63f8214286d15a5f87320bf4f70654dfa55f83ac04b392f1468f86e928246901d0be4144f3c57f693e7b99bcd31344305f1557129b372af9d009eadbacd22be5a160883f32f7d95e528a2a6d21a29a9fdc923a4d538234d799048d619ed262fd2406cf69ead32bc1f2e1672e550c3fd40804b2c864d9eea76463087e97098fd96bf339456161a9ccf3b4a87a8c4c271169eacf63a9313f899b0c1687a2dbdf2e14ffb49f6ad0f5c1c35ebc16720b86ab23171ee3cc2334ff1654ae2e4a67b856a18aed7a32626ba04265ffe339156a68a062a427d752266a431c801476d54199f382957ca139e358d40597f4b51dba4ca898941ed7dd92db1c61f3a705d338c4aa23b078b9f9a8088cf255dc5ca72b1ec898ab7e8d2bbf25fa5edee7db7bf44337ae4a58e0ca22ead7c92ccde9de9de3fb7c368100a3940ee60889ab7fb834f4f7c2d3ba0c25d8974a05f812d4f4f6ab35d8213024e15ae59ffe88c87214fd65aa63017ffefb13a107e268a4fcad02c92ab645e27b5206ffc9ada284740d37c784afd257e5d256f5d70569b97266328f9aef569a9cb6d2f5ea58486eebd14f5db18e5eea554efe95948b7a45bb6901027bdee9d4d6835a303dd6512acaa748cf5abca9543226ac5b2d0381eb0d672aac52ed49b2d442439bf248b4dbc012642a6f1fadfd409cbeff6ee5f88abdb6b229de5d13f0769cc53634c077d1528f42c988b7b03d7dc54d8754ee4a5a68af1d40616d72c14c52e14ff1d6bf0b824f890551484012e0adb16bc98fc63e1e476869a304db693b925f7a4df965ddcdc4a441f72c5e59febbd971fc220f10e74a09e852c7187dc3e18944d38e85b9ccd48a6aa3672ab8018f30d227abe38fced6f492c53e1f062381ec6a208ecb80d955aed3777bfb49a7eacb356b635a75a7b84d96dcebc27d8f10cc26ffb1d1068b9e5bd3e0132e99927615257004c56a1186712befebcba26c9a1687aa21ed09282e5625093b38c4b7f2554d1194f4b6370a7b50c41d851e3e20de10ce258228f49d30969f9c22ab248e1f47509ab33117e733de152e83572e70165a0b857d9b569cd4d71992ec7ed16c5e9884e0d6f9dcd93a65d0979b8c60b2b453ec031c84b22105cedb5ed7a523b7f333b5e1b9e820eca83978056017751708047859943d136fd16bec38818c931eeb237fe5ee1afb88015cda9b4b26378186f5e3efc904e4201ea40c034fc2677bea0647396ae250f7f352f34ee5a7e3b0a53b30f683cf0bc31a2c410f86ffc0567cc4235d5cb56f67499a4fbdfd0bed4bf9a13df50eda2ddcbd3569b095cea367a8163ce7d4b5fb824991bc1143538aed6ba51408dd378f0eec1b8ef15bbaad803b2e6a12d6d9a62ae780eb4f1db426bef21efac41978b37ec20ff0a6656ae08526a51627def48f271ccb75f636cf51f773f9af9909af126744e55c6418e8962d15aad575db28f467af50a60367c3022b9c9c7ee61ba1912598852289fbdda31d0de1676dee29ebeccd58ac1511bbf77753e57c6abd7a0a8517174915f2b0a4341676fa60d451f3d589bfc90038f81968451ff3f7b7309a3e418a048ad8c8fb7518ebe42e4a31b4016070117ec49c1558bbdbdcf644ed21d9fd549b3361d645a51c7ebaf7349216643cbd311c78b2822fd0babd893b2a7a13b930b6ae17ebb7c6cde5d34d05f62437b5000c722e59b02cbc8ba4b291918a85ececf8e6c954d2cbcf83410788ac1e73a1a1599df78f4c99ea6bad3593b03f550e6efce688c59ee1e45d824539b1310115aeebc323f48bbcbc1666e73e5a92db0b0ceea49fc945671cf40e64f31b25838334d128167572bca4cfdcc27ef3475a9ca88beec81fb55778be21739c52ac1c766c92a7983a0e812ddc06e986e2b71c736cf4dec0364a06bea4703fabd5613e632c35dc6d2130ba8e11fc680c3afec8bca342a58f0a647800da00dae18419c49422219017397bafc8f4ef00b30c52b9c03bdef923f844188c61cd96ee65d9da036559fb5ad6ed5da994c85f2457f1e7d018f5b2990bd16d534090ab9426a27b6083dc01d44f7d4ebca1d59c51fa1632dbc1134c3495c59a32f3c50fa4f2898dd8e03bee8ead1587f6f079c4d6846f389fe2b0d08dc7e5b95e0db8f9eb031778ef5e2cf9e2760198832252912f679dee367f5f7181c75c33c2e90e3bad39dcdc7cc71e31f82ab6a11c30fcebac722a01af02262ce2c3f5addb1ed2a39c252e3edb77f7a992fecea77663724aec5fd17e2c7713081288bf25364403d5de1619d3e7e9632b9e123dbe006e3d79debe3ca623cf904eb4f34e46656397c79100929e2952a6aa68813601047fb02c7c82a9b249c6bc2d7dca5689813052dd2a9ee920126c50e0a51b7f97fdf8cc7b00e8fae0e15c7b5cabff0b03c494059cb1183d8ba799293ebab274268d474857ec2e54f405651ea4cacfb4863aa0d02fde05fb86b2fd4fe7e859ee71761ffa19ecc6dc86d274139db4d45231f6a1f7be66ecf89bf5c10f29931fe7b6741b96f4245526c0b9a5fc34e5aa3ccf8e566f6887439f52fe42e17ddb31f408cf67abafdd27cfb9c965add796dae676245d488587cae5cbb308a02dac2f5de00988547653cb7a3cadc85e806f31d0b304f8a8bc0c2d50e72d083a470cae457b4b9d3b322070f114d0c69e02f4d3895ab21ec33094f441cfeaf4e7b6c427bff316422606bad85b2f46a5417eca2de8aecf35e35c7f28af202eec7e54577c4b74559819e9cfe1bb5c9d073b1126ff222e4c7e38684062175e0d2728d88decb99915b10c01d7afe0ea2eea4ea8491f3a74f08e1229dc05f2f926370525de367f8d7b29a1832c30cfbbc281e663e02c627ad333a6d87fb6a0dfec3c6f7e64a221fbc6cf011c0668d4c8b4eb83a835647d3af704c73b1ac6d0875485a7d07462f8f97163f2b152ad767b14119f2613a0dc270c8467409266b5a899f5543c84ac52ed76ae221f09f6f385be63d93de581e8bbfdc2823f897b44598acac240f670ca63d55789d813aa1b87667c89bc1e58d2086449d8d86c0d4d6debff08862dab84959baefa7fa2bf05f0d21111da7ac9c58b01f8e5b23be91726973e5ed46d98d55f024180dfac40a6cb9731f490dd16a171b8596df7ffd9c5a3460032d93354bd329c79f807268d184b2dad75dddbdc232efcad789d126a4e0a4cd594b7297f204ef4b0aa9ebc85b84cbfd25482e034c000bdddf6dc220560d22813729b8f5fc46073afbea7b16a97923c67891b7d7fa5f69fcc5bb23433e47c61de2a3e5aa98b0a823f5ca3697fcae5fc632a729038e9239a4183d0c74e34396863f9778002225246f6ae54176eed881cbd830910e6de599f6e5c990bf282e956bd8d6c4dcd485cd784c6a694a04c0e0f86ffa7eb234058ca44b0111ba2fd09ca47fa64fe026191700ff9b6003bc716d399d69f511421a8f2d424823a988ac8f9723ecdf9c8a9df13567f498da615b4fef5bece064e4bda57bafd9d0cfd37c3d3c188f13f1281ed1ef38b9e68e0fea669d40337bcbcbf6f415faa8d0b784d033005544a058bcf496122b433656d9984bf8e446ed5122def84d80d29b75ba5e7392e26bbff3ba91598d7b7b6bded61fde96324998ab18e00deac17ff19d8c8a4b9654016f82718cba79bde2362251e1366a076635d852e8b88946938b95c68e11d019908a91fc6644d4bd4b0019709f6bb4ec7d993e27d0595edcf1e0ab84ed9b47c2bf7ab32e2a518908a62f1d0cb47d4ea55c2d0cb083f619ebfd17d75379093b757740ad41cc1bcccf612ce921e111b597e0e05da396e15e7508c1cb5d4610c27c66b3bb3f1a84724f33e792e2e392cd2a0145fe28497a19595f8c4d20f907fc136b53ed0a21131e193013718849e306d8d975a012ae636f7cbf79bb65eda95726a30d331524b1e4bcf5d4c11791f1441dfcf03db16d13256d4e01c8c9430c31e52b1f7aa71302105b7a97a5e273d292dcf03c2a0bd616ef6cfb7907380a7fe2c3c67fe37e41a8ac6a33e8c3213e6422f332be32b5605792028e09da03f5ae90b57afd27dc4134c332325ce719928c37184893d69108442441806c56269221a3dea57296852e0a544858088a24a8b414d97a977513972617442ce96e65d2d25ff18b07c5bc58a7ece422941385b2403ce29f7acf407b713409dcd50f2cb867514c0fe00283c7054c43b67fb0a3de11e9f30d7421a0d8116a3be0f310c1784f6ba4efde1984f5c2c684c3aa910d00f277f6921e88f396c55f202bea434125ee63ac28ba9bb92aaf620adcc2362cd22646c01bb4504da552f42ddf9f5c6da7291531fd997adaa2a27a1a062963231932681dc68f03384c8fb1ea2b4a6b221fb0ea22efe26548dcc54fa9538a88f29fa8c0153f914ad97356a2553beb6c93553fb967938b7a274b7382d639e5e2734fee93d6a3cb2005d48fb495cea717458c256ea2d83b4e68eb95c0a0ac5e4276052954ec76518b769218cbd43af69415703e081549fc0801cd11e4fa7a4f3b4f9b3ddac5266459ae74e2ee7f6fb75ba2968359cd6d307736844f2e7f09f546af986d54cfe64e08d2dc26e23d2462049e3f26d4a86ec1a24bf2611a106bfdffc53ec6f5c7d1fb8e9d7a0faec49b9afd0b163c68ee37405f540f6295c04c140c2553da86438d855d329b88246bcca7207c3d94a3ac74d6f36ad217a22714728240ff74531776fcc1c455bcfcdaa653495c2b1545d371b49a254b6ba8e1fd9cd2b4052688c3978ff414ab4c410f230eef769bf6ce632372a76e8a58139829fc03fe859a5db657d03ce73b70e0d1d702af258080d4bff51e723307e5ea2f2d73898a171f015edf0246257fda02bb19b4974df6e7ed1a6c5acfcc1e3f83ffbcfd18d37a93313ad47cb2695860137303555231fe2bf355c34e409ae2381420db56d1ed2ece9ba16144c27f7aa990afec601cd9d03b4bfa427cd337dd306f3b46af86ac5254ff4e40e3d4397209a646fad962d2979eb880ce97b7e74566f4d059af1fb04b521e07690680dbc5436c72965c41c48ca527952490092537e7ccdaeb7d4bfe8d2688b1209577cb7c3d53821a2533fa8f6b1942f59080b7861c40bf8438614a4fa30cd7f2f9a831eaaa8bd3cb41def7a369d2b07d33481ec40e571ed2593bc19de1b7ea1773c04cc17e85f3388569aa279bcb5b4fd2"})
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000200)=0x380, 0x4)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000080)={0x100}, 0x8)
bind$tipc(r0, 0x0, 0x0)
setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000040)=0x4, 0x4)

03:34:04 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x2000000}}, 0x10)

[ 2031.549941][T30701] FAULT_INJECTION: forcing a failure.
[ 2031.549941][T30701] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2031.563464][T30701] CPU: 1 PID: 30701 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2031.573659][T30701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2031.583506][T30701] Call Trace:
[ 2031.586733][T30701]  dump_stack+0x1d8/0x241
[ 2031.590891][T30701]  ? panic+0x896/0x896
[ 2031.594791][T30701]  ? stack_trace_save+0x118/0x1c0
[ 2031.599651][T30701]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2031.605304][T30701]  ? stack_trace_snprint+0x170/0x170
[ 2031.610428][T30701]  ? sbitmap_queue_init_node+0x67d/0xf40
[ 2031.615886][T30701]  should_fail+0x71f/0x880
[ 2031.620138][T30701]  ? setup_fault_attr+0x3d0/0x3d0
[ 2031.625108][T30701]  ? __kasan_kmalloc+0x171/0x210
[ 2031.629863][T30701]  ? blk_mq_alloc_rq_map+0xeb/0x1a0
[ 2031.634999][T30701]  ? blk_mq_alloc_rq_maps+0xac/0x410
[ 2031.640117][T30701]  ? blk_mq_alloc_tag_set+0x5c2/0xb40
[ 2031.645345][T30701]  __alloc_pages_nodemask+0x1b4/0x840
[ 2031.650531][T30701]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 2031.655910][T30701]  ? find_next_bit+0x7b/0x100
[ 2031.660419][T30701]  ? blk_mq_hw_queue_to_node+0xe3/0x100
[ 2031.665807][T30701]  blk_mq_alloc_rqs+0x230/0x660
[ 2031.670511][T30701]  __blk_mq_alloc_rq_map+0x11e/0x2a0
[ 2031.675615][T30701]  blk_mq_alloc_rq_maps+0xac/0x410
[ 2031.680558][T30701]  blk_mq_alloc_tag_set+0x5c2/0xb40
[ 2031.685590][T30701]  loop_add+0x231/0x740
[ 2031.689579][T30701]  ? get_pid_task+0xde/0x130
[ 2031.694006][T30701]  ? radix_tree_lookup+0x16f/0x1c0
[ 2031.698958][T30701]  loop_control_ioctl+0x448/0x620
[ 2031.703816][T30701]  ? loop_remove+0xa0/0xa0
[ 2031.708218][T30701]  ? memset+0x1f/0x40
[ 2031.712014][T30701]  ? fsnotify+0x1280/0x1340
[ 2031.716498][T30701]  ? loop_remove+0xa0/0xa0
[ 2031.720747][T30701]  do_vfs_ioctl+0x742/0x1720
[ 2031.725188][T30701]  ? ioctl_preallocate+0x250/0x250
[ 2031.730127][T30701]  ? __fget+0x407/0x490
[ 2031.734113][T30701]  ? fget_many+0x20/0x20
[ 2031.738188][T30701]  ? debug_smp_processor_id+0x20/0x20
[ 2031.743395][T30701]  ? security_file_ioctl+0x7d/0xa0
03:34:04 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 11)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:04 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:04 executing program 1:
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x58, 0x453, 0x8, 0x70bd28, 0x25dfdbfe, "b3dccca0cba3de9c3d694ddb159338575785675f03369881e6590bf7c1bbd4528e66544d0a5de7c1c7814540c26afc1cbc500a2bef9ec5bea426bf95581a3d3c427fc0079fc9", ["", "", "", "", ""]}, 0x58}, 0x1, 0x0, 0x0, 0x4044004}, 0x20004081) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000001280)={0xc, 0x0, &(0x7f0000000240)=[@enter_looper, @acquire={0x40046305, 0x3}], 0x1000, 0x0, &(0x7f0000000280)="7d2d4a489d611a670145c7200f6ad677340a6d36198075ade06897c7fb475ce9861a83feab449bd6fec9f0f761b1e070d35af740b00a74ebe34d3186cba61d2d490ede5ba252fe684166aff5bfcfa587052a9645f8e2319861987dce5612f2334a34d3a94ddcb9ac79cdbe684fdee57f8eac534c56f57e672ad46f0b6698ae99b883fcbafce9f7cda1e11c2e511b0b763ce52e98a917c4025ee280958247f4036c0a7f5ae530c31abfeae14f35acb0a867f35b1a7916c304954279b0e30563d924f13117723d407bab12d55b82b87a0a7dd952d6d7d072f90f6b0f3cf38ffc18363615755614c1d6493c66154f3369014642af195bd661ae06e3f23b625235dc9fa104728794a7c13027eb4254d38af9982455e5a79262dfd2d4cef1cc2e40c4bcec56a1fe13051f64edbdce95ebff67f3b4928b56cd8f4a2ebfaa94fdce84459916af9fb9b42ebfc72396dda250f4c0f27995eed6fe489c1d856c1a94a17acc35f00d398e797e959bca5a5e2e1da427fa777721095bca385676f367bec756fcd3d2ed2a1854753119ca10fdac5b40330e2137dab35eded3c06874bca41a35ddf459a19e5637c4c448fb1b9ff9563f8214286d15a5f87320bf4f70654dfa55f83ac04b392f1468f86e928246901d0be4144f3c57f693e7b99bcd31344305f1557129b372af9d009eadbacd22be5a160883f32f7d95e528a2a6d21a29a9fdc923a4d538234d799048d619ed262fd2406cf69ead32bc1f2e1672e550c3fd40804b2c864d9eea76463087e97098fd96bf339456161a9ccf3b4a87a8c4c271169eacf63a9313f899b0c1687a2dbdf2e14ffb49f6ad0f5c1c35ebc16720b86ab23171ee3cc2334ff1654ae2e4a67b856a18aed7a32626ba04265ffe339156a68a062a427d752266a431c801476d54199f382957ca139e358d40597f4b51dba4ca898941ed7dd92db1c61f3a705d338c4aa23b078b9f9a8088cf255dc5ca72b1ec898ab7e8d2bbf25fa5edee7db7bf44337ae4a58e0ca22ead7c92ccde9de9de3fb7c368100a3940ee60889ab7fb834f4f7c2d3ba0c25d8974a05f812d4f4f6ab35d8213024e15ae59ffe88c87214fd65aa63017ffefb13a107e268a4fcad02c92ab645e27b5206ffc9ada284740d37c784afd257e5d256f5d70569b97266328f9aef569a9cb6d2f5ea58486eebd14f5db18e5eea554efe95948b7a45bb6901027bdee9d4d6835a303dd6512acaa748cf5abca9543226ac5b2d0381eb0d672aac52ed49b2d442439bf248b4dbc012642a6f1fadfd409cbeff6ee5f88abdb6b229de5d13f0769cc53634c077d1528f42c988b7b03d7dc54d8754ee4a5a68af1d40616d72c14c52e14ff1d6bf0b824f890551484012e0adb16bc98fc63e1e476869a304db693b925f7a4df965ddcdc4a441f72c5e59febbd971fc220f10e74a09e852c7187dc3e18944d38e85b9ccd48a6aa3672ab8018f30d227abe38fced6f492c53e1f062381ec6a208ecb80d955aed3777bfb49a7eacb356b635a75a7b84d96dcebc27d8f10cc26ffb1d1068b9e5bd3e0132e99927615257004c56a1186712befebcba26c9a1687aa21ed09282e5625093b38c4b7f2554d1194f4b6370a7b50c41d851e3e20de10ce258228f49d30969f9c22ab248e1f47509ab33117e733de152e83572e70165a0b857d9b569cd4d71992ec7ed16c5e9884e0d6f9dcd93a65d0979b8c60b2b453ec031c84b22105cedb5ed7a523b7f333b5e1b9e820eca83978056017751708047859943d136fd16bec38818c931eeb237fe5ee1afb88015cda9b4b26378186f5e3efc904e4201ea40c034fc2677bea0647396ae250f7f352f34ee5a7e3b0a53b30f683cf0bc31a2c410f86ffc0567cc4235d5cb56f67499a4fbdfd0bed4bf9a13df50eda2ddcbd3569b095cea367a8163ce7d4b5fb824991bc1143538aed6ba51408dd378f0eec1b8ef15bbaad803b2e6a12d6d9a62ae780eb4f1db426bef21efac41978b37ec20ff0a6656ae08526a51627def48f271ccb75f636cf51f773f9af9909af126744e55c6418e8962d15aad575db28f467af50a60367c3022b9c9c7ee61ba1912598852289fbdda31d0de1676dee29ebeccd58ac1511bbf77753e57c6abd7a0a8517174915f2b0a4341676fa60d451f3d589bfc90038f81968451ff3f7b7309a3e418a048ad8c8fb7518ebe42e4a31b4016070117ec49c1558bbdbdcf644ed21d9fd549b3361d645a51c7ebaf7349216643cbd311c78b2822fd0babd893b2a7a13b930b6ae17ebb7c6cde5d34d05f62437b5000c722e59b02cbc8ba4b291918a85ececf8e6c954d2cbcf83410788ac1e73a1a1599df78f4c99ea6bad3593b03f550e6efce688c59ee1e45d824539b1310115aeebc323f48bbcbc1666e73e5a92db0b0ceea49fc945671cf40e64f31b25838334d128167572bca4cfdcc27ef3475a9ca88beec81fb55778be21739c52ac1c766c92a7983a0e812ddc06e986e2b71c736cf4dec0364a06bea4703fabd5613e632c35dc6d2130ba8e11fc680c3afec8bca342a58f0a647800da00dae18419c49422219017397bafc8f4ef00b30c52b9c03bdef923f844188c61cd96ee65d9da036559fb5ad6ed5da994c85f2457f1e7d018f5b2990bd16d534090ab9426a27b6083dc01d44f7d4ebca1d59c51fa1632dbc1134c3495c59a32f3c50fa4f2898dd8e03bee8ead1587f6f079c4d6846f389fe2b0d08dc7e5b95e0db8f9eb031778ef5e2cf9e2760198832252912f679dee367f5f7181c75c33c2e90e3bad39dcdc7cc71e31f82ab6a11c30fcebac722a01af02262ce2c3f5addb1ed2a39c252e3edb77f7a992fecea77663724aec5fd17e2c7713081288bf25364403d5de1619d3e7e9632b9e123dbe006e3d79debe3ca623cf904eb4f34e46656397c79100929e2952a6aa68813601047fb02c7c82a9b249c6bc2d7dca5689813052dd2a9ee920126c50e0a51b7f97fdf8cc7b00e8fae0e15c7b5cabff0b03c494059cb1183d8ba799293ebab274268d474857ec2e54f405651ea4cacfb4863aa0d02fde05fb86b2fd4fe7e859ee71761ffa19ecc6dc86d274139db4d45231f6a1f7be66ecf89bf5c10f29931fe7b6741b96f4245526c0b9a5fc34e5aa3ccf8e566f6887439f52fe42e17ddb31f408cf67abafdd27cfb9c965add796dae676245d488587cae5cbb308a02dac2f5de00988547653cb7a3cadc85e806f31d0b304f8a8bc0c2d50e72d083a470cae457b4b9d3b322070f114d0c69e02f4d3895ab21ec33094f441cfeaf4e7b6c427bff316422606bad85b2f46a5417eca2de8aecf35e35c7f28af202eec7e54577c4b74559819e9cfe1bb5c9d073b1126ff222e4c7e38684062175e0d2728d88decb99915b10c01d7afe0ea2eea4ea8491f3a74f08e1229dc05f2f926370525de367f8d7b29a1832c30cfbbc281e663e02c627ad333a6d87fb6a0dfec3c6f7e64a221fbc6cf011c0668d4c8b4eb83a835647d3af704c73b1ac6d0875485a7d07462f8f97163f2b152ad767b14119f2613a0dc270c8467409266b5a899f5543c84ac52ed76ae221f09f6f385be63d93de581e8bbfdc2823f897b44598acac240f670ca63d55789d813aa1b87667c89bc1e58d2086449d8d86c0d4d6debff08862dab84959baefa7fa2bf05f0d21111da7ac9c58b01f8e5b23be91726973e5ed46d98d55f024180dfac40a6cb9731f490dd16a171b8596df7ffd9c5a3460032d93354bd329c79f807268d184b2dad75dddbdc232efcad789d126a4e0a4cd594b7297f204ef4b0aa9ebc85b84cbfd25482e034c000bdddf6dc220560d22813729b8f5fc46073afbea7b16a97923c67891b7d7fa5f69fcc5bb23433e47c61de2a3e5aa98b0a823f5ca3697fcae5fc632a729038e9239a4183d0c74e34396863f9778002225246f6ae54176eed881cbd830910e6de599f6e5c990bf282e956bd8d6c4dcd485cd784c6a694a04c0e0f86ffa7eb234058ca44b0111ba2fd09ca47fa64fe026191700ff9b6003bc716d399d69f511421a8f2d424823a988ac8f9723ecdf9c8a9df13567f498da615b4fef5bece064e4bda57bafd9d0cfd37c3d3c188f13f1281ed1ef38b9e68e0fea669d40337bcbcbf6f415faa8d0b784d033005544a058bcf496122b433656d9984bf8e446ed5122def84d80d29b75ba5e7392e26bbff3ba91598d7b7b6bded61fde96324998ab18e00deac17ff19d8c8a4b9654016f82718cba79bde2362251e1366a076635d852e8b88946938b95c68e11d019908a91fc6644d4bd4b0019709f6bb4ec7d993e27d0595edcf1e0ab84ed9b47c2bf7ab32e2a518908a62f1d0cb47d4ea55c2d0cb083f619ebfd17d75379093b757740ad41cc1bcccf612ce921e111b597e0e05da396e15e7508c1cb5d4610c27c66b3bb3f1a84724f33e792e2e392cd2a0145fe28497a19595f8c4d20f907fc136b53ed0a21131e193013718849e306d8d975a012ae636f7cbf79bb65eda95726a30d331524b1e4bcf5d4c11791f1441dfcf03db16d13256d4e01c8c9430c31e52b1f7aa71302105b7a97a5e273d292dcf03c2a0bd616ef6cfb7907380a7fe2c3c67fe37e41a8ac6a33e8c3213e6422f332be32b5605792028e09da03f5ae90b57afd27dc4134c332325ce719928c37184893d69108442441806c56269221a3dea57296852e0a544858088a24a8b414d97a977513972617442ce96e65d2d25ff18b07c5bc58a7ece422941385b2403ce29f7acf407b713409dcd50f2cb867514c0fe00283c7054c43b67fb0a3de11e9f30d7421a0d8116a3be0f310c1784f6ba4efde1984f5c2c684c3aa910d00f277f6921e88f396c55f202bea434125ee63ac28ba9bb92aaf620adcc2362cd22646c01bb4504da552f42ddf9f5c6da7291531fd997adaa2a27a1a062963231932681dc68f03384c8fb1ea2b4a6b221fb0ea22efe26548dcc54fa9538a88f29fa8c0153f914ad97356a2553beb6c93553fb967938b7a274b7382d639e5e2734fee93d6a3cb2005d48fb495cea717458c256ea2d83b4e68eb95c0a0ac5e4276052954ec76518b769218cbd43af69415703e081549fc0801cd11e4fa7a4f3b4f9b3ddac5266459ae74e2ee7f6fb75ba2968359cd6d307736844f2e7f09f546af986d54cfe64e08d2dc26e23d2462049e3f26d4a86ec1a24bf2611a106bfdffc53ec6f5c7d1fb8e9d7a0faec49b9afd0b163c68ee37405f540f6295c04c140c2553da86438d855d329b88246bcca7207c3d94a3ac74d6f36ad217a22714728240ff74531776fcc1c455bcfcdaa653495c2b1545d371b49a254b6ba8e1fd9cd2b4052688c3978ff414ab4c410f230eef769bf6ce632372a76e8a58139829fc03fe859a5db657d03ce73b70e0d1d702af258080d4bff51e723307e5ea2f2d73898a171f015edf0246257fda02bb19b4974df6e7ed1a6c5acfcc1e3f83ffbcfd18d37a93313ad47cb2695860137303555231fe2bf355c34e409ae2381420db56d1ed2ece9ba16144c27f7aa990afec601cd9d03b4bfa427cd337dd306f3b46af86ac5254ff4e40e3d4397209a646fad962d2979eb880ce97b7e74566f4d059af1fb04b521e07690680dbc5436c72965c41c48ca527952490092537e7ccdaeb7d4bfe8d2688b1209577cb7c3d53821a2533fa8f6b1942f59080b7861c40bf8438614a4fa30cd7f2f9a831eaaa8bd3cb41def7a369d2b07d33481ec40e571ed2593bc19de1b7ea1773c04cc17e85f3388569aa279bcb5b4fd2"})
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000200)=0x380, 0x4)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000080)={0x100}, 0x8) (async)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000040)=0x4, 0x4)

03:34:04 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3000000}}, 0x10)

03:34:04 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10) (async, rerun: 64)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x208200, 0x0) (async, rerun: 64)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000140)={0x1, <r3=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000180)={@ifindex=r1, r2, 0x2, 0x2004, 0xffffffffffffffff, @link_id=r3}, 0x20)

03:34:04 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async, rerun: 32)
bind$tipc(0xffffffffffffffff, 0x0, 0x34) (rerun: 32)

03:34:04 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x40000000}}, 0x10)

[ 2031.748355][T30701]  __x64_sys_ioctl+0xd4/0x110
[ 2031.752859][T30701]  do_syscall_64+0xca/0x1c0
[ 2031.757315][T30701]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:04 executing program 2:
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:04 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00')
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)

03:34:04 executing program 1:
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x58, 0x453, 0x8, 0x70bd28, 0x25dfdbfe, "b3dccca0cba3de9c3d694ddb159338575785675f03369881e6590bf7c1bbd4528e66544d0a5de7c1c7814540c26afc1cbc500a2bef9ec5bea426bf95581a3d3c427fc0079fc9", ["", "", "", "", ""]}, 0x58}, 0x1, 0x0, 0x0, 0x4044004}, 0x20004081)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000001280)={0xc, 0x0, &(0x7f0000000240)=[@enter_looper, @acquire={0x40046305, 0x3}], 0x1000, 0x0, &(0x7f0000000280)="7d2d4a489d611a670145c7200f6ad677340a6d36198075ade06897c7fb475ce9861a83feab449bd6fec9f0f761b1e070d35af740b00a74ebe34d3186cba61d2d490ede5ba252fe684166aff5bfcfa587052a9645f8e2319861987dce5612f2334a34d3a94ddcb9ac79cdbe684fdee57f8eac534c56f57e672ad46f0b6698ae99b883fcbafce9f7cda1e11c2e511b0b763ce52e98a917c4025ee280958247f4036c0a7f5ae530c31abfeae14f35acb0a867f35b1a7916c304954279b0e30563d924f13117723d407bab12d55b82b87a0a7dd952d6d7d072f90f6b0f3cf38ffc18363615755614c1d6493c66154f3369014642af195bd661ae06e3f23b625235dc9fa104728794a7c13027eb4254d38af9982455e5a79262dfd2d4cef1cc2e40c4bcec56a1fe13051f64edbdce95ebff67f3b4928b56cd8f4a2ebfaa94fdce84459916af9fb9b42ebfc72396dda250f4c0f27995eed6fe489c1d856c1a94a17acc35f00d398e797e959bca5a5e2e1da427fa777721095bca385676f367bec756fcd3d2ed2a1854753119ca10fdac5b40330e2137dab35eded3c06874bca41a35ddf459a19e5637c4c448fb1b9ff9563f8214286d15a5f87320bf4f70654dfa55f83ac04b392f1468f86e928246901d0be4144f3c57f693e7b99bcd31344305f1557129b372af9d009eadbacd22be5a160883f32f7d95e528a2a6d21a29a9fdc923a4d538234d799048d619ed262fd2406cf69ead32bc1f2e1672e550c3fd40804b2c864d9eea76463087e97098fd96bf339456161a9ccf3b4a87a8c4c271169eacf63a9313f899b0c1687a2dbdf2e14ffb49f6ad0f5c1c35ebc16720b86ab23171ee3cc2334ff1654ae2e4a67b856a18aed7a32626ba04265ffe339156a68a062a427d752266a431c801476d54199f382957ca139e358d40597f4b51dba4ca898941ed7dd92db1c61f3a705d338c4aa23b078b9f9a8088cf255dc5ca72b1ec898ab7e8d2bbf25fa5edee7db7bf44337ae4a58e0ca22ead7c92ccde9de9de3fb7c368100a3940ee60889ab7fb834f4f7c2d3ba0c25d8974a05f812d4f4f6ab35d8213024e15ae59ffe88c87214fd65aa63017ffefb13a107e268a4fcad02c92ab645e27b5206ffc9ada284740d37c784afd257e5d256f5d70569b97266328f9aef569a9cb6d2f5ea58486eebd14f5db18e5eea554efe95948b7a45bb6901027bdee9d4d6835a303dd6512acaa748cf5abca9543226ac5b2d0381eb0d672aac52ed49b2d442439bf248b4dbc012642a6f1fadfd409cbeff6ee5f88abdb6b229de5d13f0769cc53634c077d1528f42c988b7b03d7dc54d8754ee4a5a68af1d40616d72c14c52e14ff1d6bf0b824f890551484012e0adb16bc98fc63e1e476869a304db693b925f7a4df965ddcdc4a441f72c5e59febbd971fc220f10e74a09e852c7187dc3e18944d38e85b9ccd48a6aa3672ab8018f30d227abe38fced6f492c53e1f062381ec6a208ecb80d955aed3777bfb49a7eacb356b635a75a7b84d96dcebc27d8f10cc26ffb1d1068b9e5bd3e0132e99927615257004c56a1186712befebcba26c9a1687aa21ed09282e5625093b38c4b7f2554d1194f4b6370a7b50c41d851e3e20de10ce258228f49d30969f9c22ab248e1f47509ab33117e733de152e83572e70165a0b857d9b569cd4d71992ec7ed16c5e9884e0d6f9dcd93a65d0979b8c60b2b453ec031c84b22105cedb5ed7a523b7f333b5e1b9e820eca83978056017751708047859943d136fd16bec38818c931eeb237fe5ee1afb88015cda9b4b26378186f5e3efc904e4201ea40c034fc2677bea0647396ae250f7f352f34ee5a7e3b0a53b30f683cf0bc31a2c410f86ffc0567cc4235d5cb56f67499a4fbdfd0bed4bf9a13df50eda2ddcbd3569b095cea367a8163ce7d4b5fb824991bc1143538aed6ba51408dd378f0eec1b8ef15bbaad803b2e6a12d6d9a62ae780eb4f1db426bef21efac41978b37ec20ff0a6656ae08526a51627def48f271ccb75f636cf51f773f9af9909af126744e55c6418e8962d15aad575db28f467af50a60367c3022b9c9c7ee61ba1912598852289fbdda31d0de1676dee29ebeccd58ac1511bbf77753e57c6abd7a0a8517174915f2b0a4341676fa60d451f3d589bfc90038f81968451ff3f7b7309a3e418a048ad8c8fb7518ebe42e4a31b4016070117ec49c1558bbdbdcf644ed21d9fd549b3361d645a51c7ebaf7349216643cbd311c78b2822fd0babd893b2a7a13b930b6ae17ebb7c6cde5d34d05f62437b5000c722e59b02cbc8ba4b291918a85ececf8e6c954d2cbcf83410788ac1e73a1a1599df78f4c99ea6bad3593b03f550e6efce688c59ee1e45d824539b1310115aeebc323f48bbcbc1666e73e5a92db0b0ceea49fc945671cf40e64f31b25838334d128167572bca4cfdcc27ef3475a9ca88beec81fb55778be21739c52ac1c766c92a7983a0e812ddc06e986e2b71c736cf4dec0364a06bea4703fabd5613e632c35dc6d2130ba8e11fc680c3afec8bca342a58f0a647800da00dae18419c49422219017397bafc8f4ef00b30c52b9c03bdef923f844188c61cd96ee65d9da036559fb5ad6ed5da994c85f2457f1e7d018f5b2990bd16d534090ab9426a27b6083dc01d44f7d4ebca1d59c51fa1632dbc1134c3495c59a32f3c50fa4f2898dd8e03bee8ead1587f6f079c4d6846f389fe2b0d08dc7e5b95e0db8f9eb031778ef5e2cf9e2760198832252912f679dee367f5f7181c75c33c2e90e3bad39dcdc7cc71e31f82ab6a11c30fcebac722a01af02262ce2c3f5addb1ed2a39c252e3edb77f7a992fecea77663724aec5fd17e2c7713081288bf25364403d5de1619d3e7e9632b9e123dbe006e3d79debe3ca623cf904eb4f34e46656397c79100929e2952a6aa68813601047fb02c7c82a9b249c6bc2d7dca5689813052dd2a9ee920126c50e0a51b7f97fdf8cc7b00e8fae0e15c7b5cabff0b03c494059cb1183d8ba799293ebab274268d474857ec2e54f405651ea4cacfb4863aa0d02fde05fb86b2fd4fe7e859ee71761ffa19ecc6dc86d274139db4d45231f6a1f7be66ecf89bf5c10f29931fe7b6741b96f4245526c0b9a5fc34e5aa3ccf8e566f6887439f52fe42e17ddb31f408cf67abafdd27cfb9c965add796dae676245d488587cae5cbb308a02dac2f5de00988547653cb7a3cadc85e806f31d0b304f8a8bc0c2d50e72d083a470cae457b4b9d3b322070f114d0c69e02f4d3895ab21ec33094f441cfeaf4e7b6c427bff316422606bad85b2f46a5417eca2de8aecf35e35c7f28af202eec7e54577c4b74559819e9cfe1bb5c9d073b1126ff222e4c7e38684062175e0d2728d88decb99915b10c01d7afe0ea2eea4ea8491f3a74f08e1229dc05f2f926370525de367f8d7b29a1832c30cfbbc281e663e02c627ad333a6d87fb6a0dfec3c6f7e64a221fbc6cf011c0668d4c8b4eb83a835647d3af704c73b1ac6d0875485a7d07462f8f97163f2b152ad767b14119f2613a0dc270c8467409266b5a899f5543c84ac52ed76ae221f09f6f385be63d93de581e8bbfdc2823f897b44598acac240f670ca63d55789d813aa1b87667c89bc1e58d2086449d8d86c0d4d6debff08862dab84959baefa7fa2bf05f0d21111da7ac9c58b01f8e5b23be91726973e5ed46d98d55f024180dfac40a6cb9731f490dd16a171b8596df7ffd9c5a3460032d93354bd329c79f807268d184b2dad75dddbdc232efcad789d126a4e0a4cd594b7297f204ef4b0aa9ebc85b84cbfd25482e034c000bdddf6dc220560d22813729b8f5fc46073afbea7b16a97923c67891b7d7fa5f69fcc5bb23433e47c61de2a3e5aa98b0a823f5ca3697fcae5fc632a729038e9239a4183d0c74e34396863f9778002225246f6ae54176eed881cbd830910e6de599f6e5c990bf282e956bd8d6c4dcd485cd784c6a694a04c0e0f86ffa7eb234058ca44b0111ba2fd09ca47fa64fe026191700ff9b6003bc716d399d69f511421a8f2d424823a988ac8f9723ecdf9c8a9df13567f498da615b4fef5bece064e4bda57bafd9d0cfd37c3d3c188f13f1281ed1ef38b9e68e0fea669d40337bcbcbf6f415faa8d0b784d033005544a058bcf496122b433656d9984bf8e446ed5122def84d80d29b75ba5e7392e26bbff3ba91598d7b7b6bded61fde96324998ab18e00deac17ff19d8c8a4b9654016f82718cba79bde2362251e1366a076635d852e8b88946938b95c68e11d019908a91fc6644d4bd4b0019709f6bb4ec7d993e27d0595edcf1e0ab84ed9b47c2bf7ab32e2a518908a62f1d0cb47d4ea55c2d0cb083f619ebfd17d75379093b757740ad41cc1bcccf612ce921e111b597e0e05da396e15e7508c1cb5d4610c27c66b3bb3f1a84724f33e792e2e392cd2a0145fe28497a19595f8c4d20f907fc136b53ed0a21131e193013718849e306d8d975a012ae636f7cbf79bb65eda95726a30d331524b1e4bcf5d4c11791f1441dfcf03db16d13256d4e01c8c9430c31e52b1f7aa71302105b7a97a5e273d292dcf03c2a0bd616ef6cfb7907380a7fe2c3c67fe37e41a8ac6a33e8c3213e6422f332be32b5605792028e09da03f5ae90b57afd27dc4134c332325ce719928c37184893d69108442441806c56269221a3dea57296852e0a544858088a24a8b414d97a977513972617442ce96e65d2d25ff18b07c5bc58a7ece422941385b2403ce29f7acf407b713409dcd50f2cb867514c0fe00283c7054c43b67fb0a3de11e9f30d7421a0d8116a3be0f310c1784f6ba4efde1984f5c2c684c3aa910d00f277f6921e88f396c55f202bea434125ee63ac28ba9bb92aaf620adcc2362cd22646c01bb4504da552f42ddf9f5c6da7291531fd997adaa2a27a1a062963231932681dc68f03384c8fb1ea2b4a6b221fb0ea22efe26548dcc54fa9538a88f29fa8c0153f914ad97356a2553beb6c93553fb967938b7a274b7382d639e5e2734fee93d6a3cb2005d48fb495cea717458c256ea2d83b4e68eb95c0a0ac5e4276052954ec76518b769218cbd43af69415703e081549fc0801cd11e4fa7a4f3b4f9b3ddac5266459ae74e2ee7f6fb75ba2968359cd6d307736844f2e7f09f546af986d54cfe64e08d2dc26e23d2462049e3f26d4a86ec1a24bf2611a106bfdffc53ec6f5c7d1fb8e9d7a0faec49b9afd0b163c68ee37405f540f6295c04c140c2553da86438d855d329b88246bcca7207c3d94a3ac74d6f36ad217a22714728240ff74531776fcc1c455bcfcdaa653495c2b1545d371b49a254b6ba8e1fd9cd2b4052688c3978ff414ab4c410f230eef769bf6ce632372a76e8a58139829fc03fe859a5db657d03ce73b70e0d1d702af258080d4bff51e723307e5ea2f2d73898a171f015edf0246257fda02bb19b4974df6e7ed1a6c5acfcc1e3f83ffbcfd18d37a93313ad47cb2695860137303555231fe2bf355c34e409ae2381420db56d1ed2ece9ba16144c27f7aa990afec601cd9d03b4bfa427cd337dd306f3b46af86ac5254ff4e40e3d4397209a646fad962d2979eb880ce97b7e74566f4d059af1fb04b521e07690680dbc5436c72965c41c48ca527952490092537e7ccdaeb7d4bfe8d2688b1209577cb7c3d53821a2533fa8f6b1942f59080b7861c40bf8438614a4fa30cd7f2f9a831eaaa8bd3cb41def7a369d2b07d33481ec40e571ed2593bc19de1b7ea1773c04cc17e85f3388569aa279bcb5b4fd2"}) (async)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000200)=0x380, 0x4) (async)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000080)={0x100}, 0x8) (async)
bind$tipc(r0, 0x0, 0x0)
setsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000040)=0x4, 0x4)

[ 2031.830462][T30729] FAULT_INJECTION: forcing a failure.
[ 2031.830462][T30729] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2031.847089][T30729] CPU: 0 PID: 30729 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2031.857280][T30729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2031.867168][T30729] Call Trace:
[ 2031.870319][T30729]  dump_stack+0x1d8/0x241
[ 2031.874475][T30729]  ? panic+0x896/0x896
[ 2031.878376][T30729]  ? stack_trace_save+0x118/0x1c0
[ 2031.883240][T30729]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2031.888884][T30729]  ? stack_trace_snprint+0x170/0x170
[ 2031.894000][T30729]  ? sbitmap_queue_init_node+0x67d/0xf40
[ 2031.899653][T30729]  should_fail+0x71f/0x880
[ 2031.903901][T30729]  ? setup_fault_attr+0x3d0/0x3d0
[ 2031.908756][T30729]  ? __kasan_kmalloc+0x171/0x210
[ 2031.913529][T30729]  ? blk_mq_alloc_rq_map+0xeb/0x1a0
[ 2031.918569][T30729]  ? blk_mq_alloc_rq_maps+0xac/0x410
[ 2031.923822][T30729]  ? blk_mq_alloc_tag_set+0x5c2/0xb40
03:34:04 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000)=0x3, 0x4)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team0\x00', <r1=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={<r3=>0x0, @private, @local}, &(0x7f00000002c0)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r0, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000003c0)={<r5=>0x0, @initdev}, &(0x7f0000000400)=0xc)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r6=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000480)={'team0\x00', <r7=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000b00)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000580)={0x538, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8, 0x1, r1}, {0x4}}, {{0x8}, {0x268, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1f0}}, {0x8, 0x6, r3}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x71}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffd}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffff5b25}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0x1dc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}]}, 0x538}, 0x1, 0x0, 0x0, 0x40}, 0x8080)
r9 = syz_open_dev$mouse(&(0x7f0000000080), 0x5, 0x418041)
r10 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
ioctl$LOOP_SET_FD(r9, 0x4c00, r10)
r11 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000100))
sendmsg$TEAM_CMD_OPTIONS_GET(r11, 0x0, 0x0)
r12 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000b80), 0x200, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000b40), r12)
r13 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r13, 0x0, 0x0)
r14 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r14, 0x0, 0x0)
r15 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r15, 0x0, 0x0)
bind$tipc(r15, 0x0, 0xffffffffffffff0f)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x8, 0x1, 0x7, 0xc2f, 0xfffffffd}, 0x14)

03:34:04 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00')
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)

[ 2031.929035][T30729]  __alloc_pages_nodemask+0x1b4/0x840
[ 2031.934244][T30729]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 2031.939618][T30729]  ? find_next_bit+0x7b/0x100
[ 2031.944130][T30729]  ? blk_mq_hw_queue_to_node+0xe3/0x100
[ 2031.949512][T30729]  blk_mq_alloc_rqs+0x230/0x660
[ 2031.954206][T30729]  __blk_mq_alloc_rq_map+0x11e/0x2a0
[ 2031.959323][T30729]  blk_mq_alloc_rq_maps+0xac/0x410
[ 2031.964270][T30729]  blk_mq_alloc_tag_set+0x5c2/0xb40
[ 2031.969304][T30729]  loop_add+0x231/0x740
[ 2031.973291][T30729]  ? get_pid_task+0xde/0x130
[ 2031.977804][T30729]  ? radix_tree_lookup+0x16f/0x1c0
[ 2031.982756][T30729]  loop_control_ioctl+0x448/0x620
[ 2031.987615][T30729]  ? loop_remove+0xa0/0xa0
[ 2031.992004][T30729]  ? memset+0x1f/0x40
[ 2031.995816][T30729]  ? fsnotify+0x1280/0x1340
[ 2032.000328][T30729]  ? loop_remove+0xa0/0xa0
[ 2032.004563][T30729]  do_vfs_ioctl+0x742/0x1720
[ 2032.008990][T30729]  ? ioctl_preallocate+0x250/0x250
[ 2032.013951][T30729]  ? __fget+0x407/0x490
[ 2032.017930][T30729]  ? fget_many+0x20/0x20
[ 2032.022007][T30729]  ? debug_smp_processor_id+0x20/0x20
03:34:04 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 12)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:04 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x4, 0x4)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x640001, 0x0)
ioctl$SIOCGIFMTU(r2, 0x8921, &(0x7f0000000080)={'bond0\x00'})

03:34:04 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00')
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)

03:34:04 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000)=0x3, 0x4) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team0\x00', <r1=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={<r3=>0x0, @private, @local}, &(0x7f00000002c0)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r0, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000003c0)={<r5=>0x0, @initdev}, &(0x7f0000000400)=0xc) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r6=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000480)={'team0\x00', <r7=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000b00)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000580)={0x538, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8, 0x1, r1}, {0x4}}, {{0x8}, {0x268, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1f0}}, {0x8, 0x6, r3}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x71}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffd}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffff5b25}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0x1dc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}]}, 0x538}, 0x1, 0x0, 0x0, 0x40}, 0x8080) (async)
r9 = syz_open_dev$mouse(&(0x7f0000000080), 0x5, 0x418041) (async)
r10 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
ioctl$LOOP_SET_FD(r9, 0x4c00, r10) (async)
r11 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000100))
sendmsg$TEAM_CMD_OPTIONS_GET(r11, 0x0, 0x0) (async)
r12 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000b80), 0x200, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000b40), r12) (async)
r13 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r13, 0x0, 0x0) (async)
r14 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r14, 0x0, 0x0) (async)
r15 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r15, 0x0, 0x0) (async)
bind$tipc(r15, 0x0, 0xffffffffffffff0f) (async)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x8, 0x1, 0x7, 0xc2f, 0xfffffffd}, 0x14)

03:34:04 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x20000010)

03:34:04 executing program 2:
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:04 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x4, 0x4) (async)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x640001, 0x0)
ioctl$SIOCGIFMTU(r2, 0x8921, &(0x7f0000000080)={'bond0\x00'})

03:34:04 executing program 5:
r0 = socket$tipc(0x1e, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xffff0001, 0x1, 0x5, 0x7, 0xae}, 0x14)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x0, 0x1}}}, 0x10)

[ 2032.027331][T30729]  ? security_file_ioctl+0x7d/0xa0
[ 2032.032273][T30729]  __x64_sys_ioctl+0xd4/0x110
[ 2032.036793][T30729]  do_syscall_64+0xca/0x1c0
[ 2032.041130][T30729]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:04 executing program 2:
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:04 executing program 4:
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000000400)=[{0x6, 0x1, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=""/252, 0xfc}, {&(0x7f0000000140)=""/1, 0x1}, {&(0x7f0000000180)=""/25, 0x19}, {&(0x7f00000001c0)=""/43, 0x2b}, {&(0x7f0000000200)=""/207, 0xcf}, {&(0x7f0000000300)=""/44, 0x2c}], &(0x7f00000003c0)=[0x7fff, 0x2]}], 0x1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x1, 0x4)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f0000000440)=0x6, 0x4)

03:34:04 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000)=0x3, 0x4) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team0\x00', <r1=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={<r3=>0x0, @private, @local}, &(0x7f00000002c0)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r0, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000003c0)={<r5=>0x0, @initdev}, &(0x7f0000000400)=0xc) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r6=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000480)={'team0\x00', <r7=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000b00)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000580)={0x538, 0x0, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8, 0x1, r1}, {0x4}}, {{0x8}, {0x268, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1f0}}, {0x8, 0x6, r3}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x71}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffd}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xffff5b25}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0x1dc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1000}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7fffffff}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}]}}]}, 0x538}, 0x1, 0x0, 0x0, 0x40}, 0x8080)
r9 = syz_open_dev$mouse(&(0x7f0000000080), 0x5, 0x418041) (async)
r10 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
ioctl$LOOP_SET_FD(r9, 0x4c00, r10) (async)
r11 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
prlimit64(0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000100)) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r11, 0x0, 0x0)
r12 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000b80), 0x200, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000b40), r12) (async)
r13 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r13, 0x0, 0x0) (async, rerun: 32)
r14 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_GET(r14, 0x0, 0x0) (async)
r15 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r15, 0x0, 0x0)
bind$tipc(r15, 0x0, 0xffffffffffffff0f)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x8, 0x1, 0x7, 0xc2f, 0xfffffffd}, 0x14)

03:34:04 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x4, 0x4)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x640001, 0x0)
ioctl$SIOCGIFMTU(r2, 0x8921, &(0x7f0000000080)={'bond0\x00'})

[ 2032.147630][T30784] FAULT_INJECTION: forcing a failure.
[ 2032.147630][T30784] name failslab, interval 1, probability 0, space 0, times 0
[ 2032.163513][T30784] CPU: 1 PID: 30784 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2032.173568][T30784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2032.183460][T30784] Call Trace:
[ 2032.186610][T30784]  dump_stack+0x1d8/0x241
[ 2032.190751][T30784]  ? panic+0x896/0x896
[ 2032.194656][T30784]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2032.200304][T30784]  should_fail+0x71f/0x880
[ 2032.204552][T30784]  ? setup_fault_attr+0x3d0/0x3d0
[ 2032.209412][T30784]  ? ida_alloc_range+0x98f/0xa60
[ 2032.214216][T30784]  ? xas_nomem+0x18b/0x1c0
[ 2032.218457][T30784]  ? mempool_init_node+0x133/0x4e0
[ 2032.223387][T30784]  should_failslab+0x5/0x20
[ 2032.227723][T30784]  __kmalloc+0x51/0x2e0
[ 2032.231730][T30784]  mempool_init_node+0x133/0x4e0
[ 2032.236677][T30784]  ? idr_replace+0x230/0x230
[ 2032.241096][T30784]  ? mempool_free+0x380/0x380
[ 2032.245608][T30784]  ? mempool_alloc_slab+0x20/0x20
[ 2032.250464][T30784]  mempool_init+0x35/0x50
[ 2032.254649][T30784]  bioset_init+0x432/0x600
[ 2032.258971][T30784]  blk_alloc_queue_node+0xcb/0x640
[ 2032.263927][T30784]  ? blk_mq_alloc_tag_set+0x84f/0xb40
[ 2032.269137][T30784]  blk_mq_init_queue+0x34/0xa0
[ 2032.273727][T30784]  loop_add+0x25c/0x740
[ 2032.277715][T30784]  ? get_pid_task+0xde/0x130
[ 2032.282145][T30784]  ? radix_tree_lookup+0x16f/0x1c0
[ 2032.287096][T30784]  loop_control_ioctl+0x448/0x620
[ 2032.292075][T30784]  ? loop_remove+0xa0/0xa0
[ 2032.296316][T30784]  ? memset+0x1f/0x40
[ 2032.300134][T30784]  ? fsnotify+0x1280/0x1340
[ 2032.304471][T30784]  ? loop_remove+0xa0/0xa0
[ 2032.308723][T30784]  do_vfs_ioctl+0x742/0x1720
[ 2032.313155][T30784]  ? ioctl_preallocate+0x250/0x250
[ 2032.318102][T30784]  ? __fget+0x407/0x490
[ 2032.322241][T30784]  ? fget_many+0x20/0x20
[ 2032.326311][T30784]  ? debug_smp_processor_id+0x20/0x20
[ 2032.331511][T30784]  ? security_file_ioctl+0x7d/0xa0
[ 2032.336461][T30784]  __x64_sys_ioctl+0xd4/0x110
[ 2032.340978][T30784]  do_syscall_64+0xca/0x1c0
03:34:05 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 13)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:05 executing program 5:
r0 = socket$tipc(0x1e, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xffff0001, 0x1, 0x5, 0x7, 0xae}, 0x14) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x0, 0x1}}}, 0x10)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 4:
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000000400)=[{0x6, 0x1, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=""/252, 0xfc}, {&(0x7f0000000140)=""/1, 0x1}, {&(0x7f0000000180)=""/25, 0x19}, {&(0x7f00000001c0)=""/43, 0x2b}, {&(0x7f0000000200)=""/207, 0xcf}, {&(0x7f0000000300)=""/44, 0x2c}], &(0x7f00000003c0)=[0x7fff, 0x2]}], 0x1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x1, 0x4)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f0000000440)=0x6, 0x4)

03:34:05 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000000)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x12, 0x7, 0x7, 0x9, 0xbf, 0x7, "7739bdad8f269c2695a670870b83d819109a"}}, 0x12a)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)

03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

03:34:05 executing program 4:
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000000400)=[{0x6, 0x1, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)=""/252, 0xfc}, {&(0x7f0000000140)=""/1, 0x1}, {&(0x7f0000000180)=""/25, 0x19}, {&(0x7f00000001c0)=""/43, 0x2b}, {&(0x7f0000000200)=""/207, 0xcf}, {&(0x7f0000000300)=""/44, 0x2c}], &(0x7f00000003c0)=[0x7fff, 0x2]}], 0x1) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x1, 0x4)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r2, 0x6, 0x15, &(0x7f0000000440)=0x6, 0x4)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000000)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x12, 0x7, 0x7, 0x9, 0xbf, 0x7, "7739bdad8f269c2695a670870b83d819109a"}}, 0x12a)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
write$UHID_CREATE2(r0, &(0x7f0000000000)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x12, 0x7, 0x7, 0x9, 0xbf, 0x7, "7739bdad8f269c2695a670870b83d819109a"}}, 0x12a) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, 0x0, 0x2) (async)

[ 2032.345320][T30784]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:05 executing program 5:
r0 = socket$tipc(0x1e, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xffff0001, 0x1, 0x5, 0x7, 0xae}, 0x14)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x0, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x0, 0x0) (async)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xffff0001, 0x1, 0x5, 0x7, 0xae}, 0x14) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x0, 0x1}}}, 0x10) (async)

[ 2032.387411][T30803] FAULT_INJECTION: forcing a failure.
[ 2032.387411][T30803] name failslab, interval 1, probability 0, space 0, times 0
[ 2032.400566][T30803] CPU: 1 PID: 30803 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2032.410751][T30803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2032.420638][T30803] Call Trace:
[ 2032.423775][T30803]  dump_stack+0x1d8/0x241
[ 2032.427948][T30803]  ? panic+0x896/0x896
[ 2032.431851][T30803]  ? nf_ct_l4proto_log_invalid+0x258/0x258
03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

03:34:05 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
write$UHID_CREATE2(r0, &(0x7f0000000000)={0xb, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x12, 0x7, 0x7, 0x9, 0xbf, 0x7, "7739bdad8f269c2695a670870b83d819109a"}}, 0x12a)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)

[ 2032.437510][T30803]  should_fail+0x71f/0x880
[ 2032.441759][T30803]  ? setup_fault_attr+0x3d0/0x3d0
[ 2032.446699][T30803]  ? mempool_init_node+0x1ec/0x4e0
[ 2032.451734][T30803]  should_failslab+0x5/0x20
[ 2032.456232][T30803]  kmem_cache_alloc+0x28/0x250
[ 2032.460827][T30803]  ? mempool_free+0x380/0x380
[ 2032.465342][T30803]  mempool_init_node+0x1ec/0x4e0
[ 2032.470114][T30803]  ? mempool_free+0x380/0x380
[ 2032.474626][T30803]  ? mempool_alloc_slab+0x20/0x20
[ 2032.479507][T30803]  mempool_init+0x35/0x50
[ 2032.483652][T30803]  bioset_init+0x432/0x600
[ 2032.487911][T30803]  blk_alloc_queue_node+0xcb/0x640
[ 2032.492851][T30803]  ? blk_mq_alloc_tag_set+0x84f/0xb40
[ 2032.498062][T30803]  blk_mq_init_queue+0x34/0xa0
[ 2032.502665][T30803]  loop_add+0x25c/0x740
[ 2032.506650][T30803]  ? get_pid_task+0xde/0x130
[ 2032.511074][T30803]  ? radix_tree_lookup+0x16f/0x1c0
[ 2032.516033][T30803]  loop_control_ioctl+0x448/0x620
[ 2032.520876][T30803]  ? loop_remove+0xa0/0xa0
[ 2032.525120][T30803]  ? memset+0x1f/0x40
[ 2032.528936][T30803]  ? fsnotify+0x1280/0x1340
[ 2032.533276][T30803]  ? loop_remove+0xa0/0xa0
03:34:05 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 14)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

03:34:05 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed}, &(0x7f0000000040)=0xe, 0x80000)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:05 executing program 4:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000040)=0x5, 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed}, &(0x7f0000000040)=0xe, 0x80000) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4)

03:34:05 executing program 4:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000040)=0x5, 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)

03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}, 0x4}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

[ 2032.537529][T30803]  do_vfs_ioctl+0x742/0x1720
[ 2032.541960][T30803]  ? ioctl_preallocate+0x250/0x250
[ 2032.546905][T30803]  ? __fget+0x407/0x490
[ 2032.550897][T30803]  ? fget_many+0x20/0x20
[ 2032.554976][T30803]  ? debug_smp_processor_id+0x20/0x20
[ 2032.560190][T30803]  ? security_file_ioctl+0x7d/0xa0
[ 2032.565138][T30803]  __x64_sys_ioctl+0xd4/0x110
[ 2032.569646][T30803]  do_syscall_64+0xca/0x1c0
[ 2032.573986][T30803]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:05 executing program 4:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000040)=0x5, 0x4) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

[ 2032.638750][T30846] FAULT_INJECTION: forcing a failure.
[ 2032.638750][T30846] name failslab, interval 1, probability 0, space 0, times 0
[ 2032.660049][T30846] CPU: 1 PID: 30846 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2032.670120][T30846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2032.679999][T30846] Call Trace:
[ 2032.683148][T30846]  dump_stack+0x1d8/0x241
[ 2032.687296][T30846]  ? panic+0x896/0x896
[ 2032.691216][T30846]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2032.696866][T30846]  should_fail+0x71f/0x880
[ 2032.701110][T30846]  ? setup_fault_attr+0x3d0/0x3d0
[ 2032.706137][T30846]  ? mempool_init_node+0x1ec/0x4e0
[ 2032.711077][T30846]  should_failslab+0x5/0x20
[ 2032.715422][T30846]  kmem_cache_alloc+0x28/0x250
[ 2032.720014][T30846]  ? mempool_free+0x380/0x380
[ 2032.724528][T30846]  mempool_init_node+0x1ec/0x4e0
[ 2032.729304][T30846]  ? mempool_free+0x380/0x380
[ 2032.733816][T30846]  ? mempool_alloc_slab+0x20/0x20
[ 2032.738674][T30846]  mempool_init+0x35/0x50
[ 2032.742841][T30846]  bioset_init+0x432/0x600
[ 2032.747180][T30846]  blk_alloc_queue_node+0xcb/0x640
[ 2032.752149][T30846]  ? blk_mq_alloc_tag_set+0x84f/0xb40
[ 2032.757346][T30846]  blk_mq_init_queue+0x34/0xa0
[ 2032.761945][T30846]  loop_add+0x25c/0x740
[ 2032.765925][T30846]  ? get_pid_task+0xde/0x130
[ 2032.770354][T30846]  ? radix_tree_lookup+0x16f/0x1c0
[ 2032.775348][T30846]  loop_control_ioctl+0x448/0x620
[ 2032.780173][T30846]  ? loop_remove+0xa0/0xa0
[ 2032.784421][T30846]  ? apic_timer_interrupt+0xa/0x20
[ 2032.789366][T30846]  ? loop_remove+0xa0/0xa0
[ 2032.793609][T30846]  ? do_vfs_ioctl+0xde/0x1720
[ 2032.798122][T30846]  ? do_vfs_ioctl+0x28b/0x1720
[ 2032.802725][T30846]  ? loop_remove+0xa0/0xa0
[ 2032.806978][T30846]  do_vfs_ioctl+0x742/0x1720
[ 2032.811407][T30846]  ? ioctl_preallocate+0x250/0x250
[ 2032.816361][T30846]  ? __fget+0x407/0x490
[ 2032.820344][T30846]  ? fget_many+0x20/0x20
[ 2032.824425][T30846]  ? debug_smp_processor_id+0x20/0x20
[ 2032.829777][T30846]  ? security_file_ioctl+0x7d/0xa0
[ 2032.834714][T30846]  __x64_sys_ioctl+0xd4/0x110
03:34:05 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 15)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:05 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed}, &(0x7f0000000040)=0xe, 0x80000)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, 0x0, 0x2) (async)
accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed}, &(0x7f0000000040)=0xe, 0x80000) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4) (async)

03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}, 0x4}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}, 0x4}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:05 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = eventfd2(0xf9b, 0x1)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000040)=r1, 0x1)
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)

[ 2032.839238][T30846]  do_syscall_64+0xca/0x1c0
[ 2032.843940][T30846]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}, 0x4}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:05 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = eventfd2(0xf9b, 0x1)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000040)=r1, 0x1)
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
eventfd2(0xf9b, 0x1) (async)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000040)=r1, 0x1) (async)
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0) (async)

[ 2032.890771][T30873] FAULT_INJECTION: forcing a failure.
[ 2032.890771][T30873] name failslab, interval 1, probability 0, space 0, times 0
[ 2032.907637][T30873] CPU: 1 PID: 30873 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2032.917706][T30873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2032.927597][T30873] Call Trace:
[ 2032.930723][T30873]  dump_stack+0x1d8/0x241
[ 2032.934885][T30873]  ? panic+0x896/0x896
[ 2032.938833][T30873]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2032.944478][T30873]  should_fail+0x71f/0x880
[ 2032.948684][T30873]  ? setup_fault_attr+0x3d0/0x3d0
[ 2032.953555][T30873]  ? mempool_init_node+0x133/0x4e0
[ 2032.958489][T30873]  should_failslab+0x5/0x20
[ 2032.962832][T30873]  __kmalloc+0x51/0x2e0
[ 2032.966856][T30873]  ? kmem_cache_alloc+0xd9/0x250
[ 2032.971594][T30873]  mempool_init_node+0x133/0x4e0
[ 2032.976373][T30873]  ? mempool_free+0x380/0x380
[ 2032.980882][T30873]  ? mempool_alloc_slab+0x20/0x20
[ 2032.985745][T30873]  mempool_init+0x35/0x50
[ 2032.989909][T30873]  bioset_init+0x4d8/0x600
[ 2032.994165][T30873]  blk_alloc_queue_node+0xcb/0x640
[ 2032.999110][T30873]  ? blk_mq_alloc_tag_set+0x84f/0xb40
[ 2033.004331][T30873]  blk_mq_init_queue+0x34/0xa0
[ 2033.008918][T30873]  loop_add+0x25c/0x740
[ 2033.012907][T30873]  ? get_pid_task+0xde/0x130
[ 2033.017337][T30873]  ? radix_tree_lookup+0x16f/0x1c0
[ 2033.022287][T30873]  loop_control_ioctl+0x448/0x620
[ 2033.027142][T30873]  ? loop_remove+0xa0/0xa0
[ 2033.031401][T30873]  ? memset+0x1f/0x40
[ 2033.035215][T30873]  ? fsnotify+0x1280/0x1340
03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3}}, 0x10)
write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000240)=""/123, 0x7b, 0x8, 0x104, 0xffffff81, 0x6, 0x1f}}, 0x120)
bind$tipc(r0, 0x0, 0x0)

[ 2033.039566][T30873]  ? loop_remove+0xa0/0xa0
[ 2033.043807][T30873]  do_vfs_ioctl+0x742/0x1720
[ 2033.048235][T30873]  ? ioctl_preallocate+0x250/0x250
[ 2033.053181][T30873]  ? __fget+0x407/0x490
[ 2033.057173][T30873]  ? fget_many+0x20/0x20
[ 2033.061250][T30873]  ? debug_smp_processor_id+0x20/0x20
[ 2033.066459][T30873]  ? security_file_ioctl+0x7d/0xa0
[ 2033.071409][T30873]  __x64_sys_ioctl+0xd4/0x110
[ 2033.075925][T30873]  do_syscall_64+0xca/0x1c0
[ 2033.080272][T30873]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:05 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 16)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:05 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)

03:34:05 executing program 5:
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
accept4$tipc(r0, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10, 0x180000)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0xfffffffffffffd63, 0x100800)
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f00000000c0)=0xb7, 0x4)

03:34:05 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
r1 = eventfd2(0xf9b, 0x1)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000040)=r1, 0x1) (async)
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x0, 0x8, 0x0, 0x0)

03:34:05 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3}}, 0x10)
write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000240)=""/123, 0x7b, 0x8, 0x104, 0xffffff81, 0x6, 0x1f}}, 0x120) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:05 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
socket$inet_udp(0x2, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2033.150472][T30899] FAULT_INJECTION: forcing a failure.
[ 2033.150472][T30899] name failslab, interval 1, probability 0, space 0, times 0
[ 2033.189474][T30899] CPU: 1 PID: 30899 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
03:34:05 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x6, 0x109401)
connect$bt_rfcomm(r0, &(0x7f00000001c0)={0x1f, @none}, 0xa)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @local, @loopback}, &(0x7f0000000180)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="10010000", @ANYRES16=0x0, @ANYBLOB="200029bd7000ffdbdf250200000008000100", @ANYRES32=r1, @ANYBLOB="f40002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004001b06000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400ff07000008000600", @ANYRES32=0x0, @ANYBLOB="1fe7adddf02167b1a299ad12f32e4512980a68b67f052384114788b2052a88b2a8536dbd2b873ee1ee68323e8a345f97c3cc6556b363b097af105d37dd9d3bdd2ef1680196f5edb06b64d5"], 0x110}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000540)={0x7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/143, 0x8f}], &(0x7f0000000500)=[0x8, 0x9, 0x3ff, 0x2, 0x8, 0x8001, 0x92bd], 0x1}, 0x20)
bind$tipc(r2, 0x0, 0x2)

[ 2033.199537][T30899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2033.209469][T30899] Call Trace:
[ 2033.212565][T30899]  dump_stack+0x1d8/0x241
[ 2033.216721][T30899]  ? panic+0x896/0x896
[ 2033.220623][T30899]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2033.226274][T30899]  should_fail+0x71f/0x880
[ 2033.230522][T30899]  ? setup_fault_attr+0x3d0/0x3d0
[ 2033.235389][T30899]  ? mempool_init_node+0x1ec/0x4e0
[ 2033.240325][T30899]  should_failslab+0x5/0x20
[ 2033.244667][T30899]  kmem_cache_alloc+0x28/0x250
[ 2033.249271][T30899]  ? mempool_free+0x380/0x380
[ 2033.253777][T30899]  mempool_init_node+0x1ec/0x4e0
[ 2033.258574][T30899]  ? mempool_free+0x380/0x380
[ 2033.263070][T30899]  ? mempool_alloc_slab+0x20/0x20
[ 2033.267924][T30899]  mempool_init+0x35/0x50
[ 2033.272093][T30899]  bioset_init+0x4d8/0x600
[ 2033.276367][T30899]  blk_alloc_queue_node+0xcb/0x640
[ 2033.281296][T30899]  ? blk_mq_alloc_tag_set+0x84f/0xb40
[ 2033.286507][T30899]  blk_mq_init_queue+0x34/0xa0
[ 2033.291123][T30899]  loop_add+0x25c/0x740
[ 2033.295096][T30899]  ? get_pid_task+0xde/0x130
[ 2033.299521][T30899]  ? radix_tree_lookup+0x16f/0x1c0
[ 2033.304466][T30899]  loop_control_ioctl+0x448/0x620
[ 2033.309326][T30899]  ? loop_remove+0xa0/0xa0
[ 2033.313581][T30899]  ? memset+0x1f/0x40
[ 2033.317398][T30899]  ? fsnotify+0x1280/0x1340
[ 2033.321737][T30899]  ? loop_remove+0xa0/0xa0
[ 2033.326076][T30899]  do_vfs_ioctl+0x742/0x1720
[ 2033.330506][T30899]  ? ioctl_preallocate+0x250/0x250
[ 2033.335573][T30899]  ? __fget+0x407/0x490
[ 2033.339536][T30899]  ? fget_many+0x20/0x20
[ 2033.343708][T30899]  ? debug_smp_processor_id+0x20/0x20
03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (fail_nth: 1)

03:34:06 executing program 5:
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
accept4$tipc(r0, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10, 0x180000)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0xfffffffffffffd63, 0x100800)
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f00000000c0)=0xb7, 0x4)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0x4) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
accept4$tipc(r0, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10, 0x180000) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0xfffffffffffffd63, 0x100800) (async)
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f00000000c0)=0xb7, 0x4) (async)

03:34:06 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3}}, 0x10) (async, rerun: 32)
write$UHID_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000240)=""/123, 0x7b, 0x8, 0x104, 0xffffff81, 0x6, 0x1f}}, 0x120) (rerun: 32)
bind$tipc(r0, 0x0, 0x0)

03:34:06 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:06 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2033.348915][T30899]  ? security_file_ioctl+0x7d/0xa0
[ 2033.353942][T30899]  __x64_sys_ioctl+0xd4/0x110
[ 2033.358478][T30899]  do_syscall_64+0xca/0x1c0
[ 2033.362787][T30899]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:06 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 17)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:06 executing program 5:
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
accept4$tipc(r0, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10, 0x180000)
r1 = socket$tipc(0x1e, 0x2, 0x0)
accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0xfffffffffffffd63, 0x100800) (async)
r2 = accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0xfffffffffffffd63, 0x100800)
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f00000000c0)=0xb7, 0x4)

03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:06 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x6, 0x109401)
connect$bt_rfcomm(r0, &(0x7f00000001c0)={0x1f, @none}, 0xa)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @local, @loopback}, &(0x7f0000000180)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="10010000", @ANYRES16=0x0, @ANYBLOB="200029bd7000ffdbdf250200000008000100", @ANYRES32=r1, @ANYBLOB="f40002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004001b06000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400ff07000008000600", @ANYRES32=0x0, @ANYBLOB="1fe7adddf02167b1a299ad12f32e4512980a68b67f052384114788b2052a88b2a8536dbd2b873ee1ee68323e8a345f97c3cc6556b363b097af105d37dd9d3bdd2ef1680196f5edb06b64d5"], 0x110}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000540)={0x7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/143, 0x8f}], &(0x7f0000000500)=[0x8, 0x9, 0x3ff, 0x2, 0x8, 0x8001, 0x92bd], 0x1}, 0x20)
bind$tipc(r2, 0x0, 0x2)
syz_open_dev$mouse(&(0x7f00000000c0), 0x6, 0x109401) (async)
connect$bt_rfcomm(r0, &(0x7f00000001c0)={0x1f, @none}, 0xa) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={0x0, @local, @loopback}, &(0x7f0000000180)=0xc) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="10010000", @ANYRES16=0x0, @ANYBLOB="200029bd7000ffdbdf250200000008000100", @ANYRES32=r1, @ANYBLOB="f40002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004001b06000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400ff07000008000600", @ANYRES32=0x0, @ANYBLOB="1fe7adddf02167b1a299ad12f32e4512980a68b67f052384114788b2052a88b2a8536dbd2b873ee1ee68323e8a345f97c3cc6556b363b097af105d37dd9d3bdd2ef1680196f5edb06b64d5"], 0x110}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async)
getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000540)={0x7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/143, 0x8f}], &(0x7f0000000500)=[0x8, 0x9, 0x3ff, 0x2, 0x8, 0x8001, 0x92bd], 0x1}, 0x20) (async)
bind$tipc(r2, 0x0, 0x2) (async)

03:34:06 executing program 4:
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x800, 0x70bd27, 0x25dfdbfc, {0x1, 0x1}, ["", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x4000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0x2, 0x3}, 0x10)
socket$inet(0x2, 0x6, 0x1)

03:34:06 executing program 1:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040), r0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)

03:34:06 executing program 4:
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x800, 0x70bd27, 0x25dfdbfc, {0x1, 0x1}, ["", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x4000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0x2, 0x3}, 0x10)
socket$inet(0x2, 0x6, 0x1)
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x800, 0x70bd27, 0x25dfdbfc, {0x1, 0x1}, ["", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x4000) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0x2, 0x3}, 0x10) (async)
socket$inet(0x2, 0x6, 0x1) (async)

03:34:06 executing program 1:
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040), r0) (async)
syz_genetlink_get_family_id$team(&(0x7f0000000040), r0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)

03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x10f, 0x8, 0x0, 0x0)

03:34:06 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x8, 0x70bd27, 0x25dfdbfc, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20040000}, 0x20081)

03:34:06 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x6, 0x109401)
connect$bt_rfcomm(r0, &(0x7f00000001c0)={0x1f, @none}, 0xa)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @local, @loopback}, &(0x7f0000000180)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="10010000", @ANYRES16=0x0, @ANYBLOB="200029bd7000ffdbdf250200000008000100", @ANYRES32=r1, @ANYBLOB="f40002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004001b06000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400ff07000008000600", @ANYRES32=0x0, @ANYBLOB="1fe7adddf02167b1a299ad12f32e4512980a68b67f052384114788b2052a88b2a8536dbd2b873ee1ee68323e8a345f97c3cc6556b363b097af105d37dd9d3bdd2ef1680196f5edb06b64d5"], 0x110}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) (async)
r2 = socket$tipc(0x1e, 0x2, 0x0) (async)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000540)={0x7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/143, 0x8f}], &(0x7f0000000500)=[0x8, 0x9, 0x3ff, 0x2, 0x8, 0x8001, 0x92bd], 0x1}, 0x20) (async)
bind$tipc(r2, 0x0, 0x2)

[ 2033.473101][T30949] FAULT_INJECTION: forcing a failure.
[ 2033.473101][T30949] name failslab, interval 1, probability 0, space 0, times 0
[ 2033.499825][T30949] CPU: 0 PID: 30949 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2033.509893][T30949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2033.519875][T30949] Call Trace:
03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)

[ 2033.523009][T30949]  dump_stack+0x1d8/0x241
[ 2033.527172][T30949]  ? panic+0x896/0x896
[ 2033.531081][T30949]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2033.536728][T30949]  should_fail+0x71f/0x880
[ 2033.540980][T30949]  ? setup_fault_attr+0x3d0/0x3d0
[ 2033.545838][T30949]  ? mempool_init_node+0x1ec/0x4e0
[ 2033.550785][T30949]  should_failslab+0x5/0x20
[ 2033.555121][T30949]  kmem_cache_alloc+0x28/0x250
[ 2033.559728][T30949]  ? mempool_free+0x380/0x380
[ 2033.564220][T30949]  mempool_init_node+0x1ec/0x4e0
[ 2033.569000][T30949]  ? mempool_free+0x380/0x380
[ 2033.573684][T30949]  ? mempool_alloc_slab+0x20/0x20
[ 2033.578544][T30949]  mempool_init+0x35/0x50
[ 2033.582712][T30949]  bioset_init+0x4d8/0x600
[ 2033.586968][T30949]  blk_alloc_queue_node+0xcb/0x640
[ 2033.591923][T30949]  ? blk_mq_alloc_tag_set+0x84f/0xb40
[ 2033.597118][T30949]  blk_mq_init_queue+0x34/0xa0
[ 2033.601717][T30949]  loop_add+0x25c/0x740
[ 2033.605710][T30949]  ? get_pid_task+0xde/0x130
[ 2033.610139][T30949]  ? radix_tree_lookup+0x16f/0x1c0
[ 2033.615086][T30949]  loop_control_ioctl+0x448/0x620
[ 2033.619954][T30949]  ? loop_remove+0xa0/0xa0
[ 2033.624201][T30949]  ? memset+0x1f/0x40
[ 2033.628016][T30949]  ? fsnotify+0x1280/0x1340
[ 2033.632370][T30949]  ? loop_remove+0xa0/0xa0
[ 2033.636781][T30949]  do_vfs_ioctl+0x742/0x1720
[ 2033.641420][T30949]  ? ioctl_preallocate+0x250/0x250
[ 2033.646466][T30949]  ? __fget+0x407/0x490
[ 2033.650451][T30949]  ? fget_many+0x20/0x20
[ 2033.654526][T30949]  ? debug_smp_processor_id+0x20/0x20
[ 2033.659731][T30949]  ? security_file_ioctl+0x7d/0xa0
[ 2033.664674][T30949]  __x64_sys_ioctl+0xd4/0x110
[ 2033.669275][T30949]  do_syscall_64+0xca/0x1c0
03:34:06 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 18)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:06 executing program 4:
sendmsg$AUDIT_TTY_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x800, 0x70bd27, 0x25dfdbfc, {0x1, 0x1}, ["", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x8080}, 0x4000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0x2, 0x3}, 0x10)
socket$inet(0x2, 0x6, 0x1)

03:34:06 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x8, 0x70bd27, 0x25dfdbfc, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20040000}, 0x20081)

03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)

03:34:06 executing program 1:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040), r0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r1, 0x0, 0x0)

03:34:06 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000000)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x32, 0x201, 0x1, 0x100, 0x80020001, 0x100100, "e4c321d7ecdc285c0cd6ba15713ff8b917989fddc8680edee1350a089bfd9ed6bc66f7787fe455e4e081cbcaa1030e9edb89"}}, 0x14a)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, 0x0, 0x2)

03:34:06 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0x3ff, @any, 0x1dd}, 0xe)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x100000000000000, 0x8000)
ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000080))
getpeername$tipc(r1, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10)

03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)

03:34:06 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x8, 0x70bd27, 0x25dfdbfc, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20040000}, 0x20081)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x8, 0x70bd27, 0x25dfdbfc, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20040000}, 0x20081) (async)

03:34:06 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
socket(0xa, 0x1, 0x7e)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000100)=0x30ec, 0x4)
r1 = socket(0x2a, 0x800, 0x80000001)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='bic\x00', 0x4)
accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x80000)

[ 2033.673612][T30949]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:06 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000000)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x32, 0x201, 0x1, 0x100, 0x80020001, 0x100100, "e4c321d7ecdc285c0cd6ba15713ff8b917989fddc8680edee1350a089bfd9ed6bc66f7787fe455e4e081cbcaa1030e9edb89"}}, 0x14a)
socket$tipc(0x1e, 0x5, 0x0) (async)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, 0x0, 0x2)

[ 2033.724075][T30991] FAULT_INJECTION: forcing a failure.
[ 2033.724075][T30991] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2033.737838][T30991] CPU: 0 PID: 30991 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2033.747884][T30991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2033.757775][T30991] Call Trace:
[ 2033.760915][T30991]  dump_stack+0x1d8/0x241
[ 2033.765087][T30991]  ? panic+0x896/0x896
03:34:06 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
socket(0xa, 0x1, 0x7e)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000100)=0x30ec, 0x4) (async)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000100)=0x30ec, 0x4)
r1 = socket(0x2a, 0x800, 0x80000001)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='bic\x00', 0x4)
accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x80000)

[ 2033.768984][T30991]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2033.774635][T30991]  ? stack_trace_save+0x1c0/0x1c0
[ 2033.779497][T30991]  should_fail+0x71f/0x880
[ 2033.783748][T30991]  ? setup_fault_attr+0x3d0/0x3d0
[ 2033.788612][T30991]  ? stack_trace_save+0x118/0x1c0
[ 2033.793459][T30991]  __alloc_pages_nodemask+0x1b4/0x840
[ 2033.798675][T30991]  ? __kasan_kmalloc+0x1d9/0x210
[ 2033.803446][T30991]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 2033.808824][T30991]  ? __kasan_slab_free+0x164/0x270
[ 2033.813775][T30991]  ? blk_mq_init_queue+0x34/0xa0
[ 2033.818541][T30991]  ? loop_add+0x25c/0x740
[ 2033.822712][T30991]  ? loop_control_ioctl+0x448/0x620
[ 2033.827741][T30991]  ? do_vfs_ioctl+0x742/0x1720
[ 2033.832335][T30991]  ? __x64_sys_ioctl+0xd4/0x110
[ 2033.837020][T30991]  ? do_syscall_64+0xca/0x1c0
[ 2033.841553][T30991]  alloc_slab_page+0x39/0x3c0
[ 2033.846065][T30991]  new_slab+0x97/0x440
[ 2033.849974][T30991]  ? check_preemption_disabled+0x153/0x320
[ 2033.855814][T30991]  ___slab_alloc+0x2fe/0x490
[ 2033.860236][T30991]  ? mempool_init_node+0x1ec/0x4e0
[ 2033.865160][T30991]  ? setup_fault_attr+0x3d0/0x3d0
[ 2033.870017][T30991]  ? mempool_init_node+0x1ec/0x4e0
[ 2033.874954][T30991]  __slab_alloc+0x62/0xa0
[ 2033.879334][T30991]  ? mempool_init_node+0x1ec/0x4e0
[ 2033.884275][T30991]  kmem_cache_alloc+0x109/0x250
[ 2033.889145][T30991]  ? mempool_free+0x380/0x380
[ 2033.893649][T30991]  mempool_init_node+0x1ec/0x4e0
[ 2033.898464][T30991]  ? mempool_free+0x380/0x380
[ 2033.902941][T30991]  ? mempool_alloc_slab+0x20/0x20
[ 2033.907798][T30991]  mempool_init+0x35/0x50
[ 2033.911966][T30991]  bioset_init+0x4d8/0x600
[ 2033.916218][T30991]  blk_alloc_queue_node+0xcb/0x640
[ 2033.921166][T30991]  ? blk_mq_alloc_tag_set+0x84f/0xb40
[ 2033.926382][T30991]  blk_mq_init_queue+0x34/0xa0
[ 2033.930973][T30991]  loop_add+0x25c/0x740
[ 2033.934959][T30991]  ? get_pid_task+0xde/0x130
[ 2033.939394][T30991]  ? radix_tree_lookup+0x16f/0x1c0
[ 2033.944339][T30991]  loop_control_ioctl+0x448/0x620
[ 2033.949200][T30991]  ? loop_remove+0xa0/0xa0
[ 2033.953450][T30991]  ? memset+0x1f/0x40
[ 2033.957267][T30991]  ? fsnotify+0x1280/0x1340
[ 2033.961609][T30991]  ? loop_remove+0xa0/0xa0
[ 2033.965859][T30991]  do_vfs_ioctl+0x742/0x1720
[ 2033.970289][T30991]  ? ioctl_preallocate+0x250/0x250
03:34:06 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 19)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:06 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01) (async)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000000)={0xb, {'syz1\x00', 'syz0\x00', 'syz0\x00', 0x32, 0x201, 0x1, 0x100, 0x80020001, 0x100100, "e4c321d7ecdc285c0cd6ba15713ff8b917989fddc8680edee1350a089bfd9ed6bc66f7787fe455e4e081cbcaa1030e9edb89"}}, 0x14a)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, 0x0, 0x2)

03:34:06 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
socket(0xa, 0x1, 0x7e) (async, rerun: 32)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (rerun: 32)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000100)=0x30ec, 0x4)
r1 = socket(0x2a, 0x800, 0x80000001)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='bic\x00', 0x4) (async, rerun: 32)
accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x80000) (rerun: 32)

03:34:06 executing program 5:
io_uring_register$IORING_REGISTER_IOWQ_AFF(0xffffffffffffffff, 0x11, &(0x7f0000000680)="8d63b0cc31d4efd3c62e99aea4b9025dceeb08d0038931aec2eba7adec1bbee002432fe3e9aa4497f8136df586ab675f5a56900af7380a3af45195dde500a63792d488a9d13a5bb7cfc16697123d4daafd5deabb8e3591533b3546062e413556bdec98ec8d6cd66cd8c9260e2906ce8c7c5054e0fd4ba6d06800edefeea0a889311d5128cf937073b7ff003a6036e7", 0x8f)
r0 = socket$tipc(0x1e, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000000500)={0x6, 0x1, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)=""/128, 0x80}, {&(0x7f0000000180)=""/188, 0xbc}, {&(0x7f0000000240)=""/14, 0xe}, {&(0x7f0000000280)=""/30, 0x1e}, {&(0x7f00000002c0)=""/218, 0xda}, {&(0x7f00000003c0)=""/115, 0x73}], &(0x7f00000004c0)=[0x3, 0x1]}, 0x20)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
syz_open_dev$mouse(&(0x7f0000000080), 0xa0000000ffffffff, 0x925f00)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000600)=0x7ff, 0x4)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
io_uring_setup(0x5ffd, &(0x7f0000000580)={0x0, 0x6b87, 0x2000, 0x1, 0x28f, 0x0, r2})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:06 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0x3ff, @any, 0x1dd}, 0xe) (async)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x100000000000000, 0x8000)
ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000080)) (async, rerun: 32)
getpeername$tipc(r1, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10) (rerun: 32)

03:34:06 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0x3ff, @any, 0x1dd}, 0xe) (async)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x100000000000000, 0x8000)
ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000080))
getpeername$tipc(r1, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10)

[ 2033.975235][T30991]  ? __fget+0x407/0x490
[ 2033.979230][T30991]  ? fget_many+0x20/0x20
[ 2033.983394][T30991]  ? debug_smp_processor_id+0x20/0x20
[ 2033.988601][T30991]  ? security_file_ioctl+0x7d/0xa0
[ 2033.993553][T30991]  __x64_sys_ioctl+0xd4/0x110
[ 2033.998166][T30991]  do_syscall_64+0xca/0x1c0
[ 2034.002496][T30991]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:06 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000040)={'nicvf0\x00', 0xffff0001})

03:34:06 executing program 5:
io_uring_register$IORING_REGISTER_IOWQ_AFF(0xffffffffffffffff, 0x11, &(0x7f0000000680)="8d63b0cc31d4efd3c62e99aea4b9025dceeb08d0038931aec2eba7adec1bbee002432fe3e9aa4497f8136df586ab675f5a56900af7380a3af45195dde500a63792d488a9d13a5bb7cfc16697123d4daafd5deabb8e3591533b3546062e413556bdec98ec8d6cd66cd8c9260e2906ce8c7c5054e0fd4ba6d06800edefeea0a889311d5128cf937073b7ff003a6036e7", 0x8f) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000000500)={0x6, 0x1, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)=""/128, 0x80}, {&(0x7f0000000180)=""/188, 0xbc}, {&(0x7f0000000240)=""/14, 0xe}, {&(0x7f0000000280)=""/30, 0x1e}, {&(0x7f00000002c0)=""/218, 0xda}, {&(0x7f00000003c0)=""/115, 0x73}], &(0x7f00000004c0)=[0x3, 0x1]}, 0x20) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
syz_open_dev$mouse(&(0x7f0000000080), 0xa0000000ffffffff, 0x925f00) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000600)=0x7ff, 0x4) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
io_uring_setup(0x5ffd, &(0x7f0000000580)={0x0, 0x6b87, 0x2000, 0x1, 0x28f, 0x0, r2})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

03:34:06 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3fa, 0x1, 0x70bd27, 0x25dfdbfe, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x24000011)
r1 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3fb, 0x20, 0x70bd26, 0x25dfdbfe, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x2000c000}, 0x3a1984dabadc64e0)
bind$tipc(r1, 0x0, 0x2)

03:34:06 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:06 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async, rerun: 64)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (rerun: 64)

[ 2034.099293][T31027] FAULT_INJECTION: forcing a failure.
[ 2034.099293][T31027] name failslab, interval 1, probability 0, space 0, times 0
[ 2034.118869][T31027] CPU: 0 PID: 31027 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2034.128925][T31027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2034.138810][T31027] Call Trace:
[ 2034.141944][T31027]  dump_stack+0x1d8/0x241
[ 2034.146108][T31027]  ? panic+0x896/0x896
[ 2034.150015][T31027]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2034.155657][T31027]  should_fail+0x71f/0x880
[ 2034.159910][T31027]  ? setup_fault_attr+0x3d0/0x3d0
[ 2034.164770][T31027]  ? mempool_alloc_slab+0x20/0x20
[ 2034.169626][T31027]  ? mempool_init+0x35/0x50
[ 2034.173968][T31027]  ? bdi_alloc_node+0x69/0xd0
[ 2034.178481][T31027]  should_failslab+0x5/0x20
[ 2034.182839][T31027]  kmem_cache_alloc_trace+0x28/0x260
[ 2034.187943][T31027]  bdi_alloc_node+0x69/0xd0
[ 2034.192282][T31027]  blk_alloc_queue_node+0x112/0x640
[ 2034.197316][T31027]  blk_mq_init_queue+0x34/0xa0
[ 2034.201917][T31027]  loop_add+0x25c/0x740
[ 2034.206084][T31027]  ? get_pid_task+0xde/0x130
[ 2034.210508][T31027]  ? radix_tree_lookup+0x16f/0x1c0
[ 2034.215458][T31027]  loop_control_ioctl+0x448/0x620
[ 2034.220319][T31027]  ? loop_remove+0xa0/0xa0
[ 2034.224570][T31027]  ? memset+0x1f/0x40
[ 2034.228384][T31027]  ? fsnotify+0x1280/0x1340
[ 2034.232724][T31027]  ? loop_remove+0xa0/0xa0
[ 2034.236977][T31027]  do_vfs_ioctl+0x742/0x1720
[ 2034.241411][T31027]  ? ioctl_preallocate+0x250/0x250
03:34:07 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 20)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:07 executing program 5:
io_uring_register$IORING_REGISTER_IOWQ_AFF(0xffffffffffffffff, 0x11, &(0x7f0000000680)="8d63b0cc31d4efd3c62e99aea4b9025dceeb08d0038931aec2eba7adec1bbee002432fe3e9aa4497f8136df586ab675f5a56900af7380a3af45195dde500a63792d488a9d13a5bb7cfc16697123d4daafd5deabb8e3591533b3546062e413556bdec98ec8d6cd66cd8c9260e2906ce8c7c5054e0fd4ba6d06800edefeea0a889311d5128cf937073b7ff003a6036e7", 0x8f) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000000500)={0x6, 0x1, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)=""/128, 0x80}, {&(0x7f0000000180)=""/188, 0xbc}, {&(0x7f0000000240)=""/14, 0xe}, {&(0x7f0000000280)=""/30, 0x1e}, {&(0x7f00000002c0)=""/218, 0xda}, {&(0x7f00000003c0)=""/115, 0x73}], &(0x7f00000004c0)=[0x3, 0x1]}, 0x20) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
syz_open_dev$mouse(&(0x7f0000000080), 0xa0000000ffffffff, 0x925f00)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000600)=0x7ff, 0x4) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
io_uring_setup(0x5ffd, &(0x7f0000000580)={0x0, 0x6b87, 0x2000, 0x1, 0x28f, 0x0, r2})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000040)={'nicvf0\x00', 0xffff0001})

03:34:07 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3fa, 0x1, 0x70bd27, 0x25dfdbfe, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x24000011)
r1 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3fb, 0x20, 0x70bd26, 0x25dfdbfe, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x2000c000}, 0x3a1984dabadc64e0)
bind$tipc(r1, 0x0, 0x2)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3fa, 0x1, 0x70bd27, 0x25dfdbfe, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x24000011) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3fb, 0x20, 0x70bd26, 0x25dfdbfe, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x2000c000}, 0x3a1984dabadc64e0) (async)
bind$tipc(r1, 0x0, 0x2) (async)

03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
socket$pppl2tp(0x18, 0x1, 0x1)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:07 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x3fa, 0x400, 0x70bd28, 0x25dfdbfd, {0x1, 0x0, 0x0, 0x1}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getpeername$tipc(r2, &(0x7f0000000040), &(0x7f0000000340)=0x22)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r3, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x10, 0x3f6, 0x10, 0x70bd2d, 0x25dfdbfc, "", ["", ""]}, 0x10}}, 0x800)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x80000000000009, 0x410541)
ioctl$BINDER_CTL_ADD(r4, 0xc1086201, &(0x7f0000000100)={'binder1\x00'})

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000040)={'nicvf0\x00', 0xffff0001})

03:34:07 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3fa, 0x1, 0x70bd27, 0x25dfdbfe, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x24000011) (async)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x3fa, 0x1, 0x70bd27, 0x25dfdbfe, {0x1, 0x0, 0x0, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x24000011)
r1 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x10, 0x3fb, 0x20, 0x70bd26, 0x25dfdbfe, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x2000c000}, 0x3a1984dabadc64e0)
bind$tipc(r1, 0x0, 0x2) (async)
bind$tipc(r1, 0x0, 0x2)

[ 2034.246354][T31027]  ? __fget+0x407/0x490
[ 2034.250344][T31027]  ? fget_many+0x20/0x20
[ 2034.254421][T31027]  ? debug_smp_processor_id+0x20/0x20
[ 2034.259634][T31027]  ? security_file_ioctl+0x7d/0xa0
[ 2034.264578][T31027]  __x64_sys_ioctl+0xd4/0x110
[ 2034.269095][T31027]  do_syscall_64+0xca/0x1c0
[ 2034.273432][T31027]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:07 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x3fa, 0x400, 0x70bd28, 0x25dfdbfd, {0x1, 0x0, 0x0, 0x1}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) (async)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x3fa, 0x400, 0x70bd28, 0x25dfdbfd, {0x1, 0x0, 0x0, 0x1}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getpeername$tipc(r2, &(0x7f0000000040), &(0x7f0000000340)=0x22)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r3, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x10, 0x3f6, 0x10, 0x70bd2d, 0x25dfdbfc, "", ["", ""]}, 0x10}}, 0x800)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
syz_open_dev$mouse(&(0x7f00000000c0), 0x80000000000009, 0x410541) (async)
r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x80000000000009, 0x410541)
ioctl$BINDER_CTL_ADD(r4, 0xc1086201, &(0x7f0000000100)={'binder1\x00'})

[ 2034.330051][T31070] FAULT_INJECTION: forcing a failure.
[ 2034.330051][T31070] name failslab, interval 1, probability 0, space 0, times 0
[ 2034.355107][T31070] CPU: 1 PID: 31070 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2034.365344][T31070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2034.375234][T31070] Call Trace:
03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f00000037c0)=[{0x9, 0x0, 0x0, &(0x7f0000002300)=[{&(0x7f0000000040)}, {&(0x7f0000000080)=""/176, 0xb0}, {&(0x7f0000000140)=""/33, 0x21}, {&(0x7f0000000180)=""/65, 0x41}, {&(0x7f0000000200)=""/23, 0x17}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/18, 0x12}, {&(0x7f0000001280)=""/126, 0x7e}, {&(0x7f0000001300)=""/4096, 0x1000}], &(0x7f00000023c0)=[0x7fffffff, 0x2, 0x7ff, 0x6, 0x54bb, 0x8001, 0x82, 0x3]}, {0x5, 0x0, 0x0, &(0x7f0000003700)=[{&(0x7f0000002400)=""/4096, 0x1000}, {&(0x7f0000003400)=""/135, 0x87}, {&(0x7f00000034c0)=""/249, 0xf9}, {&(0x7f00000035c0)=""/61, 0x3d}, {&(0x7f0000003600)=""/247, 0xf7}], &(0x7f0000003780)=[0xd, 0xffffffffffffffb4, 0x7, 0x7]}], 0x2)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)

[ 2034.378377][T31070]  dump_stack+0x1d8/0x241
[ 2034.382542][T31070]  ? panic+0x896/0x896
[ 2034.386449][T31070]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2034.392096][T31070]  ? _raw_spin_unlock_irqrestore+0x57/0x80
[ 2034.397724][T31070]  should_fail+0x71f/0x880
[ 2034.401986][T31070]  ? setup_fault_attr+0x3d0/0x3d0
[ 2034.406842][T31070]  ? stable_pages_required_show+0x90/0x90
[ 2034.412388][T31070]  ? blk_alloc_queue_stats+0x48/0x100
[ 2034.417588][T31070]  should_failslab+0x5/0x20
[ 2034.421929][T31070]  kmem_cache_alloc_trace+0x28/0x260
[ 2034.427050][T31070]  blk_alloc_queue_stats+0x48/0x100
[ 2034.432099][T31070]  blk_alloc_queue_node+0x14f/0x640
[ 2034.437123][T31070]  blk_mq_init_queue+0x34/0xa0
[ 2034.441729][T31070]  loop_add+0x25c/0x740
[ 2034.445715][T31070]  ? get_pid_task+0xde/0x130
[ 2034.450141][T31070]  ? radix_tree_lookup+0x16f/0x1c0
[ 2034.455092][T31070]  loop_control_ioctl+0x448/0x620
[ 2034.459945][T31070]  ? loop_remove+0xa0/0xa0
[ 2034.464200][T31070]  ? memset+0x1f/0x40
[ 2034.468010][T31070]  ? fsnotify+0x1280/0x1340
[ 2034.472363][T31070]  ? loop_remove+0xa0/0xa0
03:34:07 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 21)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0xb1aff2e06692fb53, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:07 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)

03:34:07 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x3fa, 0x400, 0x70bd28, 0x25dfdbfd, {0x1, 0x0, 0x0, 0x1}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getpeername$tipc(r2, &(0x7f0000000040), &(0x7f0000000340)=0x22) (async)
getpeername$tipc(r2, &(0x7f0000000040), &(0x7f0000000340)=0x22)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r3, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x10, 0x3f6, 0x10, 0x70bd2d, 0x25dfdbfc, "", ["", ""]}, 0x10}}, 0x800)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x80000000000009, 0x410541)
ioctl$BINDER_CTL_ADD(r4, 0xc1086201, &(0x7f0000000100)={'binder1\x00'}) (async)
ioctl$BINDER_CTL_ADD(r4, 0xc1086201, &(0x7f0000000100)={'binder1\x00'})

