00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006fdb1baf0593b08001ac55214316d6daa8f0b2e713ba98d18c448e85a03a484f7d31b2ba5053a08a373b0b52d5dd86cadfd772df696f59c108f0a4e4afb495b5e0324fbdf55822eb18d381e30cd1bd4b39f0f80e5099d45360ce4abe88422b60790687d02ea06bb1580d2092b5"], 0x849)
sendmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000080)="f9a2e4100f3c796cf54a0e5e4062122cb2a1e074019918ced03eb309", 0x1c}, {&(0x7f0000000400)="2de7d0ff5234875d967d17970c6496bfa79ec65d9acba548437396578787cab0fdb49cf696bca647c6b9f7dea2f538f4c51b247bd4aedf33d747cdfeef3c34ff0910fd06078b839d4b996d293fd86e5e945bdbd779fa2e2fece81fdc69a74d49e469ecb612c0035238a231ea995780916d64855447284c83470199d153339d63534a018a", 0x84}, {&(0x7f00000000c0)="909ac67f725827542fa4fd45f62ab6679919d8a4d6d6ae86bd1dc056df32a7b98dac2fbdeb4d4c", 0x27}, {&(0x7f0000000100)="97b3edd66720d2fee5", 0x9}, {&(0x7f00000004c0)="bf294f4bf14cef36d76e71a7ca61eba137ee54bafc9e0b041e5e806e9385b5a5847e470de803a7dd9c5ecf42178443b90b83c4c30cf78827b8f6a771de1481e023ceeecb24a691fa21fd0ccecfafc34e3c0ec094889997772cd163d03eb2276cd0a918a5080a4580e7b709af0d888142cb1335ac338292e0a30fef6b135ecbad3ce52f1eeeb7959fab1721eb0e73e3305d41", 0x92}, {&(0x7f0000001b00)="21315ec241f7f11b71d19a04904acb0ce31f7edd4ba46b398530c0fdd56004548ebfeb04c3221500b8cccdcbc7d7b1d10d2a220ec2d96ebe26ebb88850fde9985f99526c9a0229977fac15b1a5c59cd2914646db51135308ae8a7f064cbfab5ef73ae74df7966e4e93a3acf3e58925ee5d7739a8da1cee90ae1995592670a951f7476e334dad491a977c49fe5ccfbfe0fe8b23ac3e66aefd9f453f06f825097e48f4567cbb2328af1a8964ac286445ccb3b1db37dc4dab87a42ed1763946ba079fa68a9dcbdf4946bec8be13e711622162d25820ba5832ddd7c583560c3c5a70b2299cfbb41ffe0e8fa2cd48624e29f72f4f9f8c838820ffa78dcbc0f74a43708100e348408b8b23842642b36f114a2cd44f182fc1932b7878074fb19b9caf62cc8bbd443be6701182c9a356555de8cf058c7387fb59debb487f85c4aa69cceac5d246478a96884df1fd3386863f391d9869aa5072a28eac34cb4583dae49e0a3126a121b3cb0e82379a729ee3b667f8a8dba3d403095671a0cb46dedd7ee0a680cadbbffc21443b13f61b2e2a79a347b44b9170bd35d4d9b45efcbb578324ef84fcd01ad6f5ce471778ea15dda7acc69c084a36af62dcb55c49474ffa750f4e64669eb29ffc20aa6df7c191a08991ac538fdd620b3d8613a7aa69f5023ccb5fc06ed7777e3ac7c6628d6b07d5534943735a06385984621693d25bd8cc261135efb77757822afaff13296dee8fe616681712fb05464d595bd348747ec12fa5d2c56bc6450025636a2ba073205bb341b76c110ca5fb44967e99030b6f6a8b091b51986d1797ebc5f219132cc1aada88baa15b72f15eab8197c1d42e90c7a68f5b4ff62beb4764be007ececfd5cda6f1822aaf04edc61e0593b2f89848ffe70bf5b793e067f6190a0f3d6d970db68f50edd1a3d99d996bdf6a26cc7e6b2b131202e106b72c73e7cc5486ca0fa181f355b536cbd7222e2afe7cd2967f37d58806a300835641cc1db06f59093c2dd81f636cc59d0f78ce8e8dcfc30251e7014ada89f3c1c22a1055571e90f1a8c5c5c21ccaeae41b16dd2c38670ba294632dded29137cad7c25b81337ca0f77f843d11f3c5e6cbef54a52eb29e2de5a0a6354aedb60ea1b0c6e48f931723915b5c8f235108a51e8b809d33023b30aef6805cb624f4e0080cc1c4fa532520674c6ebd9382396bf024f0a0b8eb6d7fe5d4240bee4a09bb84a3b27ceacf06be03879da111d263aa6825ec7e72dc3707ce806b717c08bd0ee8f33fd33730875d564feda5e7b711822b1bdcc1d5d4528ec3314277837915c017ea633321b8d168595204ab6531ab6b8b572acf0193011fcb4dea861ffe86dcd8ed8aee3cac3517443562ee3d81ae7fa4575a4b238f513ba0e81aacb9c6e437a05c0b9913c9a1c5de317b61a5918ed485318060e42e0c7c8cad0048e9b1a1c6bbfff20bab744fdff6b8710ad9a46e9a81008725373790c6e74779f94c5f582b847d8e50c5d82096ee77402fc7f64045ec03bb046ba23bc28c865e985b8211777d950abb64f965c89bb6ccd4a6f9984fe74066452710e6f87c401895cfc971f0e247a71a9ab7ff96edd4630a2256611bb689e9ffd545a34e328149cc47e498cf71ad2611e2dd08d77beedc1fb33374cf1a8def8469b5ca8b69c5b978af0208a9ef43b3c886c8ee66bb84dc1cff3e1b713208490fb5b97aa696ea19aa3ac081a297769e8e8d0111d0efa11a9077a12836e0c5b4a9f3d05f2eaf8c344af93339415f0c4e735632cdbed3ad9ea9fca79787103ef577797eef6d444a5d8f74a873958bb1a4672d39b5d78c2d2ef39e9ee86d9edd2d1c092846e65e2e8efa107da5f2f1c3cca5d6a79099031520995db925f53bfd4c1cde959c23e7d6798a0950e902081613115b89322c6a524b20b5266df592937336f4cb05075dffe3aaa638316227aa9ce779a4b0de77007d298894b03cdf36ecd5cd38e5e4369409adf7d86503cb7d6e7893ed6834aa8f116c1e508ab65bf24b5a141d0db6cefb4b9243a8147ddbdb52e9d88fd631d7d7834cfbe86df8cedfe36bb3f347d33adf90ca6608f99f14e58534debb777d2e338c2b7d9e6be9c784f4116bc509df515a12979935b010292098ebda7a2eb57d9d321c010bb5655d3ccd2348a9c190f0152521231268af71737117304ae649bf48f5c2c11f14feecb581a6fb2e58802476b34ef1257ac05a29cb69c93f3f8a1bc11ccb7bbffc4a494c0ff03427e230811dc2da5f41f1c652479660e67f5a7b5462371e1c98246e348977f8406806beda6a9b35d156ed28f4859e1eab44abfcc0ce0abd4f15d2b262aecfd31f096a9825f0faca89e0c035ba6e87b2aeedcfd35b77c3d1a3381e52078781d91bceaff5bb08286def2fc7074c65aeb05479e6a86c9acff28cdbf7fcbe422179fabe875271ef6c52166dd8504075fa7d22b28935a79ee9b221c824b029fee55a7a8109aaff7700d40f156edc97ee96d6ee739c84ce2d79c6cb0e04ca9e19a402a1a405977b3716e11f09b4a4a8100454eb370f7d14cc3124603e839ab7bb8226d1aaf17d34d8f3308342c1ab748b440fa80cff47213e072bf01a5b5b850fd3be3a296def17500b16feb5015c5697bf652202e5b6de20c7be81f7c8020447be0fdfd6ec9ec5b2f2acc68f2eb020d9f1a432f53f92ec085e3ad3bac38b0521a1a847f12a0a2a4ec81b3af407c4762f53a67bafa36dae468a5884afd6fb32078a65484a11b6aad401cd218d3b27691b99dd624dfa1a480728dd935c255a9abf9ca27c5a8143a75045762abd3d1fa75a299a1dab9dfe52ef19f5e7c6a9b8872d4bc7b60797c0c9b14be08b87cbf02d97777848e3b6b33a10e41e249acbc9cee249aaf4fb2a6b801ac0bc6edf8be0a6f0027d9177d5dd6ffe8311ca8d0282838b7bb747330a4a5ca597982d59de98803cf061e248271fb0c00370cfee2b892f699dafd4b1ec50a234d5a161a02b857b1efaad3968deeb8d4a6d0c21b31a5e9824bb080ee492d6cb0342ebd1e9a63a76765fee5ac61fabe7bb74b3cbda8d1b65a17fecd38b756409a057505f4e7a1eb5d18b6be8877c46cb461944da373f5010851f88cd5ee0248a7020e99a76752842c86871e5a2c56519e1f31e6646fc6fb0e014d946690cd485e43cfa34808519df39de47e728564112b10e948bfd70a0cd762e49a48744c2ef4db9a3d6a7fb64260ee0f9b585dbf3378d82ef19aad9d378ae709246f7d872bb627ed44eeca1182e7c939d24daa49705500c4d9866dc4922c76afd3c19c947ccdb509a7ea3de43f87e089e6ad168b2e84557b9605109079766976ae3ebf32697b09413853dcac378c53f8b237136bb7e1bfba0af656bc99e20219c513f005922a32c8c16d658c26e9d78a73f1e61a7a3fd28a22954845ef6f99d30984b435384dbecf8f58d8502a6a9b128f9d2d397a211cc486abba9002d8890c69456779397d75c18f9db9496e8d0ea428ab314bf44522fa1e063787a7001d84747d1418b170b8eb9ae94f61c48a28446ce85fcf9dde31e10b4f80c8a3b81e1253811328090dbcc488992c1e6cf211da9f947f5f20979a53e52aca32d6cb1742844c63c85c8395aa47c54d142ee118bd3e041112179e33f113173463bd7cb1f10f7a51e4be74bc6360bd58683a44c6288a8d9171c36e6d13760285b65704346bfa6019132643326e3402c42379f0ededf4d999f2d377bcfb9ad510799a6c17033874ddcb6d63ed86a803b4611baa19db313271c6f58a6b4f61a1958dc4de954bfda4a68be4c3a9555fb08ed059be65a7f79c06bf314884cbbe62117b56b445985d9e62275cc78b32de89540241f2835c92f734104de04e47ecb14392dbaa3d8f9271c8adfc2873d008b879eeef0cfef330d667d29478cbf59933baf5cbec88e58d144e9069935337e5f2e16c15cc7edcaacb458fec7aa1fa680c8e3d26ceea9eb07d96c806329633fb4c7d5e5f6d42259cb0a2c5567bb57c1eb78c3822302ead13ded169705b6de7492b68d2675b61306384ee731fcf5df51347b7554fad295060fec9b0769f089a7df5b8d8273513dfc4581f4c9bfe6233f8d1affbbe510a125d7260b5b8fb5501da54f693616395f940e2be4e206e28c71d05d8568d8249ed9ccdd6fe94aa8403399f85c505a5688be9143fc5004a4f4f6a70510846b32513d6b6ce602a4a99cd2f9b1e4907aabd07cf60fa1a091c7196293545fdf4440c487092fcd63a70a91fa5424d6a8ca324b181788c42ddceb29675510e594e78d00877f51ba01053385b5e7193e56066ff1872aa4db8c18667d9e39092e4449ec8e82202348efd524c21982155fcba25631349e1b99b0d292cb44a22c4145e7cf1c692a0d964461f5740556e1950c24a749b95739e6f47b24c6926c9e41c9a857db4b186acf770cc93e68e4f5624575177c8e4e05dfa4810e2edb548289f934e77a81c38107bc021a8b9f945e5deecc71e48267e848853ecfc78190eb8a41013649563a2d77cc2dcd19974657e029b53aac47b2e4f9a5cf1ce0a05cf55dcd94a0162ec0237560842a873522ea3caf934a129ed70b9a1e7e73624924004b8b51eade57c9d3c677df6a329a9ed9651980e2f3d7ae259e250a5c01ab13ad0024911ef225627f4710687240256f4215807b420d7948ea44ce8a51ef6bd6ffcea99a5ff5ca6d4c1aa805cb9366347a2d4e6c7eb6bdf5612827f3b9a28e2dbb42196f7b4f585028fb5c38109257cb401b3215d60229d0a736ddd1204f0841053e54d5b3ff1afd413f802aaea226c083609d9096218800716896212b70bf31c7c8ce341f028368ba8542cee44ee2a329687fce5641458cefd76e775adb761857e180f1b743216f7e804e3b1c445a371d1200f7143d81a5215e73c10d1f4d13bcabdbfc4a41bc344eeb639659c3c0fce977d11ed19d5bafb4ec3447a76a144f22a522c0356fe9c5e36629d4ce9007988d3762c4b17fed83aeb5cd5a6cdb02f723423e3e1fbbbfb41e0ee9ce4a8f9aa470fe5b7b1add84695fcf4bb45c68e72a80c681b3cc8078e62fece8772624e91dbb8f49546adcecda0fedab701f2e26ba9359728e3006bfedc3c5cf3184b4f7b204630c4cba9467e11556d8476177e767b1d502bf155e817a8ba93c1056d63722805c45c4c63a2abfd9ce57e6a74ddc2fefc7a98a1f1841ac49603dbbe445f2d490936a256553a19f016b57d49929f10ee56f4f4eeac06b5222343964ec5f3158ae6406283a709b5b5573fb7202afb0f878e6bb57d36055ec74996a3d00750343760120f378d98fc113f36d72c435184285e3abb9985360ddb771ef4ed347fe73ad107194a4b7d7d20d68a5f99c5020f323cf38980e07b91bfa7ae39a7403225ad84df779eb676ea3aec3de05afebeb8f023d92fc91489da7dfc054763b918bd267305acbc66b5783804d6b5cd96f48ea6946e13433c2a6bfa187cd15a2bacc0020adda558208b4e58be8cf2b3230c8a4b328f52b3fe0f7e62825be4a8786e72a7d325145cd8fa66bbf59338d00c2ac36f129f7a5b991a777d981d4237a0e81565d3e342841dd0ea2d47054f75d7272ae16aa02e675bda4ca9b5da36867f0f432291784255114911389ff055ab3f5a13797023ab928556ddc9bd69daa1528703459167751785c61c6540abb96adc0a7ca0b453640f6fc41494756c151c0a6d841aa05b102fadedf4fb526e8492a495f56552d0128d7c62655525ba4c23df6873e0524c74dd590addb796e3bf0b9c217df05b44942baa89bbc8f115937c96fe7d507d3", 0x1000}, {&(0x7f0000000340)="99edf852941308fbe150e1ad7789f08f3baf303aeaaa223aece108d621cb0b92b3214554756ee139f1a5b2f0425febfa1042bdd2f375b71abbcdd438a20ea40f09c34a57b673da1ab36fb168f1fee51dc54676d558a8d159b1e9df68c53b7e6281a66c", 0x63}, {&(0x7f0000000580)="85f2f351a1c914b0cfcc642e01cad168a4a1d8ab5524771223f6bd7adc9eb92073a404df4f58a6072cd79984d28f1cbdc5105b30ea172193dcc700f3521546abf2bc45f7f25860fb03a0966aba08aa2792c59fdc9f94385d766a9b93989b43b49f2b5b7b", 0x64}, {&(0x7f0000000640)="beb0fa539cc366300184ee8ad5a95ba20ebb5b553c9973217cc84dcea671eeef0024c17b9aae2b7c2175e4ab3c66bc068de126a7c21b4a6aafb0fc831e6de1b16db8b28cf4b7f9caafc38362db42e0c38ebee81d954612813da38fa3be8a0dd42ca55a631a9a6d3c40ce5909563d13ff8b3e3ad8d7617fe56b96d27a6605a75dd675350a3558a76a29170aea15ac3e4118984bcaac881dc9f623c404abc9f9d349afa76fb22427660d3e329b94ae1da1eac18a254e", 0xb5}, {&(0x7f0000002b00)="e656ba37cfd40973f9d79f074e359e72c2c6dedebe2c8bc779d5d85872a4292a3e4e76f153101ddd21084b8b8181929bc9eec87f1537537848b59e2f2ce173785ddd1a7b8a23124f4dabe2605de058376237a05707934c6fe4dfd5341fa5b0547aba0089493eca4a923910f5147d92064fbc5366f7e3cfe12248169c13f4f60ff1d12b307b58fc0e8711d217669ebe5d93b106724e44c446225c726ab587d396497fd5accc8c25a23718bbc011f55c6d67d4984751e0b5124bda506ca738aa4748b6ae0a49c31854f2043f887d937ffd3c757df00944d5ed7c64aad299a42250f9fe3d2006cb658decb8a288db055bb957b3a145fef18cd2cff414bb3923d46a7bdc7c206b8c39600ee449ad8436902ab6dacb71518ba1deac9ce6431757f8e8c9793ab9f9719c3c2f6ad4be7637ea9fff97f7484b05f9fd45e643caed0227fe522e74ba7367d81d8df8856a945ae33e4ac581bc54367836c660ced81ed8bcf6f183aa455ce7e2a416ec0cadcea3773f71378010e47928e16c2615d7f608cfa74dfbaf0fabefd527411d4bb6337dafffb91964f1d057f89146e5883db2f9365aa0485031cdc9f67a04d356c60678ed0497cd6e608175e8c7b0f27311fdaa687dea302266eec2cfa412709bcc0656632768bd9b5a46b0801fe2d32be74a99dde9adec72000e7625875a351737c7509eed00bd81a0fc48ab291caaa1c01e2117ddf6fa43440488fe60fe754f78d5d49011ab49358576a89f39eb4c1f2184e6b576964dac46d75632feb522d1f07970fe6311e18324cea5afdd54c7b69f6aff54b496235bfcf314fecd46f58eb37d122a8d0c90600f4e218479074f83aab9023ec99404fc51915da9720e66681c0ebc4a7fbdd0626871e7ae5c7aee447e51f8ceb68ee728d321015749e9b8b2965988a49896157bc547ff671edcdf4d7898a7f60cdcd494ee15e2a6463c2846e51e0a31989141a057c41939da59da08766bb7cd67be9757b79e4bc07b01c1e7888e8fb1b83a3d96194abda3f1ed280daec0fd6555f894ee16b243be0730b5ea918509f6709ab35ec044d3bd48e3cd9fccbe9ae6e76dd6694e2c21ebe241d86bb3b67a8f7fb28f419425b99b4a3b4fe1f7b1801bd9c75a537f498ffd923e2bd49cb403e3f1ec133db68aad44ae635ff46b959cc0f8614f018aef34339b96f75091a4c6b8ac6837685aed80e7cec25ab1c7d6517da56a88b1cb9b8882935e50fc07e04a2cf5a45f754edc333c560ff4aa7f7406a413f9f7895bda0d23dec74eadbbb63c98ce4d863073d81bff9d302d829f998087f7c70acfee2c1f1df517614ae2d27ce540d15d91e8248e196ca60a0164bddb01221c3c86fd3ea7bd4fc66687d71ae3f63e9f3fa83b31c72c2ca21699de915e36feb3e94d420820e5e50f39df402c6ffc1f6e5c85be6eaad404edb9f39c8abb6396b9eae52b8a3a4dc11b3a94a645ac9e7db5db36eac315e99bd4b5e9685e1ef879afd4f63056f45eadbbd61be84d15a8849663b49a2fc9aedf6669121e3592ed91dd5e144c2daf349fe47a97bbbb3389c1b5e3effdd39b5d504637b76fb3bca3afa7ab7c6de2ece1e64311d3869b676229ef9f0e27743bc26edf7d7281ed95c1c34250a64da50e32f178e1e523f0736ab6f47d1c570189eb78a67dee17ba0bf02ff1a9822488d7e84592bee0ffb2c30e938827191e10b19924449a0c03e411457944cdaf2246ce0127d30e270f20075abff27ea4f8e4ed03373e0be4d9cfe89a8526c712c93d881016e454adf26635f7cc132eaf9442703ec2c45cb178e7227cd8f3034b9ba114f0102d339f11a7bc54f5d75a42aa45c314a79b24b1005d12145d150d93d4368491eb5dbc3e78f70fd732b646ee40edfae54bd6c885dce6b26ba018857a66ddeed1df9450fa98282b0387443c1e5820eaf8186d83475555a11bf7971f321c1fbe7d9f28b2eb6de9423b563ee93fa2277d371c3525098407b7402a83421f57b772cd0099b41a2785d187add67f0630fae9bd95516c4c7ac0b16ccc05f5070c8c35258170f70f92dd73b858665a036fa46fa6aba04386b7503068781b39f2b4a79344f77541a2ec4e1106ead9ba1b8b558224101c7d8e9c16c51a53b77cd97e0508cbcb86ebc69b1568b7e80b563bebe43d25414467f44672ee2dbed6e31ddcb35f6556230f3f84f4cd634d3685eb6f29ba81961b2e985deca9df71315e5780510313db0d23fbcbe45451b39cbe48c59b63b03301f69bcfd62e0e8b1c0388f760d3dff485b509b24ce2d1d9fd9e44e811b1f2be9988ed85548bc2bc722a68a9936dab1453012a8d02f31fd1d2cd0af531095a5254121a498ce1bbeb2a34199696852bf2f3510e5699af3bd78d37dd4e216551336aacd34fb97262650ceacc34e02e88a110e82708ae497221b0f4f3daa7ea856cb92766c24f81225f04e3c7e65c8656eabd73ca221eb35958182a6067ef69012475e8c2908210d4483a7f07c09a87749cf202a17e0f807b0fd0d3d4db08f1817148750381a60597a8918e7ac3c2cd82b8002566a7098181b5e5ef012e8d4d83aaf0301323953a46a81be6a8323d2ae254a5433db9644768d2efd6563b6d553b52e6f2fccbb47eda787aae87864eac799588afe90205cefa22bacb98ca679f95a451362df1d5c8bbc5dd4839e5fd02c220f238999542a9819a16b4d4ad6da8154738040287a0165135de66a24079c2f4b70f928a125964147232187407907cd101bb792df5080450545c079dba3df245e6846545fb7bbcfaa7a12b43ec1ed947f525573e7daac9400941e21013982489ae1ea5954f048ad860484385ee6493a38c10c6f8d2da5fdddc9a378218d9bd6a9bd88f0f486109beaac841b001aa581dc5083f7d612f7b4c8104d8df60102e73f1685707e0f45f5efe0295fd1f33697822fc87dcb7d772fa9deed8a4a8c1d245f9eb931c61349c2420623771fdb4623bffd233df547e7f9b1f4ec9555c443920c23dac8d12336b66e5cfb59a6cc373eebefc7cf55cf0328cd105d8a74b2acdf6b9b390bb22be3815f24bc8b863a07f99dd4e8b95853e211ab2f86d3526b08083236b34cfe6dbf1c9edf3272c3ea42af6f6aeaa62614067ef3076bb0fd5da707156b6c42b7ad7dade4df2a0f0af6c30b1de6e72ea9a863e786cd209d4d75acaed9af74fe54070c99a13d64bd8421df377dec039ee2231c076029461da1c748f8696dd1e1c918115376b137886a37e2bf1d448abdfc8bac46eca959575913032f92dae30472baaa19dfd76f8b2864a969b2d19cf19566216be63e1c97b5aa689533696c6a9fb6b31ca12c74f409312c3f7bae1ad239e7108e45ea06af80b8528ff2d0173b1efd4fa8e6bf322a45e4dc5ab6937402d3418cb13f8734a795d3a462ceee36323ffdd71e772c107063599ae77e6e9c6b4505c04e130d8f3fbf58d83d43e208c44facca7f309894fa9a37cecd2691567008364b56a449c7bad7aea1dc07ea597ac672f3b89aafc0e8677756f14c38de4b5004293a0bb962c86edb12e50a41708082c4308d88f21a6b7417f6f11269ef9d78556c1ff787a798c510411aa86704b4b47874533a81b09686a994591410f0a132596d26a9373b132c395c31275398da65a85b56c10f5d981936a77281f85edadf2f5ebaadfdf860c4babd444b9d2af1e1ee13a7707a767b8dfed491663fc8e99835b490d65494a6719507c5ed04af1f584a830b3ada0516ca263a3ee076d7ed4e06a217c9344d382b58cc1b714c03e21229476c9158d7169adc6b3692875bf1bfb71d70fd64a65b0c808dea7627a0528e9ed802544684af1af58c882a67100e0c37a67c741d2deaceddd9cae1016a37934eecb9b39fa36e771eed8dcbcfa9af39d99bc0c8f82a45ab0456b29c854480674395886eb844e8f266c4a0c9e2fac8d464e5dbbd1fd57cd67c103927d5a6edfb37720aff29fa6b7307cfa075931d2ac8caf7675a9632adf43db0a9c47063b84ebff751f5c3464609ef347a281e824272d99fe223e1ac9b1db5e57121f6f6a2e1ebb8fff812bb7c8293e23b205f3c0d24fdf573d0c6881832c6f73e0f38218201b9992b421ddd0ede5454250a77c29b9b04917fa494215e29cd55dd09d38b5aa7f81081ef28cf659cd4b27eed0e3da95843952daaadf08cb103719e9ffef1fbb862c3cead7258bf9c28bff9889109da49af1d1dfc5ae605677d857f6841922efb4bd09d3ba63773cf9b38805e55144d891ff02c30f83739322b81ac7bf201e9ad00e802ecd9688d9f35ebd52128e089963791a895ede80441caa40882d2a74a75aee41674421a6fb4954946ca8e45bf14468e1644b6d4d20a14e3c78adf0de3adcc7382071b8e9a254b2efce292cbc3cc77fa031b689ba5111cd44ebb989f0506b36718d43e5d10a304b707db01946f084e0bb087afab709cd3ae9aa22513f08599512005815d1ec1d7100b5f0fe963eb6ed032628d2109383a957b88a3423843f65b527ef23c4a94d14fd7d568ae5a79f6b2ce7fe78984205a190e1c07f02f977bfb059811198e8b9594d7ce58e88a316cf3aa134218da54a3eeacfe37a06224dcaa57f80171a02ba1ac75f6403ee035ad63a9d178ee62cc9bb6a9dc62473666c08c8185081ed2059d521433d7f3b1a0ba81e5779334651e1d1051fcc18b7f186e49e5ff1a9d02f9ce52ce7f92d0a3721c2b5833a23cd94d8e602a5834c5e8fe00f041a5e8155bf0e7a2bf97348e47bd398d4c8a3151299e7bfdcb822723330751f058cb60418e1be5cd9e21a6617379ec9f1438b9bb239cc33deedd81ef8f967a58fada820b2e886c84242dbf5fdcbb8cf0abc6383f415c7280e48bc2b82823e2b0d605a8c32af87ca4bd8a0ae5c511d3d87f442b8d4a007a4261decc1b804632f6aae12b541c180285396d5815152d8cffcbcc20295c4582d3940fefeaea33da8845b7f040f72ea8c8f914b0c33b66b64c4efc295f9b7d718eb659719ad6d8563f52c290ee7b478f1a93b80a1baf7a0bfe373f7594dfd5773be21325c3ac2474892f57c042c08dce06a8e3069bd51e358c4640d51ff4708f4dcb1001c1dbff52a9670e7b160c74861ece8f6c725f08fe2d2149ed21578772942ea1a92e2b58a54c6a25e2cef06f7a412ee472a0b97a990a8646a3648358bffe4060d8e0e7126e03036653196fc8d61a087d134103c624809da1bf6415337c241f033ba2fda92f0f07c744c2549c7b7f6377578674a01de5dc3e914de447ccbb5056291ffc7878fcbcbd913c305ec7722d73633b13de41e38e5a9cabe0ffc6ad376e7148aabe7ebcf55d294eeb23659e2293e943c659041cead2d8f97921b424419c66e91731c218cb312863f46cbd59541ef7dc04dd9b14bf3a5c150ed5509d36abb839b31b75018648490420656a5efa4afbb00509281e9c61709a97747c7b04d08378b0a1b89d8447b2854b961d05340b4ef1f77962fc7aefecdde2a82b3feb20c692e91f957fa23958bf36f4d986c7f6956acee5da8ab3fd5a57dd0d8fdc4de07fe1c927b48f09a0d3a65e51bb8e7de3318c62f34dc636b5a32c66fe28f0624d330c3f14c6763685c71b54fce62bcb5381735037267b9949287e60d09a46f18aaa8a9dd69076a13c702f69da055aed06c79c99e9079d356668c4c8f39ca64fbf62f2d18e274cce1055bb344d73eadae6ce5df427af1a832d8c6a9b6da44a19e55c1167a919ea22939603e1f5d671be4c822bfafb0a315ce6ce72746ebf2f38202a881237d43605da9e683d116a89fa8ec0dd57400b40cdb67", 0x1000}], 0xa, &(0x7f00000007c0)=[{0x50, 0x103, 0x9, "f917dc69cb267c9303d758fb5a3cedf76ee0789ada75df2bd14c35eb5a625ca4db8b5bf1bce681571b2cee7f54c661ce51dccbf27de3894be20cb99fdc"}, {0xa0, 0x18f, 0x44c, "f548c450ffea40acfdeb0d826ed9f769e8fb51d8bb5aca4c4a1dbaf90ed1ce77fcecf82053d31f7b013a72e92d79114dd7471accc057390917c0818edeb21b92b643b63f536e126cd5491037819c855cbb5f7bebef7ec1af3888fd88d9f0da52362f066c9060ec4fe8d746aeeb07192fe0689cbf72336b6e1c7ffe10716dd07c1717bc0b1859ee618c3e18a4"}, {0x58, 0x0, 0x7, "3e7c6fefe12fec13be0ec929b5b4e66642b528092868f67f3be91f87bc76b8bc5fcf09de6f56cc8af416ba2383dfc3f07ec8c40af862b998d547f11e6aecaf0a19fa948b2119"}], 0x148, 0x4000}, 0x6c9}], 0x1, 0x20000084)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000040))

