
[  319.412113]  kmem_cache_alloc+0x2ae/0x700
[  319.416273]  ? anon_vma_clone+0x320/0x480
[  319.420443]  anon_vma_fork+0xfc/0x4a0
[  319.424249]  ? dup_userfaultfd+0x15e/0x6c0
[  319.424268]  ? memcpy+0x46/0x50
[  319.424288]  copy_process.part.0+0x34e5/0x7a30
[  319.431798]  ? __cleanup_sighand+0x70/0x70
[  319.440558]  ? lock_downgrade+0x880/0x880
[  319.444727]  ? kasan_check_write+0x14/0x20
[  319.448975]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  319.453831]  _do_fork+0x257/0xfd0
[  319.457299]  ? fork_idle+0x1d0/0x1d0
[  319.461041]  ? fput+0x128/0x1a0
[  319.464328]  ? ksys_write+0x1f1/0x2d0
[  319.468141]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  319.473035]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  319.477803]  ? do_syscall_64+0x26/0x620
[  319.481787]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  319.487160]  ? do_syscall_64+0x26/0x620
[  319.491150]  __x64_sys_clone+0xbf/0x150
[  319.495141]  do_syscall_64+0xfd/0x620
[  319.498968]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  319.504162] RIP: 0033:0x459a59
22:37:12 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x11]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:12 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  319.507367] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  319.526273] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  319.533980] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  319.541263] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  319.548557] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  319.555834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
22:37:12 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000240)={0xa1, {{0xa, 0x4e22, 0x7, @mcast1, 0x100}}, {{0xa, 0x4e23, 0x10f011dd, @dev={0xfe, 0x80, [], 0x29}}}}, 0x108)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  319.555842] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  319.642503] x86/PAT: syz-executor.4:25773 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  319.652190] x86/PAT: syz-executor.4:25773 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  319.689249] QAT: Invalid ioctl
22:37:13 executing program 2 (fault-call:9 fault-nth:49):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:13 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x4}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:13 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x551e00000000, 0x0, 0x0, 0x0, 0x0)

22:37:13 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:13 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x60]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  319.812922] x86/PAT: syz-executor.2:25784 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  319.823164] x86/PAT: syz-executor.2:25784 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:13 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f00000000c0)=0x3)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
recvmmsg(r4, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0}}], 0x1, 0x0, 0x0)
preadv(r3, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
r5 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ubi_ctrl\x00', 0x2000, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r6, 0x84, 0x1c, &(0x7f0000000240), &(0x7f0000000280)=0x4)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f0000000000)={0x3, 0x5, 0x5, 0x800, 0x2}, 0x14)

[  319.924556] x86/PAT: syz-executor.4:26025 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:13 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  319.967801] x86/PAT: syz-executor.2:26031 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:13 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0xfc]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:13 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x5}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  320.052045] FAULT_INJECTION: forcing a failure.
[  320.052045] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  320.063920] CPU: 0 PID: 26038 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  320.070857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  320.080220] Call Trace:
[  320.082820]  dump_stack+0x172/0x1f0
[  320.086469]  should_fail.cold+0xa/0x1b
[  320.090373]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  320.095494]  ? mark_held_locks+0x100/0x100
[  320.099776]  __alloc_pages_nodemask+0x1ee/0x750
[  320.104483]  ? find_held_lock+0x35/0x130
[  320.108554]  ? __alloc_pages_slowpath+0x2870/0x2870
[  320.113595]  cache_grow_begin+0x91/0x8c0
[  320.117669]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  320.123224]  kmem_cache_alloc+0x63b/0x700
[  320.127384]  ? anon_vma_clone+0x320/0x480
[  320.131550]  anon_vma_fork+0xfc/0x4a0
[  320.135364]  ? dup_userfaultfd+0x15e/0x6c0
[  320.139611]  ? memcpy+0x46/0x50
[  320.142923]  copy_process.part.0+0x34e5/0x7a30
[  320.147563]  ? __cleanup_sighand+0x70/0x70
[  320.151809]  ? lock_downgrade+0x880/0x880
[  320.155988]  ? kasan_check_write+0x14/0x20
[  320.160252]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  320.165158]  _do_fork+0x257/0xfd0
[  320.168648]  ? fork_idle+0x1d0/0x1d0
[  320.172378]  ? fput+0x128/0x1a0
[  320.175676]  ? ksys_write+0x1f1/0x2d0
[  320.179507]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  320.184279]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  320.189060]  ? do_syscall_64+0x26/0x620
[  320.193047]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  320.198427]  ? do_syscall_64+0x26/0x620
[  320.202430]  __x64_sys_clone+0xbf/0x150
[  320.206427]  do_syscall_64+0xfd/0x620
[  320.210250]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  320.215450] RIP: 0033:0x459a59
[  320.218655] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  320.222589] x86/PAT: syz-executor.4:26018 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:13 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  320.237568] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  320.237584] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  320.237592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  320.237599] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  320.237607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  320.237615] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:13 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:13 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x7fd4aea6f000, 0x0, 0x0, 0x0, 0x0)

[  320.365687] x86/PAT: syz-executor.4:26018 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  320.471426] x86/PAT: syz-executor.2:26038 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  320.562956] x86/PAT: syz-executor.4:26259 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:13 executing program 2 (fault-call:9 fault-nth:50):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:13 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:13 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x6}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:13 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
recvfrom$unix(r3, &(0x7f0000000240)=""/106, 0x6a, 0x20, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:13 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x2]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  320.624499] x86/PAT: syz-executor.2:26038 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:13 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x82111b000000, 0x0, 0x0, 0x0, 0x0)

22:37:13 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:13 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x7}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  320.675441] x86/PAT: syz-executor.4:26259 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  320.692936] x86/PAT: syz-executor.4:26259 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:14 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x3]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:14 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_GET_THP_DISABLE(0x2a)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x40080, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='*\x00')
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  320.838054] x86/PAT: syz-executor.2:26481 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  320.871745] x86/PAT: syz-executor.4:26484 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  320.907080] FAULT_INJECTION: forcing a failure.
[  320.907080] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  320.944528] CPU: 1 PID: 26490 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  320.951515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  320.960883] Call Trace:
[  320.963494]  dump_stack+0x172/0x1f0
[  320.967147]  should_fail.cold+0xa/0x1b
[  320.971070]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  320.976198]  ? __might_sleep+0x95/0x190
[  320.980192]  __alloc_pages_nodemask+0x1ee/0x750
[  320.984983]  ? save_stack+0xa9/0xd0
[  320.988626]  ? __alloc_pages_slowpath+0x2870/0x2870
[  320.993677]  ? copy_process.part.0+0x34e5/0x7a30
[  320.998456]  ? mark_held_locks+0x100/0x100
[  321.002716]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  321.008282]  alloc_pages_current+0x107/0x210
[  321.012710]  pte_alloc_one+0x1b/0x1a0
[  321.016522]  __pte_alloc+0x2a/0x360
[  321.020164]  copy_page_range+0x151f/0x1f90
[  321.024410]  ? anon_vma_fork+0x371/0x4a0
[  321.028487]  ? find_held_lock+0x35/0x130
[  321.032564]  ? anon_vma_fork+0x371/0x4a0
[  321.036654]  ? lock_downgrade+0x880/0x880
[  321.040825]  ? pmd_alloc+0x180/0x180
[  321.044556]  ? __vma_link_rb+0x279/0x370
[  321.048642]  copy_process.part.0+0x543d/0x7a30
[  321.053264]  ? __cleanup_sighand+0x70/0x70
[  321.057511]  ? lock_downgrade+0x880/0x880
[  321.061692]  ? kasan_check_write+0x14/0x20
[  321.065943]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  321.070802]  _do_fork+0x257/0xfd0
[  321.074273]  ? fork_idle+0x1d0/0x1d0
[  321.077993]  ? fput+0x128/0x1a0
[  321.081290]  ? ksys_write+0x1f1/0x2d0
[  321.085099]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.089862]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.094638]  ? do_syscall_64+0x26/0x620
[  321.098615]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.104006]  ? do_syscall_64+0x26/0x620
[  321.108013]  __x64_sys_clone+0xbf/0x150
[  321.111996]  do_syscall_64+0xfd/0x620
[  321.115805]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.120993] RIP: 0033:0x459a59
[  321.124190] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  321.143107] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  321.150847] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
22:37:14 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/60, 0x3c}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)