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f00000037c0)=[{0x9, 0x0, 0x0, &(0x7f0000002300)=[{&(0x7f0000000040)}, {&(0x7f0000000080)=""/176, 0xb0}, {&(0x7f0000000140)=""/33, 0x21}, {&(0x7f0000000180)=""/65, 0x41}, {&(0x7f0000000200)=""/23, 0x17}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/18, 0x12}, {&(0x7f0000001280)=""/126, 0x7e}, {&(0x7f0000001300)=""/4096, 0x1000}], &(0x7f00000023c0)=[0x7fffffff, 0x2, 0x7ff, 0x6, 0x54bb, 0x8001, 0x82, 0x3]}, {0x5, 0x0, 0x0, &(0x7f0000003700)=[{&(0x7f0000002400)=""/4096, 0x1000}, {&(0x7f0000003400)=""/135, 0x87}, {&(0x7f00000034c0)=""/249, 0xf9}, {&(0x7f00000035c0)=""/61, 0x3d}, {&(0x7f0000003600)=""/247, 0xf7}], &(0x7f0000003780)=[0xd, 0xffffffffffffffb4, 0x7, 0x7]}], 0x2)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0xb1aff2e06692fb53, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

[ 2034.476606][T31070]  do_vfs_ioctl+0x742/0x1720
[ 2034.481034][T31070]  ? ioctl_preallocate+0x250/0x250
[ 2034.486153][T31070]  ? __fget+0x407/0x490
[ 2034.490146][T31070]  ? fget_many+0x20/0x20
[ 2034.494224][T31070]  ? debug_smp_processor_id+0x20/0x20
[ 2034.499525][T31070]  ? security_file_ioctl+0x7d/0xa0
[ 2034.504472][T31070]  __x64_sys_ioctl+0xd4/0x110
[ 2034.508985][T31070]  do_syscall_64+0xca/0x1c0
[ 2034.513345][T31070]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:07 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f00000037c0)=[{0x9, 0x0, 0x0, &(0x7f0000002300)=[{&(0x7f0000000040)}, {&(0x7f0000000080)=""/176, 0xb0}, {&(0x7f0000000140)=""/33, 0x21}, {&(0x7f0000000180)=""/65, 0x41}, {&(0x7f0000000200)=""/23, 0x17}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/18, 0x12}, {&(0x7f0000001280)=""/126, 0x7e}, {&(0x7f0000001300)=""/4096, 0x1000}], &(0x7f00000023c0)=[0x7fffffff, 0x2, 0x7ff, 0x6, 0x54bb, 0x8001, 0x82, 0x3]}, {0x5, 0x0, 0x0, &(0x7f0000003700)=[{&(0x7f0000002400)=""/4096, 0x1000}, {&(0x7f0000003400)=""/135, 0x87}, {&(0x7f00000034c0)=""/249, 0xf9}, {&(0x7f00000035c0)=""/61, 0x3d}, {&(0x7f0000003600)=""/247, 0xf7}], &(0x7f0000003780)=[0xd, 0xffffffffffffffb4, 0x7, 0x7]}], 0x2)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
getpeername$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10)

[ 2034.558710][T31098] FAULT_INJECTION: forcing a failure.
[ 2034.558710][T31098] name failslab, interval 1, probability 0, space 0, times 0
[ 2034.571581][T31098] CPU: 1 PID: 31098 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2034.581669][T31098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2034.591525][T31098] Call Trace:
[ 2034.594798][T31098]  dump_stack+0x1d8/0x241
[ 2034.598962][T31098]  ? panic+0x896/0x896
[ 2034.602868][T31098]  ? nf_ct_l4proto_log_invalid+0x258/0x258
03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
getpeername$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10)

[ 2034.608511][T31098]  ? pcpu_chunk_relocate+0xdc/0x3a0
[ 2034.613545][T31098]  should_fail+0x71f/0x880
[ 2034.617799][T31098]  ? setup_fault_attr+0x3d0/0x3d0
[ 2034.622652][T31098]  ? find_next_bit+0xc3/0x100
[ 2034.627164][T31098]  ? cpumask_next+0xc/0x20
[ 2034.631596][T31098]  ? blkg_alloc+0x7e/0x480
[ 2034.635837][T31098]  should_failslab+0x5/0x20
[ 2034.640225][T31098]  kmem_cache_alloc_trace+0x28/0x260
[ 2034.645303][T31098]  blkg_alloc+0x7e/0x480
[ 2034.649390][T31098]  ? blk_timeout_work+0x10/0x10
[ 2034.654171][T31098]  blkcg_init_queue+0x24/0x150
[ 2034.658770][T31098]  blk_alloc_queue_node+0x4e9/0x640
[ 2034.663806][T31098]  blk_mq_init_queue+0x34/0xa0
[ 2034.668401][T31098]  loop_add+0x25c/0x740
[ 2034.672397][T31098]  ? get_pid_task+0xde/0x130
[ 2034.676819][T31098]  ? radix_tree_lookup+0x16f/0x1c0
[ 2034.681769][T31098]  loop_control_ioctl+0x448/0x620
[ 2034.686803][T31098]  ? loop_remove+0xa0/0xa0
[ 2034.691057][T31098]  ? memset+0x1f/0x40
[ 2034.694871][T31098]  ? fsnotify+0x1280/0x1340
[ 2034.699213][T31098]  ? loop_remove+0xa0/0xa0
[ 2034.703563][T31098]  do_vfs_ioctl+0x742/0x1720
03:34:07 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 22)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async, rerun: 64)
getpeername$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10) (rerun: 64)

03:34:07 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
write$char_usb(r2, &(0x7f0000000080)="6754118a2f9289ebc96541724f3089bf7f5cddf175d0ba130083ed65b1d5cb86f83ce8d53e6499cf6d8acd2af410ea66e86c16e6e74c79b0d22bae007f2ae713316565558ee1b5118482195860c0b50915d8a5601e8234de9b8325b0b3416197b2488e7353cc9c2e999995ed167bf5da91254e56ecba", 0x76)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='ns\x00')
setsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f0000000040)=0x9, 0x4)
r4 = syz_open_dev$mouse(&(0x7f0000000140), 0x8, 0x600042)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000001c0)={<r5=>0x0, @loopback, @local}, &(0x7f0000000200)=0xc)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000240)={<r6=>0x0, @rand_addr, @broadcast}, &(0x7f0000000280)=0xc)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000002c0)={<r7=>0x0, @multicast1, @broadcast}, &(0x7f0000000300)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r3, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r3, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000004c0)={'team0\x00', <r10=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000580)={r3, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000005c0)={<r12=>0x0, @remote, @initdev}, &(0x7f0000000600)=0xc)
r13 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001580)={0x6, 0x3, &(0x7f00000013c0)=@raw=[@map_fd={0x18, 0x0, 0x1, 0x0, r1}, @ldst={0x1, 0x0, 0x3, 0x4, 0xd, 0x2, 0x1}], &(0x7f0000001400)='syzkaller\x00', 0x6, 0x0, &(0x7f0000001440), 0x41000, 0x8, '\x00', r12, 0x25, r2, 0x8, &(0x7f0000001480)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000014c0)={0x1, 0x1, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001540)=[r4, r13], 0x0, 0x10, 0x9}, 0x90)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000640)={<r14=>0x0, @multicast1, @dev}, &(0x7f0000000680)=0xc)
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000001380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001340)={&(0x7f00000006c0)={0xc6c, 0x0, 0x20, 0x70bd25, 0x25dfdbfd, {}, [{{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xdcd}}}]}}, {{0x8}, {0x1e8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2ae}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0x234, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x80f9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffb}}, {0x8, 0x6, r6}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1d8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x0, 0x80, 0xe9, 0x3f}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r8}}, {0x8}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x61}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x53}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}]}}, {{0x8}, {0x1e8, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xbf5}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x11c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xf92}}, {0x8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x101, 0x4, 0x40, 0xffffffff}, {0x80, 0x1, 0xff, 0x80}, {0x401, 0x7, 0x45, 0x12719147}]}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x4, 0x8, 0x4}, {0x5, 0x80, 0x0, 0x7ff}, {0x8, 0x81, 0x20, 0x10000}, {0x8, 0x3f, 0x4, 0xdf}]}}}]}}]}, 0xc6c}, 0x1, 0x0, 0x0, 0x4}, 0x8004800)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:07 executing program 3:
socket$tipc(0x1e, 0x5, 0x0) (async)
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)

[ 2034.707995][T31098]  ? ioctl_preallocate+0x250/0x250
[ 2034.713057][T31098]  ? __fget+0x407/0x490
[ 2034.717040][T31098]  ? fget_many+0x20/0x20
[ 2034.721120][T31098]  ? debug_smp_processor_id+0x20/0x20
[ 2034.726417][T31098]  ? security_file_ioctl+0x7d/0xa0
[ 2034.731372][T31098]  __x64_sys_ioctl+0xd4/0x110
[ 2034.735965][T31098]  do_syscall_64+0xca/0x1c0
[ 2034.740393][T31098]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0xb1aff2e06692fb53, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:07 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)

03:34:07 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
write$char_usb(r2, &(0x7f0000000080)="6754118a2f9289ebc96541724f3089bf7f5cddf175d0ba130083ed65b1d5cb86f83ce8d53e6499cf6d8acd2af410ea66e86c16e6e74c79b0d22bae007f2ae713316565558ee1b5118482195860c0b50915d8a5601e8234de9b8325b0b3416197b2488e7353cc9c2e999995ed167bf5da91254e56ecba", 0x76) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='ns\x00')
setsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f0000000040)=0x9, 0x4) (async)
r4 = syz_open_dev$mouse(&(0x7f0000000140), 0x8, 0x600042)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000001c0)={<r5=>0x0, @loopback, @local}, &(0x7f0000000200)=0xc) (async)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000240)={<r6=>0x0, @rand_addr, @broadcast}, &(0x7f0000000280)=0xc)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000002c0)={<r7=>0x0, @multicast1, @broadcast}, &(0x7f0000000300)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r3, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r3, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000004c0)={'team0\x00', <r10=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000580)={r3, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000005c0)={<r12=>0x0, @remote, @initdev}, &(0x7f0000000600)=0xc) (async)
r13 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001580)={0x6, 0x3, &(0x7f00000013c0)=@raw=[@map_fd={0x18, 0x0, 0x1, 0x0, r1}, @ldst={0x1, 0x0, 0x3, 0x4, 0xd, 0x2, 0x1}], &(0x7f0000001400)='syzkaller\x00', 0x6, 0x0, &(0x7f0000001440), 0x41000, 0x8, '\x00', r12, 0x25, r2, 0x8, &(0x7f0000001480)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000014c0)={0x1, 0x1, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001540)=[r4, r13], 0x0, 0x10, 0x9}, 0x90) (async)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000640)={<r14=>0x0, @multicast1, @dev}, &(0x7f0000000680)=0xc)
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000001380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001340)={&(0x7f00000006c0)={0xc6c, 0x0, 0x20, 0x70bd25, 0x25dfdbfd, {}, [{{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xdcd}}}]}}, {{0x8}, {0x1e8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2ae}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0x234, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x80f9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffb}}, {0x8, 0x6, r6}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1d8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x0, 0x80, 0xe9, 0x3f}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r8}}, {0x8}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x61}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x53}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}]}}, {{0x8}, {0x1e8, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xbf5}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x11c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xf92}}, {0x8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x101, 0x4, 0x40, 0xffffffff}, {0x80, 0x1, 0xff, 0x80}, {0x401, 0x7, 0x45, 0x12719147}]}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x4, 0x8, 0x4}, {0x5, 0x80, 0x0, 0x7ff}, {0x8, 0x81, 0x20, 0x10000}, {0x8, 0x3f, 0x4, 0xdf}]}}}]}}]}, 0xc6c}, 0x1, 0x0, 0x0, 0x4}, 0x8004800) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
socket$tipc(0x1e, 0x2, 0x0)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0xf, &(0x7f0000000040)=@raw=[@map_val={0x18, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfcb}, @jmp={0x5, 0x1, 0x1, 0x9, 0x7, 0x10, 0x4}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x3}, @map_val={0x18, 0x2, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x400}, @call={0x85, 0x0, 0x0, 0xb0}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x3c, &(0x7f0000000100)=""/60, 0xc3000, 0x10, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x4, 0xe, 0x7, 0x40}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], &(0x7f0000000200)=[{0x2, 0x1, 0x7}], 0x10, 0x1}, 0x90)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000300)={0x40, <r2=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@ifindex, r1, 0x2f, 0x0, 0xffffffffffffffff, @link_id=r2}, 0x20)

[ 2034.785610][T31128] FAULT_INJECTION: forcing a failure.
[ 2034.785610][T31128] name failslab, interval 1, probability 0, space 0, times 0
[ 2034.808592][T31128] CPU: 1 PID: 31128 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2034.818656][T31128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2034.828547][T31128] Call Trace:
[ 2034.831683][T31128]  dump_stack+0x1d8/0x241
03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0xf, &(0x7f0000000040)=@raw=[@map_val={0x18, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfcb}, @jmp={0x5, 0x1, 0x1, 0x9, 0x7, 0x10, 0x4}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x3}, @map_val={0x18, 0x2, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x400}, @call={0x85, 0x0, 0x0, 0xb0}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x3c, &(0x7f0000000100)=""/60, 0xc3000, 0x10, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x4, 0xe, 0x7, 0x40}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], &(0x7f0000000200)=[{0x2, 0x1, 0x7}], 0x10, 0x1}, 0x90)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000300)={0x40, <r2=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@ifindex, r1, 0x2f, 0x0, 0xffffffffffffffff, @link_id=r2}, 0x20)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0xf, &(0x7f0000000040)=@raw=[@map_val={0x18, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfcb}, @jmp={0x5, 0x1, 0x1, 0x9, 0x7, 0x10, 0x4}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x3}, @map_val={0x18, 0x2, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x400}, @call={0x85, 0x0, 0x0, 0xb0}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x3c, &(0x7f0000000100)=""/60, 0xc3000, 0x10, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x4, 0xe, 0x7, 0x40}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], &(0x7f0000000200)=[{0x2, 0x1, 0x7}], 0x10, 0x1}, 0x90) (async)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000300)={0x40}, 0x8) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@ifindex, r1, 0x2f, 0x0, 0xffffffffffffffff, @link_id=r2}, 0x20) (async)

[ 2034.835851][T31128]  ? panic+0x896/0x896
[ 2034.839767][T31128]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2034.845401][T31128]  ? _raw_spin_lock+0xa4/0x1b0
[ 2034.849998][T31128]  should_fail+0x71f/0x880
[ 2034.854257][T31128]  ? setup_fault_attr+0x3d0/0x3d0
[ 2034.859112][T31128]  ? blkg_create+0xd61/0x1270
[ 2034.863629][T31128]  ? blk_mq_poll_stats_fn+0x110/0x110
[ 2034.868830][T31128]  ? blk_stat_alloc_callback+0x5c/0x210
[ 2034.874217][T31128]  should_failslab+0x5/0x20
[ 2034.878555][T31128]  kmem_cache_alloc_trace+0x28/0x260
03:34:07 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async, rerun: 64)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
write$char_usb(r2, &(0x7f0000000080)="6754118a2f9289ebc96541724f3089bf7f5cddf175d0ba130083ed65b1d5cb86f83ce8d53e6499cf6d8acd2af410ea66e86c16e6e74c79b0d22bae007f2ae713316565558ee1b5118482195860c0b50915d8a5601e8234de9b8325b0b3416197b2488e7353cc9c2e999995ed167bf5da91254e56ecba", 0x76)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='ns\x00')
setsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f0000000040)=0x9, 0x4) (async, rerun: 64)
r4 = syz_open_dev$mouse(&(0x7f0000000140), 0x8, 0x600042) (async, rerun: 64)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000001c0)={<r5=>0x0, @loopback, @local}, &(0x7f0000000200)=0xc) (async)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000240)={<r6=>0x0, @rand_addr, @broadcast}, &(0x7f0000000280)=0xc)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000002c0)={<r7=>0x0, @multicast1, @broadcast}, &(0x7f0000000300)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r3, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r3, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0}}, 0x10) (rerun: 64)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000004c0)={'team0\x00', <r10=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000580)={r3, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0}}, 0x10) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000005c0)={<r12=>0x0, @remote, @initdev}, &(0x7f0000000600)=0xc) (async, rerun: 64)
r13 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) (rerun: 64)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001580)={0x6, 0x3, &(0x7f00000013c0)=@raw=[@map_fd={0x18, 0x0, 0x1, 0x0, r1}, @ldst={0x1, 0x0, 0x3, 0x4, 0xd, 0x2, 0x1}], &(0x7f0000001400)='syzkaller\x00', 0x6, 0x0, &(0x7f0000001440), 0x41000, 0x8, '\x00', r12, 0x25, r2, 0x8, &(0x7f0000001480)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000014c0)={0x1, 0x1, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001540)=[r4, r13], 0x0, 0x10, 0x9}, 0x90)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000640)={<r14=>0x0, @multicast1, @dev}, &(0x7f0000000680)=0xc)
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000001380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001340)={&(0x7f00000006c0)={0xc6c, 0x0, 0x20, 0x70bd25, 0x25dfdbfd, {}, [{{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xdcd}}}]}}, {{0x8}, {0x1e8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2ae}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8}, {0x234, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x80f9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffb}}, {0x8, 0x6, r6}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1d8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x0, 0x80, 0xe9, 0x3f}]}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r8}}, {0x8}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x61}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x53}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r11}}}]}}, {{0x8}, {0x1e8, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r14}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xbf5}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x11c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xf92}}, {0x8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x101, 0x4, 0x40, 0xffffffff}, {0x80, 0x1, 0xff, 0x80}, {0x401, 0x7, 0x45, 0x12719147}]}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x54, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x24, 0x4, [{0x4, 0x8, 0x4}, {0x5, 0x80, 0x0, 0x7ff}, {0x8, 0x81, 0x20, 0x10000}, {0x8, 0x3f, 0x4, 0xdf}]}}}]}}]}, 0xc6c}, 0x1, 0x0, 0x0, 0x4}, 0x8004800) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
socket$tipc(0x1e, 0x2, 0x0)

[ 2034.883682][T31128]  ? blk_mq_poll_stats_fn+0x110/0x110
[ 2034.888882][T31128]  ? blk_mq_free_tag_set+0x650/0x650
[ 2034.894196][T31128]  blk_stat_alloc_callback+0x5c/0x210
[ 2034.899364][T31128]  blk_mq_init_allocated_queue+0x8c/0x1990
[ 2034.905068][T31128]  ? blkcg_init_queue+0x12c/0x150
[ 2034.910030][T31128]  ? blk_alloc_queue_node+0x5a2/0x640
[ 2034.915270][T31128]  blk_mq_init_queue+0x49/0xa0
[ 2034.919834][T31128]  loop_add+0x25c/0x740
[ 2034.923901][T31128]  ? get_pid_task+0xde/0x130
[ 2034.928324][T31128]  ? radix_tree_lookup+0x16f/0x1c0
[ 2034.933363][T31128]  loop_control_ioctl+0x448/0x620
[ 2034.938224][T31128]  ? loop_remove+0xa0/0xa0
[ 2034.942600][T31128]  ? memset+0x1f/0x40
[ 2034.946408][T31128]  ? fsnotify+0x1280/0x1340
[ 2034.950757][T31128]  ? loop_remove+0xa0/0xa0
[ 2034.955012][T31128]  do_vfs_ioctl+0x742/0x1720
[ 2034.959443][T31128]  ? ioctl_preallocate+0x250/0x250
[ 2034.964376][T31128]  ? __fget+0x407/0x490
[ 2034.968363][T31128]  ? fget_many+0x20/0x20
[ 2034.972451][T31128]  ? debug_smp_processor_id+0x20/0x20
[ 2034.977652][T31128]  ? security_file_ioctl+0x7d/0xa0
03:34:07 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 23)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x12, 0xf, &(0x7f0000000040)=@raw=[@map_val={0x18, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfcb}, @jmp={0x5, 0x1, 0x1, 0x9, 0x7, 0x10, 0x4}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x3}, @map_val={0x18, 0x2, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff}, @btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x400}, @call={0x85, 0x0, 0x0, 0xb0}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x3c, &(0x7f0000000100)=""/60, 0xc3000, 0x10, '\x00', 0x0, 0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x4, 0xe, 0x7, 0x40}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], &(0x7f0000000200)=[{0x2, 0x1, 0x7}], 0x10, 0x1}, 0x90)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000300)={0x40, <r2=>0x0}, 0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@ifindex, r1, 0x2f, 0x0, 0xffffffffffffffff, @link_id=r2}, 0x20)

03:34:07 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x1}}, 0x10)

03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:07 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, 0x0, 0x2) (async)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)

03:34:07 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)

03:34:07 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x1}}, 0x10)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xd8bd920ba1d26c9f}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x3f5, 0x400, 0x70bd28, 0x25dfdbfb, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40081}, 0x4000)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000)

[ 2034.982615][T31128]  __x64_sys_ioctl+0xd4/0x110
[ 2034.987113][T31128]  do_syscall_64+0xca/0x1c0
[ 2034.991455][T31128]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xd8bd920ba1d26c9f}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x3f5, 0x400, 0x70bd28, 0x25dfdbfb, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40081}, 0x4000) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000)

[ 2035.040188][T31173] FAULT_INJECTION: forcing a failure.
[ 2035.040188][T31173] name failslab, interval 1, probability 0, space 0, times 0
[ 2035.059189][T31173] CPU: 1 PID: 31173 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2035.069240][T31173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2035.079139][T31173] Call Trace:
[ 2035.082281][T31173]  dump_stack+0x1d8/0x241
[ 2035.086440][T31173]  ? panic+0x896/0x896
[ 2035.090350][T31173]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2035.095996][T31173]  ? _raw_spin_lock+0xa4/0x1b0
[ 2035.100682][T31173]  should_fail+0x71f/0x880
[ 2035.104940][T31173]  ? setup_fault_attr+0x3d0/0x3d0
[ 2035.109785][T31173]  ? blkg_create+0xd61/0x1270
[ 2035.114410][T31173]  ? blk_mq_poll_stats_fn+0x110/0x110
[ 2035.119678][T31173]  ? blk_stat_alloc_callback+0x5c/0x210
[ 2035.125496][T31173]  should_failslab+0x5/0x20
[ 2035.129836][T31173]  kmem_cache_alloc_trace+0x28/0x260
[ 2035.134966][T31173]  ? blk_mq_poll_stats_fn+0x110/0x110
[ 2035.140267][T31173]  ? blk_mq_free_tag_set+0x650/0x650
[ 2035.145475][T31173]  blk_stat_alloc_callback+0x5c/0x210
[ 2035.150697][T31173]  blk_mq_init_allocated_queue+0x8c/0x1990
[ 2035.156304][T31173]  ? blkcg_init_queue+0x12c/0x150
[ 2035.161158][T31173]  ? blk_alloc_queue_node+0x5a2/0x640
[ 2035.166362][T31173]  blk_mq_init_queue+0x49/0xa0
[ 2035.170963][T31173]  loop_add+0x25c/0x740
[ 2035.174956][T31173]  ? get_pid_task+0xde/0x130
[ 2035.179380][T31173]  ? radix_tree_lookup+0x16f/0x1c0
[ 2035.184325][T31173]  loop_control_ioctl+0x448/0x620
[ 2035.189188][T31173]  ? loop_remove+0xa0/0xa0
[ 2035.193443][T31173]  ? memset+0x1f/0x40
[ 2035.197262][T31173]  ? fsnotify+0x1280/0x1340
[ 2035.201599][T31173]  ? loop_remove+0xa0/0xa0
[ 2035.205854][T31173]  do_vfs_ioctl+0x742/0x1720
[ 2035.210279][T31173]  ? ioctl_preallocate+0x250/0x250
[ 2035.215224][T31173]  ? __fget+0x407/0x490
[ 2035.219356][T31173]  ? fget_many+0x20/0x20
[ 2035.223434][T31173]  ? debug_smp_processor_id+0x20/0x20
[ 2035.228642][T31173]  ? security_file_ioctl+0x7d/0xa0
[ 2035.233588][T31173]  __x64_sys_ioctl+0xd4/0x110
03:34:07 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 24)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:07 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:07 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xd8bd920ba1d26c9f}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x3f5, 0x400, 0x70bd28, 0x25dfdbfb, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40081}, 0x4000)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000)

03:34:07 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)

03:34:07 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x1}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x1}}, 0x10) (async)

03:34:07 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_enter(r0, 0x350, 0xee9, 0x3, &(0x7f00000000c0)={[0x7]}, 0x8)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)
ptrace$setregs(0xd, 0xffffffffffffffff, 0x1, &(0x7f0000000000)="64abc91a35f97dbf53749952a23917c47c23ca6b81f7c9c5b0b1f2764908abcc0f74c139c4ccf1fb2ab12cd53d59760c308f72b3721440edf1d2da649f90a21f6e87da64af58ca7717ca0247814667c1b4587aa24d5f27cdd3510365c4afbc9e1ce276b734c1745d780e8f1f633fcc064347eddae5a2be655408d87c34a6e1d4c3d0e884b1b3c544c0db8e7129fe8c14eb")

03:34:08 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_enter(r0, 0x350, 0xee9, 0x3, &(0x7f00000000c0)={[0x7]}, 0x8)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2) (async)
ptrace$setregs(0xd, 0xffffffffffffffff, 0x1, &(0x7f0000000000)="64abc91a35f97dbf53749952a23917c47c23ca6b81f7c9c5b0b1f2764908abcc0f74c139c4ccf1fb2ab12cd53d59760c308f72b3721440edf1d2da649f90a21f6e87da64af58ca7717ca0247814667c1b4587aa24d5f27cdd3510365c4afbc9e1ce276b734c1745d780e8f1f633fcc064347eddae5a2be655408d87c34a6e1d4c3d0e884b1b3c544c0db8e7129fe8c14eb")

[ 2035.238112][T31173]  do_syscall_64+0xca/0x1c0
[ 2035.242441][T31173]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f00000000c0)=0x80009, 0x4)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000040)={'binder1\x00'})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:08 executing program 5:
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x800)
connect$tipc(r0, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x2, {0x4e24}}, 0x10)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10) (async, rerun: 32)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (rerun: 32)

[ 2035.285567][T31210] FAULT_INJECTION: forcing a failure.
[ 2035.285567][T31210] name failslab, interval 1, probability 0, space 0, times 0
[ 2035.298337][T31210] CPU: 1 PID: 31210 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2035.308377][T31210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2035.318270][T31210] Call Trace:
[ 2035.321419][T31210]  dump_stack+0x1d8/0x241
[ 2035.325576][T31210]  ? panic+0x896/0x896
[ 2035.329482][T31210]  ? nf_ct_l4proto_log_invalid+0x258/0x258
03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x1010c0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@ifindex, 0xffffffffffffffff, 0x6, 0x8, 0x0, @prog_fd=r1}, 0x20)

[ 2035.335125][T31210]  should_fail+0x71f/0x880
[ 2035.339376][T31210]  ? setup_fault_attr+0x3d0/0x3d0
[ 2035.344241][T31210]  ? blk_mq_poll_stats_fn+0x110/0x110
[ 2035.349444][T31210]  ? blk_stat_alloc_callback+0x95/0x210
[ 2035.354825][T31210]  should_failslab+0x5/0x20
[ 2035.359163][T31210]  __kmalloc+0x51/0x2e0
[ 2035.363158][T31210]  ? kmem_cache_alloc_trace+0xdc/0x260
[ 2035.368451][T31210]  ? blk_stat_alloc_callback+0x5c/0x210
[ 2035.373839][T31210]  ? blk_mq_poll_stats_fn+0x110/0x110
[ 2035.379044][T31210]  ? blk_mq_free_tag_set+0x650/0x650
[ 2035.384249][T31210]  blk_stat_alloc_callback+0x95/0x210
[ 2035.389457][T31210]  ? blk_mq_free_tag_set+0x650/0x650
[ 2035.394577][T31210]  ? blk_mq_poll_stats_fn+0x110/0x110
[ 2035.399872][T31210]  blk_mq_init_allocated_queue+0x8c/0x1990
[ 2035.405507][T31210]  ? blkcg_init_queue+0x12c/0x150
[ 2035.410369][T31210]  ? blk_alloc_queue_node+0x5a2/0x640
[ 2035.415575][T31210]  blk_mq_init_queue+0x49/0xa0
[ 2035.420189][T31210]  loop_add+0x25c/0x740
[ 2035.424242][T31210]  ? get_pid_task+0xde/0x130
[ 2035.428668][T31210]  ? radix_tree_lookup+0x16f/0x1c0
[ 2035.433617][T31210]  loop_control_ioctl+0x448/0x620
[ 2035.438492][T31210]  ? loop_remove+0xa0/0xa0
[ 2035.442819][T31210]  ? memset+0x1f/0x40
[ 2035.446632][T31210]  ? fsnotify+0x1280/0x1340
[ 2035.450976][T31210]  ? loop_remove+0xa0/0xa0
[ 2035.455239][T31210]  do_vfs_ioctl+0x742/0x1720
[ 2035.459668][T31210]  ? ioctl_preallocate+0x250/0x250
[ 2035.464624][T31210]  ? __fget+0x407/0x490
[ 2035.468595][T31210]  ? fget_many+0x20/0x20
[ 2035.472675][T31210]  ? debug_smp_processor_id+0x20/0x20
[ 2035.477880][T31210]  ? security_file_ioctl+0x7d/0xa0
03:34:08 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 25)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x1010c0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@ifindex, 0xffffffffffffffff, 0x6, 0x8, 0x0, @prog_fd=r1}, 0x20)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000040)={'binder1\x00'})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:08 executing program 5:
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x800)
connect$tipc(r0, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x2, {0x4e24}}, 0x10)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
accept4$tipc(0xffffffffffffffff, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x800) (async)
connect$tipc(r0, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x2, {0x4e24}}, 0x10) (async)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)

03:34:08 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_enter(r0, 0x350, 0xee9, 0x3, &(0x7f00000000c0)={[0x7]}, 0x8)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)
ptrace$setregs(0xd, 0xffffffffffffffff, 0x1, &(0x7f0000000000)="64abc91a35f97dbf53749952a23917c47c23ca6b81f7c9c5b0b1f2764908abcc0f74c139c4ccf1fb2ab12cd53d59760c308f72b3721440edf1d2da649f90a21f6e87da64af58ca7717ca0247814667c1b4587aa24d5f27cdd3510365c4afbc9e1ce276b734c1745d780e8f1f633fcc064347eddae5a2be655408d87c34a6e1d4c3d0e884b1b3c544c0db8e7129fe8c14eb")
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
io_uring_enter(r0, 0x350, 0xee9, 0x3, &(0x7f00000000c0)={[0x7]}, 0x8) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, 0x0, 0x2) (async)
ptrace$setregs(0xd, 0xffffffffffffffff, 0x1, &(0x7f0000000000)="64abc91a35f97dbf53749952a23917c47c23ca6b81f7c9c5b0b1f2764908abcc0f74c139c4ccf1fb2ab12cd53d59760c308f72b3721440edf1d2da649f90a21f6e87da64af58ca7717ca0247814667c1b4587aa24d5f27cdd3510365c4afbc9e1ce276b734c1745d780e8f1f633fcc064347eddae5a2be655408d87c34a6e1d4c3d0e884b1b3c544c0db8e7129fe8c14eb") (async)

03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
r1 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f00000000c0)=0x80009, 0x4)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000040)={'binder1\x00'})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x1010c0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@ifindex, 0xffffffffffffffff, 0x6, 0x8, 0x0, @prog_fd=r1}, 0x20)

[ 2035.482945][T31210]  __x64_sys_ioctl+0xd4/0x110
[ 2035.487457][T31210]  do_syscall_64+0xca/0x1c0
[ 2035.491796][T31210]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f00000000c0)=0x80009, 0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f00000000c0)=0x80009, 0x4) (async)

03:34:08 executing program 5:
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x800)
connect$tipc(r0, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x2, {0x4e24}}, 0x10) (async)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
socket(0x2, 0x2, 0x2)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @dev, @remote}, &(0x7f0000000080)=0xc)

[ 2035.531905][T31251] FAULT_INJECTION: forcing a failure.
[ 2035.531905][T31251] name failslab, interval 1, probability 0, space 0, times 0
[ 2035.552849][T31251] CPU: 1 PID: 31251 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2035.562908][T31251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2035.572975][T31251] Call Trace:
[ 2035.576116][T31251]  dump_stack+0x1d8/0x241
03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
socket(0x2, 0x2, 0x2) (async, rerun: 64)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @dev, @remote}, &(0x7f0000000080)=0xc) (rerun: 64)

[ 2035.580282][T31251]  ? panic+0x896/0x896
[ 2035.584192][T31251]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2035.589825][T31251]  ? pcpu_chunk_relocate+0xdc/0x3a0
[ 2035.594956][T31251]  ? pcpu_alloc_area+0x658/0x750
[ 2035.599725][T31251]  should_fail+0x71f/0x880
[ 2035.603984][T31251]  ? setup_fault_attr+0x3d0/0x3d0
[ 2035.608838][T31251]  ? cpumask_next+0xc/0x20
[ 2035.613091][T31251]  ? kobject_init+0x7f/0x1d0
[ 2035.617511][T31251]  ? find_next_bit+0xc3/0x100
[ 2035.622030][T31251]  ? blk_mq_init_allocated_queue+0x481/0x1990
[ 2035.627934][T31251]  should_failslab+0x5/0x20
[ 2035.632273][T31251]  __kmalloc+0x51/0x2e0
[ 2035.636279][T31251]  blk_mq_init_allocated_queue+0x481/0x1990
[ 2035.642187][T31251]  blk_mq_init_queue+0x49/0xa0
[ 2035.646767][T31251]  loop_add+0x25c/0x740
[ 2035.650752][T31251]  ? get_pid_task+0xde/0x130
[ 2035.655190][T31251]  ? radix_tree_lookup+0x16f/0x1c0
[ 2035.660133][T31251]  loop_control_ioctl+0x448/0x620
[ 2035.664988][T31251]  ? loop_remove+0xa0/0xa0
[ 2035.669239][T31251]  ? memset+0x1f/0x40
[ 2035.673049][T31251]  ? fsnotify+0x1280/0x1340
[ 2035.677395][T31251]  ? loop_remove+0xa0/0xa0
03:34:08 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 26)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:08 executing program 3:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r2=>0x0, @multicast1, @multicast1}, &(0x7f0000000180)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f00000002c0)={0x7a4, r0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8}, {0x1c0, 0x2, 0x0, 0x1, [{0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x7, 0xf3, 0x6, 0x70961552}, {0x40, 0x8, 0x3, 0x9}, {0x7, 0x9, 0x1f, 0x5}, {0x4, 0x0, 0x81, 0x575}, {0x2, 0x6, 0x8, 0x5}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x52}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x1f0, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3f}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xdb34}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfd}}}]}}, {{0x8, 0x1, r4}, {0x2c8, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x0, 0x8, 0x9, 0x5}, {0x5, 0xff, 0x0, 0x100}, {0x7, 0x1, 0x7, 0xfff}, {0x17, 0x5, 0xff}, {0x914e, 0x8, 0x2, 0x8}, {0x81, 0x9, 0x20, 0x3}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x5, 0x5, 0xdb, 0x100}, {0x3, 0x3, 0x3, 0x40}, {0x5, 0x2, 0xc4, 0x3}, {0x3f7e, 0x9c, 0x40, 0x101}, {0x0, 0x7, 0x1, 0x9}, {0x80, 0xf7, 0x97, 0x6}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}]}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}]}}, {{0x8}, {0xac, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffff801}}}]}}]}, 0x7a4}, 0x1, 0x0, 0x0, 0x4081}, 0x41)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, 0x0, 0x2)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
socket(0x2, 0x2, 0x2) (async)
socket(0x2, 0x2, 0x2)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @dev, @remote}, &(0x7f0000000080)=0xc)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x80800)
bind$tipc(r2, 0x0, 0x0)

03:34:08 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000040)="2e4bbb56f4d9716b7aacda8116452de8d787566322f72bd4db14942c13d61da8ddba211e887550848e0ef5a5d3dbfda5cc3c43daa3723d54d6eff773960ec8959b221de496e568f5d5424b3854f361579097bc7552793457a3bb8d272101b5ba419b179c05e7a93efdc3cbc25fd2bb20900e11723a80628e3283c2dbbe78ba12f80a55aafd21326fe9d09c1bef735a6c0b1c984b9882874b3198c0e7292d3feb32c008b1243c1b49b479a34e56562a58c7f9b9feaff8de6183ec39", &(0x7f0000000100)=@tcp6}, 0x20)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x40, 0x2, 0x3}, 0x10)
openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x260100, 0x0)
bind$tipc(r0, 0x0, 0x0)

03:34:08 executing program 3:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r2=>0x0, @multicast1, @multicast1}, &(0x7f0000000180)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f00000002c0)={0x7a4, r0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8}, {0x1c0, 0x2, 0x0, 0x1, [{0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x7, 0xf3, 0x6, 0x70961552}, {0x40, 0x8, 0x3, 0x9}, {0x7, 0x9, 0x1f, 0x5}, {0x4, 0x0, 0x81, 0x575}, {0x2, 0x6, 0x8, 0x5}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x52}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x1f0, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3f}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xdb34}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfd}}}]}}, {{0x8, 0x1, r4}, {0x2c8, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x0, 0x8, 0x9, 0x5}, {0x5, 0xff, 0x0, 0x100}, {0x7, 0x1, 0x7, 0xfff}, {0x17, 0x5, 0xff}, {0x914e, 0x8, 0x2, 0x8}, {0x81, 0x9, 0x20, 0x3}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x5, 0x5, 0xdb, 0x100}, {0x3, 0x3, 0x3, 0x40}, {0x5, 0x2, 0xc4, 0x3}, {0x3f7e, 0x9c, 0x40, 0x101}, {0x0, 0x7, 0x1, 0x9}, {0x80, 0xf7, 0x97, 0x6}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}]}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}]}}, {{0x8}, {0xac, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffff801}}}]}}]}, 0x7a4}, 0x1, 0x0, 0x0, 0x4081}, 0x41)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, 0x0, 0x2)
syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0x58, &(0x7f0000000080)}, 0x10) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={0x0, @multicast1, @multicast1}, &(0x7f0000000180)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000280)) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f00000002c0)={0x7a4, r0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8}, {0x1c0, 0x2, 0x0, 0x1, [{0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x7, 0xf3, 0x6, 0x70961552}, {0x40, 0x8, 0x3, 0x9}, {0x7, 0x9, 0x1f, 0x5}, {0x4, 0x0, 0x81, 0x575}, {0x2, 0x6, 0x8, 0x5}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x52}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x1f0, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3f}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xdb34}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfd}}}]}}, {{0x8, 0x1, r4}, {0x2c8, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x0, 0x8, 0x9, 0x5}, {0x5, 0xff, 0x0, 0x100}, {0x7, 0x1, 0x7, 0xfff}, {0x17, 0x5, 0xff}, {0x914e, 0x8, 0x2, 0x8}, {0x81, 0x9, 0x20, 0x3}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x5, 0x5, 0xdb, 0x100}, {0x3, 0x3, 0x3, 0x40}, {0x5, 0x2, 0xc4, 0x3}, {0x3f7e, 0x9c, 0x40, 0x101}, {0x0, 0x7, 0x1, 0x9}, {0x80, 0xf7, 0x97, 0x6}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}]}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}]}}, {{0x8}, {0xac, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffff801}}}]}}]}, 0x7a4}, 0x1, 0x0, 0x0, 0x4081}, 0x41) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r5, 0x0, 0x2) (async)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x80800)
bind$tipc(r2, 0x0, 0x0) (async)
bind$tipc(r2, 0x0, 0x0)

[ 2035.681651][T31251]  do_vfs_ioctl+0x742/0x1720
[ 2035.686081][T31251]  ? ioctl_preallocate+0x250/0x250
[ 2035.691031][T31251]  ? __fget+0x407/0x490
[ 2035.695062][T31251]  ? fget_many+0x20/0x20
[ 2035.699102][T31251]  ? debug_smp_processor_id+0x20/0x20
[ 2035.704307][T31251]  ? security_file_ioctl+0x7d/0xa0
[ 2035.709249][T31251]  __x64_sys_ioctl+0xd4/0x110
[ 2035.713765][T31251]  do_syscall_64+0xca/0x1c0
[ 2035.718104][T31251]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:08 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000040)="2e4bbb56f4d9716b7aacda8116452de8d787566322f72bd4db14942c13d61da8ddba211e887550848e0ef5a5d3dbfda5cc3c43daa3723d54d6eff773960ec8959b221de496e568f5d5424b3854f361579097bc7552793457a3bb8d272101b5ba419b179c05e7a93efdc3cbc25fd2bb20900e11723a80628e3283c2dbbe78ba12f80a55aafd21326fe9d09c1bef735a6c0b1c984b9882874b3198c0e7292d3feb32c008b1243c1b49b479a34e56562a58c7f9b9feaff8de6183ec39", &(0x7f0000000100)=@tcp6}, 0x20)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x40, 0x2, 0x3}, 0x10) (async)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x40, 0x2, 0x3}, 0x10)
openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x260100, 0x0)
bind$tipc(r0, 0x0, 0x0)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x800)
accept4$bt_l2cap(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x3, 0x100000)
connect$tipc(r0, &(0x7f0000000140)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x3}}, 0x10)

03:34:08 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

[ 2035.763360][T31287] FAULT_INJECTION: forcing a failure.
[ 2035.763360][T31287] name failslab, interval 1, probability 0, space 0, times 0
[ 2035.809753][T31287] CPU: 0 PID: 31287 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2035.819821][T31287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2035.829714][T31287] Call Trace:
[ 2035.832855][T31287]  dump_stack+0x1d8/0x241
[ 2035.837028][T31287]  ? panic+0x896/0x896
[ 2035.840918][T31287]  ? __kasan_kmalloc+0x1d9/0x210
[ 2035.845886][T31287]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2035.851502][T31287]  ? __kasan_kmalloc+0x1d9/0x210
[ 2035.856270][T31287]  ? do_vfs_ioctl+0x742/0x1720
[ 2035.860881][T31287]  should_fail+0x71f/0x880
[ 2035.865126][T31287]  ? __x64_sys_ioctl+0xd4/0x110
[ 2035.869810][T31287]  ? do_syscall_64+0xca/0x1c0
[ 2035.874326][T31287]  ? setup_fault_attr+0x3d0/0x3d0
[ 2035.879185][T31287]  ? _raw_spin_lock+0xa4/0x1b0
[ 2035.883786][T31287]  ? _raw_spin_trylock_bh+0x190/0x190
[ 2035.888995][T31287]  ? blk_mq_realloc_hw_ctxs+0x303/0x13b0
[ 2035.894463][T31287]  should_failslab+0x5/0x20
[ 2035.898799][T31287]  __kmalloc+0x51/0x2e0
[ 2035.902796][T31287]  ? blk_mq_hw_queue_to_node+0xe3/0x100
[ 2035.908179][T31287]  blk_mq_realloc_hw_ctxs+0x303/0x13b0
[ 2035.913483][T31287]  blk_mq_init_allocated_queue+0x52d/0x1990
[ 2035.919206][T31287]  blk_mq_init_queue+0x49/0xa0
[ 2035.923807][T31287]  loop_add+0x25c/0x740
[ 2035.927801][T31287]  ? get_pid_task+0xde/0x130
[ 2035.932219][T31287]  ? radix_tree_lookup+0x16f/0x1c0
[ 2035.937165][T31287]  loop_control_ioctl+0x448/0x620
[ 2035.942021][T31287]  ? loop_remove+0xa0/0xa0
[ 2035.946278][T31287]  ? memset+0x1f/0x40
[ 2035.950093][T31287]  ? fsnotify+0x1280/0x1340
[ 2035.954432][T31287]  ? loop_remove+0xa0/0xa0
03:34:08 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 27)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x80800)
bind$tipc(r2, 0x0, 0x0)

03:34:08 executing program 3:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10) (async, rerun: 32)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r2=>0x0, @multicast1, @multicast1}, &(0x7f0000000180)=0xc) (async, rerun: 32)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10) (async, rerun: 32)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00', <r4=>0x0}) (rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a80)={&(0x7f00000002c0)={0x7a4, r0, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [{{0x8}, {0x1c0, 0x2, 0x0, 0x1, [{0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x7, 0xf3, 0x6, 0x70961552}, {0x40, 0x8, 0x3, 0x9}, {0x7, 0x9, 0x1f, 0x5}, {0x4, 0x0, 0x81, 0x575}, {0x2, 0x6, 0x8, 0x5}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x52}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}, {{0x8}, {0x1f0, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3f}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xdb34}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfd}}}]}}, {{0x8, 0x1, r4}, {0x2c8, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x0, 0x8, 0x9, 0x5}, {0x5, 0xff, 0x0, 0x100}, {0x7, 0x1, 0x7, 0xfff}, {0x17, 0x5, 0xff}, {0x914e, 0x8, 0x2, 0x8}, {0x81, 0x9, 0x20, 0x3}]}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x5, 0x5, 0xdb, 0x100}, {0x3, 0x3, 0x3, 0x40}, {0x5, 0x2, 0xc4, 0x3}, {0x3f7e, 0x9c, 0x40, 0x101}, {0x0, 0x7, 0x1, 0x9}, {0x80, 0xf7, 0x97, 0x6}]}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7f}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}]}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}]}}, {{0x8}, {0xac, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffff801}}}]}}]}, 0x7a4}, 0x1, 0x0, 0x0, 0x4081}, 0x41) (async)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, 0x0, 0x2)

03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000040)="2e4bbb56f4d9716b7aacda8116452de8d787566322f72bd4db14942c13d61da8ddba211e887550848e0ef5a5d3dbfda5cc3c43daa3723d54d6eff773960ec8959b221de496e568f5d5424b3854f361579097bc7552793457a3bb8d272101b5ba419b179c05e7a93efdc3cbc25fd2bb20900e11723a80628e3283c2dbbe78ba12f80a55aafd21326fe9d09c1bef735a6c0b1c984b9882874b3198c0e7292d3feb32c008b1243c1b49b479a34e56562a58c7f9b9feaff8de6183ec39", &(0x7f0000000100)=@tcp6}, 0x20)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x40, 0x2, 0x3}, 0x10)
openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x260100, 0x0) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x260100, 0x0)
bind$tipc(r0, 0x0, 0x0)

03:34:08 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x4, {0x2, 0x3, 0x1}}, 0x10)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x800)
accept4$bt_l2cap(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x3, 0x100000) (async)
connect$tipc(r0, &(0x7f0000000140)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x3}}, 0x10)

03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000140)=0x7, 0x4)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$tipc(r0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000200)=0x3f, 0x4)
socket$nl_audit(0x10, 0x3, 0x9)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r1, 0x58, &(0x7f0000000240)}, 0x10)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000180)=0xfffffc01, 0x4)
bpf$BPF_GET_MAP_INFO(0xc, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$AUDIT_TTY_SET(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x20, 0x70bd2b, 0x25dfdbf9, {0x4}, ["", "", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x24008011}, 0x200410d1)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x800)
accept4$bt_l2cap(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x3, 0x100000) (async)
connect$tipc(r0, &(0x7f0000000140)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x3}}, 0x10)

[ 2035.958782][T31287]  do_vfs_ioctl+0x742/0x1720
[ 2035.963204][T31287]  ? ioctl_preallocate+0x250/0x250
[ 2035.968173][T31287]  ? __fget+0x407/0x490
[ 2035.972142][T31287]  ? fget_many+0x20/0x20
[ 2035.976222][T31287]  ? debug_smp_processor_id+0x20/0x20
[ 2035.981428][T31287]  ? security_file_ioctl+0x7d/0xa0
[ 2035.986373][T31287]  __x64_sys_ioctl+0xd4/0x110
[ 2035.990955][T31287]  do_syscall_64+0xca/0x1c0
[ 2035.995228][T31287]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2036.045600][T31324] FAULT_INJECTION: forcing a failure.
[ 2036.045600][T31324] name failslab, interval 1, probability 0, space 0, times 0
[ 2036.058973][T31324] CPU: 0 PID: 31324 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2036.069071][T31324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2036.078919][T31324] Call Trace:
[ 2036.082056][T31324]  dump_stack+0x1d8/0x241
[ 2036.086219][T31324]  ? panic+0x896/0x896
[ 2036.090129][T31324]  ? nf_ct_l4proto_log_invalid+0x258/0x258
03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/unix\x00')
setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000080)={0xde3e, "b0dfd2"}, 0x6)

03:34:08 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x4, {0x2, 0x3, 0x1}}, 0x10)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/unix\x00')
setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000080)={0xde3e, "b0dfd2"}, 0x6)

03:34:08 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x4, {0x2, 0x3, 0x1}}, 0x10)

[ 2036.095779][T31324]  should_fail+0x71f/0x880
[ 2036.100024][T31324]  ? setup_fault_attr+0x3d0/0x3d0
[ 2036.105016][T31324]  ? blk_mq_realloc_hw_ctxs+0x5aa/0x13b0
[ 2036.110470][T31324]  should_failslab+0x5/0x20
[ 2036.114811][T31324]  __kmalloc+0x51/0x2e0
[ 2036.118848][T31324]  ? init_timer_key+0x2d/0x1f0
[ 2036.123412][T31324]  blk_mq_realloc_hw_ctxs+0x5aa/0x13b0
[ 2036.128717][T31324]  blk_mq_init_allocated_queue+0x52d/0x1990
[ 2036.134432][T31324]  blk_mq_init_queue+0x49/0xa0
[ 2036.139031][T31324]  loop_add+0x25c/0x740
[ 2036.143017][T31324]  ? get_pid_task+0xde/0x130
[ 2036.147448][T31324]  ? radix_tree_lookup+0x16f/0x1c0
[ 2036.152386][T31324]  loop_control_ioctl+0x448/0x620
[ 2036.157243][T31324]  ? loop_remove+0xa0/0xa0
[ 2036.161500][T31324]  ? memset+0x1f/0x40
[ 2036.165448][T31324]  ? fsnotify+0x1280/0x1340
[ 2036.169837][T31324]  ? loop_remove+0xa0/0xa0
[ 2036.174033][T31324]  do_vfs_ioctl+0x742/0x1720
[ 2036.178591][T31324]  ? ioctl_preallocate+0x250/0x250
[ 2036.183537][T31324]  ? __fget+0x407/0x490
[ 2036.187522][T31324]  ? fget_many+0x20/0x20
03:34:08 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 28)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/unix\x00')
setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000080)={0xde3e, "b0dfd2"}, 0x6)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/unix\x00') (async)
setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000080)={0xde3e, "b0dfd2"}, 0x6) (async)

03:34:08 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/115)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000080)="3ef1b0c1e13acd5301ba70b2ea96322f7e96dce3e9f538c67a5063e3c6ce14a21a8b0ba21887bec15073b35723b3aa493f3ebd18f6c33323512b682bdd321e2970935d4f55286003fe347cc172836c6698ac58f103c2487a84a4c9a0", &(0x7f0000000100)=@tcp6=r2}, 0x20)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000140)=0x7, 0x4) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000200)=0x3f, 0x4) (async)
socket$nl_audit(0x10, 0x3, 0x9)
r3 = socket$nl_audit(0x10, 0x3, 0x9) (async)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r1, 0x58, &(0x7f0000000240)}, 0x10) (async)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000180)=0xfffffc01, 0x4) (async)
bpf$BPF_GET_MAP_INFO(0xc, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x0}, 0x10) (async)
sendmsg$AUDIT_TTY_SET(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x20, 0x70bd2b, 0x25dfdbf9, {0x4}, ["", "", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x24008011}, 0x200410d1)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:08 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)

03:34:08 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)

03:34:08 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000140)=0x7, 0x4) (async)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$tipc(r0, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000200)=0x3f, 0x4) (async)
socket$nl_audit(0x10, 0x3, 0x9) (async)
r3 = socket$nl_audit(0x10, 0x3, 0x9) (async)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r1, 0x58, &(0x7f0000000240)}, 0x10)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000180)=0xfffffc01, 0x4) (async)
bpf$BPF_GET_MAP_INFO(0xc, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x0}, 0x10) (async)
sendmsg$AUDIT_TTY_SET(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x20, 0x70bd2b, 0x25dfdbf9, {0x4}, ["", "", "", "", "", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x24008011}, 0x200410d1)

[ 2036.191598][T31324]  ? debug_smp_processor_id+0x20/0x20
[ 2036.196825][T31324]  ? security_file_ioctl+0x7d/0xa0
[ 2036.201771][T31324]  __x64_sys_ioctl+0xd4/0x110
[ 2036.206268][T31324]  do_syscall_64+0xca/0x1c0
[ 2036.210708][T31324]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:08 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x181182)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @remote, @local}, &(0x7f00000000c0)=0xc)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))

03:34:08 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/115) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000080)="3ef1b0c1e13acd5301ba70b2ea96322f7e96dce3e9f538c67a5063e3c6ce14a21a8b0ba21887bec15073b35723b3aa493f3ebd18f6c33323512b682bdd321e2970935d4f55286003fe347cc172836c6698ac58f103c2487a84a4c9a0", &(0x7f0000000100)=@tcp6=r2}, 0x20)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:09 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)

[ 2036.269607][T31361] FAULT_INJECTION: forcing a failure.
[ 2036.269607][T31361] name failslab, interval 1, probability 0, space 0, times 0
[ 2036.297782][T31361] CPU: 1 PID: 31361 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2036.307845][T31361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:09 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)

[ 2036.317836][T31361] Call Trace:
[ 2036.320972][T31361]  dump_stack+0x1d8/0x241
[ 2036.325136][T31361]  ? panic+0x896/0x896
[ 2036.329039][T31361]  ? blk_mq_init_queue+0x49/0xa0
[ 2036.333818][T31361]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2036.339456][T31361]  ? __x64_sys_ioctl+0xd4/0x110
[ 2036.344137][T31361]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2036.350036][T31361]  should_fail+0x71f/0x880
[ 2036.354282][T31361]  ? setup_fault_attr+0x3d0/0x3d0
[ 2036.359143][T31361]  ? sbitmap_init_node+0x14a/0x380
[ 2036.364084][T31361]  should_failslab+0x5/0x20
[ 2036.368427][T31361]  __kmalloc+0x51/0x2e0
[ 2036.372419][T31361]  sbitmap_init_node+0x14a/0x380
[ 2036.377196][T31361]  blk_mq_realloc_hw_ctxs+0x61c/0x13b0
[ 2036.382499][T31361]  blk_mq_init_allocated_queue+0x52d/0x1990
[ 2036.388223][T31361]  blk_mq_init_queue+0x49/0xa0
[ 2036.392815][T31361]  loop_add+0x25c/0x740
[ 2036.396804][T31361]  ? get_pid_task+0xde/0x130
[ 2036.401357][T31361]  ? radix_tree_lookup+0x16f/0x1c0
[ 2036.406271][T31361]  loop_control_ioctl+0x448/0x620
[ 2036.411136][T31361]  ? loop_remove+0xa0/0xa0
[ 2036.415511][T31361]  ? memset+0x1f/0x40
[ 2036.419408][T31361]  ? fsnotify+0x1280/0x1340
[ 2036.423768][T31361]  ? loop_remove+0xa0/0xa0
[ 2036.428029][T31361]  do_vfs_ioctl+0x742/0x1720
[ 2036.432435][T31361]  ? ioctl_preallocate+0x250/0x250
[ 2036.437387][T31361]  ? __fget+0x407/0x490
[ 2036.441376][T31361]  ? fget_many+0x20/0x20
[ 2036.445448][T31361]  ? debug_smp_processor_id+0x20/0x20
[ 2036.450814][T31361]  ? security_file_ioctl+0x7d/0xa0
[ 2036.455755][T31361]  __x64_sys_ioctl+0xd4/0x110
[ 2036.460270][T31361]  do_syscall_64+0xca/0x1c0
[ 2036.464605][T31361]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:09 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 29)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:09 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000180), &(0x7f0000000240)=0xc)
accept4$bt_l2cap(r0, 0x0, &(0x7f00000001c0), 0x1800)
accept4$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x80800)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = getpid()
r4 = syz_open_procfs(r3, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000440)={0x28, 0x0, &(0x7f0000000300)=[@enter_looper, @request_death, @enter_looper, @request_death={0x400c630e, 0x2}], 0xff, 0x0, &(0x7f0000000340)="4c4deb43909545035a6800982fcedc42b41dcf6f02aa13b2e36dde2c233e0689e99a9ebeb99a77d50e68e36258b2554645121a8f40499c46968ee3684b1f3f2a6c197b848ed68ae689e8ed551b71490abfa810ecd0ecf928dac6b65cab51a8fe028a63c5db2de14645c763b1107e67dde26f192a4e70709cf75cb647b48d27acc13b58daa82b3d85f2b6bfdb4831a4d2a1354e6e042568911020c3f0fc9554079b2b06803afc51c2eeeabc7a268663f2656b78b60206a091118fe482e9d3078a18be9b2dcc4c6226617d2cff63f3dd763b21d6e380ff7de4f610c94e9b0d01125efcabf3e060a1746bf41fe4e6e42c97201b6a286f19f8583bef48ebc11a24"})
r6 = getpid()
sendmsg$AUDIT_SET(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x3e9, 0x1, 0x70bd28, 0x25dfdbfb, {0x52, 0x0, 0x2, r6, 0x80000000, 0xba9c, 0x4, 0x1, 0x0, 0x1, 0x5}, ["", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x8880)
bind$tipc(r2, 0x0, 0x2)
ioctl$HIDIOCGRAWNAME(r4, 0x80404804, &(0x7f00000002c0))

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:09 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/115) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000080)="3ef1b0c1e13acd5301ba70b2ea96322f7e96dce3e9f538c67a5063e3c6ce14a21a8b0ba21887bec15073b35723b3aa493f3ebd18f6c33323512b682bdd321e2970935d4f55286003fe347cc172836c6698ac58f103c2487a84a4c9a0", &(0x7f0000000100)=@tcp6=r2}, 0x20) (async)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:09 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x181182)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @remote, @local}, &(0x7f00000000c0)=0xc) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/93, 0x5d, 0x1, &(0x7f00000000c0)=""/91, 0x5b}, &(0x7f0000000180)=0x40)

03:34:09 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x181182)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @remote, @local}, &(0x7f00000000c0)=0xc) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))

03:34:09 executing program 3:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000180), &(0x7f0000000240)=0xc) (async)
accept4$bt_l2cap(r0, 0x0, &(0x7f00000001c0), 0x1800) (async)
accept4$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x80800) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
r2 = socket$tipc(0x1e, 0x2, 0x0) (async)
r3 = getpid()
r4 = syz_open_procfs(r3, 0x0) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000440)={0x28, 0x0, &(0x7f0000000300)=[@enter_looper, @request_death, @enter_looper, @request_death={0x400c630e, 0x2}], 0xff, 0x0, &(0x7f0000000340)="4c4deb43909545035a6800982fcedc42b41dcf6f02aa13b2e36dde2c233e0689e99a9ebeb99a77d50e68e36258b2554645121a8f40499c46968ee3684b1f3f2a6c197b848ed68ae689e8ed551b71490abfa810ecd0ecf928dac6b65cab51a8fe028a63c5db2de14645c763b1107e67dde26f192a4e70709cf75cb647b48d27acc13b58daa82b3d85f2b6bfdb4831a4d2a1354e6e042568911020c3f0fc9554079b2b06803afc51c2eeeabc7a268663f2656b78b60206a091118fe482e9d3078a18be9b2dcc4c6226617d2cff63f3dd763b21d6e380ff7de4f610c94e9b0d01125efcabf3e060a1746bf41fe4e6e42c97201b6a286f19f8583bef48ebc11a24"}) (async)
r6 = getpid()
sendmsg$AUDIT_SET(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x3e9, 0x1, 0x70bd28, 0x25dfdbfb, {0x52, 0x0, 0x2, r6, 0x80000000, 0xba9c, 0x4, 0x1, 0x0, 0x1, 0x5}, ["", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x8880) (async)
bind$tipc(r2, 0x0, 0x2) (async)
ioctl$HIDIOCGRAWNAME(r4, 0x80404804, &(0x7f00000002c0))

03:34:09 executing program 5:
socket$tipc(0x1e, 0x2, 0x0)
r0 = socket(0x2, 0x3, 0x6)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f00000003c0)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={0x0, 0xf0ff7f00000000}}, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/93, 0x5d, 0x1, &(0x7f00000000c0)=""/91, 0x5b}, &(0x7f0000000180)=0x40)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/93, 0x5d, 0x1, &(0x7f00000000c0)=""/91, 0x5b}, &(0x7f0000000180)=0x40) (async)

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000)) (async)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:09 executing program 3:
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000180), &(0x7f0000000240)=0xc)
accept4$bt_l2cap(r0, 0x0, &(0x7f00000001c0), 0x1800) (async)
accept4$bt_l2cap(r0, 0x0, &(0x7f00000001c0), 0x1800)
accept4$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x80800) (async)
accept4$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none}, &(0x7f0000000080)=0xe, 0x80800)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
getpid() (async)
r3 = getpid()
r4 = syz_open_procfs(r3, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000440)={0x28, 0x0, &(0x7f0000000300)=[@enter_looper, @request_death, @enter_looper, @request_death={0x400c630e, 0x2}], 0xff, 0x0, &(0x7f0000000340)="4c4deb43909545035a6800982fcedc42b41dcf6f02aa13b2e36dde2c233e0689e99a9ebeb99a77d50e68e36258b2554645121a8f40499c46968ee3684b1f3f2a6c197b848ed68ae689e8ed551b71490abfa810ecd0ecf928dac6b65cab51a8fe028a63c5db2de14645c763b1107e67dde26f192a4e70709cf75cb647b48d27acc13b58daa82b3d85f2b6bfdb4831a4d2a1354e6e042568911020c3f0fc9554079b2b06803afc51c2eeeabc7a268663f2656b78b60206a091118fe482e9d3078a18be9b2dcc4c6226617d2cff63f3dd763b21d6e380ff7de4f610c94e9b0d01125efcabf3e060a1746bf41fe4e6e42c97201b6a286f19f8583bef48ebc11a24"})
r6 = getpid()
sendmsg$AUDIT_SET(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x3e9, 0x1, 0x70bd28, 0x25dfdbfb, {0x52, 0x0, 0x2, r6, 0x80000000, 0xba9c, 0x4, 0x1, 0x0, 0x1, 0x5}, ["", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x8880) (async)
sendmsg$AUDIT_SET(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x3e9, 0x1, 0x70bd28, 0x25dfdbfb, {0x52, 0x0, 0x2, r6, 0x80000000, 0xba9c, 0x4, 0x1, 0x0, 0x1, 0x5}, ["", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x8880)
bind$tipc(r2, 0x0, 0x2)
ioctl$HIDIOCGRAWNAME(r4, 0x80404804, &(0x7f00000002c0))

[ 2036.514541][T31400] FAULT_INJECTION: forcing a failure.
[ 2036.514541][T31400] name failslab, interval 1, probability 0, space 0, times 0
[ 2036.547026][T31400] CPU: 1 PID: 31400 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2036.557098][T31400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2036.566976][T31400] Call Trace:
[ 2036.570116][T31400]  dump_stack+0x1d8/0x241
[ 2036.574294][T31400]  ? panic+0x896/0x896
[ 2036.578192][T31400]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2036.583837][T31400]  should_fail+0x71f/0x880
[ 2036.588171][T31400]  ? setup_fault_attr+0x3d0/0x3d0
[ 2036.593024][T31400]  ? blk_alloc_flush_queue+0x72/0x250
[ 2036.598218][T31400]  should_failslab+0x5/0x20
[ 2036.602560][T31400]  kmem_cache_alloc_trace+0x28/0x260
[ 2036.607697][T31400]  blk_alloc_flush_queue+0x72/0x250
[ 2036.612740][T31400]  blk_mq_realloc_hw_ctxs+0x99b/0x13b0
[ 2036.618036][T31400]  blk_mq_init_allocated_queue+0x52d/0x1990
[ 2036.623873][T31400]  blk_mq_init_queue+0x49/0xa0
[ 2036.628430][T31400]  loop_add+0x25c/0x740
[ 2036.632418][T31400]  ? get_pid_task+0xde/0x130
[ 2036.636841][T31400]  ? radix_tree_lookup+0x16f/0x1c0
[ 2036.641792][T31400]  loop_control_ioctl+0x448/0x620
[ 2036.646654][T31400]  ? loop_remove+0xa0/0xa0
[ 2036.650907][T31400]  ? memset+0x1f/0x40
[ 2036.654724][T31400]  ? fsnotify+0x1280/0x1340
[ 2036.659061][T31400]  ? loop_remove+0xa0/0xa0
03:34:09 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 30)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:09 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000480), r0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={r0, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f0000000580)={0x148, r2, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8}, {0x12c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe5f8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x40000}, 0x40091)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r4, &(0x7f0000000940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r5, @ANYBLOB="00042cbd7000fedbdf253e0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7669636173740005008300000000000e0001006e655464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005001077de21c55e7e2c95e5db091b7cf3dece2221b090953e57c4789ceed18adde4a0e92cbce49be32fd686ff3397ab79010cdf005147eb1e8d087920"], 0x9c}, 0x1, 0x0, 0x0, 0x40}, 0x2004c000)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x124, r5, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x6a}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x7ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x785}, {0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffe01}, {0x6, 0x11, 0x81}}]}, 0x124}, 0x1, 0x0, 0x0, 0x40000}, 0xe0)
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00')

03:34:09 executing program 5:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket(0x2, 0x3, 0x6)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f00000003c0)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={0x0, 0xf0ff7f00000000}}, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:09 executing program 3:
eventfd2(0x6, 0x40801)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040)=0x7, 0x4)

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/93, 0x5d, 0x1, &(0x7f00000000c0)=""/91, 0x5b}, &(0x7f0000000180)=0x40)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/93, 0x5d, 0x1, &(0x7f00000000c0)=""/91, 0x5b}, &(0x7f0000000180)=0x40) (async)

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)

[ 2036.663322][T31400]  do_vfs_ioctl+0x742/0x1720
[ 2036.667833][T31400]  ? ioctl_preallocate+0x250/0x250
[ 2036.672781][T31400]  ? __fget+0x407/0x490
[ 2036.676872][T31400]  ? fget_many+0x20/0x20
[ 2036.680948][T31400]  ? debug_smp_processor_id+0x20/0x20
[ 2036.686144][T31400]  ? security_file_ioctl+0x7d/0xa0
[ 2036.691091][T31400]  __x64_sys_ioctl+0xd4/0x110
[ 2036.695766][T31400]  do_syscall_64+0xca/0x1c0
[ 2036.700086][T31400]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:09 executing program 3:
eventfd2(0x6, 0x40801) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2) (async)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040)=0x7, 0x4)

03:34:09 executing program 5:
socket$tipc(0x1e, 0x2, 0x0)
r0 = socket(0x2, 0x3, 0x6)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f00000003c0)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={0x0, 0xf0ff7f00000000}}, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
socket(0x2, 0x3, 0x6) (async)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f00000003c0)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={0x0, 0xf0ff7f00000000}}, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)

03:34:09 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4) (async, rerun: 64)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (rerun: 64)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000480), r0) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={r0, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f0000000580)={0x148, r2, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8}, {0x12c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe5f8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x40000}, 0x40091)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r4, &(0x7f0000000940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r5, @ANYBLOB="00042cbd7000fedbdf253e0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7669636173740005008300000000000e0001006e655464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005001077de21c55e7e2c95e5db091b7cf3dece2221b090953e57c4789ceed18adde4a0e92cbce49be32fd686ff3397ab79010cdf005147eb1e8d087920"], 0x9c}, 0x1, 0x0, 0x0, 0x40}, 0x2004c000) (async)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x124, r5, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x6a}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x7ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x785}, {0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffe01}, {0x6, 0x11, 0x81}}]}, 0x124}, 0x1, 0x0, 0x0, 0x40000}, 0xe0) (async)
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00')

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x7e95d50e0b1c2254, {0x2, 0x0, 0x1}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
r2 = accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)

[ 2036.770662][T31447] FAULT_INJECTION: forcing a failure.
[ 2036.770662][T31447] name failslab, interval 1, probability 0, space 0, times 0
[ 2036.794842][T31447] CPU: 0 PID: 31447 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2036.804903][T31447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2036.814791][T31447] Call Trace:
[ 2036.817937][T31447]  dump_stack+0x1d8/0x241
[ 2036.822096][T31447]  ? panic+0x896/0x896
[ 2036.826003][T31447]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2036.831649][T31447]  should_fail+0x71f/0x880
[ 2036.835894][T31447]  ? setup_fault_attr+0x3d0/0x3d0
[ 2036.840749][T31447]  ? blk_alloc_flush_queue+0xd4/0x250
[ 2036.846085][T31447]  should_failslab+0x5/0x20
[ 2036.850420][T31447]  __kmalloc+0x51/0x2e0
[ 2036.854410][T31447]  ? blk_alloc_flush_queue+0x72/0x250
[ 2036.859617][T31447]  blk_alloc_flush_queue+0xd4/0x250
[ 2036.864654][T31447]  blk_mq_realloc_hw_ctxs+0x99b/0x13b0
[ 2036.869955][T31447]  blk_mq_init_allocated_queue+0x52d/0x1990
[ 2036.875672][T31447]  blk_mq_init_queue+0x49/0xa0
[ 2036.880274][T31447]  loop_add+0x25c/0x740
[ 2036.884610][T31447]  ? get_pid_task+0xde/0x130
[ 2036.889032][T31447]  ? radix_tree_lookup+0x16f/0x1c0
[ 2036.893975][T31447]  loop_control_ioctl+0x448/0x620
[ 2036.898835][T31447]  ? loop_remove+0xa0/0xa0
[ 2036.903262][T31447]  ? memset+0x1f/0x40
[ 2036.907082][T31447]  ? fsnotify+0x1280/0x1340
[ 2036.911425][T31447]  ? loop_remove+0xa0/0xa0
[ 2036.915671][T31447]  do_vfs_ioctl+0x742/0x1720
03:34:09 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 31)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:09 executing program 3:
eventfd2(0x6, 0x40801)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040)=0x7, 0x4)
eventfd2(0x6, 0x40801) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, 0x0, 0x2) (async)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040)=0x7, 0x4) (async)

03:34:09 executing program 5:
write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000040)={0xa, {0x1, 0x4, 0x6}}, 0xa)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x7e95d50e0b1c2254, {0x2, 0x0, 0x1}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x7e95d50e0b1c2254, {0x2, 0x0, 0x1}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
accept4$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x0) (async)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85) (async)

03:34:09 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000480), r0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={r0, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000700)={&(0x7f0000000580)={0x148, r2, 0x0, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8}, {0x12c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe5f8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x40000}, 0x40091)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_SET(r4, &(0x7f0000000940)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="9c000000", @ANYRES16=r5, @ANYBLOB="00042cbd7000fedbdf253e0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7669636173740005008300000000000e0001006e655464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005001077de21c55e7e2c95e5db091b7cf3dece2221b090953e57c4789ceed18adde4a0e92cbce49be32fd686ff3397ab79010cdf005147eb1e8d087920"], 0x9c}, 0x1, 0x0, 0x0, 0x40}, 0x2004c000) (async)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x124, r5, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x6a}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x7ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x785}, {0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffe01}, {0x6, 0x11, 0x81}}]}, 0x124}, 0x1, 0x0, 0x0, 0x40000}, 0xe0) (async)
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00')

03:34:09 executing program 5:
write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000040)={0xa, {0x1, 0x4, 0x6}}, 0xa)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x7e95d50e0b1c2254, {0x2, 0x0, 0x1}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x7e95d50e0b1c2254, {0x2, 0x0, 0x1}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)

[ 2036.920133][T31447]  ? ioctl_preallocate+0x250/0x250
[ 2036.925053][T31447]  ? __fget+0x407/0x490
[ 2036.929221][T31447]  ? fget_many+0x20/0x20
[ 2036.933285][T31447]  ? debug_smp_processor_id+0x20/0x20
[ 2036.938503][T31447]  ? security_file_ioctl+0x7d/0xa0
[ 2036.943444][T31447]  __x64_sys_ioctl+0xd4/0x110
[ 2036.947957][T31447]  do_syscall_64+0xca/0x1c0
[ 2036.952298][T31447]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:09 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:09 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:09 executing program 5:
write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000040)={0xa, {0x1, 0x4, 0x6}}, 0xa)
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x0)

[ 2037.012786][T31482] FAULT_INJECTION: forcing a failure.
[ 2037.012786][T31482] name failslab, interval 1, probability 0, space 0, times 0
[ 2037.028595][T31482] CPU: 1 PID: 31482 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2037.038670][T31482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2037.048633][T31482] Call Trace:
[ 2037.051856][T31482]  dump_stack+0x1d8/0x241
[ 2037.056028][T31482]  ? panic+0x896/0x896
[ 2037.060018][T31482]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2037.065658][T31482]  ? find_next_and_bit+0xba/0x190
[ 2037.070514][T31482]  should_fail+0x71f/0x880
[ 2037.074875][T31482]  ? setup_fault_attr+0x3d0/0x3d0
[ 2037.079733][T31482]  ? __alloc_disk_node+0x76/0x5a0
[ 2037.084713][T31482]  should_failslab+0x5/0x20
[ 2037.089072][T31482]  kmem_cache_alloc_trace+0x28/0x260
[ 2037.094185][T31482]  __alloc_disk_node+0x76/0x5a0
[ 2037.099070][T31482]  loop_add+0x315/0x740
[ 2037.103067][T31482]  loop_control_ioctl+0x448/0x620
[ 2037.107916][T31482]  ? loop_remove+0xa0/0xa0
[ 2037.112254][T31482]  ? memset+0x1f/0x40
[ 2037.115989][T31482]  ? fsnotify+0x1280/0x1340
[ 2037.120325][T31482]  ? loop_remove+0xa0/0xa0
[ 2037.124576][T31482]  do_vfs_ioctl+0x742/0x1720
[ 2037.129009][T31482]  ? ioctl_preallocate+0x250/0x250
[ 2037.133955][T31482]  ? __fget+0x407/0x490
[ 2037.137944][T31482]  ? fget_many+0x20/0x20
[ 2037.142023][T31482]  ? debug_smp_processor_id+0x20/0x20
[ 2037.147321][T31482]  ? security_file_ioctl+0x7d/0xa0
[ 2037.152270][T31482]  __x64_sys_ioctl+0xd4/0x110
[ 2037.156783][T31482]  do_syscall_64+0xca/0x1c0
03:34:09 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 32)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:09 executing program 5:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040))
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000080), r1)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:09 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@volatile={0x3, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x61, 0x0, 0x2e, 0x61, 0x5f, 0x2e, 0x61]}}, &(0x7f0000000080)=""/84, 0x2d, 0x54, 0x0, 0x3ff}, 0x20)

03:34:09 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)

[ 2037.161121][T31482]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:09 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)

03:34:09 executing program 5:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000080), r1) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:09 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@volatile={0x3, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x61, 0x0, 0x2e, 0x61, 0x5f, 0x2e, 0x61]}}, &(0x7f0000000080)=""/84, 0x2d, 0x54, 0x0, 0x3ff}, 0x20)

03:34:09 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:09 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, 0x0, 0x0) (async)

[ 2037.195205][T31510] FAULT_INJECTION: forcing a failure.
[ 2037.195205][T31510] name failslab, interval 1, probability 0, space 0, times 0
[ 2037.228142][T31510] CPU: 1 PID: 31510 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
03:34:09 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000)=0xfffffffc, 0x4)

03:34:10 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="40040000f3036e5e2dbd7000fedbdf2503000000010000001b0000000400000004000000090000001e7c000003000000a366000008000000050000000600000004000000010400000080000000000000060000000200000009000000feffffff000000000000000001000000dd070000040000000300000064000000c1ffffff00000080050000000c470000f60f00000100008000000080050000000400000006000000040002000500000003000000020000000300000000020000ff0f000000000000000000ec040000000000000002000000080000000900000020000000f7ffffff0600000000020000bc000000000000000008000002000000000000400000000001feffff07000000040000000700000005000000020000000800000000000000a100000000000000060000003f00000003000000050000000500000040000000050000000200000081000000cf00000000000000030000002e000000c84f0000080000000500000004000000030000000200000007000000001000000300000006000000020000000600000002000000000800000101000001000000010400000000000006000000000000800180000000100000030000000500000007000000b90a000001fcffff08000000ff0000000100000007000000fcffffff3f000000e3000000080000000400000007000000000000003c0b000003000000ff000000018000000200000006000000000000007e0000000000000001000000ff7f0000a5000000ffff0000000000000100000001000000faffffff6f0a0000ff00000006000000010000009d0700000300000006000000010400000000000080000000feffffff0d0b00000500000001000000ff7f0000010000000180000003000000000000000000000001000100090000009ca81b6f03000000090000008906000001000100ff7f00000001000009000000f606c9414e0e0000f7fffffffdffffff0100000031ab9c0807000000020000000900000050000000ffff000006000000000000007f0000007e1d00000300000000020000fcffffffff07000045070000c0ffffff07000000ff07000003000000ffffffff00000080000001005e020000030000001e31ffff0000000005000000070000000600000000080000060000008000000004000000040000008000000009000000070000000900000009000000900e00000200000005000000c7070000960000009b00000000000000ffffffff00000000000000008a00000004000000060000008f0000000400000027920000000000000600000000000006e7f8ffff01000000000400009601000041db625906000000800000004f06000003000000030020005e0000000000200000080000ffffff7f010000000100000000080000d60200000700000002000000dc0000003f000000700000005bcb000008000000040000001f0000001f0000002f7379732f6b65726e656c2f64656275672f62696e6465722f73746174650000"], 0x440}, 0x1, 0x0, 0x0, 0x80}, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000540)='net/dev_snmp6\x00')
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x240000c0)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

[ 2037.238213][T31510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2037.248177][T31510] Call Trace:
[ 2037.251315][T31510]  dump_stack+0x1d8/0x241
[ 2037.255493][T31510]  ? panic+0x896/0x896
[ 2037.259389][T31510]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2037.265035][T31510]  ? pcpu_alloc_area+0x658/0x750
[ 2037.269815][T31510]  should_fail+0x71f/0x880
[ 2037.274084][T31510]  ? setup_fault_attr+0x3d0/0x3d0
[ 2037.278928][T31510]  ? __alloc_disk_node+0x31e/0x5a0
[ 2037.283869][T31510]  should_failslab+0x5/0x20
[ 2037.288204][T31510]  kmem_cache_alloc_trace+0x28/0x260
[ 2037.293344][T31510]  __alloc_disk_node+0x31e/0x5a0
[ 2037.298112][T31510]  loop_add+0x315/0x740
[ 2037.302120][T31510]  loop_control_ioctl+0x448/0x620
[ 2037.306953][T31510]  ? loop_remove+0xa0/0xa0
[ 2037.311198][T31510]  ? memset+0x1f/0x40
[ 2037.315107][T31510]  ? fsnotify+0x1280/0x1340
[ 2037.319447][T31510]  ? loop_remove+0xa0/0xa0
[ 2037.323698][T31510]  do_vfs_ioctl+0x742/0x1720
[ 2037.328131][T31510]  ? ioctl_preallocate+0x250/0x250
[ 2037.333332][T31510]  ? __fget+0x407/0x490
[ 2037.337316][T31510]  ? fget_many+0x20/0x20
03:34:10 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 33)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:10 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000)=0xfffffffc, 0x4)

03:34:10 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="40040000f3036e5e2dbd7000fedbdf2503000000010000001b0000000400000004000000090000001e7c000003000000a366000008000000050000000600000004000000010400000080000000000000060000000200000009000000feffffff000000000000000001000000dd070000040000000300000064000000c1ffffff00000080050000000c470000f60f00000100008000000080050000000400000006000000040002000500000003000000020000000300000000020000ff0f000000000000000000ec040000000000000002000000080000000900000020000000f7ffffff0600000000020000bc000000000000000008000002000000000000400000000001feffff07000000040000000700000005000000020000000800000000000000a100000000000000060000003f00000003000000050000000500000040000000050000000200000081000000cf00000000000000030000002e000000c84f0000080000000500000004000000030000000200000007000000001000000300000006000000020000000600000002000000000800000101000001000000010400000000000006000000000000800180000000100000030000000500000007000000b90a000001fcffff08000000ff0000000100000007000000fcffffff3f000000e3000000080000000400000007000000000000003c0b000003000000ff000000018000000200000006000000000000007e0000000000000001000000ff7f0000a5000000ffff0000000000000100000001000000faffffff6f0a0000ff00000006000000010000009d0700000300000006000000010400000000000080000000feffffff0d0b00000500000001000000ff7f0000010000000180000003000000000000000000000001000100090000009ca81b6f03000000090000008906000001000100ff7f00000001000009000000f606c9414e0e0000f7fffffffdffffff0100000031ab9c0807000000020000000900000050000000ffff000006000000000000007f0000007e1d00000300000000020000fcffffffff07000045070000c0ffffff07000000ff07000003000000ffffffff00000080000001005e020000030000001e31ffff0000000005000000070000000600000000080000060000008000000004000000040000008000000009000000070000000900000009000000900e00000200000005000000c7070000960000009b00000000000000ffffffff00000000000000008a00000004000000060000008f0000000400000027920000000000000600000000000006e7f8ffff01000000000400009601000041db625906000000800000004f06000003000000030020005e0000000000200000080000ffffff7f010000000100000000080000d60200000700000002000000dc0000003f000000700000005bcb000008000000040000001f0000001f0000002f7379732f6b65726e656c2f64656275672f62696e6465722f73746174650000"], 0x440}, 0x1, 0x0, 0x0, 0x80}, 0x4) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000540)='net/dev_snmp6\x00')
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x240000c0) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:10 executing program 5:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040))
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000080), r1)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
syz_genetlink_get_family_id$team(&(0x7f0000000080), r1) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@volatile={0x3, 0x0, 0x0, 0x9, 0x3}]}, {0x0, [0x61, 0x0, 0x2e, 0x61, 0x5f, 0x2e, 0x61]}}, &(0x7f0000000080)=""/84, 0x2d, 0x54, 0x0, 0x3ff}, 0x20)

03:34:10 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x0)

[ 2037.341602][T31510]  ? debug_smp_processor_id+0x20/0x20
[ 2037.346802][T31510]  ? security_file_ioctl+0x7d/0xa0
[ 2037.351739][T31510]  __x64_sys_ioctl+0xd4/0x110
[ 2037.356364][T31510]  do_syscall_64+0xca/0x1c0
[ 2037.360703][T31510]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:10 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000)=0xfffffffc, 0x4)

03:34:10 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async, rerun: 32)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="40040000f3036e5e2dbd7000fedbdf2503000000010000001b0000000400000004000000090000001e7c000003000000a366000008000000050000000600000004000000010400000080000000000000060000000200000009000000feffffff000000000000000001000000dd070000040000000300000064000000c1ffffff00000080050000000c470000f60f00000100008000000080050000000400000006000000040002000500000003000000020000000300000000020000ff0f000000000000000000ec040000000000000002000000080000000900000020000000f7ffffff0600000000020000bc000000000000000008000002000000000000400000000001feffff07000000040000000700000005000000020000000800000000000000a100000000000000060000003f00000003000000050000000500000040000000050000000200000081000000cf00000000000000030000002e000000c84f0000080000000500000004000000030000000200000007000000001000000300000006000000020000000600000002000000000800000101000001000000010400000000000006000000000000800180000000100000030000000500000007000000b90a000001fcffff08000000ff0000000100000007000000fcffffff3f000000e3000000080000000400000007000000000000003c0b000003000000ff000000018000000200000006000000000000007e0000000000000001000000ff7f0000a5000000ffff0000000000000100000001000000faffffff6f0a0000ff00000006000000010000009d0700000300000006000000010400000000000080000000feffffff0d0b00000500000001000000ff7f0000010000000180000003000000000000000000000001000100090000009ca81b6f03000000090000008906000001000100ff7f00000001000009000000f606c9414e0e0000f7fffffffdffffff0100000031ab9c0807000000020000000900000050000000ffff000006000000000000007f0000007e1d00000300000000020000fcffffffff07000045070000c0ffffff07000000ff07000003000000ffffffff00000080000001005e020000030000001e31ffff0000000005000000070000000600000000080000060000008000000004000000040000008000000009000000070000000900000009000000900e00000200000005000000c7070000960000009b00000000000000ffffffff00000000000000008a00000004000000060000008f0000000400000027920000000000000600000000000006e7f8ffff01000000000400009601000041db625906000000800000004f06000003000000030020005e0000000000200000080000ffffff7f010000000100000000080000d60200000700000002000000dc0000003f000000700000005bcb000008000000040000001f0000001f0000002f7379732f6b65726e656c2f64656275672f62696e6465722f73746174650000"], 0x440}, 0x1, 0x0, 0x0, 0x80}, 0x4) (rerun: 32)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000540)='net/dev_snmp6\x00')
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x240000c0) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e23}}, 0x10)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2037.391901][T31548] FAULT_INJECTION: forcing a failure.
[ 2037.391901][T31548] name failslab, interval 1, probability 0, space 0, times 0
[ 2037.404392][T31548] CPU: 1 PID: 31548 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2037.414376][T31548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2037.424353][T31548] Call Trace:
[ 2037.427496][T31548]  dump_stack+0x1d8/0x241
[ 2037.431661][T31548]  ? panic+0x896/0x896
[ 2037.435562][T31548]  ? nf_ct_l4proto_log_invalid+0x258/0x258
03:34:10 executing program 5:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x48010)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x7, &(0x7f0000000080)=r3, 0x1)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}, 0x2}}, 0x10)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e23}}, 0x10)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:10 executing program 5:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x48010) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x7, &(0x7f0000000080)=r3, 0x1) (async)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}, 0x2}}, 0x10)

[ 2037.441602][T31548]  should_fail+0x71f/0x880
[ 2037.445851][T31548]  ? find_next_bit+0xc3/0x100
[ 2037.450371][T31548]  ? setup_fault_attr+0x3d0/0x3d0
[ 2037.455225][T31548]  ? rand_initialize_disk+0x4b/0xa3
[ 2037.460256][T31548]  should_failslab+0x5/0x20
[ 2037.464592][T31548]  kmem_cache_alloc_trace+0x28/0x260
[ 2037.469730][T31548]  rand_initialize_disk+0x4b/0xa3
[ 2037.474666][T31548]  __alloc_disk_node+0x3fd/0x5a0
[ 2037.479439][T31548]  loop_add+0x315/0x740
[ 2037.483438][T31548]  loop_control_ioctl+0x448/0x620
[ 2037.488287][T31548]  ? loop_remove+0xa0/0xa0
[ 2037.492547][T31548]  ? memset+0x1f/0x40
[ 2037.496361][T31548]  ? fsnotify+0x1280/0x1340
[ 2037.500698][T31548]  ? loop_remove+0xa0/0xa0
[ 2037.504954][T31548]  do_vfs_ioctl+0x742/0x1720
[ 2037.509381][T31548]  ? ioctl_preallocate+0x250/0x250
[ 2037.514330][T31548]  ? __fget+0x407/0x490
[ 2037.518318][T31548]  ? fget_many+0x20/0x20
[ 2037.522397][T31548]  ? debug_smp_processor_id+0x20/0x20
[ 2037.527625][T31548]  ? security_file_ioctl+0x7d/0xa0
[ 2037.532552][T31548]  __x64_sys_ioctl+0xd4/0x110
[ 2037.537069][T31548]  do_syscall_64+0xca/0x1c0
03:34:10 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 34)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e23}}, 0x10) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:10 executing program 5:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x48010)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x7, &(0x7f0000000080)=r3, 0x1) (async)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}, 0x2}}, 0x10)

03:34:10 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:10 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000040), 0x3, 0x50200)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x80000)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000300))
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'team0\x00', <r5=>0x0})
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x1d, 0x5, &(0x7f0000000180)=@raw=[@map_idx={0x18, 0x8}, @call={0x85, 0x0, 0x0, 0x2f}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], &(0x7f0000000540)='syzkaller\x00', 0x6, 0x1d, &(0x7f0000000580)=""/29, 0x41100, 0x4a, '\x00', r5, 0x1b, r6, 0x8, &(0x7f0000000600)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x5, 0x8001, 0x5}, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x90)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x41, 0x0, 0x1}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

03:34:10 executing program 2:
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000100)={0x8, {"feac2c87ec5a68188e9535d9f2bfc08913eb2fd58679b78337a9e69f414b1abba05cb0ae87532648dd348994e5491efe8ad99c74266c950a95e08bde1dcdbc00d41b72a0f83c301409e2d582d8db478526f87e1a79a11f845193d3bc1256fc9a2f38789d534f5a7eec3445acb35d4e83614b0eef0b5155cde5f8080703400ba1443d05c41ce2b550b27821b8001645c46f641106491abdb2993335abf3290b5f759a9baa6ec8118503e5ff567df89fd673f320b40780f9826ed126ed408c632ede1263f7e5da42a4f3ac323f17ea933d2d4e7095f71758be5f576121608dc8d0ddac995d2052b406247910683468152624fd3f36079cecef667e70b82c723802ffc4ab02bf0759af93eb82dfe323677b887e35dfa65f2a8c70b442041e959b10caa90b2e520fc4f7aa2c6af5a0fb77c498785ae000a97c8deabf1da7f63dab6f0a97db7b42764ceea57d8929eaed2c517212f32d902d03b40a10408ae62c29f3ace926fc877a716eb1ce4903ccd635a7e3c0a7d4a829003e77c45f43762ece72421a7bc4ac1ec796c8202aaf48b404447759a3327f17c9d92a4cc5caaf17fef0dbc417307c90c76f21a01543c0a245bd65a6d5846f5d8efa9080fd00a50baab05bd84d6c34f3b583b199ecd36dff824e6b649318904f77bf9a4e2a5e1ac7ab152529b35cdd93f5fb07649fa5a2f837ba23b49c9b99bd96f1679930326bac0e1d24368391e3db9196a19ef02b6f5cc561b478b57f307f0af50e2bd9eae1345e46390df6dbbecfcd682c01228422b788e98e22c5df000fa98874070d56468a7933e26edae67a960e17642837f28b99ddc53bf7ad2904a5994875685d881fdff72afd9e99df87f845924a40e93349a7b63cdedcbfac753ffea817976d8a4fe692d603946f2e28cf71de720059458c942d584bdf8fa13041295c7654fe477d04b4d860eaf99c6eb02bd2bbffcf9ea5f79c24e85ade91d29b141902f45d279abc3d75f5de4329d4cadc7a2ed62db15ef48e0bfb6ac758be8ac09a7bbaa1f01379a0c68c7028affb459f2a38bb062a74608b1a7a362ffc769a458f2f3d1092cead57ad54bf5e0a63ab4299d766f0ae2b0a82811144ea8b12dd5d0067c78b31b7d28ba473176f9b597223fea2416af0d574718b95aaa3eef3168e2cbf8e228312ea886596277fe531b515ce02856f41be5cb09d3022a5e18266867596d4e16365c49bdd89e6f96c315d552d34f74841ac875a7fa9337e3f3fb285b6478c4508c9e5b780e6e90a11bb3a36a8d5818c0d85c6aa2a4e5e746fd7a55d5c9e8fa84f83370438ef265ad1187c2fcfda007ee934a95527eb53178ac9726436e3fc89b6caceea490e0e56660b4409c6e74cf829fecf6320369db3ec52d508543f8e19a4e02c66d125762e7377852189bba56ae9a518bd181f30a2a8c6c41fca77fd85b641725067de9266ab8c3e09662f4580d035146abd532944ce68f1a5d31ad46795bad5bbde595eb11f7ec7600f9a549af9303a21f608063000ead132bd4ccc9f85b8808a96b548068081e81296915f33c47b4aa4ac1932c318a2c7a67d6733b8dbeecc79d4d3b4b489bd14fc2714870050c02a2550553f662aec3c5363580de229750acd948d9f0e3c0f0c1ab1b7691167c051cf46a3abc80b2165c3abafe3d7d397fefa8d992944ee06e6bcc285d58233e960fd402f9d505f77b2c5a43738899ec82cd453c684329f830f04af76cc30d35d810bc825cdbacca509ec215e55d6470f91a567b5a5ccdbbcc3b37b5598d4a5390e84b2b0b5185eb5a0e198deb9ede7ee5af01d0219cd1059f297dbc9469b2aaede9738c2bd233947a1570c5b8c6c1a8d7289609c97521899456cd3a94885c68a49e0b74821b76fa93f62dbc93b45ae72d101ad6731b62c468afc6b7953f713e5439a05cce4457d1ac77742d4a1f20271d3f7f96c783d27c3e5617ee357e2e3e6704e8b19be3fc6661a1464ef9fb8b8234cce9868c5dabf9d0f3af5a4c3feb79ee696633f308e01539e39da40daec235149b7656e2290f9c03633c5301e249630489c2baf3f0bc6548c5c52976639e7f7853e8627290a81bdccdff99c8079352523ac7d8644c4725108c54b3bbbd5f9b81502f1b130df7606dbb1c2a3eb635c0ebabbf4c52914a4811920510afde857dc3e4674d90b8630dbe56fbc985da322904482db711aa39783be287ad753fc66f99827a54718232e7d51673f5853b56beaf193bffe4f83a5eda199ab62c3ec66f3f11a062e77952ef4cac81d813325ebc630e921de0ad97df165557369fe09388535ab79973390d2bb232ea78754722717dc914b23b047a51969b97b524bed9db8a24ea8eacaddbd8ec629aeb98a99e9f24443d69f99c6c591cfcd86c14348b637297d4bac46b010ea6635ca3a739e686df6f5d197313b33c167b39bf9e8fa1263aa1d6fdf64c8c8db51b370da97b7f9111dd594c68d54f6bd103038067eaaee40f2b7391d9581d47e6cba7db54c22954b875ba59c7a3c00dbca8660a57bbefb5b0847551d0a171a8b3ddba6278d31d2b8d97e7611296afee2a08aa7f421fb6c4e64984860a3ba27a6876d9e4708265ae804614d7301e5c8386a72c5942e9bc5fc90584865ca2b3f69a01def443668267477a3cbbb46d54bcfd662a7d76e1a1345b74eec3aab1b336f88401eba0529b7171c6e6d36ba6dd773132f8934f46fff99a03d2de276c9e0eb853c63c3d81178e6995997c9a13987fcf0a2f3eaff380bbaf3f2aa0756c50c508d3b46d9b9572dfad22f4a30f1c3cad762a9096c2c76103c65ef624ad458ff1922e597f3dbcbe083b135362e1e2a2ee2efb6a210924fda45e0b53d5aa04df105f806d5fb053548d5d656f76aab97d572b847fa57a17074de02ecc9c82d74fd360f8fb77fca11ef43f734f79428d06ca6e790720d60742957f660a5a01bab28cac29926276d57208ffbe21f8d25160c2f6cd2a85a1c02df70eaf5137e5378eca4ea2d16b0f78ba980b8841e71796fac5889f228ed2c8e4464bbec7dd64277b1303e92fb047a90ab58c893bf06de429ef197031871b76c22503fc2b58659e9eb29da5288dde96059f02d603b7d651bb68285309f26b03e046a019f870e5ed02e52c50e23260febff3ca414d0b5e1d3b671a500a445e3f1dc63a54bc67ec0c37fee0509315ede548dedcdb01312917a7268d29e38e2e1788482d2591f000cdbb9f50c9e702ca97c411f88b755d62066dec1d37ec81944bb6d725321023d1bbb813ca782816ef60ade6bd4d484fb03613565eaab889f7add74996067135b5df1acbe5a576a0ac45a86462c8b2633f4116938fbfaa0a4d15c97134735ffb40ef99578e9ea87f57db24d66cb8f918dbb5354b62a4bd3916ff3e6b2c80ea2288994faea343019b51ffe461ee231fda741405a52bbe6861c00e7df10f010f463c105e9255e364b2098115426b18d36b76b2121569ba0e7b778af5dea4975c506a9a484579f7474d58ed6b37c0dcc5bcee4a99f04b56ce692412330b68a914e7cd014423fb2c4baa96e9b09f9d2138281eb9836921e8f3d26cddeee2e2afb9289db7265f7a5366210f3595f1ddc6a22c03a93d7aa9700887065b437341133beab9c2cb76bfc1a58817072b540a19d52f301e693e3e5b0eeaee40646435b361e5954037a584a819e646b5b6125ce979531868bd39b74fc67fd599fa066fc6ae5c780e517613fd0f6a5da1a326d693e9fab4be46b4dbfe4412965f29150539557bf01b88a6346e1cb9ea25e36dde6bfa2caf9f63be17aa73d7a2948563d7f88d11852690b1cece10ef4742076dbf20f9d1979cd3555f80691682277813e1bc40b892f58c60b83b150df42212f156e68e63f7556fd0e4ac761a163d33a6e688ba39e4696dade96b0716023ed7bf84949972dbe6f05da43cb35721590ec48bc889adb6ad6c111e5a66c278627cf1b8f6579f7a492f4ea28445c124ff8c360bd6478819168e59db8bb27985b64f0db49e2e8a07f539e5d6ca05f3c734dd65b8b681b12b781d498ed160ecd0272f314f36e49afd3c66b4df6836380ddefde337fed98a10d4081e03ae52910799bbe291d5241052e5ea6eae007e93a61478c858f6c7cbb66cd2013cf41523734435d6524d8915b20371d750fcf81457b17f79745f91bffbba5b49539e5b102d5af8f83c8a5bbc52abca206178d86df500b34be10f1c4ac120e451e3f7ffc0f1a70de4dcead51c6dd830ef0575643c0d228d4f723109070d47040323e637c81a0aaf21c9f6532e4dea0e895c51dcd714803fd6c093dac5833a79463118eecce8369b79dd5f33f05fd8c2c5db1cc5ee4d7e3121990556c239c29e9935f9c1aebe80274d12d19325d2b316c9b099f4d68bb8c1a7b6c985eb9b5c2925121264acdd87c47a86f0ee907abee14f3272b3cdcabf0a11e1085f7252139be1183589457da3c0dba9da2aed235e4ea18e0c3558ec5b0d0d05cdcfede32e5caa304398859ad16882e22e1607ea1f9b105c3beef373e7b87b89c4331e55e9a8f68f6ae33eca0dc3dc62eda2ba28b8f412992a0e20ba275158cedad6d3bab411de1d60e3260fa82799efdaf9c10907e5b050281a96101abc132e3266c537f67e754d222f4e51f0806bab7c6db8a660f51bbd97cdea6c9f6e771a4717e844deabdd577d3114192bfdeef7ca757262568fd8c6aa2f60f4505a8d362e17c6f5dc398b00f02aca00607f980817795e1799a37335bc13e7ebe2371dd5dd0b779f30610034b7bff7055368564c404c51c28ba9dd51d57995f5ec4c5033009ea54de6cfff99a9453c3047b0c3083897d9cb71624e655df6be34f9e9dcb1e1624403b1b82a3d3085bb0f2b68c19b3457c7d31d14236436476fba7837214963ef417ff75929f1cd28bf1a9328f7a27e5f305abcae785eb5a2e10dc7e10bcb4c67c38e20c707c0ebbb15ba7619e33de2fb39c9a512cfee8c04994a88707080a7a6a03ddb0912b4655b9dda55f11e50a74818c8a9ddcf623546770fc16a04bb4d3c697301ba58ba08b7fb3555979b0176037a840eff0d562fdb2614cc77deee040536a356b873c0c67b1107f24537680b4a85af36cb4ef0752c27ec9dbfe1d9112e86952bacc7697d742de29b04011438fb4961adb9bd52019ed487352a38ea2715df9c4bd1eae6409251cc916619bf7700fe7e10bcab1c6f8792ba616949c85f0ac19c5a1aa838370cb53e6c470cbe451735071a7b68b422170163c0d31f9b111ff3140c423645d8e324e78ee2be1227f46a0061369bacb59af37e24b509f001f0a143e6adc6bde7fb2084dea39ae5e6298b21dcd25513f634a770c7731fb10dc0de68164f43138711af6ab30b52aea6bf80cfc8eb655e9368cf7582d18ad293b5ae0271905d3a55741084d39ddce26e07552277144372c829621296be5675d849be2ea5ed0c7e3955eade4c5667b9e7d51e3e891718abeb6c8b3bc4156369ced0727c2dbc08711fc38e187cf96b6e46d9c4e78a375a6f2767e0cd51022e582c1140180d8b113a8315b800751421f35f9988361c14989515a186b2271e9c37c74e06cab79bbd9b372988032a09715141ad126b4fdd40544c1ee897758a1cd9b9ccb665682ab02074291c64dc171f6fe772e27ecdd9a40bbf6ed90123df25cea0cd4240c050c034e1e1cb4b2ee7bd4297dbbc22b6350324a496302a7ebb657c583a3d3cd9f70f9599a133d2d9991e4418c5a3fb7c49a3895ae6dc1791d444c69df83f7828f2dd22875283629e8a83f921c4006ab0e9ff12ed3681e865ef69194a319", 0x1000}}, 0x1006)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0x1, 0x58, &(0x7f0000000040)}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