15:22:50 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:50 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", &(0x7f0000000040)=["07e646d400"], 0x5})

[  512.425336] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:51 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0xfffffef0)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000000)={0x4}, 0x4)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84800)
ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000200)={0x3, 0x89, &(0x7f0000000080)="60100a488ec8c859790154910f213b8ecc01ecf2b800126992a40657b99b0aee608a2cb8060a6b318bda2f058e43ff10d3fd73a994f17b50d95f206de4d88fe568b26482093e11299a14584975ff9d0d5f012a84b8362bbbf6072e4ad48f3ee01b8bc502426d7a61a237546b8c390b2f3831aded7761bebf8a4897d451fa65d1a39ef9b2a87274e556"})
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:22:51 executing program 0:
r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x7, 0x400e01)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000400)={{{@in=@multicast2, @in=@broadcast}}, {{@in6=@local}, 0x0, @in6}}, &(0x7f0000000180)=0xe8)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r1, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r2 = semget$private(0x0, 0x3, 0x40)
semctl$IPC_INFO(r2, 0x0, 0x3, &(0x7f0000000100))
r3 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c, 0x80800)
setsockopt$inet6_dccp_int(r3, 0x21, 0x5, &(0x7f00000000c0)=0xd31, 0x4)
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000640)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r1, &(0x7f0000000300)='\a', 0x1, 0x4000, 0x0, 0x0)

15:22:51 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x3f04, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:51 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030400", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:51 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x4, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x20000, 0x0)
execveat(r2, &(0x7f0000000100)='./file0\x00', &(0x7f00000004c0)=[&(0x7f0000000180)='tls\x00', &(0x7f0000000340)='\x00', &(0x7f0000000380)='mime_typeposix_acl_access)f\x00', &(0x7f0000000400)='tls\x00', &(0x7f0000000440)='/dev/admmidi#\x00', &(0x7f0000000480)='/dev/admmidi#\x00'], &(0x7f0000000640)=[&(0x7f0000000500)='tls\x00', &(0x7f0000000540)='loself\x00', &(0x7f0000000580)='/dev/admmidi#\x00', &(0x7f00000005c0)='/dev/admmidi#\x00'], 0x1100)
setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1a}}, 0x10)
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000080)={0x4, 0x1, 0xfff}, 0xc)

15:22:51 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:51 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x4c00000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:51 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x4)
ioctl$TCSETAF(r2, 0x5408, &(0x7f00000000c0)={0xff, 0xffffffffffff0001, 0x7, 0x2, 0x2, 0xfd40, 0x3, 0x7, 0x4f, 0x2})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f00000003c0)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000400)=0x10)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000180)={<r3=>0x0, 0x10001}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000300)={r3, 0xb4, &(0x7f0000000240)=[@in={0x2, 0x4e22, @broadcast}, @in6={0xa, 0x4e24, 0xede3, @dev={0xfe, 0x80, [], 0x16}, 0x7f}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xc}}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e23, @remote}, @in6={0xa, 0x4e21, 0xfffffffffffffff7, @dev={0xfe, 0x80, [], 0x14}, 0xde9b}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x4e20}, @in={0x2, 0x4e21, @local}]}, &(0x7f0000000340)=0x10)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)
ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f0000000380))
setsockopt$inet6_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000140), 0x4)

15:22:51 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r3 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f000077ff7d), 0xfffffef4}], 0x1, &(0x7f0000000080)}, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
fsync(r0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:51 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x861c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:51 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

[  513.091731] tls_set_device_offload_rx: netdev lo with no TLS offload
[  513.111984] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:51 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r1, &(0x7f0000000180)={0x10, 0x30, 0xfa00, {&(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x1, {0xa, 0x4e24, 0x401, @loopback, 0x100000001}}}, 0x38)
write$RDMA_USER_CM_CMD_LEAVE_MCAST(r2, &(0x7f0000000480)={0x11, 0x10, 0xfa00, {&(0x7f00000000c0), r3}}, 0x11)
write$P9_RFSYNC(r2, &(0x7f0000000040)={0x7, 0x33, 0x1}, 0x7)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000400)={{0x0, @empty, 0x4e23, 0x1, 'lc\x00', 0x10, 0x5fac, 0x6e}, {@loopback, 0x4e22, 0x1, 0x4, 0x8001, 0x7}}, 0x44)

15:22:51 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:51 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x60000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:51 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x14e3000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:51 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = socket(0xb, 0x0, 0x1)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000000c0)={@local, <r2=>0x0}, &(0x7f0000000100)=0x14)
ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000180)={r2, 0x2, 0x100000001, 0x101, 0x100, 0x82, 0x5})
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x4001, 0x0)
ioctl$ASHMEM_SET_SIZE(r3, 0x40087703, 0x7)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
sendto$llc(r3, &(0x7f0000000040)="2bbce16b9704aa", 0x7, 0x4000, &(0x7f0000000080)={0x1a, 0x33b, 0xef1, 0xf8ed, 0x4, 0x1, @remote}, 0x10)

[  513.240078] tls_set_device_offload_rx: netdev lo with no TLS offload
[  513.355662] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:52 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
execveat(r1, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=[&(0x7f0000000080)='tls\x00'], &(0x7f0000000240)=[&(0x7f0000000100)='*\x00', &(0x7f0000000180)="706f7369785f61636c5f61636365737376626f786e6574312b7b21dd6370757365742b7573657273797374656d00", &(0x7f0000000200)="73656c6605757365722473656c6600"], 0x0)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ppp\x00', 0x0, 0x0)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:22:52 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffdfd", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:52 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:52 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
prctl$seccomp(0x16, 0x2, &(0x7f0000000180)={0x4, &(0x7f0000000140)=[{0x8, 0xffffffffffffe2a6, 0xfffffffffffffffa, 0x2}, {0x200, 0x1f, 0x3f, 0x200}, {0x7, 0x9, 0x2}, {0x4, 0x1000, 0x5, 0x9}]})
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14)
ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000100)={@dev={0xfe, 0x80, [], 0x20}, 0x73, r2})
accept4(r1, 0x0, &(0x7f0000000200), 0x0)

15:22:52 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r3 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f000077ff7d), 0xfffffef4}], 0x1, &(0x7f0000000080)}, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
fsync(r0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:52 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xffffffff00000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:52 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000500)={0x1, {{0x2, 0x4e20, @loopback}}}, 0x88)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000380)='tls\x00', 0xffb6)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x40000, 0x0)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000480)=ANY=[@ANYBLOB="01000500ffffffffffffffffffffffffaaaaaaaaaa200000ffffffffaaaaaaaaaabbfc83c2437aaa1bcc2763634546a9e01f0eba6656c12dbe7d6af10bd550fc0b9016790755c29fc75ee8d89e1dc8e8ecd09f5661716d8e6666"])
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000)=0xe1, 0x2)
ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f00000003c0)=""/181)
r2 = fcntl$getown(r1, 0x9)
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000)
fcntl$lock(r0, 0x0, &(0x7f0000000100)={0x1, 0x3, 0x2, 0xff, r2})
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer\x00', 0x28000, 0x0)
ioctl$IOC_PR_CLEAR(r3, 0x401070cd, &(0x7f0000000040)={0x1})
setsockopt$inet6_dccp_int(r3, 0x21, 0x1f, &(0x7f0000000080)=0x5, 0x4)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:52 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x2000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:52 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xbcc7, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  513.951884] tls_set_device_offload_rx: netdev lo with no TLS offload
[  513.982301] Unknown ioctl 1074025681
15:22:52 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:52 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:52 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdfdffff", &(0x7f0000000040)=["07e646d400"], 0x5})

[  513.998710] Unknown ioctl -2143271654
[  514.006631] Unknown ioctl 44615
[  514.033039] Unknown ioctl 1074025681
[  514.037562] Unknown ioctl -2143271654
[  514.044526] Unknown ioctl 44615
15:22:52 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x3c70, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:52 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:52 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040300", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:52 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
io_setup(0x5, &(0x7f00000000c0)=<r1=>0x0)
io_getevents(r1, 0x8000, 0x2, &(0x7f0000000100)=[{}, {}], &(0x7f0000000180))
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x4)
r2 = socket$bt_bnep(0x1f, 0x3, 0x4)
setsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000480)=0x4, 0x2)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x111000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r3, 0xc0505350, &(0x7f0000000040)={{0x8, 0x14a}, {0x4, 0x6f}, 0x3, 0x1, 0xfffffffffffffffe})
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000400)=""/94, 0x5e}], 0x1, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

[  514.265522] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:53 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
syncfs(r0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x8c40, 0x0)
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000380))
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r1, &(0x7f0000000040)="fed98e4e92a5955261b768a37efa79ab36cf636e5ef4b299dba4c2d351628205b6ab4a7813f3ce0b6e514edc872e1ee4eefa64f9daf100a961f38cf4cf4532845ad8c65e0ec1ff24fc098ffdd43b300bbc28f6e6c47fcffd7000de50b035c1342aa3c826062f80272b86ced87df6d48bdfd9587b70315070ca9652679ca484b3571a1a7a5675f6e65acd3e555a9a8811df6fe52bf0db8d5baae91f106b370993fe7caccf620a6630162dacadefe07ec8632b9b7ece89b8e3a846124ff1f23e", &(0x7f0000000200)=""/150}, 0x18)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvfrom$inet(r1, &(0x7f00000002c0)=""/146, 0x92, 0x1, &(0x7f0000000180)={0x2, 0x4e23, @loopback}, 0x10)
socket$inet6(0xa, 0x4, 0x8)
ioctl$RTC_PIE_OFF(r1, 0x7006)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:22:53 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x5000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:53 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000040))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)

15:22:53 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r3 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f000077ff7d), 0xfffffef4}], 0x1, &(0x7f0000000080)}, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
fsync(r0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffffe", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:53 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe038, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:53 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:53 executing program 5:
r0 = socket$inet(0x2b, 0x0, 0x1008)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x1, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000040)={{{@in=@dev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@local}, 0x0, @in6=@mcast1}}, &(0x7f0000000180)=0xe8)
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000340)={@empty, @local, @dev={0xfe, 0x80, [], 0xe}, 0x2, 0x56c45f2b, 0x7fff, 0x100, 0x10000, 0x1, r2})

15:22:53 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xbf68, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:53 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x2000, 0x0)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000100)={0x7, 0x9e})
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @remote}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x400, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r3=>0x0)
ioctl$TIOCSPGRP(r2, 0x5410, &(0x7f0000000080)=r3)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

[  514.837043] EXT4-fs: 26 callbacks suppressed
[  514.837054] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:53 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="65787405ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:53 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:53 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xf6ffffff, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:53 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r3 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f000077ff7d), 0xfffffef4}], 0x1, &(0x7f0000000080)}, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
fsync(r0)

[  514.898016] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  514.924037] tls_set_device_offload_rx: netdev lo with no TLS offload
[  514.963966] QAT: Invalid ioctl
15:22:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000403", &(0x7f0000000040)=["07e646d400"], 0x5})

[  514.984733] QAT: Invalid ioctl
[  515.059870] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  515.123922] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  515.154844] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:54 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
lseek(r0, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:22:54 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000040)={0x0, 0x3ff, 0x10, 0x2, 0x74}, &(0x7f0000000080)=0x18)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000400)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0], 0x2)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = creat(&(0x7f0000000480)='./file0\x00', 0x80)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r2, 0x29, 0xd3, &(0x7f0000000640)={{0xa, 0x4e22, 0x95a5, @local, 0x2}, {0xa, 0x4e24, 0x7, @mcast2, 0x1}, 0x401, [0x3, 0x7ee, 0x7fffffff, 0x784, 0x3ff, 0x3, 0x3, 0x43]}, 0x5c)
ioctl$sock_SIOCOUTQ(r1, 0x5421, &(0x7f0000000080))
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x100, 0x0)
futimesat(r3, &(0x7f0000000180)='./file0\x00', &(0x7f0000000300))
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
clock_gettime(0x0, &(0x7f0000000380)={<r4=>0x0, <r5=>0x0})
futimesat(r3, &(0x7f0000000340)='./file0\x00', &(0x7f0000000440)={{r4, r5/1000+10000}, {0x0, 0x7530}})
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000500)=""/219, 0xdb}], 0x1, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x8, 0x0)
prctl$setfpexc(0xc, 0x160001)
sendto$inet(r0, &(0x7f0000000000)='\a', 0xfdfc, 0x12, 0x0, 0xffffffffffffffe3)

15:22:54 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x80570000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:54 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x400000, 0x0)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000100)=0x7, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
r3 = accept4(r1, 0x0, &(0x7f0000000200), 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000040)={0x3}, 0x1)

15:22:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:54 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
r3 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f000077ff7d), 0xfffffef4}], 0x1, &(0x7f0000000080)}, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:54 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:54 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x48000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:54 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf0ff7f, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  515.648215] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  515.680306] tls_set_device_offload_rx: netdev lo with no TLS offload
[  515.691748] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:54 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:54 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
socketpair(0x5, 0x6, 0x8001, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000040)={<r2=>0x0, @in6={{0xa, 0x4e22, 0x7, @dev={0xfe, 0x80, [], 0xd}, 0x16}}, 0xe7, 0x2}, &(0x7f0000000100)=0x90)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000180)={r2, 0x1}, 0x8)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:54 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x18f6, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  515.750397] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:54 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
accept$alg(r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:54 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x6000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  515.830819] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  515.862946] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:54 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
r1 = semget(0x1, 0x0, 0xa)
semctl$GETZCNT(r1, 0x2, 0xf, &(0x7f0000000000)=""/72)