[  321.158137] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  321.166383] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  321.173672] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  321.180945] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  321.215198] x86/PAT: syz-executor.4:26484 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  321.224009] x86/PAT: syz-executor.4:26484 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:14 executing program 2 (fault-call:9 fault-nth:51):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:14 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x4]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:14 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0xa}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:14 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x10}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  321.432697] x86/PAT: syz-executor.4:26482 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  321.479001] x86/PAT: syz-executor.4:26482 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:14 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x2001000000000, 0x0, 0x0, 0x0, 0x0)

22:37:14 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x5]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:14 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f00000007c0)=""/142, 0x8e}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
open(0x0, 0x141042, 0x0)

22:37:14 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x48}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:14 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  321.562325] x86/PAT: syz-executor.2:26820 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  321.641267] FAULT_INJECTION: forcing a failure.
[  321.641267] name failslab, interval 1, probability 0, space 0, times 0
[  321.669978] x86/PAT: syz-executor.4:26832 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  321.679689] CPU: 0 PID: 26833 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  321.686648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  321.696010] Call Trace:
[  321.698614]  dump_stack+0x172/0x1f0
[  321.698635]  should_fail.cold+0xa/0x1b
[  321.698654]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  321.706252]  ? lock_downgrade+0x880/0x880
[  321.706274]  __should_failslab+0x121/0x190
[  321.706289]  should_failslab+0x9/0x14
[  321.706301]  kmem_cache_alloc+0x2ae/0x700
[  321.706316]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  321.706334]  ptlock_alloc+0x20/0x70
[  321.706350]  pte_alloc_one+0x6d/0x1a0
[  321.706365]  __pte_alloc+0x2a/0x360
[  321.706379]  copy_page_range+0x151f/0x1f90
[  321.706394]  ? anon_vma_fork+0x371/0x4a0
[  321.752603]  ? find_held_lock+0x35/0x130
[  321.756681]  ? anon_vma_fork+0x371/0x4a0
[  321.760762]  ? lock_downgrade+0x880/0x880
[  321.764931]  ? pmd_alloc+0x180/0x180
[  321.768663]  ? __vma_link_rb+0x279/0x370
[  321.772738]  copy_process.part.0+0x543d/0x7a30
[  321.777443]  ? __cleanup_sighand+0x70/0x70
[  321.781680]  ? lock_downgrade+0x880/0x880
[  321.785836]  ? kasan_check_write+0x14/0x20
[  321.790062]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  321.794900]  _do_fork+0x257/0xfd0
[  321.798347]  ? fork_idle+0x1d0/0x1d0
[  321.802047]  ? fput+0x128/0x1a0
[  321.805314]  ? ksys_write+0x1f1/0x2d0
[  321.810235]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.814981]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.819726]  ? do_syscall_64+0x26/0x620
[  321.823689]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.829039]  ? do_syscall_64+0x26/0x620
[  321.833002]  __x64_sys_clone+0xbf/0x150
[  321.836968]  do_syscall_64+0xfd/0x620
[  321.840759]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.845935] RIP: 0033:0x459a59
[  321.849115] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  321.868009] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  321.875705] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  321.882972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:37:15 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x6]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:15 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  321.890228] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  321.897510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  321.904773] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  322.096535] x86/PAT: syz-executor.2:26833 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:15 executing program 2 (fault-call:9 fault-nth:52):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:15 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x4c}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:15 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:15 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x7]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:15 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x90aeaddc9ba87ffe, 0x0)
ioctl$VFIO_IOMMU_MAP_DMA(r0, 0x3b71, &(0x7f00000000c0)={0x20, 0x3, 0x6, 0x6, 0x80000001})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:15 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x2020000000000, 0x0, 0x0, 0x0, 0x0)

[  322.144133] x86/PAT: syz-executor.4:26828 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  322.146977] x86/PAT: syz-executor.2:26833 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  322.161352] x86/PAT: syz-executor.4:26828 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:15 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:15 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x68}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:15 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x8]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  322.333756] x86/PAT: syz-executor.2:27105 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  322.367164] x86/PAT: syz-executor.4:27103 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  322.396119] FAULT_INJECTION: forcing a failure.
[  322.396119] name failslab, interval 1, probability 0, space 0, times 0
[  322.461794] CPU: 1 PID: 27171 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  322.468773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  322.478138] Call Trace:
[  322.480746]  dump_stack+0x172/0x1f0
[  322.484389]  should_fail.cold+0xa/0x1b
[  322.488298]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  322.493501]  ? lock_downgrade+0x880/0x880
[  322.497675]  __should_failslab+0x121/0x190
[  322.501926]  should_failslab+0x9/0x14
[  322.505741]  kmem_cache_alloc+0x2ae/0x700
[  322.509898]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  322.514927]  ? __vm_enough_memory+0x324/0x5a0
[  322.519438]  vm_area_dup+0x21/0x170
[  322.523078]  copy_process.part.0+0x3407/0x7a30
[  322.527692]  ? __cleanup_sighand+0x70/0x70
[  322.531928]  ? lock_downgrade+0x880/0x880
[  322.536085]  ? kasan_check_write+0x14/0x20
[  322.540323]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  322.545177]  _do_fork+0x257/0xfd0
[  322.548640]  ? fork_idle+0x1d0/0x1d0
[  322.552364]  ? fput+0x128/0x1a0
[  322.555651]  ? ksys_write+0x1f1/0x2d0
22:37:15 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0), 0x0, 0x3)
open(0x0, 0x141042, 0x0)

22:37:15 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  322.559484]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  322.564241]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  322.569006]  ? do_syscall_64+0x26/0x620
[  322.572992]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  322.578368]  ? do_syscall_64+0x26/0x620
[  322.582350]  __x64_sys_clone+0xbf/0x150
[  322.582371]  do_syscall_64+0xfd/0x620
[  322.582391]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  322.582405] RIP: 0033:0x459a59
[  322.590171] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  322.590180] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  322.590195] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  322.590204] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  322.590213] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  322.590221] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  322.590228] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:15 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x9]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  322.623411] x86/PAT: syz-executor.4:27082 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  322.675664] x86/PAT: syz-executor.4:27082 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  322.751126] x86/PAT: syz-executor.2:27105 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  322.763920] x86/PAT: syz-executor.2:27105 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:15 executing program 2 (fault-call:9 fault-nth:53):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:15 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:15 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x6c}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:15 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x8000000000000, 0x0, 0x0, 0x0, 0x0)