[ 2037.541415][T31548]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:10 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:10 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f0000000040), 0x3, 0x50200)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x80000) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000300)) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'team0\x00', <r5=>0x0}) (async)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x1d, 0x5, &(0x7f0000000180)=@raw=[@map_idx={0x18, 0x8}, @call={0x85, 0x0, 0x0, 0x2f}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], &(0x7f0000000540)='syzkaller\x00', 0x6, 0x1d, &(0x7f0000000580)=""/29, 0x41100, 0x4a, '\x00', r5, 0x1b, r6, 0x8, &(0x7f0000000600)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x5, 0x8001, 0x5}, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x90) (async)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x41, 0x0, 0x1}, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0) (async)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

03:34:10 executing program 2:
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000100)={0x8, {"feac2c87ec5a68188e9535d9f2bfc08913eb2fd58679b78337a9e69f414b1abba05cb0ae87532648dd348994e5491efe8ad99c74266c950a95e08bde1dcdbc00d41b72a0f83c301409e2d582d8db478526f87e1a79a11f845193d3bc1256fc9a2f38789d534f5a7eec3445acb35d4e83614b0eef0b5155cde5f8080703400ba1443d05c41ce2b550b27821b8001645c46f641106491abdb2993335abf3290b5f759a9baa6ec8118503e5ff567df89fd673f320b40780f9826ed126ed408c632ede1263f7e5da42a4f3ac323f17ea933d2d4e7095f71758be5f576121608dc8d0ddac995d2052b406247910683468152624fd3f36079cecef667e70b82c723802ffc4ab02bf0759af93eb82dfe323677b887e35dfa65f2a8c70b442041e959b10caa90b2e520fc4f7aa2c6af5a0fb77c498785ae000a97c8deabf1da7f63dab6f0a97db7b42764ceea57d8929eaed2c517212f32d902d03b40a10408ae62c29f3ace926fc877a716eb1ce4903ccd635a7e3c0a7d4a829003e77c45f43762ece72421a7bc4ac1ec796c8202aaf48b404447759a3327f17c9d92a4cc5caaf17fef0dbc417307c90c76f21a01543c0a245bd65a6d5846f5d8efa9080fd00a50baab05bd84d6c34f3b583b199ecd36dff824e6b649318904f77bf9a4e2a5e1ac7ab152529b35cdd93f5fb07649fa5a2f837ba23b49c9b99bd96f1679930326bac0e1d24368391e3db9196a19ef02b6f5cc561b478b57f307f0af50e2bd9eae1345e46390df6dbbecfcd682c01228422b788e98e22c5df000fa98874070d56468a7933e26edae67a960e17642837f28b99ddc53bf7ad2904a5994875685d881fdff72afd9e99df87f845924a40e93349a7b63cdedcbfac753ffea817976d8a4fe692d603946f2e28cf71de720059458c942d584bdf8fa13041295c7654fe477d04b4d860eaf99c6eb02bd2bbffcf9ea5f79c24e85ade91d29b141902f45d279abc3d75f5de4329d4cadc7a2ed62db15ef48e0bfb6ac758be8ac09a7bbaa1f01379a0c68c7028affb459f2a38bb062a74608b1a7a362ffc769a458f2f3d1092cead57ad54bf5e0a63ab4299d766f0ae2b0a82811144ea8b12dd5d0067c78b31b7d28ba473176f9b597223fea2416af0d574718b95aaa3eef3168e2cbf8e228312ea886596277fe531b515ce02856f41be5cb09d3022a5e18266867596d4e16365c49bdd89e6f96c315d552d34f74841ac875a7fa9337e3f3fb285b6478c4508c9e5b780e6e90a11bb3a36a8d5818c0d85c6aa2a4e5e746fd7a55d5c9e8fa84f83370438ef265ad1187c2fcfda007ee934a95527eb53178ac9726436e3fc89b6caceea490e0e56660b4409c6e74cf829fecf6320369db3ec52d508543f8e19a4e02c66d125762e7377852189bba56ae9a518bd181f30a2a8c6c41fca77fd85b641725067de9266ab8c3e09662f4580d035146abd532944ce68f1a5d31ad46795bad5bbde595eb11f7ec7600f9a549af9303a21f608063000ead132bd4ccc9f85b8808a96b548068081e81296915f33c47b4aa4ac1932c318a2c7a67d6733b8dbeecc79d4d3b4b489bd14fc2714870050c02a2550553f662aec3c5363580de229750acd948d9f0e3c0f0c1ab1b7691167c051cf46a3abc80b2165c3abafe3d7d397fefa8d992944ee06e6bcc285d58233e960fd402f9d505f77b2c5a43738899ec82cd453c684329f830f04af76cc30d35d810bc825cdbacca509ec215e55d6470f91a567b5a5ccdbbcc3b37b5598d4a5390e84b2b0b5185eb5a0e198deb9ede7ee5af01d0219cd1059f297dbc9469b2aaede9738c2bd233947a1570c5b8c6c1a8d7289609c97521899456cd3a94885c68a49e0b74821b76fa93f62dbc93b45ae72d101ad6731b62c468afc6b7953f713e5439a05cce4457d1ac77742d4a1f20271d3f7f96c783d27c3e5617ee357e2e3e6704e8b19be3fc6661a1464ef9fb8b8234cce9868c5dabf9d0f3af5a4c3feb79ee696633f308e01539e39da40daec235149b7656e2290f9c03633c5301e249630489c2baf3f0bc6548c5c52976639e7f7853e8627290a81bdccdff99c8079352523ac7d8644c4725108c54b3bbbd5f9b81502f1b130df7606dbb1c2a3eb635c0ebabbf4c52914a4811920510afde857dc3e4674d90b8630dbe56fbc985da322904482db711aa39783be287ad753fc66f99827a54718232e7d51673f5853b56beaf193bffe4f83a5eda199ab62c3ec66f3f11a062e77952ef4cac81d813325ebc630e921de0ad97df165557369fe09388535ab79973390d2bb232ea78754722717dc914b23b047a51969b97b524bed9db8a24ea8eacaddbd8ec629aeb98a99e9f24443d69f99c6c591cfcd86c14348b637297d4bac46b010ea6635ca3a739e686df6f5d197313b33c167b39bf9e8fa1263aa1d6fdf64c8c8db51b370da97b7f9111dd594c68d54f6bd103038067eaaee40f2b7391d9581d47e6cba7db54c22954b875ba59c7a3c00dbca8660a57bbefb5b0847551d0a171a8b3ddba6278d31d2b8d97e7611296afee2a08aa7f421fb6c4e64984860a3ba27a6876d9e4708265ae804614d7301e5c8386a72c5942e9bc5fc90584865ca2b3f69a01def443668267477a3cbbb46d54bcfd662a7d76e1a1345b74eec3aab1b336f88401eba0529b7171c6e6d36ba6dd773132f8934f46fff99a03d2de276c9e0eb853c63c3d81178e6995997c9a13987fcf0a2f3eaff380bbaf3f2aa0756c50c508d3b46d9b9572dfad22f4a30f1c3cad762a9096c2c76103c65ef624ad458ff1922e597f3dbcbe083b135362e1e2a2ee2efb6a210924fda45e0b53d5aa04df105f806d5fb053548d5d656f76aab97d572b847fa57a17074de02ecc9c82d74fd360f8fb77fca11ef43f734f79428d06ca6e790720d60742957f660a5a01bab28cac29926276d57208ffbe21f8d25160c2f6cd2a85a1c02df70eaf5137e5378eca4ea2d16b0f78ba980b8841e71796fac5889f228ed2c8e4464bbec7dd64277b1303e92fb047a90ab58c893bf06de429ef197031871b76c22503fc2b58659e9eb29da5288dde96059f02d603b7d651bb68285309f26b03e046a019f870e5ed02e52c50e23260febff3ca414d0b5e1d3b671a500a445e3f1dc63a54bc67ec0c37fee0509315ede548dedcdb01312917a7268d29e38e2e1788482d2591f000cdbb9f50c9e702ca97c411f88b755d62066dec1d37ec81944bb6d725321023d1bbb813ca782816ef60ade6bd4d484fb03613565eaab889f7add74996067135b5df1acbe5a576a0ac45a86462c8b2633f4116938fbfaa0a4d15c97134735ffb40ef99578e9ea87f57db24d66cb8f918dbb5354b62a4bd3916ff3e6b2c80ea2288994faea343019b51ffe461ee231fda741405a52bbe6861c00e7df10f010f463c105e9255e364b2098115426b18d36b76b2121569ba0e7b778af5dea4975c506a9a484579f7474d58ed6b37c0dcc5bcee4a99f04b56ce692412330b68a914e7cd014423fb2c4baa96e9b09f9d2138281eb9836921e8f3d26cddeee2e2afb9289db7265f7a5366210f3595f1ddc6a22c03a93d7aa9700887065b437341133beab9c2cb76bfc1a58817072b540a19d52f301e693e3e5b0eeaee40646435b361e5954037a584a819e646b5b6125ce979531868bd39b74fc67fd599fa066fc6ae5c780e517613fd0f6a5da1a326d693e9fab4be46b4dbfe4412965f29150539557bf01b88a6346e1cb9ea25e36dde6bfa2caf9f63be17aa73d7a2948563d7f88d11852690b1cece10ef4742076dbf20f9d1979cd3555f80691682277813e1bc40b892f58c60b83b150df42212f156e68e63f7556fd0e4ac761a163d33a6e688ba39e4696dade96b0716023ed7bf84949972dbe6f05da43cb35721590ec48bc889adb6ad6c111e5a66c278627cf1b8f6579f7a492f4ea28445c124ff8c360bd6478819168e59db8bb27985b64f0db49e2e8a07f539e5d6ca05f3c734dd65b8b681b12b781d498ed160ecd0272f314f36e49afd3c66b4df6836380ddefde337fed98a10d4081e03ae52910799bbe291d5241052e5ea6eae007e93a61478c858f6c7cbb66cd2013cf41523734435d6524d8915b20371d750fcf81457b17f79745f91bffbba5b49539e5b102d5af8f83c8a5bbc52abca206178d86df500b34be10f1c4ac120e451e3f7ffc0f1a70de4dcead51c6dd830ef0575643c0d228d4f723109070d47040323e637c81a0aaf21c9f6532e4dea0e895c51dcd714803fd6c093dac5833a79463118eecce8369b79dd5f33f05fd8c2c5db1cc5ee4d7e3121990556c239c29e9935f9c1aebe80274d12d19325d2b316c9b099f4d68bb8c1a7b6c985eb9b5c2925121264acdd87c47a86f0ee907abee14f3272b3cdcabf0a11e1085f7252139be1183589457da3c0dba9da2aed235e4ea18e0c3558ec5b0d0d05cdcfede32e5caa304398859ad16882e22e1607ea1f9b105c3beef373e7b87b89c4331e55e9a8f68f6ae33eca0dc3dc62eda2ba28b8f412992a0e20ba275158cedad6d3bab411de1d60e3260fa82799efdaf9c10907e5b050281a96101abc132e3266c537f67e754d222f4e51f0806bab7c6db8a660f51bbd97cdea6c9f6e771a4717e844deabdd577d3114192bfdeef7ca757262568fd8c6aa2f60f4505a8d362e17c6f5dc398b00f02aca00607f980817795e1799a37335bc13e7ebe2371dd5dd0b779f30610034b7bff7055368564c404c51c28ba9dd51d57995f5ec4c5033009ea54de6cfff99a9453c3047b0c3083897d9cb71624e655df6be34f9e9dcb1e1624403b1b82a3d3085bb0f2b68c19b3457c7d31d14236436476fba7837214963ef417ff75929f1cd28bf1a9328f7a27e5f305abcae785eb5a2e10dc7e10bcb4c67c38e20c707c0ebbb15ba7619e33de2fb39c9a512cfee8c04994a88707080a7a6a03ddb0912b4655b9dda55f11e50a74818c8a9ddcf623546770fc16a04bb4d3c697301ba58ba08b7fb3555979b0176037a840eff0d562fdb2614cc77deee040536a356b873c0c67b1107f24537680b4a85af36cb4ef0752c27ec9dbfe1d9112e86952bacc7697d742de29b04011438fb4961adb9bd52019ed487352a38ea2715df9c4bd1eae6409251cc916619bf7700fe7e10bcab1c6f8792ba616949c85f0ac19c5a1aa838370cb53e6c470cbe451735071a7b68b422170163c0d31f9b111ff3140c423645d8e324e78ee2be1227f46a0061369bacb59af37e24b509f001f0a143e6adc6bde7fb2084dea39ae5e6298b21dcd25513f634a770c7731fb10dc0de68164f43138711af6ab30b52aea6bf80cfc8eb655e9368cf7582d18ad293b5ae0271905d3a55741084d39ddce26e07552277144372c829621296be5675d849be2ea5ed0c7e3955eade4c5667b9e7d51e3e891718abeb6c8b3bc4156369ced0727c2dbc08711fc38e187cf96b6e46d9c4e78a375a6f2767e0cd51022e582c1140180d8b113a8315b800751421f35f9988361c14989515a186b2271e9c37c74e06cab79bbd9b372988032a09715141ad126b4fdd40544c1ee897758a1cd9b9ccb665682ab02074291c64dc171f6fe772e27ecdd9a40bbf6ed90123df25cea0cd4240c050c034e1e1cb4b2ee7bd4297dbbc22b6350324a496302a7ebb657c583a3d3cd9f70f9599a133d2d9991e4418c5a3fb7c49a3895ae6dc1791d444c69df83f7828f2dd22875283629e8a83f921c4006ab0e9ff12ed3681e865ef69194a319", 0x1000}}, 0x1006)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0x1, 0x58, &(0x7f0000000040)}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x1807c714f8066936, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x4}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:10 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, 0x0, 0x2) (async)

03:34:10 executing program 5:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@id={0x1e, 0x3, 0xe113d1105cf72800}, 0x10)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r0, 0x20, &(0x7f0000000180)={&(0x7f0000000080)=""/64, 0x40, <r2=>0x0, &(0x7f0000000240)=""/159, 0x9f}}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r1, r0, 0x9, 0x0, @val=@tracing={r2, 0xcd8d}}, 0x40)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x20, 0x4)

[ 2037.680176][T31607] FAULT_INJECTION: forcing a failure.
[ 2037.680176][T31607] name failslab, interval 1, probability 0, space 0, times 0
[ 2037.692712][T31607] CPU: 0 PID: 31607 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2037.702900][T31607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2037.712755][T31607] Call Trace:
[ 2037.715888][T31607]  dump_stack+0x1d8/0x241
[ 2037.720046][T31607]  ? panic+0x896/0x896
[ 2037.723954][T31607]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2037.729595][T31607]  ? arch_stack_walk+0x111/0x140
[ 2037.734372][T31607]  should_fail+0x71f/0x880
[ 2037.738623][T31607]  ? setup_fault_attr+0x3d0/0x3d0
[ 2037.743498][T31607]  ? _raw_spin_unlock_irqrestore+0x57/0x80
[ 2037.749125][T31607]  ? init_wait_entry+0xd0/0xd0
[ 2037.753723][T31607]  ? blk_mq_init_tags+0x76/0x2d0
[ 2037.758582][T31607]  should_failslab+0x5/0x20
[ 2037.762925][T31607]  kmem_cache_alloc_trace+0x28/0x260
[ 2037.768046][T31607]  blk_mq_init_tags+0x76/0x2d0
[ 2037.772654][T31607]  ? blk_mq_hw_queue_to_node+0xe3/0x100
[ 2037.778035][T31607]  blk_mq_alloc_rq_map+0x95/0x1a0
[ 2037.782904][T31607]  blk_mq_init_sched+0x1d6/0xaf0
[ 2037.787663][T31607]  elevator_init_mq+0x2cc/0x3e0
[ 2037.792351][T31607]  __device_add_disk+0xf2/0x1220
[ 2037.797119][T31607]  ? sprintf+0xd6/0x120
[ 2037.801109][T31607]  ? device_add_disk+0x30/0x30
[ 2037.805710][T31607]  ? vsprintf+0x30/0x30
[ 2037.809843][T31607]  ? __alloc_disk_node+0x459/0x5a0
[ 2037.814780][T31607]  loop_add+0x573/0x740
[ 2037.818770][T31607]  loop_control_ioctl+0x448/0x620
[ 2037.823648][T31607]  ? loop_remove+0xa0/0xa0
[ 2037.827989][T31607]  ? memset+0x1f/0x40
[ 2037.831792][T31607]  ? fsnotify+0x1280/0x1340
[ 2037.836131][T31607]  ? loop_remove+0xa0/0xa0
[ 2037.840375][T31607]  do_vfs_ioctl+0x742/0x1720
[ 2037.844804][T31607]  ? ioctl_preallocate+0x250/0x250
[ 2037.849851][T31607]  ? __fget+0x407/0x490
[ 2037.853830][T31607]  ? fget_many+0x20/0x20
[ 2037.857907][T31607]  ? debug_smp_processor_id+0x20/0x20
[ 2037.863202][T31607]  ? security_file_ioctl+0x7d/0xa0
[ 2037.868156][T31607]  __x64_sys_ioctl+0xd4/0x110
[ 2037.872751][T31607]  do_syscall_64+0xca/0x1c0
03:34:10 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 35)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x1807c714f8066936, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x4}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x10) (async)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:10 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
syz_open_dev$loop(&(0x7f0000000040), 0x3, 0x50200)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x80000) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000300)) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'team0\x00', <r5=>0x0}) (async)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000480)=@bpf_lsm={0x1d, 0x5, &(0x7f0000000180)=@raw=[@map_idx={0x18, 0x8}, @call={0x85, 0x0, 0x0, 0x2f}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}], &(0x7f0000000540)='syzkaller\x00', 0x6, 0x1d, &(0x7f0000000580)=""/29, 0x41100, 0x4a, '\x00', r5, 0x1b, r6, 0x8, &(0x7f0000000600)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x5, 0x8001, 0x5}, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x90) (async)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x41, 0x0, 0x1}, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0) (async)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

03:34:10 executing program 5:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@id={0x1e, 0x3, 0xe113d1105cf72800}, 0x10)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r0, 0x20, &(0x7f0000000180)={&(0x7f0000000080)=""/64, 0x40, <r2=>0x0, &(0x7f0000000240)=""/159, 0x9f}}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r1, r0, 0x9, 0x0, @val=@tracing={r2, 0xcd8d}}, 0x40)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x20, 0x4)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@id={0x1e, 0x3, 0xe113d1105cf72800}, 0x10) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r0, 0x20, &(0x7f0000000180)={&(0x7f0000000080)=""/64, 0x40, 0x0, &(0x7f0000000240)=""/159, 0x9f}}, 0x10) (async)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r1, r0, 0x9, 0x0, @val=@tracing={r2, 0xcd8d}}, 0x40) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x20, 0x4) (async)

03:34:10 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000000)=@name, &(0x7f0000000040)=0x10, 0x800)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x4, 0x4)
bind$tipc(r0, 0x0, 0x2)

03:34:10 executing program 2:
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000100)={0x8, {"feac2c87ec5a68188e9535d9f2bfc08913eb2fd58679b78337a9e69f414b1abba05cb0ae87532648dd348994e5491efe8ad99c74266c950a95e08bde1dcdbc00d41b72a0f83c301409e2d582d8db478526f87e1a79a11f845193d3bc1256fc9a2f38789d534f5a7eec3445acb35d4e83614b0eef0b5155cde5f8080703400ba1443d05c41ce2b550b27821b8001645c46f641106491abdb2993335abf3290b5f759a9baa6ec8118503e5ff567df89fd673f320b40780f9826ed126ed408c632ede1263f7e5da42a4f3ac323f17ea933d2d4e7095f71758be5f576121608dc8d0ddac995d2052b406247910683468152624fd3f36079cecef667e70b82c723802ffc4ab02bf0759af93eb82dfe323677b887e35dfa65f2a8c70b442041e959b10caa90b2e520fc4f7aa2c6af5a0fb77c498785ae000a97c8deabf1da7f63dab6f0a97db7b42764ceea57d8929eaed2c517212f32d902d03b40a10408ae62c29f3ace926fc877a716eb1ce4903ccd635a7e3c0a7d4a829003e77c45f43762ece72421a7bc4ac1ec796c8202aaf48b404447759a3327f17c9d92a4cc5caaf17fef0dbc417307c90c76f21a01543c0a245bd65a6d5846f5d8efa9080fd00a50baab05bd84d6c34f3b583b199ecd36dff824e6b649318904f77bf9a4e2a5e1ac7ab152529b35cdd93f5fb07649fa5a2f837ba23b49c9b99bd96f1679930326bac0e1d24368391e3db9196a19ef02b6f5cc561b478b57f307f0af50e2bd9eae1345e46390df6dbbecfcd682c01228422b788e98e22c5df000fa98874070d56468a7933e26edae67a960e17642837f28b99ddc53bf7ad2904a5994875685d881fdff72afd9e99df87f845924a40e93349a7b63cdedcbfac753ffea817976d8a4fe692d603946f2e28cf71de720059458c942d584bdf8fa13041295c7654fe477d04b4d860eaf99c6eb02bd2bbffcf9ea5f79c24e85ade91d29b141902f45d279abc3d75f5de4329d4cadc7a2ed62db15ef48e0bfb6ac758be8ac09a7bbaa1f01379a0c68c7028affb459f2a38bb062a74608b1a7a362ffc769a458f2f3d1092cead57ad54bf5e0a63ab4299d766f0ae2b0a82811144ea8b12dd5d0067c78b31b7d28ba473176f9b597223fea2416af0d574718b95aaa3eef3168e2cbf8e228312ea886596277fe531b515ce02856f41be5cb09d3022a5e18266867596d4e16365c49bdd89e6f96c315d552d34f74841ac875a7fa9337e3f3fb285b6478c4508c9e5b780e6e90a11bb3a36a8d5818c0d85c6aa2a4e5e746fd7a55d5c9e8fa84f83370438ef265ad1187c2fcfda007ee934a95527eb53178ac9726436e3fc89b6caceea490e0e56660b4409c6e74cf829fecf6320369db3ec52d508543f8e19a4e02c66d125762e7377852189bba56ae9a518bd181f30a2a8c6c41fca77fd85b641725067de9266ab8c3e09662f4580d035146abd532944ce68f1a5d31ad46795bad5bbde595eb11f7ec7600f9a549af9303a21f608063000ead132bd4ccc9f85b8808a96b548068081e81296915f33c47b4aa4ac1932c318a2c7a67d6733b8dbeecc79d4d3b4b489bd14fc2714870050c02a2550553f662aec3c5363580de229750acd948d9f0e3c0f0c1ab1b7691167c051cf46a3abc80b2165c3abafe3d7d397fefa8d992944ee06e6bcc285d58233e960fd402f9d505f77b2c5a43738899ec82cd453c684329f830f04af76cc30d35d810bc825cdbacca509ec215e55d6470f91a567b5a5ccdbbcc3b37b5598d4a5390e84b2b0b5185eb5a0e198deb9ede7ee5af01d0219cd1059f297dbc9469b2aaede9738c2bd233947a1570c5b8c6c1a8d7289609c97521899456cd3a94885c68a49e0b74821b76fa93f62dbc93b45ae72d101ad6731b62c468afc6b7953f713e5439a05cce4457d1ac77742d4a1f20271d3f7f96c783d27c3e5617ee357e2e3e6704e8b19be3fc6661a1464ef9fb8b8234cce9868c5dabf9d0f3af5a4c3feb79ee696633f308e01539e39da40daec235149b7656e2290f9c03633c5301e249630489c2baf3f0bc6548c5c52976639e7f7853e8627290a81bdccdff99c8079352523ac7d8644c4725108c54b3bbbd5f9b81502f1b130df7606dbb1c2a3eb635c0ebabbf4c52914a4811920510afde857dc3e4674d90b8630dbe56fbc985da322904482db711aa39783be287ad753fc66f99827a54718232e7d51673f5853b56beaf193bffe4f83a5eda199ab62c3ec66f3f11a062e77952ef4cac81d813325ebc630e921de0ad97df165557369fe09388535ab79973390d2bb232ea78754722717dc914b23b047a51969b97b524bed9db8a24ea8eacaddbd8ec629aeb98a99e9f24443d69f99c6c591cfcd86c14348b637297d4bac46b010ea6635ca3a739e686df6f5d197313b33c167b39bf9e8fa1263aa1d6fdf64c8c8db51b370da97b7f9111dd594c68d54f6bd103038067eaaee40f2b7391d9581d47e6cba7db54c22954b875ba59c7a3c00dbca8660a57bbefb5b0847551d0a171a8b3ddba6278d31d2b8d97e7611296afee2a08aa7f421fb6c4e64984860a3ba27a6876d9e4708265ae804614d7301e5c8386a72c5942e9bc5fc90584865ca2b3f69a01def443668267477a3cbbb46d54bcfd662a7d76e1a1345b74eec3aab1b336f88401eba0529b7171c6e6d36ba6dd773132f8934f46fff99a03d2de276c9e0eb853c63c3d81178e6995997c9a13987fcf0a2f3eaff380bbaf3f2aa0756c50c508d3b46d9b9572dfad22f4a30f1c3cad762a9096c2c76103c65ef624ad458ff1922e597f3dbcbe083b135362e1e2a2ee2efb6a210924fda45e0b53d5aa04df105f806d5fb053548d5d656f76aab97d572b847fa57a17074de02ecc9c82d74fd360f8fb77fca11ef43f734f79428d06ca6e790720d60742957f660a5a01bab28cac29926276d57208ffbe21f8d25160c2f6cd2a85a1c02df70eaf5137e5378eca4ea2d16b0f78ba980b8841e71796fac5889f228ed2c8e4464bbec7dd64277b1303e92fb047a90ab58c893bf06de429ef197031871b76c22503fc2b58659e9eb29da5288dde96059f02d603b7d651bb68285309f26b03e046a019f870e5ed02e52c50e23260febff3ca414d0b5e1d3b671a500a445e3f1dc63a54bc67ec0c37fee0509315ede548dedcdb01312917a7268d29e38e2e1788482d2591f000cdbb9f50c9e702ca97c411f88b755d62066dec1d37ec81944bb6d725321023d1bbb813ca782816ef60ade6bd4d484fb03613565eaab889f7add74996067135b5df1acbe5a576a0ac45a86462c8b2633f4116938fbfaa0a4d15c97134735ffb40ef99578e9ea87f57db24d66cb8f918dbb5354b62a4bd3916ff3e6b2c80ea2288994faea343019b51ffe461ee231fda741405a52bbe6861c00e7df10f010f463c105e9255e364b2098115426b18d36b76b2121569ba0e7b778af5dea4975c506a9a484579f7474d58ed6b37c0dcc5bcee4a99f04b56ce692412330b68a914e7cd014423fb2c4baa96e9b09f9d2138281eb9836921e8f3d26cddeee2e2afb9289db7265f7a5366210f3595f1ddc6a22c03a93d7aa9700887065b437341133beab9c2cb76bfc1a58817072b540a19d52f301e693e3e5b0eeaee40646435b361e5954037a584a819e646b5b6125ce979531868bd39b74fc67fd599fa066fc6ae5c780e517613fd0f6a5da1a326d693e9fab4be46b4dbfe4412965f29150539557bf01b88a6346e1cb9ea25e36dde6bfa2caf9f63be17aa73d7a2948563d7f88d11852690b1cece10ef4742076dbf20f9d1979cd3555f80691682277813e1bc40b892f58c60b83b150df42212f156e68e63f7556fd0e4ac761a163d33a6e688ba39e4696dade96b0716023ed7bf84949972dbe6f05da43cb35721590ec48bc889adb6ad6c111e5a66c278627cf1b8f6579f7a492f4ea28445c124ff8c360bd6478819168e59db8bb27985b64f0db49e2e8a07f539e5d6ca05f3c734dd65b8b681b12b781d498ed160ecd0272f314f36e49afd3c66b4df6836380ddefde337fed98a10d4081e03ae52910799bbe291d5241052e5ea6eae007e93a61478c858f6c7cbb66cd2013cf41523734435d6524d8915b20371d750fcf81457b17f79745f91bffbba5b49539e5b102d5af8f83c8a5bbc52abca206178d86df500b34be10f1c4ac120e451e3f7ffc0f1a70de4dcead51c6dd830ef0575643c0d228d4f723109070d47040323e637c81a0aaf21c9f6532e4dea0e895c51dcd714803fd6c093dac5833a79463118eecce8369b79dd5f33f05fd8c2c5db1cc5ee4d7e3121990556c239c29e9935f9c1aebe80274d12d19325d2b316c9b099f4d68bb8c1a7b6c985eb9b5c2925121264acdd87c47a86f0ee907abee14f3272b3cdcabf0a11e1085f7252139be1183589457da3c0dba9da2aed235e4ea18e0c3558ec5b0d0d05cdcfede32e5caa304398859ad16882e22e1607ea1f9b105c3beef373e7b87b89c4331e55e9a8f68f6ae33eca0dc3dc62eda2ba28b8f412992a0e20ba275158cedad6d3bab411de1d60e3260fa82799efdaf9c10907e5b050281a96101abc132e3266c537f67e754d222f4e51f0806bab7c6db8a660f51bbd97cdea6c9f6e771a4717e844deabdd577d3114192bfdeef7ca757262568fd8c6aa2f60f4505a8d362e17c6f5dc398b00f02aca00607f980817795e1799a37335bc13e7ebe2371dd5dd0b779f30610034b7bff7055368564c404c51c28ba9dd51d57995f5ec4c5033009ea54de6cfff99a9453c3047b0c3083897d9cb71624e655df6be34f9e9dcb1e1624403b1b82a3d3085bb0f2b68c19b3457c7d31d14236436476fba7837214963ef417ff75929f1cd28bf1a9328f7a27e5f305abcae785eb5a2e10dc7e10bcb4c67c38e20c707c0ebbb15ba7619e33de2fb39c9a512cfee8c04994a88707080a7a6a03ddb0912b4655b9dda55f11e50a74818c8a9ddcf623546770fc16a04bb4d3c697301ba58ba08b7fb3555979b0176037a840eff0d562fdb2614cc77deee040536a356b873c0c67b1107f24537680b4a85af36cb4ef0752c27ec9dbfe1d9112e86952bacc7697d742de29b04011438fb4961adb9bd52019ed487352a38ea2715df9c4bd1eae6409251cc916619bf7700fe7e10bcab1c6f8792ba616949c85f0ac19c5a1aa838370cb53e6c470cbe451735071a7b68b422170163c0d31f9b111ff3140c423645d8e324e78ee2be1227f46a0061369bacb59af37e24b509f001f0a143e6adc6bde7fb2084dea39ae5e6298b21dcd25513f634a770c7731fb10dc0de68164f43138711af6ab30b52aea6bf80cfc8eb655e9368cf7582d18ad293b5ae0271905d3a55741084d39ddce26e07552277144372c829621296be5675d849be2ea5ed0c7e3955eade4c5667b9e7d51e3e891718abeb6c8b3bc4156369ced0727c2dbc08711fc38e187cf96b6e46d9c4e78a375a6f2767e0cd51022e582c1140180d8b113a8315b800751421f35f9988361c14989515a186b2271e9c37c74e06cab79bbd9b372988032a09715141ad126b4fdd40544c1ee897758a1cd9b9ccb665682ab02074291c64dc171f6fe772e27ecdd9a40bbf6ed90123df25cea0cd4240c050c034e1e1cb4b2ee7bd4297dbbc22b6350324a496302a7ebb657c583a3d3cd9f70f9599a133d2d9991e4418c5a3fb7c49a3895ae6dc1791d444c69df83f7828f2dd22875283629e8a83f921c4006ab0e9ff12ed3681e865ef69194a319", 0x1000}}, 0x1006) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={0x1, 0x58, &(0x7f0000000040)}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:10 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000000)=@name, &(0x7f0000000040)=0x10, 0x800)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x4, 0x4) (async, rerun: 64)
bind$tipc(r0, 0x0, 0x2) (rerun: 64)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x1807c714f8066936, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x4}}, 0x10) (async)
connect$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x4}}, 0x10)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:10 executing program 5:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@id={0x1e, 0x3, 0xe113d1105cf72800}, 0x10) (async, rerun: 64)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) (async, rerun: 64)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={r0, 0x20, &(0x7f0000000180)={&(0x7f0000000080)=""/64, 0x40, <r2=>0x0, &(0x7f0000000240)=""/159, 0x9f}}, 0x10) (rerun: 64)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r1, r0, 0x9, 0x0, @val=@tracing={r2, 0xcd8d}}, 0x40)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x20, 0x4)

03:34:10 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}}}, 0x10)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000040)="a1e6f2268129b075c052a4b99ead5d46e49d85e8ef737d4dad30b8ce2e1ffa3026e0f0afd02e05e6e2e05207c991158364731b9253376fff9ac1a50541e62fb6a90f8931494be7045898731a98d521695dc87c05ad5051e446ad9b1b1a87c17749afd89ac15bdd6288225026be6ef1a16f5af617805640518b6413b288f49e006410c18a81a80850977d572be3806155a7bd9eef491c56a94ccc2159489ce6dc4ca057932ec9df5b735daba4469f6c3597e80800c2d0704f0f9c")
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240))
r3 = syz_open_dev$mouse(&(0x7f0000000180), 0x7, 0x100)
getpeername$tipc(r3, &(0x7f00000001c0)=@id, &(0x7f0000000200)=0x10)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r2, 0x111, 0x5, 0x7f, 0x4)
bind$tipc(r0, 0x0, 0x0)

[ 2037.877100][T31607]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2037.883322][T31607] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:10 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x1, 0x400000)
r2 = syz_open_dev$mouse(&(0x7f0000000080), 0x8000000000000000, 0x200)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup, 0x1, 0x0, 0x10000, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r1, r2, 0x1a, 0x20, 0xffffffffffffffff, @prog_fd, r3}, 0x20)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2038.010427][T31655] FAULT_INJECTION: forcing a failure.
[ 2038.010427][T31655] name failslab, interval 1, probability 0, space 0, times 0
[ 2038.023272][T31655] CPU: 0 PID: 31655 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2038.033304][T31655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2038.043197][T31655] Call Trace:
[ 2038.046343][T31655]  dump_stack+0x1d8/0x241
[ 2038.050492][T31655]  ? panic+0x896/0x896
[ 2038.054396][T31655]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2038.060036][T31655]  ? blk_mq_init_tags+0x76/0x2d0
[ 2038.064811][T31655]  ? blk_mq_init_sched+0x1d6/0xaf0
[ 2038.069943][T31655]  ? elevator_init_mq+0x2cc/0x3e0
[ 2038.074796][T31655]  ? __device_add_disk+0xf2/0x1220
[ 2038.079786][T31655]  ? loop_control_ioctl+0x448/0x620
[ 2038.084773][T31655]  ? do_vfs_ioctl+0x742/0x1720
[ 2038.089371][T31655]  ? __x64_sys_ioctl+0xd4/0x110
[ 2038.094059][T31655]  ? do_syscall_64+0xca/0x1c0
[ 2038.098664][T31655]  should_fail+0x71f/0x880
[ 2038.102914][T31655]  ? setup_fault_attr+0x3d0/0x3d0
[ 2038.107788][T31655]  ? sbitmap_queue_init_node+0x164/0xf40
[ 2038.113345][T31655]  should_failslab+0x5/0x20
[ 2038.117698][T31655]  __kmalloc+0x51/0x2e0
[ 2038.121665][T31655]  sbitmap_queue_init_node+0x164/0xf40
[ 2038.127060][T31655]  ? blk_mq_init_tags+0x76/0x2d0
[ 2038.131829][T31655]  blk_mq_init_tags+0x11d/0x2d0
[ 2038.136522][T31655]  blk_mq_alloc_rq_map+0x95/0x1a0
[ 2038.141374][T31655]  blk_mq_init_sched+0x1d6/0xaf0
[ 2038.146158][T31655]  elevator_init_mq+0x2cc/0x3e0
[ 2038.150850][T31655]  __device_add_disk+0xf2/0x1220
[ 2038.155616][T31655]  ? sprintf+0xd6/0x120
[ 2038.159605][T31655]  ? device_add_disk+0x30/0x30
[ 2038.164201][T31655]  ? vsprintf+0x30/0x30
[ 2038.168196][T31655]  ? __alloc_disk_node+0x459/0x5a0
[ 2038.173143][T31655]  loop_add+0x573/0x740
[ 2038.177142][T31655]  loop_control_ioctl+0x448/0x620
[ 2038.181992][T31655]  ? loop_remove+0xa0/0xa0
[ 2038.186249][T31655]  ? memset+0x1f/0x40
[ 2038.190073][T31655]  ? fsnotify+0x1280/0x1340
[ 2038.194403][T31655]  ? loop_remove+0xa0/0xa0
[ 2038.198657][T31655]  do_vfs_ioctl+0x742/0x1720
[ 2038.203092][T31655]  ? ioctl_preallocate+0x250/0x250
03:34:10 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 36)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:10 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000000)=@name, &(0x7f0000000040)=0x10, 0x800)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x4, 0x4)
bind$tipc(r0, 0x0, 0x2)
socket$tipc(0x1e, 0x2, 0x0) (async)
accept4$tipc(r0, &(0x7f0000000000)=@name, &(0x7f0000000040)=0x10, 0x800) (async)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x4, 0x4) (async)
bind$tipc(r0, 0x0, 0x2) (async)

03:34:10 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}}}, 0x10)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000040)="a1e6f2268129b075c052a4b99ead5d46e49d85e8ef737d4dad30b8ce2e1ffa3026e0f0afd02e05e6e2e05207c991158364731b9253376fff9ac1a50541e62fb6a90f8931494be7045898731a98d521695dc87c05ad5051e446ad9b1b1a87c17749afd89ac15bdd6288225026be6ef1a16f5af617805640518b6413b288f49e006410c18a81a80850977d572be3806155a7bd9eef491c56a94ccc2159489ce6dc4ca057932ec9df5b735daba4469f6c3597e80800c2d0704f0f9c")
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240))
r3 = syz_open_dev$mouse(&(0x7f0000000180), 0x7, 0x100)
getpeername$tipc(r3, &(0x7f00000001c0)=@id, &(0x7f0000000200)=0x10) (async)
getpeername$tipc(r3, &(0x7f00000001c0)=@id, &(0x7f0000000200)=0x10)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r2, 0x111, 0x5, 0x7f, 0x4) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r2, 0x111, 0x5, 0x7f, 0x4)
bind$tipc(r0, 0x0, 0x0)

03:34:10 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x1, 0x400000)
r2 = syz_open_dev$mouse(&(0x7f0000000080), 0x8000000000000000, 0x200)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup, 0x1, 0x0, 0x10000, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r1, r2, 0x1a, 0x20, 0xffffffffffffffff, @prog_fd, r3}, 0x20) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r1, r2, 0x1a, 0x20, 0xffffffffffffffff, @prog_fd, r3}, 0x20)

03:34:10 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:10 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getpeername$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:11 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040), 0x1, 0x400000)
r2 = syz_open_dev$mouse(&(0x7f0000000080), 0x8000000000000000, 0x200)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup, 0x1, 0x0, 0x10000, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0]}, 0x40) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup, 0x1, 0x0, 0x10000, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r1, r2, 0x1a, 0x20, 0xffffffffffffffff, @prog_fd, r3}, 0x20) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r1, r2, 0x1a, 0x20, 0xffffffffffffffff, @prog_fd, r3}, 0x20)

03:34:11 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)

[ 2038.208032][T31655]  ? __fget+0x407/0x490
[ 2038.212026][T31655]  ? fget_many+0x20/0x20
[ 2038.216106][T31655]  ? debug_smp_processor_id+0x20/0x20
[ 2038.221311][T31655]  ? security_file_ioctl+0x7d/0xa0
[ 2038.226262][T31655]  __x64_sys_ioctl+0xd4/0x110
[ 2038.230858][T31655]  do_syscall_64+0xca/0x1c0
[ 2038.235200][T31655]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2038.243022][T31655] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:11 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080)=0x8, 0x4)
bind$tipc(r0, 0x0, 0x2)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x1, 0x4}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x1fc4, @any, 0xfffe, 0x3}, 0xe)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r6, 0x111, 0x4, 0x1, 0x4)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000000)=0x3, 0x4)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f00000000c0)={0x41, 0x0, 0x1}, 0x10)

03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}}}, 0x10)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000040)="a1e6f2268129b075c052a4b99ead5d46e49d85e8ef737d4dad30b8ce2e1ffa3026e0f0afd02e05e6e2e05207c991158364731b9253376fff9ac1a50541e62fb6a90f8931494be7045898731a98d521695dc87c05ad5051e446ad9b1b1a87c17749afd89ac15bdd6288225026be6ef1a16f5af617805640518b6413b288f49e006410c18a81a80850977d572be3806155a7bd9eef491c56a94ccc2159489ce6dc4ca057932ec9df5b735daba4469f6c3597e80800c2d0704f0f9c")
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240))
r3 = syz_open_dev$mouse(&(0x7f0000000180), 0x7, 0x100)
getpeername$tipc(r3, &(0x7f00000001c0)=@id, &(0x7f0000000200)=0x10)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r2, 0x111, 0x5, 0x7f, 0x4)
bind$tipc(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
accept4$tipc(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x40, 0x2}}}, 0x10) (async)
ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000040)="a1e6f2268129b075c052a4b99ead5d46e49d85e8ef737d4dad30b8ce2e1ffa3026e0f0afd02e05e6e2e05207c991158364731b9253376fff9ac1a50541e62fb6a90f8931494be7045898731a98d521695dc87c05ad5051e446ad9b1b1a87c17749afd89ac15bdd6288225026be6ef1a16f5af617805640518b6413b288f49e006410c18a81a80850977d572be3806155a7bd9eef491c56a94ccc2159489ce6dc4ca057932ec9df5b735daba4469f6c3597e80800c2d0704f0f9c") (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)) (async)
syz_open_dev$mouse(&(0x7f0000000180), 0x7, 0x100) (async)
getpeername$tipc(r3, &(0x7f00000001c0)=@id, &(0x7f0000000200)=0x10) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r2, 0x111, 0x5, 0x7f, 0x4) (async)
bind$tipc(r0, 0x0, 0x0) (async)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getpeername$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10) (async)
getpeername$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:11 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
r3 = accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80800)
getsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

[ 2038.350659][T31678] FAULT_INJECTION: forcing a failure.
[ 2038.350659][T31678] name failslab, interval 1, probability 0, space 0, times 0
[ 2038.363959][T31678] CPU: 0 PID: 31678 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2038.374143][T31678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2038.384040][T31678] Call Trace:
[ 2038.387167][T31678]  dump_stack+0x1d8/0x241
[ 2038.391461][T31678]  ? panic+0x896/0x896
[ 2038.396351][T31678]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2038.402054][T31678]  ? pcpu_alloc_area+0x658/0x750
[ 2038.406915][T31678]  should_fail+0x71f/0x880
[ 2038.411310][T31678]  ? setup_fault_attr+0x3d0/0x3d0
[ 2038.416155][T31678]  ? sbitmap_queue_init_node+0x67d/0xf40
[ 2038.421609][T31678]  should_failslab+0x5/0x20
[ 2038.425953][T31678]  kmem_cache_alloc_trace+0x28/0x260
[ 2038.431072][T31678]  sbitmap_queue_init_node+0x67d/0xf40
[ 2038.436368][T31678]  blk_mq_init_tags+0x11d/0x2d0
[ 2038.441053][T31678]  blk_mq_alloc_rq_map+0x95/0x1a0
[ 2038.445923][T31678]  blk_mq_init_sched+0x1d6/0xaf0
[ 2038.450698][T31678]  elevator_init_mq+0x2cc/0x3e0
[ 2038.455386][T31678]  __device_add_disk+0xf2/0x1220
[ 2038.460152][T31678]  ? sprintf+0xd6/0x120
[ 2038.464138][T31678]  ? device_add_disk+0x30/0x30
[ 2038.468923][T31678]  ? vsprintf+0x30/0x30
[ 2038.472910][T31678]  ? __alloc_disk_node+0x459/0x5a0
[ 2038.477845][T31678]  loop_add+0x573/0x740
[ 2038.481846][T31678]  loop_control_ioctl+0x448/0x620
[ 2038.486816][T31678]  ? loop_remove+0xa0/0xa0
[ 2038.491238][T31678]  ? memset+0x1f/0x40
[ 2038.495049][T31678]  ? fsnotify+0x1280/0x1340
[ 2038.499476][T31678]  ? loop_remove+0xa0/0xa0
[ 2038.503738][T31678]  do_vfs_ioctl+0x742/0x1720
[ 2038.508160][T31678]  ? ioctl_preallocate+0x250/0x250
[ 2038.513210][T31678]  ? __fget+0x407/0x490
[ 2038.517206][T31678]  ? fget_many+0x20/0x20
[ 2038.521281][T31678]  ? debug_smp_processor_id+0x20/0x20
[ 2038.526487][T31678]  ? security_file_ioctl+0x7d/0xa0
[ 2038.531436][T31678]  __x64_sys_ioctl+0xd4/0x110
[ 2038.536054][T31678]  do_syscall_64+0xca/0x1c0
[ 2038.540463][T31678]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:11 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 37)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getpeername$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
getpeername$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)

03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x40800)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4)

03:34:11 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:11 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async, rerun: 64)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
r3 = accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80800)
getsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async, rerun: 64)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) (async, rerun: 64)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:11 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080)=0x8, 0x4)
bind$tipc(r0, 0x0, 0x2) (async)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x1, 0x4}}, 0x10) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x1fc4, @any, 0xfffe, 0x3}, 0xe) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r6, 0x111, 0x4, 0x1, 0x4) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000000)=0x3, 0x4)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f00000000c0)={0x41, 0x0, 0x1}, 0x10)

[ 2038.547215][T31678] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
r1 = accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x40800)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)

03:34:11 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:11 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async, rerun: 32)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 32)
socket$tipc(0x1e, 0x5, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080)=0x8, 0x4) (async)
bind$tipc(r0, 0x0, 0x2)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x1, 0x4}}, 0x10) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async, rerun: 32)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async, rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (rerun: 64)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
bind$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x1fc4, @any, 0xfffe, 0x3}, 0xe)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r6, 0x111, 0x4, 0x1, 0x4) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000000)=0x3, 0x4) (async, rerun: 64)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f00000000c0)={0x41, 0x0, 0x1}, 0x10) (rerun: 64)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)

03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x40800)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x40800) (async)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4) (async)

[ 2038.650498][T31725] FAULT_INJECTION: forcing a failure.
[ 2038.650498][T31725] name failslab, interval 1, probability 0, space 0, times 0
[ 2038.673815][T31725] CPU: 1 PID: 31725 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2038.683874][T31725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2038.693976][T31725] Call Trace:
[ 2038.697124][T31725]  dump_stack+0x1d8/0x241
[ 2038.701279][T31725]  ? panic+0x896/0x896
[ 2038.705357][T31725]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2038.711005][T31725]  ? pcpu_alloc_area+0x658/0x750
[ 2038.715771][T31725]  should_fail+0x71f/0x880
[ 2038.720025][T31725]  ? setup_fault_attr+0x3d0/0x3d0
[ 2038.724883][T31725]  ? sbitmap_queue_init_node+0x67d/0xf40
[ 2038.730549][T31725]  should_failslab+0x5/0x20
[ 2038.734889][T31725]  kmem_cache_alloc_trace+0x28/0x260
[ 2038.740014][T31725]  sbitmap_queue_init_node+0x67d/0xf40
[ 2038.745308][T31725]  blk_mq_init_tags+0x183/0x2d0
[ 2038.749998][T31725]  blk_mq_alloc_rq_map+0x95/0x1a0
[ 2038.754873][T31725]  blk_mq_init_sched+0x1d6/0xaf0
[ 2038.759682][T31725]  elevator_init_mq+0x2cc/0x3e0
[ 2038.764311][T31725]  __device_add_disk+0xf2/0x1220
[ 2038.769182][T31725]  ? sprintf+0xd6/0x120
[ 2038.773165][T31725]  ? device_add_disk+0x30/0x30
[ 2038.777764][T31725]  ? vsprintf+0x30/0x30
[ 2038.781757][T31725]  ? __alloc_disk_node+0x459/0x5a0
[ 2038.786705][T31725]  loop_add+0x573/0x740
[ 2038.790701][T31725]  loop_control_ioctl+0x448/0x620
[ 2038.795559][T31725]  ? loop_remove+0xa0/0xa0
[ 2038.799809][T31725]  ? memset+0x1f/0x40
[ 2038.803641][T31725]  ? fsnotify+0x1280/0x1340
[ 2038.807976][T31725]  ? loop_remove+0xa0/0xa0
[ 2038.812229][T31725]  do_vfs_ioctl+0x742/0x1720
[ 2038.816650][T31725]  ? ioctl_preallocate+0x250/0x250
[ 2038.821596][T31725]  ? __fget+0x407/0x490
[ 2038.825640][T31725]  ? fget_many+0x20/0x20
[ 2038.829765][T31725]  ? debug_smp_processor_id+0x20/0x20
[ 2038.835052][T31725]  ? security_file_ioctl+0x7d/0xa0
[ 2038.840003][T31725]  __x64_sys_ioctl+0xd4/0x110
[ 2038.844521][T31725]  do_syscall_64+0xca/0x1c0
03:34:11 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 38)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:11 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
r3 = accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80800)
getsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async, rerun: 32)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) (async, rerun: 32)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)

03:34:11 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f00000000c0)=0x9b, 0x4)
getpeername$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)

03:34:11 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000006c0), &(0x7f0000000700)=0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000740)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000080), &(0x7f0000000040)=0xfd52)
sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000680)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000140)={0x4dc, 0x3f3, 0x400, 0x70bd26, 0x25dfdbfd, {0x5, 0x2, 0x32, [0x4, 0x9a5, 0x5, 0x8, 0x2, 0x79, 0x9, 0x11da, 0x6, 0x5, 0x1, 0x3f, 0x7, 0x61, 0x3, 0x8, 0x2, 0xfffffff8, 0x3, 0x6, 0x81, 0x9, 0xfff, 0x80000000, 0x31be, 0x1000, 0x0, 0x7fffffff, 0x2, 0x5, 0x7f, 0xf447, 0x3, 0xc, 0xfda, 0x4, 0x8000, 0x9, 0x8001, 0x5, 0x3, 0x0, 0xe5, 0x2, 0x2, 0xfff, 0x4, 0x4f, 0x4, 0x5, 0xace, 0x0, 0xdb88, 0x9244, 0x8dd, 0x6, 0x3f, 0x5, 0x4, 0x8, 0x0, 0xffffffff, 0x7, 0x3], [0x0, 0x614, 0x1, 0x7fffffff, 0x2, 0x80, 0x1f, 0x3, 0x3f, 0x2, 0x7fff, 0x4, 0x4, 0x95, 0x1c, 0x3, 0x0, 0x0, 0x401, 0x1f, 0xfffffffb, 0xc, 0xfd9b, 0x2, 0x0, 0xbfc, 0x3, 0x2f0, 0x8, 0x3, 0x7, 0x1000, 0x8, 0x9, 0x10001, 0x0, 0x80000001, 0x5, 0xfff, 0x8000, 0x12, 0x800, 0x6, 0x3, 0xf5, 0x2, 0x7fff, 0x2, 0x5, 0x3, 0x3ff, 0x7, 0x7, 0x3, 0x0, 0x81, 0x25b5a61e, 0x1, 0xf7, 0x558, 0x2, 0x78b, 0x1, 0x9], [0x9, 0x6, 0x9, 0x8, 0x862f, 0x4b1a, 0x1f, 0x20, 0x9, 0x10001, 0x8001, 0xfffffffa, 0x8, 0x8, 0xfff, 0x4, 0x8000, 0x100, 0x6, 0x1, 0x2, 0x80000001, 0x5d, 0x7fff, 0x4, 0x3, 0x3, 0x4, 0x45a, 0x2000, 0x8, 0x3, 0x7a, 0x6, 0x5, 0x40, 0x8, 0x4, 0x80000001, 0x9, 0xd696, 0xdb52, 0x1, 0x20, 0x3, 0xfffffff8, 0x4, 0x7, 0x80000000, 0x7fff, 0x3, 0x101, 0x8, 0x0, 0x9, 0x7, 0x7, 0x200, 0x80000001, 0x7, 0x5, 0x400, 0x4, 0x9], [0x1, 0x7, 0xfff, 0x2, 0x5, 0x2, 0x9, 0x2000, 0x400000, 0x2, 0x5, 0x3, 0x99, 0xd50, 0x1, 0xcd, 0x505, 0x9, 0x7, 0x7fffffff, 0x9, 0xb6a5, 0x7, 0xffff, 0x1, 0x7d6, 0x8, 0x7fffffff, 0x6, 0x80000000, 0xffff3fa3, 0x4, 0x1, 0x8001, 0x80, 0x7fff, 0x80000001, 0x0, 0x25c, 0x7e9, 0xde8b, 0x3, 0x1000, 0x136754ef, 0x4, 0x800, 0x401, 0x6b0, 0x68, 0x3, 0x5, 0x2, 0x0, 0x2, 0xc9, 0x7fffffff, 0x8009, 0x1, 0x7, 0x1, 0xfffffff7, 0x81, 0xffff, 0xa1], 0xbc, ['/sys/kernel/debug/binder/transaction_log\x00', '/sys/kernel/debug/binder/state\x00', '/sys/kernel/debug/binder/state\x00', '/sys/kernel/debug/binder/transaction_log\x00', '],\x00', '/sys/kernel/debug/binder/transaction_log\x00']}, ["", "", "", ""]}, 0x4dc}, 0x1, 0x0, 0x0, 0x1}, 0x20044080)

03:34:11 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e24, 0x1}}, 0x10)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f5, 0x10, 0x70bd2b, 0x25dfdbff, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x44050}, 0x10048000)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x3, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040)=0x5, 0x4)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:11 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000006c0), &(0x7f0000000700)=0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, 0x0, 0x0) (async)
bind$tipc(r1, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000740)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000080), &(0x7f0000000040)=0xfd52) (async)
getsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000080), &(0x7f0000000040)=0xfd52)
sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000680)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000140)={0x4dc, 0x3f3, 0x400, 0x70bd26, 0x25dfdbfd, {0x5, 0x2, 0x32, [0x4, 0x9a5, 0x5, 0x8, 0x2, 0x79, 0x9, 0x11da, 0x6, 0x5, 0x1, 0x3f, 0x7, 0x61, 0x3, 0x8, 0x2, 0xfffffff8, 0x3, 0x6, 0x81, 0x9, 0xfff, 0x80000000, 0x31be, 0x1000, 0x0, 0x7fffffff, 0x2, 0x5, 0x7f, 0xf447, 0x3, 0xc, 0xfda, 0x4, 0x8000, 0x9, 0x8001, 0x5, 0x3, 0x0, 0xe5, 0x2, 0x2, 0xfff, 0x4, 0x4f, 0x4, 0x5, 0xace, 0x0, 0xdb88, 0x9244, 0x8dd, 0x6, 0x3f, 0x5, 0x4, 0x8, 0x0, 0xffffffff, 0x7, 0x3], [0x0, 0x614, 0x1, 0x7fffffff, 0x2, 0x80, 0x1f, 0x3, 0x3f, 0x2, 0x7fff, 0x4, 0x4, 0x95, 0x1c, 0x3, 0x0, 0x0, 0x401, 0x1f, 0xfffffffb, 0xc, 0xfd9b, 0x2, 0x0, 0xbfc, 0x3, 0x2f0, 0x8, 0x3, 0x7, 0x1000, 0x8, 0x9, 0x10001, 0x0, 0x80000001, 0x5, 0xfff, 0x8000, 0x12, 0x800, 0x6, 0x3, 0xf5, 0x2, 0x7fff, 0x2, 0x5, 0x3, 0x3ff, 0x7, 0x7, 0x3, 0x0, 0x81, 0x25b5a61e, 0x1, 0xf7, 0x558, 0x2, 0x78b, 0x1, 0x9], [0x9, 0x6, 0x9, 0x8, 0x862f, 0x4b1a, 0x1f, 0x20, 0x9, 0x10001, 0x8001, 0xfffffffa, 0x8, 0x8, 0xfff, 0x4, 0x8000, 0x100, 0x6, 0x1, 0x2, 0x80000001, 0x5d, 0x7fff, 0x4, 0x3, 0x3, 0x4, 0x45a, 0x2000, 0x8, 0x3, 0x7a, 0x6, 0x5, 0x40, 0x8, 0x4, 0x80000001, 0x9, 0xd696, 0xdb52, 0x1, 0x20, 0x3, 0xfffffff8, 0x4, 0x7, 0x80000000, 0x7fff, 0x3, 0x101, 0x8, 0x0, 0x9, 0x7, 0x7, 0x200, 0x80000001, 0x7, 0x5, 0x400, 0x4, 0x9], [0x1, 0x7, 0xfff, 0x2, 0x5, 0x2, 0x9, 0x2000, 0x400000, 0x2, 0x5, 0x3, 0x99, 0xd50, 0x1, 0xcd, 0x505, 0x9, 0x7, 0x7fffffff, 0x9, 0xb6a5, 0x7, 0xffff, 0x1, 0x7d6, 0x8, 0x7fffffff, 0x6, 0x80000000, 0xffff3fa3, 0x4, 0x1, 0x8001, 0x80, 0x7fff, 0x80000001, 0x0, 0x25c, 0x7e9, 0xde8b, 0x3, 0x1000, 0x136754ef, 0x4, 0x800, 0x401, 0x6b0, 0x68, 0x3, 0x5, 0x2, 0x0, 0x2, 0xc9, 0x7fffffff, 0x8009, 0x1, 0x7, 0x1, 0xfffffff7, 0x81, 0xffff, 0xa1], 0xbc, ['/sys/kernel/debug/binder/transaction_log\x00', '/sys/kernel/debug/binder/state\x00', '/sys/kernel/debug/binder/state\x00', '/sys/kernel/debug/binder/transaction_log\x00', '],\x00', '/sys/kernel/debug/binder/transaction_log\x00']}, ["", "", "", ""]}, 0x4dc}, 0x1, 0x0, 0x0, 0x1}, 0x20044080)

03:34:11 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000001080)='veno\x00', 0x5)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000)
socket$pppl2tp(0x18, 0x1, 0x1)

[ 2038.848936][T31725]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2038.855538][T31725] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f00000000c0)=0x9b, 0x4) (async)
getpeername$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)

03:34:11 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000001080)='veno\x00', 0x5)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000)
socket$pppl2tp(0x18, 0x1, 0x1)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
socket$bt_rfcomm(0x1f, 0x1, 0x3) (async)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000001080)='veno\x00', 0x5) (async)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)

[ 2038.933004][T31759] FAULT_INJECTION: forcing a failure.
[ 2038.933004][T31759] name failslab, interval 1, probability 0, space 0, times 0
[ 2038.956799][T31759] CPU: 0 PID: 31759 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2038.966957][T31759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2038.976849][T31759] Call Trace:
[ 2038.979982][T31759]  dump_stack+0x1d8/0x241
[ 2038.984257][T31759]  ? panic+0x896/0x896
[ 2038.988137][T31759]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2038.993773][T31759]  should_fail+0x71f/0x880
[ 2038.998020][T31759]  ? kmem_cache_alloc_trace+0xdc/0x260
[ 2039.003406][T31759]  ? setup_fault_attr+0x3d0/0x3d0
[ 2039.008270][T31759]  ? blk_mq_alloc_rq_map+0xb5/0x1a0
[ 2039.013309][T31759]  should_failslab+0x5/0x20
[ 2039.017649][T31759]  __kmalloc+0x51/0x2e0
[ 2039.021629][T31759]  blk_mq_alloc_rq_map+0xb5/0x1a0
[ 2039.026491][T31759]  blk_mq_init_sched+0x1d6/0xaf0
[ 2039.031266][T31759]  elevator_init_mq+0x2cc/0x3e0
[ 2039.035952][T31759]  __device_add_disk+0xf2/0x1220
[ 2039.040724][T31759]  ? sprintf+0xd6/0x120
[ 2039.044714][T31759]  ? device_add_disk+0x30/0x30
[ 2039.051225][T31759]  ? vsprintf+0x30/0x30
[ 2039.055311][T31759]  ? __alloc_disk_node+0x459/0x5a0
[ 2039.060254][T31759]  loop_add+0x573/0x740
[ 2039.064245][T31759]  loop_control_ioctl+0x448/0x620
[ 2039.069107][T31759]  ? loop_remove+0xa0/0xa0
[ 2039.073368][T31759]  ? memset+0x1f/0x40
[ 2039.077178][T31759]  ? fsnotify+0x1280/0x1340
[ 2039.081516][T31759]  ? loop_remove+0xa0/0xa0
[ 2039.085769][T31759]  do_vfs_ioctl+0x742/0x1720
[ 2039.090198][T31759]  ? ioctl_preallocate+0x250/0x250
[ 2039.095143][T31759]  ? __fget+0x407/0x490
[ 2039.099139][T31759]  ? fget_many+0x20/0x20
[ 2039.103212][T31759]  ? debug_smp_processor_id+0x20/0x20
[ 2039.108423][T31759]  ? security_file_ioctl+0x7d/0xa0
[ 2039.113366][T31759]  __x64_sys_ioctl+0xd4/0x110
[ 2039.117886][T31759]  do_syscall_64+0xca/0x1c0
[ 2039.122221][T31759]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:11 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 39)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x3, 0x1}, 0x10) (async)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040)=0x5, 0x4) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async, rerun: 64)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f00000000c0)=0x9b, 0x4) (async, rerun: 64)
getpeername$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)

03:34:11 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000006c0), &(0x7f0000000700)=0x4) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async, rerun: 32)
bind$tipc(r1, 0x0, 0x0) (rerun: 32)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000740)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
getsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000080), &(0x7f0000000040)=0xfd52) (async, rerun: 64)
sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000680)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000140)={0x4dc, 0x3f3, 0x400, 0x70bd26, 0x25dfdbfd, {0x5, 0x2, 0x32, [0x4, 0x9a5, 0x5, 0x8, 0x2, 0x79, 0x9, 0x11da, 0x6, 0x5, 0x1, 0x3f, 0x7, 0x61, 0x3, 0x8, 0x2, 0xfffffff8, 0x3, 0x6, 0x81, 0x9, 0xfff, 0x80000000, 0x31be, 0x1000, 0x0, 0x7fffffff, 0x2, 0x5, 0x7f, 0xf447, 0x3, 0xc, 0xfda, 0x4, 0x8000, 0x9, 0x8001, 0x5, 0x3, 0x0, 0xe5, 0x2, 0x2, 0xfff, 0x4, 0x4f, 0x4, 0x5, 0xace, 0x0, 0xdb88, 0x9244, 0x8dd, 0x6, 0x3f, 0x5, 0x4, 0x8, 0x0, 0xffffffff, 0x7, 0x3], [0x0, 0x614, 0x1, 0x7fffffff, 0x2, 0x80, 0x1f, 0x3, 0x3f, 0x2, 0x7fff, 0x4, 0x4, 0x95, 0x1c, 0x3, 0x0, 0x0, 0x401, 0x1f, 0xfffffffb, 0xc, 0xfd9b, 0x2, 0x0, 0xbfc, 0x3, 0x2f0, 0x8, 0x3, 0x7, 0x1000, 0x8, 0x9, 0x10001, 0x0, 0x80000001, 0x5, 0xfff, 0x8000, 0x12, 0x800, 0x6, 0x3, 0xf5, 0x2, 0x7fff, 0x2, 0x5, 0x3, 0x3ff, 0x7, 0x7, 0x3, 0x0, 0x81, 0x25b5a61e, 0x1, 0xf7, 0x558, 0x2, 0x78b, 0x1, 0x9], [0x9, 0x6, 0x9, 0x8, 0x862f, 0x4b1a, 0x1f, 0x20, 0x9, 0x10001, 0x8001, 0xfffffffa, 0x8, 0x8, 0xfff, 0x4, 0x8000, 0x100, 0x6, 0x1, 0x2, 0x80000001, 0x5d, 0x7fff, 0x4, 0x3, 0x3, 0x4, 0x45a, 0x2000, 0x8, 0x3, 0x7a, 0x6, 0x5, 0x40, 0x8, 0x4, 0x80000001, 0x9, 0xd696, 0xdb52, 0x1, 0x20, 0x3, 0xfffffff8, 0x4, 0x7, 0x80000000, 0x7fff, 0x3, 0x101, 0x8, 0x0, 0x9, 0x7, 0x7, 0x200, 0x80000001, 0x7, 0x5, 0x400, 0x4, 0x9], [0x1, 0x7, 0xfff, 0x2, 0x5, 0x2, 0x9, 0x2000, 0x400000, 0x2, 0x5, 0x3, 0x99, 0xd50, 0x1, 0xcd, 0x505, 0x9, 0x7, 0x7fffffff, 0x9, 0xb6a5, 0x7, 0xffff, 0x1, 0x7d6, 0x8, 0x7fffffff, 0x6, 0x80000000, 0xffff3fa3, 0x4, 0x1, 0x8001, 0x80, 0x7fff, 0x80000001, 0x0, 0x25c, 0x7e9, 0xde8b, 0x3, 0x1000, 0x136754ef, 0x4, 0x800, 0x401, 0x6b0, 0x68, 0x3, 0x5, 0x2, 0x0, 0x2, 0xc9, 0x7fffffff, 0x8009, 0x1, 0x7, 0x1, 0xfffffff7, 0x81, 0xffff, 0xa1], 0xbc, ['/sys/kernel/debug/binder/transaction_log\x00', '/sys/kernel/debug/binder/state\x00', '/sys/kernel/debug/binder/state\x00', '/sys/kernel/debug/binder/transaction_log\x00', '],\x00', '/sys/kernel/debug/binder/transaction_log\x00']}, ["", "", "", ""]}, 0x4dc}, 0x1, 0x0, 0x0, 0x1}, 0x20044080) (rerun: 64)

03:34:11 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000001080)='veno\x00', 0x5) (async)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/4096, &(0x7f0000000000)=0x1000) (async)
socket$pppl2tp(0x18, 0x1, 0x1)

03:34:11 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e24, 0x1}}, 0x10) (async)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f5, 0x10, 0x70bd2b, 0x25dfdbff, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x44050}, 0x10048000)

03:34:11 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x27)

03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:11 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x40, 0x3, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040)=0x5, 0x4) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

[ 2039.128373][T31759] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:11 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@id={0x1e, 0x3, 0x2, {0x4e24, 0x1}}, 0x10)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f5, 0x10, 0x70bd2b, 0x25dfdbff, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x44050}, 0x10048000)

03:34:11 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x27)

03:34:11 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

[ 2039.266560][T31812] FAULT_INJECTION: forcing a failure.
[ 2039.266560][T31812] name failslab, interval 1, probability 0, space 0, times 0
[ 2039.280033][T31812] CPU: 1 PID: 31812 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2039.290091][T31812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2039.299975][T31812] Call Trace:
[ 2039.303123][T31812]  dump_stack+0x1d8/0x241
[ 2039.307288][T31812]  ? panic+0x896/0x896
[ 2039.311191][T31812]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2039.316931][T31812]  should_fail+0x71f/0x880
[ 2039.321347][T31812]  ? setup_fault_attr+0x3d0/0x3d0
[ 2039.326284][T31812]  ? blk_mq_alloc_rq_map+0xeb/0x1a0
[ 2039.331333][T31812]  should_failslab+0x5/0x20
[ 2039.335662][T31812]  __kmalloc+0x51/0x2e0
[ 2039.339667][T31812]  blk_mq_alloc_rq_map+0xeb/0x1a0
[ 2039.344696][T31812]  blk_mq_init_sched+0x1d6/0xaf0
[ 2039.351119][T31812]  elevator_init_mq+0x2cc/0x3e0
[ 2039.355802][T31812]  __device_add_disk+0xf2/0x1220
[ 2039.360567][T31812]  ? sprintf+0xd6/0x120
[ 2039.364555][T31812]  ? device_add_disk+0x30/0x30
[ 2039.369159][T31812]  ? vsprintf+0x30/0x30
[ 2039.373162][T31812]  ? __alloc_disk_node+0x459/0x5a0
[ 2039.378095][T31812]  loop_add+0x573/0x740
[ 2039.382092][T31812]  loop_control_ioctl+0x448/0x620
[ 2039.386947][T31812]  ? loop_remove+0xa0/0xa0
[ 2039.391204][T31812]  ? memset+0x1f/0x40
[ 2039.395017][T31812]  ? fsnotify+0x1280/0x1340
[ 2039.399361][T31812]  ? loop_remove+0xa0/0xa0
[ 2039.403786][T31812]  do_vfs_ioctl+0x742/0x1720
[ 2039.408215][T31812]  ? ioctl_preallocate+0x250/0x250
[ 2039.413169][T31812]  ? __fget+0x407/0x490
03:34:12 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 40)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:12 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x4, 0x2}}, 0x10)

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = getpid()
syz_open_procfs(r1, 0x0)
syz_open_procfs(r1, &(0x7f0000000040)='timers\x00')

03:34:12 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:12 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x27)

03:34:12 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000280)={<r5=>0x0, @local, @empty}, &(0x7f00000002c0)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000c80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x48000000}, 0xc, &(0x7f0000000c40)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\b\x00\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fbdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="6c0102803c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400a600000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="3c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000008000100", @ANYRES32=0x0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="e001028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040003e40000080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400880e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040000000000080007000000006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400180c000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r4, @ANYBLOB="6401028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000010000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000600000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004007d5d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="9000028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=0x0, @ANYBLOB="9c01028084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000540004000300010005000000150c012e0100000007008080dbd0000000000616ff0f00000500030802000000ff010101000000001f002004e20f000000000903000000002000030007000000040001030400000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000000008038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000010000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400030000006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400ff03fc0508000000008080810900000006007f060900000000000680ff0f000008000405010000000800c70906000000090000010101000008000100", @ANYRES32=0x0, @ANYBLOB="fc0002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r6, @ANYBLOB="080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\a\x00\x00\x00\x00\x00'], 0x864}, 0x1, 0x0, 0x0, 0x24004075}, 0x40001c0)

03:34:12 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0xb77e22fa81474119, 0x1, 0x2}}, 0x10)
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10, 0x0)
getpeername$tipc(r0, &(0x7f0000000140)=@id, &(0x7f0000000180)=0x10)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080)=0xde84, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000300)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/210, 0xd2, 0x1, &(0x7f00000002c0)=""/13, 0xd}, &(0x7f0000000340)=0x40)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:12 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000080)=@id={0x1e, 0x3, 0x1, {0x4e20}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, 0x0, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f00000000c0)={0x6}, 0x8)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000040)={'pimreg1\x00', 0xffffff72})

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
r1 = getpid()
syz_open_procfs(r1, 0x0)
syz_open_procfs(r1, &(0x7f0000000040)='timers\x00')

[ 2039.417165][T31812]  ? fget_many+0x20/0x20
[ 2039.421237][T31812]  ? debug_smp_processor_id+0x20/0x20
[ 2039.426439][T31812]  ? security_file_ioctl+0x7d/0xa0
[ 2039.431484][T31812]  __x64_sys_ioctl+0xd4/0x110
[ 2039.436003][T31812]  do_syscall_64+0xca/0x1c0
[ 2039.440592][T31812]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2039.447386][T31812] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:12 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000280)={<r5=>0x0, @local, @empty}, &(0x7f00000002c0)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000c80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x48000000}, 0xc, &(0x7f0000000c40)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\b\x00\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fbdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="6c0102803c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400a600000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="3c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000008000100", @ANYRES32=0x0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="e001028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040003e40000080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400880e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040000000000080007000000006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400180c000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r4, @ANYBLOB="6401028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000010000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000600000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004007d5d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="9000028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=0x0, @ANYBLOB="9c01028084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000540004000300010005000000150c012e0100000007008080dbd0000000000616ff0f00000500030802000000ff010101000000001f002004e20f000000000903000000002000030007000000040001030400000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000000008038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000010000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400030000006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400ff03fc0508000000008080810900000006007f060900000000000680ff0f000008000405010000000800c70906000000090000010101000008000100", @ANYRES32=0x0, @ANYBLOB="fc0002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r6, @ANYBLOB="080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\a\x00\x00\x00\x00\x00'], 0x864}, 0x1, 0x0, 0x0, 0x24004075}, 0x40001c0) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000c80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x48000000}, 0xc, &(0x7f0000000c40)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\b\x00\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fbdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="6c0102803c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400a600000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="3c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000008000100", @ANYRES32=0x0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="e001028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040003e40000080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400880e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040000000000080007000000006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400180c000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r4, @ANYBLOB="6401028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000010000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000600000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004007d5d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="9000028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=0x0, @ANYBLOB="9c01028084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000540004000300010005000000150c012e0100000007008080dbd0000000000616ff0f00000500030802000000ff010101000000001f002004e20f000000000903000000002000030007000000040001030400000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000000008038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000010000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400030000006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400ff03fc0508000000008080810900000006007f060900000000000680ff0f000008000405010000000800c70906000000090000010101000008000100", @ANYRES32=0x0, @ANYBLOB="fc0002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r6, @ANYBLOB="080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\a\x00\x00\x00\x00\x00'], 0x864}, 0x1, 0x0, 0x0, 0x24004075}, 0x40001c0)

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = getpid()
syz_open_procfs(r1, 0x0)
syz_open_procfs(r1, &(0x7f0000000040)='timers\x00')

03:34:12 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000280)={<r5=>0x0, @local, @empty}, &(0x7f00000002c0)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000c80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x48000000}, 0xc, &(0x7f0000000c40)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\b\x00\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fbdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="6c0102803c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400a600000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="3c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000008000100", @ANYRES32=0x0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="e001028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040003e40000080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400880e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040000000000080007000000006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400180c000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r4, @ANYBLOB="6401028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000010000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000600000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004007d5d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="9000028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=0x0, @ANYBLOB="9c01028084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000540004000300010005000000150c012e0100000007008080dbd0000000000616ff0f00000500030802000000ff010101000000001f002004e20f000000000903000000002000030007000000040001030400000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000000008038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000010000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400030000006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400ff03fc0508000000008080810900000006007f060900000000000680ff0f000008000405010000000800c70906000000090000010101000008000100", @ANYRES32=0x0, @ANYBLOB="fc0002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r6, @ANYBLOB="080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\a\x00\x00\x00\x00\x00'], 0x864}, 0x1, 0x0, 0x0, 0x24004075}, 0x40001c0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) (async)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000180)}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000280)={0x0, @local, @empty}, &(0x7f00000002c0)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x58, &(0x7f0000000300)}, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000c80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x48000000}, 0xc, &(0x7f0000000c40)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\b\x00\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fbdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="6c0102803c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400a600000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000700000008000600", @ANYRES32=0x0, @ANYBLOB="3c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000008000100", @ANYRES32=0x0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="e001028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040003e40000080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400880e00003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040000000000080007000000006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400180c000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000900000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000300000008000100", @ANYRES32=r4, @ANYBLOB="6401028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000010000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000600000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004007d5d00003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="9000028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=0x0, @ANYBLOB="9c01028084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000540004000300010005000000150c012e0100000007008080dbd0000000000616ff0f00000500030802000000ff010101000000001f002004e20f000000000903000000002000030007000000040001030400000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000000008038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000010000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400030000006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c000400ff03fc0508000000008080810900000006007f060900000000000680ff0f000008000405010000000800c70906000000090000010101000008000100", @ANYRES32=0x0, @ANYBLOB="fc0002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r6, @ANYBLOB="080007000000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB='\b\x00\a\x00\x00\x00\x00\x00'], 0x864}, 0x1, 0x0, 0x0, 0x24004075}, 0x40001c0) (async)

[ 2039.514933][T31839] FAULT_INJECTION: forcing a failure.
[ 2039.514933][T31839] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2039.540190][T31839] CPU: 0 PID: 31839 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2039.550386][T31839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2039.560232][T31839] Call Trace:
[ 2039.563370][T31839]  dump_stack+0x1d8/0x241
[ 2039.567529][T31839]  ? panic+0x896/0x896
[ 2039.571424][T31839]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2039.577527][T31839]  ? stack_trace_save+0x118/0x1c0
[ 2039.582372][T31839]  ? stack_trace_snprint+0x170/0x170
[ 2039.587607][T31839]  ? blk_mq_alloc_rq_map+0x95/0x1a0
[ 2039.592628][T31839]  should_fail+0x71f/0x880
[ 2039.596869][T31839]  ? __kasan_kmalloc+0x1d9/0x210
[ 2039.601634][T31839]  ? setup_fault_attr+0x3d0/0x3d0
[ 2039.606493][T31839]  ? __kasan_kmalloc+0x1d9/0x210
[ 2039.611266][T31839]  ? loop_add+0x573/0x740
[ 2039.615449][T31839]  ? blk_mq_alloc_rq_map+0xeb/0x1a0
[ 2039.620478][T31839]  ? blk_mq_init_sched+0x1d6/0xaf0
[ 2039.625542][T31839]  __alloc_pages_nodemask+0x1b4/0x840
[ 2039.630742][T31839]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 2039.636139][T31839]  ? find_next_bit+0x7b/0x100
[ 2039.640634][T31839]  ? blk_mq_hw_queue_to_node+0xe3/0x100
[ 2039.646013][T31839]  blk_mq_alloc_rqs+0x230/0x660
[ 2039.650700][T31839]  blk_mq_init_sched+0x245/0xaf0
[ 2039.655474][T31839]  elevator_init_mq+0x2cc/0x3e0
[ 2039.660158][T31839]  __device_add_disk+0xf2/0x1220
[ 2039.664931][T31839]  ? sprintf+0xd6/0x120
[ 2039.668921][T31839]  ? device_add_disk+0x30/0x30
[ 2039.673521][T31839]  ? vsprintf+0x30/0x30
[ 2039.677627][T31839]  ? __alloc_disk_node+0x459/0x5a0
[ 2039.682589][T31839]  loop_add+0x573/0x740
[ 2039.686568][T31839]  loop_control_ioctl+0x448/0x620
[ 2039.691435][T31839]  ? loop_remove+0xa0/0xa0
[ 2039.695684][T31839]  ? memset+0x1f/0x40
[ 2039.699496][T31839]  ? fsnotify+0x1280/0x1340
[ 2039.703840][T31839]  ? loop_remove+0xa0/0xa0
[ 2039.708090][T31839]  do_vfs_ioctl+0x742/0x1720
03:34:12 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 41)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:12 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) (async)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2) (async)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x4, 0x2}}, 0x10)

03:34:12 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000080)=@id={0x1e, 0x3, 0x1, {0x4e20}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bind$tipc(r1, 0x0, 0x0) (async, rerun: 64)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f00000000c0)={0x6}, 0x8) (rerun: 64)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000040)={'pimreg1\x00', 0xffffff72})

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x4, 0x3}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
getrandom(&(0x7f0000000080)=""/4096, 0x1000, 0x2)

03:34:12 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000001100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000010c0)={&(0x7f0000000080)={0x1010, 0x3ed, 0x100, 0x70bd2d, 0x25dfdbfe, "c79d3e93f8cd4f07bebc69288764076c99fb648bea32baf3c1a69747932dd7fe0d4caa22f510ce1ab5374fd1ad098a302ded97dd0392e18095cf77d690252f412c392d573333d6b9cc4664db98d2a5016673bdea44f115b24ab221aba772283ba0beba3e0e60f7e925a4dc2c4ec34b6d2891af69b0616db1f5adbe783f75689b6b95dd97e362abb7c035e6b6b9251b4ef7579abf4791414da9bbd6bd5b5233ae88ce4b23d961e9e6c941b1082c66f3cbe8608164d548a8fa0b98830c658301deb64582242e0cc70a70127e7a32adf78eee0b0f3bec52a91cd55f3e88b053a837f84c32fedbd97835f9cf34fea1c929d17805d42570a9c680e4d2f5c17eca4c48b3ef31a76c3301636d57bdd4224b0235ca99b3da3a11e55182e4e94fb68f300f0761e662ebeca5a8248e624230f09ae05fd03c0810adb3f9056a48cd9ea5201f7a1c74f17769d889b835f94e0cf0b5602572132221a555b2f4aa0274ed775d9fbc003465804e0f41c9da88a837b8b9e8fd5c4b9c29a72ead87d0f9e75cc59180316d6586974f6e71375a4af09f9d9b333bd78e251f0a66ffc7855e0a7315e65f45f5c9bfe4a6213658b6905f61a6eb53ae8125caf909f7c0259382526dadfa28e24702a7a49095aeaa2586e235f2ef9719a804cd76cc812635dc78cd8acd25459c74611652658a02937881338ac71a9eb67d67970f3ebebba90a7d04ac0382dedcefd60e6b6216862737a1fa699f76a6712f332ea76104587565cf6238cd8ceaf7e1b1eb6dc1b04b3b566acf59dc77927d5da0ff7a425e83c52c3664e68f5e3daf29312599ae2fb565b4358e2441172366d4810d4c03a86498fdd651ba5aa47dfd63050cef70ac136e5dd28ad8f4e4f69a208c1f983a41d0e861211bd50fb7c734a87e40acf7c2e4e5d6a1a6f0e6f6be6ec94b691979d00340ae30da15cedfc76c682fc258f6c333452b60f6dc18174dd303e00db1fa586be8796238d289e18b1168c0342bf1f31d6401bfd116b81a22ba91b1b20812418b5b699ec6589e8e5a2cf73fe72f2184415b1b9232f2a51b1c9d3634a8a894b334bd6936dc85bd76a26c02a140f8f92487fc5b13a96aa0ce6a3e5d54ab57135d211faa43077d6b7d2cecf454623b6f6c756bf3df010f305c7af5061d9e3e17de85aa7adf1a2201136fdfaf5b7bd8f2785752f92bd72e1060d743834fa1cf602f13875a76b459718aca12977bed414d6615bb56d2f89dbd906f16b13d3f1dd5c12ff758ad89190804ec588183770b3ee3655f4aa3510b6fef169771b08fee60f1c74e2da33f4c100670dbe3bbc2d2f20289393afd3dcacb2e043a808a5068aea8b7de489f4e6e39b7d34d0869605cc03b224670229af08c71dfe75d05eadc599e7aed5ee81c96a7384c901f184802768478e5a5593d64f4d1c932bb1c5ef196214bc6ba250647d905611266f6184ec9ca0beb4ec997837110242492cc9a4af0b9491b7fae805765c9b0b24004f93bedc20746a58d79f96d0297d4f0c1ca2fbc95a151e3c06ace3575f9ef561d6f03c91a71fe2cad69e23d9fcaed46476bb996ae2262cffed8dab0ee3dc61992bb04e5e6574b2854df53cf18fbfa46c6224f45a6db7b8bb80bc629a78750c89dab01ce20fd8562280765909b8149f880feba6ac1a89295af89e06aad9e40c996493e1d15567c84bcc78064346c445cf007c67b569b870f8cb8986f482c67408d7ac014c11715b1d27742533052f4d927029b9d902383678cf7a9a853a687669eb1e19e3d83508e05d9038d65a716db8931c1d37ac52716806f0c43bc3e32617e7555b4ca677727b0021e5f26d864f274a713a735b2854d869c2165fd228de4c6f78b3d0d1e4bdb51c4387187834263f30d0b7c781d71e56ce61888c82f8e14d8f1ecb4fef0bce415b310ea51123024ffc504b6fdd8db3409322758e00ccd8e873f64de1eab7d76796979a81b2c9b1ac5eace610705028f2fd24bd1fc04f04ea90191bbbb11cf5b8cc83b23a49c8e6d66dcc3df54ca77657d4b0879007a31a47459f032c213a2be6cdd994141f122906a66aa6e309db1f23815380a2e4703bf4a32552c9012f15a08297529df5fdea57faa4f8244b96fc23aec80463f89d3785133407e03ef6e26b9986799bfeb1737f68c12d3668cb0f4cd52ea09fd408ad19e5c24c45cb3ff25544b3a3b47f6bfbdb2e623fe6ca8af16751f3cd63274e1ce52d0684ec97b23a7e777289244e58092cea25129b8fa7d34f7e76b71be18a35aabf5838ff55ec3ca22d0daea52faebab73ca880dffc5aae2ea5d8c154b6378263d4e8fcec2e926a4cc8ca4387d049e9928d22f1e273a2b2cf6d0ce4259cd6ca01300d790694dab8f0929404d68d1f5b219d8be265d0cf590c55bfdb01c94f3abdd6aa5de5052f625ce5f88a843edc178102df09f5425e3a096468e877f080bb54b6f4b90c57cc506d28ce55006298dc9e29977fb080c9da965cf531cb02f287b5180797080c91c98caa07d1bc8898154760c9d012796851eb09a031438ffb4ae8135a9282ae3106dbc4eb61f75429d7bd964d77b60e4c38bddecbb8367af364c3873fbe5158159818eb8726d28274d08d0ee6ef8724de3af9f911f7c39cc4c1e44b0418ead0989820dfb74d119d4f32d8c6dc8fe551d7444392f149728845c6920c87f537476ec5be508bdb2eeaf56ecce50f5c4814736ad41edf1a15b0be86491b4103d3c73167cf02f4255c59b3160ad1f7d4faeda33177621b1087df7e6cea4068cbc1719f00b43d5454ec24cb8f371e121a3b62c870057f6b868b4107b49b7740c0f4ad29b5d090fefaab41b23d09f19d05296c70bf5d91e5de255f77737cb7455330dd8672a71a0f2f8b93f9d8e571560cd3bf82e99e3d3197d96f92df5ad673e6015c954f1fc4adc44055a8f1f142ca3dac5dcd64982f559e5667901e7ad2e91688d513eccb553159ae34554b6f788f63f9e8544946d0efeb2f6fc9f9f3c106c71e8e1739c48062ade67510442aa5784a81a5efe56d5f8047211a3a69189b03225b15442c88f746a5b8de8420f5044c6ebfc238d627b21dfef26cf7ea9bd369fbf40a5ef1e2469803586db9eb707e3dec838b9a70d645ba1016e69f6dc5531af72ad72a555e8510b030268a359982c138c81c2fcdb69d0eb90b23a73f54100b0e38cdcd1548cfc2e366c53aaa41ce792334975fe912dd751487821bb36d076aa39a04257141e196bc5b34ba99110899bb23f03682c866f500f8cadea7bf8fdf3b020321dfdf86b7b5d6a58713e239e069385f969ea388bd15b4d100fda8e60bc68568be2a8d56846600ef443e481252a99742bfba39c0870c6ca0bc1a53771f87609ba1d0e34ea29c73b785015abda1294076d0024364b1b62de1c008578537faf8b2bcbbaa58b177ab4af1f7ff6612b920975e020b54af8d20bc3357a824b29dc6c55a51b1aee8f071674d84e972b2f110c23558eaf44e6ba01d2f9e36848718bd2c13cb408d82dbad66196834a1e2f049022b6de84fce834885fd2c421178088036e1ee1e42683da400827424537c5322bc38912417d9d894155b73c582c25cfa65ff2efc1702d17e4a98169564ec65814d35acd35d021e9bd9a194d979d46b2cc300eac02cbbd125b45a05c5c19a1a9dca73275f3b1d4306ee6a129b22fad5165205673fa2735867770e1aef45eb253306180bbc7324a9c57862b0f58d7583771db566d438e002a05679a19bb973e336e375401e14e68c0c0696efd7dea3a275e5c5ffc6e129021bc6d3b14b21b2d448b61744eb0fe707df4b696ccae87c9b9e347419573cae5db185f7a2d02788bc862b1ea132a19a08503b614145e049d18f380c09d95d9224e0b0515a33aecf08ce9d01711ac0d4b3e5e7cf320347c44e159d2eb4653ef58751ccb6e2308e8037cac90d09903c316aaaabeb1e478e4f605d71be1ae7cc2b32365df0dbf1f37f55d894d6d564b62719b81db86d69b05c173cbb929421f41d4245260f3b17aab29c875c90b787ced5c704dcf3ae15c0dfd2d85adfbbe7122e74083188bbd114563f7c764b2844a4c6faea733a7b2259e98539587769fd433f8fee701173b99f489983ada08dcdc939d8dd7f0e39316ae485e668b354d6c5dabd31832a7919c837dbf20c74697873f6edd32cc48c9756e8483cf6d0a49b6f65f7f71379a18f1d8203ee5dfebdd9ee491afe7d905b19efbef948380bf1efe54e0dcfd53ccc0ee7098a586f4a4f6e8b03b016a0c8b8df7b99b7cb7b58bbd9dc387ffee7dfce981600e4e5739f3a0914bc164395245f06f32c46fd152aceb8892ca2d1e820c4910a8f603292caa90f2627cb5f65ec2750791c2c71ec602762f781d47fd185ed0f5cb0951968198ae3f07755d83252415c9fa342d3693abf09effc79d7975118018223f29f00fc03d3c0eac29963b55e4ea36150a56b95373f478645357289cfd00ebf7ac26ef55ab6ff51cb598004fafd9dfa656c849860aa89aa6f9d2774c40adb7572506980029fe408e19b9ba5c5ac149d5e3e0773b41bebdc5e54e137b3c2827c1b4e55029d17c0192b6059d47f3ef4a0f921a3b4c2e6c9e0e971781f2c048dd2f5dccd781a16c6614a1456b5149aa2998f601e5f0120979d1f86ea5213da924fd26dd2c033bbc0e417bb58549aa704b1af29598cf676a7627d9c3b37f4869fafa2621bc65d6042918cee333976b4daec1ea83e9ca3f6a15b088bb0b02fd62f81eac9736d7af837ab67bc3f038934d3aac622381c8eb9d987d9228f1482dfdcc76e0bd072daeb3b5a9725c2a598a650f271744d2bd3cffef321108a3fb751be0949e58c40f9ed66513e62fdeff3802c15fc2654f3174ec441a6e168bb2c95a02a71c20d4c102f8050af4c90d59a94daae5ddd20256714be581113245786da025409c4892fb858e2d6b6d18f5c5a0dac07a573c5beffd0474ff7ab81dd9e0e779e24a6c221828c20a2ce587fa14096f903b95e90124eefe18392cd3edfdedcd27e9b9be487c7852785603c5b66f96ac2ea8cd94e875ba321b8db3b3509d3b829189ffd181766d4bfc250eb3c9651e44588e7da6e1db642ae5051522b0f386dce55347de27e0b2f0a6161a944799f9b6fd74d56222f375720b79a5f8c0dabaf45c88039c16215a375ffcb7e46ee2b75fc13c48326af2b5417ee2c8f569736a335c125144ee62af9e7ca52870cb190207dea7b2645a3b3e16f3ac10fe8eaff5030c12f544fefd717b62a29d943ba07cc48f30deafcbc46002c0a28369da8e72cb8dd3d6ed933f9380f80e184d882962a4b52f97569b06effef281c395b5f2c58cd26da14691075ff3212a987b07ccb2bf8ecfab93f22dc1c36904fe5dd43ac1c1c6b5422de92b232e8c31f3e62f47bf37a20bc930f9893b35185ea41741f297bd6ee38d1dbeb9f1bbc5d29350fb448c859223a33b1eafe30c59933d8fa68aaefb73b65b54288248cb3f864b8174f99db074dc542dcf3ae92cc19f84c0b585421db4245201665eb083b3872f2a426a4b050e4f1e9c6c7e8cd05e38c06b63b74cb259e85d059841f7df594dc6fb8cd4c118f446963a0e2dcdc54f05603472c87bfb258b3fe93c09beb9cd6e70013721fd2fb06f36770de99b09f9f4ca8fdc699e493b6fede5dd797815ac32feaec365f382f3a517a8aacf3f83b20917bc48fd44423854885b663adc5411d8b0a294edf586eb94d3f17805f4a40d9040242dd127b567aaf07f54f525c6cd5dcd0bb77e876ca6a48844845b7709b09e63385e9de8e4773f535b2b7f1869a185779adc", ["", ""]}, 0x1010}, 0x1, 0x0, 0x0, 0x30}, 0x10000000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001200)={0xffffffffffffffff, 0x0, 0x25, 0x0, @val=@iter={&(0x7f0000001180)=@task={r2, 0xffffffffffffffff, r0}, 0x10}}, 0x40)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
getpeername$tipc(r3, &(0x7f00000011c0)=@name, &(0x7f0000001140)=0xffffffffffffffbd)

03:34:12 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0xb77e22fa81474119, 0x1, 0x2}}, 0x10) (async)
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10, 0x0)
getpeername$tipc(r0, &(0x7f0000000140)=@id, &(0x7f0000000180)=0x10) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080)=0xde84, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000300)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/210, 0xd2, 0x1, &(0x7f00000002c0)=""/13, 0xd}, &(0x7f0000000340)=0x40)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x4, 0x3}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
getrandom(&(0x7f0000000080)=""/4096, 0x1000, 0x2)