15:22:54 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x7, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:54 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$RNDADDENTROPY(r1, 0x40085203, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000f000000005856e53e2f671ab4791a6a5c22fd5193a786de40999a6bcaea8c311dd91ee97866ac6a66be12e4c229d49601ad56d55fc21a934ce330d7c23e6a2b0ed155d6221649a2c593d8c575cb92ef53bde2017b7e396ccaa157c66f6baded54e1fd18192c4fc3f01ee331276d37f261f5deaf38ed293f641f2999049b00f71c7f562b0993db54928867f14c060778f8ebef038a89345de4e5c2db67eb7e4ee84349c74ea6115086c5689f0b03ecf97449cad2bcfb78141e16053598c59495516aa1c3f1f6f03a2e3c4b1c2cb8353914a9999415677f8607ed9cf8fc01760a0168663ee81ad1ad3000000000000000000000000"])
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:54 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:54 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:54 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x1, 0x2002)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000004}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x120, r3, 0x903, 0x70bd2b, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2a, 0x2}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80000000}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6f}]}, @IPVS_CMD_ATTR_DEST={0x6c, 0x2, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x100}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x10001}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x67ee}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@loopback}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfffffffffffffff7}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fffffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1f}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)

15:22:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdfdff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:54 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x1f00, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:55 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:55 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xcc0d0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:55 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@empty, @multicast2, @loopback}, 0xc)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:55 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:55 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
socket$alg(0x26, 0x5, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:55 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
ftruncate(r0, 0x1ff)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:55 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x7ff, 0x4000)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000040)={<r2=>0x0, 0x2}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={r2, 0x100000001}, &(0x7f0000000100)=0x8)

15:22:55 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe015, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:55 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x10, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:55 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:55 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:55 executing program 5:
connect$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000500)='/dev/sequencer\x00', 0x0, 0x0)
pipe2(&(0x7f0000000580), 0x4800)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snapshot\x00', 0x2000, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000600)='/dev/snd/pcmC#D#c\x00', 0x20, 0x40082)
r0 = syz_open_dev$midi(&(0x7f0000000700)='/dev/midi#\x00', 0x20, 0x620402)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000740)='tls\x00', 0xd4c643fe)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(0xffffffffffffffff, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
r1 = add_key(&(0x7f0000000040)='id_legacy\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000000c0)="91b61eab554a396a9cde90d385dc0511caef38f519d1dccb7b5ec4c7410c0bf1d14ab1231168734570bd8add22868f18f1736a7f7989523a197e20953effac66db1bf8dbdbb0cfe0a662ea40375dc65bb8dd39abf9a0fbe28bbe255e97584facd3b2b905", 0x64, 0xfffffffffffffffa)
keyctl$invalidate(0x15, r1)
sendto$inet(0xffffffffffffffff, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4)
r2 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x7fff, 0x101000)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000400)={<r3=>0x0, @in6={{0xa, 0x4e22, 0x4, @loopback, 0xfff}}}, &(0x7f0000000340)=0x84)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000380)={r3, 0x80000000}, &(0x7f00000004c0)=0x8)

15:22:55 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = memfd_create(&(0x7f0000000040)='\x00', 0x1)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, &(0x7f00000000c0)={{0x1, 0x3, 0x8, 0x3, 0x101}, 0x643, 0x7, 'id1\x00', 'timer1\x00', 0x0, 0x100000000, 0xb56, 0xff, 0x3})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
r3 = add_key(&(0x7f0000000280)='big_key\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000300)="ffb03e30be999e321c641f53248026203ccbf9f18e0b3de3c3af15ea2a35974b944687f55385dd657b224545bd26b540ed3545ed7bd5c51ac09026d71d4f3bfeeae19dc9622d07bbaf520f626f1969127aea9c9e19fc258188dc6740027dd50b59a70743782f8848f408e48f1c803754905f73472a81826d59ba0b8fc2cad566f28fc98b1966ca3b38e2205a5f1263350aac04cd336e1911a7103f39fbe141f52294f216b8bc6622c86c795dcf1aa3c880a36b59853e4a04e8cb4db958cd3e77dd1b01d0aa832515347aba611dc0e7e04aad709733a4d266fcf01b6058c1301520efaead61fee9caea0a936e86fba04955f6", 0xf2, 0xfffffffffffffff9)
r4 = add_key(&(0x7f0000000700)="e652ca4c81b06a0537ea843367cc59abbcae16944941ec92000064bcc58129dde44a4f30bfa7a3059124c8793a592d3f218a3ccce409c21358b90d744ec7fb41ffcd1debac11cb900e0a5559f6d856e4259a003d967fbf83f65ca489eecc6017d9b19a9870b407983d0ee2", &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000640)="79425c4b4888df58c465e0953ea3e76a84b8da0bb12d3328da7d3c1769d3c2a2c47d249e30ef9e9f4ba2bd17bbd816b13cf4ae306252830678cd8c561522a45d394ada53bf79ca72b63bdcecbe9c99e481051e63d3dcde07fd8fdc249a63f743fcd7fb8f77eebd6acc7842507a1e5aee746079e94bf5504b0f3bd2078988de311b01d6a1d205b6408730e1", 0x8b, 0xfffffffffffffffb)
keyctl$search(0xa, r3, &(0x7f0000000400)='rxrpc\x00', &(0x7f0000000440)={0x73, 0x79, 0x7a, 0x0}, r4)
listen(r2, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000240))
getitimer(0x0, &(0x7f00000001c0))
accept4(r2, 0x0, &(0x7f0000000200), 0x0)

15:22:55 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
socket$inet6(0xa, 0x1000000000002, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:55 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000000)={'veth0_to_bridge\x00', 0x80000001})
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:55 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x41a0, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:55 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:55 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x60, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030400", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:56 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
socket$inet6(0xa, 0x1000000000002, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  517.489980] tls_set_device_offload_rx: 3 callbacks suppressed
[  517.489987] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:56 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
set_robust_list(&(0x7f0000000100)={&(0x7f0000000040)={&(0x7f0000000000)}, 0x6, &(0x7f00000000c0)={&(0x7f0000000080)}}, 0x18)
socketpair(0x3bfe2e9bcfe8754f, 0x80000, 0x4, &(0x7f0000000180))

15:22:56 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x82, 0x0)
accept4$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14, 0x800)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:56 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x606d000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:56 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
socket$inet6(0xa, 0x1000000000002, 0x0)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:56 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:56 executing program 4:
r0 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x2, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x20, 0x22280)
ioctl$VT_GETMODE(r2, 0x5601, &(0x7f00000000c0))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r3, 0xffffffffffffffff)
sendto$inet6(r1, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e20, 0x0, @ipv4={[], [], @rand_addr=0x590000000000}}, 0x1c)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

15:22:56 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x4000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:56 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r0, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)

15:22:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:56 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  518.225660] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:56 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x9cdd0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:56 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:56 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
getsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000080)={@multicast1, @multicast1}, &(0x7f00000000c0)=0x8)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x7, 0x40)
write$P9_RCLUNK(r1, &(0x7f0000000040)={0x7, 0x79, 0x1}, 0x7)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000380)='/dev/dmmidi#\x00', 0x3, 0x40000)
init_module(&(0x7f0000000340)='\x00', 0x1, &(0x7f0000000180)='\x00')
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nullb0\x00', 0x80002, 0x0)

15:22:56 executing program 4:
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x10800, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0)
ioctl$PIO_FONTX(r2, 0x4b6c, &(0x7f00000000c0)="57c75f38b49a72")
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)
sendto$inet6(r2, &(0x7f0000000100)="5ecffc47e71aa5d5b7711605a7aeb44062872231cc14876d952e2942ed32bbda26c5308793cb147141c1140ba42ab61f03b5229894033122277ac255ec411ea368067d8a465f47f85a54b4e1f30eeeee6c7e83675111582be968fb1a0980c53a19ecb3361a0373d7ebaede2b248b5d7b7fafadb34fa2218229468f97b3dafd1b91e3e12caea4e234db11fb6b930f6caeee67d34029ed2b135fec55abb08170bde3880f6ed2e0cc8ade5eec9d59fc708f8bafec79eb4075cb3fa78746ee8811fd85bc", 0xc2, 0x20000800, &(0x7f0000000240)={0xa, 0x4e20, 0x8, @mcast1}, 0x1c)

15:22:57 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x40)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/audio\x00', 0x210006, 0x0)
connect$llc(r1, &(0x7f0000000180)={0x1a, 0x33d, 0x80000000, 0x20, 0x4, 0x5, @dev={[], 0x15}}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r2 = semget(0x2, 0x2, 0x20)
semop(r2, &(0x7f0000000200)=[{0x7, 0x400, 0x1000}, {0x4, 0x40, 0x800}, {0x6, 0x3ff, 0x1000}, {0x0, 0xfffffffffffffff9, 0x800}, {0x2, 0x0, 0x1800}], 0x5)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={<r3=>0x0, 0x8d, 0x953}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={r3, 0x8}, &(0x7f00000000c0)=0x8)

15:22:57 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc02b0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:57 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x8cffffff00000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:57 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000380)='/dev/rtc0\x00', 0x181000, 0x0)
ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000040))
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000400)=0x4)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000080)={<r2=>0x0, @in6={{0xa, 0x4e22, 0xb5dd, @remote, 0x1}}, 0x2f, 0x3b}, &(0x7f0000000180)=0x90)
setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000340)=@assoc_value={r2, 0x9}, 0x8)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:57 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:57 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
setrlimit(0xe, &(0x7f0000000040)={0x9, 0x9})
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)

15:22:57 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffd", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  519.083806] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:57 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x10000, 0x4)
getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000080)={<r2=>0x0, 0x401, 0x40, 0x9, 0x9, 0x10000, 0x7, 0x1, {0x0, @in6={{0xa, 0x4e24, 0x8, @remote, 0x7}}, 0x4a40, 0x2, 0x4, 0x8476, 0x100000000}}, &(0x7f0000000180)=0xb0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000001c0)={r2, 0x2}, 0x8)
mknodat(r1, &(0x7f0000000200)='./file0\x00', 0x20, 0x7fffffff)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000240)={r2, @in6={{0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, [], 0xa}, 0xdc9}}, 0x58, 0x7, 0x6, 0x6, 0x25}, &(0x7f0000000300)=0x98)
mknodat(r1, &(0x7f0000000340)='./file0\x00', 0x0, 0x7)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:22:57 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:57 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80200, 0x0)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r1, 0x5386, &(0x7f0000000080))
ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000040)={0x7ff, 0x1})
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:57 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:57 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, <r1=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={<r2=>0x0}, &(0x7f0000000080)=0xc)
kcmp(r1, r2, 0x0, r0, r0)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:22:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xb1dc, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:57 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x3f000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  519.238568] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:57 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:57 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:57 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0xfffffffffffffffe)

15:22:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:57 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x78b4000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:57 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040300", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:57 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:57 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r4=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000440)={{{@in=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000540)={{{@in6=@local, @in6=@ipv4={[], [], @multicast1}, 0x4e22, 0x80, 0x4e20, 0x9000000000000, 0xa, 0x80, 0x80, 0xde, r4, r6}, {0x7, 0x401, 0x5, 0x2, 0x1, 0x4, 0xa463, 0x80000000}, {0x40, 0x8, 0x45df8fdf, 0x3ff}, 0x5d0, 0x6e6bbb, 0x0, 0x1, 0x2, 0x1}, {{@in=@broadcast, 0x4d6, 0x6f}, 0xa, @in6=@dev={0xfe, 0x80, [], 0x1c}, 0x3505, 0x4, 0x2, 0x9, 0xffffffff, 0x9, 0x1}}, 0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000240)={{{@in=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0, <r8=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f00000001c0)=0xe8)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000340)={{{@in=@remote, @in6=@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xd}}, 0x4e20, 0x0, 0x4e24, 0x1000, 0xa, 0x20, 0xa0, 0x5e, r4, r8}, {0x6bb5, 0x0, 0x0, 0x2, 0x3ff, 0x5, 0xa3b, 0xffffffffffffffc0}, {0x4, 0x6, 0x7bdc, 0x80000001}, 0xffff, 0x6e6bb7, 0x0, 0x1, 0x3, 0x3}, {{@in6=@loopback, 0x4d4, 0x33}, 0xa, @in6=@loopback, 0x3503, 0x2, 0x3, 0x6, 0x6, 0x0, 0x1000}}, 0xe8)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
r9 = accept4(r1, 0x0, &(0x7f0000000200), 0x0)
shutdown(r3, 0x1)
getsockname$netlink(r2, &(0x7f00000006c0), &(0x7f0000000700)=0xc)
r10 = syz_genetlink_get_family_id$team(&(0x7f0000000100)='team\x00')
sendmsg$TEAM_CMD_PORT_LIST_GET(r9, &(0x7f0000001240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2800002}, 0xc, &(0x7f0000001200)={&(0x7f0000000740)={0xab8, r10, 0x20, 0x70bd2b, 0x25dfdbfb, {}, [{{0x8, 0x1, r5}, {0x148, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r4}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x6f}}, {0x8, 0x6, r7}}}, {0x4c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x1c, 0x4, [{0x9, 0x89f, 0x1, 0xa41}, {0x0, 0xffffffff, 0x4, 0x1}, {0x8, 0xda66, 0x1000, 0x1}]}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x400}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r7}, {0x134, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r5}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r5}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x100}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x2}}}]}}, {{0x8, 0x1, r7}, {0x7c, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8}}}]}}, {{0x8, 0x1, r5}, {0x224, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x1000}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x3f}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r4}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r5}, {0x21c, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x3f}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r7}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r5}}}]}}, {{0x8, 0x1, r5}, {0xb8, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r5}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x5000000000000000}}}]}}, {{0x8, 0x1, r5}, {0x198, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x40}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x40}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x400}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffff9}}}]}}, {{0x8, 0x1, r5}, {0x98, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x401}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x5, 0x4, 0x200, 0x16d}, {0x1, 0xfffffffffffffffe, 0x4, 0x4}, {0x8000, 0x6, 0x101, 0xfff}, {0xe9, 0x6, 0x9a, 0x2}, {0x5, 0x401, 0x6, 0x800}]}}}]}}, {{0x8, 0x1, r5}, {0x3c, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xd188}}}]}}]}, 0xab8}, 0x1, 0x0, 0x0, 0xd0}, 0x1)
connect(r0, &(0x7f0000000640)=@ax25={0x3, {"98e1c96af82cdc"}, 0x56a}, 0x80)

15:22:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x6810000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:57 executing program 0:
bind$inet(0xffffffffffffffff, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(0xffffffffffffffff, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:58 executing program 7:
r0 = socket$inet(0x2b, 0x3, 0x100000000000f2)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000040)=""/229, 0xe5}}], 0x4000000000001f5, 0x2042, &(0x7f0000000000))

15:22:58 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:58 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xfffffdfc, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:58 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x32040, 0x0)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r2=>0x0, @remote, @remote}, &(0x7f0000000100)=0xc)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000000c0)=r2)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@gettfilter={0x3c, 0x2e, 0x120, 0x70bd2b, 0x25dfdbfb, {0x0, r2, {0xfff1, 0xffe0}, {0xffe0, 0xf}, {0xffff, 0xf}}, [{0x8, 0xb, 0x80000001}, {0x8}, {0x8, 0xb, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x80)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:58 executing program 0:
r0 = socket$inet(0x2b, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:58 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xacd2000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:58 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
r2 = accept4(r1, 0x0, &(0x7f0000000200), 0x0)
accept4(r2, &(0x7f00000000c0)=@nfc, &(0x7f0000000040)=0x80, 0x80000)

15:22:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:58 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:58 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x7c44000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:58 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000200)={0x5, 0x6, 0x7f, 0x5, 0x355})
setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f00000000c0)={0x29, @rand_addr=0xb908, 0x4e22, 0x2, 'ovf\x00', 0xd, 0x40000, 0x8}, 0x2c)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
vmsplice(r0, &(0x7f0000000180)=[{&(0x7f0000000100)="840f85808f27fe393d162471ec7782cb30b9b73d2cd9", 0x16}], 0x1, 0x8)
write$FUSE_OPEN(r0, &(0x7f0000000240)={0x20, 0xfffffffffffffffe, 0x4, {0x0, 0xf5449a6bbf903999}}, 0x20)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r1, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast1, @loopback}, 0x6ae)
r2 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x1, 0x4000)
recvfrom$llc(r2, &(0x7f0000000d80)=""/4096, 0x1000, 0x40, &(0x7f0000000040)={0x1a, 0x102, 0xce, 0x7470, 0x9, 0x2}, 0x10)
recvmmsg(r1, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

[  520.147676] tls_set_device_offload_rx: netdev lo with no TLS offload
[  520.148069] EXT4-fs: 26 callbacks suppressed
[  520.148110] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:58 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="65787405f1", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:58 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0xffffffffffffff3c)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

[  520.213467] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:58 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x38e00000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:58 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x0, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:58 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x700000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  520.276492] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:58 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x10000, 0x8)
ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f0000000040)=0x9)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:58 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  520.344213] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:58 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
timerfd_create(0x5, 0x80800)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x6, @mcast1, 0x3f}, 0x1c)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
r2 = dup(r0)
sendto$llc(r2, &(0x7f00000000c0)="ed7757db425b4b49567645be1a6c95738a4966eb23f9ab6d13df914fe3db24e8dbc327389a3c6e5cf7bd67debca4113b236c0e47bd68b89f24544a304b1ceb6d2441c7e19546b8b17128f4632d236133c3f2b19b5b84811b901b412cf8d8883a5dd6b9be90fdc2064a71f9f5db62f8f6ca", 0x71, 0x8800, &(0x7f0000000040)={0x1a, 0x32f, 0xbac, 0xce97, 0x8, 0xfffffffffffff62f, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)

15:22:58 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xd0cf, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:58 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740503", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:58 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

[  520.415578] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:59 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
setitimer(0x1, &(0x7f0000000040)={{}, {0x0, 0x2710}}, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

[  520.473008] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  520.506754] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  520.539943] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  520.551234] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:59 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x100)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000080)={0xb, 0x6, 0x6})
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
ioctl$KVM_S390_INTERRUPT_CPU(r1, 0x4010ae94, &(0x7f00000000c0)={0x7f, 0x1, 0x3})
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
r2 = dup2(r0, r0)
ioctl$TIOCOUTQ(r2, 0x5411, &(0x7f0000000000))

15:22:59 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xd872, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:59 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x100, 0x40)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
listen(r1, 0xffffffffffffffff)
sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
accept4(r1, 0x0, &(0x7f0000000200), 0x0)