22:37:16 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0xa]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:16 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
fgetxattr(r2, &(0x7f0000000000)=@known='trusted.overlay.upper\x00', &(0x7f0000000240)=""/250, 0xfa)

22:37:16 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  322.916817] x86/PAT: syz-executor.4:27399 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  322.959679] x86/PAT: syz-executor.2:27402 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:16 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x74}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  323.028253] FAULT_INJECTION: forcing a failure.
[  323.028253] name failslab, interval 1, probability 0, space 0, times 0
[  323.085284] x86/PAT: syz-executor.4:27394 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  323.093380] CPU: 0 PID: 27463 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  323.100934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  323.110291] Call Trace:
[  323.110317]  dump_stack+0x172/0x1f0
[  323.110337]  should_fail.cold+0xa/0x1b
[  323.110354]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  323.110370]  ? find_held_lock+0x35/0x130
[  323.110388]  ? percpu_ref_put_many+0x94/0x190
22:37:16 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:16 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x10000000000000, 0x0, 0x0, 0x0, 0x0)

[  323.110405]  __should_failslab+0x121/0x190
[  323.110421]  should_failslab+0x9/0x14
[  323.134895] x86/PAT: syz-executor.4:27394 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  323.138487]  kmem_cache_alloc+0x47/0x700
[  323.138504]  ? __lock_is_held+0xb6/0x140
[  323.138523]  anon_vma_clone+0xde/0x480
[  323.162987]  anon_vma_fork+0x8f/0x4a0
[  323.166807]  ? dup_userfaultfd+0x15e/0x6c0
[  323.171101]  ? memcpy+0x46/0x50
[  323.174398]  copy_process.part.0+0x34e5/0x7a30
[  323.179024]  ? __cleanup_sighand+0x70/0x70
22:37:16 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  323.183272]  ? lock_downgrade+0x880/0x880
[  323.187454]  ? kasan_check_write+0x14/0x20
[  323.191699]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  323.196563]  _do_fork+0x257/0xfd0
[  323.200031]  ? fork_idle+0x1d0/0x1d0
[  323.203756]  ? fput+0x128/0x1a0
[  323.207048]  ? ksys_write+0x1f1/0x2d0
[  323.210989]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  323.215783]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  323.220552]  ? do_syscall_64+0x26/0x620
[  323.224539]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  323.229915]  ? do_syscall_64+0x26/0x620
22:37:16 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  323.233908]  __x64_sys_clone+0xbf/0x150
[  323.237896]  do_syscall_64+0xfd/0x620
[  323.241715]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  323.246901] RIP: 0033:0x459a59
[  323.250097] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  323.269006] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  323.276820] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  323.284104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  323.291385] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  323.298680] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  323.305961] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  323.387878] x86/PAT: syz-executor.4:27597 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  323.407950] x86/PAT: syz-executor.2:27618 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:16 executing program 2 (fault-call:9 fault-nth:54):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:16 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:16 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0xf]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:16 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x202100, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x190, @tick=0x8000, 0x40, {0xf9}, 0xf3, 0x6, 0x2})
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000200)='erofs\x00', &(0x7f0000000240)='./file0/file0\x00', 0x1, 0x2, &(0x7f0000000440)=[{&(0x7f0000000280)="69d176f4a76a396d1f9c353e22bd540614950f8ad0b9e3cbc4e6e515368ea308ba772b073be11ca5bb73bb6cd39a4df57764bcd9e3c8b8dd7f856db84ef4051de2d1331a1b7e956dcb0d10412bf5fc6f2fff71623984458a7283d53bd51d67d5a8521c031b6a3c36d5ffa5560ba9697f6626ed126de0f60038e4091a955624eb53db8fadf7dbbc695df8a8ecc844db0c11b4d63289d128fdff91f3ab51609e3e8f23811f26e79442bc89f80e88ec20409ff3543af4c97a1b7bd4c154545f6fdc8d", 0xc1, 0x3}, {&(0x7f0000000380)="fa479ceb02dc045fba2fec1a04a3d39dfed23a063d", 0x15, 0xc0000000000}], 0xa011, &(0x7f0000000a40)=ANY=[@ANYBLOB="6661754c745f696e6a656374696f6e3d3078303030303030303030303030303030342c6e6f61636c2c61636c2c757365725f78617474722c6e6f757365725f78617474722c757365725f78617474722c61636c2c6e6f61636c2c7375626a6f786e6574312e707070312c7063723d30303030303030303030303030303030303034392c6673636f6e746578743d73797374656d5f752c6d6a736b3d5e4d41595f415050454e442c646f6e745f686173682c66756e633d4649524d0600000000000000434b2c7375626a5f757365723d2c00"/220])
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r4 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
recvmmsg(r4, &(0x7f0000003140), 0x0, 0x2, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:16 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x7a}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  323.447290] x86/PAT: syz-executor.2:27618 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:16 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:16 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x10]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  323.574131] x86/PAT: syz-executor.4:27594 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  323.591822] x86/PAT: syz-executor.2:27719 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  323.611605] x86/PAT: syz-executor.4:27594 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:16 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x300}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  323.660121] FAULT_INJECTION: forcing a failure.
[  323.660121] name failslab, interval 1, probability 0, space 0, times 0
[  323.705187] CPU: 1 PID: 27782 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  323.712171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  323.721534] Call Trace:
[  323.724140]  dump_stack+0x172/0x1f0
[  323.727796]  should_fail.cold+0xa/0x1b
[  323.731706]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  323.736826]  ? lock_downgrade+0x880/0x880
[  323.741000]  __should_failslab+0x121/0x190
[  323.745252]  should_failslab+0x9/0x14
[  323.749068]  kmem_cache_alloc+0x2ae/0x700
[  323.753230]  ? anon_vma_clone+0x320/0x480
[  323.757400]  anon_vma_fork+0xfc/0x4a0
[  323.761209]  ? dup_userfaultfd+0x15e/0x6c0
[  323.765450]  ? memcpy+0x46/0x50
[  323.768745]  copy_process.part.0+0x34e5/0x7a30
[  323.773373]  ? __cleanup_sighand+0x70/0x70
[  323.777628]  ? lock_downgrade+0x880/0x880
[  323.781802]  ? kasan_check_write+0x14/0x20
[  323.786043]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  323.790913]  _do_fork+0x257/0xfd0
[  323.794382]  ? fork_idle+0x1d0/0x1d0
[  323.798119]  ? fput+0x128/0x1a0
[  323.801433]  ? ksys_write+0x1f1/0x2d0
[  323.805250]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  323.810020]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  323.814816]  ? do_syscall_64+0x26/0x620
[  323.818809]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  323.824179]  ? do_syscall_64+0x26/0x620
[  323.828163]  __x64_sys_clone+0xbf/0x150
[  323.832151]  do_syscall_64+0xfd/0x620
[  323.835988]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  323.841204] RIP: 0033:0x459a59
[  323.844410] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  323.863319] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  323.871048] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  323.878324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  323.885607] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  323.892884] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
22:37:16 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x11]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:17 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x20000000000000, 0x0, 0x0, 0x0, 0x0)

22:37:17 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:17 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
flock(r2, 0xd)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