[ 2039.712520][T31839]  ? ioctl_preallocate+0x250/0x250
[ 2039.717466][T31839]  ? __fget+0x407/0x490
[ 2039.721458][T31839]  ? fget_many+0x20/0x20
[ 2039.725546][T31839]  ? debug_smp_processor_id+0x20/0x20
[ 2039.730747][T31839]  ? security_file_ioctl+0x7d/0xa0
[ 2039.735702][T31839]  __x64_sys_ioctl+0xd4/0x110
[ 2039.740204][T31839]  do_syscall_64+0xca/0x1c0
[ 2039.744633][T31839]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:12 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000001100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000010c0)={&(0x7f0000000080)={0x1010, 0x3ed, 0x100, 0x70bd2d, 0x25dfdbfe, "c79d3e93f8cd4f07bebc69288764076c99fb648bea32baf3c1a69747932dd7fe0d4caa22f510ce1ab5374fd1ad098a302ded97dd0392e18095cf77d690252f412c392d573333d6b9cc4664db98d2a5016673bdea44f115b24ab221aba772283ba0beba3e0e60f7e925a4dc2c4ec34b6d2891af69b0616db1f5adbe783f75689b6b95dd97e362abb7c035e6b6b9251b4ef7579abf4791414da9bbd6bd5b5233ae88ce4b23d961e9e6c941b1082c66f3cbe8608164d548a8fa0b98830c658301deb64582242e0cc70a70127e7a32adf78eee0b0f3bec52a91cd55f3e88b053a837f84c32fedbd97835f9cf34fea1c929d17805d42570a9c680e4d2f5c17eca4c48b3ef31a76c3301636d57bdd4224b0235ca99b3da3a11e55182e4e94fb68f300f0761e662ebeca5a8248e624230f09ae05fd03c0810adb3f9056a48cd9ea5201f7a1c74f17769d889b835f94e0cf0b5602572132221a555b2f4aa0274ed775d9fbc003465804e0f41c9da88a837b8b9e8fd5c4b9c29a72ead87d0f9e75cc59180316d6586974f6e71375a4af09f9d9b333bd78e251f0a66ffc7855e0a7315e65f45f5c9bfe4a6213658b6905f61a6eb53ae8125caf909f7c0259382526dadfa28e24702a7a49095aeaa2586e235f2ef9719a804cd76cc812635dc78cd8acd25459c74611652658a02937881338ac71a9eb67d67970f3ebebba90a7d04ac0382dedcefd60e6b6216862737a1fa699f76a6712f332ea76104587565cf6238cd8ceaf7e1b1eb6dc1b04b3b566acf59dc77927d5da0ff7a425e83c52c3664e68f5e3daf29312599ae2fb565b4358e2441172366d4810d4c03a86498fdd651ba5aa47dfd63050cef70ac136e5dd28ad8f4e4f69a208c1f983a41d0e861211bd50fb7c734a87e40acf7c2e4e5d6a1a6f0e6f6be6ec94b691979d00340ae30da15cedfc76c682fc258f6c333452b60f6dc18174dd303e00db1fa586be8796238d289e18b1168c0342bf1f31d6401bfd116b81a22ba91b1b20812418b5b699ec6589e8e5a2cf73fe72f2184415b1b9232f2a51b1c9d3634a8a894b334bd6936dc85bd76a26c02a140f8f92487fc5b13a96aa0ce6a3e5d54ab57135d211faa43077d6b7d2cecf454623b6f6c756bf3df010f305c7af5061d9e3e17de85aa7adf1a2201136fdfaf5b7bd8f2785752f92bd72e1060d743834fa1cf602f13875a76b459718aca12977bed414d6615bb56d2f89dbd906f16b13d3f1dd5c12ff758ad89190804ec588183770b3ee3655f4aa3510b6fef169771b08fee60f1c74e2da33f4c100670dbe3bbc2d2f20289393afd3dcacb2e043a808a5068aea8b7de489f4e6e39b7d34d0869605cc03b224670229af08c71dfe75d05eadc599e7aed5ee81c96a7384c901f184802768478e5a5593d64f4d1c932bb1c5ef196214bc6ba250647d905611266f6184ec9ca0beb4ec997837110242492cc9a4af0b9491b7fae805765c9b0b24004f93bedc20746a58d79f96d0297d4f0c1ca2fbc95a151e3c06ace3575f9ef561d6f03c91a71fe2cad69e23d9fcaed46476bb996ae2262cffed8dab0ee3dc61992bb04e5e6574b2854df53cf18fbfa46c6224f45a6db7b8bb80bc629a78750c89dab01ce20fd8562280765909b8149f880feba6ac1a89295af89e06aad9e40c996493e1d15567c84bcc78064346c445cf007c67b569b870f8cb8986f482c67408d7ac014c11715b1d27742533052f4d927029b9d902383678cf7a9a853a687669eb1e19e3d83508e05d9038d65a716db8931c1d37ac52716806f0c43bc3e32617e7555b4ca677727b0021e5f26d864f274a713a735b2854d869c2165fd228de4c6f78b3d0d1e4bdb51c4387187834263f30d0b7c781d71e56ce61888c82f8e14d8f1ecb4fef0bce415b310ea51123024ffc504b6fdd8db3409322758e00ccd8e873f64de1eab7d76796979a81b2c9b1ac5eace610705028f2fd24bd1fc04f04ea90191bbbb11cf5b8cc83b23a49c8e6d66dcc3df54ca77657d4b0879007a31a47459f032c213a2be6cdd994141f122906a66aa6e309db1f23815380a2e4703bf4a32552c9012f15a08297529df5fdea57faa4f8244b96fc23aec80463f89d3785133407e03ef6e26b9986799bfeb1737f68c12d3668cb0f4cd52ea09fd408ad19e5c24c45cb3ff25544b3a3b47f6bfbdb2e623fe6ca8af16751f3cd63274e1ce52d0684ec97b23a7e777289244e58092cea25129b8fa7d34f7e76b71be18a35aabf5838ff55ec3ca22d0daea52faebab73ca880dffc5aae2ea5d8c154b6378263d4e8fcec2e926a4cc8ca4387d049e9928d22f1e273a2b2cf6d0ce4259cd6ca01300d790694dab8f0929404d68d1f5b219d8be265d0cf590c55bfdb01c94f3abdd6aa5de5052f625ce5f88a843edc178102df09f5425e3a096468e877f080bb54b6f4b90c57cc506d28ce55006298dc9e29977fb080c9da965cf531cb02f287b5180797080c91c98caa07d1bc8898154760c9d012796851eb09a031438ffb4ae8135a9282ae3106dbc4eb61f75429d7bd964d77b60e4c38bddecbb8367af364c3873fbe5158159818eb8726d28274d08d0ee6ef8724de3af9f911f7c39cc4c1e44b0418ead0989820dfb74d119d4f32d8c6dc8fe551d7444392f149728845c6920c87f537476ec5be508bdb2eeaf56ecce50f5c4814736ad41edf1a15b0be86491b4103d3c73167cf02f4255c59b3160ad1f7d4faeda33177621b1087df7e6cea4068cbc1719f00b43d5454ec24cb8f371e121a3b62c870057f6b868b4107b49b7740c0f4ad29b5d090fefaab41b23d09f19d05296c70bf5d91e5de255f77737cb7455330dd8672a71a0f2f8b93f9d8e571560cd3bf82e99e3d3197d96f92df5ad673e6015c954f1fc4adc44055a8f1f142ca3dac5dcd64982f559e5667901e7ad2e91688d513eccb553159ae34554b6f788f63f9e8544946d0efeb2f6fc9f9f3c106c71e8e1739c48062ade67510442aa5784a81a5efe56d5f8047211a3a69189b03225b15442c88f746a5b8de8420f5044c6ebfc238d627b21dfef26cf7ea9bd369fbf40a5ef1e2469803586db9eb707e3dec838b9a70d645ba1016e69f6dc5531af72ad72a555e8510b030268a359982c138c81c2fcdb69d0eb90b23a73f54100b0e38cdcd1548cfc2e366c53aaa41ce792334975fe912dd751487821bb36d076aa39a04257141e196bc5b34ba99110899bb23f03682c866f500f8cadea7bf8fdf3b020321dfdf86b7b5d6a58713e239e069385f969ea388bd15b4d100fda8e60bc68568be2a8d56846600ef443e481252a99742bfba39c0870c6ca0bc1a53771f87609ba1d0e34ea29c73b785015abda1294076d0024364b1b62de1c008578537faf8b2bcbbaa58b177ab4af1f7ff6612b920975e020b54af8d20bc3357a824b29dc6c55a51b1aee8f071674d84e972b2f110c23558eaf44e6ba01d2f9e36848718bd2c13cb408d82dbad66196834a1e2f049022b6de84fce834885fd2c421178088036e1ee1e42683da400827424537c5322bc38912417d9d894155b73c582c25cfa65ff2efc1702d17e4a98169564ec65814d35acd35d021e9bd9a194d979d46b2cc300eac02cbbd125b45a05c5c19a1a9dca73275f3b1d4306ee6a129b22fad5165205673fa2735867770e1aef45eb253306180bbc7324a9c57862b0f58d7583771db566d438e002a05679a19bb973e336e375401e14e68c0c0696efd7dea3a275e5c5ffc6e129021bc6d3b14b21b2d448b61744eb0fe707df4b696ccae87c9b9e347419573cae5db185f7a2d02788bc862b1ea132a19a08503b614145e049d18f380c09d95d9224e0b0515a33aecf08ce9d01711ac0d4b3e5e7cf320347c44e159d2eb4653ef58751ccb6e2308e8037cac90d09903c316aaaabeb1e478e4f605d71be1ae7cc2b32365df0dbf1f37f55d894d6d564b62719b81db86d69b05c173cbb929421f41d4245260f3b17aab29c875c90b787ced5c704dcf3ae15c0dfd2d85adfbbe7122e74083188bbd114563f7c764b2844a4c6faea733a7b2259e98539587769fd433f8fee701173b99f489983ada08dcdc939d8dd7f0e39316ae485e668b354d6c5dabd31832a7919c837dbf20c74697873f6edd32cc48c9756e8483cf6d0a49b6f65f7f71379a18f1d8203ee5dfebdd9ee491afe7d905b19efbef948380bf1efe54e0dcfd53ccc0ee7098a586f4a4f6e8b03b016a0c8b8df7b99b7cb7b58bbd9dc387ffee7dfce981600e4e5739f3a0914bc164395245f06f32c46fd152aceb8892ca2d1e820c4910a8f603292caa90f2627cb5f65ec2750791c2c71ec602762f781d47fd185ed0f5cb0951968198ae3f07755d83252415c9fa342d3693abf09effc79d7975118018223f29f00fc03d3c0eac29963b55e4ea36150a56b95373f478645357289cfd00ebf7ac26ef55ab6ff51cb598004fafd9dfa656c849860aa89aa6f9d2774c40adb7572506980029fe408e19b9ba5c5ac149d5e3e0773b41bebdc5e54e137b3c2827c1b4e55029d17c0192b6059d47f3ef4a0f921a3b4c2e6c9e0e971781f2c048dd2f5dccd781a16c6614a1456b5149aa2998f601e5f0120979d1f86ea5213da924fd26dd2c033bbc0e417bb58549aa704b1af29598cf676a7627d9c3b37f4869fafa2621bc65d6042918cee333976b4daec1ea83e9ca3f6a15b088bb0b02fd62f81eac9736d7af837ab67bc3f038934d3aac622381c8eb9d987d9228f1482dfdcc76e0bd072daeb3b5a9725c2a598a650f271744d2bd3cffef321108a3fb751be0949e58c40f9ed66513e62fdeff3802c15fc2654f3174ec441a6e168bb2c95a02a71c20d4c102f8050af4c90d59a94daae5ddd20256714be581113245786da025409c4892fb858e2d6b6d18f5c5a0dac07a573c5beffd0474ff7ab81dd9e0e779e24a6c221828c20a2ce587fa14096f903b95e90124eefe18392cd3edfdedcd27e9b9be487c7852785603c5b66f96ac2ea8cd94e875ba321b8db3b3509d3b829189ffd181766d4bfc250eb3c9651e44588e7da6e1db642ae5051522b0f386dce55347de27e0b2f0a6161a944799f9b6fd74d56222f375720b79a5f8c0dabaf45c88039c16215a375ffcb7e46ee2b75fc13c48326af2b5417ee2c8f569736a335c125144ee62af9e7ca52870cb190207dea7b2645a3b3e16f3ac10fe8eaff5030c12f544fefd717b62a29d943ba07cc48f30deafcbc46002c0a28369da8e72cb8dd3d6ed933f9380f80e184d882962a4b52f97569b06effef281c395b5f2c58cd26da14691075ff3212a987b07ccb2bf8ecfab93f22dc1c36904fe5dd43ac1c1c6b5422de92b232e8c31f3e62f47bf37a20bc930f9893b35185ea41741f297bd6ee38d1dbeb9f1bbc5d29350fb448c859223a33b1eafe30c59933d8fa68aaefb73b65b54288248cb3f864b8174f99db074dc542dcf3ae92cc19f84c0b585421db4245201665eb083b3872f2a426a4b050e4f1e9c6c7e8cd05e38c06b63b74cb259e85d059841f7df594dc6fb8cd4c118f446963a0e2dcdc54f05603472c87bfb258b3fe93c09beb9cd6e70013721fd2fb06f36770de99b09f9f4ca8fdc699e493b6fede5dd797815ac32feaec365f382f3a517a8aacf3f83b20917bc48fd44423854885b663adc5411d8b0a294edf586eb94d3f17805f4a40d9040242dd127b567aaf07f54f525c6cd5dcd0bb77e876ca6a48844845b7709b09e63385e9de8e4773f535b2b7f1869a185779adc", ["", ""]}, 0x1010}, 0x1, 0x0, 0x0, 0x30}, 0x10000000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getpid() (async)
r2 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001200)={0xffffffffffffffff, 0x0, 0x25, 0x0, @val=@iter={&(0x7f0000001180)=@task={r2, 0xffffffffffffffff, r0}, 0x10}}, 0x40)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
getpeername$tipc(r3, &(0x7f00000011c0)=@name, &(0x7f0000001140)=0xffffffffffffffbd) (async)
getpeername$tipc(r3, &(0x7f00000011c0)=@name, &(0x7f0000001140)=0xffffffffffffffbd)

03:34:12 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000080)=@id={0x1e, 0x3, 0x1, {0x4e20}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bind$tipc(r1, 0x0, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f00000000c0)={0x6}, 0x8) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000040)={'pimreg1\x00', 0xffffff72})

03:34:12 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0xb77e22fa81474119, 0x1, 0x2}}, 0x10)
r0 = accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10, 0x0)
getpeername$tipc(r0, &(0x7f0000000140)=@id, &(0x7f0000000180)=0x10) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080)=0xde84, 0x4) (async)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000300)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/210, 0xd2, 0x1, &(0x7f00000002c0)=""/13, 0xd}, &(0x7f0000000340)=0x40) (async)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x4, 0x3}, 0x10)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
getrandom(&(0x7f0000000080)=""/4096, 0x1000, 0x2)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x4, 0x3}, 0x10) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
getrandom(&(0x7f0000000080)=""/4096, 0x1000, 0x2) (async)

03:34:12 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000001100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000010c0)={&(0x7f0000000080)={0x1010, 0x3ed, 0x100, 0x70bd2d, 0x25dfdbfe, "c79d3e93f8cd4f07bebc69288764076c99fb648bea32baf3c1a69747932dd7fe0d4caa22f510ce1ab5374fd1ad098a302ded97dd0392e18095cf77d690252f412c392d573333d6b9cc4664db98d2a5016673bdea44f115b24ab221aba772283ba0beba3e0e60f7e925a4dc2c4ec34b6d2891af69b0616db1f5adbe783f75689b6b95dd97e362abb7c035e6b6b9251b4ef7579abf4791414da9bbd6bd5b5233ae88ce4b23d961e9e6c941b1082c66f3cbe8608164d548a8fa0b98830c658301deb64582242e0cc70a70127e7a32adf78eee0b0f3bec52a91cd55f3e88b053a837f84c32fedbd97835f9cf34fea1c929d17805d42570a9c680e4d2f5c17eca4c48b3ef31a76c3301636d57bdd4224b0235ca99b3da3a11e55182e4e94fb68f300f0761e662ebeca5a8248e624230f09ae05fd03c0810adb3f9056a48cd9ea5201f7a1c74f17769d889b835f94e0cf0b5602572132221a555b2f4aa0274ed775d9fbc003465804e0f41c9da88a837b8b9e8fd5c4b9c29a72ead87d0f9e75cc59180316d6586974f6e71375a4af09f9d9b333bd78e251f0a66ffc7855e0a7315e65f45f5c9bfe4a6213658b6905f61a6eb53ae8125caf909f7c0259382526dadfa28e24702a7a49095aeaa2586e235f2ef9719a804cd76cc812635dc78cd8acd25459c74611652658a02937881338ac71a9eb67d67970f3ebebba90a7d04ac0382dedcefd60e6b6216862737a1fa699f76a6712f332ea76104587565cf6238cd8ceaf7e1b1eb6dc1b04b3b566acf59dc77927d5da0ff7a425e83c52c3664e68f5e3daf29312599ae2fb565b4358e2441172366d4810d4c03a86498fdd651ba5aa47dfd63050cef70ac136e5dd28ad8f4e4f69a208c1f983a41d0e861211bd50fb7c734a87e40acf7c2e4e5d6a1a6f0e6f6be6ec94b691979d00340ae30da15cedfc76c682fc258f6c333452b60f6dc18174dd303e00db1fa586be8796238d289e18b1168c0342bf1f31d6401bfd116b81a22ba91b1b20812418b5b699ec6589e8e5a2cf73fe72f2184415b1b9232f2a51b1c9d3634a8a894b334bd6936dc85bd76a26c02a140f8f92487fc5b13a96aa0ce6a3e5d54ab57135d211faa43077d6b7d2cecf454623b6f6c756bf3df010f305c7af5061d9e3e17de85aa7adf1a2201136fdfaf5b7bd8f2785752f92bd72e1060d743834fa1cf602f13875a76b459718aca12977bed414d6615bb56d2f89dbd906f16b13d3f1dd5c12ff758ad89190804ec588183770b3ee3655f4aa3510b6fef169771b08fee60f1c74e2da33f4c100670dbe3bbc2d2f20289393afd3dcacb2e043a808a5068aea8b7de489f4e6e39b7d34d0869605cc03b224670229af08c71dfe75d05eadc599e7aed5ee81c96a7384c901f184802768478e5a5593d64f4d1c932bb1c5ef196214bc6ba250647d905611266f6184ec9ca0beb4ec997837110242492cc9a4af0b9491b7fae805765c9b0b24004f93bedc20746a58d79f96d0297d4f0c1ca2fbc95a151e3c06ace3575f9ef561d6f03c91a71fe2cad69e23d9fcaed46476bb996ae2262cffed8dab0ee3dc61992bb04e5e6574b2854df53cf18fbfa46c6224f45a6db7b8bb80bc629a78750c89dab01ce20fd8562280765909b8149f880feba6ac1a89295af89e06aad9e40c996493e1d15567c84bcc78064346c445cf007c67b569b870f8cb8986f482c67408d7ac014c11715b1d27742533052f4d927029b9d902383678cf7a9a853a687669eb1e19e3d83508e05d9038d65a716db8931c1d37ac52716806f0c43bc3e32617e7555b4ca677727b0021e5f26d864f274a713a735b2854d869c2165fd228de4c6f78b3d0d1e4bdb51c4387187834263f30d0b7c781d71e56ce61888c82f8e14d8f1ecb4fef0bce415b310ea51123024ffc504b6fdd8db3409322758e00ccd8e873f64de1eab7d76796979a81b2c9b1ac5eace610705028f2fd24bd1fc04f04ea90191bbbb11cf5b8cc83b23a49c8e6d66dcc3df54ca77657d4b0879007a31a47459f032c213a2be6cdd994141f122906a66aa6e309db1f23815380a2e4703bf4a32552c9012f15a08297529df5fdea57faa4f8244b96fc23aec80463f89d3785133407e03ef6e26b9986799bfeb1737f68c12d3668cb0f4cd52ea09fd408ad19e5c24c45cb3ff25544b3a3b47f6bfbdb2e623fe6ca8af16751f3cd63274e1ce52d0684ec97b23a7e777289244e58092cea25129b8fa7d34f7e76b71be18a35aabf5838ff55ec3ca22d0daea52faebab73ca880dffc5aae2ea5d8c154b6378263d4e8fcec2e926a4cc8ca4387d049e9928d22f1e273a2b2cf6d0ce4259cd6ca01300d790694dab8f0929404d68d1f5b219d8be265d0cf590c55bfdb01c94f3abdd6aa5de5052f625ce5f88a843edc178102df09f5425e3a096468e877f080bb54b6f4b90c57cc506d28ce55006298dc9e29977fb080c9da965cf531cb02f287b5180797080c91c98caa07d1bc8898154760c9d012796851eb09a031438ffb4ae8135a9282ae3106dbc4eb61f75429d7bd964d77b60e4c38bddecbb8367af364c3873fbe5158159818eb8726d28274d08d0ee6ef8724de3af9f911f7c39cc4c1e44b0418ead0989820dfb74d119d4f32d8c6dc8fe551d7444392f149728845c6920c87f537476ec5be508bdb2eeaf56ecce50f5c4814736ad41edf1a15b0be86491b4103d3c73167cf02f4255c59b3160ad1f7d4faeda33177621b1087df7e6cea4068cbc1719f00b43d5454ec24cb8f371e121a3b62c870057f6b868b4107b49b7740c0f4ad29b5d090fefaab41b23d09f19d05296c70bf5d91e5de255f77737cb7455330dd8672a71a0f2f8b93f9d8e571560cd3bf82e99e3d3197d96f92df5ad673e6015c954f1fc4adc44055a8f1f142ca3dac5dcd64982f559e5667901e7ad2e91688d513eccb553159ae34554b6f788f63f9e8544946d0efeb2f6fc9f9f3c106c71e8e1739c48062ade67510442aa5784a81a5efe56d5f8047211a3a69189b03225b15442c88f746a5b8de8420f5044c6ebfc238d627b21dfef26cf7ea9bd369fbf40a5ef1e2469803586db9eb707e3dec838b9a70d645ba1016e69f6dc5531af72ad72a555e8510b030268a359982c138c81c2fcdb69d0eb90b23a73f54100b0e38cdcd1548cfc2e366c53aaa41ce792334975fe912dd751487821bb36d076aa39a04257141e196bc5b34ba99110899bb23f03682c866f500f8cadea7bf8fdf3b020321dfdf86b7b5d6a58713e239e069385f969ea388bd15b4d100fda8e60bc68568be2a8d56846600ef443e481252a99742bfba39c0870c6ca0bc1a53771f87609ba1d0e34ea29c73b785015abda1294076d0024364b1b62de1c008578537faf8b2bcbbaa58b177ab4af1f7ff6612b920975e020b54af8d20bc3357a824b29dc6c55a51b1aee8f071674d84e972b2f110c23558eaf44e6ba01d2f9e36848718bd2c13cb408d82dbad66196834a1e2f049022b6de84fce834885fd2c421178088036e1ee1e42683da400827424537c5322bc38912417d9d894155b73c582c25cfa65ff2efc1702d17e4a98169564ec65814d35acd35d021e9bd9a194d979d46b2cc300eac02cbbd125b45a05c5c19a1a9dca73275f3b1d4306ee6a129b22fad5165205673fa2735867770e1aef45eb253306180bbc7324a9c57862b0f58d7583771db566d438e002a05679a19bb973e336e375401e14e68c0c0696efd7dea3a275e5c5ffc6e129021bc6d3b14b21b2d448b61744eb0fe707df4b696ccae87c9b9e347419573cae5db185f7a2d02788bc862b1ea132a19a08503b614145e049d18f380c09d95d9224e0b0515a33aecf08ce9d01711ac0d4b3e5e7cf320347c44e159d2eb4653ef58751ccb6e2308e8037cac90d09903c316aaaabeb1e478e4f605d71be1ae7cc2b32365df0dbf1f37f55d894d6d564b62719b81db86d69b05c173cbb929421f41d4245260f3b17aab29c875c90b787ced5c704dcf3ae15c0dfd2d85adfbbe7122e74083188bbd114563f7c764b2844a4c6faea733a7b2259e98539587769fd433f8fee701173b99f489983ada08dcdc939d8dd7f0e39316ae485e668b354d6c5dabd31832a7919c837dbf20c74697873f6edd32cc48c9756e8483cf6d0a49b6f65f7f71379a18f1d8203ee5dfebdd9ee491afe7d905b19efbef948380bf1efe54e0dcfd53ccc0ee7098a586f4a4f6e8b03b016a0c8b8df7b99b7cb7b58bbd9dc387ffee7dfce981600e4e5739f3a0914bc164395245f06f32c46fd152aceb8892ca2d1e820c4910a8f603292caa90f2627cb5f65ec2750791c2c71ec602762f781d47fd185ed0f5cb0951968198ae3f07755d83252415c9fa342d3693abf09effc79d7975118018223f29f00fc03d3c0eac29963b55e4ea36150a56b95373f478645357289cfd00ebf7ac26ef55ab6ff51cb598004fafd9dfa656c849860aa89aa6f9d2774c40adb7572506980029fe408e19b9ba5c5ac149d5e3e0773b41bebdc5e54e137b3c2827c1b4e55029d17c0192b6059d47f3ef4a0f921a3b4c2e6c9e0e971781f2c048dd2f5dccd781a16c6614a1456b5149aa2998f601e5f0120979d1f86ea5213da924fd26dd2c033bbc0e417bb58549aa704b1af29598cf676a7627d9c3b37f4869fafa2621bc65d6042918cee333976b4daec1ea83e9ca3f6a15b088bb0b02fd62f81eac9736d7af837ab67bc3f038934d3aac622381c8eb9d987d9228f1482dfdcc76e0bd072daeb3b5a9725c2a598a650f271744d2bd3cffef321108a3fb751be0949e58c40f9ed66513e62fdeff3802c15fc2654f3174ec441a6e168bb2c95a02a71c20d4c102f8050af4c90d59a94daae5ddd20256714be581113245786da025409c4892fb858e2d6b6d18f5c5a0dac07a573c5beffd0474ff7ab81dd9e0e779e24a6c221828c20a2ce587fa14096f903b95e90124eefe18392cd3edfdedcd27e9b9be487c7852785603c5b66f96ac2ea8cd94e875ba321b8db3b3509d3b829189ffd181766d4bfc250eb3c9651e44588e7da6e1db642ae5051522b0f386dce55347de27e0b2f0a6161a944799f9b6fd74d56222f375720b79a5f8c0dabaf45c88039c16215a375ffcb7e46ee2b75fc13c48326af2b5417ee2c8f569736a335c125144ee62af9e7ca52870cb190207dea7b2645a3b3e16f3ac10fe8eaff5030c12f544fefd717b62a29d943ba07cc48f30deafcbc46002c0a28369da8e72cb8dd3d6ed933f9380f80e184d882962a4b52f97569b06effef281c395b5f2c58cd26da14691075ff3212a987b07ccb2bf8ecfab93f22dc1c36904fe5dd43ac1c1c6b5422de92b232e8c31f3e62f47bf37a20bc930f9893b35185ea41741f297bd6ee38d1dbeb9f1bbc5d29350fb448c859223a33b1eafe30c59933d8fa68aaefb73b65b54288248cb3f864b8174f99db074dc542dcf3ae92cc19f84c0b585421db4245201665eb083b3872f2a426a4b050e4f1e9c6c7e8cd05e38c06b63b74cb259e85d059841f7df594dc6fb8cd4c118f446963a0e2dcdc54f05603472c87bfb258b3fe93c09beb9cd6e70013721fd2fb06f36770de99b09f9f4ca8fdc699e493b6fede5dd797815ac32feaec365f382f3a517a8aacf3f83b20917bc48fd44423854885b663adc5411d8b0a294edf586eb94d3f17805f4a40d9040242dd127b567aaf07f54f525c6cd5dcd0bb77e876ca6a48844845b7709b09e63385e9de8e4773f535b2b7f1869a185779adc", ["", ""]}, 0x1010}, 0x1, 0x0, 0x0, 0x30}, 0x10000000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000001200)={0xffffffffffffffff, 0x0, 0x25, 0x0, @val=@iter={&(0x7f0000001180)=@task={r2, 0xffffffffffffffff, r0}, 0x10}}, 0x40) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
getpeername$tipc(r3, &(0x7f00000011c0)=@name, &(0x7f0000001140)=0xffffffffffffffbd)

[ 2039.844460][T31882] FAULT_INJECTION: forcing a failure.
[ 2039.844460][T31882] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2039.860435][T31882] CPU: 1 PID: 31882 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2039.870486][T31882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2039.880375][T31882] Call Trace:
[ 2039.883518][T31882]  dump_stack+0x1d8/0x241
[ 2039.887668][T31882]  ? panic+0x896/0x896
[ 2039.891577][T31882]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2039.897309][T31882]  should_fail+0x71f/0x880
[ 2039.901594][T31882]  ? __kasan_kmalloc+0x1d9/0x210
[ 2039.906340][T31882]  ? setup_fault_attr+0x3d0/0x3d0
[ 2039.911199][T31882]  ? __kasan_kmalloc+0x1d9/0x210
[ 2039.915963][T31882]  ? loop_add+0x573/0x740
[ 2039.920142][T31882]  ? blk_mq_alloc_rq_map+0xeb/0x1a0
[ 2039.925163][T31882]  ? blk_mq_init_sched+0x1d6/0xaf0
[ 2039.930115][T31882]  __alloc_pages_nodemask+0x1b4/0x840
[ 2039.935338][T31882]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 2039.940708][T31882]  ? find_next_bit+0x7b/0x100
[ 2039.945219][T31882]  ? memset+0x1f/0x40
[ 2039.949034][T31882]  blk_mq_alloc_rqs+0x230/0x660
[ 2039.953723][T31882]  blk_mq_init_sched+0x245/0xaf0
[ 2039.958498][T31882]  elevator_init_mq+0x2cc/0x3e0
[ 2039.963180][T31882]  __device_add_disk+0xf2/0x1220
[ 2039.967959][T31882]  ? sprintf+0xd6/0x120
[ 2039.971945][T31882]  ? device_add_disk+0x30/0x30
[ 2039.976549][T31882]  ? vsprintf+0x30/0x30
[ 2039.980547][T31882]  ? __alloc_disk_node+0x459/0x5a0
[ 2039.985490][T31882]  loop_add+0x573/0x740
[ 2039.989483][T31882]  loop_control_ioctl+0x448/0x620
[ 2039.994373][T31882]  ? loop_remove+0xa0/0xa0
[ 2039.998595][T31882]  ? memset+0x1f/0x40
[ 2040.002407][T31882]  ? fsnotify+0x1280/0x1340
[ 2040.006754][T31882]  ? loop_remove+0xa0/0xa0
[ 2040.011003][T31882]  do_vfs_ioctl+0x742/0x1720
[ 2040.015432][T31882]  ? ioctl_preallocate+0x250/0x250
[ 2040.020380][T31882]  ? __fget+0x407/0x490
[ 2040.024369][T31882]  ? fget_many+0x20/0x20
[ 2040.028450][T31882]  ? debug_smp_processor_id+0x20/0x20
[ 2040.033660][T31882]  ? security_file_ioctl+0x7d/0xa0
[ 2040.038603][T31882]  __x64_sys_ioctl+0xd4/0x110
03:34:12 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 42)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:12 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='cgroup\x00')
bind$tipc(r1, 0x0, 0x0)

03:34:12 executing program 5:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x4, 0x2}}, 0x10)

03:34:12 executing program 1:
r0 = socket$tipc(0x1e, 0x7, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

03:34:12 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000040)={0xa, {0x0, 0x0, 0x7}}, 0xa)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:12 executing program 1:
r0 = socket$tipc(0x1e, 0x7, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
socket$tipc(0x1e, 0x7, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)

03:34:12 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0) (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='cgroup\x00')
bind$tipc(r1, 0x0, 0x0)

[ 2040.043119][T31882]  do_syscall_64+0xca/0x1c0
[ 2040.047458][T31882]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:12 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000040)={0xa, {0x0, 0x0, 0x7}}, 0xa)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:12 executing program 1:
r0 = socket$tipc(0x1e, 0x7, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

03:34:12 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

[ 2040.130092][T31913] FAULT_INJECTION: forcing a failure.
[ 2040.130092][T31913] name failslab, interval 1, probability 0, space 0, times 0
[ 2040.153708][T31913] CPU: 1 PID: 31913 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2040.163770][T31913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2040.173666][T31913] Call Trace:
[ 2040.176793][T31913]  dump_stack+0x1d8/0x241
[ 2040.180951][T31913]  ? panic+0x896/0x896
[ 2040.184859][T31913]  ? __alloc_pages_nodemask+0x393/0x840
[ 2040.190237][T31913]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2040.195970][T31913]  should_fail+0x71f/0x880
[ 2040.200227][T31913]  ? setup_fault_attr+0x3d0/0x3d0
[ 2040.205079][T31913]  ? lo_complete_rq+0x2b0/0x2b0
[ 2040.209765][T31913]  ? loop_init_request+0x31/0xa0
[ 2040.214539][T31913]  ? elevator_alloc+0x4b/0xc0
[ 2040.219051][T31913]  should_failslab+0x5/0x20
[ 2040.223391][T31913]  kmem_cache_alloc_trace+0x28/0x260
[ 2040.228520][T31913]  elevator_alloc+0x4b/0xc0
[ 2040.232853][T31913]  dd_init_queue+0x1f/0x330
[ 2040.237193][T31913]  blk_mq_init_sched+0x45a/0xaf0
[ 2040.241969][T31913]  elevator_init_mq+0x2cc/0x3e0
[ 2040.246661][T31913]  __device_add_disk+0xf2/0x1220
[ 2040.251431][T31913]  ? sprintf+0xd6/0x120
[ 2040.255422][T31913]  ? device_add_disk+0x30/0x30
[ 2040.260104][T31913]  ? vsprintf+0x30/0x30
[ 2040.264111][T31913]  ? __alloc_disk_node+0x459/0x5a0
[ 2040.269044][T31913]  loop_add+0x573/0x740
[ 2040.273039][T31913]  loop_control_ioctl+0x448/0x620
[ 2040.277897][T31913]  ? loop_remove+0xa0/0xa0
[ 2040.282152][T31913]  ? memset+0x1f/0x40
[ 2040.285968][T31913]  ? fsnotify+0x1280/0x1340
[ 2040.290327][T31913]  ? loop_remove+0xa0/0xa0
[ 2040.294562][T31913]  do_vfs_ioctl+0x742/0x1720
[ 2040.298989][T31913]  ? ioctl_preallocate+0x250/0x250
[ 2040.303937][T31913]  ? __fget+0x407/0x490
[ 2040.307930][T31913]  ? fget_many+0x20/0x20
[ 2040.312009][T31913]  ? debug_smp_processor_id+0x20/0x20
[ 2040.317215][T31913]  ? security_file_ioctl+0x7d/0xa0
[ 2040.322163][T31913]  __x64_sys_ioctl+0xd4/0x110
[ 2040.326675][T31913]  do_syscall_64+0xca/0x1c0
03:34:13 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 43)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:13 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:13 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='cgroup\x00') (async)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='cgroup\x00')
bind$tipc(r1, 0x0, 0x0)

03:34:13 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040)=0x67c, 0x4)

03:34:13 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:13 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_GET_REPORT_REPLY(r0, &(0x7f0000000040)={0xa, {0x0, 0x0, 0x7}}, 0xa)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:13 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:13 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x420400, 0x0)
sendmsg$AUDIT_LIST_RULES(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f5, 0x0, 0x70bd2d, 0x25dfdbff, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8010}, 0x1000)

03:34:13 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x0, 0x2}}, 0x10)

[ 2040.331028][T31913]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2040.337614][T31913] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:13 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040)=0x67c, 0x4)

03:34:13 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:13 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

[ 2040.432114][T31956] FAULT_INJECTION: forcing a failure.
[ 2040.432114][T31956] name failslab, interval 1, probability 0, space 0, times 0
[ 2040.446645][T31956] CPU: 1 PID: 31956 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2040.456704][T31956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2040.466585][T31956] Call Trace:
[ 2040.469722][T31956]  dump_stack+0x1d8/0x241
[ 2040.473879][T31956]  ? panic+0x896/0x896
[ 2040.477785][T31956]  ? __alloc_pages_nodemask+0x393/0x840
[ 2040.483186][T31956]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2040.489085][T31956]  should_fail+0x71f/0x880
[ 2040.493341][T31956]  ? setup_fault_attr+0x3d0/0x3d0
[ 2040.498181][T31956]  ? lo_complete_rq+0x2b0/0x2b0
[ 2040.502876][T31956]  ? loop_init_request+0x31/0xa0
[ 2040.507638][T31956]  ? elevator_alloc+0x4b/0xc0
[ 2040.512152][T31956]  should_failslab+0x5/0x20
[ 2040.516495][T31956]  kmem_cache_alloc_trace+0x28/0x260
[ 2040.521617][T31956]  elevator_alloc+0x4b/0xc0
[ 2040.525953][T31956]  dd_init_queue+0x1f/0x330
[ 2040.530295][T31956]  blk_mq_init_sched+0x45a/0xaf0
[ 2040.535074][T31956]  elevator_init_mq+0x2cc/0x3e0
[ 2040.539756][T31956]  __device_add_disk+0xf2/0x1220
[ 2040.544528][T31956]  ? sprintf+0xd6/0x120
[ 2040.548522][T31956]  ? device_add_disk+0x30/0x30
[ 2040.553117][T31956]  ? vsprintf+0x30/0x30
[ 2040.557113][T31956]  ? __alloc_disk_node+0x459/0x5a0
[ 2040.562061][T31956]  loop_add+0x573/0x740
[ 2040.566066][T31956]  loop_control_ioctl+0x448/0x620
[ 2040.570913][T31956]  ? loop_remove+0xa0/0xa0
[ 2040.575165][T31956]  ? memset+0x1f/0x40
[ 2040.579009][T31956]  ? fsnotify+0x1280/0x1340
[ 2040.583472][T31956]  ? loop_remove+0xa0/0xa0
[ 2040.587711][T31956]  do_vfs_ioctl+0x742/0x1720
[ 2040.592147][T31956]  ? ioctl_preallocate+0x250/0x250
[ 2040.597082][T31956]  ? __fget+0x407/0x490
[ 2040.601089][T31956]  ? fget_many+0x20/0x20
[ 2040.605162][T31956]  ? debug_smp_processor_id+0x20/0x20
[ 2040.610364][T31956]  ? security_file_ioctl+0x7d/0xa0
[ 2040.615308][T31956]  __x64_sys_ioctl+0xd4/0x110
[ 2040.619830][T31956]  do_syscall_64+0xca/0x1c0
[ 2040.624244][T31956]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:13 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 44)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:13 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:13 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040)=0x67c, 0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040)=0x67c, 0x4) (async)

03:34:13 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x420400, 0x0)
sendmsg$AUDIT_LIST_RULES(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f5, 0x0, 0x70bd2d, 0x25dfdbff, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8010}, 0x1000)

03:34:13 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x80800, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x400, 0x1ff, 0x7, 0x6, 0x80, 0x4}, 0xc)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_vif\x00')
io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000180)={0x800, 0x0, &(0x7f0000000140)=[r0, r1, r1]}, 0x3)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1c, 0xffff8001, 0xd0c, 0x81, 0x400, r1, 0x3f7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)

03:34:13 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x0, 0x2}}, 0x10) (async)
connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x0, 0x2}}, 0x10)

03:34:13 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
syz_open_dev$mouse(&(0x7f0000000040), 0x0, 0x4000)
bind$tipc(r0, 0x0, 0x0)

03:34:13 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x0, 0x2}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, 0x0, 0x2) (async)
connect$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x0, 0x2}}, 0x10) (async)

[ 2040.631518][T31956] "mq-deadline" elevator initialization failed, falling back to "none"
03:34:13 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x420400, 0x0)
sendmsg$AUDIT_LIST_RULES(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x3f5, 0x0, 0x70bd2d, 0x25dfdbff, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x8010}, 0x1000)

03:34:13 executing program 5:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r1=>0x0, @rand_addr, @multicast2}, &(0x7f0000000100)=0xc)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x118, r0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [{{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2e4}}}]}}, {{0x8, 0x1, r1}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x3, 0x20, 0x0, 0x5}, {0x8b31, 0x4, 0x1, 0x8}]}}}]}}]}, 0x118}, 0x1, 0x0, 0x0, 0x20040010}, 0x2000)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000300)=0x3, 0x4)

03:34:13 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x80800, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x400, 0x1ff, 0x7, 0x6, 0x80, 0x4}, 0xc) (async)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_vif\x00')
io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000180)={0x800, 0x0, &(0x7f0000000140)=[r0, r1, r1]}, 0x3)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1c, 0xffff8001, 0xd0c, 0x81, 0x400, r1, 0x3f7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)

03:34:13 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x80800, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x400, 0x1ff, 0x7, 0x6, 0x80, 0x4}, 0xc)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_vif\x00')
io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000180)={0x800, 0x0, &(0x7f0000000140)=[r0, r1, r1]}, 0x3)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1c, 0xffff8001, 0xd0c, 0x81, 0x400, r1, 0x3f7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x80800, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x400, 0x1ff, 0x7, 0x6, 0x80, 0x4}, 0xc) (async)
syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_mr_vif\x00') (async)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000180)={0x800, 0x0, &(0x7f0000000140)=[r0, r1, r1]}, 0x3) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1c, 0xffff8001, 0xd0c, 0x81, 0x400, r1, 0x3f7, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48) (async)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88) (async)

[ 2040.741596][T31984] FAULT_INJECTION: forcing a failure.
[ 2040.741596][T31984] name failslab, interval 1, probability 0, space 0, times 0
[ 2040.754055][T31984] CPU: 1 PID: 31984 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2040.764284][T31984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2040.774179][T31984] Call Trace:
[ 2040.777309][T31984]  dump_stack+0x1d8/0x241
[ 2040.781469][T31984]  ? panic+0x896/0x896
[ 2040.785382][T31984]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2040.791019][T31984]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2040.796921][T31984]  should_fail+0x71f/0x880
[ 2040.801209][T31984]  ? setup_fault_attr+0x3d0/0x3d0
[ 2040.806037][T31984]  ? memset+0x1f/0x40
[ 2040.809854][T31984]  ? number+0xd53/0x1000
[ 2040.813932][T31984]  ? device_create_vargs+0x7d/0x210
[ 2040.819053][T31984]  should_failslab+0x5/0x20
[ 2040.823770][T31984]  kmem_cache_alloc_trace+0x28/0x260
[ 2040.828876][T31984]  device_create_vargs+0x7d/0x210
[ 2040.833735][T31984]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2040.839638][T31984]  device_create+0xea/0x130
[ 2040.844082][T31984]  ? device_create_vargs+0x210/0x210
[ 2040.849192][T31984]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2040.854828][T31984]  bdi_register_va+0x84/0x610
[ 2040.859339][T31984]  bdi_register+0xd1/0x120
[ 2040.863590][T31984]  ? __device_add_disk+0x551/0x1220
[ 2040.868628][T31984]  ? bdi_register_va+0x610/0x610
[ 2040.873424][T31984]  ? percpu_ref_resurrect+0x113/0x190
[ 2040.878625][T31984]  bdi_register_owner+0x55/0xf0
[ 2040.883305][T31984]  __device_add_disk+0x5d1/0x1220
[ 2040.888157][T31984]  ? device_add_disk+0x30/0x30
[ 2040.892757][T31984]  ? vsprintf+0x30/0x30
[ 2040.896751][T31984]  ? __alloc_disk_node+0x459/0x5a0
[ 2040.901830][T31984]  loop_add+0x573/0x740
[ 2040.905818][T31984]  loop_control_ioctl+0x448/0x620
[ 2040.910681][T31984]  ? loop_remove+0xa0/0xa0
[ 2040.914926][T31984]  ? memset+0x1f/0x40
[ 2040.918741][T31984]  ? fsnotify+0x1280/0x1340
[ 2040.923080][T31984]  ? loop_remove+0xa0/0xa0
[ 2040.927349][T31984]  do_vfs_ioctl+0x742/0x1720
[ 2040.931798][T31984]  ? ioctl_preallocate+0x250/0x250
[ 2040.936710][T31984]  ? __fget+0x407/0x490
[ 2040.940730][T31984]  ? fget_many+0x20/0x20
[ 2040.944794][T31984]  ? debug_smp_processor_id+0x20/0x20
[ 2040.949989][T31984]  ? security_file_ioctl+0x7d/0xa0
[ 2040.954934][T31984]  __x64_sys_ioctl+0xd4/0x110
[ 2040.959450][T31984]  do_syscall_64+0xca/0x1c0
[ 2040.963790][T31984]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2040.971137][T31984] ------------[ cut here ]------------
[ 2040.976433][T31984] WARNING: CPU: 1 PID: 31984 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2040.985346][T31984] Modules linked in:
[ 2040.989085][T31984] CPU: 1 PID: 31984 Comm: syz-executor.0 Not tainted 5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2040.999149][T31984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2041.009057][T31984] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2041.014709][T31984] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2041.034136][T31984] RSP: 0018:ffff8881e0dbfa20 EFLAGS: 00010287
[ 2041.040033][T31984] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2041.047837][T31984] RDX: ffffc90000b43000 RSI: 000000000000983e RDI: 000000000000983f
[ 2041.055651][T31984] RBP: ffff8881e0dbfb58 R08: ffffffff8225122c R09: fffffbfff0beec4f
[ 2041.063554][T31984] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881ce688000
[ 2041.071502][T31984] R13: dffffc0000000000 R14: ffff8881ce688070 R15: 1ffff11039cd109d
[ 2041.079309][T31984] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2041.088067][T31984] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2041.094643][T31984] CR2: 00007fcb7193cd58 CR3: 00000001e5591000 CR4: 00000000003406a0
[ 2041.102457][T31984] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2041.110415][T31984] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2041.118278][T31984] Call Trace:
[ 2041.121410][T31984]  ? __warn+0x162/0x250
[ 2041.125400][T31984]  ? report_bug+0x3a1/0x4e0
[ 2041.129740][T31984]  ? __device_add_disk+0xea1/0x1220
[ 2041.134775][T31984]  ? __device_add_disk+0xea1/0x1220
[ 2041.139811][T31984]  ? do_invalid_op+0x6e/0x110
[ 2041.144318][T31984]  ? invalid_op+0x1e/0x30
[ 2041.148584][T31984]  ? __device_add_disk+0x5dc/0x1220
[ 2041.153605][T31984]  ? __device_add_disk+0xea1/0x1220
[ 2041.158653][T31984]  ? __device_add_disk+0xea1/0x1220
[ 2041.163674][T31984]  ? device_add_disk+0x30/0x30
[ 2041.168280][T31984]  ? vsprintf+0x30/0x30
[ 2041.172269][T31984]  ? __alloc_disk_node+0x459/0x5a0
[ 2041.180867][T31984]  loop_add+0x573/0x740
[ 2041.184864][T31984]  loop_control_ioctl+0x448/0x620
[ 2041.189713][T31984]  ? loop_remove+0xa0/0xa0
[ 2041.193969][T31984]  ? memset+0x1f/0x40
[ 2041.197780][T31984]  ? fsnotify+0x1280/0x1340
[ 2041.202122][T31984]  ? loop_remove+0xa0/0xa0
[ 2041.206380][T31984]  do_vfs_ioctl+0x742/0x1720
[ 2041.210806][T31984]  ? ioctl_preallocate+0x250/0x250
[ 2041.215752][T31984]  ? __fget+0x407/0x490
[ 2041.219758][T31984]  ? fget_many+0x20/0x20
[ 2041.223819][T31984]  ? debug_smp_processor_id+0x20/0x20
[ 2041.229035][T31984]  ? security_file_ioctl+0x7d/0xa0
[ 2041.233988][T31984]  __x64_sys_ioctl+0xd4/0x110
[ 2041.238580][T31984]  do_syscall_64+0xca/0x1c0
03:34:13 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 45)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:13 executing program 5:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r1=>0x0, @rand_addr, @multicast2}, &(0x7f0000000100)=0xc)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x118, r0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [{{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2e4}}}]}}, {{0x8, 0x1, r1}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x3, 0x20, 0x0, 0x5}, {0x8b31, 0x4, 0x1, 0x8}]}}}]}}]}, 0x118}, 0x1, 0x0, 0x0, 0x20040010}, 0x2000) (async)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000300)=0x3, 0x4)

03:34:13 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000040)=r4, 0x1)
bind$tipc(r1, 0x0, 0x0)

03:34:13 executing program 4:
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000007840)=[{0x7, 0x1, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/4096, 0x1000}, {&(0x7f0000001040)=""/84, 0x54}, {&(0x7f00000010c0)=""/195, 0xc3}, {&(0x7f00000011c0)=""/76, 0x4c}, {&(0x7f0000001240)=""/246, 0xf6}, {&(0x7f0000001340)=""/115, 0x73}, {&(0x7f00000013c0)=""/200, 0xc8}], &(0x7f0000001540)=[0x7, 0x8, 0x3f, 0x7e000000, 0xffff, 0x1, 0x2]}, {0x4, 0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000001580)=""/42, 0x2a}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f00000025c0)=""/209, 0xd1}, {&(0x7f00000026c0)=""/143, 0x8f}], &(0x7f00000027c0)=[0xffffffffffffffc1, 0x6, 0x7cf, 0x7, 0x1]}, {0x0, 0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000002800)=[0x9]}, {0x7, 0x1, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002840)=""/89, 0x59}, {&(0x7f00000028c0)=""/120, 0x78}, {&(0x7f0000002940)=""/96, 0x60}, {&(0x7f00000029c0)=""/98, 0x62}, {&(0x7f0000002a40)=""/105, 0x69}, {&(0x7f0000002ac0)=""/120, 0x78}, {&(0x7f0000002b40)=""/152, 0x98}], &(0x7f0000002c80)=[0x7fff, 0xb3f4]}, {0x3, 0x0, 0x0, &(0x7f0000002f40)=[{&(0x7f0000002cc0)=""/239, 0xef}, {&(0x7f0000002dc0)=""/90, 0x5a}, {&(0x7f0000002e40)=""/218, 0xda}], &(0x7f0000002f80)=[0xffffffff80000000, 0x20, 0x101, 0x800, 0xfffffffffffffffc, 0xfb, 0x8001, 0x100000001]}, {0x3, 0x0, 0x0, &(0x7f00000040c0)=[{&(0x7f0000002fc0)=""/4096, 0x1000}, {&(0x7f0000003fc0)=""/143, 0x8f}, {&(0x7f0000004080)=""/62, 0x3e}], &(0x7f0000004100)=[0x9, 0x7000000000000000, 0x8]}, {0x1, 0x0, 0x0, &(0x7f00000041c0)=[{&(0x7f0000004140)=""/119, 0x77}], &(0x7f0000004200)=[0x4, 0x4, 0x4fb4]}, {0x0, 0x1, 0x0, &(0x7f0000004240), &(0x7f0000004280)=[0x6a, 0x9, 0x2, 0x8000000000000000, 0x9, 0xf8a]}, {0x9, 0x0, 0x0, &(0x7f0000007740)=[{&(0x7f00000042c0)=""/223, 0xdf}, {&(0x7f00000043c0)=""/183, 0xb7}, {&(0x7f0000004480)=""/4096, 0x1000}, {&(0x7f0000005480)=""/4096, 0x1000}, {&(0x7f0000006480)=""/184, 0xb8}, {&(0x7f0000006540)=""/42, 0x2a}, {&(0x7f0000006580)=""/204, 0xcc}, {&(0x7f0000006680)=""/179, 0xb3}, {&(0x7f0000006740)=""/4096, 0x1000}], &(0x7f0000007800)=[0x80000001, 0x2, 0x7]}], 0x9)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000004240)=0x7, 0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:13 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
syz_open_dev$mouse(&(0x7f0000000040), 0x0, 0x4000)
bind$tipc(r0, 0x0, 0x0)

03:34:13 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:14 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000040)=r4, 0x1)
bind$tipc(r1, 0x0, 0x0)

03:34:14 executing program 5:
r0 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r1=>0x0, @rand_addr, @multicast2}, &(0x7f0000000100)=0xc)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x118, r0, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [{{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2e4}}}]}}, {{0x8, 0x1, r1}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0x3, 0x20, 0x0, 0x5}, {0x8b31, 0x4, 0x1, 0x8}]}}}]}}]}, 0x118}, 0x1, 0x0, 0x0, 0x20040010}, 0x2000) (async)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000300)=0x3, 0x4)

03:34:14 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
syz_open_dev$mouse(&(0x7f0000000040), 0x0, 0x4000)
bind$tipc(r0, 0x0, 0x0)

[ 2041.242917][T31984]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2041.248669][T31984] ---[ end trace 47f897a1e9344b10 ]---
03:34:14 executing program 4:
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000007840)=[{0x7, 0x1, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/4096, 0x1000}, {&(0x7f0000001040)=""/84, 0x54}, {&(0x7f00000010c0)=""/195, 0xc3}, {&(0x7f00000011c0)=""/76, 0x4c}, {&(0x7f0000001240)=""/246, 0xf6}, {&(0x7f0000001340)=""/115, 0x73}, {&(0x7f00000013c0)=""/200, 0xc8}], &(0x7f0000001540)=[0x7, 0x8, 0x3f, 0x7e000000, 0xffff, 0x1, 0x2]}, {0x4, 0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000001580)=""/42, 0x2a}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f00000025c0)=""/209, 0xd1}, {&(0x7f00000026c0)=""/143, 0x8f}], &(0x7f00000027c0)=[0xffffffffffffffc1, 0x6, 0x7cf, 0x7, 0x1]}, {0x0, 0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000002800)=[0x9]}, {0x7, 0x1, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002840)=""/89, 0x59}, {&(0x7f00000028c0)=""/120, 0x78}, {&(0x7f0000002940)=""/96, 0x60}, {&(0x7f00000029c0)=""/98, 0x62}, {&(0x7f0000002a40)=""/105, 0x69}, {&(0x7f0000002ac0)=""/120, 0x78}, {&(0x7f0000002b40)=""/152, 0x98}], &(0x7f0000002c80)=[0x7fff, 0xb3f4]}, {0x3, 0x0, 0x0, &(0x7f0000002f40)=[{&(0x7f0000002cc0)=""/239, 0xef}, {&(0x7f0000002dc0)=""/90, 0x5a}, {&(0x7f0000002e40)=""/218, 0xda}], &(0x7f0000002f80)=[0xffffffff80000000, 0x20, 0x101, 0x800, 0xfffffffffffffffc, 0xfb, 0x8001, 0x100000001]}, {0x3, 0x0, 0x0, &(0x7f00000040c0)=[{&(0x7f0000002fc0)=""/4096, 0x1000}, {&(0x7f0000003fc0)=""/143, 0x8f}, {&(0x7f0000004080)=""/62, 0x3e}], &(0x7f0000004100)=[0x9, 0x7000000000000000, 0x8]}, {0x1, 0x0, 0x0, &(0x7f00000041c0)=[{&(0x7f0000004140)=""/119, 0x77}], &(0x7f0000004200)=[0x4, 0x4, 0x4fb4]}, {0x0, 0x1, 0x0, &(0x7f0000004240), &(0x7f0000004280)=[0x6a, 0x9, 0x2, 0x8000000000000000, 0x9, 0xf8a]}, {0x9, 0x0, 0x0, &(0x7f0000007740)=[{&(0x7f00000042c0)=""/223, 0xdf}, {&(0x7f00000043c0)=""/183, 0xb7}, {&(0x7f0000004480)=""/4096, 0x1000}, {&(0x7f0000005480)=""/4096, 0x1000}, {&(0x7f0000006480)=""/184, 0xb8}, {&(0x7f0000006540)=""/42, 0x2a}, {&(0x7f0000006580)=""/204, 0xcc}, {&(0x7f0000006680)=""/179, 0xb3}, {&(0x7f0000006740)=""/4096, 0x1000}], &(0x7f0000007800)=[0x80000001, 0x2, 0x7]}], 0x9)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000004240)=0x7, 0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:14 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:14 executing program 1:
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

[ 2041.352392][T32025] FAULT_INJECTION: forcing a failure.
[ 2041.352392][T32025] name failslab, interval 1, probability 0, space 0, times 0
[ 2041.365096][T32025] CPU: 0 PID: 32025 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2041.376521][T32025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2041.386558][T32025] Call Trace:
[ 2041.389665][T32025]  dump_stack+0x1d8/0x241
[ 2041.393835][T32025]  ? panic+0x896/0x896
[ 2041.397725][T32025]  ? bdi_register_va+0x84/0x610
[ 2041.402417][T32025]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2041.408052][T32025]  ? loop_add+0x573/0x740
[ 2041.412207][T32025]  ? do_vfs_ioctl+0x742/0x1720
[ 2041.417094][T32025]  ? __x64_sys_ioctl+0xd4/0x110
[ 2041.421785][T32025]  ? do_syscall_64+0xca/0x1c0
[ 2041.426292][T32025]  should_fail+0x71f/0x880
[ 2041.430643][T32025]  ? setup_fault_attr+0x3d0/0x3d0
[ 2041.435498][T32025]  ? _raw_spin_lock+0x1b0/0x1b0
[ 2041.440186][T32025]  ? kobject_set_name_vargs+0x5d/0x110
[ 2041.445598][T32025]  should_failslab+0x5/0x20
[ 2041.449927][T32025]  __kmalloc_track_caller+0x4f/0x2b0
[ 2041.455179][T32025]  kstrdup_const+0x51/0x90
[ 2041.459400][T32025]  kobject_set_name_vargs+0x5d/0x110
[ 2041.464507][T32025]  device_create_vargs+0x183/0x210
[ 2041.469550][T32025]  device_create+0xea/0x130
[ 2041.473910][T32025]  ? device_create_vargs+0x210/0x210
[ 2041.479002][T32025]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2041.484608][T32025]  bdi_register_va+0x84/0x610
[ 2041.489066][T32025]  bdi_register+0xd1/0x120
[ 2041.493329][T32025]  ? __device_add_disk+0x551/0x1220
[ 2041.498387][T32025]  ? bdi_register_va+0x610/0x610
[ 2041.503127][T32025]  ? percpu_ref_resurrect+0x113/0x190
[ 2041.508342][T32025]  bdi_register_owner+0x55/0xf0
[ 2041.513024][T32025]  __device_add_disk+0x5d1/0x1220
[ 2041.517885][T32025]  ? device_add_disk+0x30/0x30
[ 2041.522482][T32025]  ? vsprintf+0x30/0x30
[ 2041.526481][T32025]  ? __alloc_disk_node+0x459/0x5a0
[ 2041.531513][T32025]  loop_add+0x573/0x740
[ 2041.535560][T32025]  loop_control_ioctl+0x448/0x620
[ 2041.540367][T32025]  ? loop_remove+0xa0/0xa0
[ 2041.544616][T32025]  ? memset+0x1f/0x40
[ 2041.548434][T32025]  ? fsnotify+0x1280/0x1340
[ 2041.552884][T32025]  ? loop_remove+0xa0/0xa0
[ 2041.557136][T32025]  do_vfs_ioctl+0x742/0x1720
[ 2041.561566][T32025]  ? ioctl_preallocate+0x250/0x250
[ 2041.566531][T32025]  ? __fget+0x407/0x490
[ 2041.570502][T32025]  ? fget_many+0x20/0x20
[ 2041.574697][T32025]  ? debug_smp_processor_id+0x20/0x20
[ 2041.579907][T32025]  ? security_file_ioctl+0x7d/0xa0
[ 2041.584850][T32025]  __x64_sys_ioctl+0xd4/0x110
[ 2041.589364][T32025]  do_syscall_64+0xca/0x1c0
[ 2041.593698][T32025]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2041.600701][T32025] ------------[ cut here ]------------
[ 2041.605991][T32025] WARNING: CPU: 1 PID: 32025 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2041.614910][T32025] Modules linked in:
[ 2041.618650][T32025] CPU: 1 PID: 32025 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2041.630101][T32025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2041.640019][T32025] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2041.645647][T32025] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2041.665081][T32025] RSP: 0018:ffff8881ec9a7a20 EFLAGS: 00010287
[ 2041.671131][T32025] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2041.678966][T32025] RDX: ffffc90000b43000 RSI: 000000000000a459 RDI: 000000000000a45a
[ 2041.686746][T32025] RBP: ffff8881ec9a7b58 R08: ffffffff8225122c R09: 0000000000000003
[ 2041.694557][T32025] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881e285d000
[ 2041.702368][T32025] R13: dffffc0000000000 R14: ffff8881e285d070 R15: 1ffff1103c50ba9d
[ 2041.710362][T32025] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2041.719120][T32025] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2041.725691][T32025] CR2: 00007fcb7193cd58 CR3: 00000001cd687000 CR4: 00000000003406a0
[ 2041.733495][T32025] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2041.741340][T32025] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2041.749111][T32025] Call Trace:
[ 2041.752245][T32025]  ? __warn+0x162/0x250
[ 2041.756233][T32025]  ? report_bug+0x3a1/0x4e0
[ 2041.760574][T32025]  ? __device_add_disk+0xea1/0x1220
[ 2041.765605][T32025]  ? __device_add_disk+0xea1/0x1220
[ 2041.770736][T32025]  ? do_invalid_op+0x6e/0x110
[ 2041.775242][T32025]  ? invalid_op+0x1e/0x30
[ 2041.779409][T32025]  ? __device_add_disk+0x5dc/0x1220
[ 2041.784443][T32025]  ? __device_add_disk+0xea1/0x1220
[ 2041.789473][T32025]  ? __device_add_disk+0xea1/0x1220
[ 2041.794912][T32025]  ? device_add_disk+0x30/0x30
[ 2041.799503][T32025]  ? vsprintf+0x30/0x30
[ 2041.803502][T32025]  ? __alloc_disk_node+0x459/0x5a0
[ 2041.808443][T32025]  loop_add+0x573/0x740
[ 2041.812460][T32025]  loop_control_ioctl+0x448/0x620
[ 2041.817299][T32025]  ? loop_remove+0xa0/0xa0
[ 2041.821661][T32025]  ? memset+0x1f/0x40
[ 2041.825470][T32025]  ? fsnotify+0x1280/0x1340
[ 2041.829815][T32025]  ? loop_remove+0xa0/0xa0
[ 2041.834097][T32025]  do_vfs_ioctl+0x742/0x1720
[ 2041.838489][T32025]  ? ioctl_preallocate+0x250/0x250
[ 2041.843547][T32025]  ? __fget+0x407/0x490
[ 2041.847534][T32025]  ? fget_many+0x20/0x20
03:34:14 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 46)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:14 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x400, @any, 0x12, 0x1}, 0xe)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:14 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)

03:34:14 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000040)=r4, 0x1)
bind$tipc(r1, 0x0, 0x0)

03:34:14 executing program 4:
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000007840)=[{0x7, 0x1, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/4096, 0x1000}, {&(0x7f0000001040)=""/84, 0x54}, {&(0x7f00000010c0)=""/195, 0xc3}, {&(0x7f00000011c0)=""/76, 0x4c}, {&(0x7f0000001240)=""/246, 0xf6}, {&(0x7f0000001340)=""/115, 0x73}, {&(0x7f00000013c0)=""/200, 0xc8}], &(0x7f0000001540)=[0x7, 0x8, 0x3f, 0x7e000000, 0xffff, 0x1, 0x2]}, {0x4, 0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000001580)=""/42, 0x2a}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f00000025c0)=""/209, 0xd1}, {&(0x7f00000026c0)=""/143, 0x8f}], &(0x7f00000027c0)=[0xffffffffffffffc1, 0x6, 0x7cf, 0x7, 0x1]}, {0x0, 0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000002800)=[0x9]}, {0x7, 0x1, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002840)=""/89, 0x59}, {&(0x7f00000028c0)=""/120, 0x78}, {&(0x7f0000002940)=""/96, 0x60}, {&(0x7f00000029c0)=""/98, 0x62}, {&(0x7f0000002a40)=""/105, 0x69}, {&(0x7f0000002ac0)=""/120, 0x78}, {&(0x7f0000002b40)=""/152, 0x98}], &(0x7f0000002c80)=[0x7fff, 0xb3f4]}, {0x3, 0x0, 0x0, &(0x7f0000002f40)=[{&(0x7f0000002cc0)=""/239, 0xef}, {&(0x7f0000002dc0)=""/90, 0x5a}, {&(0x7f0000002e40)=""/218, 0xda}], &(0x7f0000002f80)=[0xffffffff80000000, 0x20, 0x101, 0x800, 0xfffffffffffffffc, 0xfb, 0x8001, 0x100000001]}, {0x3, 0x0, 0x0, &(0x7f00000040c0)=[{&(0x7f0000002fc0)=""/4096, 0x1000}, {&(0x7f0000003fc0)=""/143, 0x8f}, {&(0x7f0000004080)=""/62, 0x3e}], &(0x7f0000004100)=[0x9, 0x7000000000000000, 0x8]}, {0x1, 0x0, 0x0, &(0x7f00000041c0)=[{&(0x7f0000004140)=""/119, 0x77}], &(0x7f0000004200)=[0x4, 0x4, 0x4fb4]}, {0x0, 0x1, 0x0, &(0x7f0000004240), &(0x7f0000004280)=[0x6a, 0x9, 0x2, 0x8000000000000000, 0x9, 0xf8a]}, {0x9, 0x0, 0x0, &(0x7f0000007740)=[{&(0x7f00000042c0)=""/223, 0xdf}, {&(0x7f00000043c0)=""/183, 0xb7}, {&(0x7f0000004480)=""/4096, 0x1000}, {&(0x7f0000005480)=""/4096, 0x1000}, {&(0x7f0000006480)=""/184, 0xb8}, {&(0x7f0000006540)=""/42, 0x2a}, {&(0x7f0000006580)=""/204, 0xcc}, {&(0x7f0000006680)=""/179, 0xb3}, {&(0x7f0000006740)=""/4096, 0x1000}], &(0x7f0000007800)=[0x80000001, 0x2, 0x7]}], 0x9)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000004240)=0x7, 0x4) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:14 executing program 1:
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:14 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:14 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x400, @any, 0x12, 0x1}, 0xe)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:14 executing program 1:
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:14 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/llc/core\x00')
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3)

03:34:14 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)

[ 2041.851610][T32025]  ? debug_smp_processor_id+0x20/0x20
[ 2041.856820][T32025]  ? security_file_ioctl+0x7d/0xa0
[ 2041.861781][T32025]  __x64_sys_ioctl+0xd4/0x110
[ 2041.866296][T32025]  do_syscall_64+0xca/0x1c0
[ 2041.870635][T32025]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2041.876348][T32025] ---[ end trace 47f897a1e9344b11 ]---
03:34:14 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x400, @any, 0x12, 0x1}, 0xe)
socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

[ 2041.970965][T32062] FAULT_INJECTION: forcing a failure.
[ 2041.970965][T32062] name failslab, interval 1, probability 0, space 0, times 0
[ 2041.983585][T32062] CPU: 0 PID: 32062 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2041.994919][T32062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2042.004933][T32062] Call Trace:
[ 2042.008075][T32062]  dump_stack+0x1d8/0x241
[ 2042.012225][T32062]  ? panic+0x896/0x896
[ 2042.016132][T32062]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2042.021782][T32062]  should_fail+0x71f/0x880
[ 2042.026032][T32062]  ? setup_fault_attr+0x3d0/0x3d0
[ 2042.030908][T32062]  ? device_add+0xb6/0xbb0
[ 2042.035141][T32062]  should_failslab+0x5/0x20
[ 2042.039491][T32062]  kmem_cache_alloc_trace+0x28/0x260
[ 2042.044602][T32062]  device_add+0xb6/0xbb0
[ 2042.048682][T32062]  device_create_vargs+0x1b9/0x210
[ 2042.053632][T32062]  device_create+0xea/0x130
[ 2042.057971][T32062]  ? device_create_vargs+0x210/0x210
[ 2042.063094][T32062]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2042.068646][T32062]  bdi_register_va+0x84/0x610
[ 2042.073159][T32062]  bdi_register+0xd1/0x120
[ 2042.077412][T32062]  ? __device_add_disk+0x551/0x1220
[ 2042.082445][T32062]  ? bdi_register_va+0x610/0x610
[ 2042.087220][T32062]  ? percpu_ref_resurrect+0x113/0x190
[ 2042.092430][T32062]  bdi_register_owner+0x55/0xf0
[ 2042.097115][T32062]  __device_add_disk+0x5d1/0x1220
[ 2042.101974][T32062]  ? device_add_disk+0x30/0x30
[ 2042.106570][T32062]  ? vsprintf+0x30/0x30
[ 2042.110571][T32062]  ? __alloc_disk_node+0x459/0x5a0
[ 2042.115518][T32062]  loop_add+0x573/0x740
[ 2042.119518][T32062]  loop_control_ioctl+0x448/0x620
[ 2042.124372][T32062]  ? loop_remove+0xa0/0xa0
[ 2042.128637][T32062]  ? memset+0x1f/0x40
[ 2042.132437][T32062]  ? fsnotify+0x1280/0x1340
[ 2042.136775][T32062]  ? loop_remove+0xa0/0xa0
[ 2042.141035][T32062]  do_vfs_ioctl+0x742/0x1720
[ 2042.145476][T32062]  ? ioctl_preallocate+0x250/0x250
[ 2042.150406][T32062]  ? __fget+0x407/0x490
[ 2042.154401][T32062]  ? fget_many+0x20/0x20
[ 2042.158477][T32062]  ? debug_smp_processor_id+0x20/0x20
[ 2042.163799][T32062]  ? security_file_ioctl+0x7d/0xa0
[ 2042.168725][T32062]  __x64_sys_ioctl+0xd4/0x110
[ 2042.173234][T32062]  do_syscall_64+0xca/0x1c0
[ 2042.177571][T32062]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2042.184530][T32062] ------------[ cut here ]------------
[ 2042.189831][T32062] WARNING: CPU: 0 PID: 32062 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2042.198738][T32062] Modules linked in:
[ 2042.202477][T32062] CPU: 0 PID: 32062 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2042.213928][T32062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2042.223850][T32062] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2042.229470][T32062] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2042.248911][T32062] RSP: 0018:ffff8881ea0c7a20 EFLAGS: 00010287
[ 2042.254925][T32062] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2042.262769][T32062] RDX: ffffc90000b43000 RSI: 00000000000090dc RDI: 00000000000090dd
[ 2042.270552][T32062] RBP: ffff8881ea0c7b58 R08: ffffffff8225122c R09: 0000000000000003
[ 2042.278361][T32062] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881caa78000
[ 2042.286174][T32062] R13: dffffc0000000000 R14: ffff8881caa78070 R15: 1ffff1103954f09d
[ 2042.293985][T32062] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2042.302750][T32062] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2042.309170][T32062] CR2: 00007fcb7195cff8 CR3: 00000001e66cb000 CR4: 00000000003406b0
[ 2042.316980][T32062] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2042.324791][T32062] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2042.332601][T32062] Call Trace:
[ 2042.335738][T32062]  ? __warn+0x162/0x250
[ 2042.339725][T32062]  ? report_bug+0x3a1/0x4e0
[ 2042.344065][T32062]  ? __device_add_disk+0xea1/0x1220
[ 2042.349099][T32062]  ? __device_add_disk+0xea1/0x1220
[ 2042.354131][T32062]  ? do_invalid_op+0x6e/0x110
[ 2042.358646][T32062]  ? invalid_op+0x1e/0x30
[ 2042.362813][T32062]  ? __device_add_disk+0x5dc/0x1220
[ 2042.367848][T32062]  ? __device_add_disk+0xea1/0x1220
[ 2042.372883][T32062]  ? __device_add_disk+0xea1/0x1220
[ 2042.377915][T32062]  ? device_add_disk+0x30/0x30
[ 2042.382513][T32062]  ? vsprintf+0x30/0x30
[ 2042.386507][T32062]  ? __alloc_disk_node+0x459/0x5a0
[ 2042.391453][T32062]  loop_add+0x573/0x740
[ 2042.395449][T32062]  loop_control_ioctl+0x448/0x620
[ 2042.400466][T32062]  ? loop_remove+0xa0/0xa0
[ 2042.404715][T32062]  ? memset+0x1f/0x40
[ 2042.408530][T32062]  ? fsnotify+0x1280/0x1340
[ 2042.412871][T32062]  ? loop_remove+0xa0/0xa0
[ 2042.417121][T32062]  do_vfs_ioctl+0x742/0x1720
03:34:15 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 47)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:15 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/llc/core\x00')
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x2) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='net/llc/core\x00') (async)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3) (async)

03:34:15 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x23, 0x3, 0x1}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:15 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:15 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2) (async)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)

03:34:15 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x680, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x8, 0xfffffb05, 0x3ff, 0x10, r1, 0x3, '\x00', 0x0, r2, 0x0, 0x4, 0x4}, 0x48)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f0000000140)=0x59, 0x4)

03:34:15 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x680, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x8, 0xfffffb05, 0x3ff, 0x10, r1, 0x3, '\x00', 0x0, r2, 0x0, 0x4, 0x4}, 0x48) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f0000000140)=0x59, 0x4)

[ 2042.421555][T32062]  ? ioctl_preallocate+0x250/0x250
[ 2042.426504][T32062]  ? __fget+0x407/0x490
[ 2042.430489][T32062]  ? fget_many+0x20/0x20
[ 2042.434567][T32062]  ? debug_smp_processor_id+0x20/0x20
[ 2042.439863][T32062]  ? security_file_ioctl+0x7d/0xa0
[ 2042.444818][T32062]  __x64_sys_ioctl+0xd4/0x110
[ 2042.449332][T32062]  do_syscall_64+0xca/0x1c0
[ 2042.454103][T32062]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2042.460028][T32062] ---[ end trace 47f897a1e9344b12 ]---
03:34:15 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:15 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/llc/core\x00')
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x2) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='net/llc/core\x00') (async)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3) (async)

03:34:15 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000000), 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)

03:34:15 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x23, 0x3, 0x1}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:15 executing program 5:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x680, 0x0) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x680, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x14, 0x8, 0xfffffb05, 0x3ff, 0x10, r1, 0x3, '\x00', 0x0, r2, 0x0, 0x4, 0x4}, 0x48)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f0000000140)=0x59, 0x4)

[ 2042.561030][T32096] FAULT_INJECTION: forcing a failure.
[ 2042.561030][T32096] name failslab, interval 1, probability 0, space 0, times 0
[ 2042.573564][T32096] CPU: 0 PID: 32096 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2042.584986][T32096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2042.594974][T32096] Call Trace:
[ 2042.598106][T32096]  dump_stack+0x1d8/0x241
[ 2042.602275][T32096]  ? panic+0x896/0x896
[ 2042.606350][T32096]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2042.611982][T32096]  ? unwind_next_frame+0x176a/0x1ea0
[ 2042.617105][T32096]  should_fail+0x71f/0x880
[ 2042.621365][T32096]  ? setup_fault_attr+0x3d0/0x3d0
[ 2042.626233][T32096]  ? deref_stack_reg+0x1f0/0x1f0
[ 2042.631008][T32096]  ? __unwind_start+0x708/0x890
[ 2042.635688][T32096]  ? __kernfs_new_node+0x99/0x6e0
[ 2042.640536][T32096]  should_failslab+0x5/0x20
[ 2042.644964][T32096]  __kmalloc_track_caller+0x4f/0x2b0
[ 2042.650098][T32096]  ? stack_trace_save+0x1c0/0x1c0
[ 2042.655031][T32096]  kstrdup_const+0x51/0x90
[ 2042.659630][T32096]  __kernfs_new_node+0x99/0x6e0
[ 2042.664347][T32096]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2042.670276][T32096]  ? kernfs_new_node+0x160/0x160
[ 2042.675108][T32096]  ? stack_trace_save+0x118/0x1c0
[ 2042.679960][T32096]  ? stack_trace_snprint+0x170/0x170
[ 2042.685080][T32096]  ? stack_trace_save+0x118/0x1c0
[ 2042.689944][T32096]  kernfs_create_dir_ns+0x90/0x220
[ 2042.694887][T32096]  sysfs_create_dir_ns+0x185/0x390
[ 2042.699846][T32096]  ? sysfs_warn_dup+0xa0/0xa0
[ 2042.704352][T32096]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2042.710258][T32096]  kobject_add_internal+0x6b7/0xca0
[ 2042.715287][T32096]  kobject_add+0x14e/0x210
[ 2042.719537][T32096]  ? _raw_spin_lock+0xa4/0x1b0
[ 2042.724150][T32096]  ? kobject_init+0x1d0/0x1d0
[ 2042.728647][T32096]  ? mutex_unlock+0x18/0x40
[ 2042.732986][T32096]  ? get_device_parent+0x293/0x400
[ 2042.737936][T32096]  device_add+0x3eb/0xbb0
[ 2042.742104][T32096]  device_create_vargs+0x1b9/0x210
[ 2042.747068][T32096]  device_create+0xea/0x130
[ 2042.751390][T32096]  ? device_create_vargs+0x210/0x210
[ 2042.756519][T32096]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2042.762089][T32096]  bdi_register_va+0x84/0x610
[ 2042.766580][T32096]  bdi_register+0xd1/0x120
[ 2042.770831][T32096]  ? __device_add_disk+0x551/0x1220
[ 2042.775863][T32096]  ? bdi_register_va+0x610/0x610
[ 2042.780637][T32096]  ? percpu_ref_resurrect+0x113/0x190
[ 2042.785848][T32096]  bdi_register_owner+0x55/0xf0
[ 2042.790529][T32096]  __device_add_disk+0x5d1/0x1220
[ 2042.795482][T32096]  ? device_add_disk+0x30/0x30
[ 2042.800085][T32096]  ? vsprintf+0x30/0x30
[ 2042.804080][T32096]  ? __alloc_disk_node+0x459/0x5a0
[ 2042.809026][T32096]  loop_add+0x573/0x740
[ 2042.813028][T32096]  loop_control_ioctl+0x448/0x620
[ 2042.817876][T32096]  ? loop_remove+0xa0/0xa0
[ 2042.822125][T32096]  ? memset+0x1f/0x40
[ 2042.825941][T32096]  ? fsnotify+0x1280/0x1340
[ 2042.830285][T32096]  ? loop_remove+0xa0/0xa0
[ 2042.834533][T32096]  do_vfs_ioctl+0x742/0x1720
[ 2042.838972][T32096]  ? ioctl_preallocate+0x250/0x250
[ 2042.843909][T32096]  ? __fget+0x407/0x490
[ 2042.847901][T32096]  ? fget_many+0x20/0x20
[ 2042.851977][T32096]  ? debug_smp_processor_id+0x20/0x20
[ 2042.857185][T32096]  ? security_file_ioctl+0x7d/0xa0
[ 2042.862133][T32096]  __x64_sys_ioctl+0xd4/0x110
[ 2042.866648][T32096]  do_syscall_64+0xca/0x1c0
[ 2042.870997][T32096]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2042.879806][T32096] kobject_add_internal failed for 7:0 (error: -12 parent: bdi)
[ 2042.887461][T32096] ------------[ cut here ]------------
[ 2042.892646][T32096] WARNING: CPU: 0 PID: 32096 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2042.901754][T32096] Modules linked in:
[ 2042.905501][T32096] CPU: 0 PID: 32096 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2042.916950][T32096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2042.926850][T32096] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2042.932494][T32096] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2042.952215][T32096] RSP: 0018:ffff8881cd46fa20 EFLAGS: 00010287
[ 2042.958117][T32096] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2042.966020][T32096] RDX: ffffc90000b43000 RSI: 000000000000cf9e RDI: 000000000000cf9f
[ 2042.973915][T32096] RBP: ffff8881cd46fb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2042.981723][T32096] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881d0dee000
[ 2042.989530][T32096] R13: dffffc0000000000 R14: ffff8881d0dee070 R15: 1ffff1103a1bdc9d
[ 2042.998217][T32096] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2043.007121][T32096] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2043.013729][T32096] CR2: 00007fcb7193cd58 CR3: 00000001ea307000 CR4: 00000000003406b0
[ 2043.021540][T32096] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2043.029350][T32096] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2043.037257][T32096] Call Trace:
[ 2043.040387][T32096]  ? __warn+0x162/0x250
[ 2043.044381][T32096]  ? report_bug+0x3a1/0x4e0
[ 2043.048722][T32096]  ? __device_add_disk+0xea1/0x1220
[ 2043.053745][T32096]  ? __device_add_disk+0xea1/0x1220
[ 2043.058779][T32096]  ? do_invalid_op+0x6e/0x110
[ 2043.063311][T32096]  ? invalid_op+0x1e/0x30
[ 2043.067462][T32096]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2043.073415][T32096]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2043.079576][T32096]  ? __device_add_disk+0x5dc/0x1220
[ 2043.084595][T32096]  ? __device_add_disk+0xea1/0x1220
[ 2043.089633][T32096]  ? __device_add_disk+0xea1/0x1220
[ 2043.094755][T32096]  ? device_add_disk+0x30/0x30
[ 2043.099353][T32096]  ? vsprintf+0x30/0x30
[ 2043.103359][T32096]  ? __alloc_disk_node+0x459/0x5a0
[ 2043.108300][T32096]  loop_add+0x573/0x740
[ 2043.112297][T32096]  loop_control_ioctl+0x448/0x620
[ 2043.117271][T32096]  ? loop_remove+0xa0/0xa0
[ 2043.121509][T32096]  ? memset+0x1f/0x40
[ 2043.125336][T32096]  ? fsnotify+0x1280/0x1340
[ 2043.129667][T32096]  ? loop_remove+0xa0/0xa0
[ 2043.133912][T32096]  do_vfs_ioctl+0x742/0x1720
[ 2043.138348][T32096]  ? ioctl_preallocate+0x250/0x250
[ 2043.143301][T32096]  ? __fget+0x407/0x490
[ 2043.147280][T32096]  ? fget_many+0x20/0x20
[ 2043.151357][T32096]  ? debug_smp_processor_id+0x20/0x20
[ 2043.156568][T32096]  ? security_file_ioctl+0x7d/0xa0
03:34:15 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 48)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:15 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x41, 0x1, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x2)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140)=0x800, 0x4)
syz_io_uring_setup(0x27ab, &(0x7f0000000040)={0x0, 0x9b4f, 0x400, 0x3, 0x166}, &(0x7f00000000c0), &(0x7f0000000100))
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000000)=0x5, 0x4)

03:34:15 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x7f4a, &(0x7f0000000040)={0x0, 0x83fa, 0x3fe5474df3ad0950, 0x3, 0x3aa}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:15 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:15 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x23, 0x3, 0x1}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r1) (async)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x23, 0x3, 0x1}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)

03:34:15 executing program 5:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_vs\x00')
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff)
accept4$tipc(r0, 0x0, &(0x7f0000000080), 0x80800)

03:34:15 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:15 executing program 5:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_vs\x00') (async)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_vs\x00')
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff)
accept4$tipc(r0, 0x0, &(0x7f0000000080), 0x80800)

03:34:15 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000040)=""/160)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @dev}, &(0x7f0000000180)=0xc)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x188, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8, 0x1, r1}, {0x16c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9cf}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}]}, 0x188}, 0x1, 0x0, 0x0, 0x40000}, 0x2)
bind$tipc(r0, 0x0, 0x0)

[ 2043.161517][T32096]  __x64_sys_ioctl+0xd4/0x110
[ 2043.166029][T32096]  do_syscall_64+0xca/0x1c0
[ 2043.170373][T32096]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2043.176099][T32096] ---[ end trace 47f897a1e9344b13 ]---
03:34:15 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x7f4a, &(0x7f0000000040)={0x0, 0x83fa, 0x3fe5474df3ad0950, 0x3, 0x3aa}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
syz_io_uring_setup(0x7f4a, &(0x7f0000000040)={0x0, 0x83fa, 0x3fe5474df3ad0950, 0x3, 0x3aa}, &(0x7f00000000c0), &(0x7f0000000100)) (async)
io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)

03:34:15 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x41, 0x1, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x2) (async)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140)=0x800, 0x4)
syz_io_uring_setup(0x27ab, &(0x7f0000000040)={0x0, 0x9b4f, 0x400, 0x3, 0x166}, &(0x7f00000000c0), &(0x7f0000000100))
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000000)=0x5, 0x4)

03:34:15 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2043.270903][T32136] FAULT_INJECTION: forcing a failure.
[ 2043.270903][T32136] name failslab, interval 1, probability 0, space 0, times 0
[ 2043.283498][T32136] CPU: 0 PID: 32136 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2043.295752][T32136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2043.305641][T32136] Call Trace:
[ 2043.308778][T32136]  dump_stack+0x1d8/0x241
[ 2043.313217][T32136]  ? panic+0x896/0x896
[ 2043.317164][T32136]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2043.322770][T32136]  should_fail+0x71f/0x880
[ 2043.327007][T32136]  ? setup_fault_attr+0x3d0/0x3d0
[ 2043.331856][T32136]  ? __kernfs_new_node+0xdb/0x6e0
[ 2043.336712][T32136]  should_failslab+0x5/0x20
[ 2043.341057][T32136]  kmem_cache_alloc+0x28/0x250
[ 2043.345834][T32136]  __kernfs_new_node+0xdb/0x6e0
[ 2043.350515][T32136]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2043.356419][T32136]  ? kernfs_new_node+0x160/0x160
[ 2043.361192][T32136]  ? stack_trace_save+0x118/0x1c0
[ 2043.366054][T32136]  ? stack_trace_snprint+0x170/0x170
[ 2043.371174][T32136]  ? stack_trace_save+0x118/0x1c0
[ 2043.376038][T32136]  kernfs_create_dir_ns+0x90/0x220
[ 2043.380980][T32136]  sysfs_create_dir_ns+0x185/0x390
[ 2043.385927][T32136]  ? sysfs_warn_dup+0xa0/0xa0
[ 2043.390449][T32136]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2043.396409][T32136]  kobject_add_internal+0x6b7/0xca0
[ 2043.401398][T32136]  kobject_add+0x14e/0x210
[ 2043.405661][T32136]  ? _raw_spin_lock+0xa4/0x1b0
[ 2043.410232][T32136]  ? kobject_init+0x1d0/0x1d0
[ 2043.414738][T32136]  ? mutex_unlock+0x18/0x40
[ 2043.419272][T32136]  ? get_device_parent+0x293/0x400
[ 2043.424205][T32136]  device_add+0x3eb/0xbb0
[ 2043.428453][T32136]  device_create_vargs+0x1b9/0x210
[ 2043.433410][T32136]  device_create+0xea/0x130
[ 2043.437746][T32136]  ? device_create_vargs+0x210/0x210
[ 2043.442876][T32136]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2043.448438][T32136]  bdi_register_va+0x84/0x610
[ 2043.453107][T32136]  bdi_register+0xd1/0x120
[ 2043.457355][T32136]  ? __device_add_disk+0x551/0x1220
[ 2043.462420][T32136]  ? bdi_register_va+0x610/0x610
[ 2043.467165][T32136]  ? percpu_ref_resurrect+0x113/0x190
[ 2043.472390][T32136]  bdi_register_owner+0x55/0xf0
[ 2043.477068][T32136]  __device_add_disk+0x5d1/0x1220
[ 2043.481936][T32136]  ? device_add_disk+0x30/0x30
[ 2043.486518][T32136]  ? vsprintf+0x30/0x30
[ 2043.490606][T32136]  ? __alloc_disk_node+0x459/0x5a0
[ 2043.495630][T32136]  loop_add+0x573/0x740
[ 2043.499627][T32136]  loop_control_ioctl+0x448/0x620
[ 2043.504482][T32136]  ? loop_remove+0xa0/0xa0
[ 2043.508739][T32136]  ? memset+0x1f/0x40
[ 2043.512555][T32136]  ? fsnotify+0x1280/0x1340
[ 2043.516891][T32136]  ? loop_remove+0xa0/0xa0
[ 2043.521236][T32136]  do_vfs_ioctl+0x742/0x1720
[ 2043.525666][T32136]  ? ioctl_preallocate+0x250/0x250
[ 2043.530609][T32136]  ? __fget+0x407/0x490
[ 2043.534600][T32136]  ? fget_many+0x20/0x20
[ 2043.538676][T32136]  ? debug_smp_processor_id+0x20/0x20
[ 2043.543976][T32136]  ? security_file_ioctl+0x7d/0xa0
[ 2043.548919][T32136]  __x64_sys_ioctl+0xd4/0x110
[ 2043.553448][T32136]  do_syscall_64+0xca/0x1c0
[ 2043.557778][T32136]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2043.563835][T32136] kobject_add_internal failed for 7:0 (error: -12 parent: bdi)
[ 2043.571632][T32136] ------------[ cut here ]------------
[ 2043.577107][T32136] WARNING: CPU: 0 PID: 32136 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2043.586041][T32136] Modules linked in:
[ 2043.589893][T32136] CPU: 0 PID: 32136 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2043.601353][T32136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2043.611765][T32136] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2043.617394][T32136] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2043.636834][T32136] RSP: 0018:ffff8881cb68fa20 EFLAGS: 00010283
[ 2043.642740][T32136] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2043.650547][T32136] RDX: ffffc90000b43000 RSI: 000000000000c29a RDI: 000000000000c29b
[ 2043.658448][T32136] RBP: ffff8881cb68fb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2043.666262][T32136] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881d0e37000
[ 2043.674071][T32136] R13: dffffc0000000000 R14: ffff8881d0e37070 R15: 1ffff1103a1c6e9d
[ 2043.681893][T32136] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2043.690654][T32136] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2043.697066][T32136] CR2: 00007fcb7195cff8 CR3: 00000001ea307000 CR4: 00000000003406b0
[ 2043.704998][T32136] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2043.712809][T32136] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2043.720613][T32136] Call Trace:
[ 2043.723747][T32136]  ? __warn+0x162/0x250
[ 2043.727918][T32136]  ? report_bug+0x3a1/0x4e0
[ 2043.732423][T32136]  ? __device_add_disk+0xea1/0x1220
[ 2043.737470][T32136]  ? __device_add_disk+0xea1/0x1220
[ 2043.742693][T32136]  ? do_invalid_op+0x6e/0x110
[ 2043.747208][T32136]  ? invalid_op+0x1e/0x30
[ 2043.751475][T32136]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2043.757117][T32136]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2043.763190][T32136]  ? __device_add_disk+0x5dc/0x1220
[ 2043.768246][T32136]  ? __device_add_disk+0xea1/0x1220
[ 2043.773336][T32136]  ? __device_add_disk+0xea1/0x1220
[ 2043.778377][T32136]  ? device_add_disk+0x30/0x30
[ 2043.782972][T32136]  ? vsprintf+0x30/0x30
[ 2043.787079][T32136]  ? __alloc_disk_node+0x459/0x5a0
[ 2043.792038][T32136]  loop_add+0x573/0x740
[ 2043.796037][T32136]  loop_control_ioctl+0x448/0x620
[ 2043.800881][T32136]  ? loop_remove+0xa0/0xa0
[ 2043.805134][T32136]  ? memset+0x1f/0x40
[ 2043.808961][T32136]  ? fsnotify+0x1280/0x1340
[ 2043.813291][T32136]  ? loop_remove+0xa0/0xa0
[ 2043.817544][T32136]  do_vfs_ioctl+0x742/0x1720
03:34:16 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 49)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:16 executing program 5:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_vs\x00')
ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) (async)
accept4$tipc(r0, 0x0, &(0x7f0000000080), 0x80800)

03:34:16 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000040)=""/160)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @dev}, &(0x7f0000000180)=0xc)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x188, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8, 0x1, r1}, {0x16c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9cf}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}]}, 0x188}, 0x1, 0x0, 0x0, 0x40000}, 0x2)
bind$tipc(r0, 0x0, 0x0)

03:34:16 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x41, 0x1, 0x1}, 0x10) (async)
bind$tipc(r0, 0x0, 0x2) (async)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140)=0x800, 0x4)
syz_io_uring_setup(0x27ab, &(0x7f0000000040)={0x0, 0x9b4f, 0x400, 0x3, 0x166}, &(0x7f00000000c0), &(0x7f0000000100)) (async)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000000)=0x5, 0x4)

03:34:16 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x7f4a, &(0x7f0000000040)={0x0, 0x83fa, 0x3fe5474df3ad0950, 0x3, 0x3aa}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:16 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000440)={&(0x7f0000001000)={[{&(0x7f0000000040)="8b49e54a9d4a4394c6a583c95d666924bbde06df665838ef3ffe224c54e3d9439dcf770264ba199417ddd6b323ab88e4ab43f35bac9198090e3bc3d48a0c2ec32e1fd9fb06340b3192c606ff81701a31c3c3463dfbd16f28484955ee5800e007fbf58c55ea2c28163819195dc88847061c8e597c1b238baf6921d22cffafdab8db01093a53a1d21b0f904dda8f75074af165b9867bfc6fa89c50be796ef84ae6d8d17ce42a6f417a410513862fd8", 0xae}, {&(0x7f0000000100)="8577a5a50eaaaf92c49e50a993d89e228714a942dcb2fb8776380e7cf5508e9e4a08b62f887f2fd29989c5992ce93eb976daa7d8a7b21a14de16971231978e89a9f396f2ca493685fb742e5460069a0828bc9f98ade852e0b068a318a855d043a7272c51353bdaf572ef52ff394c5152881bb316aeff6c83ffbc73a74518b3c54d06c13b7db5912390711c91d4ff41b240622b3045eb8e9ca5ea0b93cad66fdacaaa0bab7adc8d8ad9b30b35f54c274fec5831436c5952b06a834babf01085f556419debbdeaecc47978077987586c2aa4f3dd0db046cc0940e257700fcd4f078dcc8d1cbae73f534d6ff9cbc9f1092e03acba9d4c074105f24d", 0xfa, 0x2}, {&(0x7f0000000200)="5b65f869911fa92418d7c6361ab0497425b0f181ab9986d92bd4ea6f70625b80fcce58816cfeb041c90e64fae3e07ea9bbe136356483a970300981addf47dd9177b2d40fcf9598e10a4119daaa886c676a4205f6fbd89818d829965bc732315ac6c61e0727744973cf4c789b906dfe9ce509f16e18ddf0feb5e225254e6f3ecd798c515701fef24d5f89763ffab010a7d468245eb138616617a06179bdc935b545cdf377d882ef8856d75e9d155d940772149f976b90b919646de48c2672", 0xbe}, {&(0x7f00000002c0)="c4842863cc", 0x5, 0x1}, {&(0x7f0000000300)="99119066a8ed797dea3c7375ece23be88b7b4060150e8d4dfd36ecaa029a8a6acb3af13952", 0x25, 0x3}, {&(0x7f0000000340)="483740bcefd3b68415cd46a36c15f7eb9bc447a3872f58ecdd48240069cc83b4d4da7afeeffaffbd3deaf6031949e625842c3e39b6004ba159eca205c80f07e167d4e07184c2b3f2ce0c692cd991f01509aa6ef42d1460222d117615f197bb9a2841abb1c7b8e2dcdc733779c1a67e5f82c56920da16e698242d246438c307a2a28a2b9e20df9c281717742ca765351795", 0x91, 0x2}, {&(0x7f0000000400)="9eaa592566b6c61e3a69a27968cd632d20d42740250830aba8a1443d8a", 0x1d, 0x1}]}, 0x7, 0x2}, 0x1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:16 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000440)={&(0x7f0000001000)={[{&(0x7f0000000040)="8b49e54a9d4a4394c6a583c95d666924bbde06df665838ef3ffe224c54e3d9439dcf770264ba199417ddd6b323ab88e4ab43f35bac9198090e3bc3d48a0c2ec32e1fd9fb06340b3192c606ff81701a31c3c3463dfbd16f28484955ee5800e007fbf58c55ea2c28163819195dc88847061c8e597c1b238baf6921d22cffafdab8db01093a53a1d21b0f904dda8f75074af165b9867bfc6fa89c50be796ef84ae6d8d17ce42a6f417a410513862fd8", 0xae}, {&(0x7f0000000100)="8577a5a50eaaaf92c49e50a993d89e228714a942dcb2fb8776380e7cf5508e9e4a08b62f887f2fd29989c5992ce93eb976daa7d8a7b21a14de16971231978e89a9f396f2ca493685fb742e5460069a0828bc9f98ade852e0b068a318a855d043a7272c51353bdaf572ef52ff394c5152881bb316aeff6c83ffbc73a74518b3c54d06c13b7db5912390711c91d4ff41b240622b3045eb8e9ca5ea0b93cad66fdacaaa0bab7adc8d8ad9b30b35f54c274fec5831436c5952b06a834babf01085f556419debbdeaecc47978077987586c2aa4f3dd0db046cc0940e257700fcd4f078dcc8d1cbae73f534d6ff9cbc9f1092e03acba9d4c074105f24d", 0xfa, 0x2}, {&(0x7f0000000200)="5b65f869911fa92418d7c6361ab0497425b0f181ab9986d92bd4ea6f70625b80fcce58816cfeb041c90e64fae3e07ea9bbe136356483a970300981addf47dd9177b2d40fcf9598e10a4119daaa886c676a4205f6fbd89818d829965bc732315ac6c61e0727744973cf4c789b906dfe9ce509f16e18ddf0feb5e225254e6f3ecd798c515701fef24d5f89763ffab010a7d468245eb138616617a06179bdc935b545cdf377d882ef8856d75e9d155d940772149f976b90b919646de48c2672", 0xbe}, {&(0x7f00000002c0)="c4842863cc", 0x5, 0x1}, {&(0x7f0000000300)="99119066a8ed797dea3c7375ece23be88b7b4060150e8d4dfd36ecaa029a8a6acb3af13952", 0x25, 0x3}, {&(0x7f0000000340)="483740bcefd3b68415cd46a36c15f7eb9bc447a3872f58ecdd48240069cc83b4d4da7afeeffaffbd3deaf6031949e625842c3e39b6004ba159eca205c80f07e167d4e07184c2b3f2ce0c692cd991f01509aa6ef42d1460222d117615f197bb9a2841abb1c7b8e2dcdc733779c1a67e5f82c56920da16e698242d246438c307a2a28a2b9e20df9c281717742ca765351795", 0x91, 0x2}, {&(0x7f0000000400)="9eaa592566b6c61e3a69a27968cd632d20d42740250830aba8a1443d8a", 0x1d, 0x1}]}, 0x7, 0x2}, 0x1) (async)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000440)={&(0x7f0000001000)={[{&(0x7f0000000040)="8b49e54a9d4a4394c6a583c95d666924bbde06df665838ef3ffe224c54e3d9439dcf770264ba199417ddd6b323ab88e4ab43f35bac9198090e3bc3d48a0c2ec32e1fd9fb06340b3192c606ff81701a31c3c3463dfbd16f28484955ee5800e007fbf58c55ea2c28163819195dc88847061c8e597c1b238baf6921d22cffafdab8db01093a53a1d21b0f904dda8f75074af165b9867bfc6fa89c50be796ef84ae6d8d17ce42a6f417a410513862fd8", 0xae}, {&(0x7f0000000100)="8577a5a50eaaaf92c49e50a993d89e228714a942dcb2fb8776380e7cf5508e9e4a08b62f887f2fd29989c5992ce93eb976daa7d8a7b21a14de16971231978e89a9f396f2ca493685fb742e5460069a0828bc9f98ade852e0b068a318a855d043a7272c51353bdaf572ef52ff394c5152881bb316aeff6c83ffbc73a74518b3c54d06c13b7db5912390711c91d4ff41b240622b3045eb8e9ca5ea0b93cad66fdacaaa0bab7adc8d8ad9b30b35f54c274fec5831436c5952b06a834babf01085f556419debbdeaecc47978077987586c2aa4f3dd0db046cc0940e257700fcd4f078dcc8d1cbae73f534d6ff9cbc9f1092e03acba9d4c074105f24d", 0xfa, 0x2}, {&(0x7f0000000200)="5b65f869911fa92418d7c6361ab0497425b0f181ab9986d92bd4ea6f70625b80fcce58816cfeb041c90e64fae3e07ea9bbe136356483a970300981addf47dd9177b2d40fcf9598e10a4119daaa886c676a4205f6fbd89818d829965bc732315ac6c61e0727744973cf4c789b906dfe9ce509f16e18ddf0feb5e225254e6f3ecd798c515701fef24d5f89763ffab010a7d468245eb138616617a06179bdc935b545cdf377d882ef8856d75e9d155d940772149f976b90b919646de48c2672", 0xbe}, {&(0x7f00000002c0)="c4842863cc", 0x5, 0x1}, {&(0x7f0000000300)="99119066a8ed797dea3c7375ece23be88b7b4060150e8d4dfd36ecaa029a8a6acb3af13952", 0x25, 0x3}, {&(0x7f0000000340)="483740bcefd3b68415cd46a36c15f7eb9bc447a3872f58ecdd48240069cc83b4d4da7afeeffaffbd3deaf6031949e625842c3e39b6004ba159eca205c80f07e167d4e07184c2b3f2ce0c692cd991f01509aa6ef42d1460222d117615f197bb9a2841abb1c7b8e2dcdc733779c1a67e5f82c56920da16e698242d246438c307a2a28a2b9e20df9c281717742ca765351795", 0x91, 0x2}, {&(0x7f0000000400)="9eaa592566b6c61e3a69a27968cd632d20d42740250830aba8a1443d8a", 0x1d, 0x1}]}, 0x7, 0x2}, 0x1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

[ 2043.821973][T32136]  ? ioctl_preallocate+0x250/0x250
[ 2043.826923][T32136]  ? __fget+0x407/0x490
[ 2043.830909][T32136]  ? fget_many+0x20/0x20
[ 2043.834987][T32136]  ? debug_smp_processor_id+0x20/0x20
[ 2043.840286][T32136]  ? security_file_ioctl+0x7d/0xa0
[ 2043.845232][T32136]  __x64_sys_ioctl+0xd4/0x110
[ 2043.849746][T32136]  do_syscall_64+0xca/0x1c0
[ 2043.854084][T32136]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2043.859813][T32136] ---[ end trace 47f897a1e9344b14 ]---
03:34:16 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000140)=0x100, 0x4)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x4, 0x70bd28, 0x25dfdbfb, "", ["", "", "", "", "", "", ""]}, 0x10}}, 0x20008800)

03:34:16 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000040)=""/160)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={<r1=>0x0, @dev}, &(0x7f0000000180)=0xc)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x188, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8, 0x1, r1}, {0x16c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9cf}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}]}, 0x188}, 0x1, 0x0, 0x0, 0x40000}, 0x2)
bind$tipc(r0, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000040)=""/160) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000140)={0x0, @dev}, &(0x7f0000000180)=0xc) (async)
sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x188, 0x0, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [{{0x8, 0x1, r1}, {0x16c, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x9cf}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}]}, 0x188}, 0x1, 0x0, 0x0, 0x40000}, 0x2) (async)
bind$tipc(r0, 0x0, 0x0) (async)

03:34:16 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000000))
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)

03:34:16 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:16 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}, 0x1}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