15:22:59 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x7400000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:22:59 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000403", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:59 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:22:59 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:22:59 executing program 5:
r0 = socket$inet(0x2b, 0xfffffffffffffffe, 0x3)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x101100)
ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:59 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000080)={<r1=>0x0, 0xaa, "01c0b297fe62f9dbe2ba6c76d13b3535d942cb2e0f6cc67fe535ba9b6ad7face719b3624b321be0d5b995afd6f330d5cd049bfd0c7a5dba79a81898bc07c5106762d23ba270615a7ce4d84e4206c49cb087c461a186db56cd618749c95bd4151409a7b9ce3230dc8ea7f3a6a67d3f3dcb5ec157691da9714fe0c93fbb1f89520c7df151c5d658c66384a01ee5451d80a300285d912bdaf9f4b7445b55124d73ab2d034b9cfe88254f42f"}, &(0x7f0000000180)=0xb2)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000340)=ANY=[@ANYRES32=r1, @ANYBLOB="fcff4c00f56e9268235fd4c8466b0021f6fdc1aa91d86fdb55b26e44f18a227a0b9005c88964e6ad5b3b436d157af66407b79e5e760ba368a0aed99b2532f4bd83c4744fdb172878879e4ff194eff52f"], 0x54)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000400)='net/xfrm_stat\x00')
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000480)={r2, &(0x7f0000000440)="e3706c0d866e05bf12a637decd6725a6b33a08e763d051b12459caedd1", &(0x7f0000000640)="5e7a488b9c867e8045ebcd2a00d316e4edac1b8f288ca2860def43756cdbb68e031d224535ea59641727eb5c2654f81400c5316c0d7b0a895abbe11c81e595a1b605fdc9b048d53dbfb85bd2ce3ef9eb1b9c0df5f6e13cb625feb6f7fbd10c3810ca15b8c549c44de872907aa7adbd8a098e597fd2ccae838aa46abc446173b39b7085393e7dea03352f35fdd7e64327b2299940aba228110a8d2be6c07d23bf3b410d0f7b239d83689d372a82843c4751870b949fcf56e6bb63095309493fb71cf299bfbfafb4fd3dc5c4d410c31508f875720f025ebe2e6c0d90ce102eca060e0afb380a2b8e49a1c4ea9a30aeb724774f3af93d89ff7751b4b3f4e219647faa843bc773d556dfbc541b6bbc73ed904bb3225ac15e29d908ec5574169aa9470e9ec0123a5b189ba9cacfff3216dd77419b1b853f10cd13d08ef926915c2e3ae02fd49e338d613f43f626b817505730d8dbb81f88bda46f97bd278ee02b0e43aaec63b3d09d7bbe40b1bf32490248395bcaf21bcd6c1811d2cd93fcc473b53ad124a7c7353ea3c7f8273927fe96a20e2f3754a94606686a3d9f9709f1b49b2f3d29ba73d8bfa034a4053f237ce14403d5579f739be15ce88456f188028db53fcd2b99c8433e1bca2b71b52d2a43fc0fecd6c2824113a3e31ce6f441e33fa262fe6608da3362338674d80db2c40ef07497e77ad78dbc9ad23b2ce664a6c0b380addb35e85578cd6c8dccab17fc99b7c3f6b528cd4521aef204ef48d8ee80e83c6c62db9be260ae1a6df8e285c632ba6113c18532fa9c6fb18c447e060f961bfa5ab207280bad158c2577c6d7f4f881d4ee1a37bb0103de13649dc0148a8ab2b5ab216654a6063ee95a64e72761f60ffcefc67b8c40732389ad84272b0e00904c567e10270627d13038bd29ba50bc88b6ff0290b4433fc7fd83d944bb0d933758132d0104f21c44282298726647ea9fb7cb4b1eb0541476c6325afd3af5891954ceea1064bd5f2e445b14d19935c017bfce26aa6c95f2c2a56e952dfa8f9ef79780721000ff2c17d81351e4cb282667558b97a7b47d5b733d149fbece2fe8cd2bb5a5f6f5fb2b3f0270725669e8e2070407b86fd5b7ab5e88d0961fb4613b51d4b58f74e77cfa1fecb7c9c3599b0489e0b2df72ddf9a18e1a28fec6f3b39038c86c0ffa8f5e89e6107576deaeb4c7bb924a95ab45b20a246741d96ca8f059782b5829e2aa9058e39a677f087c87781bfd69ce7c28b2cfdf46d6b0d9fdc20b3d1e9bb0d9b5e7580fcc537d835941eb77d2e871034f38d33ba2bf32e4ba167ef768e5d3a1c441a47f0bf4a9925b0c64c40f34cb4c89c2968bdbe549275292552d49a42ffeef4ed0d3b677f18d463c3ec2751fc006ded1d5700111ef11950cebfae8e375eee0aa38b9bbcda8bd2c9032ac26cfd41b560768965478aa5ad580c455a47f460b80731e8f174253c33baf74eba383551892d65814c45961fa59f69d21d42fa181b214d3758afa85c44af75e4b3dab7711b6fb1fde3cd3ab0ba6983d668747bbb9a53f2c2802f235b08b01a404d0b0e6e7884cf85b213c5cda846f6847696d7f7e00be8077b133ecf06841a81c6ee081f728cc3f4ae78ab057f7fd70b5876044695e8960ea4c3fb9359f307c6d51e021e3d352560a9b10d28393f05ce6d284ef9a0ffc4e5f61198509d8b39752e6821c8fa2c71fb7e3a8b5be1ce5be1a70309a20f3900080e640cc718949a2521d101fbb3f627259813b9e1d9c46cd8b19f42fe80c05a206a9be3ba9615294a1faeb7329312072363c941164cabfc78bbf53d0d90e734b90b8edeb11a2bf1f7c21ef9ef75f95eae4c272408eb9c4c9c8b98e94b9d5f1059c6fd92afb301a0e5ceffbda0d16a5d779e420278053e8eff6ccafbb7811e212f8f18db77734ccff93f21eef6f3700b26a3ca2b104e074ced0ba76a6dbe3b38cfacc9393c6c367766c4e22dc5436ab1d09474853a152a4927dd2fd55697322eb2c02b14d09f3fb87506766d2226300177b124a06ace9306845d961dbb0415c38678011ef81385aabef30672f354d1921b5a13a862dfa322bc2ab0f65c720fbaaba1e63b132469400bc833eacc3d3c36f47569619ca339487c0edcde9d5a398713eadfebff85e87be9f738bf87f20df4045c5dca2f5bfe04afc86ce8c386bd59f7d2ae6276c712e84d7bf8ba0599ba5ff267502153ea3f7ed692050ee8d453068a15bb40086caf8873fe87a94728bab6206ae5feabf071b15f63f64eabbb84e5e92468ddd5310869415c5a1cb127f797967709ce88cf7f822a41238296fe35590caac9066ecb454607253108f39b23bc751542e8eedbc61884b9cf0a38f690921a803cd0c9d99b1efd0284a0e0b65930027ffadbcf3a231610e97232078628f281a6d48fb91ad8d3539f5c04963fd39b85aa4ddec74f0a0a2145cb0e530f3cd90d3e98e2bee6fa34f9aa32d068d9360459244cebaa82fb649881cc7a70b4c34adbc8610cbb9fab001d9a10eb0bc27faa20c4f7f8252e8bb6e90246326077c6e3fa15e4ae57ba95633307fa35d2f008b8c8325dfa443512f48f4075aac93e99b25e56642749e87454a0b793f0c2defb78aeadcfad19ccd9883a1341863a0772eb20cc4e9084c119bbd0fe2b38e1bdb2a849b2657f2a713d7115468957ada85ca0a32555bad8a4c17754393b02f8904cd39523ded1e1fb17d1d1a00e7ca652bb8d8372a7e29bf07cabe784777fdb935408206c82a4d608588a7bc80e3c220ee778bf2b5b625f1c0a1c4542d8793577914fa65bd1e4ddb067c5defaf9c9c2c16893484ee38a3b0db660df13739051cdb11d6d81c3c2f7d9202202197f8977ab07f8c474392d8aea3b707b1eeefe90a0b64afc0078cbcb4e962f5db3b7cbff2196061221e3f00bbad94aa9ef8549873219e24e0dbe478e0add519df3fe56b7e2aaa45abe7d611ebd852eccb32b41e7f5659e37c7b800ca7330f0637d86215afc560f637e99bf22f248b38f62c2c978380b87377e967dfc82d5b9844dd6fecf9f17ba7af814ec463d698aed0df08ef157f84f080346a9951823a809694813d75ba6d6e95063d73e91839bc0594945a55108dbe8696153e31db1cc1fedd3133b50893d2c893a67e5de61a9d6d5d4cf5419a68defc8e9e431ceae346d68c57f676ac09dfa6f5230b012f66eeb1003fd54e67ddda88b27d255f1164b2aae1dac96e25fdb9d9a528d9c92e82d3496ca604fc0db0a68cf500867adf05c69fd50f684c9a337f1d08021e69421e9cea9c84dfbc2bd2bb06000ab3f05c4fa8074ede848c41b2710d6f06d3e883fc6fbc0c4672fede703d8a7aa17e41a122da0993dac06ab30315698c473a065834e8a846891f3ca9686d46b66beedaea921b5c5a533414f2bf59d2c2cee2891f608c18e83a9fec847effcd8f269116931e8cb62b8b9cd9b1a56957c3a8082196cc45fad6a0af2d2c44574a90d7d941829bdaf01ef835d184c39a83709e6150cc982ba4b16c4c0ee08d2ff920854e9235f86e0602d7267b0ba49a33583c2990345f27d986bce1fb43e65b1c941443bd7e4d81ee99caa400063f150507dc3c2c2acfddf922df94feaea7038204f3895f51d63e532d2fc6f37399a25c421bf1461ca359f4266866e16094983c3b56de25e5a00e4b8738b0f5466056a93ea3ba8f576940df4054fa609e178b8d499f8466eaa41e06b5a3c0227d6ab8811d524f22f8a8d4c9f97de5cbcf63c41df649fc24694d102424057b399d0b8b8b85b6279b6e953113b0f3c656b216a035b73baf905e383fcbfd53b9c997ca2ae6a3a0116a687feabf6b490bf2329422e5d7cf503b309d041e5deb50758d237c40e58207feccba92071db67bb589f73a83eb50678eac65dd09139e653e8a873cb047e4e9242ae4c84e0ff2eda600fc25ce9ef28daccab4f5bb5bc4319c68b17b625908fd5cf73b521683f320b58ec5c6ab1a450d1749eccdbb2a55959c928170962883517079ef439b9f2370605b529631fa8638db296279e64b1dde13ea403b8e6047570e8cd4520e8b5c8718d321e909266303ccf4091322ba0ac21f5d57f131b62368b3e9bded8badb9a0ced324f6ad82a3cd2f27bf47a9d861c980ff4e80cd2015b23e430538aca804c2a70b58118b9639a783eb179c80f1347f070923230f3c8a23338ccef54c127052973ad455a48822e2b28c43887d992bb4bff648feaf2c12d6a87019454aa87c27f9ddfb6932acd35df190e816ed5b52ca6d74e3cafd52cdda86ef387ec544b28aeabd8954ccd7d9fa7c43b79af4daabcb9e4c6a53e877a61324790faecc5c0bf15ee0bffb0b39334980f7d22c710eb8c5a4782949374a7c96daaf75907f2777647529c17a901c77158668e8f64673c69e7c05f686ee6e23166c3b503c00a22d1821fa465dcfa2a405d65b0dc2ecd92f5d8e57e927f0e563902e9bd10236014e0871c760d9f6243f82ba8a27111aba73ac1467768039c873e9e9d280b36d113f422a14988bbc23fe3b98df5151bfe558fa09086202502f51c9feed2cf7ddd4ec941e1f94b16dafc1f10ed7abd5aaefd292d002f25572f7d845db5b610c81fb7ff68322ba65f5f829363ff6813d6a5023b6c5046987efe9d36fcc87c1fcc6e021a87d8415198138025d39bf2e047b18fd7c21b5e76ff86de84363fb2e76053de59efe326e4f2bb8c8e244c27d2e0bb7ac807f825dffe18e4132163a8ad94a27896e4f9cb3ac3488b10b423f8c7ea41d8cb5eefc6672c175059c406a31360638606c9e782ac425e0fcd0e120310c97c5d4c980d375a8b6d8a000fc11ae2346dff9e5eb531e944136f27ada1a688c2c8b96eb9bf237f7027975affcaacec3b03d2ad30867fda87ac0014f134b4c66ff8aef532d6a5027eb037a0dc76c3160dc1c6c71ce2af16b28b3321dbd07014eb2e7970bf27511c567901775dacbc53682638fa166f4f9a0d716c4076c9aa20ae5e3c4fff6d1a287860bab6879452e2de66e12cbc11d16f41d2890575be42342eefb6029b1a0a725560c5c35ea07b47a16eb6a94b6f50a8bf81b4f9bd0a684ac1030f1a49446311e7c3d8e70535e07c8d688dfa55e7beb8fabb5eb33c2fe5077349cf2f7e33266b1ff026237fa7abd52c257a77772775132499b6f81e0f7052511b104feb808cc123ccbf42049f1cffd68a3b733aa3fcf81e2ea2120f8ce3e2031ffa59e5d149d56debdcccd2a4fabe8b3a3ef0c155d6cc814798ffc18e5a1143676dca7d8feedec169ed76d8b64884c092ca3114d73c720c990085069d42f1e3a0c79fac9b751e1518c4461b98f09375000f008d2524f07eaa713d2ff01dde0f0f610a409dc7533684b00aed9ed4e101b2425ee148f5c5eaa84464347cb97ee133f681bd3231f66246ff18f4487db0016da907e49465214d417fd6a0d96dd5e6ae97e3a97a94b7d83d0602bf631b206a78f2774c64eac2617a574ce67d49c7218fa3ea4aac702da797f25b8ba84fb175756456f7bf84ce7ea01609bf6287e396ac0d3c82c59e74a9f32dfd37d0e6d0a62f65002312758f7ca04ae39e3c61fdbb4152436b5073fb010231c375a83a88848ba6df43a11c1d1de8fc80e0db7cd50054059de097ccf2e3d1915cf66491ca74d97e37b1f03c313cd126eb88dbc712012ddf623e4c31b7ef86a91046218f775fd33f1654ee74b931844061e7b221c36c3e7eb8cfa0a4a52815f57107dcdc58d1e1bca190b0684eff36a9b14fa25544d9b0b77535965b6486225920db0792c740a7fb03646c58f481a568caf9645d68ee8ad", 0x3}, 0x20)
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000000), &(0x7f0000000040)=0xc)

15:22:59 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x36b0, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:22:59 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000304", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:59 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  521.141066] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  521.173353] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:22:59 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  521.210910] tls_set_device_offload_rx: netdev lo with no TLS offload
15:22:59 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000004c0)='tls\x00', 0xffffffffffffff69)
write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x1, 0x0, {0x1f}}, 0x18)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={<r1=>0x0, 0x95}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)={r1, 0x4, 0x8, [0xfffffffffffffffa, 0x7f, 0x734, 0x100000001, 0x4, 0x5, 0xd, 0x81]}, 0x18)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:22:59 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdfd", &(0x7f0000000040)=["07e646d400"], 0x5})

15:22:59 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x84960000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  521.251146] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:00 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xffffff7f, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:00 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:00 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:00 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80, 0x0)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000080)={0x6, {0x2, 0x4e23, @local}, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xd}}, {0x2, 0x4e20, @broadcast}, 0x20c, 0x6, 0xffffffff, 0x2, 0x1, &(0x7f0000000040)='veth0_to_bond\x00', 0x2, 0x3, 0x8})
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r1, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r1, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x7062, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:00 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:00 executing program 4:
r0 = socket$inet6(0xa, 0x802, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000000)="025cc80700145f8f764070")
r1 = socket$inet(0x10, 0x2000004000000803, 0x0)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="24000000220007031dfffd946f610500000000000000fd21fe1c4095421ba3a20400ff7e280000001100ffffba16a0aa1ce208b3ef090000000000008e3141eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0)

15:23:00 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x82000)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000500)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000700)={0x190, r2, 0x4, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_AF={0x8}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1b}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_FLAGS={0xc}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'rr\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x100}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x2}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x20d}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1ff}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team_slave_0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x4c, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xf6}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3ff}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1f}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5}]}]}, 0x190}, 0x1, 0x0, 0x0, 0x8010}, 0x98825ad208b20215)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000))
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@ipv4, @in6=@local}}, {{@in=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f00000000c0)=0xe8)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x110)
ioctl$SG_GET_LOW_DMA(r3, 0x227a, &(0x7f0000000340))
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000400)={{{@in=@local}}, {{@in6}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8)
timerfd_settime(r3, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, &(0x7f0000000180))
timerfd_create(0x1a524e2bf18e3b40, 0x80000)

15:23:00 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x0, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:00 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:00 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5078, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  522.068531] tls_set_device_offload_rx: netdev lo with no TLS offload
[  522.085350] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
15:23:00 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getpeername(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f0000000080)=0x80)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:00 executing program 4:
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f000000bfc8)={&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f0000002000)=[{&(0x7f0000000080)="5500000018007fafb72d1cb2a4a280930206000000a843096c2623692500060014001000080000000000a3c728f1c46b7b31afdc1338d54400009b84136ef75afb83de448daa7227c43ab8220000e2d4ec6bab91d4", 0x55}], 0x1, &(0x7f0000000200)}, 0x0)

15:23:00 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feff", &(0x7f0000000040)=["07e646d400"], 0x5})

[  522.200810] tls_set_device_offload_rx: netdev lo with no TLS offload
15:23:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x34cd, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:00 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x7a00, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:00 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:00 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = geteuid()
setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000000)={{{@in6=@mcast2, @in6=@mcast2, 0x4e24, 0x0, 0x4e22, 0x0, 0xa, 0x20, 0xa0, 0xe3410cf206330481, 0x0, r1}, {0xfffffffffffffffa, 0x1, 0x8, 0xc0, 0x3, 0x2, 0x0, 0x1}, {0x4, 0x0, 0x7fffffff, 0x9}, 0x9, 0x6e6bb5, 0x1, 0x0, 0x1}, {{@in=@loopback, 0x4d5, 0xff}, 0xa, @in6=@remote, 0x3505, 0x0, 0x0, 0x6, 0x7fff, 0x1, 0x6}}, 0xe8)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:00 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:00 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

[  522.298643] netlink: 'syz-executor4': attribute type 6 has an invalid length.
15:23:00 executing program 4:
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000040))
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, &(0x7f0000000300), 0x318, 0x0, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
readv(r0, &(0x7f00000000c0), 0x0)

15:23:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x78b40000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:01 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:01 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x0, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:01 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = dup3(r0, r0, 0x80000)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={<r2=>0x0, 0xffffffff}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000080)={r2, 0x0, 0x30}, 0xc)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/226, 0xe2}], 0x1, &(0x7f0000000200)=""/229, 0xe5, 0x6}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:01 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:01 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xcc0d, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:01 executing program 4:
r0 = socket(0x10, 0x2, 0xc)
perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write(r0, &(0x7f0000594000)="1f0000000104ff00fd4354c007110000f305010008000100010423dcffdf00", 0x1f)
write(r0, &(0x7f0000000000)="1f0000000104fffffd3b54c007110000f30501000b000200000000000000cf", 0x1f)

15:23:01 executing program 7:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6100)
ftruncate(r0, 0x8200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0)
symlinkat(&(0x7f0000008ff8)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000580)='./file0\x00')
io_submit(0x0, 0x1, &(0x7f0000002780)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000001740)="ff", 0x1}])
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x8000fffffffe)
sendfile(r1, r2, 0x0, 0xf1b2)
r3 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r3, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r3, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r3, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:01 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x4c, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  523.045688] tls_set_device_offload_rx: 1 callbacks suppressed
[  523.045695] tls_set_device_offload_rx: netdev lo with no TLS offload
15:23:01 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x0, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:01 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x904c000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:01 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:01 executing program 5:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x800, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000400)={<r1=>0x0, @in6={{0xa, 0x4e20, 0x80, @mcast1, 0x3ff}}, 0x26de, 0x24, 0x1d, 0x1, 0x18}, &(0x7f00000000c0)=0x98)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r1, 0xa7b8}, 0x8)
r2 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0xb)
connect$inet(r2, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r2, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r2, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket$inet(0x2, 0x80805, 0xff)
ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000000)={[0xf000, 0xf005, 0x4000, 0x10000], 0x101, 0x20, 0x80000000})
sendto$inet(r2, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
getsockopt$bt_hci(r0, 0x0, 0x2, &(0x7f0000000340)=""/93, &(0x7f0000000180)=0x5d)

[  523.086221] netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'.
[  523.102803] netlink: 3 bytes leftover after parsing attributes in process `syz-executor4'.
15:23:01 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000000)=""/193, &(0x7f0000000100)=0xc1)

15:23:01 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:01 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xf108000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:01 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:01 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x0, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:01 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xffffff8d, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  523.194857] IPVS: length: 193 != 24
15:23:01 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fd", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:01 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025c3f0a00145f8f764070")
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f00000009c0)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)

[  523.228613] IPVS: length: 193 != 24
15:23:01 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280))
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:01 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @broadcast}, 0x9bf351b56c045efd)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:02 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:02 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:02 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xaf000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:02 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280))
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:02 executing program 4:
r0 = socket$inet6(0xa, 0x1001000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070")
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4)
setsockopt$inet6_opts(r2, 0x29, 0x1a, &(0x7f0000000080)=@fragment, 0x8)
close(r2)
close(r1)

15:23:02 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x74, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x10001, @dev={0xfe, 0x80, [], 0x17}, 0x1000}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x12}}, @in6={0xa, 0x4e21, 0x7ff, @ipv4, 0x7b67}, @in6={0xa, 0x4e24, 0x6af, @mcast1, 0xe91b}, @in={0x2, 0x4e23}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)={r1, 0x7fff}, &(0x7f0000000340)=0x8)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffffffff0000, 0x20000)

15:23:02 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x2d000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:02 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000000)={'filter\x00'}, &(0x7f0000000080)=0x44)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
socket$inet6(0xa, 0x3, 0x800)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
accept$inet(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, &(0x7f0000000200)=0x10)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f00000000c0)={'ipvs\x00'}, &(0x7f0000000100)=0x1e)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:02 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:02 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280))
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:02 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x34cd0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:02 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  523.960547] tls_set_device_offload_rx: netdev lo with no TLS offload
15:23:02 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x10000, 0x0)
ioctl$KVM_S390_INTERRUPT_CPU(r1, 0x4010ae94, &(0x7f0000000040)={0x4, 0x9, 0x2})
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:02 executing program 4:
r0 = socket$packet(0x11, 0x2000000000000003, 0x300)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r1)
sendto$inet6(r1, &(0x7f0000000040), 0x24, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x3, @dev}, 0x1c)

15:23:02 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc8070031")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:02 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4ee, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:02 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:02 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000002c00)=[{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000140)}], 0x1, &(0x7f0000000400), 0x0, 0x40044}, {0x0, 0x0, &(0x7f0000002740), 0x0, 0x0, 0x0, 0x4000}], 0x2, 0x10)

15:23:02 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x8cffffff, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  524.094000] tls_set_device_offload_rx: netdev lo with no TLS offload
15:23:02 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:02 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:02 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc8070031")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:02 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0b000000001e00fb034d564b0000000001"])
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0x400000b2]})

15:23:03 executing program 5:
r0 = socket$inet(0x2b, 0x80005, 0xffffffffffffffff)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x100, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000040))
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000180)=0x49d, 0x4)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000100)=0xd5)

15:23:03 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf8f4, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:03 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:03 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180), 0x4000000000002d2, 0x2042, &(0x7f0000003340))

15:23:03 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc8070031")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:03 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:03 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, &(0x7f0000000040), 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
sendfile(r2, r3, &(0x7f0000000080), 0xffffffff)

15:23:03 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="657874057a", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:03 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f8571")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:03 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:03 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000000b00)=[{{&(0x7f0000000980)=@nl, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000b40)=""/237}, {&(0x7f0000000c40)=""/19}, {&(0x7f0000000c80)=""/75}], 0x0, &(0x7f0000000d40)=""/241, 0x0, 0x3f}, 0x80}], 0x40001dd, 0x13, 0x0)
sendto$inet(r0, &(0x7f0000000000)="f542d373e2d11f6c2e8f437d69dfae4e8c200658160b17cea74ce782820b740cd02e04f5593fecfce512fed74ca650c5b8d91f23ca3da81b110f04f0261a026a94385ed92d419c9e44558950368d76f84ba685990f5c564fdab563db48939ebc3229b7ddae35068683ea06a6ae790592207f17e4bbf2cf93938b9d69a3e73b653717368a540ee03ca52354970eb5691b2655633a3c58ea13ee5d96fdeccabb6d86b6589c", 0xa4, 0x0, &(0x7f00000000c0)={0x2, 0x4e24, @remote}, 0x10)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x3e, &(0x7f0000000100)=0xfffffffffffffff8, 0x4)