[  323.900169] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  323.951100] x86/PAT: syz-executor.2:27782 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  323.985464] x86/PAT: syz-executor.2:27782 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:17 executing program 2 (fault-call:9 fault-nth:55):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:17 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x60]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  324.047777] x86/PAT: syz-executor.4:27868 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:17 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x500}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:17 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0xfc]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  324.183675] x86/PAT: syz-executor.2:27888 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  324.252001] FAULT_INJECTION: forcing a failure.
[  324.252001] name failslab, interval 1, probability 0, space 0, times 0
[  324.292998] x86/PAT: syz-executor.4:27862 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  324.334364] CPU: 1 PID: 28059 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  324.341346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  324.350707] Call Trace:
[  324.353319]  dump_stack+0x172/0x1f0
[  324.356966]  should_fail.cold+0xa/0x1b
[  324.360870]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  324.365983]  ? lock_downgrade+0x880/0x880
[  324.370151]  __should_failslab+0x121/0x190
[  324.374398]  should_failslab+0x9/0x14
[  324.378206]  kmem_cache_alloc+0x2ae/0x700
[  324.382356]  ? anon_vma_clone+0x320/0x480
[  324.386515]  anon_vma_fork+0x1ea/0x4a0
[  324.390415]  ? dup_userfaultfd+0x15e/0x6c0
[  324.394663]  copy_process.part.0+0x34e5/0x7a30
[  324.399276]  ? __cleanup_sighand+0x70/0x70
[  324.403510]  ? lock_downgrade+0x880/0x880
[  324.407673]  ? kasan_check_write+0x14/0x20
[  324.411908]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  324.416779]  _do_fork+0x257/0xfd0
[  324.420257]  ? fork_idle+0x1d0/0x1d0
[  324.423976]  ? fput+0x128/0x1a0
[  324.427257]  ? ksys_write+0x1f1/0x2d0
[  324.431066]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  324.435834]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  324.440608]  ? do_syscall_64+0x26/0x620
[  324.444588]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  324.444603]  ? do_syscall_64+0x26/0x620
[  324.444621]  __x64_sys_clone+0xbf/0x150
[  324.444638]  do_syscall_64+0xfd/0x620
[  324.453965]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  324.466885] RIP: 0033:0x459a59
22:37:17 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:17 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x0, 0x0)
setsockopt$inet6_dccp_buf(r0, 0x21, 0x2, &(0x7f0000000240)="a8739d1da749c4d48bbbd126fb10bb3b1061c92575f5078640e95ad7ff16e8d822ef85cb3b9eea748c4758fa1c82900672a990a944452d78a6ce3dcdd1363e181c8a8928344defdb69e5b1c5a7880532ac95de721bdde5281235ed577fc5b59f5d42eb6f9cb1ee96e50d1c20458f3b7fc038c3d0038c967cf62e4f8d36325c5832494fa6f036a2d24a5f78f11ac4d58b237ae5d614e99cd5cfe79ad4a07a3d5a007153b99762c0b27e5e644645757a0de5dd59a1ab4b92ae2fb3d52e12957024730b09a3dd579aefc4a11660b73a940ebc4705705f07d229fa", 0xd9)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x0, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f00000000c0), 0x0, 0x8004)
r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r3, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
ioctl$VT_RESIZE(r2, 0x5609, &(0x7f00000000c0)={0x401, 0xd28c})
open(0x0, 0x141042, 0x0)

[  324.470084] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  324.488997] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  324.496726] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  324.504008] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  324.511289] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  324.514545] x86/PAT: syz-executor.4:27862 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  324.518574] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
22:37:17 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  324.518583] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:17 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x30000000000000, 0x0, 0x0, 0x0, 0x0)

22:37:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:17 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x600}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  324.657112] x86/PAT: syz-executor.2:28059 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  324.674034] x86/PAT: syz-executor.2:28059 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:17 executing program 2 (fault-call:9 fault-nth:56):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:17 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:17 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:18 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x700}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  324.824140] x86/PAT: syz-executor.4:28207 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  324.871254] x86/PAT: syz-executor.2:28223 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  324.949136] FAULT_INJECTION: forcing a failure.
[  324.949136] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  324.970438] x86/PAT: syz-executor.4:28194 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:18 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:18 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  325.010181] x86/PAT: syz-executor.4:28194 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  325.042185] CPU: 1 PID: 28303 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  325.049167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  325.058969] Call Trace:
[  325.061575]  dump_stack+0x172/0x1f0
[  325.065224]  should_fail.cold+0xa/0x1b
[  325.069132]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  325.074253]  ? __might_sleep+0x95/0x190
[  325.078249]  __alloc_pages_nodemask+0x1ee/0x750
[  325.082938]  ? __alloc_pages_slowpath+0x2870/0x2870
[  325.087969]  ? save_stack+0x45/0xd0
[  325.091611]  ? kasan_kmalloc+0xce/0xf0
[  325.095509]  ? kasan_slab_alloc+0xf/0x20
[  325.099585]  ? __lock_acquire+0x6ee/0x49c0
[  325.103834]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  325.109421]  alloc_pages_current+0x107/0x210
[  325.113858]  pte_alloc_one+0x1b/0x1a0
[  325.117684]  copy_huge_pmd+0x7d/0x620
[  325.121498]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  325.127052]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  325.132649]  copy_page_range+0x7a1/0x1f90
[  325.136899]  ? anon_vma_fork+0x371/0x4a0
[  325.140997]  ? find_held_lock+0x35/0x130
[  325.145069]  ? anon_vma_fork+0x371/0x4a0
[  325.145093]  ? vma_compute_subtree_gap+0x158/0x230
[  325.145111]  ? vma_gap_callbacks_rotate+0x62/0x80
[  325.154126]  ? pmd_alloc+0x180/0x180
[  325.162658]  ? __vma_link_rb+0x279/0x370
[  325.166746]  copy_process.part.0+0x543d/0x7a30
[  325.171373]  ? __cleanup_sighand+0x70/0x70
[  325.175629]  ? lock_downgrade+0x880/0x880
[  325.179810]  ? kasan_check_write+0x14/0x20
[  325.184062]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  325.188973]  _do_fork+0x257/0xfd0
[  325.192451]  ? fork_idle+0x1d0/0x1d0
[  325.196184]  ? fput+0x128/0x1a0
[  325.199490]  ? ksys_write+0x1f1/0x2d0
[  325.203337]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  325.208126]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  325.212906]  ? do_syscall_64+0x26/0x620
[  325.216903]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  325.222289]  ? do_syscall_64+0x26/0x620
[  325.226289]  __x64_sys_clone+0xbf/0x150
[  325.230286]  do_syscall_64+0xfd/0x620
[  325.234106]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  325.239308] RIP: 0033:0x459a59
[  325.242509] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
22:37:18 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x5]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:18 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:18 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:18 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x40000000000000, 0x0, 0x0, 0x0, 0x0)