[ 2043.960688][T32176] FAULT_INJECTION: forcing a failure.
[ 2043.960688][T32176] name failslab, interval 1, probability 0, space 0, times 0
[ 2043.973841][T32176] CPU: 0 PID: 32176 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2043.985276][T32176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2043.995167][T32176] Call Trace:
[ 2043.998306][T32176]  dump_stack+0x1d8/0x241
[ 2044.002460][T32176]  ? panic+0x896/0x896
[ 2044.006374][T32176]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2044.012011][T32176]  ? idr_alloc+0x2f0/0x2f0
[ 2044.016263][T32176]  should_fail+0x71f/0x880
[ 2044.020515][T32176]  ? setup_fault_attr+0x3d0/0x3d0
[ 2044.025376][T32176]  ? mutex_lock+0xa5/0x110
[ 2044.029628][T32176]  ? __kernfs_new_node+0xdb/0x6e0
[ 2044.034510][T32176]  should_failslab+0x5/0x20
[ 2044.038919][T32176]  kmem_cache_alloc+0x28/0x250
[ 2044.043518][T32176]  __kernfs_new_node+0xdb/0x6e0
[ 2044.048200][T32176]  ? mutex_unlock+0x18/0x40
[ 2044.052538][T32176]  ? kernfs_new_node+0x160/0x160
[ 2044.057322][T32176]  ? kernfs_create_dir_ns+0x1e0/0x220
[ 2044.062529][T32176]  ? sysfs_create_dir_ns+0x185/0x390
[ 2044.067643][T32176]  ? sysfs_create_dir_ns+0x1cb/0x390
[ 2044.072774][T32176]  kernfs_new_node+0x95/0x160
[ 2044.077329][T32176]  __kernfs_create_file+0x45/0x260
[ 2044.082344][T32176]  sysfs_add_file_mode_ns+0x292/0x340
[ 2044.087546][T32176]  sysfs_create_file_ns+0x196/0x2a0
[ 2044.092579][T32176]  ? sysfs_add_file_mode_ns+0x340/0x340
[ 2044.097966][T32176]  ? dev_fwnode+0x4c/0x80
[ 2044.102134][T32176]  ? device_create_file+0xea/0x1b0
[ 2044.107067][T32176]  device_add+0x4b2/0xbb0
[ 2044.111433][T32176]  device_create_vargs+0x1b9/0x210
[ 2044.116378][T32176]  device_create+0xea/0x130
[ 2044.120823][T32176]  ? device_create_vargs+0x210/0x210
[ 2044.125941][T32176]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2044.131490][T32176]  bdi_register_va+0x84/0x610
[ 2044.136099][T32176]  bdi_register+0xd1/0x120
[ 2044.140349][T32176]  ? __device_add_disk+0x551/0x1220
[ 2044.145373][T32176]  ? bdi_register_va+0x610/0x610
[ 2044.150142][T32176]  ? percpu_ref_resurrect+0x113/0x190
[ 2044.155434][T32176]  bdi_register_owner+0x55/0xf0
[ 2044.160118][T32176]  __device_add_disk+0x5d1/0x1220
[ 2044.164984][T32176]  ? device_add_disk+0x30/0x30
[ 2044.169576][T32176]  ? vsprintf+0x30/0x30
[ 2044.173590][T32176]  ? __alloc_disk_node+0x459/0x5a0
[ 2044.178523][T32176]  loop_add+0x573/0x740
[ 2044.182516][T32176]  loop_control_ioctl+0x448/0x620
[ 2044.187488][T32176]  ? loop_remove+0xa0/0xa0
[ 2044.191731][T32176]  ? memset+0x1f/0x40
[ 2044.195555][T32176]  ? fsnotify+0x1280/0x1340
[ 2044.199900][T32176]  ? loop_remove+0xa0/0xa0
[ 2044.204137][T32176]  do_vfs_ioctl+0x742/0x1720
[ 2044.208566][T32176]  ? ioctl_preallocate+0x250/0x250
[ 2044.213517][T32176]  ? __fget+0x407/0x490
[ 2044.217508][T32176]  ? fget_many+0x20/0x20
[ 2044.221581][T32176]  ? debug_smp_processor_id+0x20/0x20
[ 2044.226793][T32176]  ? security_file_ioctl+0x7d/0xa0
[ 2044.231741][T32176]  __x64_sys_ioctl+0xd4/0x110
[ 2044.236255][T32176]  do_syscall_64+0xca/0x1c0
[ 2044.240601][T32176]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2044.248119][T32176] ------------[ cut here ]------------
[ 2044.253413][T32176] WARNING: CPU: 0 PID: 32176 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2044.262333][T32176] Modules linked in:
[ 2044.266073][T32176] CPU: 0 PID: 32176 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2044.277528][T32176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2044.287434][T32176] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2044.293070][T32176] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2044.312511][T32176] RSP: 0018:ffff8881e9ad7a20 EFLAGS: 00010283
[ 2044.318408][T32176] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2044.326300][T32176] RDX: ffffc90000b43000 RSI: 000000000000bddb RDI: 000000000000bddc
[ 2044.334116][T32176] RBP: ffff8881e9ad7b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2044.341926][T32176] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881edf9b000
[ 2044.349747][T32176] R13: dffffc0000000000 R14: ffff8881edf9b070 R15: 1ffff1103dbf369d
[ 2044.357549][T32176] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2044.366316][T32176] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2044.372736][T32176] CR2: 00007fcb7193cd58 CR3: 00000001e3604000 CR4: 00000000003406b0
[ 2044.380553][T32176] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2044.388450][T32176] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2044.396258][T32176] Call Trace:
[ 2044.399398][T32176]  ? __warn+0x162/0x250
[ 2044.403389][T32176]  ? report_bug+0x3a1/0x4e0
[ 2044.407736][T32176]  ? __device_add_disk+0xea1/0x1220
[ 2044.412757][T32176]  ? __device_add_disk+0xea1/0x1220
[ 2044.417782][T32176]  ? do_invalid_op+0x6e/0x110
[ 2044.422387][T32176]  ? invalid_op+0x1e/0x30
[ 2044.426551][T32176]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2044.432191][T32176]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2044.438267][T32176]  ? __device_add_disk+0x5dc/0x1220
[ 2044.443298][T32176]  ? __device_add_disk+0xea1/0x1220
[ 2044.448336][T32176]  ? __device_add_disk+0xea1/0x1220
[ 2044.453371][T32176]  ? device_add_disk+0x30/0x30
[ 2044.457969][T32176]  ? vsprintf+0x30/0x30
[ 2044.461967][T32176]  ? __alloc_disk_node+0x459/0x5a0
[ 2044.467001][T32176]  loop_add+0x573/0x740
[ 2044.470993][T32176]  loop_control_ioctl+0x448/0x620
[ 2044.475881][T32176]  ? loop_remove+0xa0/0xa0
[ 2044.480189][T32176]  ? memset+0x1f/0x40
[ 2044.484108][T32176]  ? fsnotify+0x1280/0x1340
[ 2044.488563][T32176]  ? loop_remove+0xa0/0xa0
[ 2044.492804][T32176]  do_vfs_ioctl+0x742/0x1720
[ 2044.497226][T32176]  ? ioctl_preallocate+0x250/0x250
[ 2044.502177][T32176]  ? __fget+0x407/0x490
[ 2044.506172][T32176]  ? fget_many+0x20/0x20
03:34:17 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 50)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:17 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000140)=0x100, 0x4)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x4, 0x70bd28, 0x25dfdbfb, "", ["", "", "", "", "", "", ""]}, 0x10}}, 0x20008800)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000140)=0x100, 0x4) (async)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x4, 0x70bd28, 0x25dfdbfb, "", ["", "", "", "", "", "", ""]}, 0x10}}, 0x20008800) (async)

03:34:17 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000440)={&(0x7f0000001000)={[{&(0x7f0000000040)="8b49e54a9d4a4394c6a583c95d666924bbde06df665838ef3ffe224c54e3d9439dcf770264ba199417ddd6b323ab88e4ab43f35bac9198090e3bc3d48a0c2ec32e1fd9fb06340b3192c606ff81701a31c3c3463dfbd16f28484955ee5800e007fbf58c55ea2c28163819195dc88847061c8e597c1b238baf6921d22cffafdab8db01093a53a1d21b0f904dda8f75074af165b9867bfc6fa89c50be796ef84ae6d8d17ce42a6f417a410513862fd8", 0xae}, {&(0x7f0000000100)="8577a5a50eaaaf92c49e50a993d89e228714a942dcb2fb8776380e7cf5508e9e4a08b62f887f2fd29989c5992ce93eb976daa7d8a7b21a14de16971231978e89a9f396f2ca493685fb742e5460069a0828bc9f98ade852e0b068a318a855d043a7272c51353bdaf572ef52ff394c5152881bb316aeff6c83ffbc73a74518b3c54d06c13b7db5912390711c91d4ff41b240622b3045eb8e9ca5ea0b93cad66fdacaaa0bab7adc8d8ad9b30b35f54c274fec5831436c5952b06a834babf01085f556419debbdeaecc47978077987586c2aa4f3dd0db046cc0940e257700fcd4f078dcc8d1cbae73f534d6ff9cbc9f1092e03acba9d4c074105f24d", 0xfa, 0x2}, {&(0x7f0000000200)="5b65f869911fa92418d7c6361ab0497425b0f181ab9986d92bd4ea6f70625b80fcce58816cfeb041c90e64fae3e07ea9bbe136356483a970300981addf47dd9177b2d40fcf9598e10a4119daaa886c676a4205f6fbd89818d829965bc732315ac6c61e0727744973cf4c789b906dfe9ce509f16e18ddf0feb5e225254e6f3ecd798c515701fef24d5f89763ffab010a7d468245eb138616617a06179bdc935b545cdf377d882ef8856d75e9d155d940772149f976b90b919646de48c2672", 0xbe}, {&(0x7f00000002c0)="c4842863cc", 0x5, 0x1}, {&(0x7f0000000300)="99119066a8ed797dea3c7375ece23be88b7b4060150e8d4dfd36ecaa029a8a6acb3af13952", 0x25, 0x3}, {&(0x7f0000000340)="483740bcefd3b68415cd46a36c15f7eb9bc447a3872f58ecdd48240069cc83b4d4da7afeeffaffbd3deaf6031949e625842c3e39b6004ba159eca205c80f07e167d4e07184c2b3f2ce0c692cd991f01509aa6ef42d1460222d117615f197bb9a2841abb1c7b8e2dcdc733779c1a67e5f82c56920da16e698242d246438c307a2a28a2b9e20df9c281717742ca765351795", 0x91, 0x2}, {&(0x7f0000000400)="9eaa592566b6c61e3a69a27968cd632d20d42740250830aba8a1443d8a", 0x1d, 0x1}]}, 0x7, 0x2}, 0x1) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)

03:34:17 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000000))
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, 0x0, 0x2) (async)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000000)) (async)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) (async)

03:34:17 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)

03:34:17 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async, rerun: 32)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}, 0x1}}, 0x10) (rerun: 32)
bind$tipc(r0, 0x0, 0x0)

03:34:17 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async, rerun: 64)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4) (rerun: 64)

[ 2044.510252][T32176]  ? debug_smp_processor_id+0x20/0x20
[ 2044.515452][T32176]  ? security_file_ioctl+0x7d/0xa0
[ 2044.520423][T32176]  __x64_sys_ioctl+0xd4/0x110
[ 2044.524917][T32176]  do_syscall_64+0xca/0x1c0
[ 2044.529250][T32176]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2044.534975][T32176] ---[ end trace 47f897a1e9344b15 ]---
03:34:17 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000140)=0x100, 0x4) (async)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f5, 0x4, 0x70bd28, 0x25dfdbfb, "", ["", "", "", "", "", "", ""]}, 0x10}}, 0x20008800)

03:34:17 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x42, 0x2}, 0x1}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:17 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2) (async)
ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, &(0x7f0000000000)) (async)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)

03:34:17 executing program 5:
r0 = socket$tipc(0x1e, 0x5, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040))
getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x6)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/l2cap\x00')
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0)={0x43, 0x3, 0x4}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
accept4$tipc(r2, 0x0, &(0x7f00000001c0), 0x80800)
write$cgroup_int(r1, &(0x7f0000000100)=0xff, 0x12)

[ 2044.622307][T32213] FAULT_INJECTION: forcing a failure.
[ 2044.622307][T32213] name failslab, interval 1, probability 0, space 0, times 0
[ 2044.646228][T32213] CPU: 0 PID: 32213 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2044.657681][T32213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2044.667580][T32213] Call Trace:
03:34:17 executing program 3:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000000040)={0xc, {0x5f, "110c44e96dd606e8e534aea1c9313d35841959f9825f1241e750ba92f7a5a25999f915d6d3aeb722719dd7e2a5a16bb9e6b5b66e700d20730d56630bf649a3470cc462d73f031df1df106dcde2a546114e741ffdd5c740d142cf0f2b5d6c7f"}}, 0x65)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000100)={0x7, 0x4, 0x1ff, 0x0, 0xc0, 0x7, 0xfff9}, 0xc)

[ 2044.670966][T32213]  dump_stack+0x1d8/0x241
[ 2044.675184][T32213]  ? panic+0x896/0x896
[ 2044.679045][T32213]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2044.684695][T32213]  ? _raw_spin_lock+0xa4/0x1b0
[ 2044.689521][T32213]  should_fail+0x71f/0x880
[ 2044.694006][T32213]  ? security_kernfs_init_security+0x75/0x90
[ 2044.699804][T32213]  ? setup_fault_attr+0x3d0/0x3d0
[ 2044.704657][T32213]  ? mutex_lock+0xa5/0x110
[ 2044.708950][T32213]  ? __kernfs_new_node+0xdb/0x6e0
[ 2044.713774][T32213]  should_failslab+0x5/0x20
[ 2044.718118][T32213]  kmem_cache_alloc+0x28/0x250
[ 2044.722709][T32213]  __kernfs_new_node+0xdb/0x6e0
[ 2044.727401][T32213]  ? mutex_unlock+0x18/0x40
[ 2044.731739][T32213]  ? kernfs_new_node+0x160/0x160
[ 2044.736523][T32213]  ? __kernfs_create_file+0x1f4/0x260
[ 2044.741712][T32213]  ? sysfs_add_file_mode_ns+0x292/0x340
[ 2044.747084][T32213]  kernfs_new_node+0x95/0x160
[ 2044.751613][T32213]  kernfs_create_link+0x9e/0x1f0
[ 2044.756459][T32213]  sysfs_do_create_link_sd+0x85/0x100
[ 2044.761667][T32213]  device_add_class_symlinks+0xd6/0x2a0
[ 2044.767384][T32213]  device_add+0x4d3/0xbb0
[ 2044.771545][T32213]  device_create_vargs+0x1b9/0x210
[ 2044.776479][T32213]  device_create+0xea/0x130
[ 2044.780822][T32213]  ? device_create_vargs+0x210/0x210
[ 2044.785938][T32213]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2044.791496][T32213]  bdi_register_va+0x84/0x610
[ 2044.796018][T32213]  bdi_register+0xd1/0x120
[ 2044.800267][T32213]  ? __device_add_disk+0x551/0x1220
[ 2044.805293][T32213]  ? bdi_register_va+0x610/0x610
[ 2044.810287][T32213]  ? percpu_ref_resurrect+0x113/0x190
[ 2044.815489][T32213]  bdi_register_owner+0x55/0xf0
[ 2044.820186][T32213]  __device_add_disk+0x5d1/0x1220
[ 2044.825126][T32213]  ? device_add_disk+0x30/0x30
[ 2044.829943][T32213]  ? vsprintf+0x30/0x30
[ 2044.833924][T32213]  ? __alloc_disk_node+0x459/0x5a0
[ 2044.839072][T32213]  loop_add+0x573/0x740
[ 2044.843047][T32213]  loop_control_ioctl+0x448/0x620
[ 2044.848007][T32213]  ? loop_remove+0xa0/0xa0
[ 2044.852254][T32213]  ? memset+0x1f/0x40
[ 2044.856074][T32213]  ? fsnotify+0x1280/0x1340
[ 2044.860423][T32213]  ? loop_remove+0xa0/0xa0
[ 2044.864707][T32213]  do_vfs_ioctl+0x742/0x1720
[ 2044.869097][T32213]  ? ioctl_preallocate+0x250/0x250
[ 2044.874074][T32213]  ? __fget+0x407/0x490
[ 2044.878035][T32213]  ? fget_many+0x20/0x20
[ 2044.882110][T32213]  ? debug_smp_processor_id+0x20/0x20
[ 2044.887320][T32213]  ? security_file_ioctl+0x7d/0xa0
[ 2044.892266][T32213]  __x64_sys_ioctl+0xd4/0x110
[ 2044.896781][T32213]  do_syscall_64+0xca/0x1c0
[ 2044.901134][T32213]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2044.911662][T32213] ------------[ cut here ]------------
[ 2044.916963][T32213] WARNING: CPU: 1 PID: 32213 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2044.925886][T32213] Modules linked in:
[ 2044.929631][T32213] CPU: 1 PID: 32213 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2044.941310][T32213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2044.951245][T32213] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2044.956848][T32213] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2044.976703][T32213] RSP: 0018:ffff8881cd617a20 EFLAGS: 00010287
[ 2044.982608][T32213] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2044.990415][T32213] RDX: ffffc90000b43000 RSI: 000000000000b7b3 RDI: 000000000000b7b4
[ 2044.998376][T32213] RBP: ffff8881cd617b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2045.006321][T32213] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881e9a7c000
[ 2045.014277][T32213] R13: dffffc0000000000 R14: ffff8881e9a7c070 R15: 1ffff1103d34f89d
[ 2045.022086][T32213] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2045.030852][T32213] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2045.037271][T32213] CR2: 000000c001b57000 CR3: 00000001e602d000 CR4: 00000000003406a0
[ 2045.045178][T32213] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2045.052978][T32213] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2045.060787][T32213] Call Trace:
[ 2045.063926][T32213]  ? __warn+0x162/0x250
[ 2045.067916][T32213]  ? report_bug+0x3a1/0x4e0
[ 2045.072335][T32213]  ? __device_add_disk+0xea1/0x1220
[ 2045.077371][T32213]  ? __device_add_disk+0xea1/0x1220
[ 2045.082403][T32213]  ? do_invalid_op+0x6e/0x110
[ 2045.086926][T32213]  ? invalid_op+0x1e/0x30
[ 2045.091091][T32213]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2045.096744][T32213]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2045.102806][T32213]  ? __device_add_disk+0x5dc/0x1220
[ 2045.107842][T32213]  ? __device_add_disk+0xea1/0x1220
[ 2045.112869][T32213]  ? __device_add_disk+0xea1/0x1220
[ 2045.117914][T32213]  ? device_add_disk+0x30/0x30
[ 2045.122502][T32213]  ? vsprintf+0x30/0x30
[ 2045.126520][T32213]  ? __alloc_disk_node+0x459/0x5a0
[ 2045.131454][T32213]  loop_add+0x573/0x740
[ 2045.135437][T32213]  loop_control_ioctl+0x448/0x620
[ 2045.140302][T32213]  ? loop_remove+0xa0/0xa0
[ 2045.144684][T32213]  ? memset+0x1f/0x40
[ 2045.148499][T32213]  ? fsnotify+0x1280/0x1340
[ 2045.152835][T32213]  ? loop_remove+0xa0/0xa0
[ 2045.157086][T32213]  do_vfs_ioctl+0x742/0x1720
[ 2045.161519][T32213]  ? ioctl_preallocate+0x250/0x250
[ 2045.166462][T32213]  ? __fget+0x407/0x490
[ 2045.170459][T32213]  ? fget_many+0x20/0x20
03:34:17 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 51)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:17 executing program 1:
r0 = io_uring_setup(0x45cd, &(0x7f0000000040)={0x0, 0xa6a3, 0x200, 0x1, 0x2d1})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r2, 0x80605414, &(0x7f00000000c0))
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)

03:34:17 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)={0x2d4, r1, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x170, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffeba3}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x200}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x8, 0x7f, 0xf6, 0x5}]}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9445}}, {0x8}}}]}}]}, 0x2d4}, 0x1, 0x0, 0x0, 0x8000}, 0x4001)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000440))

03:34:17 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f00000005c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000800)=ANY=[@ANYRESDEC=r1, @ANYRES16=0x0, @ANYBLOB="004827bd7000fedbdf25020000000800010099fbd7616447aa1db782717143c886815b14d38380c1fa9c50f256d64d9e76f3bc9a49577e64f4c227e76cdb7405d26a85fea492f246239c5f3f09ec8e91f4d29c569704c180ed58ec809c2a96ec218d02b57753b850c9a434cafdbbf00cd90dc621f39ff250ebfeb9b98566ebc29f3e", @ANYRES32=0x0, @ANYBLOB="bc0002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400ffffffff080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040002000000080007000000000008000100", @ANYRES16=r0, @ANYBLOB="7c0002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="3c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000"], 0x15c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
r4 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000002c0)={0x3ff, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/94, 0x5e}, {&(0x7f0000000140)=""/240, 0xf0}], &(0x7f0000000640)=[0x2040513b, 0x5, 0x9, 0x8, 0x4, 0x7, 0x9, 0x7], 0x2}, 0x20)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000600)=0x8, 0x4)

03:34:17 executing program 3:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000000040)={0xc, {0x5f, "110c44e96dd606e8e534aea1c9313d35841959f9825f1241e750ba92f7a5a25999f915d6d3aeb722719dd7e2a5a16bb9e6b5b66e700d20730d56630bf649a3470cc462d73f031df1df106dcde2a546114e741ffdd5c740d142cf0f2b5d6c7f"}}, 0x65)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000100)={0x7, 0x4, 0x1ff, 0x0, 0xc0, 0x7, 0xfff9}, 0xc)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) (async)
write$UHID_INPUT2(r0, &(0x7f0000000040)={0xc, {0x5f, "110c44e96dd606e8e534aea1c9313d35841959f9825f1241e750ba92f7a5a25999f915d6d3aeb722719dd7e2a5a16bb9e6b5b66e700d20730d56630bf649a3470cc462d73f031df1df106dcde2a546114e741ffdd5c740d142cf0f2b5d6c7f"}}, 0x65) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, 0x0, 0x2) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0) (async)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000100)={0x7, 0x4, 0x1ff, 0x0, 0xc0, 0x7, 0xfff9}, 0xc) (async)

03:34:17 executing program 5:
r0 = socket$tipc(0x1e, 0x5, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x6)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/l2cap\x00')
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0)={0x43, 0x3, 0x4}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
accept4$tipc(r2, 0x0, &(0x7f00000001c0), 0x80800) (async, rerun: 64)
write$cgroup_int(r1, &(0x7f0000000100)=0xff, 0x12) (rerun: 64)

03:34:17 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f00000005c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000800)=ANY=[@ANYRESDEC=r1, @ANYRES16=0x0, @ANYBLOB="004827bd7000fedbdf25020000000800010099fbd7616447aa1db782717143c886815b14d38380c1fa9c50f256d64d9e76f3bc9a49577e64f4c227e76cdb7405d26a85fea492f246239c5f3f09ec8e91f4d29c569704c180ed58ec809c2a96ec218d02b57753b850c9a434cafdbbf00cd90dc621f39ff250ebfeb9b98566ebc29f3e", @ANYRES32=0x0, @ANYBLOB="bc0002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400ffffffff080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040002000000080007000000000008000100", @ANYRES16=r0, @ANYBLOB="7c0002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="3c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000"], 0x15c}, 0x1, 0x0, 0x0, 0x40}, 0x80) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f00000005c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000800)=ANY=[@ANYRESDEC=r1, @ANYRES16=0x0, @ANYBLOB="004827bd7000fedbdf25020000000800010099fbd7616447aa1db782717143c886815b14d38380c1fa9c50f256d64d9e76f3bc9a49577e64f4c227e76cdb7405d26a85fea492f246239c5f3f09ec8e91f4d29c569704c180ed58ec809c2a96ec218d02b57753b850c9a434cafdbbf00cd90dc621f39ff250ebfeb9b98566ebc29f3e", @ANYRES32=0x0, @ANYBLOB="bc0002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400ffffffff080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040002000000080007000000000008000100", @ANYRES16=r0, @ANYBLOB="7c0002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="3c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000"], 0x15c}, 0x1, 0x0, 0x0, 0x40}, 0x80)
r4 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000002c0)={0x3ff, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/94, 0x5e}, {&(0x7f0000000140)=""/240, 0xf0}], &(0x7f0000000640)=[0x2040513b, 0x5, 0x9, 0x8, 0x4, 0x7, 0x9, 0x7], 0x2}, 0x20) (async)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000002c0)={0x3ff, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/94, 0x5e}, {&(0x7f0000000140)=""/240, 0xf0}], &(0x7f0000000640)=[0x2040513b, 0x5, 0x9, 0x8, 0x4, 0x7, 0x9, 0x7], 0x2}, 0x20)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000600)=0x8, 0x4)

[ 2045.174534][T32213]  ? debug_smp_processor_id+0x20/0x20
[ 2045.179740][T32213]  ? security_file_ioctl+0x7d/0xa0
[ 2045.184774][T32213]  __x64_sys_ioctl+0xd4/0x110
[ 2045.189291][T32213]  do_syscall_64+0xca/0x1c0
[ 2045.193635][T32213]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2045.199353][T32213] ---[ end trace 47f897a1e9344b16 ]---
03:34:17 executing program 1:
r0 = io_uring_setup(0x45cd, &(0x7f0000000040)={0x0, 0xa6a3, 0x200, 0x1, 0x2d1})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r2, 0x80605414, &(0x7f00000000c0))
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)
io_uring_setup(0x45cd, &(0x7f0000000040)={0x0, 0xa6a3, 0x200, 0x1, 0x2d1}) (async)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r2, 0x80605414, &(0x7f00000000c0)) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r1, 0x0, 0x0) (async)

03:34:17 executing program 5:
r0 = socket$tipc(0x1e, 0x5, 0x0) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x6) (async)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/l2cap\x00')
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0)={0x43, 0x3, 0x4}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async, rerun: 64)
accept4$tipc(r2, 0x0, &(0x7f00000001c0), 0x80800) (async, rerun: 64)
write$cgroup_int(r1, &(0x7f0000000100)=0xff, 0x12)

03:34:17 executing program 3:
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000000040)={0xc, {0x5f, "110c44e96dd606e8e534aea1c9313d35841959f9825f1241e750ba92f7a5a25999f915d6d3aeb722719dd7e2a5a16bb9e6b5b66e700d20730d56630bf649a3470cc462d73f031df1df106dcde2a546114e741ffdd5c740d142cf0f2b5d6c7f"}}, 0x65) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, 0x0, 0x2)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000100)={0x7, 0x4, 0x1ff, 0x0, 0xc0, 0x7, 0xfff9}, 0xc)

03:34:17 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff) (async)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)={0x2d4, r1, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x170, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffeba3}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x200}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x8, 0x7f, 0xf6, 0x5}]}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9445}}, {0x8}}}]}}]}, 0x2d4}, 0x1, 0x0, 0x0, 0x8000}, 0x4001)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000440))

03:34:18 executing program 1:
r0 = io_uring_setup(0x45cd, &(0x7f0000000040)={0x0, 0xa6a3, 0x200, 0x1, 0x2d1})
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0) (async)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r2, 0x80605414, &(0x7f00000000c0))
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)

[ 2045.300746][T32256] FAULT_INJECTION: forcing a failure.
[ 2045.300746][T32256] name failslab, interval 1, probability 0, space 0, times 0
[ 2045.319569][T32256] CPU: 1 PID: 32256 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2045.331028][T32256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2045.340924][T32256] Call Trace:
[ 2045.344102][T32256]  dump_stack+0x1d8/0x241
[ 2045.348209][T32256]  ? panic+0x896/0x896
[ 2045.352114][T32256]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2045.357763][T32256]  ? mutex_unlock+0x18/0x40
[ 2045.362091][T32256]  ? kernfs_xattr_get+0x81/0x90
[ 2045.366780][T32256]  should_fail+0x71f/0x880
[ 2045.371036][T32256]  ? setup_fault_attr+0x3d0/0x3d0
[ 2045.375894][T32256]  ? idr_alloc+0x2f0/0x2f0
[ 2045.380144][T32256]  ? __kernfs_new_node+0x99/0x6e0
[ 2045.385092][T32256]  should_failslab+0x5/0x20
[ 2045.389438][T32256]  __kmalloc_track_caller+0x4f/0x2b0
[ 2045.394554][T32256]  kstrdup_const+0x51/0x90
[ 2045.398803][T32256]  __kernfs_new_node+0x99/0x6e0
[ 2045.403502][T32256]  ? kernfs_new_node+0x160/0x160
[ 2045.408282][T32256]  ? mutex_lock+0xa5/0x110
[ 2045.412527][T32256]  ? mutex_trylock+0xa0/0xa0
[ 2045.416976][T32256]  ? kernfs_activate+0x2fe/0x320
[ 2045.421720][T32256]  kernfs_new_node+0x95/0x160
[ 2045.426234][T32256]  kernfs_create_link+0x9e/0x1f0
[ 2045.431008][T32256]  sysfs_do_create_link_sd+0x85/0x100
[ 2045.436300][T32256]  device_add_class_symlinks+0x211/0x2a0
[ 2045.441772][T32256]  device_add+0x4d3/0xbb0
[ 2045.446099][T32256]  device_create_vargs+0x1b9/0x210
[ 2045.451035][T32256]  device_create+0xea/0x130
[ 2045.455367][T32256]  ? device_create_vargs+0x210/0x210
[ 2045.460498][T32256]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2045.466042][T32256]  bdi_register_va+0x84/0x610
[ 2045.470903][T32256]  bdi_register+0xd1/0x120
[ 2045.475151][T32256]  ? __device_add_disk+0x551/0x1220
[ 2045.480183][T32256]  ? bdi_register_va+0x610/0x610
[ 2045.484955][T32256]  ? percpu_ref_resurrect+0x113/0x190
[ 2045.490165][T32256]  bdi_register_owner+0x55/0xf0
[ 2045.494852][T32256]  __device_add_disk+0x5d1/0x1220
[ 2045.499836][T32256]  ? device_add_disk+0x30/0x30
[ 2045.504435][T32256]  ? vsprintf+0x30/0x30
[ 2045.508431][T32256]  ? __alloc_disk_node+0x459/0x5a0
[ 2045.513376][T32256]  loop_add+0x573/0x740
[ 2045.517394][T32256]  loop_control_ioctl+0x448/0x620
[ 2045.522230][T32256]  ? loop_remove+0xa0/0xa0
[ 2045.526481][T32256]  ? memset+0x1f/0x40
[ 2045.530298][T32256]  ? fsnotify+0x1280/0x1340
[ 2045.534641][T32256]  ? loop_remove+0xa0/0xa0
[ 2045.538893][T32256]  do_vfs_ioctl+0x742/0x1720
[ 2045.543405][T32256]  ? ioctl_preallocate+0x250/0x250
[ 2045.548438][T32256]  ? __fget+0x407/0x490
[ 2045.552432][T32256]  ? fget_many+0x20/0x20
[ 2045.556510][T32256]  ? debug_smp_processor_id+0x20/0x20
[ 2045.561718][T32256]  ? security_file_ioctl+0x7d/0xa0
[ 2045.566666][T32256]  __x64_sys_ioctl+0xd4/0x110
[ 2045.571199][T32256]  do_syscall_64+0xca/0x1c0
[ 2045.575629][T32256]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2045.585860][T32256] ------------[ cut here ]------------
[ 2045.591171][T32256] WARNING: CPU: 1 PID: 32256 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2045.600078][T32256] Modules linked in:
[ 2045.603817][T32256] CPU: 1 PID: 32256 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2045.615272][T32256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2045.625176][T32256] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2045.630808][T32256] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2045.650250][T32256] RSP: 0018:ffff8881e0e77a20 EFLAGS: 00010287
[ 2045.656151][T32256] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2045.663960][T32256] RDX: ffffc90000b43000 RSI: 000000000000baa8 RDI: 000000000000baa9
[ 2045.671773][T32256] RBP: ffff8881e0e77b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2045.679580][T32256] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881d1288000
[ 2045.687392][T32256] R13: dffffc0000000000 R14: ffff8881d1288070 R15: 1ffff1103a25109d
[ 2045.695202][T32256] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2045.703969][T32256] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2045.710391][T32256] CR2: 00007fcb7193cd58 CR3: 00000001e9871000 CR4: 00000000003406a0
[ 2045.718226][T32256] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2045.726128][T32256] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2045.733937][T32256] Call Trace:
[ 2045.737082][T32256]  ? __warn+0x162/0x250
[ 2045.741066][T32256]  ? report_bug+0x3a1/0x4e0
[ 2045.745400][T32256]  ? __device_add_disk+0xea1/0x1220
[ 2045.750434][T32256]  ? __device_add_disk+0xea1/0x1220
[ 2045.755469][T32256]  ? do_invalid_op+0x6e/0x110
[ 2045.759989][T32256]  ? invalid_op+0x1e/0x30
[ 2045.764149][T32256]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2045.769791][T32256]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2045.775901][T32256]  ? __device_add_disk+0x5dc/0x1220
[ 2045.780911][T32256]  ? __device_add_disk+0xea1/0x1220
[ 2045.785936][T32256]  ? __device_add_disk+0xea1/0x1220
[ 2045.790970][T32256]  ? device_add_disk+0x30/0x30
[ 2045.795590][T32256]  ? vsprintf+0x30/0x30
[ 2045.799699][T32256]  ? __alloc_disk_node+0x459/0x5a0
[ 2045.804631][T32256]  loop_add+0x573/0x740
[ 2045.808626][T32256]  loop_control_ioctl+0x448/0x620
[ 2045.813520][T32256]  ? loop_remove+0xa0/0xa0
[ 2045.817743][T32256]  ? memset+0x1f/0x40
[ 2045.821554][T32256]  ? fsnotify+0x1280/0x1340
[ 2045.825903][T32256]  ? loop_remove+0xa0/0xa0
[ 2045.830249][T32256]  do_vfs_ioctl+0x742/0x1720
[ 2045.834771][T32256]  ? ioctl_preallocate+0x250/0x250
[ 2045.839719][T32256]  ? __fget+0x407/0x490
[ 2045.843698][T32256]  ? fget_many+0x20/0x20
[ 2045.847779][T32256]  ? debug_smp_processor_id+0x20/0x20
03:34:18 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 52)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:18 executing program 5:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:18 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f00000005c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000800)=ANY=[@ANYRESDEC=r1, @ANYRES16=0x0, @ANYBLOB="004827bd7000fedbdf25020000000800010099fbd7616447aa1db782717143c886815b14d38380c1fa9c50f256d64d9e76f3bc9a49577e64f4c227e76cdb7405d26a85fea492f246239c5f3f09ec8e91f4d29c569704c180ed58ec809c2a96ec218d02b57753b850c9a434cafdbbf00cd90dc621f39ff250ebfeb9b98566ebc29f3e", @ANYRES32=0x0, @ANYBLOB="bc0002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400ffffffff080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040002000000080007000000000008000100", @ANYRES16=r0, @ANYBLOB="7c0002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r3, @ANYBLOB="3c000100240001006c625f74785f6d6574686f6400000000000000000000000000000000000000000500030005000000090004006861736800000000"], 0x15c}, 0x1, 0x0, 0x0, 0x40}, 0x80) (async)
r4 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async, rerun: 32)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000002c0)={0x3ff, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/94, 0x5e}, {&(0x7f0000000140)=""/240, 0xf0}], &(0x7f0000000640)=[0x2040513b, 0x5, 0x9, 0x8, 0x4, 0x7, 0x9, 0x7], 0x2}, 0x20) (async, rerun: 32)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000600)=0x8, 0x4)

03:34:18 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x2, 0x2}}, 0x10)

03:34:18 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)={0x2d4, r1, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x170, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffeba3}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x200}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x8, 0x7f, 0xf6, 0x5}]}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9445}}, {0x8}}}]}}]}, 0x2d4}, 0x1, 0x0, 0x0, 0x8000}, 0x4001)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000440))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)={0x2d4, r1, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [{{0x8}, {0x7c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x170, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffeba3}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x200}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0xc, 0x4, [{0x8, 0x7f, 0xf6, 0x5}]}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x9445}}, {0x8}}}]}}]}, 0x2d4}, 0x1, 0x0, 0x0, 0x8000}, 0x4001) (async)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000440)) (async)

03:34:18 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x0)

[ 2045.852997][T32256]  ? security_file_ioctl+0x7d/0xa0
[ 2045.858023][T32256]  __x64_sys_ioctl+0xd4/0x110
[ 2045.862560][T32256]  do_syscall_64+0xca/0x1c0
[ 2045.866873][T32256]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2045.872597][T32256] ---[ end trace 47f897a1e9344b17 ]---
03:34:18 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x2, 0x2}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, 0x0, 0x2) (async)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x2, 0x2}}, 0x10) (async)

03:34:18 executing program 5:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:18 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:18 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async, rerun: 32)
socket$tipc(0x1e, 0x2, 0x0) (rerun: 32)
bind$tipc(r0, 0x0, 0x0)

03:34:18 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:18 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x2, 0x2}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x2, 0x2}}, 0x10)

[ 2045.992902][T32319] FAULT_INJECTION: forcing a failure.
[ 2045.992902][T32319] name failslab, interval 1, probability 0, space 0, times 0
[ 2046.010333][T32319] CPU: 1 PID: 32319 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2046.021778][T32319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2046.031669][T32319] Call Trace:
[ 2046.034879][T32319]  dump_stack+0x1d8/0x241
[ 2046.038960][T32319]  ? panic+0x896/0x896
[ 2046.042868][T32319]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2046.048513][T32319]  ? _raw_spin_lock+0xa4/0x1b0
[ 2046.053112][T32319]  should_fail+0x71f/0x880
[ 2046.057373][T32319]  ? security_kernfs_init_security+0x75/0x90
[ 2046.063196][T32319]  ? setup_fault_attr+0x3d0/0x3d0
[ 2046.068073][T32319]  ? mutex_lock+0xa5/0x110
[ 2046.072299][T32319]  ? __kernfs_new_node+0xdb/0x6e0
[ 2046.077248][T32319]  should_failslab+0x5/0x20
[ 2046.081581][T32319]  kmem_cache_alloc+0x28/0x250
[ 2046.086186][T32319]  __kernfs_new_node+0xdb/0x6e0
[ 2046.091007][T32319]  ? mutex_unlock+0x18/0x40
[ 2046.095334][T32319]  ? kernfs_new_node+0x160/0x160
[ 2046.100209][T32319]  ? __kernfs_create_file+0x1f4/0x260
[ 2046.105731][T32319]  ? sysfs_add_file_mode_ns+0x292/0x340
[ 2046.111107][T32319]  kernfs_new_node+0x95/0x160
[ 2046.115703][T32319]  kernfs_create_link+0x9e/0x1f0
[ 2046.120563][T32319]  sysfs_do_create_link_sd+0x85/0x100
[ 2046.125767][T32319]  device_add_class_symlinks+0xd6/0x2a0
[ 2046.131151][T32319]  device_add+0x4d3/0xbb0
[ 2046.135321][T32319]  device_create_vargs+0x1b9/0x210
[ 2046.140282][T32319]  device_create+0xea/0x130
[ 2046.144617][T32319]  ? device_create_vargs+0x210/0x210
[ 2046.149727][T32319]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2046.155297][T32319]  bdi_register_va+0x84/0x610
[ 2046.159787][T32319]  bdi_register+0xd1/0x120
[ 2046.164048][T32319]  ? __device_add_disk+0x551/0x1220
[ 2046.169085][T32319]  ? bdi_register_va+0x610/0x610
[ 2046.173853][T32319]  ? percpu_ref_resurrect+0x113/0x190
[ 2046.179055][T32319]  bdi_register_owner+0x55/0xf0
[ 2046.183739][T32319]  __device_add_disk+0x5d1/0x1220
[ 2046.188616][T32319]  ? device_add_disk+0x30/0x30
[ 2046.193203][T32319]  ? vsprintf+0x30/0x30
[ 2046.197191][T32319]  ? __alloc_disk_node+0x459/0x5a0
[ 2046.202232][T32319]  loop_add+0x573/0x740
[ 2046.206225][T32319]  loop_control_ioctl+0x448/0x620
[ 2046.211174][T32319]  ? loop_remove+0xa0/0xa0
[ 2046.215429][T32319]  ? memset+0x1f/0x40
[ 2046.219245][T32319]  ? fsnotify+0x1280/0x1340
[ 2046.223584][T32319]  ? loop_remove+0xa0/0xa0
[ 2046.227929][T32319]  do_vfs_ioctl+0x742/0x1720
[ 2046.232358][T32319]  ? ioctl_preallocate+0x250/0x250
[ 2046.237299][T32319]  ? __fget+0x407/0x490
[ 2046.241316][T32319]  ? fget_many+0x20/0x20
[ 2046.245373][T32319]  ? debug_smp_processor_id+0x20/0x20
[ 2046.250681][T32319]  ? security_file_ioctl+0x7d/0xa0
[ 2046.255619][T32319]  __x64_sys_ioctl+0xd4/0x110
[ 2046.260128][T32319]  do_syscall_64+0xca/0x1c0
[ 2046.264469][T32319]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2046.272627][T32319] ------------[ cut here ]------------
[ 2046.277926][T32319] WARNING: CPU: 0 PID: 32319 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2046.286831][T32319] Modules linked in:
[ 2046.290572][T32319] CPU: 0 PID: 32319 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2046.302080][T32319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2046.312021][T32319] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2046.317651][T32319] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2046.337214][T32319] RSP: 0018:ffff8881e266fa20 EFLAGS: 00010283
[ 2046.343122][T32319] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2046.350925][T32319] RDX: ffffc90001347000 RSI: 000000000000b83d RDI: 000000000000b83e
[ 2046.358822][T32319] RBP: ffff8881e266fb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2046.366880][T32319] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881e5cbf000
[ 2046.374660][T32319] R13: dffffc0000000000 R14: ffff8881e5cbf070 R15: 1ffff1103cb97e9d
[ 2046.382473][T32319] FS:  00007fcb7193c6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2046.391239][T32319] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2046.397658][T32319] CR2: 0000001b32a21000 CR3: 00000001e9871000 CR4: 00000000003406b0
[ 2046.405477][T32319] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2046.413282][T32319] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2046.421107][T32319] Call Trace:
[ 2046.424228][T32319]  ? __warn+0x162/0x250
[ 2046.428243][T32319]  ? report_bug+0x3a1/0x4e0
[ 2046.432555][T32319]  ? __device_add_disk+0xea1/0x1220
[ 2046.437707][T32319]  ? __device_add_disk+0xea1/0x1220
[ 2046.442731][T32319]  ? do_invalid_op+0x6e/0x110
[ 2046.447253][T32319]  ? invalid_op+0x1e/0x30
[ 2046.451427][T32319]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2046.457061][T32319]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2046.463135][T32319]  ? __device_add_disk+0x5dc/0x1220
[ 2046.468160][T32319]  ? __device_add_disk+0xea1/0x1220
[ 2046.473195][T32319]  ? __device_add_disk+0xea1/0x1220
[ 2046.478237][T32319]  ? device_add_disk+0x30/0x30
[ 2046.482827][T32319]  ? vsprintf+0x30/0x30
[ 2046.486838][T32319]  ? __alloc_disk_node+0x459/0x5a0
[ 2046.491798][T32319]  loop_add+0x573/0x740
[ 2046.495851][T32319]  loop_control_ioctl+0x448/0x620
[ 2046.500707][T32319]  ? loop_remove+0xa0/0xa0
[ 2046.504966][T32319]  ? memset+0x1f/0x40
[ 2046.508790][T32319]  ? fsnotify+0x1280/0x1340
[ 2046.513119][T32319]  ? loop_remove+0xa0/0xa0
[ 2046.517721][T32319]  do_vfs_ioctl+0x742/0x1720
[ 2046.522150][T32319]  ? ioctl_preallocate+0x250/0x250
[ 2046.527093][T32319]  ? __fget+0x407/0x490
[ 2046.531085][T32319]  ? fget_many+0x20/0x20
[ 2046.535164][T32319]  ? debug_smp_processor_id+0x20/0x20
[ 2046.540396][T32319]  ? security_file_ioctl+0x7d/0xa0
03:34:19 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 53)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:19 executing program 5:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:19 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x0)

03:34:19 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
setsockopt$TIPC_MCAST_BROADCAST(0xffffffffffffffff, 0x10f, 0x85)

03:34:19 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:19 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', <r1=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r3=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f00000001c0)={0x37c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [{{0x8}, {0x4}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r1}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}]}}, {{0x8}, {0x4}}, {{0x8, 0x1, r2}, {0x174, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xf5e}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}]}}]}, 0x37c}, 0x1, 0x0, 0x0, 0x40048b4}, 0x4008000)

03:34:19 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:19 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', <r1=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r3=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f00000001c0)={0x37c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [{{0x8}, {0x4}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r1}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}]}}, {{0x8}, {0x4}}, {{0x8, 0x1, r2}, {0x174, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xf5e}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}]}}]}, 0x37c}, 0x1, 0x0, 0x0, 0x40048b4}, 0x4008000)

03:34:19 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
setsockopt$TIPC_MCAST_BROADCAST(0xffffffffffffffff, 0x10f, 0x85)

[ 2046.545321][T32319]  __x64_sys_ioctl+0xd4/0x110
[ 2046.549840][T32319]  do_syscall_64+0xca/0x1c0
[ 2046.554264][T32319]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2046.560008][T32319] ---[ end trace 47f897a1e9344b18 ]---
03:34:19 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3}}, 0x7)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000080)=0x4, 0x4)
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000040)=0x7fffffff, 0x4)

03:34:19 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_tables_matches\x00')
r2 = eventfd2(0x8, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:19 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
setsockopt$TIPC_MCAST_BROADCAST(0xffffffffffffffff, 0x10f, 0x85)

[ 2046.670250][T32335] FAULT_INJECTION: forcing a failure.
[ 2046.670250][T32335] name failslab, interval 1, probability 0, space 0, times 0
[ 2046.683313][T32335] CPU: 1 PID: 32335 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2046.694891][T32335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2046.704785][T32335] Call Trace:
[ 2046.707909][T32335]  dump_stack+0x1d8/0x241
[ 2046.712086][T32335]  ? panic+0x896/0x896
[ 2046.715985][T32335]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2046.721632][T32335]  ? mutex_lock+0xa5/0x110
[ 2046.725882][T32335]  should_fail+0x71f/0x880
[ 2046.730256][T32335]  ? kstrdup_const+0x51/0x90
[ 2046.734672][T32335]  ? setup_fault_attr+0x3d0/0x3d0
[ 2046.739540][T32335]  ? mutex_lock+0xa5/0x110
[ 2046.743780][T32335]  ? mutex_trylock+0xa0/0xa0
[ 2046.748205][T32335]  ? __kernfs_new_node+0xdb/0x6e0
[ 2046.753061][T32335]  should_failslab+0x5/0x20
[ 2046.757404][T32335]  kmem_cache_alloc+0x28/0x250
[ 2046.762006][T32335]  __kernfs_new_node+0xdb/0x6e0
[ 2046.766695][T32335]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2046.771548][T32335]  ? kernfs_new_node+0x160/0x160
[ 2046.776330][T32335]  ? selinux_path_notify+0x6d0/0x6d0
[ 2046.781446][T32335]  ? idr_alloc+0x2f0/0x2f0
[ 2046.785700][T32335]  ? _raw_spin_lock+0xa4/0x1b0
[ 2046.790301][T32335]  kernfs_new_node+0x95/0x160
[ 2046.794813][T32335]  __kernfs_create_file+0x45/0x260
[ 2046.799850][T32335]  sysfs_add_file_mode_ns+0x292/0x340
[ 2046.805061][T32335]  internal_create_group+0x573/0xf00
[ 2046.810184][T32335]  ? mutex_unlock+0x18/0x40
[ 2046.814528][T32335]  ? sysfs_create_group+0x20/0x20
[ 2046.819383][T32335]  sysfs_create_groups+0x52/0x110
[ 2046.824242][T32335]  device_add_attrs+0x87/0x370
[ 2046.828838][T32335]  device_add+0x4f4/0xbb0
[ 2046.833001][T32335]  device_create_vargs+0x1b9/0x210
[ 2046.837962][T32335]  device_create+0xea/0x130
[ 2046.842301][T32335]  ? device_create_vargs+0x210/0x210
[ 2046.847412][T32335]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2046.852972][T32335]  bdi_register_va+0x84/0x610
[ 2046.857478][T32335]  bdi_register+0xd1/0x120
[ 2046.861731][T32335]  ? __device_add_disk+0x551/0x1220
[ 2046.866771][T32335]  ? bdi_register_va+0x610/0x610
[ 2046.871536][T32335]  ? percpu_ref_resurrect+0x113/0x190
[ 2046.876746][T32335]  bdi_register_owner+0x55/0xf0
[ 2046.881436][T32335]  __device_add_disk+0x5d1/0x1220
[ 2046.886291][T32335]  ? device_add_disk+0x30/0x30
[ 2046.890915][T32335]  ? vsprintf+0x30/0x30
[ 2046.894886][T32335]  ? __alloc_disk_node+0x459/0x5a0
[ 2046.899834][T32335]  loop_add+0x573/0x740
[ 2046.903828][T32335]  loop_control_ioctl+0x448/0x620
[ 2046.908699][T32335]  ? loop_remove+0xa0/0xa0
[ 2046.913028][T32335]  ? memset+0x1f/0x40
[ 2046.916976][T32335]  ? fsnotify+0x1280/0x1340
[ 2046.921428][T32335]  ? loop_remove+0xa0/0xa0
[ 2046.925686][T32335]  do_vfs_ioctl+0x742/0x1720
[ 2046.930194][T32335]  ? ioctl_preallocate+0x250/0x250
[ 2046.935139][T32335]  ? __fget+0x407/0x490
[ 2046.939131][T32335]  ? fget_many+0x20/0x20
[ 2046.943211][T32335]  ? debug_smp_processor_id+0x20/0x20
[ 2046.948424][T32335]  ? security_file_ioctl+0x7d/0xa0
[ 2046.953367][T32335]  __x64_sys_ioctl+0xd4/0x110
[ 2046.957881][T32335]  do_syscall_64+0xca/0x1c0
[ 2046.962220][T32335]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2046.970591][T32335] ------------[ cut here ]------------
[ 2046.976054][T32335] WARNING: CPU: 1 PID: 32335 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2046.984975][T32335] Modules linked in:
[ 2046.988805][T32335] CPU: 1 PID: 32335 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2047.000254][T32335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2047.010159][T32335] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2047.015795][T32335] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2047.035435][T32335] RSP: 0018:ffff8881ed367a20 EFLAGS: 00010287
[ 2047.041412][T32335] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2047.049133][T32335] RDX: ffffc90000b43000 RSI: 000000000000cad6 RDI: 000000000000cad7
[ 2047.056931][T32335] RBP: ffff8881ed367b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2047.064741][T32335] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881ce461000
[ 2047.072555][T32335] R13: dffffc0000000000 R14: ffff8881ce461070 R15: 1ffff11039c8c29d
[ 2047.080366][T32335] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2047.089127][T32335] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2047.095552][T32335] CR2: 00007fcb7195cff8 CR3: 00000001c8085000 CR4: 00000000003406a0
[ 2047.103544][T32335] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2047.111499][T32335] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2047.119362][T32335] Call Trace:
[ 2047.122504][T32335]  ? __warn+0x162/0x250
[ 2047.126495][T32335]  ? report_bug+0x3a1/0x4e0
[ 2047.130876][T32335]  ? __device_add_disk+0xea1/0x1220
[ 2047.135867][T32335]  ? __device_add_disk+0xea1/0x1220
[ 2047.140893][T32335]  ? do_invalid_op+0x6e/0x110
[ 2047.145404][T32335]  ? invalid_op+0x1e/0x30
[ 2047.149573][T32335]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2047.155213][T32335]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2047.161294][T32335]  ? __device_add_disk+0x5dc/0x1220
[ 2047.166322][T32335]  ? __device_add_disk+0xea1/0x1220
[ 2047.171360][T32335]  ? __device_add_disk+0xea1/0x1220
[ 2047.176393][T32335]  ? device_add_disk+0x30/0x30
[ 2047.180994][T32335]  ? vsprintf+0x30/0x30
[ 2047.184989][T32335]  ? __alloc_disk_node+0x459/0x5a0
[ 2047.189935][T32335]  loop_add+0x573/0x740
[ 2047.193925][T32335]  loop_control_ioctl+0x448/0x620
[ 2047.198785][T32335]  ? loop_remove+0xa0/0xa0
[ 2047.203037][T32335]  ? memset+0x1f/0x40
[ 2047.206854][T32335]  ? fsnotify+0x1280/0x1340
[ 2047.211200][T32335]  ? loop_remove+0xa0/0xa0
[ 2047.215582][T32335]  do_vfs_ioctl+0x742/0x1720
03:34:20 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 54)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:20 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)

03:34:20 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', <r1=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r3=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f00000001c0)={0x37c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [{{0x8}, {0x4}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r1}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}]}}, {{0x8}, {0x4}}, {{0x8, 0x1, r2}, {0x174, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xf5e}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x9}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}]}}]}, 0x37c}, 0x1, 0x0, 0x0, 0x40048b4}, 0x4008000)

03:34:20 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3}}, 0x7)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000080)=0x4, 0x4)
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000040)=0x7fffffff, 0x4)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3}}, 0x7) (async)
bind$tipc(0xffffffffffffffff, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000080)=0x4, 0x4) (async)
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000040)=0x7fffffff, 0x4) (async)

03:34:20 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_tables_matches\x00') (async)
r2 = eventfd2(0x8, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:20 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r3, 0x10f, 0x85)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
r5 = mmap$binder(&(0x7f0000ff5000/0x8000)=nil, 0x8000, 0x1, 0x11, r2, 0x8ba9)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000340)={0x64, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x3}, @exit_looper, @request_death={0x400c630e, 0x3}, @release, @increfs={0x40046304, 0x2}, @decrefs={0x40046307, 0x1}, @exit_looper, @increfs={0x40046304, 0x2}, @free_buffer={0x40086303, r5}, @clear_death={0x400c630f, 0x1}], 0x49, 0x0, &(0x7f00000002c0)="a502ccbf7b61a217f960d426086adf6d5f6100ad7efc4fc4801902409a11eea640a62fda9e5dcd25dc547eb93cae0f8f4b067ab05bbc6535106d50271896f3dc950fb0c9b8225e071d"})
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000380), 0x200, 0x0)
sendmsg$AUDIT_GET_FEATURE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3fb, 0x20, 0x70bd28, 0x25dfdbfd, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0xbc7deb9a5f057551)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r6 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000)
accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@id, &(0x7f0000000100)=0x10, 0x80800)
bind$tipc(r6, 0x0, 0x0)

03:34:20 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2047.220007][T32335]  ? ioctl_preallocate+0x250/0x250
[ 2047.224962][T32335]  ? __fget+0x407/0x490
[ 2047.229121][T32335]  ? fget_many+0x20/0x20
[ 2047.233200][T32335]  ? debug_smp_processor_id+0x20/0x20
[ 2047.238409][T32335]  ? security_file_ioctl+0x7d/0xa0
[ 2047.243491][T32335]  __x64_sys_ioctl+0xd4/0x110
[ 2047.248030][T32335]  do_syscall_64+0xca/0x1c0
[ 2047.252346][T32335]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2047.258077][T32335] ---[ end trace 47f897a1e9344b19 ]---
03:34:20 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x6)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:20 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x3}}, 0x7) (async)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000080)=0x4, 0x4) (async, rerun: 32)
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000040)=0x7fffffff, 0x4) (rerun: 32)

03:34:20 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r3, 0x10f, 0x85)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
r5 = mmap$binder(&(0x7f0000ff5000/0x8000)=nil, 0x8000, 0x1, 0x11, r2, 0x8ba9)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000340)={0x64, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x3}, @exit_looper, @request_death={0x400c630e, 0x3}, @release, @increfs={0x40046304, 0x2}, @decrefs={0x40046307, 0x1}, @exit_looper, @increfs={0x40046304, 0x2}, @free_buffer={0x40086303, r5}, @clear_death={0x400c630f, 0x1}], 0x49, 0x0, &(0x7f00000002c0)="a502ccbf7b61a217f960d426086adf6d5f6100ad7efc4fc4801902409a11eea640a62fda9e5dcd25dc547eb93cae0f8f4b067ab05bbc6535106d50271896f3dc950fb0c9b8225e071d"})
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000380), 0x200, 0x0)
sendmsg$AUDIT_GET_FEATURE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3fb, 0x20, 0x70bd28, 0x25dfdbfd, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0xbc7deb9a5f057551)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r6 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000)
accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@id, &(0x7f0000000100)=0x10, 0x80800)
bind$tipc(r6, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
setsockopt$TIPC_MCAST_BROADCAST(r3, 0x10f, 0x85) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
mmap$binder(&(0x7f0000ff5000/0x8000)=nil, 0x8000, 0x1, 0x11, r2, 0x8ba9) (async)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000340)={0x64, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x3}, @exit_looper, @request_death={0x400c630e, 0x3}, @release, @increfs={0x40046304, 0x2}, @decrefs={0x40046307, 0x1}, @exit_looper, @increfs={0x40046304, 0x2}, @free_buffer={0x40086303, r5}, @clear_death={0x400c630f, 0x1}], 0x49, 0x0, &(0x7f00000002c0)="a502ccbf7b61a217f960d426086adf6d5f6100ad7efc4fc4801902409a11eea640a62fda9e5dcd25dc547eb93cae0f8f4b067ab05bbc6535106d50271896f3dc950fb0c9b8225e071d"}) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000380), 0x200, 0x0) (async)
sendmsg$AUDIT_GET_FEATURE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3fb, 0x20, 0x70bd28, 0x25dfdbfd, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0xbc7deb9a5f057551) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000) (async)
accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@id, &(0x7f0000000100)=0x10, 0x80800) (async)
bind$tipc(r6, 0x0, 0x0) (async)

03:34:20 executing program 4:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0xc0000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:20 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_tables_matches\x00')
r2 = eventfd2(0x8, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

[ 2047.371169][T32374] FAULT_INJECTION: forcing a failure.
[ 2047.371169][T32374] name failslab, interval 1, probability 0, space 0, times 0
[ 2047.387049][T32374] CPU: 1 PID: 32374 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2047.398500][T32374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2047.408397][T32374] Call Trace:
[ 2047.411517][T32374]  dump_stack+0x1d8/0x241
[ 2047.415681][T32374]  ? panic+0x896/0x896
[ 2047.419592][T32374]  ? mutex_unlock+0x18/0x40
[ 2047.423934][T32374]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2047.429567][T32374]  ? selinux_kernfs_init_security+0x14e/0x730
[ 2047.435473][T32374]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2047.440340][T32374]  should_fail+0x71f/0x880
[ 2047.444583][T32374]  ? setup_fault_attr+0x3d0/0x3d0
[ 2047.449444][T32374]  ? _raw_spin_lock+0xa4/0x1b0
[ 2047.454043][T32374]  ? __kernfs_new_node+0xdb/0x6e0
[ 2047.458906][T32374]  should_failslab+0x5/0x20
[ 2047.463325][T32374]  kmem_cache_alloc+0x28/0x250
[ 2047.467942][T32374]  __kernfs_new_node+0xdb/0x6e0
[ 2047.472879][T32374]  ? kernfs_new_node+0x160/0x160
[ 2047.477649][T32374]  ? mutex_lock+0xa5/0x110
[ 2047.481906][T32374]  ? mutex_trylock+0xa0/0xa0
[ 2047.486416][T32374]  ? kernfs_activate+0x2fe/0x320
[ 2047.491293][T32374]  kernfs_new_node+0x95/0x160
[ 2047.495807][T32374]  __kernfs_create_file+0x45/0x260
[ 2047.500823][T32374]  sysfs_add_file_mode_ns+0x292/0x340
[ 2047.506031][T32374]  internal_create_group+0x573/0xf00
[ 2047.511168][T32374]  ? mutex_unlock+0x18/0x40
[ 2047.515501][T32374]  ? sysfs_create_group+0x20/0x20
[ 2047.520358][T32374]  sysfs_create_groups+0x52/0x110
[ 2047.525389][T32374]  device_add_attrs+0x87/0x370
[ 2047.530174][T32374]  device_add+0x4f4/0xbb0
[ 2047.534503][T32374]  device_create_vargs+0x1b9/0x210
[ 2047.539451][T32374]  device_create+0xea/0x130
[ 2047.543889][T32374]  ? device_create_vargs+0x210/0x210
[ 2047.549006][T32374]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2047.554651][T32374]  bdi_register_va+0x84/0x610
[ 2047.559160][T32374]  bdi_register+0xd1/0x120
[ 2047.563414][T32374]  ? __device_add_disk+0x551/0x1220
[ 2047.568446][T32374]  ? bdi_register_va+0x610/0x610
[ 2047.573232][T32374]  ? percpu_ref_resurrect+0x113/0x190
[ 2047.578433][T32374]  bdi_register_owner+0x55/0xf0
[ 2047.583202][T32374]  __device_add_disk+0x5d1/0x1220
[ 2047.588068][T32374]  ? device_add_disk+0x30/0x30
[ 2047.592677][T32374]  ? vsprintf+0x30/0x30
[ 2047.596656][T32374]  ? __alloc_disk_node+0x459/0x5a0
[ 2047.601702][T32374]  loop_add+0x573/0x740
[ 2047.605688][T32374]  loop_control_ioctl+0x448/0x620
[ 2047.610545][T32374]  ? loop_remove+0xa0/0xa0
[ 2047.614796][T32374]  ? memset+0x1f/0x40
[ 2047.618792][T32374]  ? fsnotify+0x1280/0x1340
[ 2047.623095][T32374]  ? loop_remove+0xa0/0xa0
[ 2047.627337][T32374]  do_vfs_ioctl+0x742/0x1720
[ 2047.631768][T32374]  ? ioctl_preallocate+0x250/0x250
[ 2047.636714][T32374]  ? __fget+0x407/0x490
[ 2047.640710][T32374]  ? fget_many+0x20/0x20
[ 2047.644782][T32374]  ? debug_smp_processor_id+0x20/0x20
[ 2047.649990][T32374]  ? security_file_ioctl+0x7d/0xa0
[ 2047.655150][T32374]  __x64_sys_ioctl+0xd4/0x110
[ 2047.659642][T32374]  do_syscall_64+0xca/0x1c0
[ 2047.663976][T32374]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2047.671922][T32374] ------------[ cut here ]------------
[ 2047.677211][T32374] WARNING: CPU: 0 PID: 32374 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2047.686662][T32374] Modules linked in:
[ 2047.690397][T32374] CPU: 0 PID: 32374 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2047.701859][T32374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2047.711749][T32374] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2047.717397][T32374] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2047.736825][T32374] RSP: 0018:ffff8881ea0e7a20 EFLAGS: 00010287
[ 2047.742729][T32374] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2047.750703][T32374] RDX: ffffc90000b43000 RSI: 000000000000c9b3 RDI: 000000000000c9b4
[ 2047.758514][T32374] RBP: ffff8881ea0e7b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2047.766335][T32374] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881f0b6a000
[ 2047.774134][T32374] R13: dffffc0000000000 R14: ffff8881f0b6a070 R15: 1ffff1103e16d49d
[ 2047.781956][T32374] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2047.790832][T32374] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2047.797247][T32374] CR2: 0000555555bed818 CR3: 00000001cfc75000 CR4: 00000000003406b0
[ 2047.805058][T32374] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2047.812873][T32374] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2047.820676][T32374] Call Trace:
[ 2047.823814][T32374]  ? __warn+0x162/0x250
[ 2047.827803][T32374]  ? report_bug+0x3a1/0x4e0
[ 2047.832136][T32374]  ? __device_add_disk+0xea1/0x1220
[ 2047.837172][T32374]  ? __device_add_disk+0xea1/0x1220
[ 2047.842218][T32374]  ? do_invalid_op+0x6e/0x110
[ 2047.846727][T32374]  ? invalid_op+0x1e/0x30
[ 2047.850889][T32374]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2047.856528][T32374]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2047.862604][T32374]  ? __device_add_disk+0x5dc/0x1220
[ 2047.867635][T32374]  ? __device_add_disk+0xea1/0x1220
[ 2047.872673][T32374]  ? __device_add_disk+0xea1/0x1220
[ 2047.877705][T32374]  ? device_add_disk+0x30/0x30
[ 2047.882303][T32374]  ? vsprintf+0x30/0x30
[ 2047.886298][T32374]  ? __alloc_disk_node+0x459/0x5a0
[ 2047.891253][T32374]  loop_add+0x573/0x740
[ 2047.895265][T32374]  loop_control_ioctl+0x448/0x620
[ 2047.900185][T32374]  ? loop_remove+0xa0/0xa0
[ 2047.904449][T32374]  ? memset+0x1f/0x40
[ 2047.908290][T32374]  ? fsnotify+0x1280/0x1340
[ 2047.912640][T32374]  ? loop_remove+0xa0/0xa0
[ 2047.916949][T32374]  do_vfs_ioctl+0x742/0x1720
03:34:20 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 55)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:20 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x6)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:20 executing program 4:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0xc0000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) (async)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0xc0000) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)

03:34:20 executing program 1:
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x3c, 0x3e9, 0x1, 0x70bd27, 0x25dfdbff, {0x14, 0x1, 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x1c00000, 0x7, 0x0, 0x81, 0x1}, ["", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044801}, 0x20000080)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000001}, 0xc, &(0x7f0000000640)={&(0x7f00000001c0)={0x444, 0x3f4, 0x20, 0x70bd2b, 0x25dfdbfb, {0x5, 0x0, 0x1e, [0x7fffffff, 0x9, 0x5, 0x3, 0x40, 0x7, 0x1ff, 0x7f, 0xfff, 0x1, 0x1, 0x1000, 0x7fff, 0x101, 0x40, 0x40, 0x1, 0x8, 0x6, 0x5, 0x500a, 0x3, 0xc03, 0x895, 0xfffffffb, 0x9, 0x1, 0x243, 0xea53, 0x7, 0x975c, 0x7, 0x5, 0x1, 0x5, 0xab3, 0x4, 0x8, 0x7, 0x6, 0x0, 0x2, 0x100, 0x81, 0x4, 0x81, 0x3ff, 0xfa50, 0x8, 0x2, 0x7, 0x3ff, 0x49, 0x14d6e005, 0x0, 0xffffffff, 0x81, 0x1, 0xd1, 0xd7a, 0x86ac, 0x1, 0x3, 0xf0c2], [0xffffffff, 0xec24, 0xfd5b, 0x8, 0x4, 0x7, 0x4, 0x3, 0x1, 0xf7a, 0x5, 0x1000, 0x1ff00, 0xb014, 0x5, 0xc7, 0x1, 0x1000, 0x271, 0x3, 0x7, 0x10000, 0x3, 0xffff14d2, 0x3, 0x400, 0x4, 0x2, 0x0, 0x7, 0x80000000, 0xf4c, 0xee, 0x777b50d0, 0x9, 0x7f, 0x0, 0x9, 0x20, 0x4, 0x3f, 0x3ff, 0x89bf, 0xc5, 0x0, 0x9, 0x1, 0x7, 0x40, 0x8, 0x467, 0x1, 0x40008000, 0x10001, 0x81, 0x80000001, 0x8000, 0x747, 0xa3, 0x3b, 0x9, 0x9, 0x401, 0x2b], [0x10000, 0x6, 0x1400, 0x15c4, 0x8e93, 0xff, 0x800000, 0x7, 0x100, 0x80000000, 0x5, 0x100, 0x20, 0x7fffffff, 0x0, 0x9c, 0x2, 0x1, 0x7, 0x4, 0x6, 0x0, 0x0, 0x3, 0x6, 0x1ff, 0x3, 0x6, 0xebc, 0x0, 0x80, 0x7fff, 0x20, 0x1f, 0x2, 0x0, 0x0, 0x9, 0x2, 0xab4, 0x7, 0x3, 0x6, 0x9, 0x1, 0x2, 0x7, 0x1, 0x75, 0x1000, 0x5160db27, 0x3f, 0xfffff000, 0x0, 0x5, 0x2, 0xab, 0xcfe, 0xff, 0x80, 0xfc15, 0x690, 0x3, 0x2a5], [0x4, 0x1, 0x2, 0xfff, 0x34, 0x6, 0x5, 0x400, 0x0, 0xd, 0x8, 0x4, 0x6, 0x1f, 0x80000001, 0x9, 0x52, 0x1, 0xff, 0x1, 0x40, 0x3a8, 0xfff, 0x0, 0x0, 0x2f4e, 0x800, 0xfffffffe, 0x4, 0x9, 0x4, 0x3, 0xc, 0x0, 0x5, 0x8000, 0x6, 0x101, 0x2, 0x8001, 0x7, 0x1f, 0x4, 0x1ff, 0x5, 0x4, 0x5, 0x6, 0x4, 0xfff, 0xfffffe00, 0xe6, 0xffffffff, 0x55, 0x8, 0x5, 0x3, 0x5, 0x2, 0x3, 0x0, 0x6, 0x6, 0xdf97], 0x21, ['/dev/vsock\x00', '/dev/vsock\x00', '/dev/vsock\x00']}, ["", "", "", ""]}, 0x444}}, 0x805)
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4)
openat$vsock(0xffffffffffffff9c, &(0x7f00000006c0), 0x16d3c2, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000700)="5717580aeb14e4d840fdd4caecd1bd7ed750e9643e79b45f009d3574310fd0748623ab1cbb84db5afc5ed7521ac4e8dab74d3756300129fd1bdda52bbc7d2fa821b2030b89a92f874f964cd00724c231f7b3262305c55a7c1a1e85a2d4bab37fe90460767b066f9aed891fdb5c53c44018fe18024844366346d5a5daa09acdce971554621398fe3f9941d4a52f7a5d1dca2cb5855c55e938d8f7aeb8cd4d027f4e207db0f6566750f761d770ca2ef6d869077581bfcb6926b378063fd9cfe27f1751df38a2", &(0x7f0000000800)=""/177}, 0x20)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x41, 0x8, 0x3}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140))

03:34:20 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$inet(0x2, 0xa, 0x80000000)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000180)={0x2, 0x0, &(0x7f0000000140)=[r1, r3, r4, r2, r1]}, 0x5)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_NOOP(r5, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000240)={0x2b0, 0x0, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [{{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r6}, {0x218, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x34, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xeb77}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffff00}}}]}}]}, 0x2b0}, 0x1, 0x0, 0x0, 0x200400c3}, 0x4048090)

03:34:20 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async, rerun: 64)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r3, 0x10f, 0x85)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
r5 = mmap$binder(&(0x7f0000ff5000/0x8000)=nil, 0x8000, 0x1, 0x11, r2, 0x8ba9)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000340)={0x64, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x3}, @exit_looper, @request_death={0x400c630e, 0x3}, @release, @increfs={0x40046304, 0x2}, @decrefs={0x40046307, 0x1}, @exit_looper, @increfs={0x40046304, 0x2}, @free_buffer={0x40086303, r5}, @clear_death={0x400c630f, 0x1}], 0x49, 0x0, &(0x7f00000002c0)="a502ccbf7b61a217f960d426086adf6d5f6100ad7efc4fc4801902409a11eea640a62fda9e5dcd25dc547eb93cae0f8f4b067ab05bbc6535106d50271896f3dc950fb0c9b8225e071d"}) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000380), 0x200, 0x0)
sendmsg$AUDIT_GET_FEATURE(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3fb, 0x20, 0x70bd28, 0x25dfdbfd, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0xbc7deb9a5f057551) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async, rerun: 64)
r6 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80000) (async, rerun: 64)
accept4$tipc(0xffffffffffffffff, &(0x7f00000000c0)=@id, &(0x7f0000000100)=0x10, 0x80800)
bind$tipc(r6, 0x0, 0x0)

[ 2047.921550][T32374]  ? ioctl_preallocate+0x250/0x250
[ 2047.926494][T32374]  ? __fget+0x407/0x490
[ 2047.930491][T32374]  ? fget_many+0x20/0x20
[ 2047.934550][T32374]  ? debug_smp_processor_id+0x20/0x20
[ 2047.939762][T32374]  ? security_file_ioctl+0x7d/0xa0
[ 2047.944711][T32374]  __x64_sys_ioctl+0xd4/0x110
[ 2047.949314][T32374]  do_syscall_64+0xca/0x1c0
[ 2047.953648][T32374]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2047.959552][T32374] ---[ end trace 47f897a1e9344b1a ]---
03:34:20 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$inet(0x2, 0xa, 0x80000000) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
getsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000180)={0x2, 0x0, &(0x7f0000000140)=[r1, r3, r4, r2, r1]}, 0x5)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
getsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_NOOP(r5, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000240)={0x2b0, 0x0, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [{{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r6}, {0x218, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x34, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xeb77}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffff00}}}]}}]}, 0x2b0}, 0x1, 0x0, 0x0, 0x200400c3}, 0x4048090)

03:34:20 executing program 4:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0xc0000)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) (async)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0xc0000) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)

03:34:20 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
bind$tipc(r0, 0x0, 0x3)

03:34:20 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$inet(0x2, 0xa, 0x80000000) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
getsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000180)={0x2, 0x0, &(0x7f0000000140)=[r1, r3, r4, r2, r1]}, 0x5)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
getsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async, rerun: 64)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0})
sendmsg$TEAM_CMD_NOOP(r5, &(0x7f0000000540)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000240)={0x2b0, 0x0, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [{{0x8}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}]}}, {{0x8, 0x1, r6}, {0x218, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x34, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xeb77}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffff00}}}]}}]}, 0x2b0}, 0x1, 0x0, 0x0, 0x200400c3}, 0x4048090)

03:34:20 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x6)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x6) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)

03:34:20 executing program 1:
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x3c, 0x3e9, 0x1, 0x70bd27, 0x25dfdbff, {0x14, 0x1, 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x1c00000, 0x7, 0x0, 0x81, 0x1}, ["", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044801}, 0x20000080)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000001}, 0xc, &(0x7f0000000640)={&(0x7f00000001c0)={0x444, 0x3f4, 0x20, 0x70bd2b, 0x25dfdbfb, {0x5, 0x0, 0x1e, [0x7fffffff, 0x9, 0x5, 0x3, 0x40, 0x7, 0x1ff, 0x7f, 0xfff, 0x1, 0x1, 0x1000, 0x7fff, 0x101, 0x40, 0x40, 0x1, 0x8, 0x6, 0x5, 0x500a, 0x3, 0xc03, 0x895, 0xfffffffb, 0x9, 0x1, 0x243, 0xea53, 0x7, 0x975c, 0x7, 0x5, 0x1, 0x5, 0xab3, 0x4, 0x8, 0x7, 0x6, 0x0, 0x2, 0x100, 0x81, 0x4, 0x81, 0x3ff, 0xfa50, 0x8, 0x2, 0x7, 0x3ff, 0x49, 0x14d6e005, 0x0, 0xffffffff, 0x81, 0x1, 0xd1, 0xd7a, 0x86ac, 0x1, 0x3, 0xf0c2], [0xffffffff, 0xec24, 0xfd5b, 0x8, 0x4, 0x7, 0x4, 0x3, 0x1, 0xf7a, 0x5, 0x1000, 0x1ff00, 0xb014, 0x5, 0xc7, 0x1, 0x1000, 0x271, 0x3, 0x7, 0x10000, 0x3, 0xffff14d2, 0x3, 0x400, 0x4, 0x2, 0x0, 0x7, 0x80000000, 0xf4c, 0xee, 0x777b50d0, 0x9, 0x7f, 0x0, 0x9, 0x20, 0x4, 0x3f, 0x3ff, 0x89bf, 0xc5, 0x0, 0x9, 0x1, 0x7, 0x40, 0x8, 0x467, 0x1, 0x40008000, 0x10001, 0x81, 0x80000001, 0x8000, 0x747, 0xa3, 0x3b, 0x9, 0x9, 0x401, 0x2b], [0x10000, 0x6, 0x1400, 0x15c4, 0x8e93, 0xff, 0x800000, 0x7, 0x100, 0x80000000, 0x5, 0x100, 0x20, 0x7fffffff, 0x0, 0x9c, 0x2, 0x1, 0x7, 0x4, 0x6, 0x0, 0x0, 0x3, 0x6, 0x1ff, 0x3, 0x6, 0xebc, 0x0, 0x80, 0x7fff, 0x20, 0x1f, 0x2, 0x0, 0x0, 0x9, 0x2, 0xab4, 0x7, 0x3, 0x6, 0x9, 0x1, 0x2, 0x7, 0x1, 0x75, 0x1000, 0x5160db27, 0x3f, 0xfffff000, 0x0, 0x5, 0x2, 0xab, 0xcfe, 0xff, 0x80, 0xfc15, 0x690, 0x3, 0x2a5], [0x4, 0x1, 0x2, 0xfff, 0x34, 0x6, 0x5, 0x400, 0x0, 0xd, 0x8, 0x4, 0x6, 0x1f, 0x80000001, 0x9, 0x52, 0x1, 0xff, 0x1, 0x40, 0x3a8, 0xfff, 0x0, 0x0, 0x2f4e, 0x800, 0xfffffffe, 0x4, 0x9, 0x4, 0x3, 0xc, 0x0, 0x5, 0x8000, 0x6, 0x101, 0x2, 0x8001, 0x7, 0x1f, 0x4, 0x1ff, 0x5, 0x4, 0x5, 0x6, 0x4, 0xfff, 0xfffffe00, 0xe6, 0xffffffff, 0x55, 0x8, 0x5, 0x3, 0x5, 0x2, 0x3, 0x0, 0x6, 0x6, 0xdf97], 0x21, ['/dev/vsock\x00', '/dev/vsock\x00', '/dev/vsock\x00']}, ["", "", "", ""]}, 0x444}}, 0x805)
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4)
openat$vsock(0xffffffffffffff9c, &(0x7f00000006c0), 0x16d3c2, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000700)="5717580aeb14e4d840fdd4caecd1bd7ed750e9643e79b45f009d3574310fd0748623ab1cbb84db5afc5ed7521ac4e8dab74d3756300129fd1bdda52bbc7d2fa821b2030b89a92f874f964cd00724c231f7b3262305c55a7c1a1e85a2d4bab37fe90460767b066f9aed891fdb5c53c44018fe18024844366346d5a5daa09acdce971554621398fe3f9941d4a52f7a5d1dca2cb5855c55e938d8f7aeb8cd4d027f4e207db0f6566750f761d770ca2ef6d869077581bfcb6926b378063fd9cfe27f1751df38a2", &(0x7f0000000800)=""/177}, 0x20)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x41, 0x8, 0x3}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140))
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x3c, 0x3e9, 0x1, 0x70bd27, 0x25dfdbff, {0x14, 0x1, 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x1c00000, 0x7, 0x0, 0x81, 0x1}, ["", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044801}, 0x20000080) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000001}, 0xc, &(0x7f0000000640)={&(0x7f00000001c0)={0x444, 0x3f4, 0x20, 0x70bd2b, 0x25dfdbfb, {0x5, 0x0, 0x1e, [0x7fffffff, 0x9, 0x5, 0x3, 0x40, 0x7, 0x1ff, 0x7f, 0xfff, 0x1, 0x1, 0x1000, 0x7fff, 0x101, 0x40, 0x40, 0x1, 0x8, 0x6, 0x5, 0x500a, 0x3, 0xc03, 0x895, 0xfffffffb, 0x9, 0x1, 0x243, 0xea53, 0x7, 0x975c, 0x7, 0x5, 0x1, 0x5, 0xab3, 0x4, 0x8, 0x7, 0x6, 0x0, 0x2, 0x100, 0x81, 0x4, 0x81, 0x3ff, 0xfa50, 0x8, 0x2, 0x7, 0x3ff, 0x49, 0x14d6e005, 0x0, 0xffffffff, 0x81, 0x1, 0xd1, 0xd7a, 0x86ac, 0x1, 0x3, 0xf0c2], [0xffffffff, 0xec24, 0xfd5b, 0x8, 0x4, 0x7, 0x4, 0x3, 0x1, 0xf7a, 0x5, 0x1000, 0x1ff00, 0xb014, 0x5, 0xc7, 0x1, 0x1000, 0x271, 0x3, 0x7, 0x10000, 0x3, 0xffff14d2, 0x3, 0x400, 0x4, 0x2, 0x0, 0x7, 0x80000000, 0xf4c, 0xee, 0x777b50d0, 0x9, 0x7f, 0x0, 0x9, 0x20, 0x4, 0x3f, 0x3ff, 0x89bf, 0xc5, 0x0, 0x9, 0x1, 0x7, 0x40, 0x8, 0x467, 0x1, 0x40008000, 0x10001, 0x81, 0x80000001, 0x8000, 0x747, 0xa3, 0x3b, 0x9, 0x9, 0x401, 0x2b], [0x10000, 0x6, 0x1400, 0x15c4, 0x8e93, 0xff, 0x800000, 0x7, 0x100, 0x80000000, 0x5, 0x100, 0x20, 0x7fffffff, 0x0, 0x9c, 0x2, 0x1, 0x7, 0x4, 0x6, 0x0, 0x0, 0x3, 0x6, 0x1ff, 0x3, 0x6, 0xebc, 0x0, 0x80, 0x7fff, 0x20, 0x1f, 0x2, 0x0, 0x0, 0x9, 0x2, 0xab4, 0x7, 0x3, 0x6, 0x9, 0x1, 0x2, 0x7, 0x1, 0x75, 0x1000, 0x5160db27, 0x3f, 0xfffff000, 0x0, 0x5, 0x2, 0xab, 0xcfe, 0xff, 0x80, 0xfc15, 0x690, 0x3, 0x2a5], [0x4, 0x1, 0x2, 0xfff, 0x34, 0x6, 0x5, 0x400, 0x0, 0xd, 0x8, 0x4, 0x6, 0x1f, 0x80000001, 0x9, 0x52, 0x1, 0xff, 0x1, 0x40, 0x3a8, 0xfff, 0x0, 0x0, 0x2f4e, 0x800, 0xfffffffe, 0x4, 0x9, 0x4, 0x3, 0xc, 0x0, 0x5, 0x8000, 0x6, 0x101, 0x2, 0x8001, 0x7, 0x1f, 0x4, 0x1ff, 0x5, 0x4, 0x5, 0x6, 0x4, 0xfff, 0xfffffe00, 0xe6, 0xffffffff, 0x55, 0x8, 0x5, 0x3, 0x5, 0x2, 0x3, 0x0, 0x6, 0x6, 0xdf97], 0x21, ['/dev/vsock\x00', '/dev/vsock\x00', '/dev/vsock\x00']}, ["", "", "", ""]}, 0x444}}, 0x805) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f00000006c0), 0x16d3c2, 0x0) (async)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000700)="5717580aeb14e4d840fdd4caecd1bd7ed750e9643e79b45f009d3574310fd0748623ab1cbb84db5afc5ed7521ac4e8dab74d3756300129fd1bdda52bbc7d2fa821b2030b89a92f874f964cd00724c231f7b3262305c55a7c1a1e85a2d4bab37fe90460767b066f9aed891fdb5c53c44018fe18024844366346d5a5daa09acdce971554621398fe3f9941d4a52f7a5d1dca2cb5855c55e938d8f7aeb8cd4d027f4e207db0f6566750f761d770ca2ef6d869077581bfcb6926b378063fd9cfe27f1751df38a2", &(0x7f0000000800)=""/177}, 0x20) (async)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x41, 0x8, 0x3}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
bind$tipc(r0, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)) (async)

[ 2048.101100][T32434] FAULT_INJECTION: forcing a failure.
[ 2048.101100][T32434] name failslab, interval 1, probability 0, space 0, times 0
[ 2048.114539][T32434] CPU: 0 PID: 32434 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2048.126006][T32434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2048.135859][T32434] Call Trace:
[ 2048.138992][T32434]  dump_stack+0x1d8/0x241
[ 2048.143150][T32434]  ? panic+0x896/0x896
[ 2048.147061][T32434]  ? mutex_unlock+0x18/0x40
[ 2048.151405][T32434]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2048.157046][T32434]  ? selinux_kernfs_init_security+0x14e/0x730
[ 2048.162946][T32434]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2048.167807][T32434]  should_fail+0x71f/0x880
[ 2048.172058][T32434]  ? setup_fault_attr+0x3d0/0x3d0
[ 2048.176917][T32434]  ? _raw_spin_lock+0xa4/0x1b0
[ 2048.181515][T32434]  ? __kernfs_new_node+0xdb/0x6e0
[ 2048.186553][T32434]  should_failslab+0x5/0x20
[ 2048.190885][T32434]  kmem_cache_alloc+0x28/0x250
[ 2048.195570][T32434]  __kernfs_new_node+0xdb/0x6e0
[ 2048.200255][T32434]  ? kernfs_new_node+0x160/0x160
[ 2048.205035][T32434]  ? mutex_lock+0xa5/0x110
[ 2048.209293][T32434]  ? mutex_trylock+0xa0/0xa0
[ 2048.213710][T32434]  ? kernfs_activate+0x2fe/0x320
[ 2048.218610][T32434]  kernfs_new_node+0x95/0x160
[ 2048.223135][T32434]  __kernfs_create_file+0x45/0x260
[ 2048.228089][T32434]  sysfs_add_file_mode_ns+0x292/0x340
[ 2048.233316][T32434]  internal_create_group+0x573/0xf00
[ 2048.238405][T32434]  ? mutex_unlock+0x18/0x40
[ 2048.242999][T32434]  ? sysfs_create_group+0x20/0x20
[ 2048.247890][T32434]  sysfs_create_groups+0x52/0x110
[ 2048.252729][T32434]  device_add_attrs+0x87/0x370
[ 2048.257323][T32434]  device_add+0x4f4/0xbb0
[ 2048.261578][T32434]  device_create_vargs+0x1b9/0x210
[ 2048.266518][T32434]  device_create+0xea/0x130
[ 2048.270859][T32434]  ? device_create_vargs+0x210/0x210
[ 2048.275981][T32434]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2048.281539][T32434]  bdi_register_va+0x84/0x610
[ 2048.286137][T32434]  bdi_register+0xd1/0x120
[ 2048.290392][T32434]  ? __device_add_disk+0x551/0x1220
[ 2048.295418][T32434]  ? bdi_register_va+0x610/0x610
[ 2048.300192][T32434]  ? percpu_ref_resurrect+0x113/0x190
[ 2048.305402][T32434]  bdi_register_owner+0x55/0xf0
[ 2048.310100][T32434]  __device_add_disk+0x5d1/0x1220
[ 2048.314969][T32434]  ? device_add_disk+0x30/0x30
[ 2048.319706][T32434]  ? vsprintf+0x30/0x30
[ 2048.323702][T32434]  ? __alloc_disk_node+0x459/0x5a0
[ 2048.328638][T32434]  loop_add+0x573/0x740
[ 2048.332630][T32434]  loop_control_ioctl+0x448/0x620
[ 2048.337487][T32434]  ? loop_remove+0xa0/0xa0
[ 2048.341750][T32434]  ? memset+0x1f/0x40
[ 2048.345676][T32434]  ? fsnotify+0x1280/0x1340
[ 2048.350113][T32434]  ? loop_remove+0xa0/0xa0
[ 2048.354354][T32434]  do_vfs_ioctl+0x742/0x1720
[ 2048.358798][T32434]  ? ioctl_preallocate+0x250/0x250
[ 2048.363742][T32434]  ? __fget+0x407/0x490
[ 2048.367728][T32434]  ? fget_many+0x20/0x20
[ 2048.371896][T32434]  ? debug_smp_processor_id+0x20/0x20
[ 2048.377101][T32434]  ? security_file_ioctl+0x7d/0xa0
[ 2048.382041][T32434]  __x64_sys_ioctl+0xd4/0x110
[ 2048.386609][T32434]  do_syscall_64+0xca/0x1c0
[ 2048.390895][T32434]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2048.398688][T32434] ------------[ cut here ]------------
[ 2048.403984][T32434] WARNING: CPU: 0 PID: 32434 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2048.412900][T32434] Modules linked in:
[ 2048.416646][T32434] CPU: 0 PID: 32434 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2048.428100][T32434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2048.438012][T32434] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2048.443633][T32434] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2048.463070][T32434] RSP: 0018:ffff8881e629fa20 EFLAGS: 00010287
[ 2048.468988][T32434] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2048.476800][T32434] RDX: ffffc90000b43000 RSI: 000000000000cabc RDI: 000000000000cabd
[ 2048.484694][T32434] RBP: ffff8881e629fb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2048.492798][T32434] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881ce11c000
[ 2048.500611][T32434] R13: dffffc0000000000 R14: ffff8881ce11c070 R15: 1ffff11039c2389d
[ 2048.508424][T32434] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2048.517186][T32434] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2048.523618][T32434] CR2: 00007fcb7195cff8 CR3: 00000001ce5da000 CR4: 00000000003406b0
[ 2048.531421][T32434] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2048.539232][T32434] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2048.547040][T32434] Call Trace:
[ 2048.550175][T32434]  ? __warn+0x162/0x250
[ 2048.554168][T32434]  ? report_bug+0x3a1/0x4e0
[ 2048.558504][T32434]  ? __device_add_disk+0xea1/0x1220
[ 2048.563570][T32434]  ? __device_add_disk+0xea1/0x1220
[ 2048.568573][T32434]  ? do_invalid_op+0x6e/0x110
[ 2048.573091][T32434]  ? invalid_op+0x1e/0x30
[ 2048.577252][T32434]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2048.582902][T32434]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2048.588966][T32434]  ? __device_add_disk+0x5dc/0x1220
[ 2048.594112][T32434]  ? __device_add_disk+0xea1/0x1220
[ 2048.599409][T32434]  ? __device_add_disk+0xea1/0x1220
[ 2048.604436][T32434]  ? device_add_disk+0x30/0x30
[ 2048.609110][T32434]  ? vsprintf+0x30/0x30
[ 2048.613108][T32434]  ? __alloc_disk_node+0x459/0x5a0
[ 2048.618057][T32434]  loop_add+0x573/0x740
[ 2048.622041][T32434]  loop_control_ioctl+0x448/0x620
[ 2048.626902][T32434]  ? loop_remove+0xa0/0xa0
[ 2048.631156][T32434]  ? memset+0x1f/0x40
[ 2048.634984][T32434]  ? fsnotify+0x1280/0x1340
[ 2048.639327][T32434]  ? loop_remove+0xa0/0xa0
[ 2048.643576][T32434]  do_vfs_ioctl+0x742/0x1720
[ 2048.648008][T32434]  ? ioctl_preallocate+0x250/0x250
03:34:21 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 56)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:21 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100))
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r2)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140), 0x4)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:21 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000080), &(0x7f00000000c0)=0x4) (async)
bind$tipc(r0, 0x0, 0x3)

03:34:21 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
accept4$bt_l2cap(r1, 0x0, &(0x7f0000000040), 0x80800)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:21 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4, 0x2}}, 0x10)

03:34:21 executing program 1:
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x3c, 0x3e9, 0x1, 0x70bd27, 0x25dfdbff, {0x14, 0x1, 0x0, 0xffffffffffffffff, 0x3, 0x3, 0x1c00000, 0x7, 0x0, 0x81, 0x1}, ["", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044801}, 0x20000080) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000001}, 0xc, &(0x7f0000000640)={&(0x7f00000001c0)={0x444, 0x3f4, 0x20, 0x70bd2b, 0x25dfdbfb, {0x5, 0x0, 0x1e, [0x7fffffff, 0x9, 0x5, 0x3, 0x40, 0x7, 0x1ff, 0x7f, 0xfff, 0x1, 0x1, 0x1000, 0x7fff, 0x101, 0x40, 0x40, 0x1, 0x8, 0x6, 0x5, 0x500a, 0x3, 0xc03, 0x895, 0xfffffffb, 0x9, 0x1, 0x243, 0xea53, 0x7, 0x975c, 0x7, 0x5, 0x1, 0x5, 0xab3, 0x4, 0x8, 0x7, 0x6, 0x0, 0x2, 0x100, 0x81, 0x4, 0x81, 0x3ff, 0xfa50, 0x8, 0x2, 0x7, 0x3ff, 0x49, 0x14d6e005, 0x0, 0xffffffff, 0x81, 0x1, 0xd1, 0xd7a, 0x86ac, 0x1, 0x3, 0xf0c2], [0xffffffff, 0xec24, 0xfd5b, 0x8, 0x4, 0x7, 0x4, 0x3, 0x1, 0xf7a, 0x5, 0x1000, 0x1ff00, 0xb014, 0x5, 0xc7, 0x1, 0x1000, 0x271, 0x3, 0x7, 0x10000, 0x3, 0xffff14d2, 0x3, 0x400, 0x4, 0x2, 0x0, 0x7, 0x80000000, 0xf4c, 0xee, 0x777b50d0, 0x9, 0x7f, 0x0, 0x9, 0x20, 0x4, 0x3f, 0x3ff, 0x89bf, 0xc5, 0x0, 0x9, 0x1, 0x7, 0x40, 0x8, 0x467, 0x1, 0x40008000, 0x10001, 0x81, 0x80000001, 0x8000, 0x747, 0xa3, 0x3b, 0x9, 0x9, 0x401, 0x2b], [0x10000, 0x6, 0x1400, 0x15c4, 0x8e93, 0xff, 0x800000, 0x7, 0x100, 0x80000000, 0x5, 0x100, 0x20, 0x7fffffff, 0x0, 0x9c, 0x2, 0x1, 0x7, 0x4, 0x6, 0x0, 0x0, 0x3, 0x6, 0x1ff, 0x3, 0x6, 0xebc, 0x0, 0x80, 0x7fff, 0x20, 0x1f, 0x2, 0x0, 0x0, 0x9, 0x2, 0xab4, 0x7, 0x3, 0x6, 0x9, 0x1, 0x2, 0x7, 0x1, 0x75, 0x1000, 0x5160db27, 0x3f, 0xfffff000, 0x0, 0x5, 0x2, 0xab, 0xcfe, 0xff, 0x80, 0xfc15, 0x690, 0x3, 0x2a5], [0x4, 0x1, 0x2, 0xfff, 0x34, 0x6, 0x5, 0x400, 0x0, 0xd, 0x8, 0x4, 0x6, 0x1f, 0x80000001, 0x9, 0x52, 0x1, 0xff, 0x1, 0x40, 0x3a8, 0xfff, 0x0, 0x0, 0x2f4e, 0x800, 0xfffffffe, 0x4, 0x9, 0x4, 0x3, 0xc, 0x0, 0x5, 0x8000, 0x6, 0x101, 0x2, 0x8001, 0x7, 0x1f, 0x4, 0x1ff, 0x5, 0x4, 0x5, 0x6, 0x4, 0xfff, 0xfffffe00, 0xe6, 0xffffffff, 0x55, 0x8, 0x5, 0x3, 0x5, 0x2, 0x3, 0x0, 0x6, 0x6, 0xdf97], 0x21, ['/dev/vsock\x00', '/dev/vsock\x00', '/dev/vsock\x00']}, ["", "", "", ""]}, 0x444}}, 0x805) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f00000006c0), 0x16d3c2, 0x0) (async)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000700)="5717580aeb14e4d840fdd4caecd1bd7ed750e9643e79b45f009d3574310fd0748623ab1cbb84db5afc5ed7521ac4e8dab74d3756300129fd1bdda52bbc7d2fa821b2030b89a92f874f964cd00724c231f7b3262305c55a7c1a1e85a2d4bab37fe90460767b066f9aed891fdb5c53c44018fe18024844366346d5a5daa09acdce971554621398fe3f9941d4a52f7a5d1dca2cb5855c55e938d8f7aeb8cd4d027f4e207db0f6566750f761d770ca2ef6d869077581bfcb6926b378063fd9cfe27f1751df38a2", &(0x7f0000000800)=""/177}, 0x20)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x41, 0x8, 0x3}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)
bind$tipc(r0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140))

03:34:21 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
accept4$bt_l2cap(r1, 0x0, &(0x7f0000000040), 0x80800)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:21 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4, 0x2}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4, 0x2}}, 0x10) (async)

03:34:21 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100)) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r2) (async)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140), 0x4)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

[ 2048.652945][T32434]  ? __fget+0x407/0x490
[ 2048.656931][T32434]  ? fget_many+0x20/0x20
[ 2048.661010][T32434]  ? debug_smp_processor_id+0x20/0x20
[ 2048.666215][T32434]  ? security_file_ioctl+0x7d/0xa0
[ 2048.671176][T32434]  __x64_sys_ioctl+0xd4/0x110
[ 2048.675686][T32434]  do_syscall_64+0xca/0x1c0
[ 2048.680035][T32434]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2048.685754][T32434] ---[ end trace 47f897a1e9344b1b ]---
03:34:21 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
bind$tipc(r0, 0x0, 0x3)
socket$tipc(0x1e, 0x2, 0x0) (async)
socket$tipc(0x1e, 0x5, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) (async)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000080), &(0x7f00000000c0)=0x4) (async)
bind$tipc(r0, 0x0, 0x3) (async)

03:34:21 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f00000000c0)=[0x5, 0x401], 0x2)
getsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
bind$tipc(r0, 0x0, 0x0)

03:34:21 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
accept4$bt_l2cap(r1, 0x0, &(0x7f0000000040), 0x80800) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2048.781335][T32476] FAULT_INJECTION: forcing a failure.
[ 2048.781335][T32476] name failslab, interval 1, probability 0, space 0, times 0
[ 2048.798715][T32476] CPU: 0 PID: 32476 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2048.810172][T32476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2048.820062][T32476] Call Trace:
[ 2048.823198][T32476]  dump_stack+0x1d8/0x241
[ 2048.827355][T32476]  ? panic+0x896/0x896
[ 2048.831261][T32476]  ? mutex_unlock+0x18/0x40
[ 2048.835600][T32476]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2048.841256][T32476]  ? selinux_kernfs_init_security+0x14e/0x730
[ 2048.847157][T32476]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2048.852017][T32476]  should_fail+0x71f/0x880
[ 2048.856273][T32476]  ? setup_fault_attr+0x3d0/0x3d0
[ 2048.861132][T32476]  ? _raw_spin_lock+0xa4/0x1b0
[ 2048.865729][T32476]  ? __kernfs_new_node+0xdb/0x6e0
[ 2048.870582][T32476]  should_failslab+0x5/0x20
[ 2048.874930][T32476]  kmem_cache_alloc+0x28/0x250
[ 2048.879520][T32476]  __kernfs_new_node+0xdb/0x6e0
[ 2048.884206][T32476]  ? kernfs_new_node+0x160/0x160
[ 2048.888975][T32476]  ? mutex_lock+0xa5/0x110
[ 2048.893240][T32476]  ? mutex_trylock+0xa0/0xa0
[ 2048.897847][T32476]  ? kernfs_activate+0x2fe/0x320
[ 2048.902611][T32476]  kernfs_new_node+0x95/0x160
[ 2048.907215][T32476]  __kernfs_create_file+0x45/0x260
[ 2048.912169][T32476]  sysfs_add_file_mode_ns+0x292/0x340
[ 2048.917542][T32476]  internal_create_group+0x573/0xf00
[ 2048.922666][T32476]  ? mutex_unlock+0x18/0x40
[ 2048.926998][T32476]  ? sysfs_create_group+0x20/0x20
[ 2048.931874][T32476]  sysfs_create_groups+0x52/0x110
[ 2048.936727][T32476]  device_add_attrs+0x87/0x370
[ 2048.941329][T32476]  device_add+0x4f4/0xbb0
[ 2048.945486][T32476]  device_create_vargs+0x1b9/0x210
[ 2048.950438][T32476]  device_create+0xea/0x130
[ 2048.954777][T32476]  ? device_create_vargs+0x210/0x210
[ 2048.959901][T32476]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2048.965537][T32476]  bdi_register_va+0x84/0x610
[ 2048.970253][T32476]  bdi_register+0xd1/0x120
[ 2048.975008][T32476]  ? __device_add_disk+0x551/0x1220
[ 2048.980050][T32476]  ? bdi_register_va+0x610/0x610
[ 2048.984809][T32476]  ? percpu_ref_resurrect+0x113/0x190
[ 2048.990025][T32476]  bdi_register_owner+0x55/0xf0
[ 2048.994837][T32476]  __device_add_disk+0x5d1/0x1220
[ 2048.999715][T32476]  ? device_add_disk+0x30/0x30
[ 2049.004345][T32476]  ? vsprintf+0x30/0x30
[ 2049.008282][T32476]  ? __alloc_disk_node+0x459/0x5a0
[ 2049.013236][T32476]  loop_add+0x573/0x740
[ 2049.017425][T32476]  loop_control_ioctl+0x448/0x620
[ 2049.022290][T32476]  ? loop_remove+0xa0/0xa0
[ 2049.026546][T32476]  ? memset+0x1f/0x40
[ 2049.030354][T32476]  ? fsnotify+0x1280/0x1340
[ 2049.034695][T32476]  ? loop_remove+0xa0/0xa0
[ 2049.038940][T32476]  do_vfs_ioctl+0x742/0x1720
[ 2049.043378][T32476]  ? ioctl_preallocate+0x250/0x250
[ 2049.048317][T32476]  ? __fget+0x407/0x490
[ 2049.052318][T32476]  ? fget_many+0x20/0x20
[ 2049.056483][T32476]  ? debug_smp_processor_id+0x20/0x20
[ 2049.061959][T32476]  ? security_file_ioctl+0x7d/0xa0
[ 2049.066905][T32476]  __x64_sys_ioctl+0xd4/0x110
[ 2049.071412][T32476]  do_syscall_64+0xca/0x1c0
[ 2049.075753][T32476]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2049.082548][T32476] ------------[ cut here ]------------
[ 2049.087831][T32476] WARNING: CPU: 0 PID: 32476 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2049.096761][T32476] Modules linked in:
[ 2049.100498][T32476] CPU: 0 PID: 32476 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2049.111954][T32476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2049.121938][T32476] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2049.127579][T32476] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2049.147495][T32476] RSP: 0018:ffff8881ea8bfa20 EFLAGS: 00010283
[ 2049.153392][T32476] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2049.161204][T32476] RDX: ffffc90000b43000 RSI: 000000000000cbf7 RDI: 000000000000cbf8
[ 2049.169015][T32476] RBP: ffff8881ea8bfb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2049.176829][T32476] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881caee0000
[ 2049.184856][T32476] R13: dffffc0000000000 R14: ffff8881caee0070 R15: 1ffff110395dc09d
[ 2049.192851][T32476] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2049.201624][T32476] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2049.208043][T32476] CR2: 00007ffeae633b58 CR3: 00000001eb117000 CR4: 00000000003406b0
[ 2049.215853][T32476] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2049.223786][T32476] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2049.231621][T32476] Call Trace:
[ 2049.234731][T32476]  ? __warn+0x162/0x250
[ 2049.238715][T32476]  ? report_bug+0x3a1/0x4e0
[ 2049.243152][T32476]  ? __device_add_disk+0xea1/0x1220
[ 2049.248169][T32476]  ? __device_add_disk+0xea1/0x1220
[ 2049.253246][T32476]  ? do_invalid_op+0x6e/0x110
[ 2049.257720][T32476]  ? invalid_op+0x1e/0x30
[ 2049.261974][T32476]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2049.267615][T32476]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2049.273747][T32476]  ? __device_add_disk+0x5dc/0x1220
[ 2049.278876][T32476]  ? __device_add_disk+0xea1/0x1220
[ 2049.283932][T32476]  ? __device_add_disk+0xea1/0x1220
[ 2049.288972][T32476]  ? device_add_disk+0x30/0x30
[ 2049.293571][T32476]  ? vsprintf+0x30/0x30
[ 2049.297566][T32476]  ? __alloc_disk_node+0x459/0x5a0
[ 2049.302844][T32476]  loop_add+0x573/0x740
[ 2049.306866][T32476]  loop_control_ioctl+0x448/0x620
[ 2049.311678][T32476]  ? loop_remove+0xa0/0xa0
[ 2049.315930][T32476]  ? memset+0x1f/0x40
[ 2049.319739][T32476]  ? fsnotify+0x1280/0x1340
[ 2049.324080][T32476]  ? loop_remove+0xa0/0xa0
[ 2049.328329][T32476]  do_vfs_ioctl+0x742/0x1720
03:34:22 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 57)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:22 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4, 0x2}}, 0x10) (async)
connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x4, 0x2}}, 0x10)