15:23:03 executing program 4:
socket$inet6(0xa, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
io_setup(0x8, &(0x7f0000000100)=<r1=>0x0)
socket$inet(0x2, 0xa, 0x0)
io_submit(r1, 0x1400, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000140), 0x703000}])

15:23:03 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x854, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:03 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740506", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:03 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f8571")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:03 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x80fe, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:03 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:03 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xedc000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  524.964911] tls_set_device_offload_rx: netdev lo with no TLS offload
15:23:03 executing program 5:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070")
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x703000)
r2 = socket$inet(0x2b, 0x1, 0x0)
sendto$inet(r2, &(0x7f0000000000)="ad384feb7da54622476fa541b83550d3638aeb0acc69eee50a7e3d675a0e128b5308ba97635e46611e326adc436bdf188df2c46d997b3ed8a60e59c832d45aaf8cb0d67863514f6f1e741580a69a92d574cbb40d04330fe1f9b597f76433d3", 0x5f, 0x10, &(0x7f0000000080)={0x2, 0x4e22, @multicast2}, 0x10)
bind$inet(r2, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r2, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r2, 0x11a, 0x28, &(0x7f00000000c0)={@rand_addr=0x3033300, @remote, @loopback}, 0x7)
accept$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'ip6tnl0\x00', r3})
recvmmsg(r2, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r2, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

15:23:04 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @remote}, 0xffffffffffffff40)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:04 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:04 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f8571")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:04 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x58ca, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:04 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:04 executing program 4:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
futex(&(0x7f0000000140), 0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000200), 0x0)

15:23:04 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = syz_open_dev$midi(&(0x7f0000000340)='/dev/midi#\x00', 0xf7d, 0x200000)
setns(r1, 0x40000000)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000480)={0x0, 0x7, 0xfffffffffffff788, 0xff3, 0xdfc, 0x6, 0x0, 0x2, {<r2=>0x0, @in={{0x2, 0x4e20, @multicast1}}, 0x9, 0x3f, 0x10000, 0x564, 0x1}}, &(0x7f0000000540)=0xb0)
getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000580)={r2, 0x7, 0x7, 0x3}, &(0x7f00000005c0)=0x10)
socketpair(0x15, 0x0, 0x72, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000640)=ANY=[@ANYBLOB="01000000000000000a004e2108000000fe8000000000000000000000000000bb080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000a004e2140000000fe8000000000000000000000000000bb20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e210800000000000000000000000000ffffe00000028e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e23060000000000000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e21ff03000000000000000000000000ffffac1414aaffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e210500000000000000000000000000ffff7f00000107000000000000000000000000000000000000000000000000000000000000000000d87b41d358000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e2209000000fe800000000000000000000000000010f9ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e20080000000000000000000000000000000000000102000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e2000000000ff020000000000000000000000000001060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a004e230200000000000000000000000000ffffffffffff01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x510)
ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f0000000000)=0x101)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000080)={<r5=>0x0, 0x8001}, &(0x7f00000000c0)=0x8)
sendmsg$nl_netfilter(r4, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f0000000b80)={0x380, 0xb, 0xf, 0x204, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x6}, [@typed={0x10, 0x30, @str='/dev/midi#\x00'}, @nested={0x1d0, 0x8, [@generic="0d25e9e2b5c25db1e99eb8c11bff8bccd04a3bf3015478e083f665299e84f08ebb988bc16f852476f7d5b76903cf03a2bbd2b28dd73376fe585d31e141b89f13192f1d4cd4fde3bde762530b6532d7e38cc634fc48192f75692ab130e821d618b17213ae9df5ec7c98c3b190c148c8bbb1375cd9ec028b5839d850181e835e982bce3d8de1bc19f3c1b6bb0c68a17c4deb7f1d2b3707a8c99e8bfb28ff28027b16e9e4306d451330e54e33082edd703c2b685550cfa48639b2414980214defd3d96bfa74636ec430d58cbeaee7dca6514549fdbf14a313b2ae0837cf7259368db64a2bdb5dcbb702a251759587a74202a46ac0", @generic="99e1c665036db268fb7e68f370af1833d7a3c6dfc57f4b7d8001efb44d4ce4f89b8f03a942f8532b83e5832fd7e125bb996732590037d9fb075c2fcf9245430674d69b20453625e1019ac79e1a44e31cfbd56069c2ea7baadaba2f92f6fa9f07a91a1b9a6bc743294789bc21812756f532499827e81c9484170009f7a3bf2d0693fa012d6cd108b42d220bedbf2031774568e28088324366e881b143935a77e90b84e39a48fe4b76031cc7ecf24c8127505964f4265c619d8b9089ccb84b6cba98087661f9df0a390e", @typed={0x10, 0x70, @str='/dev/midi#\x00'}]}, @generic="36a6f119739329211536eb7b344051a173f62ce95851", @generic="2328a870f1010bfa4bd477600fa45a53324749e63f730eefbd07f1a16a03b5659324e5c47239e3f01ee7158aa0dbdab31bc502bfcad965c7dd68b7a3ea751423fc7a59b547a9e92051902d1848ef6da1d117e768c21e611dc6a4af8369b3f8d5f9b818573e66a8158ef7811d6a26a9f981d0697579b07876789ee7e01875abbcfcb992b9d35c86c6cef617d3f715827cced5b63ffd5187a18513d39894b91345517c8bd0b89770a10c56e8f4bd7b9753a8769ec51461c9ebe37902b0ce9068575aa6f3e636a5", @generic="5990e2fbe83b66b19db98315240e7d37b53c039c7b5541593631cb28f2ba27d3f5bf88", @typed={0x18, 0x3c, @str='-wlan0eth0lovmnet1\'\x00'}, @nested={0xc, 0x2, [@typed={0x8, 0x13, @ipv4=@local}]}, @generic="622d971947a1eb60f9335af7bad25aeccdd6260df25b30e0f1c08084143f48774c9a8e7d78c1426e2fae01a0aa8ab837ae2862ec161c4356de467844244d3959d4ba39de57a50960c9481944b6e7c26fda7f7e5bab1811100d5f758e1a3fdcd12496493bf9fbf5"]}, 0x380}, 0x1, 0x0, 0x0, 0x20000004}, 0x40010)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000100)={0x100, 0x9, 0x8, 0x7f, 0x8, 0x1, 0x7ff, 0x5, r5}, &(0x7f0000000180)=0x20)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000f00)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000f40)=0xc)
getgroups(0x1, &(0x7f0000000f80)=[<r7=>0xee00])
getresgid(&(0x7f0000000fc0)=<r8=>0x0, &(0x7f0000001000), &(0x7f0000001040))
r9 = getegid()
getgroups(0x4, &(0x7f0000001080)=[r6, r7, r8, r9])

15:23:04 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x2d00000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:04 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f857140")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:04 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:04 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x447c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  525.707333] tls_set_device_offload_rx: netdev lo with no TLS offload
15:23:04 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f724070")
r1 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
mq_unlink(&(0x7f0000000140)='eth0\x00')
mq_timedsend(r1, &(0x7f00000e6000), 0x0, 0x3, &(0x7f0000e0b000))
mq_timedsend(r1, &(0x7f0000000080), 0x0, 0x0, &(0x7f00000000c0))
fcntl$getown(0xffffffffffffffff, 0x9)
close(r1)

15:23:04 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f857140")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:04 executing program 5:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000000)={@rand_addr=0x3033300, @multicast2, @loopback}, 0xc)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)

[  525.778363] EXT4-fs: 29 callbacks suppressed
[  525.778374] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  525.795712] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:04 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:04 executing program 4:
r0 = memfd_create(&(0x7f00003ce000)='}\x00', 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x51, r0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000480)='/dev/snapshot\x00', 0x62401, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000d00)="71280c6715aa9c4a5168ba1c2ca8c02949213b5854addd6089bbdce226663aa08818766041c5b90373aee999ad3fcbf83db545b2c684c4470434e32072ba33f6e222cdd27f1988e9209d0bcc7741be7b8d289ba8f48846e0e97d7863d8959707d5cc55c06c551aedd288ebbad42181d2696c6095f020bee8390a029682d96ac385daf37bf475072bf5fdb8936ded5472ce2e95c98325a131db8f7f358f8e2222a61fc1e88d5c209c740e1ea5950bbeea992ce915e3ae035e6feb3455813030d8ae1ec5125117bf03304f6f9967a1789b57a58c2a6d7eabb18bef19d47d6f2ed9dcc24b1a3ea0d4ce3d0ece8e5c5c4db9936bad22f8f27f28cb5b9a9e3c65744a2a8f3248671c2acb440ec5b32cf3c0041b1eac04a07ca5c755eacd9c4f76ab6d74f616b79d90eff39bb94028ad4ca7df4addb93934a9739a1d1e252f22d9cec4fd4e5c9d9b3c47900bdfb3b66ac9796ae6b20429bd1353911d8271e180bbe02e00b617da312f3a8181cb159435059c50ba4e0585855e4df98ac4b35fe86162fc813695f9c65180cd5c69ced05d5cf6831305287aed928c706a655d5d0562cdd6e824161d7631c0b40fc6d49a65d824d3836b5e97f89e9a999809071f24fa38d801b49a4c6383f226550c1d47549f4ca4f56a3433d6c8996c29a6b0582f6fc42e5207f330732180d34178a8b5eb2febb902416c934344f56f8cb4e30ce37ed17e774322c67fb87c71613529f3d45f880735731c2bf969c2ea913ef869fa3272e7532bf5bf4617e26f6fffed1eb985781c63bda1ac1ff3146b9536c0149ef89f902fd4df526d3108f951c8fca0c314664386af86c9da3445c4985b07fad94d70eb92f2191ad4595da4fad89e9e8940e52a4f3c0e6b880e8fc33c5ead3bfb6fa5246830af464a3f62c0a8745d609eb4599fb2c6e95b7e8b9985013f8a418b9052d8a6e1d8a794757bad0e7632d59fc3de5afe84cc0ba6bd12a931872aad2ffddff9a0d92ccbed138b6d2184c4db40a5cda14462498a6c226c2c3057a3a020bf63d27fe9e629a9ddf48f69e1391e4584e1925ce8d1765514525c63c0ad37430d5192d8", 0x301}], 0x1)

[  525.849632] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:05 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2}, 0xffffffffffffff0f)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:05 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x8c39, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:05 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xfdfdffff, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:05 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f857140")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:05 executing program 5:
r0 = socket$inet6(0xa, 0x4000000001, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
getgroups(0x1, &(0x7f0000000240)=[<r1=>0xee00])
syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001340)=ANY=[@ANYBLOB='unhide,nocompress,nocompress,gid=', @ANYRESHEX=r1])

15:23:05 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:05 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:05 executing program 4:
r0 = memfd_create(&(0x7f00003ce000)='}\x00', 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x51, r0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000480)='/dev/snapshot\x00', 0x62401, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000d00)="71280c6715aa9c4a5168ba1c2ca8c02949213b5854addd6089bbdce226663aa08818766041c5b90373aee999ad3fcbf83db545b2c684c4470434e32072ba33f6e222cdd27f1988e9209d0bcc7741be7b8d289ba8f48846e0e97d7863d8959707d5cc55c06c551aedd288ebbad42181d2696c6095f020bee8390a029682d96ac385daf37bf475072bf5fdb8936ded5472ce2e95c98325a131db8f7f358f8e2222a61fc1e88d5c209c740e1ea5950bbeea992ce915e3ae035e6feb3455813030d8ae1ec5125117bf03304f6f9967a1789b57a58c2a6d7eabb18bef19d47d6f2ed9dcc24b1a3ea0d4ce3d0ece8e5c5c4db9936bad22f8f27f28cb5b9a9e3c65744a2a8f3248671c2acb440ec5b32cf3c0041b1eac04a07ca5c755eacd9c4f76ab6d74f616b79d90eff39bb94028ad4ca7df4addb93934a9739a1d1e252f22d9cec4fd4e5c9d9b3c47900bdfb3b66ac9796ae6b20429bd1353911d8271e180bbe02e00b617da312f3a8181cb159435059c50ba4e0585855e4df98ac4b35fe86162fc813695f9c65180cd5c69ced05d5cf6831305287aed928c706a655d5d0562cdd6e824161d7631c0b40fc6d49a65d824d3836b5e97f89e9a999809071f24fa38d801b49a4c6383f226550c1d47549f4ca4f56a3433d6c8996c29a6b0582f6fc42e5207f330732180d34178a8b5eb2febb902416c934344f56f8cb4e30ce37ed17e774322c67fb87c71613529f3d45f880735731c2bf969c2ea913ef869fa3272e7532bf5bf4617e26f6fffed1eb985781c63bda1ac1ff3146b9536c0149ef89f902fd4df526d3108f951c8fca0c314664386af86c9da3445c4985b07fad94d70eb92f2191ad4595da4fad89e9e8940e52a4f3c0e6b880e8fc33c5ead3bfb6fa5246830af464a3f62c0a8745d609eb4599fb2c6e95b7e8b9985013f8a418b9052d8a6e1d8a794757bad0e7632d59fc3de5afe84cc0ba6bd12a931872aad2ffddff9a0d92ccbed138b6d2184c4db40a5cda14462498a6c226c2c3057a3a020bf63d27fe9e629a9ddf48f69e1391e4584e1925ce8d1765514525c63c0ad37430d5192d8", 0x301}], 0x1)

15:23:05 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fe", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:05 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(0xffffffffffffffff, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  526.581787] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:05 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa00, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  526.629617] ISOFS: Unable to identify CD-ROM format.
15:23:05 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:05 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:05 executing program 5:
r0 = socket$inet6(0xa, 0x802, 0x0)
ioctl(r0, 0x100008912, &(0x7f0000000100)="025cc80700145f8f764070")
r1 = socket(0x10, 0x2, 0xc)
write(r1, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000f3e9000008000100010423dcffdf00", 0x1f)
write(r1, &(0x7f0000594000)="1f0000000104ff00fd4354c007110000f305030008000100010423dcffdf00", 0x1f)

15:23:05 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x6800, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  526.671374] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:05 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0), 0x0, 0x0, 0x0)

[  526.764053] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
[  526.776812] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  526.793592] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
[  526.803638] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
[  526.812656] netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'.
[  526.832318] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  526.887188] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:05 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000000), &(0x7f0000000040)=0xc)

15:23:05 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x703c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:05 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, "73797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003", &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:05 executing program 4:
r0 = memfd_create(&(0x7f00003ce000)='}\x00', 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x51, r0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000480)='/dev/snapshot\x00', 0x62401, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000d00)="71280c6715aa9c4a5168ba1c2ca8c02949213b5854addd6089bbdce226663aa08818766041c5b90373aee999ad3fcbf83db545b2c684c4470434e32072ba33f6e222cdd27f1988e9209d0bcc7741be7b8d289ba8f48846e0e97d7863d8959707d5cc55c06c551aedd288ebbad42181d2696c6095f020bee8390a029682d96ac385daf37bf475072bf5fdb8936ded5472ce2e95c98325a131db8f7f358f8e2222a61fc1e88d5c209c740e1ea5950bbeea992ce915e3ae035e6feb3455813030d8ae1ec5125117bf03304f6f9967a1789b57a58c2a6d7eabb18bef19d47d6f2ed9dcc24b1a3ea0d4ce3d0ece8e5c5c4db9936bad22f8f27f28cb5b9a9e3c65744a2a8f3248671c2acb440ec5b32cf3c0041b1eac04a07ca5c755eacd9c4f76ab6d74f616b79d90eff39bb94028ad4ca7df4addb93934a9739a1d1e252f22d9cec4fd4e5c9d9b3c47900bdfb3b66ac9796ae6b20429bd1353911d8271e180bbe02e00b617da312f3a8181cb159435059c50ba4e0585855e4df98ac4b35fe86162fc813695f9c65180cd5c69ced05d5cf6831305287aed928c706a655d5d0562cdd6e824161d7631c0b40fc6d49a65d824d3836b5e97f89e9a999809071f24fa38d801b49a4c6383f226550c1d47549f4ca4f56a3433d6c8996c29a6b0582f6fc42e5207f330732180d34178a8b5eb2febb902416c934344f56f8cb4e30ce37ed17e774322c67fb87c71613529f3d45f880735731c2bf969c2ea913ef869fa3272e7532bf5bf4617e26f6fffed1eb985781c63bda1ac1ff3146b9536c0149ef89f902fd4df526d3108f951c8fca0c314664386af86c9da3445c4985b07fad94d70eb92f2191ad4595da4fad89e9e8940e52a4f3c0e6b880e8fc33c5ead3bfb6fa5246830af464a3f62c0a8745d609eb4599fb2c6e95b7e8b9985013f8a418b9052d8a6e1d8a794757bad0e7632d59fc3de5afe84cc0ba6bd12a931872aad2ffddff9a0d92ccbed138b6d2184c4db40a5cda14462498a6c226c2c3057a3a020bf63d27fe9e629a9ddf48f69e1391e4584e1925ce8d1765514525c63c0ad37430d5192d8", 0x301}], 0x1)

15:23:05 executing program 5:

15:23:05 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="65787405fc", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:05 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0), 0x0, 0x0, 0x0)

15:23:05 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xf108, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:05 executing program 5:

15:23:05 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x78050000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  527.440957] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:06 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:06 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:06 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["13e646d400"], 0x5})

15:23:06 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0), 0x0, 0x0, 0x0)

15:23:06 executing program 5:

15:23:06 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x700, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  527.529733] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:06 executing program 7:
r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xff, 0x40480)
ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f00000000c0))
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23}, 0x10)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r1, 0x11a, 0x2, &(0x7f0000000140)={@empty, @multicast2, @loopback}, 0xfd6a)
readahead(r0, 0xff, 0x10001)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB="ac1414110000000001000000051414bb7f0000018b3a508758920719"], 0x24)
recvmmsg(r1, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:06 executing program 4:
r0 = memfd_create(&(0x7f00003ce000)='}\x00', 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0, 0x51, r0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000480)='/dev/snapshot\x00', 0x62401, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000d00)="71280c6715aa9c4a5168ba1c2ca8c02949213b5854addd6089bbdce226663aa08818766041c5b90373aee999ad3fcbf83db545b2c684c4470434e32072ba33f6e222cdd27f1988e9209d0bcc7741be7b8d289ba8f48846e0e97d7863d8959707d5cc55c06c551aedd288ebbad42181d2696c6095f020bee8390a029682d96ac385daf37bf475072bf5fdb8936ded5472ce2e95c98325a131db8f7f358f8e2222a61fc1e88d5c209c740e1ea5950bbeea992ce915e3ae035e6feb3455813030d8ae1ec5125117bf03304f6f9967a1789b57a58c2a6d7eabb18bef19d47d6f2ed9dcc24b1a3ea0d4ce3d0ece8e5c5c4db9936bad22f8f27f28cb5b9a9e3c65744a2a8f3248671c2acb440ec5b32cf3c0041b1eac04a07ca5c755eacd9c4f76ab6d74f616b79d90eff39bb94028ad4ca7df4addb93934a9739a1d1e252f22d9cec4fd4e5c9d9b3c47900bdfb3b66ac9796ae6b20429bd1353911d8271e180bbe02e00b617da312f3a8181cb159435059c50ba4e0585855e4df98ac4b35fe86162fc813695f9c65180cd5c69ced05d5cf6831305287aed928c706a655d5d0562cdd6e824161d7631c0b40fc6d49a65d824d3836b5e97f89e9a999809071f24fa38d801b49a4c6383f226550c1d47549f4ca4f56a3433d6c8996c29a6b0582f6fc42e5207f330732180d34178a8b5eb2febb902416c934344f56f8cb4e30ce37ed17e774322c67fb87c71613529f3d45f880735731c2bf969c2ea913ef869fa3272e7532bf5bf4617e26f6fffed1eb985781c63bda1ac1ff3146b9536c0149ef89f902fd4df526d3108f951c8fca0c314664386af86c9da3445c4985b07fad94d70eb92f2191ad4595da4fad89e9e8940e52a4f3c0e6b880e8fc33c5ead3bfb6fa5246830af464a3f62c0a8745d609eb4599fb2c6e95b7e8b9985013f8a418b9052d8a6e1d8a794757bad0e7632d59fc3de5afe84cc0ba6bd12a931872aad2ffddff9a0d92ccbed138b6d2184c4db40a5cda14462498a6c226c2c3057a3a020bf63d27fe9e629a9ddf48f69e1391e4584e1925ce8d1765514525c63c0ad37430d5192d8", 0x301}], 0x1)

15:23:06 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:06 executing program 0:

15:23:06 executing program 5:

15:23:06 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["14e646d400"], 0x5})

15:23:06 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:06 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x7, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:06 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:06 executing program 0:

15:23:06 executing program 5:

15:23:06 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5078000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:06 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:06 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x4c000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:06 executing program 0:

15:23:06 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:07 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = syz_open_dev$mouse(&(0x7f0000000200)='/dev/input/mouse#\x00', 0xfff, 0xc00)
ioctl$RNDZAPENTCNT(r1, 0x5204, &(0x7f0000000240)=0x2)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x14, &(0x7f0000000180)=[{&(0x7f0000000000)=""/33, 0x21}, {&(0x7f0000000040)=""/219, 0xffffffffffffffa9}], 0x2, &(0x7f0000000c80)=""/229, 0xe5, 0xfffffffffffffffd}}], 0x1, 0x23, &(0x7f0000003340))