22:37:18 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  325.261417] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  325.269140] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  325.269148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  325.269154] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  325.269162] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  325.269169] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:18 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x6]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:18 executing program 2 (fault-call:9 fault-nth:57):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:18 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0xa00}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  325.293914] x86/PAT: syz-executor.2:28303 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  325.330372] x86/PAT: syz-executor.2:28303 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  325.384138] x86/PAT: syz-executor.4:28348 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  325.532032] x86/PAT: syz-executor.2:28391 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:18 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x4800}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:18 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  325.587141] FAULT_INJECTION: forcing a failure.
[  325.587141] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  325.619345] x86/PAT: syz-executor.4:28348 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:18 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x7]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  325.669759] CPU: 0 PID: 28537 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  325.676741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  325.686100] Call Trace:
[  325.686123]  dump_stack+0x172/0x1f0
[  325.686145]  should_fail.cold+0xa/0x1b
[  325.686162]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  325.686181]  ? __might_sleep+0x95/0x190
[  325.686199]  __alloc_pages_nodemask+0x1ee/0x750
[  325.692406]  ? __alloc_pages_slowpath+0x2870/0x2870
[  325.715006]  ? save_stack+0x45/0xd0
[  325.718647]  ? kasan_kmalloc+0xce/0xf0
[  325.722541]  ? kasan_slab_alloc+0xf/0x20
[  325.726646]  ? __lock_acquire+0x6ee/0x49c0
[  325.730888]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  325.736438]  alloc_pages_current+0x107/0x210
[  325.740859]  pte_alloc_one+0x1b/0x1a0
[  325.744687]  copy_huge_pmd+0x7d/0x620
[  325.747441] x86/PAT: syz-executor.4:28348 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  325.748495]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  325.748508]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  325.748525]  copy_page_range+0x7a1/0x1f90
[  325.772401]  ? anon_vma_fork+0x371/0x4a0
[  325.776490]  ? find_held_lock+0x35/0x130
[  325.780555]  ? anon_vma_fork+0x371/0x4a0
[  325.784626]  ? vma_compute_subtree_gap+0x158/0x230
[  325.789571]  ? vma_gap_callbacks_rotate+0x62/0x80
[  325.794431]  ? pmd_alloc+0x180/0x180
[  325.798162]  ? __vma_link_rb+0x279/0x370
[  325.802245]  copy_process.part.0+0x543d/0x7a30
[  325.806861]  ? __cleanup_sighand+0x70/0x70
[  325.811108]  ? lock_downgrade+0x880/0x880
[  325.815272]  ? kasan_check_write+0x14/0x20
22:37:18 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007f, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000a40)={{{@in=@broadcast, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@remote}}, &(0x7f0000000440)=0xe8)
mount$overlay(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='overlay\x00', 0x0, &(0x7f0000000b40)={[{@nfs_export_on='nfs_export=on'}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on='xino=on'}, {@xino_on='xino=on'}, {@default_permissions='default_permissions'}, {@index_off='index=off'}, {@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on='xino=on'}, {@redirect_dir={'redirect_dir', 0x3d, './file0'}}], [{@defcontext={'defcontext', 0x3d, 'user_u'}}, {@audit='audit'}, {@subj_role={'subj_role', 0x3d, 'cgroup2\x00'}}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@euid_lt={'euid<', r5}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'cgroup2\x00'}}, {@fsname={'fsname'}}, {@appraise='appraise'}, {@pcr={'pcr', 0x3d, 0x3f}}, {@smackfsroot={'smackfsroot'}}]})
setsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000180)={0x1, 0x7, 0x2, 0x1}, 0x8)
ioctl$FIBMAP(r2, 0x1, &(0x7f00000000c0)=0x800)
r6 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
connect(r6, &(0x7f0000000240)=@nl=@unspec, 0x80)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f00000002c0), &(0x7f0000000300)=0x4)

[  325.819521]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  325.824390]  _do_fork+0x257/0xfd0
[  325.827858]  ? fork_idle+0x1d0/0x1d0
[  325.831584]  ? fput+0x128/0x1a0
[  325.834874]  ? ksys_write+0x1f1/0x2d0
[  325.838691]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  325.843464]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  325.848232]  ? do_syscall_64+0x26/0x620
[  325.852217]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  325.857598]  ? do_syscall_64+0x26/0x620
[  325.861588]  __x64_sys_clone+0xbf/0x150
[  325.865586]  do_syscall_64+0xfd/0x620
22:37:19 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x8]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  325.869410]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  325.874608] RIP: 0033:0x459a59
[  325.877814] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  325.897421] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  325.905150] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  325.912438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
22:37:19 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x6b6b6b00000000, 0x0, 0x0, 0x0, 0x0)

[  325.919724] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  325.926998] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  325.934266] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:19 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x4c00}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  325.962634] x86/PAT: syz-executor.2:28537 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:19 executing program 2 (fault-call:9 fault-nth:58):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  326.030839] x86/PAT: syz-executor.2:28537 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  326.048524] x86/PAT: syz-executor.4:28590 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  326.056413] overlayfs: unrecognized mount option "audit" or missing value
22:37:19 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x9]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  326.201698] x86/PAT: syz-executor.4:28589 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:19 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x6800}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:19 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000002c0)={0x3, [0xff, 0x28, 0x6]}, &(0x7f0000000300)=0xa)
getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=<r3=>0x0, &(0x7f00000000c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000240)={r3, 0x77, "a742db34a7533a3572e20735833dacaad7ccd51cc91bd9de69b69ab23dcb684fd0198274ace0982f25972b6516735ab1c9514058c977fc251483a6e1c945404d1963542f9b1398b360b0fd8f5d5878412063da7106f66c2649750f49a36fced93961b6b716951d8f7044ee89b3948f1cdaf5d42400ecc7"}, &(0x7f0000000180)=0x7f)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f0000000380)=[{&(0x7f0000000b40)=""/4096, 0x1000}], 0x1, 0x0)
open(0x0, 0x141042, 0x0)

[  326.247586] x86/PAT: syz-executor.4:28589 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  326.275411] x86/PAT: syz-executor.2:28802 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:19 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x70010100000000, 0x0, 0x0, 0x0, 0x0)