03:34:22 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
getpeername$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)
bind$tipc(r0, 0x0, 0x2)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x183800, 0x0)
ioctl$HIDIOCGRAWNAME(r2, 0x80404804, &(0x7f0000000100))

03:34:22 executing program 1:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f00000000c0)=[0x5, 0x401], 0x2)
getsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
bind$tipc(r0, 0x0, 0x0)

03:34:22 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:22 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000100)) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r2) (async)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140), 0x4) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:22 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f00000000c0)=[0x5, 0x401], 0x2) (async)
getsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
bind$tipc(r0, 0x0, 0x0)

[ 2049.332758][T32476]  ? ioctl_preallocate+0x250/0x250
[ 2049.337730][T32476]  ? __fget+0x407/0x490
[ 2049.341737][T32476]  ? fget_many+0x20/0x20
[ 2049.345774][T32476]  ? debug_smp_processor_id+0x20/0x20
[ 2049.351016][T32476]  ? security_file_ioctl+0x7d/0xa0
[ 2049.355944][T32476]  __x64_sys_ioctl+0xd4/0x110
[ 2049.360449][T32476]  do_syscall_64+0xca/0x1c0
[ 2049.364793][T32476]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2049.370514][T32476] ---[ end trace 47f897a1e9344b1c ]---
03:34:22 executing program 5:
r0 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r0, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x4000050)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f00000001c0)=@gcm_256={{0x304}, "98d57e8a5c16adff", "97c6443540187fa54bfb5fd549b0906535179a6938f21044e06be3f26cea549d", "2414c6dc", "67479b1a4fb1d1d7"}, 0x38)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10)

03:34:22 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:22 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

03:34:22 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
getpeername$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)
bind$tipc(r0, 0x0, 0x2) (async)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x183800, 0x0)
ioctl$HIDIOCGRAWNAME(r2, 0x80404804, &(0x7f0000000100))

[ 2049.410768][T32506] Unknown ioctl -2143270908
03:34:22 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

[ 2049.457121][T32522] FAULT_INJECTION: forcing a failure.
[ 2049.457121][T32522] name failslab, interval 1, probability 0, space 0, times 0
[ 2049.470925][T32535] Unknown ioctl -2143270908
[ 2049.480118][T32522] CPU: 1 PID: 32522 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2049.491574][T32522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2049.501585][T32522] Call Trace:
[ 2049.504717][T32522]  dump_stack+0x1d8/0x241
[ 2049.508882][T32522]  ? panic+0x896/0x896
[ 2049.512869][T32522]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2049.518620][T32522]  ? idr_alloc+0x2f0/0x2f0
[ 2049.522960][T32522]  should_fail+0x71f/0x880
[ 2049.527220][T32522]  ? setup_fault_attr+0x3d0/0x3d0
[ 2049.532073][T32522]  ? security_kernfs_init_security+0x75/0x90
[ 2049.537890][T32522]  ? __kernfs_new_node+0x472/0x6e0
[ 2049.542837][T32522]  ? __kernfs_new_node+0xdb/0x6e0
[ 2049.547696][T32522]  should_failslab+0x5/0x20
[ 2049.552033][T32522]  kmem_cache_alloc+0x28/0x250
[ 2049.556635][T32522]  __kernfs_new_node+0xdb/0x6e0
[ 2049.561408][T32522]  ? kernfs_new_node+0x160/0x160
[ 2049.566180][T32522]  ? kernfs_activate+0x2fe/0x320
[ 2049.571045][T32522]  ? mutex_unlock+0x18/0x40
[ 2049.575388][T32522]  ? kernfs_add_one+0x49a/0x5b0
[ 2049.580072][T32522]  kernfs_new_node+0x95/0x160
[ 2049.584581][T32522]  __kernfs_create_file+0x45/0x260
[ 2049.589529][T32522]  sysfs_add_file_mode_ns+0x292/0x340
[ 2049.594736][T32522]  sysfs_create_file_ns+0x196/0x2a0
[ 2049.599770][T32522]  ? sysfs_create_group+0x20/0x20
[ 2049.604652][T32522]  ? sysfs_add_file_mode_ns+0x340/0x340
[ 2049.610105][T32522]  ? device_create_file+0xea/0x1b0
[ 2049.615045][T32522]  device_add_attrs+0x2bf/0x370
[ 2049.619731][T32522]  device_add+0x4f4/0xbb0
[ 2049.623902][T32522]  device_create_vargs+0x1b9/0x210
[ 2049.628853][T32522]  device_create+0xea/0x130
[ 2049.633193][T32522]  ? device_create_vargs+0x210/0x210
[ 2049.638305][T32522]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2049.644129][T32522]  bdi_register_va+0x84/0x610
[ 2049.648636][T32522]  bdi_register+0xd1/0x120
[ 2049.652922][T32522]  ? __device_add_disk+0x551/0x1220
[ 2049.658011][T32522]  ? bdi_register_va+0x610/0x610
[ 2049.662956][T32522]  ? percpu_ref_resurrect+0x113/0x190
[ 2049.668179][T32522]  bdi_register_owner+0x55/0xf0
[ 2049.672852][T32522]  __device_add_disk+0x5d1/0x1220
[ 2049.677711][T32522]  ? device_add_disk+0x30/0x30
[ 2049.682316][T32522]  ? vsprintf+0x30/0x30
[ 2049.686299][T32522]  ? __alloc_disk_node+0x459/0x5a0
[ 2049.691249][T32522]  loop_add+0x573/0x740
[ 2049.695241][T32522]  loop_control_ioctl+0x448/0x620
[ 2049.700134][T32522]  ? loop_remove+0xa0/0xa0
[ 2049.704362][T32522]  ? memset+0x1f/0x40
[ 2049.708169][T32522]  ? fsnotify+0x1280/0x1340
[ 2049.712512][T32522]  ? loop_remove+0xa0/0xa0
[ 2049.716798][T32522]  do_vfs_ioctl+0x742/0x1720
[ 2049.721192][T32522]  ? ioctl_preallocate+0x250/0x250
[ 2049.726142][T32522]  ? __fget+0x407/0x490
[ 2049.730141][T32522]  ? fget_many+0x20/0x20
[ 2049.734210][T32522]  ? debug_smp_processor_id+0x20/0x20
[ 2049.739602][T32522]  ? security_file_ioctl+0x7d/0xa0
[ 2049.744548][T32522]  __x64_sys_ioctl+0xd4/0x110
[ 2049.749055][T32522]  do_syscall_64+0xca/0x1c0
[ 2049.753504][T32522]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2049.763186][T32522] ------------[ cut here ]------------
[ 2049.768610][T32522] WARNING: CPU: 0 PID: 32522 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2049.777530][T32522] Modules linked in:
[ 2049.781268][T32522] CPU: 0 PID: 32522 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2049.792726][T32522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2049.802631][T32522] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2049.808264][T32522] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2049.828051][T32522] RSP: 0018:ffff8881e5007a20 EFLAGS: 00010283
[ 2049.834043][T32522] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2049.841845][T32522] RDX: ffffc90000b43000 RSI: 000000000000c6c7 RDI: 000000000000c6c8
[ 2049.849743][T32522] RBP: ffff8881e5007b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2049.857732][T32522] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881d0b3f000
[ 2049.865552][T32522] R13: dffffc0000000000 R14: ffff8881d0b3f070 R15: 1ffff1103a167e9d
[ 2049.873353][T32522] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2049.882114][T32522] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2049.888714][T32522] CR2: 00007fcb7193cd58 CR3: 00000001f0e8f000 CR4: 00000000003406b0
[ 2049.896527][T32522] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2049.904334][T32522] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2049.912145][T32522] Call Trace:
[ 2049.915320][T32522]  ? __warn+0x162/0x250
[ 2049.919271][T32522]  ? report_bug+0x3a1/0x4e0
[ 2049.923606][T32522]  ? __device_add_disk+0xea1/0x1220
[ 2049.928644][T32522]  ? __device_add_disk+0xea1/0x1220
[ 2049.933759][T32522]  ? do_invalid_op+0x6e/0x110
[ 2049.938272][T32522]  ? invalid_op+0x1e/0x30
[ 2049.942531][T32522]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2049.948170][T32522]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2049.954240][T32522]  ? __device_add_disk+0x5dc/0x1220
[ 2049.959281][T32522]  ? __device_add_disk+0xea1/0x1220
[ 2049.964317][T32522]  ? __device_add_disk+0xea1/0x1220
[ 2049.969435][T32522]  ? device_add_disk+0x30/0x30
[ 2049.974029][T32522]  ? vsprintf+0x30/0x30
[ 2049.978026][T32522]  ? __alloc_disk_node+0x459/0x5a0
[ 2049.982976][T32522]  loop_add+0x573/0x740
[ 2049.986966][T32522]  loop_control_ioctl+0x448/0x620
[ 2049.991837][T32522]  ? loop_remove+0xa0/0xa0
[ 2049.996167][T32522]  ? memset+0x1f/0x40
[ 2049.999984][T32522]  ? fsnotify+0x1280/0x1340
[ 2050.004322][T32522]  ? loop_remove+0xa0/0xa0
03:34:22 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 58)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:22 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x3ed, 0x100, 0x70bd2d, 0x25dfdbfb, "900ce79627dca27ee5b248b79ef033dcc7b523a48cf3f62bf46100417c9e"}, 0x30}, 0x1, 0x0, 0x0, 0x4040080}, 0x40000)

03:34:22 executing program 5:
r0 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r0, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x4000050)
r1 = socket$tipc(0x1e, 0x2, 0x0) (async)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f00000001c0)=@gcm_256={{0x304}, "98d57e8a5c16adff", "97c6443540187fa54bfb5fd549b0906535179a6938f21044e06be3f26cea549d", "2414c6dc", "67479b1a4fb1d1d7"}, 0x38) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10)

03:34:22 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
getpeername$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)
bind$tipc(r0, 0x0, 0x2) (async)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x183800, 0x0)
ioctl$HIDIOCGRAWNAME(r2, 0x80404804, &(0x7f0000000100))

03:34:22 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)

03:34:22 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f00000000c0)=0x4) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)

[ 2050.008578][T32522]  do_vfs_ioctl+0x742/0x1720
[ 2050.013006][T32522]  ? ioctl_preallocate+0x250/0x250
[ 2050.017951][T32522]  ? __fget+0x407/0x490
[ 2050.021959][T32522]  ? fget_many+0x20/0x20
[ 2050.026033][T32522]  ? debug_smp_processor_id+0x20/0x20
[ 2050.031230][T32522]  ? security_file_ioctl+0x7d/0xa0
[ 2050.036175][T32522]  __x64_sys_ioctl+0xd4/0x110
[ 2050.040689][T32522]  do_syscall_64+0xca/0x1c0
[ 2050.045029][T32522]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2050.050761][T32522] ---[ end trace 47f897a1e9344b1d ]---
03:34:22 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x3ed, 0x100, 0x70bd2d, 0x25dfdbfb, "900ce79627dca27ee5b248b79ef033dcc7b523a48cf3f62bf46100417c9e"}, 0x30}, 0x1, 0x0, 0x0, 0x4040080}, 0x40000)

03:34:22 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000000)=[@ioring_restriction_sqe_flags_allowed, @ioring_restriction_sqe_flags_allowed={0x2, 0x15}], 0x2)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000080), 0x3, 0x40)
ioctl$HIDIOCGRAWNAME(r2, 0x80404804, &(0x7f00000000c0))

03:34:22 executing program 2:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140), &(0x7f0000000180)=0x4)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r4 = accept4$tipc(r1, &(0x7f00000001c0)=@name, &(0x7f0000000080)=0x10, 0x80800)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000005c0)={0xe4, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x68, 0x18, &(0x7f00000002c0)={@flat=@handle={0x73682a85, 0x1000, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/89, 0x59, 0x1, 0x1}, @ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/32, 0x20, 0x2, 0xb}}, &(0x7f0000000340)={0x0, 0x18, 0x40}}, 0x400}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f00000003c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000380)=""/49, 0x31, 0x2, 0x2c}, @flat=@weak_handle={0x77682a85, 0x4, 0x2}, @flat=@handle={0x73682a85, 0x0, 0x3}}, &(0x7f0000000440)={0x0, 0x28, 0x40}}}, @exit_looper, @increfs_done={0x40106308, 0x1}, @increfs, @dead_binder_done, @increfs_done={0x40106308, 0x1}, @exit_looper, @request_death], 0x4, 0x0, &(0x7f0000000580)="636584b6"})
getpeername$tipc(r4, &(0x7f00000000c0)=@id, &(0x7f0000000100)=0x10)

03:34:22 executing program 5:
r0 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r0, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x4000050)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f00000001c0)=@gcm_256={{0x304}, "98d57e8a5c16adff", "97c6443540187fa54bfb5fd549b0906535179a6938f21044e06be3f26cea549d", "2414c6dc", "67479b1a4fb1d1d7"}, 0x38)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r0, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004}, 0x4000050) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0) (async)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f00000001c0)=@gcm_256={{0x304}, "98d57e8a5c16adff", "97c6443540187fa54bfb5fd549b0906535179a6938f21044e06be3f26cea549d", "2414c6dc", "67479b1a4fb1d1d7"}, 0x38) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10) (async)

03:34:22 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x3ed, 0x100, 0x70bd2d, 0x25dfdbfb, "900ce79627dca27ee5b248b79ef033dcc7b523a48cf3f62bf46100417c9e"}, 0x30}, 0x1, 0x0, 0x0, 0x4040080}, 0x40000)

[ 2050.080864][T32547] Unknown ioctl -2143270908
03:34:22 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

[ 2050.140585][T32561] FAULT_INJECTION: forcing a failure.
[ 2050.140585][T32561] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.157106][T32561] CPU: 1 PID: 32561 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2050.168652][T32561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2050.178534][T32561] Call Trace:
[ 2050.181662][T32561]  dump_stack+0x1d8/0x241
[ 2050.185819][T32561]  ? panic+0x896/0x896
[ 2050.189727][T32561]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2050.195402][T32561]  ? idr_alloc+0x2f0/0x2f0
[ 2050.199625][T32561]  should_fail+0x71f/0x880
[ 2050.203875][T32561]  ? setup_fault_attr+0x3d0/0x3d0
[ 2050.208731][T32561]  ? security_kernfs_init_security+0x75/0x90
[ 2050.214644][T32561]  ? __kernfs_new_node+0x472/0x6e0
[ 2050.219595][T32561]  ? __kernfs_new_node+0xdb/0x6e0
[ 2050.224454][T32561]  should_failslab+0x5/0x20
[ 2050.228790][T32561]  kmem_cache_alloc+0x28/0x250
[ 2050.233392][T32561]  __kernfs_new_node+0xdb/0x6e0
[ 2050.238085][T32561]  ? kernfs_new_node+0x160/0x160
[ 2050.242850][T32561]  ? kernfs_activate+0x2fe/0x320
[ 2050.247710][T32561]  ? mutex_unlock+0x18/0x40
[ 2050.252140][T32561]  ? kernfs_add_one+0x49a/0x5b0
[ 2050.256825][T32561]  kernfs_new_node+0x95/0x160
[ 2050.261340][T32561]  __kernfs_create_file+0x45/0x260
[ 2050.266284][T32561]  sysfs_add_file_mode_ns+0x292/0x340
[ 2050.271496][T32561]  sysfs_create_file_ns+0x196/0x2a0
[ 2050.276615][T32561]  ? sysfs_create_group+0x20/0x20
[ 2050.281491][T32561]  ? sysfs_add_file_mode_ns+0x340/0x340
[ 2050.286856][T32561]  ? device_create_file+0xea/0x1b0
[ 2050.291802][T32561]  device_add_attrs+0x2bf/0x370
[ 2050.296516][T32561]  device_add+0x4f4/0xbb0
[ 2050.300793][T32561]  device_create_vargs+0x1b9/0x210
[ 2050.305778][T32561]  device_create+0xea/0x130
[ 2050.310118][T32561]  ? device_create_vargs+0x210/0x210
[ 2050.315239][T32561]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2050.320796][T32561]  bdi_register_va+0x84/0x610
[ 2050.325305][T32561]  bdi_register+0xd1/0x120
[ 2050.329557][T32561]  ? __device_add_disk+0x551/0x1220
[ 2050.334592][T32561]  ? bdi_register_va+0x610/0x610
[ 2050.339369][T32561]  ? percpu_ref_resurrect+0x113/0x190
[ 2050.344605][T32561]  bdi_register_owner+0x55/0xf0
[ 2050.349262][T32561]  __device_add_disk+0x5d1/0x1220
[ 2050.354204][T32561]  ? device_add_disk+0x30/0x30
[ 2050.358806][T32561]  ? vsprintf+0x30/0x30
[ 2050.362796][T32561]  ? __alloc_disk_node+0x459/0x5a0
[ 2050.367744][T32561]  loop_add+0x573/0x740
[ 2050.372008][T32561]  loop_control_ioctl+0x448/0x620
[ 2050.376939][T32561]  ? loop_remove+0xa0/0xa0
[ 2050.381187][T32561]  ? memset+0x1f/0x40
[ 2050.385000][T32561]  ? fsnotify+0x1280/0x1340
[ 2050.389341][T32561]  ? loop_remove+0xa0/0xa0
[ 2050.393593][T32561]  do_vfs_ioctl+0x742/0x1720
[ 2050.398021][T32561]  ? ioctl_preallocate+0x250/0x250
[ 2050.403150][T32561]  ? __fget+0x407/0x490
[ 2050.407220][T32561]  ? fget_many+0x20/0x20
[ 2050.411300][T32561]  ? debug_smp_processor_id+0x20/0x20
[ 2050.416504][T32561]  ? security_file_ioctl+0x7d/0xa0
[ 2050.421470][T32561]  __x64_sys_ioctl+0xd4/0x110
[ 2050.425967][T32561]  do_syscall_64+0xca/0x1c0
[ 2050.430310][T32561]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2050.442228][T32561] ------------[ cut here ]------------
[ 2050.447532][T32561] WARNING: CPU: 0 PID: 32561 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2050.456534][T32561] Modules linked in:
[ 2050.460394][T32561] CPU: 0 PID: 32561 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2050.471983][T32561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2050.481965][T32561] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2050.487599][T32561] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2050.507225][T32561] RSP: 0018:ffff8881e7ca7a20 EFLAGS: 00010283
[ 2050.513288][T32561] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2050.521097][T32561] RDX: ffffc90000b43000 RSI: 000000000000c814 RDI: 000000000000c815
[ 2050.528913][T32561] RBP: ffff8881e7ca7b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2050.536720][T32561] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881cebaf000
[ 2050.544624][T32561] R13: dffffc0000000000 R14: ffff8881cebaf070 R15: 1ffff11039d75e9d
[ 2050.552520][T32561] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2050.561381][T32561] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2050.567891][T32561] CR2: 00007f05d28f0d58 CR3: 00000001ed33a000 CR4: 00000000003406b0
[ 2050.575695][T32561] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2050.583501][T32561] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2050.591318][T32561] Call Trace:
[ 2050.594458][T32561]  ? __warn+0x162/0x250
[ 2050.598438][T32561]  ? report_bug+0x3a1/0x4e0
[ 2050.602781][T32561]  ? __device_add_disk+0xea1/0x1220
[ 2050.607853][T32561]  ? __device_add_disk+0xea1/0x1220
[ 2050.612937][T32561]  ? do_invalid_op+0x6e/0x110
[ 2050.617455][T32561]  ? invalid_op+0x1e/0x30
[ 2050.621627][T32561]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2050.627527][T32561]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2050.633594][T32561]  ? __device_add_disk+0x5dc/0x1220
[ 2050.638705][T32561]  ? __device_add_disk+0xea1/0x1220
[ 2050.643827][T32561]  ? __device_add_disk+0xea1/0x1220
[ 2050.649644][T32561]  ? device_add_disk+0x30/0x30
[ 2050.654238][T32561]  ? vsprintf+0x30/0x30
[ 2050.658246][T32561]  ? __alloc_disk_node+0x459/0x5a0
[ 2050.663189][T32561]  loop_add+0x573/0x740
[ 2050.667178][T32561]  loop_control_ioctl+0x448/0x620
[ 2050.672034][T32561]  ? loop_remove+0xa0/0xa0
[ 2050.676287][T32561]  ? memset+0x1f/0x40
[ 2050.680104][T32561]  ? fsnotify+0x1280/0x1340
[ 2050.684619][T32561]  ? loop_remove+0xa0/0xa0
[ 2050.688874][T32561]  do_vfs_ioctl+0x742/0x1720
03:34:23 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 59)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:23 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000000)=[@ioring_restriction_sqe_flags_allowed, @ioring_restriction_sqe_flags_allowed={0x2, 0x15}], 0x2)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x3, 0x40) (async)
r2 = syz_open_dev$hidraw(&(0x7f0000000080), 0x3, 0x40)
ioctl$HIDIOCGRAWNAME(r2, 0x80404804, &(0x7f00000000c0))

03:34:23 executing program 2:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140), &(0x7f0000000180)=0x4)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r4 = accept4$tipc(r1, &(0x7f00000001c0)=@name, &(0x7f0000000080)=0x10, 0x80800)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000005c0)={0xe4, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x68, 0x18, &(0x7f00000002c0)={@flat=@handle={0x73682a85, 0x1000, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/89, 0x59, 0x1, 0x1}, @ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/32, 0x20, 0x2, 0xb}}, &(0x7f0000000340)={0x0, 0x18, 0x40}}, 0x400}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f00000003c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000380)=""/49, 0x31, 0x2, 0x2c}, @flat=@weak_handle={0x77682a85, 0x4, 0x2}, @flat=@handle={0x73682a85, 0x0, 0x3}}, &(0x7f0000000440)={0x0, 0x28, 0x40}}}, @exit_looper, @increfs_done={0x40106308, 0x1}, @increfs, @dead_binder_done, @increfs_done={0x40106308, 0x1}, @exit_looper, @request_death], 0x4, 0x0, &(0x7f0000000580)="636584b6"}) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000005c0)={0xe4, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x68, 0x18, &(0x7f00000002c0)={@flat=@handle={0x73682a85, 0x1000, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/89, 0x59, 0x1, 0x1}, @ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/32, 0x20, 0x2, 0xb}}, &(0x7f0000000340)={0x0, 0x18, 0x40}}, 0x400}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f00000003c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000380)=""/49, 0x31, 0x2, 0x2c}, @flat=@weak_handle={0x77682a85, 0x4, 0x2}, @flat=@handle={0x73682a85, 0x0, 0x3}}, &(0x7f0000000440)={0x0, 0x28, 0x40}}}, @exit_looper, @increfs_done={0x40106308, 0x1}, @increfs, @dead_binder_done, @increfs_done={0x40106308, 0x1}, @exit_looper, @request_death], 0x4, 0x0, &(0x7f0000000580)="636584b6"})
getpeername$tipc(r4, &(0x7f00000000c0)=@id, &(0x7f0000000100)=0x10)

03:34:23 executing program 5:
socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(0xffffffffffffffff, 0x10f, 0x85)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x41, 0x3}, 0x3}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x41, 0x1, 0x4}}, 0x10)

03:34:23 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:23 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
r1 = socket(0x9, 0xa, 0x80)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:23 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)

[ 2050.693313][T32561]  ? ioctl_preallocate+0x250/0x250
[ 2050.698596][T32561]  ? __fget+0x407/0x490
[ 2050.702587][T32561]  ? fget_many+0x20/0x20
[ 2050.706665][T32561]  ? debug_smp_processor_id+0x20/0x20
[ 2050.711964][T32561]  ? security_file_ioctl+0x7d/0xa0
[ 2050.716991][T32561]  __x64_sys_ioctl+0xd4/0x110
[ 2050.721514][T32561]  do_syscall_64+0xca/0x1c0
[ 2050.725847][T32561]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2050.731585][T32561] ---[ end trace 47f897a1e9344b1e ]---
03:34:23 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000000)=[@ioring_restriction_sqe_flags_allowed, @ioring_restriction_sqe_flags_allowed={0x2, 0x15}], 0x2)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000080), 0x3, 0x40)
ioctl$HIDIOCGRAWNAME(r2, 0x80404804, &(0x7f00000000c0))

03:34:23 executing program 2:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140), &(0x7f0000000180)=0x4) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4) (async, rerun: 64)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) (rerun: 64)
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r4 = accept4$tipc(r1, &(0x7f00000001c0)=@name, &(0x7f0000000080)=0x10, 0x80800) (async)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000005c0)={0xe4, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x68, 0x18, &(0x7f00000002c0)={@flat=@handle={0x73682a85, 0x1000, 0x2}, @ptr={0x70742a85, 0x0, &(0x7f0000000200)=""/89, 0x59, 0x1, 0x1}, @ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/32, 0x20, 0x2, 0xb}}, &(0x7f0000000340)={0x0, 0x18, 0x40}}, 0x400}, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x58, 0x18, &(0x7f00000003c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000380)=""/49, 0x31, 0x2, 0x2c}, @flat=@weak_handle={0x77682a85, 0x4, 0x2}, @flat=@handle={0x73682a85, 0x0, 0x3}}, &(0x7f0000000440)={0x0, 0x28, 0x40}}}, @exit_looper, @increfs_done={0x40106308, 0x1}, @increfs, @dead_binder_done, @increfs_done={0x40106308, 0x1}, @exit_looper, @request_death], 0x4, 0x0, &(0x7f0000000580)="636584b6"})
getpeername$tipc(r4, &(0x7f00000000c0)=@id, &(0x7f0000000100)=0x10)

03:34:23 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
r1 = socket(0x9, 0xa, 0x80)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:23 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x3, 0x101800)
bind$tipc(r0, 0x0, 0x0)

03:34:23 executing program 5:
socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(0xffffffffffffffff, 0x10f, 0x85) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x41, 0x3}, 0x3}}, 0x10) (async, rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (rerun: 64)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x41, 0x1, 0x4}}, 0x10)

[ 2050.821276][T32598] FAULT_INJECTION: forcing a failure.
[ 2050.821276][T32598] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.834299][T32598] CPU: 1 PID: 32598 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2050.845836][T32598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2050.855738][T32598] Call Trace:
[ 2050.858870][T32598]  dump_stack+0x1d8/0x241
[ 2050.863060][T32598]  ? panic+0x896/0x896
[ 2050.867120][T32598]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2050.872763][T32598]  ? mutex_unlock+0x18/0x40
[ 2050.877260][T32598]  should_fail+0x71f/0x880
[ 2050.881538][T32598]  ? setup_fault_attr+0x3d0/0x3d0
[ 2050.886381][T32598]  ? idr_alloc+0x2f0/0x2f0
[ 2050.890710][T32598]  ? __kernfs_new_node+0xdb/0x6e0
[ 2050.895581][T32598]  should_failslab+0x5/0x20
[ 2050.899988][T32598]  kmem_cache_alloc+0x28/0x250
[ 2050.904703][T32598]  __kernfs_new_node+0xdb/0x6e0
[ 2050.909364][T32598]  ? kernfs_new_node+0x160/0x160
[ 2050.914138][T32598]  ? mutex_lock+0xa5/0x110
[ 2050.918386][T32598]  ? mutex_trylock+0xa0/0xa0
[ 2050.922822][T32598]  kernfs_new_node+0x95/0x160
[ 2050.927324][T32598]  __kernfs_create_file+0x45/0x260
[ 2050.932405][T32598]  sysfs_add_file_mode_ns+0x292/0x340
[ 2050.937695][T32598]  sysfs_merge_group+0x1fe/0x450
[ 2050.942467][T32598]  ? sysfs_remove_groups+0xa0/0xa0
[ 2050.947403][T32598]  ? device_create_file+0xea/0x1b0
[ 2050.952358][T32598]  ? bus_add_device+0x92/0x3f0
[ 2050.956950][T32598]  dpm_sysfs_add+0xcf/0x270
[ 2050.961289][T32598]  device_add+0x536/0xbb0
[ 2050.965477][T32598]  device_create_vargs+0x1b9/0x210
[ 2050.970403][T32598]  device_create+0xea/0x130
[ 2050.974740][T32598]  ? device_create_vargs+0x210/0x210
[ 2050.979864][T32598]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2050.985438][T32598]  bdi_register_va+0x84/0x610
[ 2050.989937][T32598]  bdi_register+0xd1/0x120
[ 2050.994446][T32598]  ? __device_add_disk+0x551/0x1220
[ 2050.999495][T32598]  ? bdi_register_va+0x610/0x610
[ 2051.004251][T32598]  ? percpu_ref_resurrect+0x113/0x190
[ 2051.009475][T32598]  bdi_register_owner+0x55/0xf0
[ 2051.014146][T32598]  __device_add_disk+0x5d1/0x1220
[ 2051.019005][T32598]  ? device_add_disk+0x30/0x30
[ 2051.023691][T32598]  ? vsprintf+0x30/0x30
[ 2051.027684][T32598]  ? __alloc_disk_node+0x459/0x5a0
[ 2051.032641][T32598]  loop_add+0x573/0x740
[ 2051.036627][T32598]  loop_control_ioctl+0x448/0x620
[ 2051.041571][T32598]  ? loop_remove+0xa0/0xa0
[ 2051.045836][T32598]  ? memset+0x1f/0x40
[ 2051.049672][T32598]  ? fsnotify+0x1280/0x1340
[ 2051.054072][T32598]  ? loop_remove+0xa0/0xa0
[ 2051.058449][T32598]  do_vfs_ioctl+0x742/0x1720
[ 2051.062884][T32598]  ? ioctl_preallocate+0x250/0x250
[ 2051.067822][T32598]  ? __fget+0x407/0x490
[ 2051.071814][T32598]  ? fget_many+0x20/0x20
[ 2051.075986][T32598]  ? debug_smp_processor_id+0x20/0x20
[ 2051.081190][T32598]  ? security_file_ioctl+0x7d/0xa0
[ 2051.086132][T32598]  __x64_sys_ioctl+0xd4/0x110
[ 2051.090652][T32598]  do_syscall_64+0xca/0x1c0
[ 2051.095074][T32598]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2051.102837][T32598] ------------[ cut here ]------------
[ 2051.108138][T32598] WARNING: CPU: 1 PID: 32598 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2051.117051][T32598] Modules linked in:
[ 2051.120786][T32598] CPU: 1 PID: 32598 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2051.132236][T32598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2051.142143][T32598] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2051.147777][T32598] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2051.167965][T32598] RSP: 0018:ffff8881c721fa20 EFLAGS: 00010283
[ 2051.173870][T32598] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2051.181688][T32598] RDX: ffffc90000b43000 RSI: 000000000000c46d RDI: 000000000000c46e
[ 2051.189487][T32598] RBP: ffff8881c721fb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2051.197298][T32598] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881f4cca000
[ 2051.205200][T32598] R13: dffffc0000000000 R14: ffff8881f4cca070 R15: 1ffff1103e99949d
[ 2051.213106][T32598] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2051.221962][T32598] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2051.228376][T32598] CR2: 00007fcb7195cff8 CR3: 00000001e63bb000 CR4: 00000000003406a0
[ 2051.236277][T32598] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2051.244084][T32598] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2051.251917][T32598] Call Trace:
[ 2051.255201][T32598]  ? __warn+0x162/0x250
[ 2051.259185][T32598]  ? report_bug+0x3a1/0x4e0
[ 2051.263524][T32598]  ? __device_add_disk+0xea1/0x1220
[ 2051.268642][T32598]  ? __device_add_disk+0xea1/0x1220
[ 2051.273680][T32598]  ? do_invalid_op+0x6e/0x110
[ 2051.278198][T32598]  ? invalid_op+0x1e/0x30
[ 2051.282356][T32598]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2051.288199][T32598]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2051.294272][T32598]  ? __device_add_disk+0x5dc/0x1220
[ 2051.299308][T32598]  ? __device_add_disk+0xea1/0x1220
[ 2051.304989][T32598]  ? __device_add_disk+0xea1/0x1220
[ 2051.310237][T32598]  ? device_add_disk+0x30/0x30
[ 2051.314827][T32598]  ? vsprintf+0x30/0x30
[ 2051.320120][T32598]  ? __alloc_disk_node+0x459/0x5a0
[ 2051.325187][T32598]  loop_add+0x573/0x740
[ 2051.329160][T32598]  loop_control_ioctl+0x448/0x620
[ 2051.334287][T32598]  ? loop_remove+0xa0/0xa0
[ 2051.338632][T32598]  ? memset+0x1f/0x40
[ 2051.342472][T32598]  ? fsnotify+0x1280/0x1340
[ 2051.346807][T32598]  ? loop_remove+0xa0/0xa0
[ 2051.351210][T32598]  do_vfs_ioctl+0x742/0x1720
[ 2051.359819][T32598]  ? ioctl_preallocate+0x250/0x250
[ 2051.364760][T32598]  ? __fget+0x407/0x490
[ 2051.368739][T32598]  ? fget_many+0x20/0x20
03:34:24 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 60)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:24 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={&(0x7f00000001c0)=""/160, 0xa0, 0x0, &(0x7f0000000280)=""/60, 0x3c}}, 0x10)
socket(0x9, 0x2, 0x8)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4)
bind$bt_rfcomm(r2, &(0x7f0000000100)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xa)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

03:34:24 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x3, 0x101800)
bind$tipc(r0, 0x0, 0x0)

03:34:24 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/25, &(0x7f00000000c0)=0x19)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000000040)=0x38d, 0x4)
accept4$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x0, @fixed}, &(0x7f0000000140)=0xe, 0x80800)

03:34:24 executing program 5:
socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(0xffffffffffffffff, 0x10f, 0x85) (async, rerun: 64)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x41, 0x3}, 0x3}}, 0x10) (async, rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (rerun: 32)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x41, 0x1, 0x4}}, 0x10)

03:34:24 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
r1 = socket(0x9, 0xa, 0x80)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:24 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/25, &(0x7f00000000c0)=0x19)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000000040)=0x38d, 0x4)
accept4$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x0, @fixed}, &(0x7f0000000140)=0xe, 0x80800)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/25, &(0x7f00000000c0)=0x19) (async)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000000040)=0x38d, 0x4) (async)
accept4$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x0, @fixed}, &(0x7f0000000140)=0xe, 0x80800) (async)

03:34:24 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={&(0x7f00000001c0)=""/160, 0xa0, 0x0, &(0x7f0000000280)=""/60, 0x3c}}, 0x10) (async)
socket(0x9, 0x2, 0x8) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4)
bind$bt_rfcomm(r2, &(0x7f0000000100)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xa) (async)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

03:34:24 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x3, 0x101800)
bind$tipc(r0, 0x0, 0x0)

03:34:24 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x858001, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
getpeername$tipc(r2, &(0x7f0000000140)=@id, &(0x7f00000000c0)=0xb)
bind$tipc(r0, 0x0, 0x0)

[ 2051.372821][T32598]  ? debug_smp_processor_id+0x20/0x20
[ 2051.378114][T32598]  ? security_file_ioctl+0x7d/0xa0
[ 2051.383072][T32598]  __x64_sys_ioctl+0xd4/0x110
[ 2051.387578][T32598]  do_syscall_64+0xca/0x1c0
[ 2051.391914][T32598]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2051.397645][T32598] ---[ end trace 47f897a1e9344b1f ]---
03:34:24 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

03:34:24 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000080)=""/25, &(0x7f00000000c0)=0x19) (async)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) (async, rerun: 32)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async, rerun: 32)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000000040)=0x38d, 0x4) (async)
accept4$bt_l2cap(r1, &(0x7f0000000100)={0x1f, 0x0, @fixed}, &(0x7f0000000140)=0xe, 0x80800)

[ 2051.511494][T32650] FAULT_INJECTION: forcing a failure.
[ 2051.511494][T32650] name failslab, interval 1, probability 0, space 0, times 0
[ 2051.524186][T32650] CPU: 0 PID: 32650 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2051.535922][T32650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2051.545815][T32650] Call Trace:
[ 2051.548944][T32650]  dump_stack+0x1d8/0x241
[ 2051.553105][T32650]  ? panic+0x896/0x896
[ 2051.557014][T32650]  ? mutex_unlock+0x18/0x40
[ 2051.561357][T32650]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2051.567005][T32650]  ? selinux_kernfs_init_security+0x14e/0x730
[ 2051.572914][T32650]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2051.577755][T32650]  should_fail+0x71f/0x880
[ 2051.582008][T32650]  ? setup_fault_attr+0x3d0/0x3d0
[ 2051.586866][T32650]  ? _raw_spin_lock+0xa4/0x1b0
[ 2051.591729][T32650]  ? __kernfs_new_node+0xdb/0x6e0
[ 2051.596572][T32650]  should_failslab+0x5/0x20
[ 2051.600881][T32650]  kmem_cache_alloc+0x28/0x250
[ 2051.605482][T32650]  __kernfs_new_node+0xdb/0x6e0
[ 2051.610171][T32650]  ? kernfs_new_node+0x160/0x160
[ 2051.615069][T32650]  ? mutex_lock+0xa5/0x110
[ 2051.619433][T32650]  ? mutex_trylock+0xa0/0xa0
[ 2051.623856][T32650]  ? kernfs_activate+0x2fe/0x320
[ 2051.628628][T32650]  kernfs_new_node+0x95/0x160
[ 2051.633229][T32650]  __kernfs_create_file+0x45/0x260
[ 2051.638175][T32650]  sysfs_add_file_mode_ns+0x292/0x340
[ 2051.643382][T32650]  sysfs_merge_group+0x1fe/0x450
[ 2051.648162][T32650]  ? sysfs_remove_groups+0xa0/0xa0
[ 2051.653109][T32650]  ? device_create_file+0xea/0x1b0
[ 2051.658057][T32650]  ? bus_add_device+0x92/0x3f0
[ 2051.662645][T32650]  dpm_sysfs_add+0xcf/0x270
[ 2051.667000][T32650]  device_add+0x536/0xbb0
[ 2051.671247][T32650]  device_create_vargs+0x1b9/0x210
[ 2051.676190][T32650]  device_create+0xea/0x130
[ 2051.680528][T32650]  ? device_create_vargs+0x210/0x210
[ 2051.685650][T32650]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2051.691204][T32650]  bdi_register_va+0x84/0x610
[ 2051.695735][T32650]  bdi_register+0xd1/0x120
[ 2051.699971][T32650]  ? __device_add_disk+0x551/0x1220
[ 2051.705017][T32650]  ? bdi_register_va+0x610/0x610
[ 2051.709993][T32650]  ? percpu_ref_resurrect+0x113/0x190
[ 2051.715196][T32650]  bdi_register_owner+0x55/0xf0
[ 2051.719881][T32650]  __device_add_disk+0x5d1/0x1220
[ 2051.724748][T32650]  ? device_add_disk+0x30/0x30
[ 2051.729343][T32650]  ? vsprintf+0x30/0x30
[ 2051.733330][T32650]  ? __alloc_disk_node+0x459/0x5a0
[ 2051.738277][T32650]  loop_add+0x573/0x740
[ 2051.742415][T32650]  loop_control_ioctl+0x448/0x620
[ 2051.747376][T32650]  ? loop_remove+0xa0/0xa0
[ 2051.751620][T32650]  ? memset+0x1f/0x40
[ 2051.755435][T32650]  ? fsnotify+0x1280/0x1340
[ 2051.759791][T32650]  ? loop_remove+0xa0/0xa0
[ 2051.764031][T32650]  do_vfs_ioctl+0x742/0x1720
[ 2051.768462][T32650]  ? ioctl_preallocate+0x250/0x250
[ 2051.773404][T32650]  ? __fget+0x407/0x490
[ 2051.777407][T32650]  ? fget_many+0x20/0x20
[ 2051.781475][T32650]  ? debug_smp_processor_id+0x20/0x20
[ 2051.786684][T32650]  ? security_file_ioctl+0x7d/0xa0
[ 2051.791634][T32650]  __x64_sys_ioctl+0xd4/0x110
[ 2051.796148][T32650]  do_syscall_64+0xca/0x1c0
[ 2051.800482][T32650]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2051.807896][T32650] ------------[ cut here ]------------
[ 2051.813267][T32650] WARNING: CPU: 0 PID: 32650 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2051.822202][T32650] Modules linked in:
[ 2051.825937][T32650] CPU: 0 PID: 32650 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2051.837379][T32650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2051.847288][T32650] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2051.853030][T32650] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2051.872468][T32650] RSP: 0018:ffff8881cb4afa20 EFLAGS: 00010287
[ 2051.878368][T32650] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2051.886177][T32650] RDX: ffffc90000b43000 RSI: 000000000000d01c RDI: 000000000000d01d
[ 2051.894094][T32650] RBP: ffff8881cb4afb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2051.901902][T32650] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881cf534000
[ 2051.909715][T32650] R13: dffffc0000000000 R14: ffff8881cf534070 R15: 1ffff11039ea689d
[ 2051.917525][T32650] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2051.926280][T32650] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2051.932705][T32650] CR2: 000000c0012d6000 CR3: 00000001cdd3a000 CR4: 00000000003406b0
[ 2051.940520][T32650] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2051.948320][T32650] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2051.956129][T32650] Call Trace:
[ 2051.959280][T32650]  ? __warn+0x162/0x250
[ 2051.963273][T32650]  ? report_bug+0x3a1/0x4e0
[ 2051.967596][T32650]  ? __device_add_disk+0xea1/0x1220
[ 2051.972767][T32650]  ? __device_add_disk+0xea1/0x1220
[ 2051.977807][T32650]  ? do_invalid_op+0x6e/0x110
[ 2051.982304][T32650]  ? invalid_op+0x1e/0x30
[ 2051.986476][T32650]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2051.992124][T32650]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2051.998192][T32650]  ? __device_add_disk+0x5dc/0x1220
[ 2052.003237][T32650]  ? __device_add_disk+0xea1/0x1220
[ 2052.008373][T32650]  ? __device_add_disk+0xea1/0x1220
[ 2052.013399][T32650]  ? device_add_disk+0x30/0x30
[ 2052.017996][T32650]  ? vsprintf+0x30/0x30
[ 2052.021989][T32650]  ? __alloc_disk_node+0x459/0x5a0
[ 2052.027634][T32650]  loop_add+0x573/0x740
[ 2052.031643][T32650]  loop_control_ioctl+0x448/0x620
[ 2052.036579][T32650]  ? loop_remove+0xa0/0xa0
[ 2052.040825][T32650]  ? memset+0x1f/0x40
[ 2052.044651][T32650]  ? fsnotify+0x1280/0x1340
[ 2052.048985][T32650]  ? loop_remove+0xa0/0xa0
[ 2052.053374][T32650]  do_vfs_ioctl+0x742/0x1720
[ 2052.057754][T32650]  ? ioctl_preallocate+0x250/0x250
03:34:24 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 61)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:24 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @rand_addr, @dev}, &(0x7f00000000c0)=0xc)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040)=0x8, 0x4)

03:34:24 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={&(0x7f00000001c0)=""/160, 0xa0, 0x0, &(0x7f0000000280)=""/60, 0x3c}}, 0x10)
socket(0x9, 0x2, 0x8)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000140), &(0x7f0000000180)=0x4)
bind$bt_rfcomm(r2, &(0x7f0000000100)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xa)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4) (async)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

03:34:24 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10) (async)
socket$tipc(0x1e, 0x5, 0x0) (async, rerun: 64)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x858001, 0x0) (rerun: 64)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = socket$tipc(0x1e, 0x5, 0x0)
getpeername$tipc(r2, &(0x7f0000000140)=@id, &(0x7f00000000c0)=0xb) (async, rerun: 32)
bind$tipc(r0, 0x0, 0x0) (rerun: 32)

03:34:24 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r0 = socket(0x27, 0x1, 0x885)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @multicast1}, 0x1, 0x1, 0x4, 0x1}}, 0x2e)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x3}, 0x10)
r2 = socket(0x8, 0x1, 0xfffffffe)
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0)

03:34:24 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

03:34:24 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @rand_addr, @dev}, &(0x7f00000000c0)=0xc)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040)=0x8, 0x4)

03:34:24 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)

[ 2052.062710][T32650]  ? __fget+0x407/0x490
[ 2052.066697][T32650]  ? fget_many+0x20/0x20
[ 2052.070765][T32650]  ? debug_smp_processor_id+0x20/0x20
[ 2052.075978][T32650]  ? security_file_ioctl+0x7d/0xa0
[ 2052.080921][T32650]  __x64_sys_ioctl+0xd4/0x110
[ 2052.085522][T32650]  do_syscall_64+0xca/0x1c0
[ 2052.089861][T32650]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2052.095585][T32650] ---[ end trace 47f897a1e9344b20 ]---
03:34:24 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

03:34:24 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
socket(0x27, 0x1, 0x885) (async)
r0 = socket(0x27, 0x1, 0x885)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @multicast1}, 0x1, 0x1, 0x4, 0x1}}, 0x2e) (async)
connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @multicast1}, 0x1, 0x1, 0x4, 0x1}}, 0x2e)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x3}, 0x10) (async)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x3}, 0x10)
r2 = socket(0x8, 0x1, 0xfffffffe)
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0)

03:34:24 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @rand_addr, @dev}, &(0x7f00000000c0)=0xc)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040)=0x8, 0x4)

03:34:24 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)

[ 2052.181098][T32681] FAULT_INJECTION: forcing a failure.
[ 2052.181098][T32681] name failslab, interval 1, probability 0, space 0, times 0
[ 2052.196606][T32681] CPU: 1 PID: 32681 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2052.208048][T32681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2052.217938][T32681] Call Trace:
[ 2052.221071][T32681]  dump_stack+0x1d8/0x241
[ 2052.225230][T32681]  ? panic+0x896/0x896
[ 2052.229143][T32681]  ? mutex_unlock+0x18/0x40
[ 2052.233600][T32681]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2052.239410][T32681]  ? selinux_kernfs_init_security+0x14e/0x730
[ 2052.245313][T32681]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2052.250176][T32681]  should_fail+0x71f/0x880
[ 2052.254426][T32681]  ? setup_fault_attr+0x3d0/0x3d0
[ 2052.259286][T32681]  ? _raw_spin_lock+0xa4/0x1b0
[ 2052.263984][T32681]  ? __kernfs_new_node+0xdb/0x6e0
[ 2052.268841][T32681]  should_failslab+0x5/0x20
[ 2052.273178][T32681]  kmem_cache_alloc+0x28/0x250
[ 2052.277771][T32681]  __kernfs_new_node+0xdb/0x6e0
[ 2052.282455][T32681]  ? kernfs_new_node+0x160/0x160
[ 2052.287227][T32681]  ? mutex_lock+0xa5/0x110
[ 2052.291482][T32681]  ? mutex_trylock+0xa0/0xa0
[ 2052.296091][T32681]  ? kernfs_activate+0x2fe/0x320
[ 2052.300856][T32681]  kernfs_new_node+0x95/0x160
[ 2052.305371][T32681]  __kernfs_create_file+0x45/0x260
[ 2052.310317][T32681]  sysfs_add_file_mode_ns+0x292/0x340
[ 2052.315526][T32681]  sysfs_merge_group+0x1fe/0x450
[ 2052.320300][T32681]  ? sysfs_remove_groups+0xa0/0xa0
[ 2052.325335][T32681]  ? device_create_file+0xea/0x1b0
[ 2052.332276][T32681]  ? bus_add_device+0x92/0x3f0
[ 2052.336874][T32681]  dpm_sysfs_add+0xcf/0x270
[ 2052.341230][T32681]  device_add+0x536/0xbb0
[ 2052.345381][T32681]  device_create_vargs+0x1b9/0x210
[ 2052.350343][T32681]  device_create+0xea/0x130
[ 2052.354681][T32681]  ? device_create_vargs+0x210/0x210
[ 2052.359801][T32681]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2052.365357][T32681]  bdi_register_va+0x84/0x610
[ 2052.369858][T32681]  bdi_register+0xd1/0x120
[ 2052.374273][T32681]  ? __device_add_disk+0x551/0x1220
[ 2052.379315][T32681]  ? bdi_register_va+0x610/0x610
[ 2052.384073][T32681]  ? percpu_ref_resurrect+0x113/0x190
[ 2052.389292][T32681]  bdi_register_owner+0x55/0xf0
[ 2052.393958][T32681]  __device_add_disk+0x5d1/0x1220
[ 2052.398825][T32681]  ? device_add_disk+0x30/0x30
[ 2052.403429][T32681]  ? vsprintf+0x30/0x30
[ 2052.407527][T32681]  ? __alloc_disk_node+0x459/0x5a0
[ 2052.412995][T32681]  loop_add+0x573/0x740
[ 2052.416988][T32681]  loop_control_ioctl+0x448/0x620
[ 2052.422085][T32681]  ? loop_remove+0xa0/0xa0
[ 2052.426318][T32681]  ? memset+0x1f/0x40
[ 2052.430131][T32681]  ? fsnotify+0x1280/0x1340
[ 2052.434471][T32681]  ? loop_remove+0xa0/0xa0
[ 2052.438720][T32681]  do_vfs_ioctl+0x742/0x1720
[ 2052.443150][T32681]  ? ioctl_preallocate+0x250/0x250
[ 2052.448096][T32681]  ? __fget+0x407/0x490
[ 2052.452094][T32681]  ? fget_many+0x20/0x20
[ 2052.456174][T32681]  ? debug_smp_processor_id+0x20/0x20
[ 2052.461377][T32681]  ? security_file_ioctl+0x7d/0xa0
[ 2052.466436][T32681]  __x64_sys_ioctl+0xd4/0x110
[ 2052.470946][T32681]  do_syscall_64+0xca/0x1c0
[ 2052.475286][T32681]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2052.483982][T32681] ------------[ cut here ]------------
[ 2052.489299][T32681] WARNING: CPU: 1 PID: 32681 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2052.498292][T32681] Modules linked in:
[ 2052.502105][T32681] CPU: 1 PID: 32681 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2052.513559][T32681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2052.523466][T32681] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2052.529100][T32681] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2052.548538][T32681] RSP: 0018:ffff8881e35a7a20 EFLAGS: 00010283
[ 2052.556262][T32681] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2052.564073][T32681] RDX: ffffc90000b43000 RSI: 000000000000cef7 RDI: 000000000000cef8
[ 2052.571975][T32681] RBP: ffff8881e35a7b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2052.579868][T32681] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881e97d7000
[ 2052.587678][T32681] R13: dffffc0000000000 R14: ffff8881e97d7070 R15: 1ffff1103d2fae9d
[ 2052.595580][T32681] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2052.604347][T32681] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2052.610859][T32681] CR2: 00007f8ca7515d58 CR3: 00000001ec86e000 CR4: 00000000003406a0
[ 2052.618668][T32681] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2052.626475][T32681] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2052.634375][T32681] Call Trace:
[ 2052.637525][T32681]  ? __warn+0x162/0x250
[ 2052.641493][T32681]  ? report_bug+0x3a1/0x4e0
[ 2052.645834][T32681]  ? __device_add_disk+0xea1/0x1220
[ 2052.650869][T32681]  ? __device_add_disk+0xea1/0x1220
[ 2052.655904][T32681]  ? do_invalid_op+0x6e/0x110
[ 2052.660418][T32681]  ? invalid_op+0x1e/0x30
[ 2052.664586][T32681]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2052.670224][T32681]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2052.676827][T32681]  ? __device_add_disk+0x5dc/0x1220
[ 2052.681855][T32681]  ? __device_add_disk+0xea1/0x1220
[ 2052.686888][T32681]  ? __device_add_disk+0xea1/0x1220
[ 2052.691923][T32681]  ? device_add_disk+0x30/0x30
[ 2052.696521][T32681]  ? vsprintf+0x30/0x30
[ 2052.700515][T32681]  ? __alloc_disk_node+0x459/0x5a0
[ 2052.705459][T32681]  loop_add+0x573/0x740
[ 2052.709717][T32681]  loop_control_ioctl+0x448/0x620
[ 2052.714555][T32681]  ? loop_remove+0xa0/0xa0
[ 2052.718810][T32681]  ? memset+0x1f/0x40
[ 2052.722619][T32681]  ? fsnotify+0x1280/0x1340
[ 2052.726958][T32681]  ? loop_remove+0xa0/0xa0
03:34:25 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 62)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:25 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43, 0x1}}}, 0x10) (async, rerun: 32)
socket$tipc(0x1e, 0x5, 0x0) (async, rerun: 32)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x858001, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = socket$tipc(0x1e, 0x5, 0x0)
getpeername$tipc(r2, &(0x7f0000000140)=@id, &(0x7f00000000c0)=0xb) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:25 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x62, 0x1}}}, 0x10)

03:34:25 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
r0 = socket(0x27, 0x1, 0x885)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e20, @multicast1}, 0x1, 0x1, 0x4, 0x1}}, 0x2e)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x3}, 0x10)
socket(0x8, 0x1, 0xfffffffe) (async)
r2 = socket(0x8, 0x1, 0xfffffffe)
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r2, 0x6, 0x8, 0x0, 0x0)

03:34:25 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0xc)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
bind$tipc(r0, 0x0, 0x2)

03:34:25 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)

[ 2052.731294][T32681]  do_vfs_ioctl+0x742/0x1720
[ 2052.735653][T32681]  ? ioctl_preallocate+0x250/0x250
[ 2052.740598][T32681]  ? __fget+0x407/0x490
[ 2052.744717][T32681]  ? fget_many+0x20/0x20
[ 2052.749185][T32681]  ? debug_smp_processor_id+0x20/0x20
[ 2052.754395][T32681]  ? security_file_ioctl+0x7d/0xa0
[ 2052.760812][T32681]  __x64_sys_ioctl+0xd4/0x110
[ 2052.765318][T32681]  do_syscall_64+0xca/0x1c0
[ 2052.769660][T32681]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2052.776860][T32681] ---[ end trace 47f897a1e9344b21 ]---
03:34:25 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x62, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x62, 0x1}}}, 0x10) (async)

03:34:25 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0xff, 0x4)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@ifindex, 0x7, 0x1, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], &(0x7f0000000100)}, 0x40)

03:34:25 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0xc) (async)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0xc)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0xc) (async)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
bind$tipc(r0, 0x0, 0x2)

03:34:25 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = syz_open_dev$mouse(&(0x7f00000000c0), 0x1, 0x20200)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r2, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3ce, 0x0, 0x0, 0x6, 0x1a, 0x10, "837ca1d59b4a4511bebae352b68315a620a3d09445d37c991cafa024073ffcf069827cb663721c2de1cbf7a53151bc98a76ff99ddf85004786b32a37d7cd6739", "bce5bf13853c93a3b0360403e936bdde3d8e7ba093fb278fa3eb8642e76ca9b907f6eea9eaeb827771c55648fc2c19c9ab6e5411a659a120476769587f5d38f4", "5ab3fdf361c18f5496f2dc6700c69fa581dd81d8aece2c58677da8a5aea0e6ce", [0xfff, 0x6]})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0112b10073366af8"], 0x10)
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:25 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x1, {0x4e21}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x3, 0x3}, 0x10)
bind$tipc(r0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=r1, r1, 0x22, 0x2000, 0x0, @link_fd=r1}, 0x20)

03:34:25 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x62, 0x1}}}, 0x10)

[ 2052.884799][T32713] FAULT_INJECTION: forcing a failure.
[ 2052.884799][T32713] name failslab, interval 1, probability 0, space 0, times 0
[ 2052.897834][T32713] CPU: 1 PID: 32713 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2052.909259][T32713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2052.919145][T32713] Call Trace:
[ 2052.922288][T32713]  dump_stack+0x1d8/0x241
[ 2052.926438][T32713]  ? panic+0x896/0x896
[ 2052.930351][T32713]  ? mutex_unlock+0x18/0x40
[ 2052.934695][T32713]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2052.940374][T32713]  ? selinux_kernfs_init_security+0x14e/0x730
[ 2052.946231][T32713]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2052.951103][T32713]  should_fail+0x71f/0x880
[ 2052.955347][T32713]  ? setup_fault_attr+0x3d0/0x3d0
[ 2052.960207][T32713]  ? _raw_spin_lock+0xa4/0x1b0
[ 2052.964804][T32713]  ? __kernfs_new_node+0xdb/0x6e0
[ 2052.969759][T32713]  should_failslab+0x5/0x20
[ 2052.974094][T32713]  kmem_cache_alloc+0x28/0x250
[ 2052.978777][T32713]  __kernfs_new_node+0xdb/0x6e0
[ 2052.983464][T32713]  ? kernfs_new_node+0x160/0x160
[ 2052.988615][T32713]  ? mutex_lock+0xa5/0x110
[ 2052.992842][T32713]  ? mutex_trylock+0xa0/0xa0
[ 2052.997335][T32713]  ? kernfs_activate+0x2fe/0x320
[ 2053.002108][T32713]  kernfs_new_node+0x95/0x160
[ 2053.006619][T32713]  __kernfs_create_file+0x45/0x260
[ 2053.011655][T32713]  sysfs_add_file_mode_ns+0x292/0x340
[ 2053.016861][T32713]  sysfs_merge_group+0x1fe/0x450
[ 2053.021726][T32713]  ? sysfs_remove_groups+0xa0/0xa0
[ 2053.026683][T32713]  ? device_create_file+0xea/0x1b0
[ 2053.031624][T32713]  ? bus_add_device+0x92/0x3f0
[ 2053.036320][T32713]  dpm_sysfs_add+0xcf/0x270
[ 2053.040664][T32713]  device_add+0x536/0xbb0
[ 2053.044834][T32713]  device_create_vargs+0x1b9/0x210
[ 2053.049774][T32713]  device_create+0xea/0x130
[ 2053.054118][T32713]  ? device_create_vargs+0x210/0x210
[ 2053.059256][T32713]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2053.064924][T32713]  bdi_register_va+0x84/0x610
[ 2053.069506][T32713]  bdi_register+0xd1/0x120
[ 2053.073778][T32713]  ? __device_add_disk+0x551/0x1220
[ 2053.078817][T32713]  ? bdi_register_va+0x610/0x610
[ 2053.083577][T32713]  ? percpu_ref_resurrect+0x113/0x190
[ 2053.088772][T32713]  bdi_register_owner+0x55/0xf0
[ 2053.093493][T32713]  __device_add_disk+0x5d1/0x1220
[ 2053.098320][T32713]  ? device_add_disk+0x30/0x30
[ 2053.102934][T32713]  ? vsprintf+0x30/0x30
[ 2053.106910][T32713]  ? __alloc_disk_node+0x459/0x5a0
[ 2053.112152][T32713]  loop_add+0x573/0x740
[ 2053.116337][T32713]  loop_control_ioctl+0x448/0x620
[ 2053.121164][T32713]  ? loop_remove+0xa0/0xa0
[ 2053.125425][T32713]  ? memset+0x1f/0x40
[ 2053.129237][T32713]  ? fsnotify+0x1280/0x1340
[ 2053.133590][T32713]  ? loop_remove+0xa0/0xa0
[ 2053.137824][T32713]  do_vfs_ioctl+0x742/0x1720
[ 2053.142377][T32713]  ? ioctl_preallocate+0x250/0x250
[ 2053.147402][T32713]  ? __fget+0x407/0x490
[ 2053.151484][T32713]  ? fget_many+0x20/0x20
[ 2053.155558][T32713]  ? debug_smp_processor_id+0x20/0x20
[ 2053.160796][T32713]  ? security_file_ioctl+0x7d/0xa0
[ 2053.165813][T32713]  __x64_sys_ioctl+0xd4/0x110
[ 2053.170498][T32713]  do_syscall_64+0xca/0x1c0
[ 2053.176825][T32713]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2053.183830][T32713] ------------[ cut here ]------------
[ 2053.189134][T32713] WARNING: CPU: 1 PID: 32713 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2053.198130][T32713] Modules linked in:
[ 2053.201869][T32713] CPU: 1 PID: 32713 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2053.213327][T32713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2053.223328][T32713] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2053.229223][T32713] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2053.248838][T32713] RSP: 0018:ffff8881ce477a20 EFLAGS: 00010283
[ 2053.254714][T32713] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2053.262870][T32713] RDX: ffffc90000b43000 RSI: 000000000000cf75 RDI: 000000000000cf76
[ 2053.270966][T32713] RBP: ffff8881ce477b58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2053.279134][T32713] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881e5678000
[ 2053.286944][T32713] R13: dffffc0000000000 R14: ffff8881e5678070 R15: 1ffff1103cacf09d
[ 2053.294827][T32713] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2053.304077][T32713] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2053.310506][T32713] CR2: 00007ffcf1811f78 CR3: 00000001e0eed000 CR4: 00000000003406a0
[ 2053.318401][T32713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2053.326228][T32713] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2053.334791][T32713] Call Trace:
[ 2053.337931][T32713]  ? __warn+0x162/0x250
[ 2053.341922][T32713]  ? report_bug+0x3a1/0x4e0
[ 2053.346355][T32713]  ? __device_add_disk+0xea1/0x1220
[ 2053.351664][T32713]  ? __device_add_disk+0xea1/0x1220
[ 2053.356789][T32713]  ? do_invalid_op+0x6e/0x110
[ 2053.361300][T32713]  ? invalid_op+0x1e/0x30
[ 2053.365473][T32713]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2053.371110][T32713]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2053.377225][T32713]  ? __device_add_disk+0x5dc/0x1220
[ 2053.382253][T32713]  ? __device_add_disk+0xea1/0x1220
[ 2053.387586][T32713]  ? __device_add_disk+0xea1/0x1220
[ 2053.392623][T32713]  ? device_add_disk+0x30/0x30
[ 2053.397213][T32713]  ? vsprintf+0x30/0x30
[ 2053.401315][T32713]  ? __alloc_disk_node+0x459/0x5a0
[ 2053.406513][T32713]  loop_add+0x573/0x740
[ 2053.410607][T32713]  loop_control_ioctl+0x448/0x620
[ 2053.415464][T32713]  ? loop_remove+0xa0/0xa0
[ 2053.419803][T32713]  ? memset+0x1f/0x40
[ 2053.423790][T32713]  ? fsnotify+0x1280/0x1340
[ 2053.428913][T32713]  ? loop_remove+0xa0/0xa0
03:34:26 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 63)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:26 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
r2 = syz_open_dev$mouse(&(0x7f00000000c0), 0x1, 0x20200)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r2, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3ce, 0x0, 0x0, 0x6, 0x1a, 0x10, "837ca1d59b4a4511bebae352b68315a620a3d09445d37c991cafa024073ffcf069827cb663721c2de1cbf7a53151bc98a76ff99ddf85004786b32a37d7cd6739", "bce5bf13853c93a3b0360403e936bdde3d8e7ba093fb278fa3eb8642e76ca9b907f6eea9eaeb827771c55648fc2c19c9ab6e5411a659a120476769587f5d38f4", "5ab3fdf361c18f5496f2dc6700c69fa581dd81d8aece2c58677da8a5aea0e6ce", [0xfff, 0x6]})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0112b10073366af8"], 0x10) (async)
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)

03:34:26 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0xc) (async)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
bind$tipc(r0, 0x0, 0x2)

03:34:26 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async, rerun: 64)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0xff, 0x4) (async, rerun: 64)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@ifindex, 0x7, 0x1, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], &(0x7f0000000100)}, 0x40) (rerun: 32)

03:34:26 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x1, {0x4e21}}, 0x10) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x3, 0x3}, 0x10)
bind$tipc(r0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=r1, r1, 0x22, 0x2000, 0x0, @link_fd=r1}, 0x20)

03:34:26 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1}}, 0x10)

03:34:26 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1}}, 0x10) (async)

03:34:26 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
r2 = syz_open_dev$mouse(&(0x7f00000000c0), 0x1, 0x20200)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r2, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3ce, 0x0, 0x0, 0x6, 0x1a, 0x10, "837ca1d59b4a4511bebae352b68315a620a3d09445d37c991cafa024073ffcf069827cb663721c2de1cbf7a53151bc98a76ff99ddf85004786b32a37d7cd6739", "bce5bf13853c93a3b0360403e936bdde3d8e7ba093fb278fa3eb8642e76ca9b907f6eea9eaeb827771c55648fc2c19c9ab6e5411a659a120476769587f5d38f4", "5ab3fdf361c18f5496f2dc6700c69fa581dd81d8aece2c58677da8a5aea0e6ce", [0xfff, 0x6]}) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0112b10073366af8"], 0x10) (async)
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)

[ 2053.433354][T32713]  do_vfs_ioctl+0x742/0x1720
[ 2053.437789][T32713]  ? ioctl_preallocate+0x250/0x250
[ 2053.442726][T32713]  ? __fget+0x407/0x490
[ 2053.446824][T32713]  ? fget_many+0x20/0x20
[ 2053.450984][T32713]  ? debug_smp_processor_id+0x20/0x20
[ 2053.456181][T32713]  ? security_file_ioctl+0x7d/0xa0
[ 2053.461142][T32713]  __x64_sys_ioctl+0xd4/0x110
[ 2053.465752][T32713]  do_syscall_64+0xca/0x1c0
[ 2053.470102][T32713]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2053.475807][T32713] ---[ end trace 47f897a1e9344b22 ]---
03:34:26 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f00000000c0))
bind$tipc(r0, 0x0, 0x2)
r2 = syz_open_dev$mouse(&(0x7f0000000140), 0x9dba, 0x210402)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x2}, 0x10)

03:34:26 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x1, {0x4e21}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x3, 0x3}, 0x10) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x43, 0x3, 0x3}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=r1, r1, 0x22, 0x2000, 0x0, @link_fd=r1}, 0x20)

03:34:26 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0xff, 0x4)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@ifindex, 0x7, 0x1, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], &(0x7f0000000100)}, 0x40)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0xff, 0x4) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@ifindex, 0x7, 0x1, 0x8, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], &(0x7f0000000100)}, 0x40) (async)

03:34:26 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1}}, 0x10)

[ 2053.541863][T32759] Unknown ioctl -2141170668
[ 2053.581950][T32760] FAULT_INJECTION: forcing a failure.
[ 2053.581950][T32760] name failslab, interval 1, probability 0, space 0, times 0
[ 2053.595104][T32760] CPU: 1 PID: 32760 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2053.606781][T32760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2053.618238][T32760] Call Trace:
[ 2053.621362][T32760]  dump_stack+0x1d8/0x241
[ 2053.625520][T32760]  ? panic+0x896/0x896
[ 2053.629432][T32760]  ? mutex_unlock+0x18/0x40
[ 2053.633788][T32760]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2053.639513][T32760]  ? selinux_kernfs_init_security+0x14e/0x730
[ 2053.645395][T32760]  ? idr_alloc_cyclic+0x369/0x5d0
[ 2053.650262][T32760]  should_fail+0x71f/0x880
[ 2053.654509][T32760]  ? setup_fault_attr+0x3d0/0x3d0
[ 2053.659367][T32760]  ? _raw_spin_lock+0xa4/0x1b0
[ 2053.663970][T32760]  ? __kernfs_new_node+0xdb/0x6e0
[ 2053.668913][T32760]  should_failslab+0x5/0x20
[ 2053.673256][T32760]  kmem_cache_alloc+0x28/0x250
[ 2053.677857][T32760]  __kernfs_new_node+0xdb/0x6e0
[ 2053.682543][T32760]  ? kernfs_new_node+0x160/0x160
[ 2053.687401][T32760]  ? mutex_lock+0xa5/0x110
[ 2053.691655][T32760]  ? mutex_trylock+0xa0/0xa0
[ 2053.696087][T32760]  ? kernfs_activate+0x2fe/0x320
[ 2053.700853][T32760]  kernfs_new_node+0x95/0x160
[ 2053.705369][T32760]  __kernfs_create_file+0x45/0x260
[ 2053.710316][T32760]  sysfs_add_file_mode_ns+0x292/0x340
[ 2053.715523][T32760]  sysfs_merge_group+0x1fe/0x450
[ 2053.720308][T32760]  ? sysfs_remove_groups+0xa0/0xa0
[ 2053.725269][T32760]  ? device_create_file+0xea/0x1b0
[ 2053.730204][T32760]  ? bus_add_device+0x92/0x3f0
[ 2053.734887][T32760]  dpm_sysfs_add+0xcf/0x270
[ 2053.739234][T32760]  device_add+0x536/0xbb0
[ 2053.743441][T32760]  device_create_vargs+0x1b9/0x210
[ 2053.748336][T32760]  device_create+0xea/0x130
[ 2053.752674][T32760]  ? device_create_vargs+0x210/0x210
[ 2053.757964][T32760]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2053.763553][T32760]  bdi_register_va+0x84/0x610
[ 2053.768041][T32760]  bdi_register+0xd1/0x120
[ 2053.772295][T32760]  ? __device_add_disk+0x551/0x1220
[ 2053.777324][T32760]  ? bdi_register_va+0x610/0x610
[ 2053.782094][T32760]  ? percpu_ref_resurrect+0x113/0x190
[ 2053.787304][T32760]  bdi_register_owner+0x55/0xf0
[ 2053.791989][T32760]  __device_add_disk+0x5d1/0x1220
[ 2053.796884][T32760]  ? device_add_disk+0x30/0x30
[ 2053.801446][T32760]  ? vsprintf+0x30/0x30
[ 2053.805441][T32760]  ? __alloc_disk_node+0x459/0x5a0
[ 2053.810389][T32760]  loop_add+0x573/0x740
[ 2053.814378][T32760]  loop_control_ioctl+0x448/0x620
[ 2053.819243][T32760]  ? loop_remove+0xa0/0xa0
[ 2053.823499][T32760]  ? memset+0x1f/0x40
[ 2053.827312][T32760]  ? fsnotify+0x1280/0x1340
[ 2053.831822][T32760]  ? loop_remove+0xa0/0xa0
[ 2053.836150][T32760]  do_vfs_ioctl+0x742/0x1720
[ 2053.840689][T32760]  ? ioctl_preallocate+0x250/0x250
[ 2053.845623][T32760]  ? __fget+0x407/0x490
[ 2053.849697][T32760]  ? fget_many+0x20/0x20
[ 2053.853926][T32760]  ? debug_smp_processor_id+0x20/0x20
[ 2053.859137][T32760]  ? security_file_ioctl+0x7d/0xa0
[ 2053.864079][T32760]  __x64_sys_ioctl+0xd4/0x110
[ 2053.868592][T32760]  do_syscall_64+0xca/0x1c0
[ 2053.873022][T32760]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2053.881548][T32760] ------------[ cut here ]------------
[ 2053.886981][T32760] WARNING: CPU: 0 PID: 32760 at block/genhd.c:742 __device_add_disk+0xea1/0x1220
[ 2053.895896][T32760] Modules linked in:
[ 2053.899630][T32760] CPU: 0 PID: 32760 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2053.911087][T32760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2053.921101][T32760] RIP: 0010:__device_add_disk+0xea1/0x1220
[ 2053.926735][T32760] Code: ff ff e8 42 1b 3f ff 0f 0b e9 52 f3 ff ff e8 36 1b 3f ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 1f 1b 3f ff <0f> 0b e9 41 f7 ff ff e8 13 1b 3f ff e9 18 ff ff ff 44 89 f9 80 e1
[ 2053.946438][T32760] RSP: 0018:ffff8881e270fa20 EFLAGS: 00010287
[ 2053.952420][T32760] RAX: ffffffff82251af1 RBX: 00000000fffffff4 RCX: 0000000000040000
[ 2053.960397][T32760] RDX: ffffc90000b43000 RSI: 000000000000cf4d RDI: 000000000000cf4e
[ 2053.968208][T32760] RBP: ffff8881e270fb58 R08: ffffffff8225122c R09: ffffffff846031dc
[ 2053.976207][T32760] R10: ffffffff84800000 R11: dffffc0000000000 R12: ffff8881d135a000
[ 2053.984174][T32760] R13: dffffc0000000000 R14: ffff8881d135a070 R15: 1ffff1103a26b49d
[ 2053.992347][T32760] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2054.001318][T32760] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2054.007820][T32760] CR2: 0000555555bed818 CR3: 00000001e0eed000 CR4: 00000000003406b0
[ 2054.015721][T32760] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2054.023534][T32760] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2054.031343][T32760] Call Trace:
[ 2054.034484][T32760]  ? __warn+0x162/0x250
[ 2054.038463][T32760]  ? report_bug+0x3a1/0x4e0
[ 2054.042917][T32760]  ? __device_add_disk+0xea1/0x1220
[ 2054.048023][T32760]  ? __device_add_disk+0xea1/0x1220
[ 2054.053056][T32760]  ? do_invalid_op+0x6e/0x110
[ 2054.057571][T32760]  ? invalid_op+0x1e/0x30
[ 2054.061733][T32760]  ? __irqentry_text_end+0x1fce24/0x1fce24
[ 2054.067404][T32760]  ? smp_irq_move_cleanup_interrupt+0x22c/0x22c
[ 2054.073574][T32760]  ? __device_add_disk+0x5dc/0x1220
[ 2054.078823][T32760]  ? __device_add_disk+0xea1/0x1220
[ 2054.084090][T32760]  ? __device_add_disk+0xea1/0x1220
[ 2054.089120][T32760]  ? device_add_disk+0x30/0x30
[ 2054.093705][T32760]  ? vsprintf+0x30/0x30
[ 2054.097851][T32760]  ? __alloc_disk_node+0x459/0x5a0
[ 2054.102797][T32760]  loop_add+0x573/0x740
[ 2054.106786][T32760]  loop_control_ioctl+0x448/0x620
[ 2054.111779][T32760]  ? loop_remove+0xa0/0xa0
[ 2054.116031][T32760]  ? memset+0x1f/0x40
[ 2054.119848][T32760]  ? fsnotify+0x1280/0x1340
[ 2054.124190][T32760]  ? loop_remove+0xa0/0xa0
[ 2054.128574][T32760]  do_vfs_ioctl+0x742/0x1720
03:34:26 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 64)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:26 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
r2 = accept4$tipc(r1, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10, 0x800)
accept4$tipc(r2, 0x0, &(0x7f00000000c0), 0x80800)

03:34:26 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

03:34:26 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:26 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
ioctl$HIDIOCGRDESCSIZE(0xffffffffffffffff, 0x80044801, &(0x7f00000000c0))

03:34:26 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f00000000c0))
bind$tipc(r0, 0x0, 0x2)
r2 = syz_open_dev$mouse(&(0x7f0000000140), 0x9dba, 0x210402)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x2}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f00000000c0)) (async)
bind$tipc(r0, 0x0, 0x2) (async)
syz_open_dev$mouse(&(0x7f0000000140), 0x9dba, 0x210402) (async)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x2}, 0x10) (async)

03:34:26 executing program 5:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

[ 2054.133008][T32760]  ? ioctl_preallocate+0x250/0x250
[ 2054.137952][T32760]  ? __fget+0x407/0x490
[ 2054.141944][T32760]  ? fget_many+0x20/0x20
[ 2054.146022][T32760]  ? debug_smp_processor_id+0x20/0x20
[ 2054.151356][T32760]  ? security_file_ioctl+0x7d/0xa0
[ 2054.156268][T32760]  __x64_sys_ioctl+0xd4/0x110
[ 2054.160779][T32760]  do_syscall_64+0xca/0x1c0
[ 2054.165245][T32760]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2054.171046][T32760] ---[ end trace 47f897a1e9344b23 ]---
03:34:26 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
ioctl$HIDIOCGRDESCSIZE(0xffffffffffffffff, 0x80044801, &(0x7f00000000c0))

03:34:26 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
r2 = accept4$tipc(r1, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10, 0x800)
accept4$tipc(r2, 0x0, &(0x7f00000000c0), 0x80800)

03:34:26 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:26 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
ioctl$HIDIOCGRDESCSIZE(0xffffffffffffffff, 0x80044801, &(0x7f00000000c0))

[ 2054.209471][  T312] Unknown ioctl -2141170668
[ 2054.225109][  T316] Unknown ioctl -2141170668
03:34:26 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r1, 0x80605414, &(0x7f00000000c0)) (async)
bind$tipc(r0, 0x0, 0x2) (async)
r2 = syz_open_dev$mouse(&(0x7f0000000140), 0x9dba, 0x210402)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x0, 0x2}, 0x10)

[ 2054.250318][  T314] FAULT_INJECTION: forcing a failure.
[ 2054.250318][  T314] name failslab, interval 1, probability 0, space 0, times 0
[ 2054.266942][  T314] CPU: 0 PID: 314 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2054.278304][  T314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2054.287420][  T337] Unknown ioctl -2141170668
[ 2054.288187][  T314] Call Trace:
[ 2054.288208][  T314]  dump_stack+0x1d8/0x241
[ 2054.288217][  T314]  ? panic+0x896/0x896
[ 2054.288236][  T314]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2054.309386][  T314]  ? mutex_unlock+0x18/0x40
[ 2054.313759][  T314]  ? kernfs_add_one+0x49a/0x5b0
[ 2054.318403][  T314]  should_fail+0x71f/0x880
[ 2054.322649][  T314]  ? setup_fault_attr+0x3d0/0x3d0
[ 2054.327517][  T314]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 2054.332892][  T314]  ? _raw_spin_lock+0x1b0/0x1b0
[ 2054.337576][  T314]  ? sysfs_merge_group+0x3a5/0x450
[ 2054.342537][  T314]  ? kobject_uevent_env+0x26f/0x710
[ 2054.347555][  T314]  should_failslab+0x5/0x20
[ 2054.351895][  T314]  kmem_cache_alloc_trace+0x28/0x260
[ 2054.357036][  T314]  ? dev_uevent_filter+0xb0/0xb0
[ 2054.361793][  T314]  kobject_uevent_env+0x26f/0x710
[ 2054.366654][  T314]  device_add+0x797/0xbb0
[ 2054.370819][  T314]  device_create_vargs+0x1b9/0x210
[ 2054.375766][  T314]  device_create+0xea/0x130
[ 2054.380106][  T314]  ? device_create_vargs+0x210/0x210
[ 2054.385228][  T314]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2054.390781][  T314]  bdi_register_va+0x84/0x610
[ 2054.395291][  T314]  bdi_register+0xd1/0x120
[ 2054.399548][  T314]  ? __device_add_disk+0x551/0x1220
[ 2054.404685][  T314]  ? bdi_register_va+0x610/0x610
[ 2054.409458][  T314]  ? percpu_ref_resurrect+0x113/0x190
[ 2054.414664][  T314]  bdi_register_owner+0x55/0xf0
[ 2054.419352][  T314]  __device_add_disk+0x5d1/0x1220
[ 2054.424197][  T314]  ? device_add_disk+0x30/0x30
[ 2054.428791][  T314]  ? vsprintf+0x30/0x30
[ 2054.432786][  T314]  ? __alloc_disk_node+0x459/0x5a0
[ 2054.437833][  T314]  loop_add+0x573/0x740
[ 2054.441829][  T314]  loop_control_ioctl+0x448/0x620
[ 2054.446690][  T314]  ? loop_remove+0xa0/0xa0
[ 2054.450938][  T314]  ? memset+0x1f/0x40
[ 2054.454872][  T314]  ? fsnotify+0x1280/0x1340
[ 2054.459204][  T314]  ? loop_remove+0xa0/0xa0
[ 2054.463466][  T314]  do_vfs_ioctl+0x742/0x1720
[ 2054.467889][  T314]  ? ioctl_preallocate+0x250/0x250
[ 2054.472834][  T314]  ? __fget+0x407/0x490
[ 2054.476833][  T314]  ? fget_many+0x20/0x20
[ 2054.480910][  T314]  ? debug_smp_processor_id+0x20/0x20
[ 2054.486263][  T314]  ? security_file_ioctl+0x7d/0xa0
[ 2054.491194][  T314]  __x64_sys_ioctl+0xd4/0x110
[ 2054.495708][  T314]  do_syscall_64+0xca/0x1c0
03:34:27 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 65)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:27 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async)

03:34:27 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async, rerun: 64)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) (rerun: 64)
r2 = accept4$tipc(r1, &(0x7f0000000100)=@id, &(0x7f0000000140)=0x10, 0x800)
accept4$tipc(r2, 0x0, &(0x7f00000000c0), 0x80800)

03:34:27 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:27 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$tipc(0x1e, 0x2, 0x0)
accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x0, {0x40, 0x4, 0x1}}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f0000000100), &(0x7f0000000140)=0x4)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f00000002c0)=0xffff8206, 0x4)
socket$tipc(0x1e, 0x2, 0x0)
ioctl$SIOCGIFMTU(r3, 0x8921, &(0x7f0000000240)={'batadv_slave_0\x00'})

03:34:27 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}, 0x2}}, 0x10)
r1 = accept4$tipc(r0, &(0x7f0000000000)=@id, &(0x7f0000000040)=0x10, 0x80000)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0x80000)

[ 2054.500051][  T314]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:27 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}, 0x2}}, 0x10)
r1 = accept4$tipc(r0, &(0x7f0000000000)=@id, &(0x7f0000000040)=0x10, 0x80000)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0x80000)
socket$tipc(0x1e, 0x2, 0x0) (async)
connect$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}, 0x2}}, 0x10) (async)
accept4$tipc(r0, &(0x7f0000000000)=@id, &(0x7f0000000040)=0x10, 0x80000) (async)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0x80000) (async)

03:34:27 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:27 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x84, 0x3ed, 0x10, 0x70bd2d, 0x25dfdbff, "33c92d3bb0f06b7adaf7fe88bac52abb2fe8952a8ce70428516c98e0780646913b299e4915b91acdd26d537601d49d4acbb478c4942da935f5091fdcf3aa39e64c412798935dbc314c753cbdbbc281f3f84a92e95a4c6f57458bc35ae4873d31ca23e18fc34caabe0fa9bb1a0efd3e6df2", ["", "", "", "", "", ""]}, 0x84}, 0x1, 0x0, 0x0, 0x44080}, 0x8001)

03:34:27 executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x5, @fixed, 0x9, 0x2}, 0xe)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={<r2=>0x0, @loopback, @multicast1}, &(0x7f00000000c0)=0xc)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@map=0x1, 0x3, 0x6b324bf2ed54abd9, 0x2, &(0x7f0000000100)=[0x0], 0x1, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], <r4=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@ifindex=r2, 0xffffffffffffffff, 0x4, 0x20, 0x0, @prog_fd=r3, r4}, 0x20)

03:34:27 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$tipc(0x1e, 0x2, 0x0)
accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x0, {0x40, 0x4, 0x1}}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f00000001c0), &(0x7f0000000200)=0x4) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f0000000100), &(0x7f0000000140)=0x4)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f00000002c0)=0xffff8206, 0x4) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
ioctl$SIOCGIFMTU(r3, 0x8921, &(0x7f0000000240)={'batadv_slave_0\x00'})

03:34:27 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async, rerun: 32)
accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0) (rerun: 32)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

[ 2054.601272][  T376] FAULT_INJECTION: forcing a failure.
[ 2054.601272][  T376] name failslab, interval 1, probability 0, space 0, times 0
[ 2054.616219][  T376] CPU: 0 PID: 376 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2054.627489][  T376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2054.637464][  T376] Call Trace:
[ 2054.640824][  T376]  dump_stack+0x1d8/0x241
[ 2054.644978][  T376]  ? panic+0x896/0x896
[ 2054.648885][  T376]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2054.654533][  T376]  ? mutex_unlock+0x18/0x40
[ 2054.658946][  T376]  ? kernfs_add_one+0x49a/0x5b0
[ 2054.663644][  T376]  should_fail+0x71f/0x880
[ 2054.667889][  T376]  ? setup_fault_attr+0x3d0/0x3d0
[ 2054.672747][  T376]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 2054.678064][  T376]  ? _raw_spin_lock+0x1b0/0x1b0
[ 2054.682726][  T376]  ? sysfs_merge_group+0x3a5/0x450
[ 2054.687675][  T376]  ? kobject_uevent_env+0x26f/0x710
[ 2054.692708][  T376]  should_failslab+0x5/0x20
[ 2054.697047][  T376]  kmem_cache_alloc_trace+0x28/0x260
[ 2054.702259][  T376]  ? dev_uevent_filter+0xb0/0xb0
[ 2054.707200][  T376]  kobject_uevent_env+0x26f/0x710
[ 2054.712065][  T376]  device_add+0x797/0xbb0
[ 2054.716233][  T376]  device_create_vargs+0x1b9/0x210
[ 2054.721178][  T376]  device_create+0xea/0x130
[ 2054.725518][  T376]  ? device_create_vargs+0x210/0x210
[ 2054.730724][  T376]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2054.736345][  T376]  bdi_register_va+0x84/0x610
[ 2054.740792][  T376]  bdi_register+0xd1/0x120
[ 2054.745045][  T376]  ? __device_add_disk+0x551/0x1220
[ 2054.750082][  T376]  ? bdi_register_va+0x610/0x610
[ 2054.754863][  T376]  ? percpu_ref_resurrect+0x113/0x190
[ 2054.760072][  T376]  bdi_register_owner+0x55/0xf0
[ 2054.764752][  T376]  __device_add_disk+0x5d1/0x1220
[ 2054.769608][  T376]  ? device_add_disk+0x30/0x30
[ 2054.774203][  T376]  ? vsprintf+0x30/0x30
[ 2054.778285][  T376]  ? __alloc_disk_node+0x459/0x5a0
[ 2054.783233][  T376]  loop_add+0x573/0x740
[ 2054.787226][  T376]  loop_control_ioctl+0x448/0x620
[ 2054.792085][  T376]  ? loop_remove+0xa0/0xa0
[ 2054.796339][  T376]  ? memset+0x1f/0x40
03:34:27 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 66)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:27 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x84, 0x3ed, 0x10, 0x70bd2d, 0x25dfdbff, "33c92d3bb0f06b7adaf7fe88bac52abb2fe8952a8ce70428516c98e0780646913b299e4915b91acdd26d537601d49d4acbb478c4942da935f5091fdcf3aa39e64c412798935dbc314c753cbdbbc281f3f84a92e95a4c6f57458bc35ae4873d31ca23e18fc34caabe0fa9bb1a0efd3e6df2", ["", "", "", "", "", ""]}, 0x84}, 0x1, 0x0, 0x0, 0x44080}, 0x8001)

03:34:27 executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x5, @fixed, 0x9, 0x2}, 0xe)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={<r2=>0x0, @loopback, @multicast1}, &(0x7f00000000c0)=0xc)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@map=0x1, 0x3, 0x6b324bf2ed54abd9, 0x2, &(0x7f0000000100)=[0x0], 0x1, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], <r4=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@ifindex=r2, 0xffffffffffffffff, 0x4, 0x20, 0x0, @prog_fd=r3, r4}, 0x20)

03:34:27 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
accept4$tipc(r1, &(0x7f0000000040)=@id, &(0x7f0000000080)=0x10, 0x0) (async)
bind$tipc(0xffffffffffffffff, &(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x0, {0x40, 0x4, 0x1}}, 0x10) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f00000001c0), &(0x7f0000000200)=0x4) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r3, 0x10f, 0x80, &(0x7f0000000100), &(0x7f0000000140)=0x4) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f00000002c0)=0xffff8206, 0x4) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
ioctl$SIOCGIFMTU(r3, 0x8921, &(0x7f0000000240)={'batadv_slave_0\x00'})

03:34:27 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x3, {{0x40, 0x4}, 0x2}}, 0x10)
r1 = accept4$tipc(r0, &(0x7f0000000000)=@id, &(0x7f0000000040)=0x10, 0x80000)
accept4$tipc(r1, &(0x7f0000000080)=@id, &(0x7f00000000c0)=0x10, 0x80000)

03:34:27 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
accept4$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)

[ 2054.800152][  T376]  ? fsnotify+0x1280/0x1340
[ 2054.804496][  T376]  ? loop_remove+0xa0/0xa0
[ 2054.808756][  T376]  do_vfs_ioctl+0x742/0x1720
[ 2054.813178][  T376]  ? ioctl_preallocate+0x250/0x250
[ 2054.818125][  T376]  ? __fget+0x407/0x490
[ 2054.822116][  T376]  ? fget_many+0x20/0x20
[ 2054.826190][  T376]  ? debug_smp_processor_id+0x20/0x20
[ 2054.831401][  T376]  ? security_file_ioctl+0x7d/0xa0
[ 2054.836351][  T376]  __x64_sys_ioctl+0xd4/0x110
[ 2054.840861][  T376]  do_syscall_64+0xca/0x1c0
[ 2054.845200][  T376]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:27 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4)
bind$tipc(r0, 0x0, 0x2)

03:34:27 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x84, 0x3ed, 0x10, 0x70bd2d, 0x25dfdbff, "33c92d3bb0f06b7adaf7fe88bac52abb2fe8952a8ce70428516c98e0780646913b299e4915b91acdd26d537601d49d4acbb478c4942da935f5091fdcf3aa39e64c412798935dbc314c753cbdbbc281f3f84a92e95a4c6f57458bc35ae4873d31ca23e18fc34caabe0fa9bb1a0efd3e6df2", ["", "", "", "", "", ""]}, 0x84}, 0x1, 0x0, 0x0, 0x44080}, 0x8001)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
sendmsg$AUDIT_USER(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x84, 0x3ed, 0x10, 0x70bd2d, 0x25dfdbff, "33c92d3bb0f06b7adaf7fe88bac52abb2fe8952a8ce70428516c98e0780646913b299e4915b91acdd26d537601d49d4acbb478c4942da935f5091fdcf3aa39e64c412798935dbc314c753cbdbbc281f3f84a92e95a4c6f57458bc35ae4873d31ca23e18fc34caabe0fa9bb1a0efd3e6df2", ["", "", "", "", "", ""]}, 0x84}, 0x1, 0x0, 0x0, 0x44080}, 0x8001) (async)

03:34:27 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x402, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/111)
r2 = io_uring_setup(0x58d1, &(0x7f0000000200)={0x0, 0x5a8, 0x400, 0x1, 0x59, 0x0, r1})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xe, &(0x7f0000000680)={0xb8, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/24, 0x18}, {&(0x7f00000002c0)=""/198, 0xc6}, {&(0x7f00000003c0)=""/126, 0x7e}, {&(0x7f0000000440)=""/55, 0x37}, {&(0x7f0000000480)=""/66, 0x42}, {&(0x7f0000000500)=""/180, 0xb4}], &(0x7f0000000640)=[0x4, 0xebc, 0x3, 0x6, 0xada, 0x59f3, 0x8000000000000001, 0x7f], 0x6}, 0x20)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x15, 0x11, 0x7fffffff, 0x78, 0x200, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x48)
socket$bt_rfcomm(0x1f, 0x1, 0x3)

03:34:27 executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x5, @fixed, 0x9, 0x2}, 0xe)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={<r2=>0x0, @loopback, @multicast1}, &(0x7f00000000c0)=0xc)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@map=0x1, 0x3, 0x6b324bf2ed54abd9, 0x2, &(0x7f0000000100)=[0x0], 0x1, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], <r4=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@ifindex=r2, 0xffffffffffffffff, 0x4, 0x20, 0x0, @prog_fd=r3, r4}, 0x20)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) (async)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x5, @fixed, 0x9, 0x2}, 0xe) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r1, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000080)={0x0, @loopback, @multicast1}, &(0x7f00000000c0)=0xc) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@map=0x1, 0x3, 0x6b324bf2ed54abd9, 0x2, &(0x7f0000000100)=[0x0], 0x1, 0x0, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0]}, 0x40) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@ifindex=r2, 0xffffffffffffffff, 0x4, 0x20, 0x0, @prog_fd=r3, r4}, 0x20) (async)

03:34:27 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000080)=0x7, 0x4)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040)=0xff, 0x4)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)

03:34:27 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0)

[ 2054.925275][  T456] Unknown ioctl -2132257775
[ 2054.950317][  T442] FAULT_INJECTION: forcing a failure.
[ 2054.950317][  T442] name failslab, interval 1, probability 0, space 0, times 0
[ 2054.963839][  T442] CPU: 0 PID: 442 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2054.975098][  T442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2054.984991][  T442] Call Trace:
[ 2054.988259][  T442]  dump_stack+0x1d8/0x241
[ 2054.992519][  T442]  ? panic+0x896/0x896
[ 2054.996409][  T442]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2055.002059][  T442]  ? vsnprintf+0x1b96/0x1c70
[ 2055.006490][  T442]  should_fail+0x71f/0x880
[ 2055.010903][  T442]  ? setup_fault_attr+0x3d0/0x3d0
[ 2055.015762][  T442]  ? __alloc_skb+0x7a/0x4d0
[ 2055.020099][  T442]  should_failslab+0x5/0x20
[ 2055.024427][  T442]  kmem_cache_alloc+0x28/0x250
[ 2055.029037][  T442]  __alloc_skb+0x7a/0x4d0
[ 2055.033202][  T442]  ? mutex_lock+0xa5/0x110
[ 2055.037462][  T442]  alloc_uevent_skb+0x74/0x220
[ 2055.042060][  T442]  kobject_uevent_net_broadcast+0x2e3/0x560
[ 2055.047778][  T442]  ? kobject_get_path+0x168/0x190
[ 2055.052743][  T442]  kobject_uevent_env+0x54d/0x710
[ 2055.057617][  T442]  device_add+0x797/0xbb0
[ 2055.061952][  T442]  device_create_vargs+0x1b9/0x210
[ 2055.066892][  T442]  device_create+0xea/0x130
[ 2055.071337][  T442]  ? device_create_vargs+0x210/0x210
[ 2055.076709][  T442]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2055.082234][  T442]  bdi_register_va+0x84/0x610
[ 2055.086755][  T442]  bdi_register+0xd1/0x120
[ 2055.091000][  T442]  ? __device_add_disk+0x551/0x1220
[ 2055.096036][  T442]  ? bdi_register_va+0x610/0x610
[ 2055.100803][  T442]  ? percpu_ref_resurrect+0x113/0x190
[ 2055.106015][  T442]  bdi_register_owner+0x55/0xf0
[ 2055.110732][  T442]  __device_add_disk+0x5d1/0x1220
[ 2055.115652][  T442]  ? device_add_disk+0x30/0x30
[ 2055.120248][  T442]  ? vsprintf+0x30/0x30
[ 2055.124247][  T442]  ? __alloc_disk_node+0x459/0x5a0
[ 2055.129333][  T442]  loop_add+0x573/0x740
[ 2055.133319][  T442]  loop_control_ioctl+0x448/0x620
[ 2055.138180][  T442]  ? loop_remove+0xa0/0xa0
[ 2055.142437][  T442]  ? memset+0x1f/0x40
[ 2055.146251][  T442]  ? fsnotify+0x1280/0x1340
03:34:27 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 67)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:27 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4)
bind$tipc(r0, 0x0, 0x2)

03:34:27 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x10001, 0x0)

03:34:27 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000080)=0x7, 0x4) (async)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040)=0xff, 0x4) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0) (async, rerun: 64)
r2 = socket$tipc(0x1e, 0x2, 0x0) (rerun: 64)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)

03:34:27 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x402, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/111) (async)
r2 = io_uring_setup(0x58d1, &(0x7f0000000200)={0x0, 0x5a8, 0x400, 0x1, 0x59, 0x0, r1})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xe, &(0x7f0000000680)={0xb8, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/24, 0x18}, {&(0x7f00000002c0)=""/198, 0xc6}, {&(0x7f00000003c0)=""/126, 0x7e}, {&(0x7f0000000440)=""/55, 0x37}, {&(0x7f0000000480)=""/66, 0x42}, {&(0x7f0000000500)=""/180, 0xb4}], &(0x7f0000000640)=[0x4, 0xebc, 0x3, 0x6, 0xada, 0x59f3, 0x8000000000000001, 0x7f], 0x6}, 0x20)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x15, 0x11, 0x7fffffff, 0x78, 0x200, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x48) (async)
socket$bt_rfcomm(0x1f, 0x1, 0x3)

03:34:27 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0) (async)
accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0) (async)

[ 2055.150593][  T442]  ? loop_remove+0xa0/0xa0
[ 2055.154832][  T442]  do_vfs_ioctl+0x742/0x1720
[ 2055.159273][  T442]  ? ioctl_preallocate+0x250/0x250
[ 2055.164212][  T442]  ? __fget+0x407/0x490
[ 2055.168205][  T442]  ? fget_many+0x20/0x20
[ 2055.172289][  T442]  ? debug_smp_processor_id+0x20/0x20
[ 2055.177497][  T442]  ? security_file_ioctl+0x7d/0xa0
[ 2055.182569][  T442]  __x64_sys_ioctl+0xd4/0x110
[ 2055.187098][  T442]  do_syscall_64+0xca/0x1c0
[ 2055.191418][  T442]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:27 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x10001, 0x0)

03:34:27 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async)
bind$tipc(r0, 0x0, 0x2)

03:34:27 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x402, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/111) (async)
r2 = io_uring_setup(0x58d1, &(0x7f0000000200)={0x0, 0x5a8, 0x400, 0x1, 0x59, 0x0, r1})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r2, 0xe, &(0x7f0000000680)={0xb8, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/24, 0x18}, {&(0x7f00000002c0)=""/198, 0xc6}, {&(0x7f00000003c0)=""/126, 0x7e}, {&(0x7f0000000440)=""/55, 0x37}, {&(0x7f0000000480)=""/66, 0x42}, {&(0x7f0000000500)=""/180, 0xb4}], &(0x7f0000000640)=[0x4, 0xebc, 0x3, 0x6, 0xada, 0x59f3, 0x8000000000000001, 0x7f], 0x6}, 0x20)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x15, 0x11, 0x7fffffff, 0x78, 0x200, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4}, 0x48) (async)
socket$bt_rfcomm(0x1f, 0x1, 0x3)

03:34:27 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000080)=0x7, 0x4)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040)=0xff, 0x4) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x6, 0x8, 0x0, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)

[ 2055.217727][  T480] Unknown ioctl -2132257775
03:34:27 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
accept4$tipc(r0, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0)

03:34:27 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x10001, 0x0)