15:23:07 executing program 5:

15:23:07 executing program 4:

15:23:07 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x3c70000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:07 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d4ff"], 0x5})

15:23:07 executing program 0:

15:23:07 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="65787405c0", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:07 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x3000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:07 executing program 4:

15:23:07 executing program 5:

15:23:07 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d402"], 0x5})

15:23:07 executing program 0:

15:23:07 executing program 5:

15:23:07 executing program 4:

15:23:07 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x18470000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:07 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d4ff"], 0x5})

15:23:08 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0xffffffffffffffb3)
socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={<r2=>0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x2, @empty, 0xa16}]}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={r2, @in6={{0xa, 0x4e22, 0xfffffffffffff1d7, @ipv4={[], [], @broadcast}, 0x3}}, 0x4, 0x2, 0x800000000000, 0x200, 0x80}, &(0x7f0000000100)=0x98)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:08 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="65787405ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:08 executing program 0:

15:23:08 executing program 4:

15:23:08 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:08 executing program 5:

15:23:08 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x1b58, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:08 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x400000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:08 executing program 4:

15:23:08 executing program 0:

15:23:08 executing program 5:

15:23:08 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:08 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x6, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:08 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="65787405ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:08 executing program 4:

15:23:08 executing program 0:

15:23:09 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
mlock(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0xfffffffffffffec3)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000000)="6b3876da97325a1612343f8c365153e4e633187d1439fb8343c9fcc417759c91741afb954afde11b69355c1b2516fccb7b89c293ea625d69007c4bfa5bd26ffd4efd6285c7b49fff174a171a0c81baa77864c0ab31f0102cd1a1718919342978f3e1b42db5773a04b927396bcf92c37f990f30cce77343db8e8bdd9d3390cf30a61e18e0bf02b667bc4edbcb2489e769906971a416967abdf989013e45a7fdd8423591c8469c5bbb1c8e8beeb1edf3fb484ac43db23a9ba47595dd476da52adfa0178225cb398b2b6be7ac7679cb84b352ee744edf4971da3cad80587fe0d2633e5708b24eb26a21132c9790df07eacbec862142d108b8fefa63130b2b7d8973")
fsync(r0)
r1 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x80, 0x8101)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
socketpair$inet6_sctp(0xa, 0x93f83b776a1f360f, 0x84, &(0x7f0000000100))
ioctl$RTC_UIE_ON(r1, 0x7003)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:09 executing program 5:
r0 = syz_open_dev$evdev(&(0x7f0000dfdfee)='/dev/input/event#\x00', 0x0, 0x2000002)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
write$evdev(r0, &(0x7f000004d000)=[{}], 0x10)

15:23:09 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d4fe"], 0x5})

15:23:09 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:09 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x989e000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:09 executing program 4:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f00000000c0)="025cc80700145f8f764070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
fgetxattr(r1, &(0x7f0000000040)=@known='security.capability\x00', &(0x7f00000003c0)=""/189, 0xfffffffffffffee1)

15:23:09 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:09 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x7a000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:09 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x14e30000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:09 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)={@rand_addr, @loopback}, 0xc)

15:23:09 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f0000000300), 0x0)
write(r1, &(0x7f0000000540)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
mount(&(0x7f0000000000)='./file0/file0/file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='anon_inodefs\x00', 0x0, &(0x7f0000000dc0))
open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0)

[  530.905484] EXT4-fs: 18 callbacks suppressed
[  530.905493] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  530.928287] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  530.935383] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:09 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:09 executing program 4:
r0 = socket$inet(0x11, 0xa, 0x0)
sendmmsg(r0, &(0x7f0000014940)=[{{&(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000003500)=[{&(0x7f0000002440)}], 0x1, &(0x7f00000035c0)=[{0xc8, 0x116, 0x1eef85f8, "904314b8e4c296ee282c523e4924791d3328efc6fa9c38c5a5ad67cbc1904cecde3889cf64d58cdceda2d8fbb231b545bbb17bdb8586a096d95d59176b7436151962baa7dad45ea1a694bf9a228f77f9184cab3a99aa33dfa5cb566b34d311d2fdf004742ee6405a8d73ef33a216c5b561484b140c5d71baf7f813fd72e6b319ef3c8fcefec2c64cec66e90a0c8fc5011443545261469540b4f7352eb183056de334f70971101fd4f840113cb30330b14e6dc520a1"}], 0xc8, 0x800}, 0x401}], 0x1, 0x0)

15:23:09 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

[  531.007559] F2FS-fs (loop0): project quota file already specified
[  531.021377] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  531.025156] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  531.034467] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:09 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x904c0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:09 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'lo\x00'})
sendmsg$nl_route(r0, &(0x7f0000000580)={&(0x7f0000000280), 0xc, &(0x7f0000000540)={&(0x7f00000002c0)=@ipv4_newroute={0x2c, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP={0x8, 0x16, @nested={0x4}}, @RTA_ENCAP_TYPE={0x8, 0x15, 0x7}]}, 0x2c}}, 0x0)

[  531.075795] F2FS-fs (loop0): project quota file already specified
[  531.082960] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  531.112575] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  531.120610] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  531.130373] F2FS-fs (loop0): project quota file already specified
[  531.139654] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  531.193239] netlink: 'syz-executor4': attribute type 21 has an invalid length.
[  531.218273] netlink: 'syz-executor4': attribute type 21 has an invalid length.
15:23:10 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0xdf)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:10 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740505", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:10 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:10 executing program 5:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={&(0x7f000034c000), 0xc, &(0x7f00000daff0)={&(0x7f0000000400)=ANY=[@ANYBLOB="3c0100001000030200000000ffea3f3411f34684af0000000000000000000000000000000000000000e000000100000000000000000000000000000000000000000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000ac14ffbb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000004c001400636d61632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xff6f}}, 0x0)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r1, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
sendto$inet(r1, &(0x7f0000000300)='\a', 0x1, 0xe803, 0x0, 0x0)
r2 = semget(0x2, 0x4, 0x8)
semctl$SEM_INFO(r2, 0x1, 0x13, &(0x7f0000000000)=""/109)

15:23:10 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xedc0, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:10 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:10 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa0f00000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:10 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfffffff6, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  531.779144] netlink: 76 bytes leftover after parsing attributes in process `syz-executor5'.
[  531.792586] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:10 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5})

15:23:10 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x341e000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:10 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

[  531.823378] tls_set_device_offload_rx: netdev lo with no TLS offload
[  531.849309] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  531.858832] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:10 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xf1080000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:10 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740568", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:10 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc87d000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:10 executing program 4 (fault-call:6 fault-nth:0):
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:10 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

[  532.014274] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  532.056232] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  532.088386] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:11 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:11 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d404"], 0x5})

15:23:11 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)

15:23:11 executing program 5 (fault-call:2 fault-nth:0):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:11 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:11 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x500, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:11 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:11 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x7dc8, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:11 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x1c00, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:11 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc7bc, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  532.614913] FAULT_INJECTION: forcing a failure.
[  532.614913] name failslab, interval 1, probability 0, space 0, times 0
[  532.626177] CPU: 1 PID: 18869 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  532.634663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  532.644019] Call Trace:
[  532.646604]  dump_stack+0x1c9/0x2b4
[  532.650226]  ? dump_stack_print_info.cold.2+0x52/0x52
[  532.655428]  ? get_pid_task+0xd8/0x1a0
[  532.659314]  should_fail.cold.4+0xa/0x11
[  532.663362]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  532.668889]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  532.673992]  ? lock_downgrade+0x8f0/0x8f0
[  532.678133]  ? proc_fail_nth_write+0x9e/0x210
[  532.682613]  ? proc_cwd_link+0x1d0/0x1d0
[  532.686661]  ? kasan_check_read+0x11/0x20
[  532.690793]  ? do_raw_spin_unlock+0xa7/0x2f0
[  532.695203]  ? lock_acquire+0x1e4/0x540
[  532.699165]  ? fs_reclaim_acquire+0x20/0x20
[  532.703477]  ? lock_downgrade+0x8f0/0x8f0
[  532.707617]  ? check_same_owner+0x340/0x340
[  532.711932]  ? rcu_note_context_switch+0x730/0x730
[  532.716852]  __should_failslab+0x124/0x180
[  532.721076]  should_failslab+0x9/0x14
[  532.724871]  __kmalloc+0x2c8/0x760
[  532.728399]  ? strncpy_from_user+0x510/0x510
[  532.732800]  ? fput+0x130/0x1a0
[  532.736067]  ? __x64_sys_memfd_create+0x142/0x4f0
[  532.740901]  __x64_sys_memfd_create+0x142/0x4f0
[  532.745560]  ? memfd_fcntl+0x1e80/0x1e80
[  532.749610]  ? ksys_mount+0xa8/0x140
[  532.753317]  do_syscall_64+0x1b9/0x820
[  532.757196]  ? finish_task_switch+0x1d3/0x870
[  532.761683]  ? syscall_return_slowpath+0x5e0/0x5e0
[  532.766604]  ? syscall_return_slowpath+0x31d/0x5e0
[  532.771521]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  532.776523]  ? __switch_to_asm+0x34/0x70
[  532.780570]  ? __switch_to_asm+0x34/0x70
[  532.784616]  ? __switch_to_asm+0x40/0x70
[  532.788662]  ? __switch_to_asm+0x34/0x70
[  532.792709]  ? __switch_to_asm+0x40/0x70
[  532.796758]  ? __switch_to_asm+0x34/0x70
[  532.800810]  ? __switch_to_asm+0x40/0x70
[  532.804859]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  532.809691]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  532.814868] RIP: 0033:0x456b29
[  532.818048] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  532.836933] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  532.844627] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000456b29
[  532.851879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004c1c8d
15:23:11 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d403"], 0x5})

15:23:11 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

[  532.859131] RBP: 00000000009300a0 R08: 0000000000000030 R09: 00000000fbad8001
[  532.866392] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000013
[  532.873657] R13: 00000000004d5a50 R14: 00000000004c934c R15: 0000000000000000
[  532.905488] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:11 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:11 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x1000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:11 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4000000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:11 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x528, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:11 executing program 5 (fault-call:2 fault-nth:1):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:11 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d4fd"], 0x5})

[  533.207727] FAULT_INJECTION: forcing a failure.
[  533.207727] name failslab, interval 1, probability 0, space 0, times 0
[  533.218968] CPU: 0 PID: 18920 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  533.227447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  533.236788] Call Trace:
[  533.239381]  dump_stack+0x1c9/0x2b4
[  533.243006]  ? dump_stack_print_info.cold.2+0x52/0x52
[  533.248193]  ? mnt_get_count+0x150/0x150
[  533.252262]  should_fail.cold.4+0xa/0x11
[  533.256322]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  533.261423]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  533.266432]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  533.271189]  ? lock_acquire+0x1e4/0x540
[  533.275162]  ? is_bpf_text_address+0xae/0x170
[  533.279655]  ? lock_downgrade+0x8f0/0x8f0
[  533.283804]  ? lock_release+0xa30/0xa30
[  533.287774]  ? kasan_check_read+0x11/0x20
[  533.291917]  ? lock_acquire+0x1e4/0x540
[  533.295889]  ? fs_reclaim_acquire+0x20/0x20
[  533.300211]  ? lock_downgrade+0x8f0/0x8f0
[  533.304364]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  533.309381]  ? check_same_owner+0x340/0x340
[  533.313703]  ? rcu_note_context_switch+0x730/0x730
[  533.318630]  ? iterate_fd+0x4b0/0x4b0
[  533.322430]  __should_failslab+0x124/0x180
[  533.326661]  should_failslab+0x9/0x14
[  533.330461]  kmem_cache_alloc+0x2af/0x760
[  533.334605]  ? lock_downgrade+0x8f0/0x8f0
[  533.338751]  ? shmem_destroy_callback+0xc0/0xc0
[  533.343419]  shmem_alloc_inode+0x1b/0x40
[  533.347472]  alloc_inode+0x63/0x190
[  533.351098]  new_inode_pseudo+0x71/0x1a0
[  533.355151]  ? prune_icache_sb+0x1c0/0x1c0
[  533.359388]  ? _raw_spin_unlock+0x22/0x30
[  533.363531]  new_inode+0x1c/0x40
[  533.366893]  shmem_get_inode+0xf1/0x910
[  533.370864]  ? shmem_encode_fh+0x340/0x340
[  533.375096]  ? lock_downgrade+0x8f0/0x8f0
[  533.379245]  ? lock_release+0xa30/0xa30
[  533.383218]  ? check_same_owner+0x340/0x340
[  533.387542]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  533.392550]  ? __check_object_size+0xa3/0x5d7
[  533.397050]  __shmem_file_setup.part.48+0x83/0x2a0
[  533.401978]  shmem_file_setup+0x65/0x90
[  533.405946]  __x64_sys_memfd_create+0x2af/0x4f0
[  533.410614]  ? memfd_fcntl+0x1e80/0x1e80
[  533.414669]  ? ksys_mount+0xa8/0x140
[  533.418382]  do_syscall_64+0x1b9/0x820
[  533.422263]  ? finish_task_switch+0x1d3/0x870
[  533.426752]  ? syscall_return_slowpath+0x5e0/0x5e0
[  533.435508]  ? syscall_return_slowpath+0x31d/0x5e0
[  533.440435]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  533.446113]  ? __switch_to_asm+0x34/0x70
[  533.450173]  ? __switch_to_asm+0x34/0x70
[  533.454351]  ? __switch_to_asm+0x40/0x70
[  533.458410]  ? __switch_to_asm+0x34/0x70
[  533.462468]  ? __switch_to_asm+0x40/0x70
[  533.466539]  ? __switch_to_asm+0x34/0x70
[  533.470598]  ? __switch_to_asm+0x40/0x70
[  533.474673]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  533.479519]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  533.484698] RIP: 0033:0x456b29
[  533.487887] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  533.506780] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  533.514481] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000456b29
[  533.521741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004c1c8d
[  533.529006] RBP: 00000000009300a0 R08: 0000000000000030 R09: 00000000fbad8001
[  533.536266] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000013
[  533.543527] R13: 00000000004d5a50 R14: 00000000004c934c R15: 0000000000000001
15:23:12 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f0000000000)='fou\x00')
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x82)
bind$rds(r1, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)

15:23:12 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:12 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:12 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x13})

15:23:12 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x2c7b0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:12 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x2805000000000000, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:12 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x600000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:12 executing program 5 (fault-call:2 fault-nth:2):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  533.715274] FAULT_INJECTION: forcing a failure.
[  533.715274] name failslab, interval 1, probability 0, space 0, times 0
[  533.726555] CPU: 0 PID: 18923 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  533.735047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  533.744402] Call Trace:
[  533.746998]  dump_stack+0x1c9/0x2b4
[  533.750638]  ? dump_stack_print_info.cold.2+0x52/0x52
[  533.755843]  should_fail.cold.4+0xa/0x11
[  533.759915]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  533.765035]  ? trace_hardirqs_on+0x10/0x10
[  533.769272]  ? __kernel_text_address+0xd/0x40
[  533.773770]  ? unwind_get_return_address+0x61/0xa0
[  533.778700]  ? __save_stack_trace+0x8d/0xf0
[  533.783035]  ? save_stack+0xa9/0xd0
[  533.786668]  ? save_stack+0x43/0xd0
[  533.790302]  ? __lockdep_init_map+0x105/0x590
[  533.794797]  ? kasan_slab_alloc+0x12/0x20
[  533.798955]  ? lock_acquire+0x1e4/0x540
[  533.802930]  ? fs_reclaim_acquire+0x20/0x20
[  533.807257]  ? lock_downgrade+0x8f0/0x8f0
[  533.811407]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  533.816427]  ? check_same_owner+0x340/0x340
[  533.820753]  ? rcu_note_context_switch+0x730/0x730
[  533.825685]  __should_failslab+0x124/0x180
[  533.829918]  should_failslab+0x9/0x14
[  533.833719]  kmem_cache_alloc+0x2af/0x760
[  533.837867]  ? mpol_shared_policy_init+0x235/0x670
[  533.842796]  ? lock_downgrade+0x8f0/0x8f0
[  533.847056]  __d_alloc+0xc8/0xd50
[  533.850528]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  533.855549]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
15:23:12 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x1c00000000000000, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  533.860742]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  533.866276]  ? timespec64_trunc+0xea/0x180
[  533.870508]  ? inode_init_owner+0x340/0x340
[  533.874837]  ? _raw_spin_unlock+0x22/0x30
[  533.879008]  ? current_time+0x10b/0x1b0
[  533.882990]  ? __lockdep_init_map+0x105/0x590
[  533.887494]  d_alloc_pseudo+0x1d/0x30
[  533.891296]  alloc_file_pseudo+0x158/0x3f0
[  533.895532]  ? alloc_file+0x430/0x430
[  533.899332]  ? check_same_owner+0x340/0x340
[  533.903653]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  533.908667]  ? __check_object_size+0xa3/0x5d7
[  533.913165]  ? kasan_check_write+0x14/0x20
[  533.917407]  __shmem_file_setup.part.48+0x110/0x2a0
[  533.922425]  shmem_file_setup+0x65/0x90
[  533.926396]  __x64_sys_memfd_create+0x2af/0x4f0
[  533.931063]  ? memfd_fcntl+0x1e80/0x1e80
[  533.935123]  ? ksys_mount+0xa8/0x140
[  533.938849]  do_syscall_64+0x1b9/0x820
[  533.942735]  ? finish_task_switch+0x1d3/0x870
[  533.947235]  ? syscall_return_slowpath+0x5e0/0x5e0
[  533.952184]  ? syscall_return_slowpath+0x31d/0x5e0
[  533.957128]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  533.962160]  ? __switch_to_asm+0x34/0x70
[  533.966224]  ? __switch_to_asm+0x34/0x70
[  533.970283]  ? __switch_to_asm+0x40/0x70
[  533.974344]  ? __switch_to_asm+0x34/0x70
[  533.978400]  ? __switch_to_asm+0x40/0x70
[  533.982461]  ? __switch_to_asm+0x34/0x70
[  533.986522]  ? __switch_to_asm+0x40/0x70
[  533.990582]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  533.995429]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  534.000615] RIP: 0033:0x456b29
15:23:12 executing program 5 (fault-call:2 fault-nth:3):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  534.003811] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  534.022705] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  534.030412] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000456b29
[  534.037680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004c1c8d
[  534.044948] RBP: 00000000009300a0 R08: 0000000000000030 R09: 00000000fbad8001
[  534.052213] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000013
[  534.059477] R13: 00000000004d5a50 R14: 00000000004c934c R15: 0000000000000002
15:23:12 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:12 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x14})

15:23:12 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x7a00000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:12 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x48d5000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:12 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280), 0x0, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:12 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x4000000000000, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  534.270317] FAULT_INJECTION: forcing a failure.
[  534.270317] name failslab, interval 1, probability 0, space 0, times 0
[  534.281616] CPU: 1 PID: 18961 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  534.290114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  534.299453] Call Trace:
[  534.302051]  dump_stack+0x1c9/0x2b4
[  534.305688]  ? dump_stack_print_info.cold.2+0x52/0x52
[  534.310896]  should_fail.cold.4+0xa/0x11
[  534.314966]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  534.320072]  ? kasan_kmalloc+0xc4/0xe0
[  534.323965]  ? kasan_slab_alloc+0x12/0x20
[  534.328122]  ? kmem_cache_alloc+0x12e/0x760
[  534.332461]  ? __d_alloc+0xc8/0xd50
[  534.336089]  ? d_alloc_pseudo+0x1d/0x30
[  534.340065]  ? alloc_file_pseudo+0x158/0x3f0
[  534.344479]  ? __shmem_file_setup.part.48+0x110/0x2a0
[  534.349674]  ? shmem_file_setup+0x65/0x90
[  534.353832]  ? trace_hardirqs_on+0x10/0x10
[  534.358071]  ? save_stack+0xa9/0xd0
[  534.361699]  ? save_stack+0x43/0xd0
[  534.365333]  ? __lockdep_init_map+0x105/0x590
[  534.369830]  ? kasan_slab_alloc+0x12/0x20
[  534.373979]  ? lock_acquire+0x1e4/0x540
[  534.377957]  ? lock_acquire+0x1e4/0x540
[  534.381930]  ? fs_reclaim_acquire+0x20/0x20
[  534.386252]  ? lock_downgrade+0x8f0/0x8f0
[  534.390406]  ? check_same_owner+0x340/0x340
[  534.394731]  ? lock_downgrade+0x8f0/0x8f0
[  534.398879]  ? rcu_note_context_switch+0x730/0x730
[  534.403808]  __should_failslab+0x124/0x180
[  534.408043]  should_failslab+0x9/0x14
[  534.411845]  kmem_cache_alloc+0x2af/0x760
[  534.415987]  ? kasan_check_write+0x14/0x20
[  534.420222]  ? do_raw_spin_lock+0xc1/0x200
[  534.424464]  __alloc_file+0xac/0x400
[  534.428179]  ? file_free_rcu+0x90/0x90
[  534.432064]  ? select_collect+0x610/0x610
[  534.436212]  ? d_instantiate+0x79/0xa0
[  534.440102]  ? lock_downgrade+0x8f0/0x8f0
[  534.444250]  ? kasan_check_read+0x11/0x20
[  534.448399]  ? do_raw_spin_unlock+0xa7/0x2f0
[  534.452803]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  534.457386]  alloc_empty_file+0x72/0x170
[  534.461450]  alloc_file+0x5c/0x430
[  534.464994]  alloc_file_pseudo+0x261/0x3f0
[  534.469230]  ? alloc_file+0x430/0x430
[  534.473029]  ? check_same_owner+0x340/0x340
[  534.477352]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  534.482365]  ? __check_object_size+0xa3/0x5d7
[  534.486862]  ? kasan_check_write+0x14/0x20
[  534.491101]  __shmem_file_setup.part.48+0x110/0x2a0
[  534.496120]  shmem_file_setup+0x65/0x90
[  534.500093]  __x64_sys_memfd_create+0x2af/0x4f0
[  534.504758]  ? memfd_fcntl+0x1e80/0x1e80
[  534.508819]  ? ksys_mount+0xa8/0x140
[  534.512537]  do_syscall_64+0x1b9/0x820
[  534.516427]  ? syscall_return_slowpath+0x5e0/0x5e0
[  534.521353]  ? syscall_return_slowpath+0x31d/0x5e0
[  534.526283]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  534.531299]  ? __switch_to_asm+0x34/0x70
[  534.535357]  ? __switch_to_asm+0x34/0x70
[  534.539415]  ? __switch_to_asm+0x40/0x70
[  534.543475]  ? __switch_to_asm+0x34/0x70
[  534.547531]  ? __switch_to_asm+0x34/0x70
[  534.551592]  ? __switch_to_asm+0x40/0x70
[  534.555661]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  534.560508]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  534.565695] RIP: 0033:0x456b29
[  534.568889] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  534.587787] RSP: 002b:00007f1b508eca88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  534.595499] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000456b29
[  534.602766] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004c1c8d
[  534.610030] RBP: 0000000000930140 R08: 0000000000000030 R09: 00000000fbad8001
[  534.617295] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000013
[  534.624563] R13: 00000000004d5a50 R14: 00000000004c934c R15: 0000000000000003
15:23:13 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:13 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x1000000})