[  326.310785] FAULT_INJECTION: forcing a failure.
[  326.310785] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  326.381536] CPU: 1 PID: 28802 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  326.388512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  326.397876] Call Trace:
[  326.400480]  dump_stack+0x172/0x1f0
[  326.404125]  should_fail.cold+0xa/0x1b
[  326.408038]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  326.413161]  ? __might_sleep+0x95/0x190
[  326.417152]  __alloc_pages_nodemask+0x1ee/0x750
[  326.421829]  ? copy_huge_pmd+0x415/0x620
[  326.425905]  ? __alloc_pages_slowpath+0x2870/0x2870
[  326.430939]  ? lock_downgrade+0x880/0x880
[  326.435096]  ? pmd_pfn+0x12e/0x1d0
[  326.438649]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  326.444195]  alloc_pages_current+0x107/0x210
[  326.448613]  pte_alloc_one+0x1b/0x1a0
[  326.452434]  __pte_alloc+0x2a/0x360
[  326.456070]  copy_page_range+0x151f/0x1f90
[  326.460313]  ? anon_vma_fork+0x371/0x4a0
[  326.464387]  ? find_held_lock+0x35/0x130
[  326.468459]  ? anon_vma_fork+0x371/0x4a0
[  326.472531]  ? vma_compute_subtree_gap+0x158/0x230
[  326.477489]  ? vma_gap_callbacks_rotate+0x62/0x80
[  326.482344]  ? pmd_alloc+0x180/0x180
[  326.486066]  ? __vma_link_rb+0x279/0x370
[  326.490140]  copy_process.part.0+0x543d/0x7a30
[  326.494760]  ? __cleanup_sighand+0x70/0x70
[  326.499003]  ? lock_downgrade+0x880/0x880
[  326.503147]  ? kasan_check_write+0x14/0x20
[  326.507380]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  326.512235]  _do_fork+0x257/0xfd0
[  326.515703]  ? fork_idle+0x1d0/0x1d0
[  326.519429]  ? fput+0x128/0x1a0
[  326.520785] x86/PAT: syz-executor.4:28919 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  326.522715]  ? ksys_write+0x1f1/0x2d0
[  326.522740]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  326.539921]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  326.544674]  ? do_syscall_64+0x26/0x620
[  326.548644]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  326.553996]  ? do_syscall_64+0x26/0x620
[  326.557967]  __x64_sys_clone+0xbf/0x150
[  326.561936]  do_syscall_64+0xfd/0x620
[  326.565734]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  326.570910] RIP: 0033:0x459a59
[  326.574095] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  326.593000] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  326.600698] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  326.607954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  326.615210] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  326.622469] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
22:37:19 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
open(&(0x7f0000000280)='./file0\x00', 0x20881, 0x15)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0}, 0x80000000}], 0x1, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)
r2 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
r3 = dup(r2)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00')
r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x0, 0x0)
lseek(r5, 0x0, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r5, 0x4008ae48, 0x0)
sendmsg$TIPC_CMD_DISABLE_BEARER(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000090}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r4, 0xd771fe8bd7ab8370, 0x70bd2a, 0x25dfdbfc, {{}, 0x0, 0x4102, 0x0, {0x14, 0x13, @l2={'ib', 0x3a, 'bond_slave_1\x00'}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x30, r4, 0x20, 0x70bd28, 0x25dfdbff, {{}, 0x0, 0xb, 0x0, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40000e1}, 0x428e1)

22:37:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:19 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x6c00}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:19 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0xa]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  326.629734] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:20 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0xf]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  326.868558] x86/PAT: syz-executor.2:28802 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:20 executing program 2 (fault-call:9 fault-nth:59):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:20 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x7400}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:20 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  326.910044] x86/PAT: syz-executor.2:28802 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  326.943629] x86/PAT: syz-executor.4:28834 freeing invalid memtype [mem 0x00000000-0x00000fff]
22:37:20 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x10]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  327.022297] x86/PAT: syz-executor.4:28834 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:20 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x7a00}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  327.125530] x86/PAT: syz-executor.2:29152 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  327.158335] FAULT_INJECTION: forcing a failure.
[  327.158335] name failslab, interval 1, probability 0, space 0, times 0
[  327.204091] CPU: 0 PID: 29152 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  327.211075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  327.220455] Call Trace:
[  327.223068]  dump_stack+0x172/0x1f0
[  327.226724]  should_fail.cold+0xa/0x1b
[  327.230642]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  327.235771]  ? lock_downgrade+0x880/0x880
[  327.239953]  __should_failslab+0x121/0x190
[  327.244235]  should_failslab+0x9/0x14
[  327.248054]  kmem_cache_alloc+0x2ae/0x700
[  327.252226]  ? pmd_pfn+0x12e/0x1d0
[  327.252244]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  327.261415]  ptlock_alloc+0x20/0x70
[  327.261433]  pte_alloc_one+0x6d/0x1a0
[  327.261450]  __pte_alloc+0x2a/0x360
[  327.272481]  copy_page_range+0x151f/0x1f90
[  327.276728]  ? anon_vma_fork+0x371/0x4a0
[  327.280815]  ? find_held_lock+0x35/0x130
[  327.284894]  ? anon_vma_fork+0x371/0x4a0
[  327.288981]  ? vma_compute_subtree_gap+0x158/0x230
[  327.293933]  ? vma_gap_callbacks_rotate+0x62/0x80
[  327.298796]  ? pmd_alloc+0x180/0x180
[  327.302530]  ? __vma_link_rb+0x279/0x370
[  327.306609]  copy_process.part.0+0x543d/0x7a30
[  327.311227]  ? __cleanup_sighand+0x70/0x70
[  327.315471]  ? lock_downgrade+0x880/0x880
[  327.319626]  ? kasan_check_write+0x14/0x20
[  327.323855]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  327.328691]  _do_fork+0x257/0xfd0
[  327.332192]  ? fork_idle+0x1d0/0x1d0
[  327.335904]  ? fput+0x128/0x1a0
[  327.339185]  ? ksys_write+0x1f1/0x2d0
[  327.344373]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  327.349157]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  327.353900]  ? do_syscall_64+0x26/0x620
[  327.357865]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  327.363214]  ? do_syscall_64+0x26/0x620
[  327.367176]  __x64_sys_clone+0xbf/0x150
[  327.371184]  do_syscall_64+0xfd/0x620
[  327.374971]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  327.380150] RIP: 0033:0x459a59
[  327.383330] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
22:37:20 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0xf0a6aed47f0000, 0x0, 0x0, 0x0, 0x0)

22:37:20 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1, @rand_addr="b048b730810a463c6b57b0ef132d708a"}, 0x1c)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000000), &(0x7f00000000c0)=0x4)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:20 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x11]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:20 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x100000}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  327.402219] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  327.409960] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  327.417220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  327.424480] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  327.431760] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  327.439043] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:20 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  327.464824] x86/PAT: syz-executor.2:29152 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  327.473628] x86/PAT: syz-executor.2:29152 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:20 executing program 2 (fault-call:9 fault-nth:60):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  327.569903] x86/PAT: syz-executor.4:29173 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:20 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0xf0ff7f}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:20 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x60]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:20 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  327.729567] x86/PAT: syz-executor.4:29168 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  327.747889] x86/PAT: syz-executor.2:29333 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  327.774834] x86/PAT: syz-executor.4:29168 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  327.817687] FAULT_INJECTION: forcing a failure.
[  327.817687] name failslab, interval 1, probability 0, space 0, times 0
22:37:21 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
shutdown(r1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r2, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154, 0x9a}, {&(0x7f00000003c0)=""/68, 0x44}, {&(0x7f00000005c0)=""/214, 0xd6}, {&(0x7f00000006c0)=""/194, 0xc2}, {&(0x7f0000000240)=""/146, 0x92}, {&(0x7f0000000880)=""/144, 0x90}, {&(0x7f0000000480)=""/13, 0xd}, {&(0x7f0000000940)=""/71, 0x47}], 0x8, 0x0)
r3 = dup(r0)
mknodat(r3, &(0x7f0000000000)='./file0\x00', 0x26a5fcbb91795d9, 0x1)
open(0x0, 0x141042, 0x0)

22:37:21 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x100000000000000, 0x0, 0x0, 0x0, 0x0)