[ 2055.279296][  T499] Unknown ioctl -2132257775
[ 2055.300750][  T492] FAULT_INJECTION: forcing a failure.
[ 2055.300750][  T492] name failslab, interval 1, probability 0, space 0, times 0
[ 2055.325201][  T492] CPU: 1 PID: 492 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2055.336689][  T492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2055.346595][  T492] Call Trace:
[ 2055.349717][  T492]  dump_stack+0x1d8/0x241
[ 2055.353884][  T492]  ? panic+0x896/0x896
[ 2055.357808][  T492]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2055.363438][  T492]  ? vsnprintf+0x1b96/0x1c70
[ 2055.367909][  T492]  should_fail+0x71f/0x880
[ 2055.372116][  T492]  ? setup_fault_attr+0x3d0/0x3d0
[ 2055.376973][  T492]  ? __alloc_skb+0x7a/0x4d0
[ 2055.381307][  T492]  should_failslab+0x5/0x20
[ 2055.385649][  T492]  kmem_cache_alloc+0x28/0x250
[ 2055.390347][  T492]  __alloc_skb+0x7a/0x4d0
[ 2055.394524][  T492]  ? mutex_lock+0xa5/0x110
[ 2055.398755][  T492]  alloc_uevent_skb+0x74/0x220
[ 2055.403440][  T492]  kobject_uevent_net_broadcast+0x2e3/0x560
[ 2055.409168][  T492]  ? kobject_get_path+0x168/0x190
[ 2055.414035][  T492]  kobject_uevent_env+0x54d/0x710
[ 2055.418901][  T492]  device_add+0x797/0xbb0
[ 2055.423058][  T492]  device_create_vargs+0x1b9/0x210
[ 2055.429868][  T492]  device_create+0xea/0x130
[ 2055.434172][  T492]  ? device_create_vargs+0x210/0x210
[ 2055.439287][  T492]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2055.444840][  T492]  bdi_register_va+0x84/0x610
[ 2055.449451][  T492]  bdi_register+0xd1/0x120
[ 2055.453703][  T492]  ? __device_add_disk+0x551/0x1220
[ 2055.458739][  T492]  ? bdi_register_va+0x610/0x610
[ 2055.463514][  T492]  ? percpu_ref_resurrect+0x113/0x190
[ 2055.468719][  T492]  bdi_register_owner+0x55/0xf0
[ 2055.473577][  T492]  __device_add_disk+0x5d1/0x1220
[ 2055.478438][  T492]  ? device_add_disk+0x30/0x30
[ 2055.483038][  T492]  ? vsprintf+0x30/0x30
[ 2055.487034][  T492]  ? __alloc_disk_node+0x459/0x5a0
[ 2055.491983][  T492]  loop_add+0x573/0x740
[ 2055.495973][  T492]  loop_control_ioctl+0x448/0x620
[ 2055.500928][  T492]  ? loop_remove+0xa0/0xa0
[ 2055.505184][  T492]  ? memset+0x1f/0x40
[ 2055.508989][  T492]  ? fsnotify+0x1280/0x1340
[ 2055.513326][  T492]  ? loop_remove+0xa0/0xa0
[ 2055.517585][  T492]  do_vfs_ioctl+0x742/0x1720
[ 2055.522007][  T492]  ? ioctl_preallocate+0x250/0x250
[ 2055.526959][  T492]  ? __fget+0x407/0x490
[ 2055.530978][  T492]  ? fget_many+0x20/0x20
[ 2055.535115][  T492]  ? debug_smp_processor_id+0x20/0x20
[ 2055.540325][  T492]  ? security_file_ioctl+0x7d/0xa0
[ 2055.545269][  T492]  __x64_sys_ioctl+0xd4/0x110
03:34:28 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 68)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:28 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_mr_cache\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x20, 0x1, 0x0, &(0x7f0000000080)=[0x0, 0x0], 0x2, 0x0, &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], <r1=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@ifindex, 0xffffffffffffffff, 0xd, 0x10, 0xffffffffffffffff, @prog_fd=r0, r1}, 0x20)
bind$tipc(0xffffffffffffffff, 0x0, 0x2)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x400000, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={<r3=>0x0}, &(0x7f0000000280)=0xc)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={0x0, @broadcast}, &(0x7f0000000340)=0xc)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r2, r3, 0x25, 0x1d, @val=@perf_event={0x1f}}, 0x40)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)

03:34:28 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x3, 0x2}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000080)=""/190)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
io_uring_setup(0x7802, &(0x7f0000000140)={0x0, 0xa306, 0x8, 0x1, 0x400000c, 0x0, r1})
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)

03:34:28 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x800)
connect$tipc(r2, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x2, {0x4e22, 0x1}}, 0x10)

03:34:28 executing program 4:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
accept4$tipc(r1, &(0x7f00000004c0)=@id, &(0x7f0000000500)=0x10, 0x1000)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r4=>0x0})
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000540)={0x40, 0x2, 0x1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000001c0)={'team0\x00', <r5=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0x1, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6e940000", @ANYRES16=r3, @ANYBLOB="10002abd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="1801028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r4, @ANYBLOB="08000700000000005c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c000400040009038c09000000000400ff7f0000060020ff1f6b00008100750780330000001000080900000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=r5, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000008000100", @ANYRES32=r6, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e0000"], 0x180}, 0x1, 0x0, 0x0, 0x4000095}, 0x40)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
read$char_usb(r7, &(0x7f0000000040)=""/142, 0x8e)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r8, 0x0, 0x0)
sendmsg$AUDIT_TTY_SET(r8, &(0x7f0000000640)={&(0x7f0000000580), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x18, 0x3f9, 0x400, 0x70bd2d, 0x25dfdbfd, {0x1}, ["", "", "", "", "", ""]}, 0x18}}, 0x40000)

03:34:28 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000100), r1)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000001940), r4)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000001a80)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001a40)={&(0x7f00000019c0)={0x14}, 0x14}}, 0x0)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x1000120}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x54, 0x0, 0x21c, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x54}}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r1, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000003c0)={<r9=>0x0, @multicast1, @multicast2}, &(0x7f0000000400)=0xc)
r10 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000006, 0x8010, 0xffffffffffffffff, 0x10000000)
sendmsg$TEAM_CMD_OPTIONS_GET(r10, 0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r10, 0x894b, &(0x7f0000000c00))
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000bc0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000440)={0x710, r3, 0x200, 0x70bd25, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8}, {0x13c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x44}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x58}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}, {{0x8}, {0x1b8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x32e51f55}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x1d4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x33702d5}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x401}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x401}}, {0x8}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9906}}}]}}, {{0x8, 0x1, r9}, {0x4}}]}, 0x710}, 0x1, 0x0, 0x0, 0x4004010}, 0x8800)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x1, 0x4)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x3, 0x3}}, 0x10)

03:34:28 executing program 4:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
accept4$tipc(r1, &(0x7f00000004c0)=@id, &(0x7f0000000500)=0x10, 0x1000)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r4=>0x0})
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000540)={0x40, 0x2, 0x1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000001c0)={'team0\x00', <r5=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0x1, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6e940000", @ANYRES16=r3, @ANYBLOB="10002abd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="1801028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r4, @ANYBLOB="08000700000000005c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c000400040009038c09000000000400ff7f0000060020ff1f6b00008100750780330000001000080900000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=r5, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000008000100", @ANYRES32=r6, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e0000"], 0x180}, 0x1, 0x0, 0x0, 0x4000095}, 0x40)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
read$char_usb(r7, &(0x7f0000000040)=""/142, 0x8e)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r8, 0x0, 0x0)
sendmsg$AUDIT_TTY_SET(r8, &(0x7f0000000640)={&(0x7f0000000580), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x18, 0x3f9, 0x400, 0x70bd2d, 0x25dfdbfd, {0x1}, ["", "", "", "", "", ""]}, 0x18}}, 0x40000)
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
accept4$tipc(r1, &(0x7f00000004c0)=@id, &(0x7f0000000500)=0x10, 0x1000) (async)
syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000540)={0x40, 0x2, 0x1}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000001c0)) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0x1, 0x58, &(0x7f0000000200)}, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6e940000", @ANYRES16=r3, @ANYBLOB="10002abd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="1801028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r4, @ANYBLOB="08000700000000005c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c000400040009038c09000000000400ff7f0000060020ff1f6b00008100750780330000001000080900000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=r5, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000008000100", @ANYRES32=r6, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e0000"], 0x180}, 0x1, 0x0, 0x0, 0x4000095}, 0x40) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0) (async)
read$char_usb(r7, &(0x7f0000000040)=""/142, 0x8e) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r8, 0x0, 0x0) (async)
sendmsg$AUDIT_TTY_SET(r8, &(0x7f0000000640)={&(0x7f0000000580), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x18, 0x3f9, 0x400, 0x70bd2d, 0x25dfdbfd, {0x1}, ["", "", "", "", "", ""]}, 0x18}}, 0x40000) (async)

03:34:28 executing program 1:
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000100), r1)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000001940), r4) (async)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000001940), r4)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000001a80)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001a40)={&(0x7f00000019c0)={0x14}, 0x14}}, 0x0)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x1000120}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x54, 0x0, 0x21c, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x54}}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r1, 0x58, &(0x7f0000000300)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r1, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000003c0)={<r9=>0x0, @multicast1, @multicast2}, &(0x7f0000000400)=0xc)
r10 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000006, 0x8010, 0xffffffffffffffff, 0x10000000) (async)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000006, 0x8010, 0xffffffffffffffff, 0x10000000)
sendmsg$TEAM_CMD_OPTIONS_GET(r10, 0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r10, 0x894b, &(0x7f0000000c00))
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000bc0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000440)={0x710, r3, 0x200, 0x70bd25, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8}, {0x13c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x44}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x58}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}, {{0x8}, {0x1b8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x32e51f55}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x1d4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x33702d5}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x401}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x401}}, {0x8}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9906}}}]}}, {{0x8, 0x1, r9}, {0x4}}]}, 0x710}, 0x1, 0x0, 0x0, 0x4004010}, 0x8800)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x1, 0x4) (async)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x1, 0x4)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x3, 0x3}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x3, 0x3}}, 0x10)

[ 2055.549792][  T492]  do_syscall_64+0xca/0x1c0
[ 2055.554523][  T492]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:28 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x3, 0x2}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000080)=""/190) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
io_uring_setup(0x7802, &(0x7f0000000140)={0x0, 0xa306, 0x8, 0x1, 0x400000c, 0x0, r1}) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)

03:34:28 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
r2 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x800)
connect$tipc(r2, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x2, {0x4e22, 0x1}}, 0x10)

03:34:28 executing program 4:
socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
accept4$tipc(r1, &(0x7f00000004c0)=@id, &(0x7f0000000500)=0x10, 0x1000) (async)
accept4$tipc(r1, &(0x7f00000004c0)=@id, &(0x7f0000000500)=0x10, 0x1000)
syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r4=>0x0})
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000540)={0x40, 0x2, 0x1}, 0x10) (async)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000540)={0x40, 0x2, 0x1}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000001c0)={'team0\x00', <r5=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0x1, 0x58, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6e940000", @ANYRES16=r3, @ANYBLOB="10002abd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="1801028040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r4, @ANYBLOB="08000700000000005c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c000400040009038c09000000000400ff7f0000060020ff1f6b00008100750780330000001000080900000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000600", @ANYRES32=r5, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000500000008000100", @ANYRES32=r6, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e0000"], 0x180}, 0x1, 0x0, 0x0, 0x4000095}, 0x40)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
read$char_usb(r7, &(0x7f0000000040)=""/142, 0x8e) (async)
read$char_usb(r7, &(0x7f0000000040)=""/142, 0x8e)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r8, 0x0, 0x0)
sendmsg$AUDIT_TTY_SET(r8, &(0x7f0000000640)={&(0x7f0000000580), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x18, 0x3f9, 0x400, 0x70bd2d, 0x25dfdbfd, {0x1}, ["", "", "", "", "", ""]}, 0x18}}, 0x40000)

03:34:28 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000100), r1) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000001940), r4)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000001a80)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001a40)={&(0x7f00000019c0)={0x14}, 0x14}}, 0x0) (async)
sendmsg$NLBL_CALIPSO_C_LISTALL(r4, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x1000120}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x54, 0x0, 0x21c, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x54}}, 0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r1, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000003c0)={<r9=>0x0, @multicast1, @multicast2}, &(0x7f0000000400)=0xc) (async)
r10 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000006, 0x8010, 0xffffffffffffffff, 0x10000000) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r10, 0x0, 0x0) (async)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r10, 0x894b, &(0x7f0000000c00))
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000bc0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000440)={0x710, r3, 0x200, 0x70bd25, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8}, {0x13c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x44}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x80, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x58}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}]}}, {{0x8}, {0x1b8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x32e51f55}}}, {0x44, 0x1, @name={{0x24}, {0x5}, {0x11, 0x4, 'activebackup\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r8}, {0x1d4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x33702d5}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x401}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8}}}]}}, {{0x8}, {0xf4, 0x2, 0x0, 0x1, [{0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x401}}, {0x8}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9906}}}]}}, {{0x8, 0x1, r9}, {0x4}}]}, 0x710}, 0x1, 0x0, 0x0, 0x4004010}, 0x8800) (async)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000080)=0x1, 0x4) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x3, 0x3}}, 0x10)

[ 2055.651281][  T522] FAULT_INJECTION: forcing a failure.
[ 2055.651281][  T522] name failslab, interval 1, probability 0, space 0, times 0
[ 2055.665791][  T522] CPU: 1 PID: 522 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2055.677206][  T522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2055.687173][  T522] Call Trace:
[ 2055.690311][  T522]  dump_stack+0x1d8/0x241
[ 2055.694552][  T522]  ? panic+0x896/0x896
[ 2055.698469][  T522]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2055.704107][  T522]  ? vsnprintf+0x1c70/0x1c70
[ 2055.708660][  T522]  ? do_vfs_ioctl+0x742/0x1720
[ 2055.713219][  T522]  should_fail+0x71f/0x880
[ 2055.717480][  T522]  ? string+0x29e/0x2f0
[ 2055.721457][  T522]  ? setup_fault_attr+0x3d0/0x3d0
[ 2055.726318][  T522]  ? skb_clone+0x1c0/0x360
[ 2055.730624][  T522]  should_failslab+0x5/0x20
[ 2055.734909][  T522]  kmem_cache_alloc+0x28/0x250
[ 2055.739606][  T522]  skb_clone+0x1c0/0x360
[ 2055.743876][  T522]  ? netlink_broadcast_filtered+0x679/0x1280
[ 2055.749690][  T522]  netlink_broadcast_filtered+0x687/0x1280
[ 2055.755505][  T522]  netlink_broadcast+0x35/0x50
[ 2055.760111][  T522]  kobject_uevent_net_broadcast+0x375/0x560
[ 2055.765951][  T522]  kobject_uevent_env+0x54d/0x710
[ 2055.770801][  T522]  device_add+0x797/0xbb0
[ 2055.774959][  T522]  device_create_vargs+0x1b9/0x210
[ 2055.779909][  T522]  device_create+0xea/0x130
[ 2055.784256][  T522]  ? device_create_vargs+0x210/0x210
[ 2055.789588][  T522]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2055.795168][  T522]  bdi_register_va+0x84/0x610
[ 2055.799657][  T522]  bdi_register+0xd1/0x120
[ 2055.803908][  T522]  ? __device_add_disk+0x551/0x1220
[ 2055.808946][  T522]  ? bdi_register_va+0x610/0x610
[ 2055.813714][  T522]  ? percpu_ref_resurrect+0x113/0x190
[ 2055.819004][  T522]  bdi_register_owner+0x55/0xf0
[ 2055.823609][  T522]  __device_add_disk+0x5d1/0x1220
[ 2055.828470][  T522]  ? device_add_disk+0x30/0x30
[ 2055.833067][  T522]  ? vsprintf+0x30/0x30
[ 2055.837068][  T522]  ? __alloc_disk_node+0x459/0x5a0
[ 2055.842016][  T522]  loop_add+0x573/0x740
[ 2055.846004][  T522]  loop_control_ioctl+0x448/0x620
[ 2055.850854][  T522]  ? loop_remove+0xa0/0xa0
[ 2055.855113][  T522]  ? memset+0x1f/0x40
[ 2055.858928][  T522]  ? fsnotify+0x1280/0x1340
[ 2055.863275][  T522]  ? loop_remove+0xa0/0xa0
[ 2055.867681][  T522]  do_vfs_ioctl+0x742/0x1720
[ 2055.872154][  T522]  ? ioctl_preallocate+0x250/0x250
[ 2055.877038][  T522]  ? __fget+0x407/0x490
[ 2055.881038][  T522]  ? fget_many+0x20/0x20
[ 2055.885114][  T522]  ? debug_smp_processor_id+0x20/0x20
[ 2055.890409][  T522]  ? security_file_ioctl+0x7d/0xa0
[ 2055.895448][  T522]  __x64_sys_ioctl+0xd4/0x110
03:34:28 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 69)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:28 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x800)
connect$tipc(r2, &(0x7f00000000c0)=@id={0x1e, 0x3, 0x2, {0x4e22, 0x1}}, 0x10)

03:34:28 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_mr_cache\x00') (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x20, 0x1, 0x0, &(0x7f0000000080)=[0x0, 0x0], 0x2, 0x0, &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], <r1=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@ifindex, 0xffffffffffffffff, 0xd, 0x10, 0xffffffffffffffff, @prog_fd=r0, r1}, 0x20)
bind$tipc(0xffffffffffffffff, 0x0, 0x2) (async)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x400000, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={<r3=>0x0}, &(0x7f0000000280)=0xc)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={0x0, @broadcast}, &(0x7f0000000340)=0xc) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r2, r3, 0x25, 0x1d, @val=@perf_event={0x1f}}, 0x40)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)

03:34:28 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x3, 0x2}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000080)=""/190)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
io_uring_setup(0x7802, &(0x7f0000000140)={0x0, 0xa306, 0x8, 0x1, 0x400000c, 0x0, r1})
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)
socket$tipc(0x1e, 0x2, 0x0) (async)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x3, 0x2}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000080)=""/190) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
io_uring_setup(0x7802, &(0x7f0000000140)={0x0, 0xa306, 0x8, 0x1, 0x400000c, 0x0, r1}) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2) (async)

03:34:28 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
bind$tipc(r3, 0x0, 0xffffffed)

03:34:28 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
r3 = accept4$tipc(r0, 0x0, &(0x7f0000000100), 0x80400)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0x4}, 0x10)
getpeername$tipc(r2, &(0x7f0000000080)=@name, &(0x7f00000000c0)=0x10)

[ 2055.900160][  T522]  do_syscall_64+0xca/0x1c0
[ 2055.904567][  T522]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:28 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000040)=@raw=[@jmp={0x5, 0x1, 0x4, 0x0, 0x0, 0xfffffffffffffffa, 0xfffffffffffffffc}, @map_fd={0x18, 0xb, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x9, 0xde, &(0x7f00000000c0)=""/222, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0xa, 0x2, 0x2}, 0x10, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000240)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000280)=[{0x3, 0x4, 0xc, 0x6}, {0x0, 0x4, 0x0, 0x1}, {0x0, 0x1, 0x1, 0xb}], 0x10, 0x8}, 0x90)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)

03:34:28 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ip_mr_cache\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000180)={@ifindex, 0x20, 0x1, 0x0, &(0x7f0000000080)=[0x0, 0x0], 0x2, 0x0, &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], <r1=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@ifindex, 0xffffffffffffffff, 0xd, 0x10, 0xffffffffffffffff, @prog_fd=r0, r1}, 0x20) (async)
bind$tipc(0xffffffffffffffff, 0x0, 0x2)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x400000, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={<r3=>0x0}, &(0x7f0000000280)=0xc)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={0x0, @broadcast}, &(0x7f0000000340)=0xc) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r2, r3, 0x25, 0x1d, @val=@perf_event={0x1f}}, 0x40) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)

03:34:28 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
bind$tipc(r3, 0x0, 0xffffffed)

03:34:28 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x43}}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140)=0x3, 0x4)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

03:34:28 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
r3 = accept4$tipc(r0, 0x0, &(0x7f0000000100), 0x80400)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0x4}, 0x10)
getpeername$tipc(r2, &(0x7f0000000080)=@name, &(0x7f00000000c0)=0x10) (async)
getpeername$tipc(r2, &(0x7f0000000080)=@name, &(0x7f00000000c0)=0x10)

03:34:28 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
bind$tipc(r3, 0x0, 0xffffffed)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
bind$tipc(r3, 0x0, 0xffffffed) (async)

[ 2056.001413][  T565] FAULT_INJECTION: forcing a failure.
[ 2056.001413][  T565] name failslab, interval 1, probability 0, space 0, times 0
[ 2056.035712][  T565] CPU: 0 PID: 565 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2056.047162][  T565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2056.057050][  T565] Call Trace:
[ 2056.060191][  T565]  dump_stack+0x1d8/0x241
[ 2056.064360][  T565]  ? panic+0x896/0x896
[ 2056.068259][  T565]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2056.073893][  T565]  ? vsnprintf+0x1c70/0x1c70
[ 2056.078327][  T565]  ? do_vfs_ioctl+0x742/0x1720
[ 2056.083070][  T565]  should_fail+0x71f/0x880
[ 2056.087281][  T565]  ? string+0x29e/0x2f0
[ 2056.091251][  T565]  ? setup_fault_attr+0x3d0/0x3d0
[ 2056.096118][  T565]  ? skb_clone+0x1c0/0x360
[ 2056.100362][  T565]  should_failslab+0x5/0x20
[ 2056.104704][  T565]  kmem_cache_alloc+0x28/0x250
[ 2056.109408][  T565]  skb_clone+0x1c0/0x360
[ 2056.113493][  T565]  ? netlink_broadcast_filtered+0x679/0x1280
[ 2056.119324][  T565]  netlink_broadcast_filtered+0x687/0x1280
[ 2056.125137][  T565]  netlink_broadcast+0x35/0x50
[ 2056.129728][  T565]  kobject_uevent_net_broadcast+0x375/0x560
[ 2056.135554][  T565]  kobject_uevent_env+0x54d/0x710
[ 2056.140399][  T565]  device_add+0x797/0xbb0
[ 2056.144659][  T565]  device_create_vargs+0x1b9/0x210
[ 2056.149717][  T565]  device_create+0xea/0x130
[ 2056.154052][  T565]  ? device_create_vargs+0x210/0x210
[ 2056.159163][  T565]  ? __percpu_ref_switch_mode+0x376/0x600
[ 2056.164806][  T565]  bdi_register_va+0x84/0x610
[ 2056.169318][  T565]  bdi_register+0xd1/0x120
[ 2056.173565][  T565]  ? __device_add_disk+0x551/0x1220
[ 2056.178603][  T565]  ? bdi_register_va+0x610/0x610
[ 2056.183390][  T565]  ? percpu_ref_resurrect+0x113/0x190
[ 2056.188731][  T565]  bdi_register_owner+0x55/0xf0
[ 2056.193586][  T565]  __device_add_disk+0x5d1/0x1220
[ 2056.198450][  T565]  ? device_add_disk+0x30/0x30
[ 2056.203137][  T565]  ? vsprintf+0x30/0x30
[ 2056.207250][  T565]  ? __alloc_disk_node+0x459/0x5a0
[ 2056.212195][  T565]  loop_add+0x573/0x740
[ 2056.216181][  T565]  loop_control_ioctl+0x448/0x620
[ 2056.221231][  T565]  ? loop_remove+0xa0/0xa0
[ 2056.225468][  T565]  ? memset+0x1f/0x40
[ 2056.229394][  T565]  ? fsnotify+0x1280/0x1340
[ 2056.234000][  T565]  ? loop_remove+0xa0/0xa0
[ 2056.238343][  T565]  do_vfs_ioctl+0x742/0x1720
[ 2056.242778][  T565]  ? ioctl_preallocate+0x250/0x250
[ 2056.247704][  T565]  ? __fget+0x407/0x490
03:34:29 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 70)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:29 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000300)='net/tcp6\x00')
syz_io_uring_setup(0x3ac2, &(0x7f0000000180)={0x0, 0x7237, 0x100, 0x0, 0x1a9, 0x0, r4}, &(0x7f0000000200), &(0x7f0000000240))
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f00000002c0)={0x5, 0x0, &(0x7f0000000280)=[r2, r3, r0, 0xffffffffffffffff, r7, r5, r0, r6]}, 0x8)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x0, 0x1}}}, 0x10)
r8 = accept4$tipc(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x800)
accept4$tipc(r8, &(0x7f0000000100)=@name, &(0x7f0000000140)=0x10, 0x800)
r9 = syz_open_dev$mouse(&(0x7f0000000040), 0x903c, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r9, 0x1, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc048050}, 0x804)

03:34:29 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x43}}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140)=0x3, 0x4)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
socket$tipc(0x1e, 0x2, 0x0) (async)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x43}}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140)=0x3, 0x4) (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)) (async)
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (async)

03:34:29 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff}) (async)
r3 = accept4$tipc(r0, 0x0, &(0x7f0000000100), 0x80400)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0x4}, 0x10)
getpeername$tipc(r2, &(0x7f0000000080)=@name, &(0x7f00000000c0)=0x10)

03:34:29 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async, rerun: 32)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000040)=@raw=[@jmp={0x5, 0x1, 0x4, 0x0, 0x0, 0xfffffffffffffffa, 0xfffffffffffffffc}, @map_fd={0x18, 0xb, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x9, 0xde, &(0x7f00000000c0)=""/222, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0xa, 0x2, 0x2}, 0x10, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000240)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000280)=[{0x3, 0x4, 0xc, 0x6}, {0x0, 0x4, 0x0, 0x1}, {0x0, 0x1, 0x1, 0xb}], 0x10, 0x8}, 0x90)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)

03:34:29 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2)

[ 2056.251690][  T565]  ? fget_many+0x20/0x20
[ 2056.255855][  T565]  ? debug_smp_processor_id+0x20/0x20
[ 2056.261063][  T565]  ? security_file_ioctl+0x7d/0xa0
[ 2056.266251][  T565]  __x64_sys_ioctl+0xd4/0x110
[ 2056.270755][  T565]  do_syscall_64+0xca/0x1c0
[ 2056.275272][  T565]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:29 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @dev, @broadcast}, &(0x7f0000000080)=0xc)

03:34:29 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000300)='net/tcp6\x00')
syz_io_uring_setup(0x3ac2, &(0x7f0000000180)={0x0, 0x7237, 0x100, 0x0, 0x1a9, 0x0, r4}, &(0x7f0000000200), &(0x7f0000000240)) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0) (async)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f00000002c0)={0x5, 0x0, &(0x7f0000000280)=[r2, r3, r0, 0xffffffffffffffff, r7, r5, r0, r6]}, 0x8) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x0, 0x1}}}, 0x10) (async)
r8 = accept4$tipc(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x800)
accept4$tipc(r8, &(0x7f0000000100)=@name, &(0x7f0000000140)=0x10, 0x800)
r9 = syz_open_dev$mouse(&(0x7f0000000040), 0x903c, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r9, 0x1, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc048050}, 0x804)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000040)=@raw=[@jmp={0x5, 0x1, 0x4, 0x0, 0x0, 0xfffffffffffffffa, 0xfffffffffffffffc}, @map_fd={0x18, 0xb, 0x1, 0x0, 0x1}], &(0x7f0000000080)='syzkaller\x00', 0x9, 0xde, &(0x7f00000000c0)=""/222, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000200)={0x1, 0xa, 0x2, 0x2}, 0x10, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000240)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000280)=[{0x3, 0x4, 0xc, 0x6}, {0x0, 0x4, 0x0, 0x1}, {0x0, 0x1, 0x1, 0xb}], 0x10, 0x8}, 0x90)
ioctl$LOOP_SET_FD(r1, 0x4c00, r2)

03:34:29 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x43}}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async, rerun: 32)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000140)=0x3, 0x4) (async, rerun: 32)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

[ 2056.380830][  T629] FAULT_INJECTION: forcing a failure.
[ 2056.380830][  T629] name failslab, interval 1, probability 0, space 0, times 0
[ 2056.428834][  T629] CPU: 1 PID: 629 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2056.440379][  T629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2056.450367][  T629] Call Trace:
[ 2056.453498][  T629]  dump_stack+0x1d8/0x241
[ 2056.457661][  T629]  ? panic+0x896/0x896
[ 2056.461562][  T629]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2056.467212][  T629]  ? check_preemption_disabled+0x153/0x320
[ 2056.472937][  T629]  ? debug_smp_processor_id+0x20/0x20
[ 2056.478327][  T629]  should_fail+0x71f/0x880
[ 2056.482600][  T629]  ? setup_fault_attr+0x3d0/0x3d0
[ 2056.487566][  T629]  ? __kasan_slab_free+0x233/0x270
[ 2056.492497][  T629]  ? __kasan_slab_free+0x1b5/0x270
[ 2056.497415][  T629]  ? kfree+0x123/0x370
[ 2056.501410][  T629]  ? kobject_uevent_env+0x346/0x710
[ 2056.506460][  T629]  ? device_add+0x797/0xbb0
[ 2056.510791][  T629]  ? __d_alloc+0x2a/0x6a0
[ 2056.515163][  T629]  should_failslab+0x5/0x20
[ 2056.519500][  T629]  kmem_cache_alloc+0x28/0x250
[ 2056.524220][  T629]  __d_alloc+0x2a/0x6a0
[ 2056.528206][  T629]  d_alloc_parallel+0xe7/0x1310
[ 2056.532991][  T629]  ? avc_has_perm_noaudit+0x2f1/0x3d0
[ 2056.538187][  T629]  ? avc_denied+0x1d0/0x1d0
[ 2056.542530][  T629]  ? d_hash_and_lookup+0x1e0/0x1e0
[ 2056.547479][  T629]  ? _raw_spin_lock+0xa4/0x1b0
[ 2056.552091][  T629]  ? _raw_spin_trylock_bh+0x190/0x190
[ 2056.557290][  T629]  ? selinux_inode_permission+0x380/0x6a0
[ 2056.562852][  T629]  ? selinux_inode_permission+0x454/0x6a0
[ 2056.568572][  T629]  __lookup_slow+0x156/0x460
[ 2056.572998][  T629]  ? lookup_one_len+0x2c0/0x2c0
[ 2056.577686][  T629]  lookup_one_len+0x180/0x2c0
[ 2056.582193][  T629]  ? lookup_one_len_common+0x450/0x450
[ 2056.587599][  T629]  start_creating+0xec/0x250
[ 2056.592005][  T629]  debugfs_create_dir+0x24/0x380
[ 2056.596785][  T629]  bdi_register_va+0x245/0x610
[ 2056.601640][  T629]  bdi_register+0xd1/0x120
[ 2056.605987][  T629]  ? __device_add_disk+0x551/0x1220
[ 2056.611017][  T629]  ? bdi_register_va+0x610/0x610
[ 2056.615905][  T629]  ? percpu_ref_resurrect+0x113/0x190
[ 2056.621296][  T629]  bdi_register_owner+0x55/0xf0
[ 2056.625965][  T629]  __device_add_disk+0x5d1/0x1220
[ 2056.630826][  T629]  ? device_add_disk+0x30/0x30
[ 2056.635420][  T629]  ? vsprintf+0x30/0x30
[ 2056.639417][  T629]  ? __alloc_disk_node+0x459/0x5a0
[ 2056.644525][  T629]  loop_add+0x573/0x740
[ 2056.648523][  T629]  loop_control_ioctl+0x448/0x620
[ 2056.653370][  T629]  ? loop_remove+0xa0/0xa0
[ 2056.657675][  T629]  ? memset+0x1f/0x40
[ 2056.661528][  T629]  ? fsnotify+0x1280/0x1340
[ 2056.665876][  T629]  ? loop_remove+0xa0/0xa0
[ 2056.670120][  T629]  do_vfs_ioctl+0x742/0x1720
[ 2056.674638][  T629]  ? ioctl_preallocate+0x250/0x250
03:34:29 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 71)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:29 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2) (async)
bind$tipc(r0, 0x0, 0x2)

03:34:29 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @dev, @broadcast}, &(0x7f0000000080)=0xc)

03:34:29 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
r4 = syz_open_procfs(0x0, &(0x7f0000000300)='net/tcp6\x00')
syz_io_uring_setup(0x3ac2, &(0x7f0000000180)={0x0, 0x7237, 0x100, 0x0, 0x1a9, 0x0, r4}, &(0x7f0000000200), &(0x7f0000000240)) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r6, 0x0, 0x0) (async)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0) (async)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f00000002c0)={0x5, 0x0, &(0x7f0000000280)=[r2, r3, r0, 0xffffffffffffffff, r7, r5, r0, r6]}, 0x8) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x0, 0x1}}}, 0x10) (async)
r8 = accept4$tipc(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10, 0x800)
accept4$tipc(r8, &(0x7f0000000100)=@name, &(0x7f0000000140)=0x10, 0x800) (async)
r9 = syz_open_dev$mouse(&(0x7f0000000040), 0x903c, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r9, 0x1, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0) (async)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc048050}, 0x804)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:29 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000100)={<r2=>0x0, @rand_addr, @private}, &(0x7f0000000140)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={<r5=>0x0, @empty, @initdev}, &(0x7f00000002c0)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r6=>0x0, @loopback, @multicast2}, &(0x7f0000000340)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000380)={<r7=>0x0, @private, @private}, &(0x7f00000003c0)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000400)={<r8=>0x0, @multicast2, @loopback}, &(0x7f0000000440)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000ec0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000480)={0x9cc, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0x174, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x2, 0xfe, 0x7, 0x2}, {0x4, 0x81, 0x7, 0x8}, {0x200, 0x1, 0x7}, {0x6, 0x2, 0x40, 0x3f}, {0xc6, 0x40, 0xaa, 0x947e}, {0x8001, 0xa7, 0x43, 0xd5}, {0x2, 0x3f, 0xfe, 0xb5}, {0xba, 0x4, 0x1, 0xffffffff}]}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7cc}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8}}}]}}, {{0x8}, {0x1ac, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}]}}, {{0x8, 0x1, r3}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}]}}, {{0x8, 0x1, r4}, {0xbc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8001}}, {0x8}}}]}}, {{0x8, 0x1, r5}, {0x160, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc744}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1a4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffff}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x100}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x124, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f2b07f1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}]}}]}, 0x9cc}, 0x1, 0x0, 0x0, 0x800}, 0x20008004)
mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x6)
r9 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r9, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r10 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x121000)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000080))

[ 2056.679583][  T629]  ? __fget+0x407/0x490
[ 2056.683582][  T629]  ? fget_many+0x20/0x20
[ 2056.687802][  T629]  ? debug_smp_processor_id+0x20/0x20
[ 2056.692987][  T629]  ? security_file_ioctl+0x7d/0xa0
[ 2056.697937][  T629]  __x64_sys_ioctl+0xd4/0x110
[ 2056.702455][  T629]  do_syscall_64+0xca/0x1c0
[ 2056.706787][  T629]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:29 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000040)={0x0, @dev, @broadcast}, &(0x7f0000000080)=0xc)

03:34:29 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0) (async)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000100)={<r2=>0x0, @rand_addr, @private}, &(0x7f0000000140)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x58, &(0x7f0000000180)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={<r5=>0x0, @empty, @initdev}, &(0x7f00000002c0)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={0x0, @loopback, @multicast2}, &(0x7f0000000340)=0xc) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r6=>0x0, @loopback, @multicast2}, &(0x7f0000000340)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000380)={<r7=>0x0, @private, @private}, &(0x7f00000003c0)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000400)={<r8=>0x0, @multicast2, @loopback}, &(0x7f0000000440)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000ec0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000480)={0x9cc, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0x174, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x2, 0xfe, 0x7, 0x2}, {0x4, 0x81, 0x7, 0x8}, {0x200, 0x1, 0x7}, {0x6, 0x2, 0x40, 0x3f}, {0xc6, 0x40, 0xaa, 0x947e}, {0x8001, 0xa7, 0x43, 0xd5}, {0x2, 0x3f, 0xfe, 0xb5}, {0xba, 0x4, 0x1, 0xffffffff}]}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7cc}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8}}}]}}, {{0x8}, {0x1ac, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}]}}, {{0x8, 0x1, r3}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}]}}, {{0x8, 0x1, r4}, {0xbc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8001}}, {0x8}}}]}}, {{0x8, 0x1, r5}, {0x160, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc744}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1a4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffff}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x100}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x124, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f2b07f1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}]}}]}, 0x9cc}, 0x1, 0x0, 0x0, 0x800}, 0x20008004)
mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x6)
socket$tipc(0x1e, 0x2, 0x0) (async)
r9 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r9, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r10 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x121000)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000080))

03:34:29 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$HIDIOCSFEATURE(r1, 0xc0404806, &(0x7f00000000c0)="0e2879fd998acfb40afc3bd475ab44411e18f7b7511711699ad36a36376c371857e8b01babca9590baa47fb515b1f89a751a30f8927446bba01641c033898e63bc5fad3f11b8b85b0eb5786fee0519ca1e8d25876a0c6031187d568eee187a374eff6bec87db5b5c92259f923f458e075220f36d50edc4eca6df101f671fa2ee2562934c36ed8890b67448abdf079abfd48674a7d31bcddb84b54f6e61e773ba04ae7d8d3b362bddddb61bbab61e326846e7f1e50188c4cee67cfb35d5d4c179a657b5a2deaf16e3a77c47356697a1acfae6463c174d289cf3dd19367a90a40366e6aa3c2b56c7f24f1c35756c6fc23301ea6db92e45082013")
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder-control\x00', 0x0, 0x0)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:29 executing program 1:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, &(0x7f0000000040)=""/14, &(0x7f0000000080)=0xe)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bind$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43, 0x4}}}, 0x10)

[ 2056.811260][  T664] FAULT_INJECTION: forcing a failure.
[ 2056.811260][  T664] name failslab, interval 1, probability 0, space 0, times 0
[ 2056.843925][  T664] CPU: 1 PID: 664 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2056.855302][  T664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2056.865191][  T664] Call Trace:
[ 2056.868326][  T664]  dump_stack+0x1d8/0x241
[ 2056.872567][  T664]  ? panic+0x896/0x896
[ 2056.876587][  T664]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2056.882224][  T664]  ? simple_lookup+0xba/0xf0
[ 2056.886646][  T664]  ? __lookup_slow+0x350/0x460
[ 2056.891246][  T664]  should_fail+0x71f/0x880
[ 2056.895503][  T664]  ? setup_fault_attr+0x3d0/0x3d0
[ 2056.900368][  T664]  ? lookup_one_len+0x180/0x2c0
[ 2056.905051][  T664]  ? new_inode_pseudo+0x78/0x210
[ 2056.909826][  T664]  should_failslab+0x5/0x20
[ 2056.914165][  T664]  kmem_cache_alloc+0x28/0x250
[ 2056.918763][  T664]  new_inode_pseudo+0x78/0x210
[ 2056.923374][  T664]  new_inode+0x25/0x1d0
[ 2056.927460][  T664]  ? start_creating+0x15d/0x250
[ 2056.932164][  T664]  debugfs_create_dir+0x66/0x380
[ 2056.936924][  T664]  bdi_register_va+0x245/0x610
[ 2056.941530][  T664]  bdi_register+0xd1/0x120
[ 2056.945769][  T664]  ? __device_add_disk+0x551/0x1220
[ 2056.950811][  T664]  ? bdi_register_va+0x610/0x610
[ 2056.955572][  T664]  ? percpu_ref_resurrect+0x113/0x190
[ 2056.960793][  T664]  bdi_register_owner+0x55/0xf0
[ 2056.965472][  T664]  __device_add_disk+0x5d1/0x1220
[ 2056.970335][  T664]  ? device_add_disk+0x30/0x30
[ 2056.975018][  T664]  ? vsprintf+0x30/0x30
[ 2056.979014][  T664]  ? __alloc_disk_node+0x459/0x5a0
[ 2056.983961][  T664]  loop_add+0x573/0x740
[ 2056.987951][  T664]  loop_control_ioctl+0x448/0x620
[ 2056.992901][  T664]  ? loop_remove+0xa0/0xa0
[ 2056.997158][  T664]  ? memset+0x1f/0x40
[ 2057.000968][  T664]  ? fsnotify+0x1280/0x1340
[ 2057.005322][  T664]  ? loop_remove+0xa0/0xa0
03:34:29 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 72)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:29 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000100)={<r2=>0x0, @rand_addr, @private}, &(0x7f0000000140)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={<r5=>0x0, @empty, @initdev}, &(0x7f00000002c0)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={<r6=>0x0, @loopback, @multicast2}, &(0x7f0000000340)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000380)={<r7=>0x0, @private, @private}, &(0x7f00000003c0)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000400)={<r8=>0x0, @multicast2, @loopback}, &(0x7f0000000440)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000ec0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000480)={0x9cc, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0x174, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x2, 0xfe, 0x7, 0x2}, {0x4, 0x81, 0x7, 0x8}, {0x200, 0x1, 0x7}, {0x6, 0x2, 0x40, 0x3f}, {0xc6, 0x40, 0xaa, 0x947e}, {0x8001, 0xa7, 0x43, 0xd5}, {0x2, 0x3f, 0xfe, 0xb5}, {0xba, 0x4, 0x1, 0xffffffff}]}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7cc}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8}}}]}}, {{0x8}, {0x1ac, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}]}}, {{0x8, 0x1, r3}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}]}}, {{0x8, 0x1, r4}, {0xbc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8001}}, {0x8}}}]}}, {{0x8, 0x1, r5}, {0x160, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc744}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1a4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffff}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x100}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x124, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f2b07f1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}]}}]}, 0x9cc}, 0x1, 0x0, 0x0, 0x800}, 0x20008004)
mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x6)
r9 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r9, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r10 = syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x121000)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000080))
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
ioctl$LOOP_SET_FD(r0, 0x4c00, r0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000100)={0x0, @rand_addr, @private}, &(0x7f0000000140)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x58, &(0x7f0000000180)}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000280)={0x0, @empty, @initdev}, &(0x7f00000002c0)=0xc) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000300)={0x0, @loopback, @multicast2}, &(0x7f0000000340)=0xc) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000380)={0x0, @private, @private}, &(0x7f00000003c0)=0xc) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000400)={0x0, @multicast2, @loopback}, &(0x7f0000000440)=0xc) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000ec0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000480)={0x9cc, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0x174, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe4}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x2, 0xfe, 0x7, 0x2}, {0x4, 0x81, 0x7, 0x8}, {0x200, 0x1, 0x7}, {0x6, 0x2, 0x40, 0x3f}, {0xc6, 0x40, 0xaa, 0x947e}, {0x8001, 0xa7, 0x43, 0xd5}, {0x2, 0x3f, 0xfe, 0xb5}, {0xba, 0x4, 0x1, 0xffffffff}]}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7cc}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1f}}, {0x8}}}]}}, {{0x8}, {0x1ac, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x100}}}]}}, {{0x8, 0x1, r3}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x10000}}}]}}, {{0x8, 0x1, r4}, {0xbc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8001}}, {0x8}}}]}}, {{0x8, 0x1, r5}, {0x160, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc744}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r6}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000000}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x1a4, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffff}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x100}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x124, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x3f2b07f1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1f}}}]}}]}, 0x9cc}, 0x1, 0x0, 0x0, 0x800}, 0x20008004) (async)
mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x6) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r9, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x121000) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r10, 0x8933, &(0x7f0000000080)) (async)

03:34:29 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async)
ioctl$HIDIOCSFEATURE(r1, 0xc0404806, &(0x7f00000000c0)="0e2879fd998acfb40afc3bd475ab44411e18f7b7511711699ad36a36376c371857e8b01babca9590baa47fb515b1f89a751a30f8927446bba01641c033898e63bc5fad3f11b8b85b0eb5786fee0519ca1e8d25876a0c6031187d568eee187a374eff6bec87db5b5c92259f923f458e075220f36d50edc4eca6df101f671fa2ee2562934c36ed8890b67448abdf079abfd48674a7d31bcddb84b54f6e61e773ba04ae7d8d3b362bddddb61bbab61e326846e7f1e50188c4cee67cfb35d5d4c179a657b5a2deaf16e3a77c47356697a1acfae6463c174d289cf3dd19367a90a40366e6aa3c2b56c7f24f1c35756c6fc23301ea6db92e45082013") (async)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder-control\x00', 0x0, 0x0)

03:34:29 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040))
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x34, 0x0, &(0x7f0000000080)=[@exit_looper, @dead_binder_done, @decrefs={0x40046307, 0x1}, @acquire_done={0x40106309, 0x3}, @acquire={0x40046305, 0x2}], 0xbe, 0x0, &(0x7f00000000c0)="8788e3119f1ec6b75f3b26678fffbef202e122932f2cd9a1af87fe0f3fee2a251d9f0c86a22a1eb52dc76bfc175faf234d613a6789876eb5076ba01b61e1eeac32f17a7f38b21a8430cc01db92e0f81b57b54a29d9c10fcfbfb00d579881eead7c7bc49251db7e1e57d91d200f26d4b3451f3b543dc163421810c2ee57eaf0ff447cb72d74cd8b19308d06215c974599a4a2d1cdfc4f0f56228e86110c3bd8d8da9bcaaf93ad985928856c4ce444201a6e9f7d0fe1c5d164e7fdf280fcfb"})

03:34:29 executing program 1:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, &(0x7f0000000040)=""/14, &(0x7f0000000080)=0xe) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async, rerun: 64)
bind$tipc(r1, 0x0, 0x0) (rerun: 64)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bind$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43, 0x4}}}, 0x10)

[ 2057.009567][  T664]  do_vfs_ioctl+0x742/0x1720
[ 2057.013991][  T664]  ? ioctl_preallocate+0x250/0x250
[ 2057.018936][  T664]  ? __fget+0x407/0x490
[ 2057.022929][  T664]  ? fget_many+0x20/0x20
[ 2057.027004][  T664]  ? debug_smp_processor_id+0x20/0x20
[ 2057.032215][  T664]  ? security_file_ioctl+0x7d/0xa0
[ 2057.037164][  T664]  __x64_sys_ioctl+0xd4/0x110
[ 2057.041676][  T664]  do_syscall_64+0xca/0x1c0
[ 2057.046026][  T664]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2057.053362][  T664] debugfs: out of free dentries, can not create directory '7:0'
03:34:29 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000000), &(0x7f0000000040)=0x4) (async)
ioctl$HIDIOCSFEATURE(r1, 0xc0404806, &(0x7f00000000c0)="0e2879fd998acfb40afc3bd475ab44411e18f7b7511711699ad36a36376c371857e8b01babca9590baa47fb515b1f89a751a30f8927446bba01641c033898e63bc5fad3f11b8b85b0eb5786fee0519ca1e8d25876a0c6031187d568eee187a374eff6bec87db5b5c92259f923f458e075220f36d50edc4eca6df101f671fa2ee2562934c36ed8890b67448abdf079abfd48674a7d31bcddb84b54f6e61e773ba04ae7d8d3b362bddddb61bbab61e326846e7f1e50188c4cee67cfb35d5d4c179a657b5a2deaf16e3a77c47356697a1acfae6463c174d289cf3dd19367a90a40366e6aa3c2b56c7f24f1c35756c6fc23301ea6db92e45082013") (async)
openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder-control\x00', 0x0, 0x0)

03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bind$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43, 0x4}}}, 0x10)

03:34:29 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000400))
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
connect$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x882, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000003140)=ANY=[@ANYBLOB="a4afdae0b35aed1c", @ANYRES16=0x0, @ANYBLOB="000226bd7000ffdbdf253e000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c74696361737400050083003f000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000"], 0x1a0}, 0x1, 0x0, 0x0, 0x4800}, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)
io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f0000003080)=[{0x2, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000440)=""/90, 0x5a}, {&(0x7f00000004c0)=""/4096, 0x1000}], &(0x7f0000001500)=[0x100000001, 0x8000000000000000, 0x1, 0x8, 0x8, 0x0, 0x3ff, 0x9, 0x6, 0x3]}, {0x3, 0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001580)=""/232, 0xe8}, {&(0x7f0000001680)=""/236, 0xec}, {&(0x7f0000001780)=""/26, 0x1a}], &(0x7f0000001800)=[0x5]}, {0x3, 0x1, 0x0, &(0x7f00000028c0)=[{&(0x7f0000001840)=""/40, 0x28}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/48, 0x30}], &(0x7f0000002900)=[0xffffffffffffffff, 0x0, 0xdf, 0x7, 0x5, 0x70b1, 0x8]}, {0x9, 0x1, 0x0, &(0x7f0000002e40)=[{&(0x7f0000002940)=""/145, 0x91}, {&(0x7f0000002a00)=""/74, 0x4a}, {&(0x7f0000002a80)=""/29, 0x1d}, {&(0x7f0000002ac0)=""/172, 0xac}, {&(0x7f0000002b80)=""/238, 0xee}, {&(0x7f0000002c80)=""/56, 0x38}, {&(0x7f0000002cc0)=""/77, 0x4d}, {&(0x7f0000002d40)=""/136, 0x88}, {&(0x7f0000002e00)=""/55, 0x37}], &(0x7f0000002f00)=[0x5]}, {0x1, 0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000002f40)=""/187, 0xbb}], &(0x7f0000003040)=[0x7fff, 0x4, 0x20, 0x6, 0x7, 0x5, 0x2, 0x9]}], 0x5)

[ 2057.092162][  T689] Unknown ioctl -1070571007
03:34:29 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040))
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x34, 0x0, &(0x7f0000000080)=[@exit_looper, @dead_binder_done, @decrefs={0x40046307, 0x1}, @acquire_done={0x40106309, 0x3}, @acquire={0x40046305, 0x2}], 0xbe, 0x0, &(0x7f00000000c0)="8788e3119f1ec6b75f3b26678fffbef202e122932f2cd9a1af87fe0f3fee2a251d9f0c86a22a1eb52dc76bfc175faf234d613a6789876eb5076ba01b61e1eeac32f17a7f38b21a8430cc01db92e0f81b57b54a29d9c10fcfbfb00d579881eead7c7bc49251db7e1e57d91d200f26d4b3451f3b543dc163421810c2ee57eaf0ff447cb72d74cd8b19308d06215c974599a4a2d1cdfc4f0f56228e86110c3bd8d8da9bcaaf93ad985928856c4ce444201a6e9f7d0fe1c5d164e7fdf280fcfb"})

03:34:29 executing program 1:
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, &(0x7f0000000040)=""/14, &(0x7f0000000080)=0xe)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r1, 0x0, 0x0)

[ 2057.141328][  T711] FAULT_INJECTION: forcing a failure.
[ 2057.141328][  T711] name failslab, interval 1, probability 0, space 0, times 0
[ 2057.169468][  T724] Unknown ioctl -1070571007
[ 2057.177323][  T711] CPU: 1 PID: 711 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2057.188602][  T711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2057.198579][  T711] Call Trace:
[ 2057.201712][  T711]  dump_stack+0x1d8/0x241
[ 2057.205872][  T711]  ? panic+0x896/0x896
[ 2057.209774][  T711]  ? do_vfs_ioctl+0x742/0x1720
[ 2057.214639][  T711]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2057.220294][  T711]  should_fail+0x71f/0x880
[ 2057.224633][  T711]  ? setup_fault_attr+0x3d0/0x3d0
[ 2057.229483][  T711]  ? make_kgid+0x1f2/0x6f0
[ 2057.233737][  T711]  ? security_inode_alloc+0x24/0x110
03:34:29 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

[ 2057.238856][  T711]  should_failslab+0x5/0x20
[ 2057.243249][  T711]  kmem_cache_alloc+0x28/0x250
[ 2057.247801][  T711]  security_inode_alloc+0x24/0x110
[ 2057.252747][  T711]  inode_init_always+0x655/0x8a0
[ 2057.257788][  T711]  new_inode_pseudo+0x8f/0x210
[ 2057.262390][  T711]  new_inode+0x25/0x1d0
[ 2057.266601][  T711]  ? start_creating+0x15d/0x250
[ 2057.271265][  T711]  debugfs_create_dir+0x66/0x380
[ 2057.276033][  T711]  bdi_register_va+0x245/0x610
[ 2057.280637][  T711]  bdi_register+0xd1/0x120
[ 2057.284993][  T711]  ? __device_add_disk+0x551/0x1220
[ 2057.290023][  T711]  ? bdi_register_va+0x610/0x610
[ 2057.294794][  T711]  ? percpu_ref_resurrect+0x113/0x190
[ 2057.300090][  T711]  bdi_register_owner+0x55/0xf0
[ 2057.304908][  T711]  __device_add_disk+0x5d1/0x1220
[ 2057.309756][  T711]  ? device_add_disk+0x30/0x30
[ 2057.314343][  T711]  ? vsprintf+0x30/0x30
[ 2057.318428][  T711]  ? __alloc_disk_node+0x459/0x5a0
[ 2057.323374][  T711]  loop_add+0x573/0x740
[ 2057.327889][  T711]  loop_control_ioctl+0x448/0x620
[ 2057.332928][  T711]  ? loop_remove+0xa0/0xa0
[ 2057.337209][  T711]  ? memset+0x1f/0x40
[ 2057.340995][  T711]  ? fsnotify+0x1280/0x1340
[ 2057.345366][  T711]  ? loop_remove+0xa0/0xa0
[ 2057.349754][  T711]  do_vfs_ioctl+0x742/0x1720
[ 2057.354362][  T711]  ? ioctl_preallocate+0x250/0x250
[ 2057.359507][  T711]  ? __fget+0x407/0x490
[ 2057.363497][  T711]  ? fget_many+0x20/0x20
[ 2057.367573][  T711]  ? debug_smp_processor_id+0x20/0x20
[ 2057.372784][  T711]  ? security_file_ioctl+0x7d/0xa0
[ 2057.377729][  T711]  __x64_sys_ioctl+0xd4/0x110
[ 2057.382276][  T711]  do_syscall_64+0xca/0x1c0
[ 2057.386629][  T711]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:30 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 73)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:30 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0xfffffffe}, 0x2}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:30 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:30 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000400))
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
connect$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x882, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000003140)=ANY=[@ANYBLOB="a4afdae0b35aed1c", @ANYRES16=0x0, @ANYBLOB="000226bd7000ffdbdf253e000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c74696361737400050083003f000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000"], 0x1a0}, 0x1, 0x0, 0x0, 0x4800}, 0x0) (async)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88) (async)
io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f0000003080)=[{0x2, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000440)=""/90, 0x5a}, {&(0x7f00000004c0)=""/4096, 0x1000}], &(0x7f0000001500)=[0x100000001, 0x8000000000000000, 0x1, 0x8, 0x8, 0x0, 0x3ff, 0x9, 0x6, 0x3]}, {0x3, 0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001580)=""/232, 0xe8}, {&(0x7f0000001680)=""/236, 0xec}, {&(0x7f0000001780)=""/26, 0x1a}], &(0x7f0000001800)=[0x5]}, {0x3, 0x1, 0x0, &(0x7f00000028c0)=[{&(0x7f0000001840)=""/40, 0x28}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/48, 0x30}], &(0x7f0000002900)=[0xffffffffffffffff, 0x0, 0xdf, 0x7, 0x5, 0x70b1, 0x8]}, {0x9, 0x1, 0x0, &(0x7f0000002e40)=[{&(0x7f0000002940)=""/145, 0x91}, {&(0x7f0000002a00)=""/74, 0x4a}, {&(0x7f0000002a80)=""/29, 0x1d}, {&(0x7f0000002ac0)=""/172, 0xac}, {&(0x7f0000002b80)=""/238, 0xee}, {&(0x7f0000002c80)=""/56, 0x38}, {&(0x7f0000002cc0)=""/77, 0x4d}, {&(0x7f0000002d40)=""/136, 0x88}, {&(0x7f0000002e00)=""/55, 0x37}], &(0x7f0000002f00)=[0x5]}, {0x1, 0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000002f40)=""/187, 0xbb}], &(0x7f0000003040)=[0x7fff, 0x4, 0x20, 0x6, 0x7, 0x5, 0x2, 0x9]}], 0x5)

03:34:30 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async, rerun: 32)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:30 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)) (async)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x34, 0x0, &(0x7f0000000080)=[@exit_looper, @dead_binder_done, @decrefs={0x40046307, 0x1}, @acquire_done={0x40106309, 0x3}, @acquire={0x40046305, 0x2}], 0xbe, 0x0, &(0x7f00000000c0)="8788e3119f1ec6b75f3b26678fffbef202e122932f2cd9a1af87fe0f3fee2a251d9f0c86a22a1eb52dc76bfc175faf234d613a6789876eb5076ba01b61e1eeac32f17a7f38b21a8430cc01db92e0f81b57b54a29d9c10fcfbfb00d579881eead7c7bc49251db7e1e57d91d200f26d4b3451f3b543dc163421810c2ee57eaf0ff447cb72d74cd8b19308d06215c974599a4a2d1cdfc4f0f56228e86110c3bd8d8da9bcaaf93ad985928856c4ce444201a6e9f7d0fe1c5d164e7fdf280fcfb"})

03:34:30 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000400))
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
connect$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x882, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000003140)=ANY=[@ANYBLOB="a4afdae0b35aed1c", @ANYRES16=0x0, @ANYBLOB="000226bd7000ffdbdf253e000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c74696361737400050083003f000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000"], 0x1a0}, 0x1, 0x0, 0x0, 0x4800}, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)
io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f0000003080)=[{0x2, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000440)=""/90, 0x5a}, {&(0x7f00000004c0)=""/4096, 0x1000}], &(0x7f0000001500)=[0x100000001, 0x8000000000000000, 0x1, 0x8, 0x8, 0x0, 0x3ff, 0x9, 0x6, 0x3]}, {0x3, 0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001580)=""/232, 0xe8}, {&(0x7f0000001680)=""/236, 0xec}, {&(0x7f0000001780)=""/26, 0x1a}], &(0x7f0000001800)=[0x5]}, {0x3, 0x1, 0x0, &(0x7f00000028c0)=[{&(0x7f0000001840)=""/40, 0x28}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/48, 0x30}], &(0x7f0000002900)=[0xffffffffffffffff, 0x0, 0xdf, 0x7, 0x5, 0x70b1, 0x8]}, {0x9, 0x1, 0x0, &(0x7f0000002e40)=[{&(0x7f0000002940)=""/145, 0x91}, {&(0x7f0000002a00)=""/74, 0x4a}, {&(0x7f0000002a80)=""/29, 0x1d}, {&(0x7f0000002ac0)=""/172, 0xac}, {&(0x7f0000002b80)=""/238, 0xee}, {&(0x7f0000002c80)=""/56, 0x38}, {&(0x7f0000002cc0)=""/77, 0x4d}, {&(0x7f0000002d40)=""/136, 0x88}, {&(0x7f0000002e00)=""/55, 0x37}], &(0x7f0000002f00)=[0x5]}, {0x1, 0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000002f40)=""/187, 0xbb}], &(0x7f0000003040)=[0x7fff, 0x4, 0x20, 0x6, 0x7, 0x5, 0x2, 0x9]}], 0x5)
socket$tipc(0x1e, 0x2, 0x0) (async)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000380), &(0x7f00000003c0)=0x4) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000400)) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) (async)
connect$tipc(r1, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x882, 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)) (async)
sendmsg$DEVLINK_CMD_TRAP_SET(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000003140)=ANY=[@ANYBLOB="a4afdae0b35aed1c", @ANYRES16=0x0, @ANYBLOB="000226bd7000ffdbdf253e000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c74696361737400050083003f000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c7469636173740005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000080001007063690011000200303030303a30303a31302e30000000001c008200736f757263655f6d61635f69735f6d756c746963617374000500830000000000"], 0x1a0}, 0x1, 0x0, 0x0, 0x4800}, 0x0) (async)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88) (async)
io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f0000003080)=[{0x2, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000440)=""/90, 0x5a}, {&(0x7f00000004c0)=""/4096, 0x1000}], &(0x7f0000001500)=[0x100000001, 0x8000000000000000, 0x1, 0x8, 0x8, 0x0, 0x3ff, 0x9, 0x6, 0x3]}, {0x3, 0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001580)=""/232, 0xe8}, {&(0x7f0000001680)=""/236, 0xec}, {&(0x7f0000001780)=""/26, 0x1a}], &(0x7f0000001800)=[0x5]}, {0x3, 0x1, 0x0, &(0x7f00000028c0)=[{&(0x7f0000001840)=""/40, 0x28}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/48, 0x30}], &(0x7f0000002900)=[0xffffffffffffffff, 0x0, 0xdf, 0x7, 0x5, 0x70b1, 0x8]}, {0x9, 0x1, 0x0, &(0x7f0000002e40)=[{&(0x7f0000002940)=""/145, 0x91}, {&(0x7f0000002a00)=""/74, 0x4a}, {&(0x7f0000002a80)=""/29, 0x1d}, {&(0x7f0000002ac0)=""/172, 0xac}, {&(0x7f0000002b80)=""/238, 0xee}, {&(0x7f0000002c80)=""/56, 0x38}, {&(0x7f0000002cc0)=""/77, 0x4d}, {&(0x7f0000002d40)=""/136, 0x88}, {&(0x7f0000002e00)=""/55, 0x37}], &(0x7f0000002f00)=[0x5]}, {0x1, 0x0, 0x0, &(0x7f0000003000)=[{&(0x7f0000002f40)=""/187, 0xbb}], &(0x7f0000003040)=[0x7fff, 0x4, 0x20, 0x6, 0x7, 0x5, 0x2, 0x9]}], 0x5) (async)

03:34:30 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2)

[ 2057.412022][  T711] debugfs: out of free dentries, can not create directory '7:0'
03:34:30 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0xfffffffe}, 0x2}}, 0x10) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0xfffffffe}, 0x2}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

[ 2057.454797][  T741] Unknown ioctl -1070571007
03:34:30 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))

03:34:30 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x20, 0x70bd25, 0x25dfdbfb, {0x1, 0x0, 0x1, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:30 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85) (async, rerun: 64)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x2, {{0x1, 0xfffffffe}, 0x2}}, 0x10) (rerun: 64)
bind$tipc(r0, 0x0, 0x0)

[ 2057.531186][  T766] FAULT_INJECTION: forcing a failure.
[ 2057.531186][  T766] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2057.550998][  T766] CPU: 0 PID: 766 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2057.562277][  T766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2057.572168][  T766] Call Trace:
[ 2057.575394][  T766]  dump_stack+0x1d8/0x241
[ 2057.579557][  T766]  ? panic+0x896/0x896
[ 2057.583458][  T766]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2057.589108][  T766]  ? stack_trace_save+0x118/0x1c0
[ 2057.594061][  T766]  ? stack_trace_snprint+0x170/0x170
[ 2057.599184][  T766]  should_fail+0x71f/0x880
[ 2057.603438][  T766]  ? setup_fault_attr+0x3d0/0x3d0
[ 2057.608291][  T766]  ? __kasan_kmalloc+0x1d9/0x210
[ 2057.613067][  T766]  ? remove_wait_queue+0x120/0x120
[ 2057.618005][  T766]  ? __kasan_kmalloc+0x171/0x210
[ 2057.622784][  T766]  __alloc_pages_nodemask+0x1b4/0x840
[ 2057.627988][  T766]  ? __device_add_disk+0x5d1/0x1220
[ 2057.633015][  T766]  ? loop_add+0x573/0x740
[ 2057.637185][  T766]  ? loop_control_ioctl+0x448/0x620
[ 2057.642219][  T766]  ? do_syscall_64+0xca/0x1c0
[ 2057.646740][  T766]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 2057.652117][  T766]  ? lockref_get+0x184/0x220
[ 2057.656543][  T766]  __get_free_pages+0xa/0x30
[ 2057.660980][  T766]  selinux_genfs_get_sid+0x54/0x260
[ 2057.666009][  T766]  inode_doinit_with_dentry+0x892/0x1050
[ 2057.671479][  T766]  ? sb_finish_set_opts+0x770/0x770
[ 2057.676499][  T766]  ? current_time+0x1af/0x2f0
[ 2057.681025][  T766]  ? atime_needs_update+0x590/0x590
[ 2057.686065][  T766]  security_d_instantiate+0x97/0xf0
[ 2057.691121][  T766]  d_instantiate+0x51/0x90
[ 2057.695343][  T766]  debugfs_create_dir+0x1a2/0x380
[ 2057.700203][  T766]  bdi_register_va+0x245/0x610
[ 2057.704806][  T766]  bdi_register+0xd1/0x120
[ 2057.709103][  T766]  ? __device_add_disk+0x551/0x1220
[ 2057.714096][  T766]  ? bdi_register_va+0x610/0x610
[ 2057.718956][  T766]  ? percpu_ref_resurrect+0x113/0x190
[ 2057.724172][  T766]  bdi_register_owner+0x55/0xf0
[ 2057.728938][  T766]  __device_add_disk+0x5d1/0x1220
[ 2057.733929][  T766]  ? device_add_disk+0x30/0x30
[ 2057.738784][  T766]  ? vsprintf+0x30/0x30
[ 2057.742784][  T766]  ? __alloc_disk_node+0x459/0x5a0
[ 2057.747897][  T766]  loop_add+0x573/0x740
[ 2057.752204][  T766]  loop_control_ioctl+0x448/0x620
[ 2057.757019][  T766]  ? loop_remove+0xa0/0xa0
[ 2057.761406][  T766]  ? memset+0x1f/0x40
[ 2057.765229][  T766]  ? fsnotify+0x1280/0x1340
[ 2057.769638][  T766]  ? loop_remove+0xa0/0xa0
[ 2057.773998][  T766]  do_vfs_ioctl+0x742/0x1720
03:34:30 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 74)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:30 executing program 3:
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x2)

03:34:30 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)

03:34:30 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000040)=0x10, 0x4)

03:34:30 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x20, 0x70bd25, 0x25dfdbfb, {0x1, 0x0, 0x1, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x20, 0x70bd25, 0x25dfdbfb, {0x1, 0x0, 0x1, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)

03:34:30 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)

03:34:30 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000040)=0x10, 0x4)

03:34:30 executing program 5:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x20, 0x70bd25, 0x25dfdbfb, {0x1, 0x0, 0x1, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x20, 0x70bd25, 0x25dfdbfb, {0x1, 0x0, 0x1, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)

[ 2057.778508][  T766]  ? ioctl_preallocate+0x250/0x250
[ 2057.783455][  T766]  ? __fget+0x407/0x490
[ 2057.787445][  T766]  ? fget_many+0x20/0x20
[ 2057.791522][  T766]  ? debug_smp_processor_id+0x20/0x20
[ 2057.796746][  T766]  ? security_file_ioctl+0x7d/0xa0
[ 2057.801857][  T766]  __x64_sys_ioctl+0xd4/0x110
[ 2057.806379][  T766]  do_syscall_64+0xca/0x1c0
[ 2057.810798][  T766]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:30 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))

03:34:30 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)

03:34:30 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = socket(0x2a, 0x4, 0x9)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x40080011)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r3, 0x111, 0x1, 0x2, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r4)
accept4$tipc(r1, 0x0, &(0x7f00000000c0), 0x800)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r5 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x10, 0x800)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x41, 0x0, 0x2}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000200), &(0x7f0000000240)=0x4)

03:34:30 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r0, 0x0, 0x0) (async)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000040)=0x10, 0x4)

[ 2057.950442][  T792] FAULT_INJECTION: forcing a failure.
[ 2057.950442][  T792] name failslab, interval 1, probability 0, space 0, times 0
[ 2057.963437][  T792] CPU: 1 PID: 792 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2057.974797][  T792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2057.984901][  T792] Call Trace:
[ 2057.988026][  T792]  dump_stack+0x1d8/0x241
[ 2057.992157][  T792]  ? panic+0x896/0x896
[ 2057.996156][  T792]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2058.001828][  T792]  ? stack_trace_save+0x1c0/0x1c0
[ 2058.006750][  T792]  ? arch_stack_walk+0x105/0x140
[ 2058.011525][  T792]  should_fail+0x71f/0x880
[ 2058.015779][  T792]  ? setup_fault_attr+0x3d0/0x3d0
[ 2058.020644][  T792]  ? stack_trace_snprint+0x170/0x170
[ 2058.025772][  T792]  ? __d_alloc+0x2a/0x6a0
[ 2058.029932][  T792]  should_failslab+0x5/0x20
[ 2058.034266][  T792]  kmem_cache_alloc+0x28/0x250
[ 2058.038861][  T792]  __d_alloc+0x2a/0x6a0
[ 2058.042866][  T792]  ? __reset_page_owner+0x1f/0x100
[ 2058.047803][  T792]  d_alloc_parallel+0xe7/0x1310
[ 2058.052497][  T792]  ? security_d_instantiate+0x97/0xf0
[ 2058.057851][  T792]  ? d_instantiate+0x51/0x90
[ 2058.062219][  T792]  ? debugfs_create_dir+0x1a2/0x380
[ 2058.067257][  T792]  ? bdi_register_va+0x245/0x610
[ 2058.072031][  T792]  ? bdi_register+0xd1/0x120
[ 2058.076448][  T792]  ? bdi_register_owner+0x55/0xf0
[ 2058.081316][  T792]  ? avc_has_perm_noaudit+0x2f1/0x3d0
[ 2058.086521][  T792]  ? avc_denied+0x1d0/0x1d0
[ 2058.090881][  T792]  ? d_hash_and_lookup+0x1e0/0x1e0
[ 2058.095993][  T792]  ? selinux_inode_permission+0x380/0x6a0
[ 2058.101542][  T792]  ? selinux_inode_permission+0x454/0x6a0
[ 2058.107099][  T792]  __lookup_slow+0x156/0x460
[ 2058.111547][  T792]  ? lookup_one_len+0x2c0/0x2c0
[ 2058.116217][  T792]  lookup_one_len+0x180/0x2c0
[ 2058.120811][  T792]  ? lookup_one_len_common+0x450/0x450
[ 2058.126533][  T792]  ? up_write+0xa6/0x270
[ 2058.130724][  T792]  start_creating+0xec/0x250
[ 2058.135153][  T792]  __debugfs_create_file+0x74/0x400
[ 2058.140172][  T792]  ? debugfs_create_dir+0x2e7/0x380
[ 2058.145211][  T792]  bdi_register_va+0x287/0x610
[ 2058.149812][  T792]  bdi_register+0xd1/0x120
[ 2058.154064][  T792]  ? __device_add_disk+0x551/0x1220
[ 2058.159148][  T792]  ? bdi_register_va+0x610/0x610
[ 2058.163987][  T792]  ? percpu_ref_resurrect+0x113/0x190
[ 2058.169204][  T792]  bdi_register_owner+0x55/0xf0
[ 2058.173883][  T792]  __device_add_disk+0x5d1/0x1220
[ 2058.178758][  T792]  ? device_add_disk+0x30/0x30
[ 2058.183425][  T792]  ? vsprintf+0x30/0x30
[ 2058.187418][  T792]  ? __alloc_disk_node+0x459/0x5a0
[ 2058.192372][  T792]  loop_add+0x573/0x740
[ 2058.196359][  T792]  loop_control_ioctl+0x448/0x620
[ 2058.201308][  T792]  ? loop_remove+0xa0/0xa0
[ 2058.205562][  T792]  ? memset+0x1f/0x40
[ 2058.209378][  T792]  ? fsnotify+0x1280/0x1340
[ 2058.213816][  T792]  ? loop_remove+0xa0/0xa0
[ 2058.218084][  T792]  do_vfs_ioctl+0x742/0x1720
[ 2058.222501][  T792]  ? ioctl_preallocate+0x250/0x250
[ 2058.227455][  T792]  ? __fget+0x407/0x490
[ 2058.231440][  T792]  ? fget_many+0x20/0x20
[ 2058.235515][  T792]  ? debug_smp_processor_id+0x20/0x20
[ 2058.240824][  T792]  ? security_file_ioctl+0x7d/0xa0
[ 2058.245765][  T792]  __x64_sys_ioctl+0xd4/0x110
03:34:30 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 75)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:30 executing program 3:
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)

03:34:30 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
r3 = socket(0x2a, 0x4, 0x9)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x40080011) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r3, 0x111, 0x1, 0x2, 0x4) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r4) (async)
accept4$tipc(r1, 0x0, &(0x7f00000000c0), 0x800) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r5 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x10, 0x800)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x41, 0x0, 0x2}, 0x10) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff})
getsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000200), &(0x7f0000000240)=0x4)

03:34:31 executing program 5:
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xd0, r0, 0x8, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7fff}, {0x6, 0x11, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x9}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000080}, 0x40000)
r1 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x434, 0x3f3, 0x800, 0x70bd2b, 0x25dfdbfc, {0x6, 0x0, 0x3e, [0x1, 0x9, 0x7fff, 0x6, 0x29, 0x7, 0x5, 0x7, 0xb351, 0x8, 0x99f, 0x2, 0x1, 0x100, 0x1f, 0x9, 0x5, 0x0, 0xdd, 0x0, 0x1, 0x0, 0x4, 0x7, 0x6, 0x9, 0x9, 0x1, 0xd08, 0xa0, 0x2, 0x4, 0x0, 0x0, 0x8fd, 0x1, 0x5, 0x7, 0x4, 0x2, 0xfffff2a0, 0x5, 0x5, 0xffff, 0x4, 0x7, 0x1, 0xcd8, 0x0, 0x0, 0x8001, 0x7, 0x45a, 0x3, 0x8000, 0x4, 0x800, 0xcc7, 0x9, 0x40, 0x3, 0xc9, 0x1, 0x8000], [0x8, 0x80, 0x9, 0x1, 0x3f, 0x9, 0x7f, 0xf8000000, 0xffff, 0xffff, 0x5, 0x800, 0x2, 0x40, 0xff, 0xf9, 0xfffffff9, 0x2, 0x3, 0x10000, 0xe77d, 0x439, 0x8001, 0x100, 0xffff8000, 0xc71b, 0x3fe, 0x3f, 0x7ff, 0x20, 0x1, 0x5e, 0xfff, 0x56, 0x81, 0xfffffff9, 0x4, 0x7, 0x187a, 0x8, 0xd7e, 0x100, 0xffffff32, 0x2, 0xfffffffe, 0xd1, 0x0, 0x7, 0x0, 0xff, 0xc07, 0x0, 0xe, 0x4, 0xbfd104e, 0xbfe6, 0x1, 0x1, 0x3, 0x9, 0x5, 0x2, 0xffff3c0c, 0x34], [0xe9400000, 0x7, 0x327c, 0xffff0001, 0x5, 0xf63, 0x7, 0x3, 0x0, 0x1000, 0x3e, 0x3, 0x7f, 0x4, 0x2, 0x83, 0x2, 0x2, 0x20, 0x0, 0x3f, 0x1f, 0x0, 0x5, 0x6, 0xdaa6, 0x4, 0xf956, 0xdd, 0x4800000, 0x400, 0x101, 0x7ff, 0x6, 0x1ff, 0xfff, 0x7, 0x8, 0x6, 0xcfe, 0xfffffff9, 0x4, 0x81, 0x1, 0x8000, 0x1000, 0x0, 0x4, 0x6, 0x6, 0x5, 0x6, 0x2, 0x9, 0x4, 0x40, 0x400, 0x2, 0x8, 0x3f, 0x100, 0x4, 0x3, 0x6], [0x3ff, 0x5, 0x406, 0x80000000, 0x0, 0x0, 0xc6, 0x4eb, 0x0, 0x1ff, 0x254, 0x1, 0x1, 0x6, 0x3, 0x9, 0x14f, 0x4, 0x9, 0xffffa41d, 0xffffff00, 0x4, 0x0, 0x7, 0x101, 0x1, 0x4, 0xfffffffd, 0x9, 0x1, 0x4, 0x15, 0x1, 0x8, 0x200, 0x4, 0x9, 0x4, 0x4, 0x400, 0xf26, 0x8001, 0xfffeffff, 0x3, 0x2, 0x100, 0x0, 0x9, 0x0, 0xcef8, 0x3f, 0xffff, 0x800, 0x800, 0xfffffd4e, 0x1ff, 0x80000001, 0xed, 0x200, 0x35fa, 0x4, 0x3, 0x1000, 0x4], 0x11, ['-]\xda^\x00', '(O(&,\x00', '\xc5///\x00', '\x00']}, [""]}, 0x434}, 0x1, 0x0, 0x0, 0x801}, 0x80000)
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:31 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/79)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000400)={<r6=>0x0, @multicast2, @local}, &(0x7f0000000440)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={<r7=>0x0, @private, @initdev}, &(0x7f00000004c0)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000ac0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a80)={&(0x7f0000000500)={0x578, 0x0, 0x0, 0x70bd25, 0x25dfdbfb, {}, [{{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r5}, {0x1dc, 0x2, 0x0, 0x1, [{0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x59, 0xa3, 0x7, 0x3}, {0x60, 0x20, 0x8, 0x1}, {0x0, 0x8, 0x7, 0x200}, {0x8001, 0x7, 0x7f, 0x200}, {0xfffc, 0x3, 0x20, 0xa71}, {0x9, 0x1, 0xff, 0x5}, {0x5, 0x8, 0x6, 0x9}, {0x0, 0x1, 0x4, 0xff}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x144, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x84}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}]}}]}, 0x578}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3e8, 0x4, 0x70bd2b, 0x25dfdbff, "", ["", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x24040844}, 0x4)

03:34:31 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/tcp\x00')
ioctl$HIDIOCGRAWINFO(r1, 0x80084803, &(0x7f0000000080)=""/46)

03:34:31 executing program 3:
socket$tipc(0x1e, 0x2, 0x0) (async)
socket$tipc(0x1e, 0x2, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async, rerun: 32)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 32)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0xc) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)

[ 2058.250273][  T792]  do_syscall_64+0xca/0x1c0
[ 2058.254612][  T792]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:31 executing program 5:
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xd0, r0, 0x8, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7fff}, {0x6, 0x11, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x9}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000080}, 0x40000)
socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x434, 0x3f3, 0x800, 0x70bd2b, 0x25dfdbfc, {0x6, 0x0, 0x3e, [0x1, 0x9, 0x7fff, 0x6, 0x29, 0x7, 0x5, 0x7, 0xb351, 0x8, 0x99f, 0x2, 0x1, 0x100, 0x1f, 0x9, 0x5, 0x0, 0xdd, 0x0, 0x1, 0x0, 0x4, 0x7, 0x6, 0x9, 0x9, 0x1, 0xd08, 0xa0, 0x2, 0x4, 0x0, 0x0, 0x8fd, 0x1, 0x5, 0x7, 0x4, 0x2, 0xfffff2a0, 0x5, 0x5, 0xffff, 0x4, 0x7, 0x1, 0xcd8, 0x0, 0x0, 0x8001, 0x7, 0x45a, 0x3, 0x8000, 0x4, 0x800, 0xcc7, 0x9, 0x40, 0x3, 0xc9, 0x1, 0x8000], [0x8, 0x80, 0x9, 0x1, 0x3f, 0x9, 0x7f, 0xf8000000, 0xffff, 0xffff, 0x5, 0x800, 0x2, 0x40, 0xff, 0xf9, 0xfffffff9, 0x2, 0x3, 0x10000, 0xe77d, 0x439, 0x8001, 0x100, 0xffff8000, 0xc71b, 0x3fe, 0x3f, 0x7ff, 0x20, 0x1, 0x5e, 0xfff, 0x56, 0x81, 0xfffffff9, 0x4, 0x7, 0x187a, 0x8, 0xd7e, 0x100, 0xffffff32, 0x2, 0xfffffffe, 0xd1, 0x0, 0x7, 0x0, 0xff, 0xc07, 0x0, 0xe, 0x4, 0xbfd104e, 0xbfe6, 0x1, 0x1, 0x3, 0x9, 0x5, 0x2, 0xffff3c0c, 0x34], [0xe9400000, 0x7, 0x327c, 0xffff0001, 0x5, 0xf63, 0x7, 0x3, 0x0, 0x1000, 0x3e, 0x3, 0x7f, 0x4, 0x2, 0x83, 0x2, 0x2, 0x20, 0x0, 0x3f, 0x1f, 0x0, 0x5, 0x6, 0xdaa6, 0x4, 0xf956, 0xdd, 0x4800000, 0x400, 0x101, 0x7ff, 0x6, 0x1ff, 0xfff, 0x7, 0x8, 0x6, 0xcfe, 0xfffffff9, 0x4, 0x81, 0x1, 0x8000, 0x1000, 0x0, 0x4, 0x6, 0x6, 0x5, 0x6, 0x2, 0x9, 0x4, 0x40, 0x400, 0x2, 0x8, 0x3f, 0x100, 0x4, 0x3, 0x6], [0x3ff, 0x5, 0x406, 0x80000000, 0x0, 0x0, 0xc6, 0x4eb, 0x0, 0x1ff, 0x254, 0x1, 0x1, 0x6, 0x3, 0x9, 0x14f, 0x4, 0x9, 0xffffa41d, 0xffffff00, 0x4, 0x0, 0x7, 0x101, 0x1, 0x4, 0xfffffffd, 0x9, 0x1, 0x4, 0x15, 0x1, 0x8, 0x200, 0x4, 0x9, 0x4, 0x4, 0x400, 0xf26, 0x8001, 0xfffeffff, 0x3, 0x2, 0x100, 0x0, 0x9, 0x0, 0xcef8, 0x3f, 0xffff, 0x800, 0x800, 0xfffffd4e, 0x1ff, 0x80000001, 0xed, 0x200, 0x35fa, 0x4, 0x3, 0x1000, 0x4], 0x11, ['-]\xda^\x00', '(O(&,\x00', '\xc5///\x00', '\x00']}, [""]}, 0x434}, 0x1, 0x0, 0x0, 0x801}, 0x80000)
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

03:34:31 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
bind$tipc(0xffffffffffffffff, 0x0, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
bind$tipc(r0, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/tcp\x00')
ioctl$HIDIOCGRAWINFO(r1, 0x80084803, &(0x7f0000000080)=""/46)

03:34:31 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
r3 = socket(0x2a, 0x4, 0x9)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x40080011) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r3, 0x111, 0x1, 0x2, 0x4) (async)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r4) (async)
accept4$tipc(r1, 0x0, &(0x7f00000000c0), 0x800)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
r5 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000280), &(0x7f00000002c0)=0x10, 0x800)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000300)={0x41, 0x0, 0x2}, 0x10) (async, rerun: 64)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff}) (rerun: 64)
getsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000200), &(0x7f0000000240)=0x4)

03:34:31 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/79)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000400)={<r6=>0x0, @multicast2, @local}, &(0x7f0000000440)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={<r7=>0x0, @private, @initdev}, &(0x7f00000004c0)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000ac0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a80)={&(0x7f0000000500)={0x578, 0x0, 0x0, 0x70bd25, 0x25dfdbfb, {}, [{{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r5}, {0x1dc, 0x2, 0x0, 0x1, [{0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x59, 0xa3, 0x7, 0x3}, {0x60, 0x20, 0x8, 0x1}, {0x0, 0x8, 0x7, 0x200}, {0x8001, 0x7, 0x7f, 0x200}, {0xfffc, 0x3, 0x20, 0xa71}, {0x9, 0x1, 0xff, 0x5}, {0x5, 0x8, 0x6, 0x9}, {0x0, 0x1, 0x4, 0xff}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x144, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x84}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}]}}]}, 0x578}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3e8, 0x4, 0x70bd2b, 0x25dfdbff, "", ["", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x24040844}, 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/79) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x58, &(0x7f0000000340)}, 0x10) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000400)={0x0, @multicast2, @local}, &(0x7f0000000440)=0xc) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={0x0, @private, @initdev}, &(0x7f00000004c0)=0xc) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000ac0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a80)={&(0x7f0000000500)={0x578, 0x0, 0x0, 0x70bd25, 0x25dfdbfb, {}, [{{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r5}, {0x1dc, 0x2, 0x0, 0x1, [{0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x59, 0xa3, 0x7, 0x3}, {0x60, 0x20, 0x8, 0x1}, {0x0, 0x8, 0x7, 0x200}, {0x8001, 0x7, 0x7f, 0x200}, {0xfffc, 0x3, 0x20, 0xa71}, {0x9, 0x1, 0xff, 0x5}, {0x5, 0x8, 0x6, 0x9}, {0x0, 0x1, 0x4, 0xff}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x144, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x84}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}]}}]}, 0x578}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000) (async)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3e8, 0x4, 0x70bd2b, 0x25dfdbff, "", ["", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x24040844}, 0x4) (async)

03:34:31 executing program 1:
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(0xffffffffffffffff, 0x0, 0x0) (async)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async, rerun: 64)
bind$tipc(r0, 0x0, 0x0) (async, rerun: 64)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/tcp\x00')
ioctl$HIDIOCGRAWINFO(r1, 0x80084803, &(0x7f0000000080)=""/46)

[ 2058.351803][  T819] FAULT_INJECTION: forcing a failure.
[ 2058.351803][  T819] name failslab, interval 1, probability 0, space 0, times 0
[ 2058.395983][  T819] CPU: 1 PID: 819 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2058.407434][  T819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2058.417326][  T819] Call Trace:
[ 2058.420479][  T819]  dump_stack+0x1d8/0x241
[ 2058.424975][  T819]  ? panic+0x896/0x896
[ 2058.428885][  T819]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2058.434623][  T819]  ? simple_lookup+0xba/0xf0
[ 2058.439060][  T819]  ? __lookup_slow+0x350/0x460
[ 2058.443648][  T819]  should_fail+0x71f/0x880
[ 2058.447987][  T819]  ? setup_fault_attr+0x3d0/0x3d0
[ 2058.452876][  T819]  ? lookup_one_len+0x180/0x2c0
[ 2058.457532][  T819]  ? new_inode_pseudo+0x78/0x210
[ 2058.462303][  T819]  should_failslab+0x5/0x20
[ 2058.466644][  T819]  kmem_cache_alloc+0x28/0x250
[ 2058.471245][  T819]  new_inode_pseudo+0x78/0x210
[ 2058.475843][  T819]  new_inode+0x25/0x1d0
[ 2058.479835][  T819]  ? start_creating+0x15d/0x250
[ 2058.484527][  T819]  __debugfs_create_file+0xb6/0x400
[ 2058.489565][  T819]  ? debugfs_create_dir+0x2e7/0x380
[ 2058.494676][  T819]  bdi_register_va+0x287/0x610
[ 2058.499373][  T819]  bdi_register+0xd1/0x120
[ 2058.503621][  T819]  ? __device_add_disk+0x551/0x1220
[ 2058.508652][  T819]  ? bdi_register_va+0x610/0x610
[ 2058.513424][  T819]  ? percpu_ref_resurrect+0x113/0x190
[ 2058.518764][  T819]  bdi_register_owner+0x55/0xf0
[ 2058.523445][  T819]  __device_add_disk+0x5d1/0x1220
[ 2058.528396][  T819]  ? device_add_disk+0x30/0x30
[ 2058.532993][  T819]  ? vsprintf+0x30/0x30
[ 2058.536983][  T819]  ? __alloc_disk_node+0x459/0x5a0
[ 2058.541933][  T819]  loop_add+0x573/0x740
[ 2058.545923][  T819]  loop_control_ioctl+0x448/0x620
[ 2058.550778][  T819]  ? loop_remove+0xa0/0xa0
[ 2058.555038][  T819]  ? memset+0x1f/0x40
[ 2058.559123][  T819]  ? fsnotify+0x1280/0x1340
[ 2058.563465][  T819]  ? loop_remove+0xa0/0xa0
[ 2058.567718][  T819]  do_vfs_ioctl+0x742/0x1720
[ 2058.572150][  T819]  ? ioctl_preallocate+0x250/0x250
[ 2058.577101][  T819]  ? __fget+0x407/0x490
[ 2058.581086][  T819]  ? fget_many+0x20/0x20
[ 2058.585254][  T819]  ? debug_smp_processor_id+0x20/0x20
[ 2058.590460][  T819]  ? security_file_ioctl+0x7d/0xa0
03:34:31 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 76)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:31 executing program 3:
r0 = getpid()
r1 = syz_open_procfs(r0, 0x0)
ptrace$setregs(0xd, r0, 0x9e8b, &(0x7f0000000000)="4402ab65a47c7f7ff8e0269985d37ee3a1a990caa65cd705c6468eb7d20d43ad98d7160567489a7d91b76b411046f6ff6b10722ac3c58ac8a4274d4e108ba45893c01aac319e6e3eb53d3aa2d334a20b363e6d7ab5c99fafaed8de19e18758ad11ad8677dc47caed522a1d8e1682eab8845e9ca5c1fbe5cb30e675cdf3a65f8b949c3313b2095a7087bc8e394f1b1d8077be613ef1a253d3c50461e54e054c4e347167a22ed0c657b2815fe15228f0f756e9b1d0149183c162f46d558377a38ab3659fc5d71337a03e6b36d0cb1580126c6c7c31dd07f3ea960f2a964475064b136d4711a7233a5c329aca0a4f296fecfae2a728224bf5")
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = getpid()
ptrace$setregs(0xf, r3, 0x8, &(0x7f0000000100)="6203e4")
bind$tipc(r2, 0x0, 0x2)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r1, &(0x7f0000000140)="b511e07c86d0b3031f73ee3b965cf746a96bd440a93919bec9f706ccd0a76c65d7f5b060dc4d703a67b997078044bddb23b834d55cf24641396afd450c2bc8a846dfd0da92bcfe7073df906c4ccb8b9c6a16bb99f2d6677c797167d5a503ed599185050d3fef25515437", &(0x7f00000001c0)=""/105, 0x4}, 0x20)

03:34:31 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/79)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', <r4=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000400)={<r6=>0x0, @multicast2, @local}, &(0x7f0000000440)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={<r7=>0x0, @private, @initdev}, &(0x7f00000004c0)=0xc)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000ac0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a80)={&(0x7f0000000500)={0x578, 0x0, 0x0, 0x70bd25, 0x25dfdbfb, {}, [{{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r5}, {0x1dc, 0x2, 0x0, 0x1, [{0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x59, 0xa3, 0x7, 0x3}, {0x60, 0x20, 0x8, 0x1}, {0x0, 0x8, 0x7, 0x200}, {0x8001, 0x7, 0x7f, 0x200}, {0xfffc, 0x3, 0x20, 0xa71}, {0x9, 0x1, 0xff, 0x5}, {0x5, 0x8, 0x6, 0x9}, {0x0, 0x1, 0x4, 0xff}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x144, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x84}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}]}}]}, 0x578}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3e8, 0x4, 0x70bd2b, 0x25dfdbff, "", ["", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x24040844}, 0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0) (async)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000180)=""/79) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={0x1, 0x58, &(0x7f0000000340)}, 0x10) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000400)={0x0, @multicast2, @local}, &(0x7f0000000440)=0xc) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000480)={0x0, @private, @initdev}, &(0x7f00000004c0)=0xc) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, &(0x7f0000000ac0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a80)={&(0x7f0000000500)={0x578, 0x0, 0x0, 0x70bd25, 0x25dfdbfb, {}, [{{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8}, {0x128, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r5}, {0x1dc, 0x2, 0x0, 0x1, [{0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x59, 0xa3, 0x7, 0x3}, {0x60, 0x20, 0x8, 0x1}, {0x0, 0x8, 0x7, 0x200}, {0x8001, 0x7, 0x7f, 0x200}, {0xfffc, 0x3, 0x20, 0xa71}, {0x9, 0x1, 0xff, 0x5}, {0x5, 0x8, 0x6, 0x9}, {0x0, 0x1, 0x4, 0xff}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x9}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x144, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xf7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x84}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x400}}, {0x8}}}]}}]}, 0x578}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000) (async)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3e8, 0x4, 0x70bd2b, 0x25dfdbff, "", ["", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x24040844}, 0x4) (async)

03:34:31 executing program 5:
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xd0, r0, 0x8, 0x70bd25, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7fff}, {0x6, 0x11, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}, {0x6, 0x11, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x101}, {0x6, 0x11, 0x9}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000080}, 0x40000) (async, rerun: 64)
r1 = socket$tipc(0x1e, 0x2, 0x0) (rerun: 64)
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x434, 0x3f3, 0x800, 0x70bd2b, 0x25dfdbfc, {0x6, 0x0, 0x3e, [0x1, 0x9, 0x7fff, 0x6, 0x29, 0x7, 0x5, 0x7, 0xb351, 0x8, 0x99f, 0x2, 0x1, 0x100, 0x1f, 0x9, 0x5, 0x0, 0xdd, 0x0, 0x1, 0x0, 0x4, 0x7, 0x6, 0x9, 0x9, 0x1, 0xd08, 0xa0, 0x2, 0x4, 0x0, 0x0, 0x8fd, 0x1, 0x5, 0x7, 0x4, 0x2, 0xfffff2a0, 0x5, 0x5, 0xffff, 0x4, 0x7, 0x1, 0xcd8, 0x0, 0x0, 0x8001, 0x7, 0x45a, 0x3, 0x8000, 0x4, 0x800, 0xcc7, 0x9, 0x40, 0x3, 0xc9, 0x1, 0x8000], [0x8, 0x80, 0x9, 0x1, 0x3f, 0x9, 0x7f, 0xf8000000, 0xffff, 0xffff, 0x5, 0x800, 0x2, 0x40, 0xff, 0xf9, 0xfffffff9, 0x2, 0x3, 0x10000, 0xe77d, 0x439, 0x8001, 0x100, 0xffff8000, 0xc71b, 0x3fe, 0x3f, 0x7ff, 0x20, 0x1, 0x5e, 0xfff, 0x56, 0x81, 0xfffffff9, 0x4, 0x7, 0x187a, 0x8, 0xd7e, 0x100, 0xffffff32, 0x2, 0xfffffffe, 0xd1, 0x0, 0x7, 0x0, 0xff, 0xc07, 0x0, 0xe, 0x4, 0xbfd104e, 0xbfe6, 0x1, 0x1, 0x3, 0x9, 0x5, 0x2, 0xffff3c0c, 0x34], [0xe9400000, 0x7, 0x327c, 0xffff0001, 0x5, 0xf63, 0x7, 0x3, 0x0, 0x1000, 0x3e, 0x3, 0x7f, 0x4, 0x2, 0x83, 0x2, 0x2, 0x20, 0x0, 0x3f, 0x1f, 0x0, 0x5, 0x6, 0xdaa6, 0x4, 0xf956, 0xdd, 0x4800000, 0x400, 0x101, 0x7ff, 0x6, 0x1ff, 0xfff, 0x7, 0x8, 0x6, 0xcfe, 0xfffffff9, 0x4, 0x81, 0x1, 0x8000, 0x1000, 0x0, 0x4, 0x6, 0x6, 0x5, 0x6, 0x2, 0x9, 0x4, 0x40, 0x400, 0x2, 0x8, 0x3f, 0x100, 0x4, 0x3, 0x6], [0x3ff, 0x5, 0x406, 0x80000000, 0x0, 0x0, 0xc6, 0x4eb, 0x0, 0x1ff, 0x254, 0x1, 0x1, 0x6, 0x3, 0x9, 0x14f, 0x4, 0x9, 0xffffa41d, 0xffffff00, 0x4, 0x0, 0x7, 0x101, 0x1, 0x4, 0xfffffffd, 0x9, 0x1, 0x4, 0x15, 0x1, 0x8, 0x200, 0x4, 0x9, 0x4, 0x4, 0x400, 0xf26, 0x8001, 0xfffeffff, 0x3, 0x2, 0x100, 0x0, 0x9, 0x0, 0xcef8, 0x3f, 0xffff, 0x800, 0x800, 0xfffffd4e, 0x1ff, 0x80000001, 0xed, 0x200, 0x35fa, 0x4, 0x3, 0x1000, 0x4], 0x11, ['-]\xda^\x00', '(O(&,\x00', '\xc5///\x00', '\x00']}, [""]}, 0x434}, 0x1, 0x0, 0x0, 0x801}, 0x80000) (async)
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85) (async)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

[ 2058.595449][  T819]  __x64_sys_ioctl+0xd4/0x110
[ 2058.600010][  T819]  do_syscall_64+0xca/0x1c0
[ 2058.604369][  T819]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2058.631404][  T819] debugfs: out of free dentries, can not create file 'stats'
03:34:31 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000000180)={0xc, {0x79, "f4aff5048a88fab18177e2e2b3126014436dfcc5079ed613eb1a72e19b9aa1a9d722092183558b5c79c5c6255eca55cb0650bda29b40ce0bbb1a8c5b48ad8a6a4bba395d38b2db2986f86f0867db8eb2697bd3fdbb21fb68ebc24c77f32c953a57fe342fa1e768960eb150cd2cab5019b404b40eb896597300"}}, 0x7f)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000200)={0x9}, 0x8)
ptrace$setregset(0x4205, 0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000040)="68acec7c19387dc2f9a7f78adc13b34202b58036b00a1468b38d89aa89951c40375459683e0da68e8e8523122922d86a3267875487126cee938b7c6e72d2dddd91ebf0d04b3b9267825e89eae699cb216d4c5821ecefffab97ad60f586c0e0b125c53bd9b30c5062a5d09e1af6a6985b52dbbfa221119d80641fd0efa308e350721d3e8b5698d3aa326210dfba2bf021fa4f8541e3523fc6bab33284b7f0c725c63f433ff1571e19c15d15329f052459db69fe2540496acba6208ed86bc3ae198053514d0e1124e6e6a9f8bacecee727a43717cda3fb", 0xd6})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:31 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040), 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x42c, 0x3f4, 0x200, 0x70bd29, 0x25dfdbfb, {0x4, 0x1, 0x3e, [0x5, 0x101, 0x4, 0x1, 0x81, 0xfffff6db, 0x5, 0x5, 0x76b3, 0xd62, 0xbc9, 0x34, 0x19f0e9d2, 0x400, 0x1, 0xfffff9f4, 0x6, 0x2, 0x8000, 0x7, 0x7, 0x9dd, 0x2, 0x1, 0x5, 0xffffffff, 0xc7, 0x2, 0x2, 0xff, 0x1, 0x8, 0x0, 0x10, 0x4, 0x3f, 0x120000, 0x4, 0x6, 0xfff, 0xffffff7f, 0xc2c, 0x200, 0x1ff, 0x40, 0x7fffffff, 0x6c4, 0x39, 0x1f, 0x9, 0x0, 0xfffff801, 0x4, 0x4, 0xff, 0x7, 0x6, 0x8, 0x8, 0x7, 0x0, 0x401, 0x81, 0x8], [0x2, 0x8, 0x40, 0x1f, 0x4, 0x4, 0x5, 0x81, 0x1, 0x5, 0x80000001, 0x3ed, 0xc72f, 0x7fffffff, 0xfffffffd, 0x3, 0x5, 0x6, 0x4, 0x10ed, 0x4, 0x86b, 0x1, 0x2, 0x100, 0x2, 0xdd9, 0x7fffffff, 0x4, 0x4, 0x7, 0x3, 0x9, 0x7526, 0x9, 0x1, 0xffff, 0xffffffff, 0xea, 0x1, 0x8, 0x47, 0xfffffffa, 0x7fffffff, 0x1000, 0x7ff, 0x9, 0x200, 0x8, 0x3, 0x10000, 0x6, 0x4, 0x4, 0xe96, 0x7, 0x33b, 0xfffffff7, 0x8, 0x7, 0x9, 0x0, 0x0, 0x9], [0x7, 0x800, 0x200, 0x0, 0xa6c5, 0x3, 0x10000, 0x4, 0xda, 0x4, 0x2, 0x7479ebc1, 0x20, 0x6, 0x0, 0x4, 0xc7, 0x4, 0x13b, 0x412, 0x9, 0x40, 0xf15, 0xff0, 0x9f5b, 0x200, 0x9, 0x6, 0x800, 0x8000, 0x80000000, 0x0, 0x1, 0x10001, 0x2, 0x2b90487b, 0x1, 0x0, 0x6, 0x746, 0x7, 0x4, 0x5, 0x9, 0x80000001, 0x1, 0x3, 0x8a0, 0x8, 0xff, 0x9, 0x0, 0x6, 0x1, 0xffffffff, 0x2, 0x8, 0xc7, 0x0, 0x3, 0xfffffffa, 0x5, 0x9, 0x2], [0x6, 0x2, 0x75fa850e, 0x9, 0x5, 0x7, 0x400, 0x3, 0x2, 0xffffffff, 0xffffffc0, 0x6, 0x3, 0x8, 0x10000, 0x0, 0x3743, 0x0, 0x0, 0x200, 0x8001, 0x5, 0x8, 0x9, 0x20, 0x2d, 0xfffffffe, 0x99de, 0x9, 0x4, 0x1, 0x4, 0x7fff, 0xfffffff7, 0x2, 0x8, 0x9, 0x7, 0xff, 0x4, 0xfffffffb, 0x1, 0x0, 0x20, 0x4, 0x3, 0x3, 0x90, 0x3, 0x7, 0x8, 0x5, 0xfff, 0x4, 0x244c, 0x7, 0x400, 0x0, 0x7, 0x9, 0x81, 0x2, 0x8, 0x8], 0xa, ['S-:(&/.(\x00', '\x00']}}, 0x42c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000580)=0x400, 0x4)
r2 = syz_open_procfs(0x0, &(0x7f0000000540)='net/netlink\x00')
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r2, 0x111, 0x3, 0x0, 0x4)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000005c0)={'ipvlan0\x00', 0x5})
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000600), &(0x7f0000000640)=0x4)