15:23:13 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x7cf3, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:13 executing program 5 (fault-call:2 fault-nth:4):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:13 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280), 0x0, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:13 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x600, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:13 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6c00000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:13 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x28050000, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  534.917743] FAULT_INJECTION: forcing a failure.
[  534.917743] name failslab, interval 1, probability 0, space 0, times 0
[  534.929062] CPU: 1 PID: 18985 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  534.937556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  534.946911] Call Trace:
[  534.949500]  dump_stack+0x1c9/0x2b4
[  534.953134]  ? dump_stack_print_info.cold.2+0x52/0x52
[  534.958334]  ? lock_release+0xa30/0xa30
[  534.962322]  should_fail.cold.4+0xa/0x11
[  534.966385]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  534.971487]  ? lock_acquire+0x1e4/0x540
[  534.975450]  ? shmem_setattr+0x50e/0xda0
[  534.979504]  ? lock_downgrade+0x8f0/0x8f0
[  534.983650]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  534.989177]  ? timespec64_trunc+0xea/0x180
[  534.993401]  ? inode_init_owner+0x340/0x340
[  534.997710]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  535.003236]  ? fsnotify+0xbac/0x14e0
[  535.006945]  ? lock_acquire+0x1e4/0x540
[  535.010909]  ? fs_reclaim_acquire+0x20/0x20
[  535.015218]  ? lock_downgrade+0x8f0/0x8f0
[  535.019357]  ? check_same_owner+0x340/0x340
[  535.024119]  ? rcu_note_context_switch+0x730/0x730
[  535.029037]  ? notify_change+0xda7/0x10f0
[  535.033179]  __should_failslab+0x124/0x180
[  535.037401]  should_failslab+0x9/0x14
[  535.041189]  kmem_cache_alloc+0x2af/0x760
[  535.045328]  ? do_sys_ftruncate+0x42d/0x560
[  535.049636]  ? lock_downgrade+0x8f0/0x8f0
[  535.053774]  getname_flags+0xd0/0x5a0
[  535.057571]  getname+0x19/0x20
[  535.060749]  do_sys_open+0x3a2/0x720
[  535.064452]  ? filp_open+0x80/0x80
[  535.067981]  ? do_sys_ftruncate+0x44e/0x560
[  535.072290]  __x64_sys_open+0x7e/0xc0
[  535.076081]  do_syscall_64+0x1b9/0x820
[  535.079957]  ? finish_task_switch+0x1d3/0x870
[  535.084439]  ? syscall_return_slowpath+0x5e0/0x5e0
[  535.089358]  ? syscall_return_slowpath+0x31d/0x5e0
[  535.094276]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  535.099279]  ? prepare_exit_to_usermode+0x291/0x3b0
[  535.104280]  ? perf_trace_sys_enter+0xb10/0xb10
[  535.108935]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  535.113774]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  535.118951] RIP: 0033:0x410861
[  535.122141] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  535.141032] RSP: 002b:00007f1b5090da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  535.148729] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000410861
[  535.155982] RDX: 00007f1b5090dafa RSI: 0000000000000002 RDI: 00007f1b5090daf0
15:23:13 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x4})

15:23:13 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x1c000000, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:13 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x64ac000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  535.163235] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  535.170489] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014
[  535.177740] R13: 0000000000000000 R14: 00000000004c934c R15: 0000000000000004
15:23:13 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280), 0x0, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:13 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x40000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:13 executing program 5 (fault-call:2 fault-nth:5):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:13 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x20000045})

15:23:13 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4ee0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  535.333687] FAULT_INJECTION: forcing a failure.
[  535.333687] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  535.345531] CPU: 1 PID: 19015 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  535.354023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  535.363371] Call Trace:
[  535.365958]  dump_stack+0x1c9/0x2b4
[  535.369585]  ? dump_stack_print_info.cold.2+0x52/0x52
[  535.374776]  ? trace_hardirqs_on+0x10/0x10
[  535.379017]  should_fail.cold.4+0xa/0x11
[  535.383078]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  535.388176]  ? save_stack+0x43/0xd0
[  535.391798]  ? kasan_kmalloc+0xc4/0xe0
[  535.395679]  ? kasan_slab_alloc+0x12/0x20
[  535.399828]  ? __alloc_file+0xac/0x400
[  535.403718]  ? __x64_sys_memfd_create+0x2af/0x4f0
[  535.408572]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  535.413417]  ? trace_hardirqs_on+0x10/0x10
[  535.417652]  ? perf_trace_lock+0x920/0x920
[  535.421891]  ? lock_acquire+0x1e4/0x540
[  535.425863]  ? is_bpf_text_address+0xae/0x170
[  535.430361]  ? lock_downgrade+0x8f0/0x8f0
[  535.434512]  ? lock_release+0xa30/0xa30
[  535.438491]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  535.443330]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  535.448873]  ? should_fail+0x246/0xd86
[  535.452769]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  535.457875]  __alloc_pages_nodemask+0x36e/0xdb0
[  535.462546]  ? lock_downgrade+0x8f0/0x8f0
[  535.466703]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  535.471718]  ? timespec64_trunc+0xea/0x180
[  535.475948]  ? inode_init_owner+0x340/0x340
[  535.480270]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  535.485802]  ? fsnotify+0xbac/0x14e0
[  535.489521]  ? lock_acquire+0x1e4/0x540
[  535.493499]  ? fs_reclaim_acquire+0x20/0x20
[  535.497821]  ? lock_downgrade+0x8f0/0x8f0
[  535.501968]  ? lock_release+0xa30/0xa30
[  535.505945]  ? check_same_owner+0x340/0x340
[  535.510273]  cache_grow_begin+0x91/0x710
[  535.514341]  kmem_cache_alloc+0x689/0x760
[  535.518489]  ? do_sys_ftruncate+0x42d/0x560
[  535.522821]  ? lock_downgrade+0x8f0/0x8f0
[  535.526970]  getname_flags+0xd0/0x5a0
[  535.530774]  getname+0x19/0x20
[  535.533966]  do_sys_open+0x3a2/0x720
[  535.537681]  ? filp_open+0x80/0x80
[  535.541223]  ? do_sys_ftruncate+0x44e/0x560
[  535.545550]  __x64_sys_open+0x7e/0xc0
[  535.549349]  do_syscall_64+0x1b9/0x820
[  535.553235]  ? finish_task_switch+0x1d3/0x870
[  535.557734]  ? syscall_return_slowpath+0x5e0/0x5e0
[  535.562664]  ? syscall_return_slowpath+0x31d/0x5e0
[  535.567594]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  535.572609]  ? __switch_to_asm+0x34/0x70
[  535.576669]  ? __switch_to_asm+0x34/0x70
[  535.580731]  ? __switch_to_asm+0x40/0x70
[  535.584787]  ? __switch_to_asm+0x34/0x70
[  535.588843]  ? __switch_to_asm+0x40/0x70
[  535.592902]  ? __switch_to_asm+0x34/0x70
[  535.596964]  ? __switch_to_asm+0x40/0x70
[  535.601031]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  535.605893]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  535.611075] RIP: 0033:0x410861
[  535.614269] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  535.633168] RSP: 002b:00007f1b5090da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  535.640874] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000410861
[  535.648137] RDX: 00007f1b5090dafa RSI: 0000000000000002 RDI: 00007f1b5090daf0
[  535.655401] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  535.662670] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014
[  535.669936] R13: 0000000000000000 R14: 00000000004c934c R15: 0000000000000005
15:23:14 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={<r1=>0x0, 0x3}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={r1, 0xe4, &(0x7f0000000200)=[@in={0x2, 0x4e20, @multicast1}, @in6={0xa, 0x4e22, 0x1, @mcast1, 0x3}, @in6={0xa, 0x4e23, 0x7, @mcast1, 0x5}, @in6={0xa, 0x4e23, 0x81, @mcast2, 0x2}, @in={0x2, 0x4e20, @local}, @in6={0xa, 0x4e24, 0x2, @empty, 0x2}, @in6={0xa, 0x4e20, 0x10001, @local, 0x100000000}, @in6={0xa, 0x4e23, 0x200, @loopback, 0x2}, @in6={0xa, 0x4e22, 0x0, @empty, 0x7}]}, &(0x7f00000000c0)=0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x101000, 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r2, &(0x7f0000000180)={0x28, 0x2, 0x0, {0x2, 0x7, 0xff}}, 0x28)

15:23:14 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x2805, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:14 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0xfffffdfd]})

15:23:14 executing program 5 (fault-call:2 fault-nth:6):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:14 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x9c2e0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:14 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e0000001600000002", 0x35, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:14 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x1f000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:14 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x5000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:14 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x4, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  536.068255] FAULT_INJECTION: forcing a failure.
[  536.068255] name failslab, interval 1, probability 0, space 0, times 0
[  536.079540] CPU: 1 PID: 19038 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  536.088023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  536.097364] Call Trace:
[  536.099948]  dump_stack+0x1c9/0x2b4
[  536.103567]  ? dump_stack_print_info.cold.2+0x52/0x52
[  536.108751]  ? trace_hardirqs_on+0x10/0x10
[  536.112983]  should_fail.cold.4+0xa/0x11
[  536.117035]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  536.122123]  ? d_splice_alias+0x7c9/0x11e0
[  536.126351]  ? lock_downgrade+0x8f0/0x8f0
[  536.130492]  ? kasan_check_read+0x11/0x20
[  536.134635]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  536.139641]  ? trace_hardirqs_on+0x10/0x10
[  536.143863]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  536.148866]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  536.153611]  ? lock_acquire+0x1e4/0x540
[  536.157572]  ? fs_reclaim_acquire+0x20/0x20
[  536.161884]  ? lock_downgrade+0x8f0/0x8f0
[  536.166022]  ? check_same_owner+0x340/0x340
[  536.170329]  ? trace_hardirqs_on+0x10/0x10
[  536.174549]  ? rcu_is_watching+0x8c/0x150
[  536.178684]  ? rcu_note_context_switch+0x730/0x730
[  536.183599]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  536.188256]  __should_failslab+0x124/0x180
[  536.192489]  should_failslab+0x9/0x14
[  536.196277]  kmem_cache_alloc+0x2af/0x760
[  536.200414]  ? trace_hardirqs_on+0x10/0x10
[  536.204640]  __alloc_file+0xac/0x400
[  536.208340]  ? file_free_rcu+0x90/0x90
[  536.212220]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  536.217223]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  536.221972]  ? lock_acquire+0x1e4/0x540
[  536.225935]  ? is_bpf_text_address+0xae/0x170
[  536.230418]  ? lock_downgrade+0x8f0/0x8f0
[  536.234560]  alloc_empty_file+0x72/0x170
[  536.238611]  path_openat+0x15f/0x5300
[  536.242396]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  536.247053]  ? is_bpf_text_address+0xd7/0x170
[  536.251537]  ? kernel_text_address+0x79/0xf0
[  536.255931]  ? __kernel_text_address+0xd/0x40
[  536.260413]  ? path_lookupat.isra.45+0xc00/0xc00
[  536.265158]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  536.270162]  ? expand_files.part.8+0x571/0x9c0
[  536.274734]  ? iterate_fd+0x4b0/0x4b0
[  536.278525]  ? lock_acquire+0x1e4/0x540
[  536.282482]  ? __alloc_fd+0x34e/0x710
[  536.286270]  ? lock_downgrade+0x8f0/0x8f0
[  536.290404]  ? do_sys_open+0x3a2/0x720
[  536.294281]  ? kasan_check_read+0x11/0x20
[  536.298415]  ? do_raw_spin_unlock+0xa7/0x2f0
[  536.302816]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  536.307388]  ? kasan_check_write+0x14/0x20
[  536.311609]  ? do_raw_spin_lock+0xc1/0x200
[  536.315833]  ? _raw_spin_unlock+0x22/0x30
[  536.319965]  ? __alloc_fd+0x34e/0x710
[  536.323751]  ? usercopy_warn+0x120/0x120
[  536.327803]  do_filp_open+0x255/0x380
[  536.331593]  ? may_open_dev+0x100/0x100
[  536.335567]  ? get_unused_fd_flags+0x122/0x1a0
[  536.340136]  ? __alloc_fd+0x710/0x710
[  536.343930]  do_sys_open+0x584/0x720
[  536.347631]  ? filp_open+0x80/0x80
[  536.351157]  ? do_sys_ftruncate+0x44e/0x560
[  536.355465]  __x64_sys_open+0x7e/0xc0
[  536.359253]  do_syscall_64+0x1b9/0x820
[  536.363127]  ? syscall_return_slowpath+0x5e0/0x5e0
[  536.368043]  ? syscall_return_slowpath+0x31d/0x5e0
[  536.372963]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  536.377966]  ? __switch_to_asm+0x34/0x70
[  536.382020]  ? __switch_to_asm+0x34/0x70
[  536.386067]  ? __switch_to_asm+0x40/0x70
[  536.390116]  ? __switch_to_asm+0x34/0x70
[  536.394162]  ? __switch_to_asm+0x34/0x70
[  536.398207]  ? __switch_to_asm+0x40/0x70
[  536.402254]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  536.407091]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  536.412265] RIP: 0033:0x410861
[  536.415450] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  536.434338] RSP: 002b:00007f1b5090da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  536.442038] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000410861
[  536.449290] RDX: 00007f1b5090dafa RSI: 0000000000000002 RDI: 00007f1b5090daf0
[  536.456545] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
15:23:14 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xac23, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:14 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x2]})

15:23:15 executing program 5 (fault-call:2 fault-nth:7):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:15 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x1c, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  536.463797] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014
[  536.471048] R13: 0000000000000000 R14: 00000000004c934c R15: 0000000000000006
[  536.484558] EXT4-fs: 15 callbacks suppressed
[  536.484567] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  536.500696] f2fs_msg: 68 callbacks suppressed
[  536.500708] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  536.512478] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:15 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4000000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  536.526968] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:15 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe0c4000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:15 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0xfdfdffff00000000]})

[  536.576039] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(0) root(0)
[  536.583063] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  536.590979] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  536.593599] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  536.598057] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  536.609637] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(0) root(0)
[  536.618715] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  536.649181] FAULT_INJECTION: forcing a failure.
[  536.649181] name failslab, interval 1, probability 0, space 0, times 0
[  536.660605] CPU: 0 PID: 19067 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  536.669093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  536.678441] Call Trace:
[  536.681037]  dump_stack+0x1c9/0x2b4
[  536.684667]  ? dump_stack_print_info.cold.2+0x52/0x52
[  536.689871]  should_fail.cold.4+0xa/0x11
[  536.693991]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  536.699095]  ? up_write+0x7b/0x220
[  536.702632]  ? up_read+0x110/0x110
[  536.706171]  ? down_read+0x1d0/0x1d0
[  536.709898]  ? refcount_inc_checked+0x29/0x70
[  536.714396]  ? lock_acquire+0x1e4/0x540
[  536.718366]  ? lo_ioctl+0x8e/0x1d70
[  536.721991]  ? lock_release+0xa30/0xa30
[  536.725959]  ? check_same_owner+0x340/0x340
[  536.730281]  ? lock_acquire+0x1e4/0x540
[  536.734252]  ? fs_reclaim_acquire+0x20/0x20
[  536.738573]  ? lock_downgrade+0x8f0/0x8f0
[  536.742721]  ? check_same_owner+0x340/0x340
[  536.747039]  ? rcu_note_context_switch+0x730/0x730
[  536.751966]  __should_failslab+0x124/0x180
[  536.756197]  should_failslab+0x9/0x14
[  536.759994]  kmem_cache_alloc_trace+0x2cb/0x780
[  536.764654]  ? init_wait_entry+0x1c0/0x1c0
[  536.768882]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  536.773465]  ? loop_get_status64+0x140/0x140
[  536.777866]  __kthread_create_on_node+0x13d/0x530
[  536.782708]  ? __kthread_parkme+0x1b0/0x1b0
[  536.787035]  ? ksys_dup3+0x690/0x690
[  536.790742]  ? __lockdep_init_map+0x105/0x590
[  536.795233]  ? __lockdep_init_map+0x105/0x590
[  536.799726]  ? loop_get_status64+0x140/0x140
[  536.804127]  kthread_create_on_node+0xb1/0xe0
[  536.808615]  ? __kthread_create_on_node+0x530/0x530
[  536.813632]  lo_ioctl+0x7f6/0x1d70
[  536.817175]  ? lo_rw_aio_complete+0x450/0x450
[  536.821666]  blkdev_ioctl+0x9cd/0x2030
[  536.825552]  ? lock_acquire+0x1e4/0x540
[  536.829519]  ? blkpg_ioctl+0xc40/0xc40
[  536.833404]  ? lock_release+0xa30/0xa30
[  536.837375]  ? save_stack+0xa9/0xd0
[  536.840998]  ? save_stack+0x43/0xd0
[  536.844620]  ? __fget+0x4d5/0x740
[  536.848073]  ? ksys_dup3+0x690/0x690
[  536.851782]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  536.856361]  ? kasan_check_write+0x14/0x20
[  536.860588]  ? do_raw_spin_lock+0xc1/0x200
[  536.864819]  block_ioctl+0xee/0x130
[  536.868440]  ? blkdev_fallocate+0x400/0x400
[  536.872759]  do_vfs_ioctl+0x1de/0x1720
[  536.876651]  ? ioctl_preallocate+0x300/0x300
[  536.881054]  ? __fget_light+0x2f7/0x440
[  536.885021]  ? fget_raw+0x20/0x20
[  536.888470]  ? trace_hardirqs_on+0xd/0x10
[  536.892616]  ? kmem_cache_free+0x22e/0x2d0
[  536.896842]  ? putname+0xf7/0x130
[  536.900293]  ? do_sys_open+0x3cb/0x720
[  536.904175]  ? security_file_ioctl+0x94/0xc0
[  536.908579]  ksys_ioctl+0xa9/0xd0
[  536.912028]  __x64_sys_ioctl+0x73/0xb0
[  536.915912]  do_syscall_64+0x1b9/0x820
[  536.919793]  ? finish_task_switch+0x1d3/0x870
[  536.924287]  ? syscall_return_slowpath+0x5e0/0x5e0
[  536.929211]  ? syscall_return_slowpath+0x31d/0x5e0
[  536.934137]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  536.939154]  ? __switch_to_asm+0x34/0x70
[  536.943227]  ? __switch_to_asm+0x34/0x70
[  536.947287]  ? __switch_to_asm+0x40/0x70
[  536.951343]  ? __switch_to_asm+0x34/0x70
[  536.955396]  ? __switch_to_asm+0x40/0x70
[  536.959449]  ? __switch_to_asm+0x34/0x70
[  536.963508]  ? __switch_to_asm+0x40/0x70
[  536.967566]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  536.972410]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  536.977593] RIP: 0033:0x456997
[  536.980781] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
15:23:15 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0xe)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast1, @loopback}, 0xc)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:15 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x40000, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:15 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0xfeffffff]})

15:23:15 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e0000001600000002", 0x35, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:15 executing program 5 (fault-call:2 fault-nth:8):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:15 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x3f00, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  536.999671] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  537.007374] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
[  537.014633] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  537.022003] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  537.029284] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  537.036544] R13: 0000000000000000 R14: 00000000004c934c R15: 0000000000000007
15:23:15 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x88a9000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:15 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:15 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0xfffffffe]})

15:23:15 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
fstatfs(r0, &(0x7f0000000000)=""/76)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