22:37:21 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x1000000}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:21 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfc]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  327.905157] CPU: 0 PID: 29333 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  327.912137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  327.921503] Call Trace:
[  327.924110]  dump_stack+0x172/0x1f0
[  327.927764]  should_fail.cold+0xa/0x1b
[  327.931679]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  327.936809]  ? lock_downgrade+0x880/0x880
[  327.940978]  __should_failslab+0x121/0x190
[  327.945223]  should_failslab+0x9/0x14
[  327.945238]  kmem_cache_alloc+0x2ae/0x700
22:37:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  327.945251]  ? pmd_alloc+0x180/0x180
[  327.945274]  vm_area_dup+0x21/0x170
[  327.953231]  copy_process.part.0+0x3407/0x7a30
[  327.965153]  ? __cleanup_sighand+0x70/0x70
[  327.969394]  ? lock_downgrade+0x880/0x880
[  327.973560]  ? kasan_check_write+0x14/0x20
[  327.977802]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  327.982659]  _do_fork+0x257/0xfd0
[  327.986131]  ? fork_idle+0x1d0/0x1d0
[  327.989853]  ? fput+0x128/0x1a0
[  327.993147]  ? ksys_write+0x1f1/0x2d0
[  327.996962]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  328.001717]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  328.001732]  ? do_syscall_64+0x26/0x620
[  328.001750]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  328.015820]  ? do_syscall_64+0x26/0x620
[  328.019818]  __x64_sys_clone+0xbf/0x150
[  328.023822]  do_syscall_64+0xfd/0x620
[  328.023841]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  328.023856] RIP: 0033:0x459a59
[  328.036011] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  328.054929] RSP: 002b:00007fae07356c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  328.062652] RAX: ffffffffffffffda RBX: 00007fae07356c90 RCX: 0000000000459a59
[  328.069935] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  328.077220] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  328.084508] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073576d4
[  328.091787] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
22:37:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  328.167682] x86/PAT: syz-executor.4:29409 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:21 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

[  328.280227] x86/PAT: syz-executor.2:29333 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  328.282748] x86/PAT: syz-executor.4:29406 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  328.336213] x86/PAT: syz-executor.4:29406 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  328.363408] x86/PAT: syz-executor.2:29333 freeing invalid memtype [mem 0x00002000-0x00002fff]
22:37:21 executing program 2 (fault-call:9 fault-nth:61):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

22:37:21 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x2000000}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

22:37:21 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xfff, 0x101081)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f00000000c0)={0x0, 0x6, 0xff})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
r2 = inotify_init1(0x80000)
preadv(r2, &(0x7f00000009c0), 0x2a9, 0x3)
open(0x0, 0x141042, 0x0)

22:37:21 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x2]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

22:37:21 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_UNALIGN(0x5, &(0x7f0000000080))
ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='mem\x00\x00\x00\x00\x00\x00<s\x8c\')tU\x19\x9a)S\xa7b\xce\xd8\xde\x95\xf6\xc3\\n\xc1\xa2)o\xee\x97\xdf\xe9\xf3\xfdJ\xe8`7iY\x86~\xd8\xecy\xc00.\x90\xfc\xac\xa0\xb8\x1d\x1a\x7f\xec\xea\np\xb4\xd5l\xb5\xc3\xc7w%\x16a~]P\x04\xc7 \xf7\x92\x8b\x8f\x9d&\\\xf9\xa3\x96G<\xd4\x80\x16/\x81\xe7(\x8b\xde9]\xaf\xbc\xb0\r}Ne\xfaX\xb0\x8a\xbd\x1d\xfc\xd4\x91\x95\x00\v\x14a0_\xd9\x1f\xc7\xb5\xc3FS\x16\x03~\xbbc*\xa3\xab`\x06\xf0\xbc\xacJY\xe7\xb2\x8cw\xa4U.\xa4\xe2u\x1d!jVL}#O\t\xb2`\x0e\xe9\xc6*\xf7\xf8Uh\x8e\x01\xf1b\xf5;\x8a\x17\x9a\x0fq\x01\x91pSR\x82-H\n\x1fP\xb6*\xc9\xfd\x89\xb5\x7f\x87m\"\xaa\xce\xed\a\xf2\xfd<\x10\xb8\xcf\xfac\xcc\x0f\xd2\xdd\xcd#8\"\x8b\xf2\xccA\v\xdf\xf5\x8d\xa5-\x02\xaa|\xdd\xd0az\xc8,)\xedf\x89x>\a\x13', 0x275a, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffb000/0x1000)=nil)
clone(0x200000000000000, 0x0, 0x0, 0x0, 0x0)

22:37:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:21 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000003c0)=""/68, 0x44}, {0x0, 0x3000000}, {&(0x7f00000006c0)=""/194, 0xc2}, {0x0}, {0x0}, {0x0}], 0x7, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
fsync(0xffffffffffffffff)

[  328.580884] x86/PAT: syz-executor.4:29649 freeing invalid memtype [mem 0x00001000-0x00001fff]
[  328.595594] x86/PAT: syz-executor.2:29664 freeing invalid memtype [mem 0x00001000-0x00001fff]
22:37:21 executing program 3:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x400, 0x0, 0x0, 0x0, 0x0, 0x800000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000001c0)=@ipx, 0x80, 0x0, 0x0, 0x0, 0x69e}}], 0x0, 0x0, 0x0)
preadv(r1, &(0x7f00000009c0)=[{&(0x7f0000000500)=""/154}, {&(0x7f00000003c0)=""/68}, {&(0x7f00000005c0)=""/214}, {&(0x7f00000006c0)=""/194}, {&(0x7f00000007c0)=""/146}, {&(0x7f0000000880)=""/144}, {&(0x7f0000000480)=""/13}, {&(0x7f0000000940)=""/71}], 0x2a9, 0x0)
open(0x0, 0x141042, 0x0)

22:37:21 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x380000, @ipv4}, 0x1c)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@local={0xfe, 0x80, [0xa4ffffff]}}, &(0x7f00000004c0)=0x20)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, &(0x7f0000000000)=0xffffffffffffffff, 0x11e)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)

22:37:21 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  328.662652] FAULT_INJECTION: forcing a failure.
[  328.662652] name failslab, interval 1, probability 0, space 0, times 0
[  328.745655] CPU: 0 PID: 29768 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  328.752659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  328.762029] Call Trace:
[  328.764642]  dump_stack+0x172/0x1f0
[  328.768297]  should_fail.cold+0xa/0x1b
[  328.772165] x86/PAT: syz-executor.4:29645 freeing invalid memtype [mem 0x00000000-0x00000fff]
[  328.772212]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  328.786077]  ? lock_downgrade+0x880/0x880
[  328.790253]  __should_failslab+0x121/0x190
[  328.794517]  should_failslab+0x9/0x14
[  328.798332]  kmem_cache_alloc_trace+0x2cc/0x760
[  328.803014]  ? __init_cache_modes+0x260/0x260
[  328.807386] x86/PAT: syz-executor.4:29645 freeing invalid memtype [mem 0x00002000-0x00002fff]
[  328.807528]  ? follow_phys+0x276/0x360
[  328.807548]  reserve_memtype+0x1e1/0x880
[  328.824176]  ? lock_downgrade+0x880/0x880
[  328.828345]  ? pat_init+0x4b0/0x4b0
[  328.831989]  ? __init_cache_modes+0x260/0x260
[  328.836502]  ? do_raw_spin_unlock+0x57/0x270
[  328.840934]  reserve_pfn_range+0x1b3/0x500
[  328.845191]  ? arch_io_reserve_memtype_wc+0xa0/0xa0
[  328.850222]  ? save_stack+0x45/0xd0
[  328.853865]  ? kasan_slab_alloc+0xf/0x20
[  328.857938]  ? kmem_cache_alloc+0x12e/0x700
[  328.862266]  ? vm_area_dup+0x21/0x170
[  328.866075]  ? copy_process.part.0+0x3407/0x7a30
[  328.870839]  ? _do_fork+0x257/0xfd0
[  328.874477]  ? __x64_sys_clone+0xbf/0x150
[  328.878651]  track_pfn_copy+0x196/0x1e0
[  328.882632]  ? reserve_pfn_range+0x500/0x500
[  328.887053]  ? get_mem_cgroup_from_mm+0x139/0x320
[  328.891934]  copy_page_range+0x15f6/0x1f90
22:37:22 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  328.896188]  ? copy_process.part.0+0x30f9/0x7a30
[  328.900960]  ? find_held_lock+0x35/0x130
[  328.905041]  ? vma_compute_subtree_gap+0x158/0x230
[  328.909989]  ? vma_gap_callbacks_rotate+0x62/0x80
[  328.914848]  ? pmd_alloc+0x180/0x180
[  328.918580]  ? __vma_link_rb+0x279/0x370
[  328.922661]  copy_process.part.0+0x543d/0x7a30
[  328.927281]  ? __cleanup_sighand+0x70/0x70
[  328.931524]  ? lock_downgrade+0x880/0x880
[  328.935721]  ? kasan_check_write+0x14/0x20
[  328.939964]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  328.944826]  _do_fork+0x257/0xfd0
[  328.948295]  ? fork_idle+0x1d0/0x1d0
[  328.952023]  ? fput+0x128/0x1a0
[  328.955315]  ? ksys_write+0x1f1/0x2d0
[  328.959128]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  328.963894]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  328.968660]  ? do_syscall_64+0x26/0x620
[  328.972645]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  328.978019]  ? do_syscall_64+0x26/0x620
[  328.982010]  __x64_sys_clone+0xbf/0x150
[  328.986003]  do_syscall_64+0xfd/0x620
[  328.989819]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
22:37:22 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071")
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet6(r1, &(0x7f0000006bc0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x5]}, 0x3}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)='/', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c, &(0x7f0000002480), 0x0, 0xffffffffffffffff}}], 0x2, 0x40)