03:34:31 executing program 3:
r0 = getpid()
syz_open_procfs(r0, 0x0) (async)
r1 = syz_open_procfs(r0, 0x0)
ptrace$setregs(0xd, r0, 0x9e8b, &(0x7f0000000000)="4402ab65a47c7f7ff8e0269985d37ee3a1a990caa65cd705c6468eb7d20d43ad98d7160567489a7d91b76b411046f6ff6b10722ac3c58ac8a4274d4e108ba45893c01aac319e6e3eb53d3aa2d334a20b363e6d7ab5c99fafaed8de19e18758ad11ad8677dc47caed522a1d8e1682eab8845e9ca5c1fbe5cb30e675cdf3a65f8b949c3313b2095a7087bc8e394f1b1d8077be613ef1a253d3c50461e54e054c4e347167a22ed0c657b2815fe15228f0f756e9b1d0149183c162f46d558377a38ab3659fc5d71337a03e6b36d0cb1580126c6c7c31dd07f3ea960f2a964475064b136d4711a7233a5c329aca0a4f296fecfae2a728224bf5")
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = getpid()
ptrace$setregs(0xf, r3, 0x8, &(0x7f0000000100)="6203e4") (async)
ptrace$setregs(0xf, r3, 0x8, &(0x7f0000000100)="6203e4")
bind$tipc(r2, 0x0, 0x2)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r1, &(0x7f0000000140)="b511e07c86d0b3031f73ee3b965cf746a96bd440a93919bec9f706ccd0a76c65d7f5b060dc4d703a67b997078044bddb23b834d55cf24641396afd450c2bc8a846dfd0da92bcfe7073df906c4ccb8b9c6a16bb99f2d6677c797167d5a503ed599185050d3fef25515437", &(0x7f00000001c0)=""/105, 0x4}, 0x20)

03:34:31 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000000180)={0xc, {0x79, "f4aff5048a88fab18177e2e2b3126014436dfcc5079ed613eb1a72e19b9aa1a9d722092183558b5c79c5c6255eca55cb0650bda29b40ce0bbb1a8c5b48ad8a6a4bba395d38b2db2986f86f0867db8eb2697bd3fdbb21fb68ebc24c77f32c953a57fe342fa1e768960eb150cd2cab5019b404b40eb896597300"}}, 0x7f)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000200)={0x9}, 0x8)
ptrace$setregset(0x4205, 0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000040)="68acec7c19387dc2f9a7f78adc13b34202b58036b00a1468b38d89aa89951c40375459683e0da68e8e8523122922d86a3267875487126cee938b7c6e72d2dddd91ebf0d04b3b9267825e89eae699cb216d4c5821ecefffab97ad60f586c0e0b125c53bd9b30c5062a5d09e1af6a6985b52dbbfa221119d80641fd0efa308e350721d3e8b5698d3aa326210dfba2bf021fa4f8541e3523fc6bab33284b7f0c725c63f433ff1571e19c15d15329f052459db69fe2540496acba6208ed86bc3ae198053514d0e1124e6e6a9f8bacecee727a43717cda3fb", 0xd6}) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)

03:34:31 executing program 3:
r0 = getpid()
r1 = syz_open_procfs(r0, 0x0)
ptrace$setregs(0xd, r0, 0x9e8b, &(0x7f0000000000)="4402ab65a47c7f7ff8e0269985d37ee3a1a990caa65cd705c6468eb7d20d43ad98d7160567489a7d91b76b411046f6ff6b10722ac3c58ac8a4274d4e108ba45893c01aac319e6e3eb53d3aa2d334a20b363e6d7ab5c99fafaed8de19e18758ad11ad8677dc47caed522a1d8e1682eab8845e9ca5c1fbe5cb30e675cdf3a65f8b949c3313b2095a7087bc8e394f1b1d8077be613ef1a253d3c50461e54e054c4e347167a22ed0c657b2815fe15228f0f756e9b1d0149183c162f46d558377a38ab3659fc5d71337a03e6b36d0cb1580126c6c7c31dd07f3ea960f2a964475064b136d4711a7233a5c329aca0a4f296fecfae2a728224bf5") (async)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = getpid()
ptrace$setregs(0xf, r3, 0x8, &(0x7f0000000100)="6203e4") (async, rerun: 64)
bind$tipc(r2, 0x0, 0x2) (async, rerun: 64)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000240)={r1, &(0x7f0000000140)="b511e07c86d0b3031f73ee3b965cf746a96bd440a93919bec9f706ccd0a76c65d7f5b060dc4d703a67b997078044bddb23b834d55cf24641396afd450c2bc8a846dfd0da92bcfe7073df906c4ccb8b9c6a16bb99f2d6677c797167d5a503ed599185050d3fef25515437", &(0x7f00000001c0)=""/105, 0x4}, 0x20)

03:34:31 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1}}}, 0x10)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
getpeername$tipc(r1, &(0x7f0000000080), &(0x7f00000000c0)=0x10)

03:34:31 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040), 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x42c, 0x3f4, 0x200, 0x70bd29, 0x25dfdbfb, {0x4, 0x1, 0x3e, [0x5, 0x101, 0x4, 0x1, 0x81, 0xfffff6db, 0x5, 0x5, 0x76b3, 0xd62, 0xbc9, 0x34, 0x19f0e9d2, 0x400, 0x1, 0xfffff9f4, 0x6, 0x2, 0x8000, 0x7, 0x7, 0x9dd, 0x2, 0x1, 0x5, 0xffffffff, 0xc7, 0x2, 0x2, 0xff, 0x1, 0x8, 0x0, 0x10, 0x4, 0x3f, 0x120000, 0x4, 0x6, 0xfff, 0xffffff7f, 0xc2c, 0x200, 0x1ff, 0x40, 0x7fffffff, 0x6c4, 0x39, 0x1f, 0x9, 0x0, 0xfffff801, 0x4, 0x4, 0xff, 0x7, 0x6, 0x8, 0x8, 0x7, 0x0, 0x401, 0x81, 0x8], [0x2, 0x8, 0x40, 0x1f, 0x4, 0x4, 0x5, 0x81, 0x1, 0x5, 0x80000001, 0x3ed, 0xc72f, 0x7fffffff, 0xfffffffd, 0x3, 0x5, 0x6, 0x4, 0x10ed, 0x4, 0x86b, 0x1, 0x2, 0x100, 0x2, 0xdd9, 0x7fffffff, 0x4, 0x4, 0x7, 0x3, 0x9, 0x7526, 0x9, 0x1, 0xffff, 0xffffffff, 0xea, 0x1, 0x8, 0x47, 0xfffffffa, 0x7fffffff, 0x1000, 0x7ff, 0x9, 0x200, 0x8, 0x3, 0x10000, 0x6, 0x4, 0x4, 0xe96, 0x7, 0x33b, 0xfffffff7, 0x8, 0x7, 0x9, 0x0, 0x0, 0x9], [0x7, 0x800, 0x200, 0x0, 0xa6c5, 0x3, 0x10000, 0x4, 0xda, 0x4, 0x2, 0x7479ebc1, 0x20, 0x6, 0x0, 0x4, 0xc7, 0x4, 0x13b, 0x412, 0x9, 0x40, 0xf15, 0xff0, 0x9f5b, 0x200, 0x9, 0x6, 0x800, 0x8000, 0x80000000, 0x0, 0x1, 0x10001, 0x2, 0x2b90487b, 0x1, 0x0, 0x6, 0x746, 0x7, 0x4, 0x5, 0x9, 0x80000001, 0x1, 0x3, 0x8a0, 0x8, 0xff, 0x9, 0x0, 0x6, 0x1, 0xffffffff, 0x2, 0x8, 0xc7, 0x0, 0x3, 0xfffffffa, 0x5, 0x9, 0x2], [0x6, 0x2, 0x75fa850e, 0x9, 0x5, 0x7, 0x400, 0x3, 0x2, 0xffffffff, 0xffffffc0, 0x6, 0x3, 0x8, 0x10000, 0x0, 0x3743, 0x0, 0x0, 0x200, 0x8001, 0x5, 0x8, 0x9, 0x20, 0x2d, 0xfffffffe, 0x99de, 0x9, 0x4, 0x1, 0x4, 0x7fff, 0xfffffff7, 0x2, 0x8, 0x9, 0x7, 0xff, 0x4, 0xfffffffb, 0x1, 0x0, 0x20, 0x4, 0x3, 0x3, 0x90, 0x3, 0x7, 0x8, 0x5, 0xfff, 0x4, 0x244c, 0x7, 0x400, 0x0, 0x7, 0x9, 0x81, 0x2, 0x8, 0x8], 0xa, ['S-:(&/.(\x00', '\x00']}}, 0x42c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000580)=0x400, 0x4) (async)
r2 = syz_open_procfs(0x0, &(0x7f0000000540)='net/netlink\x00')
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r2, 0x111, 0x3, 0x0, 0x4)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000005c0)={'ipvlan0\x00', 0x5})
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000600), &(0x7f0000000640)=0x4)

03:34:31 executing program 2:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
write$UHID_INPUT2(r0, &(0x7f0000000180)={0xc, {0x79, "f4aff5048a88fab18177e2e2b3126014436dfcc5079ed613eb1a72e19b9aa1a9d722092183558b5c79c5c6255eca55cb0650bda29b40ce0bbb1a8c5b48ad8a6a4bba395d38b2db2986f86f0867db8eb2697bd3fdbb21fb68ebc24c77f32c953a57fe342fa1e768960eb150cd2cab5019b404b40eb896597300"}}, 0x7f)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000200)={0x9}, 0x8)
ptrace$setregset(0x4205, 0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000040)="68acec7c19387dc2f9a7f78adc13b34202b58036b00a1468b38d89aa89951c40375459683e0da68e8e8523122922d86a3267875487126cee938b7c6e72d2dddd91ebf0d04b3b9267825e89eae699cb216d4c5821ecefffab97ad60f586c0e0b125c53bd9b30c5062a5d09e1af6a6985b52dbbfa221119d80641fd0efa308e350721d3e8b5698d3aa326210dfba2bf021fa4f8541e3523fc6bab33284b7f0c725c63f433ff1571e19c15d15329f052459db69fe2540496acba6208ed86bc3ae198053514d0e1124e6e6a9f8bacecee727a43717cda3fb", 0xd6})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0) (async)
write$UHID_INPUT2(r0, &(0x7f0000000180)={0xc, {0x79, "f4aff5048a88fab18177e2e2b3126014436dfcc5079ed613eb1a72e19b9aa1a9d722092183558b5c79c5c6255eca55cb0650bda29b40ce0bbb1a8c5b48ad8a6a4bba395d38b2db2986f86f0867db8eb2697bd3fdbb21fb68ebc24c77f32c953a57fe342fa1e768960eb150cd2cab5019b404b40eb896597300"}}, 0x7f) (async)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000200)={0x9}, 0x8) (async)
ptrace$setregset(0x4205, 0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000040)="68acec7c19387dc2f9a7f78adc13b34202b58036b00a1468b38d89aa89951c40375459683e0da68e8e8523122922d86a3267875487126cee938b7c6e72d2dddd91ebf0d04b3b9267825e89eae699cb216d4c5821ecefffab97ad60f586c0e0b125c53bd9b30c5062a5d09e1af6a6985b52dbbfa221119d80641fd0efa308e350721d3e8b5698d3aa326210dfba2bf021fa4f8541e3523fc6bab33284b7f0c725c63f433ff1571e19c15d15329f052459db69fe2540496acba6208ed86bc3ae198053514d0e1124e6e6a9f8bacecee727a43717cda3fb", 0xd6}) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)

[ 2058.741760][  T875] FAULT_INJECTION: forcing a failure.
[ 2058.741760][  T875] name failslab, interval 1, probability 0, space 0, times 0
[ 2058.794061][  T875] CPU: 1 PID: 875 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2058.806027][  T875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2058.815919][  T875] Call Trace:
[ 2058.819056][  T875]  dump_stack+0x1d8/0x241
[ 2058.823224][  T875]  ? panic+0x896/0x896
[ 2058.827130][  T875]  ? do_vfs_ioctl+0x742/0x1720
[ 2058.831723][  T875]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2058.837373][  T875]  should_fail+0x71f/0x880
[ 2058.841622][  T875]  ? setup_fault_attr+0x3d0/0x3d0
[ 2058.847372][  T875]  ? make_kgid+0x1f2/0x6f0
[ 2058.851619][  T875]  ? security_inode_alloc+0x24/0x110
[ 2058.856838][  T875]  should_failslab+0x5/0x20
[ 2058.861330][  T875]  kmem_cache_alloc+0x28/0x250
[ 2058.866203][  T875]  security_inode_alloc+0x24/0x110
[ 2058.871149][  T875]  inode_init_always+0x655/0x8a0
[ 2058.875936][  T875]  new_inode_pseudo+0x8f/0x210
[ 2058.880524][  T875]  new_inode+0x25/0x1d0
[ 2058.884688][  T875]  ? start_creating+0x15d/0x250
[ 2058.889384][  T875]  __debugfs_create_file+0xb6/0x400
[ 2058.894511][  T875]  ? debugfs_create_dir+0x2e7/0x380
[ 2058.899631][  T875]  bdi_register_va+0x287/0x610
[ 2058.904394][  T875]  bdi_register+0xd1/0x120
[ 2058.908651][  T875]  ? __device_add_disk+0x551/0x1220
[ 2058.915183][  T875]  ? bdi_register_va+0x610/0x610
[ 2058.919951][  T875]  ? percpu_ref_resurrect+0x113/0x190
[ 2058.925426][  T875]  bdi_register_owner+0x55/0xf0
[ 2058.931511][  T875]  __device_add_disk+0x5d1/0x1220
[ 2058.936361][  T875]  ? device_add_disk+0x30/0x30
[ 2058.940999][  T875]  ? vsprintf+0x30/0x30
[ 2058.944942][  T875]  ? __alloc_disk_node+0x459/0x5a0
[ 2058.950162][  T875]  loop_add+0x573/0x740
[ 2058.954151][  T875]  loop_control_ioctl+0x448/0x620
[ 2058.959008][  T875]  ? loop_remove+0xa0/0xa0
[ 2058.963257][  T875]  ? memset+0x1f/0x40
[ 2058.967253][  T875]  ? fsnotify+0x1280/0x1340
[ 2058.971590][  T875]  ? loop_remove+0xa0/0xa0
[ 2058.975846][  T875]  do_vfs_ioctl+0x742/0x1720
[ 2058.980271][  T875]  ? ioctl_preallocate+0x250/0x250
[ 2058.985221][  T875]  ? __fget+0x407/0x490
[ 2058.989227][  T875]  ? fget_many+0x20/0x20
03:34:31 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 77)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:31 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040), 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x42c, 0x3f4, 0x200, 0x70bd29, 0x25dfdbfb, {0x4, 0x1, 0x3e, [0x5, 0x101, 0x4, 0x1, 0x81, 0xfffff6db, 0x5, 0x5, 0x76b3, 0xd62, 0xbc9, 0x34, 0x19f0e9d2, 0x400, 0x1, 0xfffff9f4, 0x6, 0x2, 0x8000, 0x7, 0x7, 0x9dd, 0x2, 0x1, 0x5, 0xffffffff, 0xc7, 0x2, 0x2, 0xff, 0x1, 0x8, 0x0, 0x10, 0x4, 0x3f, 0x120000, 0x4, 0x6, 0xfff, 0xffffff7f, 0xc2c, 0x200, 0x1ff, 0x40, 0x7fffffff, 0x6c4, 0x39, 0x1f, 0x9, 0x0, 0xfffff801, 0x4, 0x4, 0xff, 0x7, 0x6, 0x8, 0x8, 0x7, 0x0, 0x401, 0x81, 0x8], [0x2, 0x8, 0x40, 0x1f, 0x4, 0x4, 0x5, 0x81, 0x1, 0x5, 0x80000001, 0x3ed, 0xc72f, 0x7fffffff, 0xfffffffd, 0x3, 0x5, 0x6, 0x4, 0x10ed, 0x4, 0x86b, 0x1, 0x2, 0x100, 0x2, 0xdd9, 0x7fffffff, 0x4, 0x4, 0x7, 0x3, 0x9, 0x7526, 0x9, 0x1, 0xffff, 0xffffffff, 0xea, 0x1, 0x8, 0x47, 0xfffffffa, 0x7fffffff, 0x1000, 0x7ff, 0x9, 0x200, 0x8, 0x3, 0x10000, 0x6, 0x4, 0x4, 0xe96, 0x7, 0x33b, 0xfffffff7, 0x8, 0x7, 0x9, 0x0, 0x0, 0x9], [0x7, 0x800, 0x200, 0x0, 0xa6c5, 0x3, 0x10000, 0x4, 0xda, 0x4, 0x2, 0x7479ebc1, 0x20, 0x6, 0x0, 0x4, 0xc7, 0x4, 0x13b, 0x412, 0x9, 0x40, 0xf15, 0xff0, 0x9f5b, 0x200, 0x9, 0x6, 0x800, 0x8000, 0x80000000, 0x0, 0x1, 0x10001, 0x2, 0x2b90487b, 0x1, 0x0, 0x6, 0x746, 0x7, 0x4, 0x5, 0x9, 0x80000001, 0x1, 0x3, 0x8a0, 0x8, 0xff, 0x9, 0x0, 0x6, 0x1, 0xffffffff, 0x2, 0x8, 0xc7, 0x0, 0x3, 0xfffffffa, 0x5, 0x9, 0x2], [0x6, 0x2, 0x75fa850e, 0x9, 0x5, 0x7, 0x400, 0x3, 0x2, 0xffffffff, 0xffffffc0, 0x6, 0x3, 0x8, 0x10000, 0x0, 0x3743, 0x0, 0x0, 0x200, 0x8001, 0x5, 0x8, 0x9, 0x20, 0x2d, 0xfffffffe, 0x99de, 0x9, 0x4, 0x1, 0x4, 0x7fff, 0xfffffff7, 0x2, 0x8, 0x9, 0x7, 0xff, 0x4, 0xfffffffb, 0x1, 0x0, 0x20, 0x4, 0x3, 0x3, 0x90, 0x3, 0x7, 0x8, 0x5, 0xfff, 0x4, 0x244c, 0x7, 0x400, 0x0, 0x7, 0x9, 0x81, 0x2, 0x8, 0x8], 0xa, ['S-:(&/.(\x00', '\x00']}}, 0x42c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000580)=0x400, 0x4)
r2 = syz_open_procfs(0x0, &(0x7f0000000540)='net/netlink\x00')
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r2, 0x111, 0x3, 0x0, 0x4)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000005c0)={'ipvlan0\x00', 0x5})
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000600), &(0x7f0000000640)=0x4)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040), 0xc, &(0x7f00000004c0)={&(0x7f0000000080)={0x42c, 0x3f4, 0x200, 0x70bd29, 0x25dfdbfb, {0x4, 0x1, 0x3e, [0x5, 0x101, 0x4, 0x1, 0x81, 0xfffff6db, 0x5, 0x5, 0x76b3, 0xd62, 0xbc9, 0x34, 0x19f0e9d2, 0x400, 0x1, 0xfffff9f4, 0x6, 0x2, 0x8000, 0x7, 0x7, 0x9dd, 0x2, 0x1, 0x5, 0xffffffff, 0xc7, 0x2, 0x2, 0xff, 0x1, 0x8, 0x0, 0x10, 0x4, 0x3f, 0x120000, 0x4, 0x6, 0xfff, 0xffffff7f, 0xc2c, 0x200, 0x1ff, 0x40, 0x7fffffff, 0x6c4, 0x39, 0x1f, 0x9, 0x0, 0xfffff801, 0x4, 0x4, 0xff, 0x7, 0x6, 0x8, 0x8, 0x7, 0x0, 0x401, 0x81, 0x8], [0x2, 0x8, 0x40, 0x1f, 0x4, 0x4, 0x5, 0x81, 0x1, 0x5, 0x80000001, 0x3ed, 0xc72f, 0x7fffffff, 0xfffffffd, 0x3, 0x5, 0x6, 0x4, 0x10ed, 0x4, 0x86b, 0x1, 0x2, 0x100, 0x2, 0xdd9, 0x7fffffff, 0x4, 0x4, 0x7, 0x3, 0x9, 0x7526, 0x9, 0x1, 0xffff, 0xffffffff, 0xea, 0x1, 0x8, 0x47, 0xfffffffa, 0x7fffffff, 0x1000, 0x7ff, 0x9, 0x200, 0x8, 0x3, 0x10000, 0x6, 0x4, 0x4, 0xe96, 0x7, 0x33b, 0xfffffff7, 0x8, 0x7, 0x9, 0x0, 0x0, 0x9], [0x7, 0x800, 0x200, 0x0, 0xa6c5, 0x3, 0x10000, 0x4, 0xda, 0x4, 0x2, 0x7479ebc1, 0x20, 0x6, 0x0, 0x4, 0xc7, 0x4, 0x13b, 0x412, 0x9, 0x40, 0xf15, 0xff0, 0x9f5b, 0x200, 0x9, 0x6, 0x800, 0x8000, 0x80000000, 0x0, 0x1, 0x10001, 0x2, 0x2b90487b, 0x1, 0x0, 0x6, 0x746, 0x7, 0x4, 0x5, 0x9, 0x80000001, 0x1, 0x3, 0x8a0, 0x8, 0xff, 0x9, 0x0, 0x6, 0x1, 0xffffffff, 0x2, 0x8, 0xc7, 0x0, 0x3, 0xfffffffa, 0x5, 0x9, 0x2], [0x6, 0x2, 0x75fa850e, 0x9, 0x5, 0x7, 0x400, 0x3, 0x2, 0xffffffff, 0xffffffc0, 0x6, 0x3, 0x8, 0x10000, 0x0, 0x3743, 0x0, 0x0, 0x200, 0x8001, 0x5, 0x8, 0x9, 0x20, 0x2d, 0xfffffffe, 0x99de, 0x9, 0x4, 0x1, 0x4, 0x7fff, 0xfffffff7, 0x2, 0x8, 0x9, 0x7, 0xff, 0x4, 0xfffffffb, 0x1, 0x0, 0x20, 0x4, 0x3, 0x3, 0x90, 0x3, 0x7, 0x8, 0x5, 0xfff, 0x4, 0x244c, 0x7, 0x400, 0x0, 0x7, 0x9, 0x81, 0x2, 0x8, 0x8], 0xa, ['S-:(&/.(\x00', '\x00']}}, 0x42c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000580)=0x400, 0x4) (async)
syz_open_procfs(0x0, &(0x7f0000000540)='net/netlink\x00') (async)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r2, 0x111, 0x3, 0x0, 0x4) (async)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f00000005c0)={'ipvlan0\x00', 0x5}) (async)
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000600), &(0x7f0000000640)=0x4) (async)

03:34:31 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1}}}, 0x10)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
getpeername$tipc(r1, &(0x7f0000000080), &(0x7f00000000c0)=0x10)

03:34:31 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x14880, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)={0x10000}, 0x8)
ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000000))
bind$tipc(r0, 0x0, 0x2)

03:34:31 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/arp\x00')
connect$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4}}, 0x10)
sendmsg$AUDIT_USER(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000ed0308fbdbdf25fa984cc4e0e30add48d7e9fa"], 0x1c}, 0x1, 0x0, 0x0, 0x4000820}, 0x40000d0)

03:34:31 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x585e, &(0x7f00000008c0)={0x0, 0xe746, 0x20, 0x3, 0xa1, 0x0, r1}, &(0x7f0000000940), &(0x7f0000000980))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f00000009c0)={0x0, 0x0, 0x0, '\x00', [{}]}, 0x1)
r3 = accept4$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x149082, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000240)={'team0\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)={'team0\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f00000002c0)={'team0\x00', <r9=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000300)={'team0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000000880)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000340)={0x4dc, 0x0, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r6}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x84, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x54, 0x4, [{0x96, 0x5, 0x1f, 0x4}, {0x7fff, 0x18, 0x7f, 0x9}, {0x9, 0x2, 0xf7, 0xffff4805}, {0x2, 0x8, 0x7f, 0x1f}, {0x3e, 0x7f, 0x7, 0x2}, {0x667c, 0x9, 0xff, 0x7}, {0x9, 0x1, 0xde, 0x80000000}, {0x4, 0x1, 0x4, 0x3}, {0x4, 0x2, 0x0, 0x973}, {0xc, 0x4, 0x7, 0xc27}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xdce9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x253}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0xf8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x68}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x41bb}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xa47}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x7c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4c, 0x4, [{0x2e, 0x2, 0x81, 0x550}, {0x4, 0x3, 0x1f, 0x7}, {0x2, 0x1, 0x0, 0x2}, {0x934, 0x1, 0x67, 0x3b}, {0xffe0, 0x5, 0x5, 0x5}, {0x3, 0x6, 0x1f, 0x9}, {0x6, 0xcf, 0x40, 0x7ff}, {0x5, 0x7, 0x80, 0x1}, {0x8, 0x81, 0x8, 0xffffffff}]}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x20000000}, 0x4001)
bind$tipc(r0, 0x0, 0x0)

03:34:31 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x585e, &(0x7f00000008c0)={0x0, 0xe746, 0x20, 0x3, 0xa1, 0x0, r1}, &(0x7f0000000940), &(0x7f0000000980))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f00000009c0)={0x0, 0x0, 0x0, '\x00', [{}]}, 0x1) (async)
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f00000009c0)={0x0, 0x0, 0x0, '\x00', [{}]}, 0x1)
accept4$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0) (async)
r3 = accept4$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x149082, 0x0) (async)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x149082, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000240)={'team0\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)={'team0\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f00000002c0)={'team0\x00', <r9=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000300)={'team0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000000880)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000340)={0x4dc, 0x0, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r6}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x84, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x54, 0x4, [{0x96, 0x5, 0x1f, 0x4}, {0x7fff, 0x18, 0x7f, 0x9}, {0x9, 0x2, 0xf7, 0xffff4805}, {0x2, 0x8, 0x7f, 0x1f}, {0x3e, 0x7f, 0x7, 0x2}, {0x667c, 0x9, 0xff, 0x7}, {0x9, 0x1, 0xde, 0x80000000}, {0x4, 0x1, 0x4, 0x3}, {0x4, 0x2, 0x0, 0x973}, {0xc, 0x4, 0x7, 0xc27}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xdce9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x253}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0xf8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x68}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x41bb}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xa47}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x7c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4c, 0x4, [{0x2e, 0x2, 0x81, 0x550}, {0x4, 0x3, 0x1f, 0x7}, {0x2, 0x1, 0x0, 0x2}, {0x934, 0x1, 0x67, 0x3b}, {0xffe0, 0x5, 0x5, 0x5}, {0x3, 0x6, 0x1f, 0x9}, {0x6, 0xcf, 0x40, 0x7ff}, {0x5, 0x7, 0x80, 0x1}, {0x8, 0x81, 0x8, 0xffffffff}]}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x20000000}, 0x4001) (async)
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000000880)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000340)={0x4dc, 0x0, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r6}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x84, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x54, 0x4, [{0x96, 0x5, 0x1f, 0x4}, {0x7fff, 0x18, 0x7f, 0x9}, {0x9, 0x2, 0xf7, 0xffff4805}, {0x2, 0x8, 0x7f, 0x1f}, {0x3e, 0x7f, 0x7, 0x2}, {0x667c, 0x9, 0xff, 0x7}, {0x9, 0x1, 0xde, 0x80000000}, {0x4, 0x1, 0x4, 0x3}, {0x4, 0x2, 0x0, 0x973}, {0xc, 0x4, 0x7, 0xc27}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xdce9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x253}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0xf8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x68}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x41bb}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xa47}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x7c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4c, 0x4, [{0x2e, 0x2, 0x81, 0x550}, {0x4, 0x3, 0x1f, 0x7}, {0x2, 0x1, 0x0, 0x2}, {0x934, 0x1, 0x67, 0x3b}, {0xffe0, 0x5, 0x5, 0x5}, {0x3, 0x6, 0x1f, 0x9}, {0x6, 0xcf, 0x40, 0x7ff}, {0x5, 0x7, 0x80, 0x1}, {0x8, 0x81, 0x8, 0xffffffff}]}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x20000000}, 0x4001)
bind$tipc(r0, 0x0, 0x0)

[ 2058.993296][  T875]  ? debug_smp_processor_id+0x20/0x20
[ 2058.998499][  T875]  ? security_file_ioctl+0x7d/0xa0
[ 2059.003451][  T875]  __x64_sys_ioctl+0xd4/0x110
[ 2059.007969][  T875]  do_syscall_64+0xca/0x1c0
[ 2059.012381][  T875]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2059.024597][  T875] debugfs: out of free dentries, can not create file 'stats'
03:34:31 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x14880, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)={0x10000}, 0x8)
ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000000))
bind$tipc(r0, 0x0, 0x2)
socket$tipc(0x1e, 0x2, 0x0) (async)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x14880, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)={0x10000}, 0x8) (async)
ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000000)) (async)
bind$tipc(r0, 0x0, 0x2) (async)

03:34:31 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/arp\x00')
connect$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4}}, 0x10)
sendmsg$AUDIT_USER(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000ed0308fbdbdf25fa984cc4e0e30add48d7e9fa"], 0x1c}, 0x1, 0x0, 0x0, 0x4000820}, 0x40000d0) (async)
sendmsg$AUDIT_USER(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000ed0308fbdbdf25fa984cc4e0e30add48d7e9fa"], 0x1c}, 0x1, 0x0, 0x0, 0x4000820}, 0x40000d0)

03:34:31 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x200, 0x70bd29, 0x25dfdbff, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x880}, 0x8804)

03:34:31 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1}}}, 0x10) (async)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
getpeername$tipc(r1, &(0x7f0000000080), &(0x7f00000000c0)=0x10)

03:34:31 executing program 2:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r1, 0x6, 0x8, 0x0, 0x0) (async)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/arp\x00')
connect$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4}}, 0x10) (async)
sendmsg$AUDIT_USER(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000ed0308fbdbdf25fa984cc4e0e30add48d7e9fa"], 0x1c}, 0x1, 0x0, 0x0, 0x4000820}, 0x40000d0)

[ 2059.146943][  T945] FAULT_INJECTION: forcing a failure.
[ 2059.146943][  T945] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2059.166749][  T945] CPU: 1 PID: 945 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2059.178023][  T945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2059.187920][  T945] Call Trace:
[ 2059.191140][  T945]  dump_stack+0x1d8/0x241
[ 2059.195312][  T945]  ? panic+0x896/0x896
[ 2059.199305][  T945]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2059.204940][  T945]  ? stack_trace_save+0x118/0x1c0
[ 2059.209814][  T945]  ? stack_trace_snprint+0x170/0x170
[ 2059.214928][  T945]  should_fail+0x71f/0x880
[ 2059.219190][  T945]  ? setup_fault_attr+0x3d0/0x3d0
[ 2059.224038][  T945]  ? __kasan_kmalloc+0x1d9/0x210
[ 2059.228804][  T945]  ? remove_wait_queue+0x120/0x120
[ 2059.233758][  T945]  ? __kasan_kmalloc+0x171/0x210
[ 2059.238878][  T945]  __alloc_pages_nodemask+0x1b4/0x840
[ 2059.244084][  T945]  ? __device_add_disk+0x5d1/0x1220
[ 2059.249211][  T945]  ? loop_add+0x573/0x740
[ 2059.253368][  T945]  ? loop_control_ioctl+0x448/0x620
[ 2059.259096][  T945]  ? do_syscall_64+0xca/0x1c0
[ 2059.263606][  T945]  ? gfp_pfmemalloc_allowed+0x120/0x120
[ 2059.268986][  T945]  ? lockref_get+0x184/0x220
[ 2059.273418][  T945]  __get_free_pages+0xa/0x30
[ 2059.277837][  T945]  selinux_genfs_get_sid+0x54/0x260
[ 2059.282879][  T945]  inode_doinit_with_dentry+0x892/0x1050
[ 2059.289133][  T945]  ? sb_finish_set_opts+0x770/0x770
[ 2059.294160][  T945]  ? current_time+0x1af/0x2f0
[ 2059.298677][  T945]  ? atime_needs_update+0x590/0x590
[ 2059.303709][  T945]  security_d_instantiate+0x97/0xf0
[ 2059.308744][  T945]  d_instantiate+0x51/0x90
[ 2059.312996][  T945]  __debugfs_create_file+0x257/0x400
[ 2059.318123][  T945]  bdi_register_va+0x287/0x610
[ 2059.322714][  T945]  bdi_register+0xd1/0x120
[ 2059.326965][  T945]  ? __device_add_disk+0x551/0x1220
[ 2059.332002][  T945]  ? bdi_register_va+0x610/0x610
[ 2059.336782][  T945]  ? percpu_ref_resurrect+0x113/0x190
[ 2059.341987][  T945]  bdi_register_owner+0x55/0xf0
[ 2059.346670][  T945]  __device_add_disk+0x5d1/0x1220
[ 2059.351537][  T945]  ? device_add_disk+0x30/0x30
[ 2059.356240][  T945]  ? vsprintf+0x30/0x30
[ 2059.360244][  T945]  ? __alloc_disk_node+0x459/0x5a0
[ 2059.365181][  T945]  loop_add+0x573/0x740
[ 2059.369178][  T945]  loop_control_ioctl+0x448/0x620
[ 2059.374032][  T945]  ? loop_remove+0xa0/0xa0
[ 2059.378395][  T945]  ? memset+0x1f/0x40
[ 2059.382187][  T945]  ? fsnotify+0x1280/0x1340
[ 2059.386524][  T945]  ? loop_remove+0xa0/0xa0
[ 2059.390775][  T945]  do_vfs_ioctl+0x742/0x1720
03:34:32 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 78)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:32 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x585e, &(0x7f00000008c0)={0x0, 0xe746, 0x20, 0x3, 0xa1, 0x0, r1}, &(0x7f0000000940), &(0x7f0000000980))
io_uring_register$IORING_REGISTER_PROBE(r2, 0x8, &(0x7f00000009c0)={0x0, 0x0, 0x0, '\x00', [{}]}, 0x1) (async, rerun: 64)
r3 = accept4$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10, 0x0) (rerun: 64)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x149082, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000200)={'team0\x00', <r6=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000240)={'team0\x00', <r7=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)={'team0\x00', <r8=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f00000002c0)={'team0\x00', <r9=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000300)={'team0\x00', <r10=>0x0})
sendmsg$TEAM_CMD_NOOP(r4, &(0x7f0000000880)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000340)={0x4dc, 0x0, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x20}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r6}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x84, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x54, 0x4, [{0x96, 0x5, 0x1f, 0x4}, {0x7fff, 0x18, 0x7f, 0x9}, {0x9, 0x2, 0xf7, 0xffff4805}, {0x2, 0x8, 0x7f, 0x1f}, {0x3e, 0x7f, 0x7, 0x2}, {0x667c, 0x9, 0xff, 0x7}, {0x9, 0x1, 0xde, 0x80000000}, {0x4, 0x1, 0x4, 0x3}, {0x4, 0x2, 0x0, 0x973}, {0xc, 0x4, 0x7, 0xc27}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xdce9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x253}}, {0x8}}}]}}, {{0x8, 0x1, r7}, {0xf8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x68}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x41bb}}, {0x8}}}]}}, {{0x8}, {0x138, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r9}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xa47}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x7c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x4c, 0x4, [{0x2e, 0x2, 0x81, 0x550}, {0x4, 0x3, 0x1f, 0x7}, {0x2, 0x1, 0x0, 0x2}, {0x934, 0x1, 0x67, 0x3b}, {0xffe0, 0x5, 0x5, 0x5}, {0x3, 0x6, 0x1f, 0x9}, {0x6, 0xcf, 0x40, 0x7ff}, {0x5, 0x7, 0x80, 0x1}, {0x8, 0x81, 0x8, 0xffffffff}]}}}]}}, {{0x8}, {0x78, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r10}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x20000000}, 0x4001) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:32 executing program 5:
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="0e0000000700000002fcf80018c2cd93d358f6c3ab026209523fddb10fc087d86680f3ba09289d66157c5e6a9675fd95c9e6ea79eb63f26321bc4eab6c2288b90dab4adf74148007a4d48ac9693cbc26995148a0c26dc8e0b701000000f17ae5d34c81c24ccda28d6ba1f0d15056daf4a45ecd21286e7ae157784aca4a6d0971647629b450ee6c4115fa301194603fbcd1ca355368ce6ddcab5667832cb7081118af9f3743ff77d111d05b87a9dd57d50c10dc06810a377270c842bed6987e316f5c519f0879fbc59705b8274d9fd63b44101fad75c94f1609e06acda57729349cd2ae1a888cdfaa5a9570c9abe17af77cd7a481e45adc59f78285fc32e6835c"], 0x104)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f00000001c0)=0x4, 0x4)

03:34:32 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) (async)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x200, 0x70bd29, 0x25dfdbff, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x880}, 0x8804)

03:34:32 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0) (async)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x14880, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)={0x10000}, 0x8) (async)
ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000000))
bind$tipc(r0, 0x0, 0x2)

03:34:32 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={<r3=>0x0, @loopback, @loopback}, &(0x7f0000000200)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={<r4=>0x0, @multicast1, @empty}, &(0x7f0000000280)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={0x1, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000880)={&(0x7f0000000380)={0x4d4, r1, 0x200, 0x70bd29, 0x25dfdbfc, {}, [{{0x8, 0x1, r2}, {0x254, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff00000}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffff7a2}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x95}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x400}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x49}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0x15c, 0x2, 0x0, 0x1, [{0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x10cc, 0x19, 0xff, 0x3}, {0x3, 0x81, 0xff, 0x8001}, {0x101, 0x7f, 0x20, 0x7fffffff}, {0x5, 0xae, 0x7, 0x7}, {0x81, 0xe1, 0xf0, 0x400}, {0x0, 0x3, 0x2, 0x5}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}]}}, {{0x8}, {0xf8, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffe}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x4d4}, 0x1, 0x0, 0x0, 0x50}, 0x4881)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040)=0x7, 0x4)

03:34:32 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x200, 0x70bd29, 0x25dfdbff, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x880}, 0x8804)

03:34:32 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async, rerun: 64)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={<r3=>0x0, @loopback, @loopback}, &(0x7f0000000200)=0xc) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={<r4=>0x0, @multicast1, @empty}, &(0x7f0000000280)=0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={0x1, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000880)={&(0x7f0000000380)={0x4d4, r1, 0x200, 0x70bd29, 0x25dfdbfc, {}, [{{0x8, 0x1, r2}, {0x254, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff00000}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffff7a2}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x95}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x400}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x49}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0x15c, 0x2, 0x0, 0x1, [{0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x10cc, 0x19, 0xff, 0x3}, {0x3, 0x81, 0xff, 0x8001}, {0x101, 0x7f, 0x20, 0x7fffffff}, {0x5, 0xae, 0x7, 0x7}, {0x81, 0xe1, 0xf0, 0x400}, {0x0, 0x3, 0x2, 0x5}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}]}}, {{0x8}, {0xf8, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffe}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x4d4}, 0x1, 0x0, 0x0, 0x50}, 0x4881)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040)=0x7, 0x4)

[ 2059.395218][  T945]  ? ioctl_preallocate+0x250/0x250
[ 2059.400329][  T945]  ? __fget+0x407/0x490
[ 2059.404319][  T945]  ? fget_many+0x20/0x20
[ 2059.408424][  T945]  ? debug_smp_processor_id+0x20/0x20
[ 2059.413610][  T945]  ? security_file_ioctl+0x7d/0xa0
[ 2059.418556][  T945]  __x64_sys_ioctl+0xd4/0x110
[ 2059.423070][  T945]  do_syscall_64+0xca/0x1c0
[ 2059.428676][  T945]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:32 executing program 1:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000140), 0xfffffffffffffff9, 0x8000)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000180)="11f9febacc4fb2c9f6889e4f67b3f4eedec756cad5e7504a12eebe427c3d849e6abbc247ff03d2d0617b9dce0e91ca9d7139c79f414174f0e1c85eb0b153934cd1d0f078b3e2f7ee69b273f39465ddecf0e9648233b8137109c0467bb386566f5f16a9f7166f6469bab992d1a7c3934f8e68bbca501fe460c8a29177840420e82ba460d1a8bdc6b11a66b079c7f2c10b420ea6f57ed17db681", &(0x7f0000000240)=@buf="8ca001587f7fc7073a5511434469e01c604630f7bfa911ad6ba6ab4d00aa793164f3c986f3fd6dd3d4f7b48af1d9d0975b0813b5d24f8e07f5e3af13763384e6a976de2280533e862cda588e81de758ce9f086801fc67295d69c601eaff222c9099772063c", 0x4}, 0x20)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3fb, 0x1, 0x70bd2d, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4004)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r2, 0x0, 0x0)

03:34:32 executing program 3:
r0 = socket$tipc(0x1e, 0x7, 0x0)
r1 = getpid()
r2 = syz_open_procfs(r1, 0x0)
r3 = syz_open_procfs(r1, &(0x7f00000000c0)='net/protocols\x00')
r4 = syz_open_procfs(r1, &(0x7f0000000080)='net/nf_conntrack_expect\x00')
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r7 = openat$vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x10000, 0x0)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r8, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x46d, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_tracing={0x1a, 0x10, &(0x7f0000000180)=@raw=[@map_idx={0x18, 0x5439b18e8ff61aa6, 0x5, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x7f}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x8}, @ldst={0x3, 0x3, 0x1, 0x2, 0x2, 0xfffffffffffffffc, 0xffffffffffffffff}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2b8}, @map_val={0x18, 0x6, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x3ff}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xd6}, @jmp={0x5, 0x0, 0xd, 0x2, 0x8, 0xfffffffffffffff8}, @generic={0x4, 0x1, 0x5, 0x2, 0x7}, @alu={0x7, 0x0, 0x9, 0x5, 0xa, 0xffffffffffffffff, 0xfffffffffffffffc}], &(0x7f0000000200)='GPL\x00', 0x9, 0xa5, &(0x7f0000000240)=""/165, 0x41000, 0x18, '\x00', 0x0, 0x6, r2, 0x8, &(0x7f0000000300)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0x1, 0x85, 0xfffffff9}, 0x10, 0x2a70b, r5, 0xa, &(0x7f0000000480)=[r2, r4, r3, r6, r7, r8, r2, r9], &(0x7f00000004c0)=[{0x3, 0x5, 0x4, 0x9}, {0x5, 0x5, 0x3, 0x7}, {0x1, 0x2, 0xf, 0xa}, {0xfffffff7, 0x2, 0x5, 0x7}, {0x4, 0x1, 0x5, 0x9}, {0x5, 0x4, 0x6, 0x3}, {0x3, 0x4, 0xe, 0x7}, {0x1, 0x3}, {0x3, 0x1, 0x3, 0x2}, {0x1, 0x5, 0x6, 0x1}], 0x10, 0x6}, 0x90)
socketpair$tipc(0x1e, 0xa00c7af7d56ed921, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
bind$tipc(r0, 0x0, 0x2)
r11 = socket$inet(0x2, 0x80000, 0x1)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r12=>0xffffffffffffffff})
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000008c0)={&(0x7f0000000640)="6f04179c4c82f33abd3dfb2dd6adf8e3e7af73b26629109a6fb8a7837a87b9c5daab17f19f1079e60a784fcd5e414cf525eee3077902135384d830ad31bd2b95a8e3eee4089ae2ec6574245b42c98750d7e036e26e93cbe6a15a041e458d34cb51dc23e71eebf672742da57b58e3bbf55568f1d5a08952cee55b641f4f920ac0cfc799510b60a051ac36c3a2c5c6dd75001e436038516d3069d09509921ecfa437313abae40e37aec032051259c00467590e5ac0f663b424b39795", &(0x7f0000000700)=""/11, &(0x7f0000000740)="a5004c762f51f5fa344e24a2714e0c755145dc3509054c8c258c7d2512ee92540d1ab1e9e5cacf8d01af4807bb8195bb4306538a8806268a468157fd5cab21a168ac6c9e0336cc1aa4e06b478d919a325ce988c758ebbb438d386ae77151e22e5d39dbf5c508598267df29fb71a844a5b544408edc499f290ef75c475d37e6984f3e6555bcff62dfd24141ffd4c2b85cefefa1434c787e59db2da85e106d892116b272594bdbcf808ddd1702e82bbae2", &(0x7f0000000800)="43864e5ad0838545baa855d58a26772a36c775acd63bef07585cefc51f092935fe9b52c3a236846750064c53183d9c6a85aa45d7dd578f6050a7886cc8e1cb3b07c88d1ed51ca2d071b988dcafd5f713194093912101fc447496433af462a1a0d6fb5a281c987a684d2be438b0aa5043bd92444d474f1891f86e0c7a8e4eac4eed91", 0x9, r5}, 0x38)
r13 = socket$inet_tcp(0x2, 0x1, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000140)={0x80000001, 0x0, &(0x7f0000000100)=[r11, r12, r13, r10]}, 0x4)

03:34:32 executing program 5:
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="0e0000000700000002fcf80018c2cd93d358f6c3ab026209523fddb10fc087d86680f3ba09289d66157c5e6a9675fd95c9e6ea79eb63f26321bc4eab6c2288b90dab4adf74148007a4d48ac9693cbc26995148a0c26dc8e0b701000000f17ae5d34c81c24ccda28d6ba1f0d15056daf4a45ecd21286e7ae157784aca4a6d0971647629b450ee6c4115fa301194603fbcd1ca355368ce6ddcab5667832cb7081118af9f3743ff77d111d05b87a9dd57d50c10dc06810a377270c842bed6987e316f5c519f0879fbc59705b8274d9fd63b44101fad75c94f1609e06acda57729349cd2ae1a888cdfaa5a9570c9abe17af77cd7a481e45adc59f78285fc32e6835c"], 0x104) (async)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) (async)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async)
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4) (async)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f00000001c0)=0x4, 0x4)

03:34:32 executing program 1:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000140), 0xfffffffffffffff9, 0x8000)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000180)="11f9febacc4fb2c9f6889e4f67b3f4eedec756cad5e7504a12eebe427c3d849e6abbc247ff03d2d0617b9dce0e91ca9d7139c79f414174f0e1c85eb0b153934cd1d0f078b3e2f7ee69b273f39465ddecf0e9648233b8137109c0467bb386566f5f16a9f7166f6469bab992d1a7c3934f8e68bbca501fe460c8a29177840420e82ba460d1a8bdc6b11a66b079c7f2c10b420ea6f57ed17db681", &(0x7f0000000240)=@buf="8ca001587f7fc7073a5511434469e01c604630f7bfa911ad6ba6ab4d00aa793164f3c986f3fd6dd3d4f7b48af1d9d0975b0813b5d24f8e07f5e3af13763384e6a976de2280533e862cda588e81de758ce9f086801fc67295d69c601eaff222c9099772063c", 0x4}, 0x20)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3fb, 0x1, 0x70bd2d, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4004)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async, rerun: 32)
bind$tipc(r2, 0x0, 0x0) (rerun: 32)

[ 2059.570895][  T983] FAULT_INJECTION: forcing a failure.
[ 2059.570895][  T983] name failslab, interval 1, probability 0, space 0, times 0
[ 2059.586880][  T983] CPU: 0 PID: 983 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2059.599724][  T983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2059.610051][  T983] Call Trace:
[ 2059.613182][  T983]  dump_stack+0x1d8/0x241
[ 2059.617441][  T983]  ? panic+0x896/0x896
[ 2059.621429][  T983]  ? check_preemption_disabled+0x9f/0x320
[ 2059.626991][  T983]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2059.634359][  T983]  ? _raw_spin_lock_bh+0xa4/0x1b0
[ 2059.639241][  T983]  ? debug_smp_processor_id+0x20/0x20
[ 2059.644430][  T983]  ? __debugfs_create_file+0x367/0x400
[ 2059.650596][  T983]  should_fail+0x71f/0x880
[ 2059.654842][  T983]  ? bdi_register_va+0x47d/0x610
[ 2059.659617][  T983]  ? setup_fault_attr+0x3d0/0x3d0
[ 2059.664474][  T983]  ? bdi_register+0xd1/0x120
[ 2059.668900][  T983]  ? __device_add_disk+0x551/0x1220
[ 2059.673945][  T983]  ? kobj_map+0x65/0x5a0
[ 2059.678013][  T983]  should_failslab+0x5/0x20
[ 2059.682349][  T983]  __kmalloc+0x51/0x2e0
[ 2059.686442][  T983]  kobj_map+0x65/0x5a0
[ 2059.690868][  T983]  ? disk_check_events+0x600/0x600
[ 2059.695820][  T983]  ? exact_match+0x20/0x20
[ 2059.700071][  T983]  __device_add_disk+0x65a/0x1220
[ 2059.705022][  T983]  ? device_add_disk+0x30/0x30
[ 2059.709705][  T983]  ? vsprintf+0x30/0x30
[ 2059.713871][  T983]  ? __alloc_disk_node+0x459/0x5a0
[ 2059.718821][  T983]  loop_add+0x573/0x740
[ 2059.722817][  T983]  loop_control_ioctl+0x448/0x620
[ 2059.727758][  T983]  ? loop_remove+0xa0/0xa0
[ 2059.732008][  T983]  ? memset+0x1f/0x40
[ 2059.735826][  T983]  ? fsnotify+0x1280/0x1340
[ 2059.740162][  T983]  ? loop_remove+0xa0/0xa0
[ 2059.746258][  T983]  do_vfs_ioctl+0x742/0x1720
[ 2059.750766][  T983]  ? ioctl_preallocate+0x250/0x250
[ 2059.755714][  T983]  ? __fget+0x407/0x490
[ 2059.759706][  T983]  ? fget_many+0x20/0x20
[ 2059.763780][  T983]  ? debug_smp_processor_id+0x20/0x20
03:34:32 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 79)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:32 executing program 3:
r0 = socket$tipc(0x1e, 0x7, 0x0) (async)
r1 = getpid()
r2 = syz_open_procfs(r1, 0x0)
r3 = syz_open_procfs(r1, &(0x7f00000000c0)='net/protocols\x00') (async)
r4 = syz_open_procfs(r1, &(0x7f0000000080)='net/nf_conntrack_expect\x00')
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88) (async, rerun: 64)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
r7 = openat$vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x10000, 0x0) (async, rerun: 64)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r8, 0x0, 0x0) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x46d, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_tracing={0x1a, 0x10, &(0x7f0000000180)=@raw=[@map_idx={0x18, 0x5439b18e8ff61aa6, 0x5, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x7f}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x8}, @ldst={0x3, 0x3, 0x1, 0x2, 0x2, 0xfffffffffffffffc, 0xffffffffffffffff}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2b8}, @map_val={0x18, 0x6, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x3ff}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xd6}, @jmp={0x5, 0x0, 0xd, 0x2, 0x8, 0xfffffffffffffff8}, @generic={0x4, 0x1, 0x5, 0x2, 0x7}, @alu={0x7, 0x0, 0x9, 0x5, 0xa, 0xffffffffffffffff, 0xfffffffffffffffc}], &(0x7f0000000200)='GPL\x00', 0x9, 0xa5, &(0x7f0000000240)=""/165, 0x41000, 0x18, '\x00', 0x0, 0x6, r2, 0x8, &(0x7f0000000300)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0x1, 0x85, 0xfffffff9}, 0x10, 0x2a70b, r5, 0xa, &(0x7f0000000480)=[r2, r4, r3, r6, r7, r8, r2, r9], &(0x7f00000004c0)=[{0x3, 0x5, 0x4, 0x9}, {0x5, 0x5, 0x3, 0x7}, {0x1, 0x2, 0xf, 0xa}, {0xfffffff7, 0x2, 0x5, 0x7}, {0x4, 0x1, 0x5, 0x9}, {0x5, 0x4, 0x6, 0x3}, {0x3, 0x4, 0xe, 0x7}, {0x1, 0x3}, {0x3, 0x1, 0x3, 0x2}, {0x1, 0x5, 0x6, 0x1}], 0x10, 0x6}, 0x90) (async)
socketpair$tipc(0x1e, 0xa00c7af7d56ed921, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff}) (async, rerun: 64)
bind$tipc(r0, 0x0, 0x2) (rerun: 64)
r11 = socket$inet(0x2, 0x80000, 0x1) (async, rerun: 64)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r12=>0xffffffffffffffff}) (async, rerun: 64)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000008c0)={&(0x7f0000000640)="6f04179c4c82f33abd3dfb2dd6adf8e3e7af73b26629109a6fb8a7837a87b9c5daab17f19f1079e60a784fcd5e414cf525eee3077902135384d830ad31bd2b95a8e3eee4089ae2ec6574245b42c98750d7e036e26e93cbe6a15a041e458d34cb51dc23e71eebf672742da57b58e3bbf55568f1d5a08952cee55b641f4f920ac0cfc799510b60a051ac36c3a2c5c6dd75001e436038516d3069d09509921ecfa437313abae40e37aec032051259c00467590e5ac0f663b424b39795", &(0x7f0000000700)=""/11, &(0x7f0000000740)="a5004c762f51f5fa344e24a2714e0c755145dc3509054c8c258c7d2512ee92540d1ab1e9e5cacf8d01af4807bb8195bb4306538a8806268a468157fd5cab21a168ac6c9e0336cc1aa4e06b478d919a325ce988c758ebbb438d386ae77151e22e5d39dbf5c508598267df29fb71a844a5b544408edc499f290ef75c475d37e6984f3e6555bcff62dfd24141ffd4c2b85cefefa1434c787e59db2da85e106d892116b272594bdbcf808ddd1702e82bbae2", &(0x7f0000000800)="43864e5ad0838545baa855d58a26772a36c775acd63bef07585cefc51f092935fe9b52c3a236846750064c53183d9c6a85aa45d7dd578f6050a7886cc8e1cb3b07c88d1ed51ca2d071b988dcafd5f713194093912101fc447496433af462a1a0d6fb5a281c987a684d2be438b0aa5043bd92444d474f1891f86e0c7a8e4eac4eed91", 0x9, r5}, 0x38) (async)
r13 = socket$inet_tcp(0x2, 0x1, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000140)={0x80000001, 0x0, &(0x7f0000000100)=[r11, r12, r13, r10]}, 0x4)

03:34:32 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00')
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f00000000c0)={0x636, 0x0, &(0x7f0000000080)=[r0, r4, r5, r1]}, 0x4)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0)

03:34:32 executing program 5:
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="0e0000000700000002fcf80018c2cd93d358f6c3ab026209523fddb10fc087d86680f3ba09289d66157c5e6a9675fd95c9e6ea79eb63f26321bc4eab6c2288b90dab4adf74148007a4d48ac9693cbc26995148a0c26dc8e0b701000000f17ae5d34c81c24ccda28d6ba1f0d15056daf4a45ecd21286e7ae157784aca4a6d0971647629b450ee6c4115fa301194603fbcd1ca355368ce6ddcab5667832cb7081118af9f3743ff77d111d05b87a9dd57d50c10dc06810a377270c842bed6987e316f5c519f0879fbc59705b8274d9fd63b44101fad75c94f1609e06acda57729349cd2ae1a888cdfaa5a9570c9abe17af77cd7a481e45adc59f78285fc32e6835c"], 0x104)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4) (async, rerun: 64)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f00000001c0)=0x4, 0x4) (rerun: 64)

03:34:32 executing program 1:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r0, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000140), 0xfffffffffffffff9, 0x8000)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000180)="11f9febacc4fb2c9f6889e4f67b3f4eedec756cad5e7504a12eebe427c3d849e6abbc247ff03d2d0617b9dce0e91ca9d7139c79f414174f0e1c85eb0b153934cd1d0f078b3e2f7ee69b273f39465ddecf0e9648233b8137109c0467bb386566f5f16a9f7166f6469bab992d1a7c3934f8e68bbca501fe460c8a29177840420e82ba460d1a8bdc6b11a66b079c7f2c10b420ea6f57ed17db681", &(0x7f0000000240)=@buf="8ca001587f7fc7073a5511434469e01c604630f7bfa911ad6ba6ab4d00aa793164f3c986f3fd6dd3d4f7b48af1d9d0975b0813b5d24f8e07f5e3af13763384e6a976de2280533e862cda588e81de758ce9f086801fc67295d69c601eaff222c9099772063c", 0x4}, 0x20)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3fb, 0x1, 0x70bd2d, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4004) (async)
sendmsg$AUDIT_GET_FEATURE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3fb, 0x1, 0x70bd2d, 0x25dfdbfb, "", ["", "", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4004)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
bind$tipc(r2, 0x0, 0x0) (async)
bind$tipc(r2, 0x0, 0x0)

03:34:32 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async, rerun: 64)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000001c0)={<r3=>0x0, @loopback, @loopback}, &(0x7f0000000200)=0xc) (async, rerun: 64)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000240)={<r4=>0x0, @multicast1, @empty}, &(0x7f0000000280)=0xc) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={0x1, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000880)={&(0x7f0000000380)={0x4d4, r1, 0x200, 0x70bd29, 0x25dfdbfc, {}, [{{0x8, 0x1, r2}, {0x254, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfff00000}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffff7a2}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xfff}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x95}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x400}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x49}}, {0x8, 0x6, r5}}}]}}, {{0x8}, {0x15c, 0x2, 0x0, 0x1, [{0x64, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x34, 0x4, [{0x10cc, 0x19, 0xff, 0x3}, {0x3, 0x81, 0xff, 0x8001}, {0x101, 0x7f, 0x20, 0x7fffffff}, {0x5, 0xae, 0x7, 0x7}, {0x81, 0xe1, 0xf0, 0x400}, {0x0, 0x3, 0x2, 0x5}]}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}]}}, {{0x8}, {0xf8, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffe}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}]}, 0x4d4}, 0x1, 0x0, 0x0, 0x50}, 0x4881) (async)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000040)=0x7, 0x4)

[ 2059.768998][  T983]  ? security_file_ioctl+0x7d/0xa0
[ 2059.773939][  T983]  __x64_sys_ioctl+0xd4/0x110
[ 2059.778453][  T983]  do_syscall_64+0xca/0x1c0
[ 2059.782792][  T983]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
03:34:32 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}) (async)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00')
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async, rerun: 64)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f00000000c0)={0x636, 0x0, &(0x7f0000000080)=[r0, r4, r5, r1]}, 0x4) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0)

03:34:32 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x1}}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_SET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x15c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x15c}, 0x1, 0x0, 0x0, 0xc0}, 0x800)

03:34:32 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x1, 0x3}, 0x2}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

03:34:32 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x1}}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_SET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x15c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x15c}, 0x1, 0x0, 0x0, 0xc0}, 0x800)
socket$tipc(0x1e, 0x2, 0x0) (async)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x1}}, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$DEVLINK_CMD_TRAP_SET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x15c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x15c}, 0x1, 0x0, 0x0, 0xc0}, 0x800) (async)

03:34:32 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x2, &(0x7f0000000380)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xcb}], &(0x7f00000003c0)='GPL\x00', 0x8, 0x39, &(0x7f0000000400)=""/57, 0x40f00, 0x2, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000440)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0xd, 0x3ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r4, 0xffffffffffffffff], 0x0, 0x10, 0x10000}, 0x90)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x13, 0xff, 0x3, 0x0, 0xa86, r3, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_ext={0x1c, 0xd, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x3}, [@map_fd={0x18, 0x0, 0x1, 0x0, r6}, @ldst={0x1, 0x0, 0x2, 0x7, 0x0, 0x18, 0xffffffffffffffff}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x6}, @exit, @map_val={0x18, 0x6, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x2}, @map_fd={0x18, 0x3, 0x1, 0x0, r7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0xfd, &(0x7f0000000100)=""/253, 0x40f00, 0xb3, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x7, 0x7fff, 0xffff}, 0x10, 0x1e1e3, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[r5], 0x0, 0x10, 0x7ff}, 0x90)

03:34:32 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x1, 0x3}, 0x2}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

[ 2059.913610][ T1013] FAULT_INJECTION: forcing a failure.
[ 2059.913610][ T1013] name failslab, interval 1, probability 0, space 0, times 0
[ 2059.948601][ T1013] CPU: 1 PID: 1013 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2059.959974][ T1013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2059.969865][ T1013] Call Trace:
[ 2059.973010][ T1013]  dump_stack+0x1d8/0x241
[ 2059.977778][ T1013]  ? panic+0x896/0x896
[ 2059.981683][ T1013]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[ 2059.987617][ T1013]  ? __kasan_kmalloc+0x1d9/0x210
[ 2059.992464][ T1013]  ? loop_add+0x573/0x740
[ 2059.996642][ T1013]  ? __kasan_kmalloc+0x171/0x210
[ 2060.001486][ T1013]  ? kobj_map+0x65/0x5a0
[ 2060.005570][ T1013]  ? __device_add_disk+0x65a/0x1220
[ 2060.010625][ T1013]  should_fail+0x71f/0x880
[ 2060.014869][ T1013]  ? setup_fault_attr+0x3d0/0x3d0
[ 2060.019715][ T1013]  ? kobject_set_name_vargs+0x5d/0x110
[ 2060.025015][ T1013]  should_failslab+0x5/0x20
[ 2060.029350][ T1013]  __kmalloc_track_caller+0x4f/0x2b0
[ 2060.034606][ T1013]  kstrdup_const+0x51/0x90
[ 2060.038932][ T1013]  kobject_set_name_vargs+0x5d/0x110
[ 2060.044045][ T1013]  dev_set_name+0xd1/0x120
[ 2060.048295][ T1013]  ? get_device+0x30/0x30
[ 2060.052462][ T1013]  ? kobj_map+0x567/0x5a0
[ 2060.056639][ T1013]  __device_add_disk+0x6de/0x1220
[ 2060.061494][ T1013]  ? device_add_disk+0x30/0x30
[ 2060.066177][ T1013]  ? __alloc_disk_node+0x459/0x5a0
[ 2060.071125][ T1013]  loop_add+0x573/0x740
[ 2060.075130][ T1013]  loop_control_ioctl+0x448/0x620
[ 2060.081021][ T1013]  ? loop_remove+0xa0/0xa0
[ 2060.085273][ T1013]  ? memset+0x1f/0x40
[ 2060.089086][ T1013]  ? fsnotify+0x1280/0x1340
[ 2060.093436][ T1013]  ? loop_remove+0xa0/0xa0
[ 2060.097682][ T1013]  do_vfs_ioctl+0x742/0x1720
[ 2060.102109][ T1013]  ? ioctl_preallocate+0x250/0x250
[ 2060.107059][ T1013]  ? __fget+0x407/0x490
[ 2060.111049][ T1013]  ? fget_many+0x20/0x20
[ 2060.115125][ T1013]  ? debug_smp_processor_id+0x20/0x20
[ 2060.120510][ T1013]  ? security_file_ioctl+0x7d/0xa0
[ 2060.125452][ T1013]  __x64_sys_ioctl+0xd4/0x110
[ 2060.129971][ T1013]  do_syscall_64+0xca/0x1c0
[ 2060.134491][ T1013]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2060.142215][ T1013] kobject_add_internal failed for queue (error: -2 parent: (null))
[ 2060.150349][ T1013] ------------[ cut here ]------------
[ 2060.155635][ T1013] WARNING: CPU: 1 PID: 1013 at fs/sysfs/file.c:328 sysfs_create_files+0x325/0x470
[ 2060.164723][ T1013] Modules linked in:
[ 2060.168562][ T1013] CPU: 1 PID: 1013 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2060.179920][ T1013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2060.189833][ T1013] RIP: 0010:sysfs_create_files+0x325/0x470
[ 2060.195587][ T1013] Code: c1 03 38 c1 0f 8c b7 fe ff ff 48 8d 7c 24 70 e8 71 11 d6 ff e9 a8 fe ff ff e8 37 51 a6 ff 31 db e9 ef 00 00 00 e8 2b 51 a6 ff <0f> 0b bb ea ff ff ff 4c 8b 74 24 08 eb 17 85 db 0f 84 cf 00 00 00
[ 2060.215076][ T1013] RSP: 0018:ffff8881caf07940 EFLAGS: 00010283
[ 2060.220981][ T1013] RAX: ffffffff81bde618 RBX: ffff8881f0afb0a0 RCX: 0000000000040000
[ 2060.228789][ T1013] RDX: ffffc90000b43000 RSI: 0000000000009cbe RDI: 0000000000009cbf
[ 2060.236601][ T1013] RBP: ffff8881caf07a10 R08: ffffffff8449b770 R09: ffffed103de1b8c8
[ 2060.244407][ T1013] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[ 2060.252394][ T1013] R13: ffffffff84f97dc0 R14: dffffc0000000000 R15: ffff8881f0afb070
[ 2060.260205][ T1013] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2060.268979][ T1013] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2060.275393][ T1013] CR2: 00007ffcf1811f78 CR3: 00000001cd5cb000 CR4: 00000000003406a0
[ 2060.283206][ T1013] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2060.291042][ T1013] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2060.298818][ T1013] Call Trace:
[ 2060.301965][ T1013]  ? __warn+0x162/0x250
[ 2060.305948][ T1013]  ? report_bug+0x3a1/0x4e0
[ 2060.310376][ T1013]  ? sysfs_create_files+0x325/0x470
[ 2060.315402][ T1013]  ? sysfs_create_files+0x325/0x470
[ 2060.320458][ T1013]  ? do_invalid_op+0x6e/0x110
[ 2060.324942][ T1013]  ? invalid_op+0x1e/0x30
[ 2060.329129][ T1013]  ? kobject_get+0xc0/0x110
[ 2060.333447][ T1013]  ? sysfs_create_files+0x458/0x470
[ 2060.338491][ T1013]  ? sysfs_create_files+0x325/0x470
[ 2060.343542][ T1013]  ? sysfs_create_file_ns+0x2a0/0x2a0
[ 2060.348816][ T1013]  ? kobject_get+0xc9/0x110
[ 2060.353150][ T1013]  __device_add_disk+0x949/0x1220
[ 2060.358016][ T1013]  ? device_add_disk+0x30/0x30
[ 2060.362700][ T1013]  ? __alloc_disk_node+0x459/0x5a0
[ 2060.367736][ T1013]  loop_add+0x573/0x740
[ 2060.371775][ T1013]  loop_control_ioctl+0x448/0x620
[ 2060.376594][ T1013]  ? loop_remove+0xa0/0xa0
[ 2060.380841][ T1013]  ? memset+0x1f/0x40
[ 2060.384667][ T1013]  ? fsnotify+0x1280/0x1340
[ 2060.389087][ T1013]  ? loop_remove+0xa0/0xa0
[ 2060.393427][ T1013]  do_vfs_ioctl+0x742/0x1720
[ 2060.397852][ T1013]  ? ioctl_preallocate+0x250/0x250
[ 2060.402812][ T1013]  ? __fget+0x407/0x490
[ 2060.406794][ T1013]  ? fget_many+0x20/0x20
[ 2060.410867][ T1013]  ? debug_smp_processor_id+0x20/0x20
[ 2060.416088][ T1013]  ? security_file_ioctl+0x7d/0xa0
[ 2060.421042][ T1013]  __x64_sys_ioctl+0xd4/0x110
[ 2060.425716][ T1013]  do_syscall_64+0xca/0x1c0
[ 2060.430054][ T1013]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2060.435789][ T1013] ---[ end trace 47f897a1e9344b24 ]---
[ 2060.441708][ T1013] ------------[ cut here ]------------
[ 2060.447131][ T1013] kernfs: can not remove 'events', no directory
[ 2060.453871][ T1013] WARNING: CPU: 1 PID: 1013 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.463387][ T1013] Modules linked in:
[ 2060.467133][ T1013] CPU: 1 PID: 1013 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2060.478514][ T1013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2060.488494][ T1013] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.494566][ T1013] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 ce ae a6 ff 48 c7 c7 40 8d e5 84 4c 89 fe e8 9f 69 7d ff <0f> 0b bb fe ff ff ff eb 16 e8 b1 ae a6 ff bb fe ff ff ff 48 c7 c7
[ 2060.514011][ T1013] RSP: 0018:ffff8881caf07918 EFLAGS: 00010246
[ 2060.519998][ T1013] RAX: 1a85fe6525de1300 RBX: 0000000000000000 RCX: 0000000000040000
[ 2060.527804][ T1013] RDX: ffffc90000b43000 RSI: 0000000000012843 RDI: 0000000000012844
[ 2060.535610][ T1013] RBP: ffff8881caf07a10 R08: ffffffff814d59f2 R09: ffffed103edea9b8
[ 2060.543419][ T1013] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[ 2060.551233][ T1013] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff84f97e80
[ 2060.559041][ T1013] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2060.567809][ T1013] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2060.574238][ T1013] CR2: 00007ffcf1811f78 CR3: 00000001cd5cb000 CR4: 00000000003406a0
[ 2060.582041][ T1013] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2060.589843][ T1013] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2060.597653][ T1013] Call Trace:
[ 2060.600792][ T1013]  ? __warn+0x162/0x250
[ 2060.604815][ T1013]  ? report_bug+0x3a1/0x4e0
[ 2060.609197][ T1013]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.614601][ T1013]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.620052][ T1013]  ? do_invalid_op+0x6e/0x110
[ 2060.624601][ T1013]  ? invalid_op+0x1e/0x30
[ 2060.628740][ T1013]  ? wake_up_klogd+0xb2/0xf0
[ 2060.633160][ T1013]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.638622][ T1013]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.644092][ T1013]  sysfs_create_files+0x3de/0x470
[ 2060.648957][ T1013]  ? sysfs_create_file_ns+0x2a0/0x2a0
[ 2060.654162][ T1013]  ? kobject_get+0xc9/0x110
[ 2060.658499][ T1013]  __device_add_disk+0x949/0x1220
[ 2060.663361][ T1013]  ? device_add_disk+0x30/0x30
[ 2060.667958][ T1013]  ? __alloc_disk_node+0x459/0x5a0
[ 2060.672909][ T1013]  loop_add+0x573/0x740
[ 2060.676901][ T1013]  loop_control_ioctl+0x448/0x620
[ 2060.681759][ T1013]  ? loop_remove+0xa0/0xa0
[ 2060.686731][ T1013]  ? memset+0x1f/0x40
[ 2060.690528][ T1013]  ? fsnotify+0x1280/0x1340
[ 2060.694867][ T1013]  ? loop_remove+0xa0/0xa0
[ 2060.699120][ T1013]  do_vfs_ioctl+0x742/0x1720
[ 2060.703551][ T1013]  ? ioctl_preallocate+0x250/0x250
[ 2060.708496][ T1013]  ? __fget+0x407/0x490
[ 2060.712482][ T1013]  ? fget_many+0x20/0x20
[ 2060.716563][ T1013]  ? debug_smp_processor_id+0x20/0x20
[ 2060.721773][ T1013]  ? security_file_ioctl+0x7d/0xa0
[ 2060.726721][ T1013]  __x64_sys_ioctl+0xd4/0x110
[ 2060.731236][ T1013]  do_syscall_64+0xca/0x1c0
[ 2060.735751][ T1013]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2060.741473][ T1013] ---[ end trace 47f897a1e9344b25 ]---
[ 2060.747884][ T1013] loop0: failed to create sysfs files for events
03:34:33 executing program 0:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

03:34:33 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/anycast6\x00')
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f00000000c0)={0x636, 0x0, &(0x7f0000000080)=[r0, r4, r5, r1]}, 0x4) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, 0x0, 0x0)

03:34:33 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async, rerun: 64)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (rerun: 64)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x2, &(0x7f0000000380)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xcb}], &(0x7f00000003c0)='GPL\x00', 0x8, 0x39, &(0x7f0000000400)=""/57, 0x40f00, 0x2, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000440)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0xd, 0x3ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r4, 0xffffffffffffffff], 0x0, 0x10, 0x10000}, 0x90)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x13, 0xff, 0x3, 0x0, 0xa86, r3, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_ext={0x1c, 0xd, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x3}, [@map_fd={0x18, 0x0, 0x1, 0x0, r6}, @ldst={0x1, 0x0, 0x2, 0x7, 0x0, 0x18, 0xffffffffffffffff}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x6}, @exit, @map_val={0x18, 0x6, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x2}, @map_fd={0x18, 0x3, 0x1, 0x0, r7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0xfd, &(0x7f0000000100)=""/253, 0x40f00, 0xb3, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x7, 0x7fff, 0xffff}, 0x10, 0x1e1e3, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[r5], 0x0, 0x10, 0x7ff}, 0x90)

03:34:33 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x3, {{0x1, 0x3}, 0x2}}, 0x10) (async)
bind$tipc(r0, 0x0, 0x0)

03:34:33 executing program 3:
r0 = socket$tipc(0x1e, 0x7, 0x0) (async)
r1 = getpid()
r2 = syz_open_procfs(r1, 0x0) (async)
r3 = syz_open_procfs(r1, &(0x7f00000000c0)='net/protocols\x00') (async)
r4 = syz_open_procfs(r1, &(0x7f0000000080)='net/nf_conntrack_expect\x00')
setsockopt$TIPC_GROUP_LEAVE(r4, 0x10f, 0x88) (async)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) (async, rerun: 64)
r7 = openat$vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x10000, 0x0) (async, rerun: 64)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r8, 0x0, 0x0) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x1b, 0x46d, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_tracing={0x1a, 0x10, &(0x7f0000000180)=@raw=[@map_idx={0x18, 0x5439b18e8ff61aa6, 0x5, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x7f}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x8}, @ldst={0x3, 0x3, 0x1, 0x2, 0x2, 0xfffffffffffffffc, 0xffffffffffffffff}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2b8}, @map_val={0x18, 0x6, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x3ff}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xd6}, @jmp={0x5, 0x0, 0xd, 0x2, 0x8, 0xfffffffffffffff8}, @generic={0x4, 0x1, 0x5, 0x2, 0x7}, @alu={0x7, 0x0, 0x9, 0x5, 0xa, 0xffffffffffffffff, 0xfffffffffffffffc}], &(0x7f0000000200)='GPL\x00', 0x9, 0xa5, &(0x7f0000000240)=""/165, 0x41000, 0x18, '\x00', 0x0, 0x6, r2, 0x8, &(0x7f0000000300)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x4, 0x1, 0x85, 0xfffffff9}, 0x10, 0x2a70b, r5, 0xa, &(0x7f0000000480)=[r2, r4, r3, r6, r7, r8, r2, r9], &(0x7f00000004c0)=[{0x3, 0x5, 0x4, 0x9}, {0x5, 0x5, 0x3, 0x7}, {0x1, 0x2, 0xf, 0xa}, {0xfffffff7, 0x2, 0x5, 0x7}, {0x4, 0x1, 0x5, 0x9}, {0x5, 0x4, 0x6, 0x3}, {0x3, 0x4, 0xe, 0x7}, {0x1, 0x3}, {0x3, 0x1, 0x3, 0x2}, {0x1, 0x5, 0x6, 0x1}], 0x10, 0x6}, 0x90) (async)
socketpair$tipc(0x1e, 0xa00c7af7d56ed921, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff}) (async)
bind$tipc(r0, 0x0, 0x2) (async)
r11 = socket$inet(0x2, 0x80000, 0x1) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={<r12=>0xffffffffffffffff})
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f00000008c0)={&(0x7f0000000640)="6f04179c4c82f33abd3dfb2dd6adf8e3e7af73b26629109a6fb8a7837a87b9c5daab17f19f1079e60a784fcd5e414cf525eee3077902135384d830ad31bd2b95a8e3eee4089ae2ec6574245b42c98750d7e036e26e93cbe6a15a041e458d34cb51dc23e71eebf672742da57b58e3bbf55568f1d5a08952cee55b641f4f920ac0cfc799510b60a051ac36c3a2c5c6dd75001e436038516d3069d09509921ecfa437313abae40e37aec032051259c00467590e5ac0f663b424b39795", &(0x7f0000000700)=""/11, &(0x7f0000000740)="a5004c762f51f5fa344e24a2714e0c755145dc3509054c8c258c7d2512ee92540d1ab1e9e5cacf8d01af4807bb8195bb4306538a8806268a468157fd5cab21a168ac6c9e0336cc1aa4e06b478d919a325ce988c758ebbb438d386ae77151e22e5d39dbf5c508598267df29fb71a844a5b544408edc499f290ef75c475d37e6984f3e6555bcff62dfd24141ffd4c2b85cefefa1434c787e59db2da85e106d892116b272594bdbcf808ddd1702e82bbae2", &(0x7f0000000800)="43864e5ad0838545baa855d58a26772a36c775acd63bef07585cefc51f092935fe9b52c3a236846750064c53183d9c6a85aa45d7dd578f6050a7886cc8e1cb3b07c88d1ed51ca2d071b988dcafd5f713194093912101fc447496433af462a1a0d6fb5a281c987a684d2be438b0aa5043bd92444d474f1891f86e0c7a8e4eac4eed91", 0x9, r5}, 0x38)
r13 = socket$inet_tcp(0x2, 0x1, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000140)={0x80000001, 0x0, &(0x7f0000000100)=[r11, r12, r13, r10]}, 0x4)

03:34:33 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}, 0x1}}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_SET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x15c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x15c}, 0x1, 0x0, 0x0, 0xc0}, 0x800)

03:34:33 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000080)=0x4)
bind$tipc(r0, 0x0, 0x0)

03:34:33 executing program 5:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x0, 0x40002}}, 0x10)

03:34:33 executing program 1:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x2, {{0x1, 0x1}}}, 0x10) (async)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000), &(0x7f0000000080)=0x4)
bind$tipc(r0, 0x0, 0x0)

03:34:33 executing program 2:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x2, &(0x7f0000000380)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xcb}], &(0x7f00000003c0)='GPL\x00', 0x8, 0x39, &(0x7f0000000400)=""/57, 0x40f00, 0x2, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000440)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0xd, 0x3ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r4, 0xffffffffffffffff], 0x0, 0x10, 0x10000}, 0x90)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x13, 0xff, 0x3, 0x0, 0xa86, r3, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48)
r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_ext={0x1c, 0xd, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x3}, [@map_fd={0x18, 0x0, 0x1, 0x0, r6}, @ldst={0x1, 0x0, 0x2, 0x7, 0x0, 0x18, 0xffffffffffffffff}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x6}, @exit, @map_val={0x18, 0x6, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x2}, @map_fd={0x18, 0x3, 0x1, 0x0, r7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0xfd, &(0x7f0000000100)=""/253, 0x40f00, 0xb3, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x7, 0x7fff, 0xffff}, 0x10, 0x1e1e3, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[r5], 0x0, 0x10, 0x7ff}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
getsockopt$inet_pktinfo(r0, 0x6, 0x8, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r2, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r3, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r4, 0x0, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x2, &(0x7f0000000380)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xcb}], &(0x7f00000003c0)='GPL\x00', 0x8, 0x39, &(0x7f0000000400)=""/57, 0x40f00, 0x2, '\x00', 0x0, 0x25, r3, 0x8, &(0x7f0000000440)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000480)={0x1, 0xd, 0x3ff}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r4, 0xffffffffffffffff], 0x0, 0x10, 0x10000}, 0x90) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r5, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x13, 0xff, 0x3, 0x0, 0xa86, r3, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4}, 0x48) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) (async)
sendmsg$TEAM_CMD_OPTIONS_GET(r7, 0x0, 0x0) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000002c0)=@bpf_ext={0x1c, 0xd, &(0x7f0000000640)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x3}, [@map_fd={0x18, 0x0, 0x1, 0x0, r6}, @ldst={0x1, 0x0, 0x2, 0x7, 0x0, 0x18, 0xffffffffffffffff}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x6}, @exit, @map_val={0x18, 0x6, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x2}, @map_fd={0x18, 0x3, 0x1, 0x0, r7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0xfd, &(0x7f0000000100)=""/253, 0x40f00, 0xb3, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x7, 0x7fff, 0xffff}, 0x10, 0x1e1e3, 0xffffffffffffffff, 0x0, &(0x7f0000000280)=[r5], 0x0, 0x10, 0x7ff}, 0x90) (async)

03:34:33 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0)
r1 = accept4$tipc(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80800)
accept4$tipc(r1, &(0x7f00000000c0)=@name, &(0x7f0000000100)=0x10, 0x800)

03:34:33 executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, 0x0, 0x2)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, 0x0, 0x0)
sendmsg$AUDIT_SET_FEATURE(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x4, 0x70bd2c, 0x25dfdbfb, {0x1, 0x1, 0x1}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20040004}, 0x40014)
connect$tipc(r1, &(0x7f0000000000)=@id={0x1e, 0x3, 0x3, {0x4e20, 0x3}}, 0x10)

[ 2060.843571][ T1050] ------------[ cut here ]------------
[ 2060.862647][ T1050] kernfs: can not remove 'events', no directory
[ 2060.902805][ T1050] WARNING: CPU: 0 PID: 1050 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.912528][ T1050] Modules linked in:
[ 2060.916305][ T1050] CPU: 0 PID: 1050 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2060.927659][ T1050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2060.937570][ T1050] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100
[ 2060.943723][ T1050] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 ce ae a6 ff 48 c7 c7 40 8d e5 84 4c 89 fe e8 9f 69 7d ff <0f> 0b bb fe ff ff ff eb 16 e8 b1 ae a6 ff bb fe ff ff ff 48 c7 c7
[ 2060.963256][ T1050] RSP: 0018:ffff8881e7d87a38 EFLAGS: 00010246
[ 2060.969173][ T1050] RAX: dc8e13e448832a00 RBX: 0000000000000000 RCX: ffff8881e5648000
[ 2060.976961][ T1050] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000
[ 2060.984789][ T1050] RBP: ffffffff86064e00 R08: ffffffff814d59f2 R09: 00000000000006a4
[ 2060.992585][ T1050] R10: 0000000000200000 R11: dffffc0000000001 R12: 0000000000000000
[ 2061.000398][ T1050] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84f97e80
[ 2061.008473][ T1050] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2061.017237][ T1050] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2061.023657][ T1050] CR2: 00007fcb7193cd58 CR3: 00000001e9196000 CR4: 00000000003406b0
[ 2061.031471][ T1050] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2061.039278][ T1050] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2061.047083][ T1050] Call Trace:
[ 2061.050224][ T1050]  ? __warn+0x162/0x250
[ 2061.054390][ T1050]  ? report_bug+0x3a1/0x4e0
[ 2061.058751][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.064815][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.070514][ T1050]  ? do_invalid_op+0x6e/0x110
[ 2061.075114][ T1050]  ? invalid_op+0x1e/0x30
[ 2061.079900][ T1050]  ? wake_up_klogd+0xb2/0xf0
[ 2061.084302][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.089860][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.095321][ T1050]  sysfs_remove_files+0x91/0xe0
[ 2061.100009][ T1050]  del_gendisk+0x26e/0xc30
[ 2061.104260][ T1050]  ? avc_flush+0x1f0/0x1f0
[ 2061.108521][ T1050]  ? device_add_disk_no_queue_reg+0x20/0x20
[ 2061.114262][ T1050]  ? delete_node+0x706/0x780
[ 2061.118780][ T1050]  loop_remove+0x42/0xa0
[ 2061.122922][ T1050]  loop_control_ioctl+0x564/0x620
[ 2061.127780][ T1050]  ? loop_remove+0xa0/0xa0
[ 2061.132040][ T1050]  ? loop_remove+0xa0/0xa0
[ 2061.136289][ T1050]  do_vfs_ioctl+0x742/0x1720
[ 2061.140721][ T1050]  ? ioctl_preallocate+0x250/0x250
[ 2061.145663][ T1050]  ? __fget+0x407/0x490
[ 2061.149650][ T1050]  ? fget_many+0x20/0x20
[ 2061.153739][ T1050]  ? switch_fpu_return+0x1d4/0x410
[ 2061.158679][ T1050]  ? security_file_ioctl+0x7d/0xa0
[ 2061.163625][ T1050]  __x64_sys_ioctl+0xd4/0x110
[ 2061.168144][ T1050]  do_syscall_64+0xca/0x1c0
[ 2061.172477][ T1050]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2061.178211][ T1050] ---[ end trace 47f897a1e9344b26 ]---
[ 2061.199090][ T1050] ------------[ cut here ]------------
[ 2061.205258][ T1050] kernfs: can not remove 'events_async', no directory
[ 2061.212303][ T1050] WARNING: CPU: 0 PID: 1050 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.221966][ T1050] Modules linked in:
[ 2061.225662][ T1050] CPU: 0 PID: 1050 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2061.237020][ T1050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2061.247019][ T1050] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.253170][ T1050] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 ce ae a6 ff 48 c7 c7 40 8d e5 84 4c 89 fe e8 9f 69 7d ff <0f> 0b bb fe ff ff ff eb 16 e8 b1 ae a6 ff bb fe ff ff ff 48 c7 c7
[ 2061.272610][ T1050] RSP: 0018:ffff8881e7d87a38 EFLAGS: 00010246
[ 2061.278505][ T1050] RAX: dc8e13e448832a00 RBX: 0000000000000000 RCX: ffff8881e5648000
[ 2061.286318][ T1050] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000
[ 2061.294130][ T1050] RBP: ffffffff86064e00 R08: ffffffff814d59f2 R09: 000000000000e745
[ 2061.301938][ T1050] R10: 0000000000200000 R11: dffffc0000000001 R12: 0000000000000000
[ 2061.309752][ T1050] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84f97f20
[ 2061.317565][ T1050] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 2061.326603][ T1050] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2061.333151][ T1050] CR2: 0000555555bed818 CR3: 00000001e9196000 CR4: 00000000003406b0
[ 2061.340937][ T1050] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2061.348827][ T1050] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2061.356720][ T1050] Call Trace:
[ 2061.360126][ T1050]  ? __warn+0x162/0x250
[ 2061.364117][ T1050]  ? report_bug+0x3a1/0x4e0
[ 2061.368456][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.373923][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.379387][ T1050]  ? do_invalid_op+0x6e/0x110
[ 2061.383902][ T1050]  ? invalid_op+0x1e/0x30
[ 2061.388156][ T1050]  ? wake_up_klogd+0xb2/0xf0
[ 2061.392582][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.398051][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.403518][ T1050]  sysfs_remove_files+0x91/0xe0
[ 2061.408202][ T1050]  del_gendisk+0x26e/0xc30
[ 2061.412453][ T1050]  ? avc_flush+0x1f0/0x1f0
[ 2061.416708][ T1050]  ? device_add_disk_no_queue_reg+0x20/0x20
[ 2061.422434][ T1050]  ? delete_node+0x706/0x780
[ 2061.426864][ T1050]  loop_remove+0x42/0xa0
[ 2061.430941][ T1050]  loop_control_ioctl+0x564/0x620
[ 2061.435803][ T1050]  ? loop_remove+0xa0/0xa0
[ 2061.440065][ T1050]  ? loop_remove+0xa0/0xa0
[ 2061.444546][ T1050]  do_vfs_ioctl+0x742/0x1720
[ 2061.448958][ T1050]  ? ioctl_preallocate+0x250/0x250
[ 2061.453908][ T1050]  ? __fget+0x407/0x490
[ 2061.457922][ T1050]  ? fget_many+0x20/0x20
[ 2061.461985][ T1050]  ? switch_fpu_return+0x1d4/0x410
[ 2061.466922][ T1050]  ? security_file_ioctl+0x7d/0xa0
[ 2061.471900][ T1050]  __x64_sys_ioctl+0xd4/0x110
[ 2061.476382][ T1050]  do_syscall_64+0xca/0x1c0
[ 2061.480720][ T1050]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2061.486448][ T1050] ---[ end trace 47f897a1e9344b27 ]---
[ 2061.498137][ T1050] ------------[ cut here ]------------
[ 2061.505543][ T1050] kernfs: can not remove 'events_poll_msecs', no directory
[ 2061.513531][ T1050] WARNING: CPU: 1 PID: 1050 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.523137][ T1050] Modules linked in:
[ 2061.526884][ T1050] CPU: 1 PID: 1050 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2061.538333][ T1050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2061.548242][ T1050] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.554467][ T1050] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 ce ae a6 ff 48 c7 c7 40 8d e5 84 4c 89 fe e8 9f 69 7d ff <0f> 0b bb fe ff ff ff eb 16 e8 b1 ae a6 ff bb fe ff ff ff 48 c7 c7
[ 2061.574167][ T1050] RSP: 0018:ffff8881e7d87a38 EFLAGS: 00010246
[ 2061.580244][ T1050] RAX: dc8e13e448832a00 RBX: 0000000000000000 RCX: ffff8881e5648000
[ 2061.588048][ T1050] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000
[ 2061.595864][ T1050] RBP: ffffffff86064e00 R08: ffffffff814d59f2 R09: 000000000000ffff
[ 2061.603729][ T1050] R10: 0000000000200000 R11: dffffc0000000001 R12: 0000000000000000
[ 2061.611580][ T1050] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84f97f40
[ 2061.619946][ T1050] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2061.629148][ T1050] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2061.635743][ T1050] CR2: 00007fee521a6038 CR3: 00000001e9196000 CR4: 00000000003406a0
[ 2061.643722][ T1050] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2061.651538][ T1050] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2061.659337][ T1050] Call Trace:
[ 2061.662473][ T1050]  ? __warn+0x162/0x250
[ 2061.666644][ T1050]  ? report_bug+0x3a1/0x4e0
[ 2061.670974][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.676445][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.681920][ T1050]  ? do_invalid_op+0x6e/0x110
[ 2061.686525][ T1050]  ? invalid_op+0x1e/0x30
[ 2061.690688][ T1050]  ? wake_up_klogd+0xb2/0xf0
[ 2061.695110][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.700573][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.706043][ T1050]  sysfs_remove_files+0x91/0xe0
[ 2061.710734][ T1050]  del_gendisk+0x26e/0xc30
[ 2061.715088][ T1050]  ? avc_flush+0x1f0/0x1f0
[ 2061.719430][ T1050]  ? device_add_disk_no_queue_reg+0x20/0x20
[ 2061.725287][ T1050]  ? delete_node+0x706/0x780
[ 2061.729903][ T1050]  loop_remove+0x42/0xa0
[ 2061.733964][ T1050]  loop_control_ioctl+0x564/0x620
[ 2061.738839][ T1050]  ? loop_remove+0xa0/0xa0
[ 2061.743165][ T1050]  ? loop_remove+0xa0/0xa0
[ 2061.747406][ T1050]  do_vfs_ioctl+0x742/0x1720
[ 2061.752019][ T1050]  ? ioctl_preallocate+0x250/0x250
[ 2061.756967][ T1050]  ? __fget+0x407/0x490
[ 2061.760949][ T1050]  ? fget_many+0x20/0x20
[ 2061.765104][ T1050]  ? switch_fpu_return+0x1d4/0x410
[ 2061.770051][ T1050]  ? security_file_ioctl+0x7d/0xa0
[ 2061.775169][ T1050]  __x64_sys_ioctl+0xd4/0x110
[ 2061.780056][ T1050]  do_syscall_64+0xca/0x1c0
[ 2061.784394][ T1050]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2061.790129][ T1050] ---[ end trace 47f897a1e9344b28 ]---
[ 2061.797542][ T1050] ------------[ cut here ]------------
[ 2061.818155][ T1050] kernfs: can not remove 'bdi', no directory
[ 2061.824115][ T1050] WARNING: CPU: 1 PID: 1050 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.833632][ T1050] Modules linked in:
[ 2061.837373][ T1050] CPU: 1 PID: 1050 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2061.848729][ T1050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2061.858635][ T1050] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.864704][ T1050] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 ce ae a6 ff 48 c7 c7 40 8d e5 84 4c 89 fe e8 9f 69 7d ff <0f> 0b bb fe ff ff ff eb 16 e8 b1 ae a6 ff bb fe ff ff ff 48 c7 c7
[ 2061.884237][ T1050] RSP: 0018:ffff8881e7d87a78 EFLAGS: 00010246
[ 2061.890132][ T1050] RAX: dc8e13e448832a00 RBX: 0000000000000000 RCX: ffff8881e5648000
[ 2061.898038][ T1050] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000
[ 2061.905897][ T1050] RBP: ffff8881e7d87b88 R08: ffffffff814d59f2 R09: 000000000000ffff
[ 2061.913662][ T1050] R10: 0000000000200000 R11: dffffc0000000001 R12: ffff8881f0afb000
[ 2061.921473][ T1050] R13: ffff8881f0afb4e8 R14: 0000000000000000 R15: ffffffff84f979e0
[ 2061.929296][ T1050] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2061.938064][ T1050] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2061.944472][ T1050] CR2: 00007fee521a6038 CR3: 00000001e9196000 CR4: 00000000003406a0
[ 2061.952287][ T1050] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2061.960091][ T1050] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2061.967902][ T1050] Call Trace:
[ 2061.971043][ T1050]  ? __warn+0x162/0x250
[ 2061.975027][ T1050]  ? report_bug+0x3a1/0x4e0
[ 2061.979369][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.984835][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2061.990306][ T1050]  ? do_invalid_op+0x6e/0x110
[ 2061.994997][ T1050]  ? invalid_op+0x1e/0x30
[ 2061.999155][ T1050]  ? wake_up_klogd+0xb2/0xf0
[ 2062.003582][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2062.009049][ T1050]  ? kernfs_remove_by_name_ns+0xb1/0x100
[ 2062.014519][ T1050]  del_gendisk+0x5a1/0xc30
[ 2062.018774][ T1050]  ? device_add_disk_no_queue_reg+0x20/0x20
[ 2062.024499][ T1050]  ? delete_node+0x706/0x780
[ 2062.028928][ T1050]  loop_remove+0x42/0xa0
[ 2062.033005][ T1050]  loop_control_ioctl+0x564/0x620
[ 2062.037865][ T1050]  ? loop_remove+0xa0/0xa0
[ 2062.042121][ T1050]  ? loop_remove+0xa0/0xa0
[ 2062.046371][ T1050]  do_vfs_ioctl+0x742/0x1720
[ 2062.050798][ T1050]  ? ioctl_preallocate+0x250/0x250
[ 2062.055748][ T1050]  ? __fget+0x407/0x490
[ 2062.059737][ T1050]  ? fget_many+0x20/0x20
[ 2062.063818][ T1050]  ? switch_fpu_return+0x1d4/0x410
[ 2062.068956][ T1050]  ? security_file_ioctl+0x7d/0xa0
[ 2062.073901][ T1050]  __x64_sys_ioctl+0xd4/0x110
[ 2062.078417][ T1050]  do_syscall_64+0xca/0x1c0
[ 2062.082769][ T1050]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2062.088491][ T1050] ---[ end trace 47f897a1e9344b29 ]---
[ 2062.114810][ T1050] kasan: CONFIG_KASAN_INLINE enabled
[ 2062.120005][ T1050] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 2062.127998][ T1050] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 2062.134757][ T1050] CPU: 1 PID: 1050 Comm: syz-executor.0 Tainted: G        W         5.4.249-syzkaller-00002-g19cff29fe49c #0
[ 2062.146290][ T1050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[ 2062.156335][ T1050] RIP: 0010:strlen+0x28/0x60
[ 2062.160751][ T1050] Code: 40 00 41 57 41 56 41 54 53 49 89 fe 48 c7 c0 ff ff ff ff 49 bf 00 00 00 00 00 fc ff df 48 89 fb 49 89 c4 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 12 48 ff c3 49 8d 44 24 01 43 80 7c 26 01
[ 2062.180273][ T1050] RSP: 0018:ffff8881e7d87a00 EFLAGS: 00010246
[ 2062.186171][ T1050] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90000b43001
[ 2062.193983][ T1050] RDX: 00000000001fffe0 RSI: 0000000000000000 RDI: 0000000000000000
[ 2062.201801][ T1050] RBP: 0000000000000000 R08: ffffffff81bd56dc R09: 000000000000ffff
[ 2062.209617][ T1050] R10: 0000000000200000 R11: dffffc0000000001 R12: ffffffffffffffff
[ 2062.217641][ T1050] R13: dffffc0000000000 R14: 0000000000000000 R15: dffffc0000000000
[ 2062.225470][ T1050] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2062.234586][ T1050] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2062.241003][ T1050] CR2: 00007fee521a6038 CR3: 00000001e9196000 CR4: 00000000003406a0
[ 2062.248819][ T1050] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2062.256626][ T1050] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2062.264528][ T1050] Call Trace:
[ 2062.268093][ T1050]  ? __die+0xb4/0x100
[ 2062.271904][ T1050]  ? die+0x26/0x50
[ 2062.275462][ T1050]  ? do_general_protection+0x266/0x3c0
[ 2062.280760][ T1050]  ? do_trap+0x340/0x340
[ 2062.284844][ T1050]  ? general_protection+0x28/0x30
[ 2062.289702][ T1050]  ? kernfs_find_ns+0x6c/0x440
[ 2062.294298][ T1050]  ? strlen+0x28/0x60
[ 2062.298229][ T1050]  kernfs_find_ns+0x83/0x440
[ 2062.302684][ T1050]  kernfs_remove_by_name_ns+0x37/0x100
[ 2062.307942][ T1050]  del_gendisk+0x9c7/0xc30
[ 2062.312214][ T1050]  ? device_add_disk_no_queue_reg+0x20/0x20
[ 2062.317921][ T1050]  ? delete_node+0x706/0x780
[ 2062.322355][ T1050]  loop_remove+0x42/0xa0
[ 2062.326430][ T1050]  loop_control_ioctl+0x564/0x620
[ 2062.331292][ T1050]  ? loop_remove+0xa0/0xa0
[ 2062.335548][ T1050]  ? loop_remove+0xa0/0xa0
[ 2062.339791][ T1050]  do_vfs_ioctl+0x742/0x1720
[ 2062.344221][ T1050]  ? ioctl_preallocate+0x250/0x250
[ 2062.349168][ T1050]  ? __fget+0x407/0x490
[ 2062.353164][ T1050]  ? fget_many+0x20/0x20
[ 2062.357239][ T1050]  ? switch_fpu_return+0x1d4/0x410
[ 2062.362202][ T1050]  ? security_file_ioctl+0x7d/0xa0
[ 2062.367160][ T1050]  __x64_sys_ioctl+0xd4/0x110
[ 2062.371645][ T1050]  do_syscall_64+0xca/0x1c0
[ 2062.375985][ T1050]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[ 2062.381702][ T1050] Modules linked in:
[ 2062.388770][ T1050] ---[ end trace 47f897a1e9344b2a ]---
[ 2062.394130][ T1050] RIP: 0010:strlen+0x28/0x60
[ 2062.398799][ T1050] Code: 40 00 41 57 41 56 41 54 53 49 89 fe 48 c7 c0 ff ff ff ff 49 bf 00 00 00 00 00 fc ff df 48 89 fb 49 89 c4 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 12 48 ff c3 49 8d 44 24 01 43 80 7c 26 01
[ 2062.418940][ T1050] RSP: 0018:ffff8881e7d87a00 EFLAGS: 00010246
[ 2062.426283][ T1050] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90000b43001
[ 2062.434722][ T1050] RDX: 00000000001fffe0 RSI: 0000000000000000 RDI: 0000000000000000
[ 2062.443281][ T1050] RBP: 0000000000000000 R08: ffffffff81bd56dc R09: 000000000000ffff
[ 2062.451429][ T1050] R10: 0000000000200000 R11: dffffc0000000001 R12: ffffffffffffffff
[ 2062.459584][ T1050] R13: dffffc0000000000 R14: 0000000000000000 R15: dffffc0000000000
[ 2062.467537][ T1050] FS:  00007fcb7195d6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 2062.476597][ T1050] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2062.488118][ T1050] CR2: 00007fee521a6038 CR3: 00000001e9196000 CR4: 00000000003406a0
[ 2062.495982][ T1050] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2062.504075][ T1050] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2062.513211][ T1050] Kernel panic - not syncing: Fatal exception
[ 2062.519494][ T1050] Kernel Offset: disabled
[ 2062.523722][ T1050] Rebooting in 86400 seconds..