[  328.995102] RIP: 0033:0x459a59
[  328.998318] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  329.017247] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  329.024981] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  329.032288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  329.039577] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  329.039590] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  329.054135] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  329.079928] WARNING: CPU: 0 PID: 29768 at arch/x86/mm/pat.c:1064 untrack_pfn+0x25c/0x2a0
[  329.088212] Kernel panic - not syncing: panic_on_warn set ...
[  329.088212] 
[  329.088768] kobject: 'loop0' (0000000049d436d4): kobject_uevent_env
[  329.095602] CPU: 0 PID: 29768 Comm: syz-executor.2 Not tainted 4.19.79 #0
[  329.095611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  329.095616] Call Trace:
[  329.095642]  dump_stack+0x172/0x1f0
[  329.095662]  panic+0x263/0x507
[  329.095676]  ? __warn_printk+0xf3/0xf3
[  329.095698]  ? untrack_pfn+0x25c/0x2a0
[  329.095714]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  329.095727]  ? __warn.cold+0x5/0x4a
[  329.095746]  ? untrack_pfn+0x25c/0x2a0
[  329.104181] kobject: 'loop0' (0000000049d436d4): fill_kobj_path: path = '/devices/virtual/block/loop0'
[  329.109092]  __warn.cold+0x20/0x4a
[  329.109109]  ? untrack_pfn+0x25c/0x2a0
[  329.109125]  report_bug+0x263/0x2b0
[  329.109209]  do_error_trap+0x204/0x360
[  329.109228]  ? math_error+0x340/0x340
[  329.143212] kobject: 'loop3' (000000009e3f22e7): kobject_uevent_env
[  329.145079]  ? kasan_check_read+0x11/0x20
[  329.145096]  ? do_raw_spin_unlock+0x57/0x270
[  329.145111]  ? error_entry+0x7c/0xe0
[  329.145127]  ? trace_hardirqs_off_caller+0x65/0x220
[  329.145144]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  329.145162]  do_invalid_op+0x1b/0x20
[  329.145176]  invalid_op+0x14/0x20
[  329.151306] kobject: 'loop3' (000000009e3f22e7): fill_kobj_path: path = '/devices/virtual/block/loop3'
[  329.158559] RIP: 0010:untrack_pfn+0x25c/0x2a0
[  329.158573] Code: 00 00 00 00 48 8b 45 d0 65 48 33 04 25 28 00 00 00 75 28 48 81 c4 88 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 64 af 3a 00 <0f> 0b eb b3 48 89 df e8 88 44 71 00 e9 b0 fe ff ff e8 5e 20 0e 00
[  329.158580] RSP: 0018:ffff88808bcb78a0 EFLAGS: 00010246
[  329.158592] RAX: 0000000000040000 RBX: ffff88809f80a358 RCX: ffffc9000a492000
[  329.158599] RDX: 0000000000040000 RSI: ffffffff8130cb1c RDI: 0000000000000005
[  329.158607] RBP: ffff88808bcb7950 R08: ffff88805a5e6380 R09: ffffed10154740a6
[  329.158614] R10: ffffed10154740a5 R11: ffff8880aa3a052b R12: 1ffff11011796f15
[  329.158621] R13: 00000000ffffffea R14: 0000000000000000 R15: ffff88808bcb7928
[  329.158643]  ? untrack_pfn+0x25c/0x2a0
[  329.158663]  ? track_pfn_insert+0x180/0x180
[  329.158678]  ? vm_normal_page_pmd+0x400/0x400
[  329.158696]  ? kasan_check_read+0x11/0x20
[  329.158711]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  329.158728]  ? uprobe_munmap+0xad/0x2b0
[  329.313903]  unmap_single_vma+0x1c2/0x300
[  329.318043]  unmap_vmas+0xae/0x180
[  329.321573]  exit_mmap+0x2c2/0x530
[  329.325112]  ? __ia32_sys_munmap+0x80/0x80
[  329.329360]  ? __khugepaged_exit+0x2da/0x400
[  329.333806]  ? rcu_read_lock_sched_held+0x110/0x130
[  329.338812]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  329.344345]  ? __khugepaged_exit+0xcf/0x400
[  329.348661]  mmput+0x15f/0x4c0
[  329.351843]  copy_process.part.0+0x5aaf/0x7a30
[  329.356426]  ? __cleanup_sighand+0x70/0x70
[  329.360643]  ? lock_downgrade+0x880/0x880
[  329.364794]  ? kasan_check_write+0x14/0x20
[  329.369023]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  329.373849]  _do_fork+0x257/0xfd0
[  329.377287]  ? fork_idle+0x1d0/0x1d0
[  329.380991]  ? fput+0x128/0x1a0
[  329.384260]  ? ksys_write+0x1f1/0x2d0
[  329.388055]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  329.392795]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  329.397537]  ? do_syscall_64+0x26/0x620
[  329.401494]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  329.406849]  ? do_syscall_64+0x26/0x620
[  329.410827]  __x64_sys_clone+0xbf/0x150
[  329.414804]  do_syscall_64+0xfd/0x620
[  329.418602]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  329.423784] RIP: 0033:0x459a59
[  329.426973] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  329.445873] RSP: 002b:00007fae07335c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  329.453579] RAX: ffffffffffffffda RBX: 00007fae07335c90 RCX: 0000000000459a59
[  329.460841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  329.468095] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  329.475354] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fae073366d4
[  329.482613] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000005
[  329.491321] Kernel Offset: disabled
[  329.495036] Rebooting in 86400 seconds..