[  537.150313] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  537.178441] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:15 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:15 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x1000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  537.210912] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  537.218005] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  537.283087] FAULT_INJECTION: forcing a failure.
[  537.283087] name failslab, interval 1, probability 0, space 0, times 0
[  537.294420] CPU: 1 PID: 19100 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  537.302910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  537.312268] Call Trace:
[  537.314868]  dump_stack+0x1c9/0x2b4
[  537.318505]  ? dump_stack_print_info.cold.2+0x52/0x52
[  537.323706]  ? lock_acquire+0x1e4/0x540
[  537.327693]  should_fail.cold.4+0xa/0x11
[  537.331763]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  537.336876]  ? update_curr+0x4c8/0xc00
[  537.340768]  ? lock_downgrade+0x8f0/0x8f0
[  537.344927]  ? lock_release+0xa30/0xa30
[  537.348903]  ? cpuacct_css_alloc+0x160/0x160
[  537.353317]  ? enqueue_entity+0x34b/0x2130
[  537.357562]  ? update_curr+0x4e7/0xc00
[  537.361457]  ? lock_acquire+0x1e4/0x540
[  537.365442]  ? fs_reclaim_acquire+0x20/0x20
[  537.369771]  ? lock_downgrade+0x8f0/0x8f0
[  537.373930]  ? check_same_owner+0x340/0x340
[  537.378264]  ? rcu_note_context_switch+0x730/0x730
[  537.383202]  ? __enqueue_entity+0x10d/0x1f0
[  537.387539]  __should_failslab+0x124/0x180
[  537.391778]  should_failslab+0x9/0x14
[  537.395601]  kmem_cache_alloc+0x2af/0x760
[  537.399772]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  537.404794]  __kernfs_new_node+0x127/0x8d0
[  537.409039]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  537.410650] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  537.413804]  ? perf_trace_lock+0x920/0x920
[  537.413822]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  537.413839]  ? try_to_wake_up+0x10a/0x12a0
[  537.413853]  ? lock_downgrade+0x8f0/0x8f0
[  537.413871]  ? perf_trace_lock+0x920/0x920
[  537.441444]  ? kasan_check_read+0x11/0x20
[  537.445597]  ? do_raw_spin_unlock+0xa7/0x2f0
[  537.450019]  kernfs_new_node+0x95/0x120
[  537.453999]  kernfs_create_dir_ns+0x4d/0x160
[  537.458414]  internal_create_group+0x5fe/0xd80
[  537.463010]  ? remove_files.isra.1+0x190/0x190
[  537.467594]  ? up_write+0x7b/0x220
[  537.471137]  ? up_read+0x110/0x110
[  537.474680]  ? down_read+0x1d0/0x1d0
[  537.478398]  ? kasan_check_write+0x14/0x20
[  537.482640]  sysfs_create_group+0x1f/0x30
[  537.486789]  lo_ioctl+0x1307/0x1d70
[  537.490425]  ? lo_rw_aio_complete+0x450/0x450
[  537.494155] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  537.494921]  blkdev_ioctl+0x9cd/0x2030
[  537.494937]  ? lock_acquire+0x1e4/0x540
[  537.494952]  ? blkpg_ioctl+0xc40/0xc40
[  537.494970]  ? lock_release+0xa30/0xa30
[  537.495003]  ? save_stack+0xa9/0xd0
[  537.520220]  ? save_stack+0x43/0xd0
[  537.523855]  ? __fget+0x4d5/0x740
[  537.527317]  ? ksys_dup3+0x690/0x690
15:23:15 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x94f1fe7f, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:15 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0xfeffffff00000000]})

15:23:15 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:16 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf0b90000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:16 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  537.531040]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  537.535628]  ? kasan_check_write+0x14/0x20
[  537.539861]  ? do_raw_spin_lock+0xc1/0x200
[  537.544100]  block_ioctl+0xee/0x130
[  537.547729]  ? blkdev_fallocate+0x400/0x400
[  537.552057]  do_vfs_ioctl+0x1de/0x1720
[  537.555953]  ? ioctl_preallocate+0x300/0x300
[  537.560366]  ? __fget_light+0x2f7/0x440
[  537.564347]  ? fget_raw+0x20/0x20
[  537.567807]  ? trace_hardirqs_on+0xd/0x10
[  537.571959]  ? kmem_cache_free+0x22e/0x2d0
[  537.576192]  ? putname+0xf7/0x130
[  537.579651]  ? do_sys_open+0x3cb/0x720
15:23:16 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x6cfe, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  537.583539]  ? security_file_ioctl+0x94/0xc0
[  537.587946]  ksys_ioctl+0xa9/0xd0
[  537.591399]  __x64_sys_ioctl+0x73/0xb0
[  537.595287]  do_syscall_64+0x1b9/0x820
[  537.599178]  ? finish_task_switch+0x1d3/0x870
[  537.603673]  ? syscall_return_slowpath+0x5e0/0x5e0
[  537.608602]  ? syscall_return_slowpath+0x31d/0x5e0
[  537.613535]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  537.618554]  ? __switch_to_asm+0x34/0x70
[  537.622616]  ? __switch_to_asm+0x34/0x70
[  537.626678]  ? __switch_to_asm+0x40/0x70
[  537.630739]  ? __switch_to_asm+0x34/0x70
15:23:16 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xfffffff5, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  537.634803]  ? __switch_to_asm+0x40/0x70
[  537.638863]  ? __switch_to_asm+0x34/0x70
[  537.642924]  ? __switch_to_asm+0x40/0x70
[  537.646990]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  537.651840]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  537.657033] RIP: 0033:0x456997
[  537.660226] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  537.679129] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  537.686836] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
[  537.694106] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  537.701374] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  537.708640] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  537.715908] R13: 0000000000000000 R14: 00000000004c934c R15: 0000000000000008
[  537.724784] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:16 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x304000000000000]})

15:23:16 executing program 5 (fault-call:2 fault-nth:9):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:16 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x6c00, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:16 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6800000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:16 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e0000001600000002", 0x35, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:16 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  537.737338] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  537.821643] FAULT_INJECTION: forcing a failure.
[  537.821643] name failslab, interval 1, probability 0, space 0, times 0
[  537.832921] CPU: 1 PID: 19142 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  537.841402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  537.850748] Call Trace:
[  537.853336]  dump_stack+0x1c9/0x2b4
[  537.856961]  ? dump_stack_print_info.cold.2+0x52/0x52
[  537.862155]  should_fail.cold.4+0xa/0x11
[  537.866212]  ? __kernel_text_address+0xd/0x40
[  537.870709]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  537.875839]  ? __save_stack_trace+0x8d/0xf0
[  537.880161]  ? kernfs_activate+0x8e/0x2c0
[  537.884313]  ? lock_release+0xa30/0xa30
[  537.888297]  ? check_same_owner+0x340/0x340
[  537.892614]  ? rcu_note_context_switch+0x730/0x730
[  537.897544]  ? lock_acquire+0x1e4/0x540
[  537.901518]  ? fs_reclaim_acquire+0x20/0x20
[  537.905833]  ? lock_downgrade+0x8f0/0x8f0
[  537.909979]  ? check_same_owner+0x340/0x340
[  537.914299]  ? kasan_check_write+0x14/0x20
[  537.918528]  ? rcu_note_context_switch+0x730/0x730
[  537.923456]  __should_failslab+0x124/0x180
[  537.927691]  should_failslab+0x9/0x14
[  537.931489]  kmem_cache_alloc+0x2af/0x760
[  537.935635]  ? kasan_check_read+0x11/0x20
[  537.939785]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  537.944807]  __kernfs_new_node+0x127/0x8d0
[  537.949044]  ? kernfs_add_one+0x2d4/0x4d0
[  537.953189]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  537.957943]  ? kasan_check_write+0x14/0x20
[  537.962175]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  537.967104]  ? __kernfs_new_node+0x692/0x8d0
[  537.971509]  ? wait_for_completion+0x8d0/0x8d0
[  537.976090]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  537.980845]  ? kasan_check_write+0x14/0x20
[  537.985077]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  537.990008]  ? task_fork_fair+0x680/0x680
[  537.994154]  ? wait_for_completion+0x8d0/0x8d0
[  537.998740]  ? mutex_unlock+0xd/0x10
[  538.002452]  ? kernfs_activate+0x21a/0x2c0
[  538.006685]  kernfs_new_node+0x95/0x120
[  538.010661]  __kernfs_create_file+0x5a/0x340
[  538.015068]  sysfs_add_file_mode_ns+0x221/0x520
[  538.019739]  ? component_del+0x530/0x550
[  538.023798]  internal_create_group+0x3e1/0xd80
[  538.028382]  ? remove_files.isra.1+0x190/0x190
[  538.032959]  ? up_write+0x7b/0x220
[  538.036493]  ? up_read+0x110/0x110
[  538.040029]  ? down_read+0x1d0/0x1d0
[  538.043741]  ? kasan_check_write+0x14/0x20
[  538.047980]  sysfs_create_group+0x1f/0x30
[  538.052128]  lo_ioctl+0x1307/0x1d70
[  538.055755]  ? lo_rw_aio_complete+0x450/0x450
[  538.060247]  blkdev_ioctl+0x9cd/0x2030
[  538.064137]  ? lock_acquire+0x1e4/0x540
[  538.068108]  ? blkpg_ioctl+0xc40/0xc40
[  538.071998]  ? lock_release+0xa30/0xa30
[  538.075968]  ? save_stack+0xa9/0xd0
[  538.079590]  ? save_stack+0x43/0xd0
[  538.083214]  ? __fget+0x4d5/0x740
[  538.086670]  ? ksys_dup3+0x690/0x690
[  538.090384]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  538.094963]  ? kasan_check_write+0x14/0x20
[  538.099193]  ? do_raw_spin_lock+0xc1/0x200
[  538.103425]  block_ioctl+0xee/0x130
[  538.107056]  ? blkdev_fallocate+0x400/0x400
[  538.111376]  do_vfs_ioctl+0x1de/0x1720
[  538.115270]  ? ioctl_preallocate+0x300/0x300
15:23:16 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x200, 0x0)
ioctl$EVIOCGPHYS(r1, 0x80404507, &(0x7f0000000040)=""/14)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000080)={0x0, 0x81})
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:16 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf00a000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:16 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x3040000]})

[  538.119674]  ? __fget_light+0x2f7/0x440
[  538.123645]  ? fget_raw+0x20/0x20
[  538.127096]  ? trace_hardirqs_on+0xd/0x10
[  538.131249]  ? kmem_cache_free+0x22e/0x2d0
[  538.135488]  ? putname+0xf7/0x130
[  538.138942]  ? do_sys_open+0x3cb/0x720
[  538.142827]  ? security_file_ioctl+0x94/0xc0
[  538.147238]  ksys_ioctl+0xa9/0xd0
[  538.150694]  __x64_sys_ioctl+0x73/0xb0
[  538.154582]  do_syscall_64+0x1b9/0x820
[  538.158468]  ? finish_task_switch+0x1d3/0x870
[  538.162965]  ? syscall_return_slowpath+0x5e0/0x5e0
[  538.167894]  ? syscall_return_slowpath+0x31d/0x5e0
[  538.172822]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  538.177839]  ? __switch_to_asm+0x34/0x70
[  538.181901]  ? __switch_to_asm+0x34/0x70
[  538.185964]  ? __switch_to_asm+0x40/0x70
[  538.190025]  ? __switch_to_asm+0x34/0x70
[  538.194088]  ? __switch_to_asm+0x40/0x70
[  538.198150]  ? __switch_to_asm+0x34/0x70
[  538.202211]  ? __switch_to_asm+0x40/0x70
[  538.206279]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  538.211124]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  538.216308] RIP: 0033:0x456997
[  538.219504] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  538.238398] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  538.246102] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
[  538.253357] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  538.260612] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
15:23:16 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x88b8, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:16 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e00000000040000000400", 0x4f, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:16 executing program 5 (fault-call:2 fault-nth:10):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  538.267868] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  538.275123] R13: 0000000000000000 R14: 00000000004c934c R15: 0000000000000009
[  538.311205] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:16 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:16 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:16 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xbccc, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:16 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x403]})

15:23:16 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e00000000040000000400", 0x4f, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

[  538.457382] FAULT_INJECTION: forcing a failure.
[  538.457382] name failslab, interval 1, probability 0, space 0, times 0
[  538.468619] CPU: 0 PID: 19182 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  538.477099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  538.486434] Call Trace:
[  538.489009]  dump_stack+0x1c9/0x2b4
[  538.492627]  ? dump_stack_print_info.cold.2+0x52/0x52
[  538.497812]  should_fail.cold.4+0xa/0x11
[  538.501855]  ? __kernel_text_address+0xd/0x40
[  538.506336]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  538.511420]  ? __save_stack_trace+0x8d/0xf0
[  538.515740]  ? kernfs_activate+0x8e/0x2c0
[  538.519897]  ? lock_release+0xa30/0xa30
[  538.523878]  ? check_same_owner+0x340/0x340
[  538.528200]  ? rcu_note_context_switch+0x730/0x730
[  538.533130]  ? lock_acquire+0x1e4/0x540
[  538.537099]  ? fs_reclaim_acquire+0x20/0x20
[  538.541417]  ? lock_downgrade+0x8f0/0x8f0
[  538.545562]  ? check_same_owner+0x340/0x340
[  538.549880]  ? kasan_check_write+0x14/0x20
[  538.554108]  ? rcu_note_context_switch+0x730/0x730
[  538.559036]  __should_failslab+0x124/0x180
[  538.563267]  should_failslab+0x9/0x14
[  538.567071]  kmem_cache_alloc+0x2af/0x760
[  538.571230]  ? kasan_check_read+0x11/0x20
[  538.575377]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  538.580390]  __kernfs_new_node+0x127/0x8d0
[  538.584620]  ? kernfs_add_one+0x2d4/0x4d0
[  538.588765]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  538.593515]  ? kasan_check_write+0x14/0x20
[  538.597747]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  538.602669]  ? __kernfs_new_node+0x692/0x8d0
[  538.607073]  ? wait_for_completion+0x8d0/0x8d0
[  538.611649]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  538.616403]  ? kasan_check_write+0x14/0x20
[  538.620631]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  538.625557]  ? task_fork_fair+0x680/0x680
[  538.629705]  ? wait_for_completion+0x8d0/0x8d0
[  538.634291]  ? mutex_unlock+0xd/0x10
[  538.637998]  ? kernfs_activate+0x21a/0x2c0
[  538.642231]  kernfs_new_node+0x95/0x120
[  538.646203]  __kernfs_create_file+0x5a/0x340
[  538.650625]  sysfs_add_file_mode_ns+0x221/0x520
[  538.655320]  ? component_del+0x530/0x550
[  538.659382]  internal_create_group+0x3e1/0xd80
[  538.663967]  ? remove_files.isra.1+0x190/0x190
[  538.668543]  ? up_write+0x7b/0x220
[  538.672076]  ? up_read+0x110/0x110
[  538.675614]  ? down_read+0x1d0/0x1d0
[  538.679322]  ? kasan_check_write+0x14/0x20
[  538.683556]  sysfs_create_group+0x1f/0x30
[  538.687719]  lo_ioctl+0x1307/0x1d70
[  538.691346]  ? lo_rw_aio_complete+0x450/0x450
[  538.695839]  blkdev_ioctl+0x9cd/0x2030
[  538.699728]  ? lock_acquire+0x1e4/0x540
[  538.703699]  ? blkpg_ioctl+0xc40/0xc40
[  538.707603]  ? lock_release+0xa30/0xa30
[  538.711573]  ? save_stack+0xa9/0xd0
[  538.715197]  ? save_stack+0x43/0xd0
[  538.718819]  ? __fget+0x4d5/0x740
[  538.722268]  ? ksys_dup3+0x690/0x690
[  538.725981]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  538.730577]  ? kasan_check_write+0x14/0x20
[  538.734824]  ? do_raw_spin_lock+0xc1/0x200
[  538.739059]  block_ioctl+0xee/0x130
[  538.742687]  ? blkdev_fallocate+0x400/0x400
[  538.747038]  do_vfs_ioctl+0x1de/0x1720
[  538.750928]  ? ioctl_preallocate+0x300/0x300
[  538.755331]  ? __fget_light+0x2f7/0x440
[  538.759302]  ? fget_raw+0x20/0x20
[  538.762752]  ? trace_hardirqs_on+0xd/0x10
[  538.766896]  ? kmem_cache_free+0x22e/0x2d0
[  538.771125]  ? putname+0xf7/0x130
[  538.774575]  ? do_sys_open+0x3cb/0x720
[  538.778460]  ? security_file_ioctl+0x94/0xc0
[  538.782863]  ksys_ioctl+0xa9/0xd0
[  538.786316]  __x64_sys_ioctl+0x73/0xb0
[  538.790205]  do_syscall_64+0x1b9/0x820
[  538.794094]  ? syscall_return_slowpath+0x5e0/0x5e0
[  538.799022]  ? syscall_return_slowpath+0x31d/0x5e0
[  538.803953]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  538.808963]  ? __switch_to_asm+0x34/0x70
[  538.813021]  ? __switch_to_asm+0x34/0x70
[  538.817085]  ? __switch_to_asm+0x40/0x70
[  538.821144]  ? __switch_to_asm+0x34/0x70
[  538.825202]  ? __switch_to_asm+0x34/0x70
[  538.829263]  ? __switch_to_asm+0x40/0x70
[  538.833322]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  538.838165]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  538.843347] RIP: 0033:0x456997
[  538.846538] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  538.865429] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  538.873148] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
[  538.880410] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  538.887670] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  538.894935] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  538.902195] R13: 0000000000000000 R14: 00000000004c934c R15: 000000000000000a
15:23:16 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:17 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xfffffdfd, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:17 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0xfdfdffff]})

15:23:17 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x54e4, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:17 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x48, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:17 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x10000000004e23, @local}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4)

15:23:17 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x1000000]})

15:23:17 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e00000000040000000400", 0x4f, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:17 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:17 executing program 5 (fault-call:2 fault-nth:11):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:17 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xaf0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:17 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x2000000]})

15:23:17 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xffffff8c, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  539.133388] FAULT_INJECTION: forcing a failure.
[  539.133388] name failslab, interval 1, probability 0, space 0, times 0
[  539.146159] CPU: 0 PID: 19225 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  539.154684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  539.164035] Call Trace:
[  539.166626]  dump_stack+0x1c9/0x2b4
[  539.170254]  ? dump_stack_print_info.cold.2+0x52/0x52
[  539.175449]  should_fail.cold.4+0xa/0x11
[  539.179509]  ? __kernel_text_address+0xd/0x40
[  539.184008]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  539.189109]  ? __save_stack_trace+0x8d/0xf0
[  539.193429]  ? kernfs_activate+0x8e/0x2c0
[  539.197578]  ? lock_release+0xa30/0xa30
[  539.201548]  ? check_same_owner+0x340/0x340
[  539.205870]  ? rcu_note_context_switch+0x730/0x730
[  539.210802]  ? lock_acquire+0x1e4/0x540
[  539.214785]  ? fs_reclaim_acquire+0x20/0x20
[  539.219102]  ? lock_downgrade+0x8f0/0x8f0
[  539.223251]  ? check_same_owner+0x340/0x340
[  539.227585]  ? kasan_check_write+0x14/0x20
[  539.231817]  ? rcu_note_context_switch+0x730/0x730
[  539.236755]  __should_failslab+0x124/0x180
[  539.240990]  should_failslab+0x9/0x14
[  539.244791]  kmem_cache_alloc+0x2af/0x760
[  539.248939]  ? kasan_check_read+0x11/0x20
[  539.253083]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  539.258095]  __kernfs_new_node+0x127/0x8d0
[  539.262324]  ? kernfs_add_one+0x2d4/0x4d0
[  539.266472]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  539.271221]  ? kasan_check_write+0x14/0x20
[  539.275455]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  539.280382]  ? __kernfs_new_node+0x692/0x8d0
[  539.284792]  ? wait_for_completion+0x8d0/0x8d0
[  539.289370]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  539.294128]  ? kasan_check_write+0x14/0x20
[  539.298360]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  539.303284]  ? task_fork_fair+0x680/0x680
[  539.307428]  ? wait_for_completion+0x8d0/0x8d0
[  539.312013]  ? mutex_unlock+0xd/0x10
[  539.315725]  ? kernfs_activate+0x21a/0x2c0
[  539.319955]  kernfs_new_node+0x95/0x120
[  539.323927]  __kernfs_create_file+0x5a/0x340
[  539.328335]  sysfs_add_file_mode_ns+0x221/0x520
[  539.333006]  ? component_del+0x530/0x550
[  539.337069]  internal_create_group+0x3e1/0xd80
[  539.341655]  ? remove_files.isra.1+0x190/0x190
[  539.346236]  ? up_write+0x7b/0x220
[  539.349771]  ? up_read+0x110/0x110
[  539.353303]  ? down_read+0x1d0/0x1d0
[  539.357009]  ? kasan_check_write+0x14/0x20
[  539.361242]  sysfs_create_group+0x1f/0x30
[  539.365385]  lo_ioctl+0x1307/0x1d70
[  539.369011]  ? lo_rw_aio_complete+0x450/0x450
[  539.373506]  blkdev_ioctl+0x9cd/0x2030
[  539.377391]  ? lock_acquire+0x1e4/0x540
[  539.381358]  ? blkpg_ioctl+0xc40/0xc40
[  539.385241]  ? lock_release+0xa30/0xa30
[  539.389210]  ? perf_trace_lock+0x920/0x920
[  539.393441]  ? trace_hardirqs_on+0xd/0x10
[  539.397588]  ? note_gp_changes+0x420/0x420
[  539.401820]  ? __fget+0x4d5/0x740
[  539.405269]  ? ksys_dup3+0x690/0x690
[  539.408982]  ? blkcg_print_stat+0x1420/0x1420
[  539.413479]  ? task_work_run+0x1af/0x2a0
[  539.417554]  block_ioctl+0xee/0x130
[  539.421180]  ? blkdev_fallocate+0x400/0x400
[  539.425495]  do_vfs_ioctl+0x1de/0x1720
[  539.430976]  ? do_raw_spin_unlock+0xa7/0x2f0
[  539.435387]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  539.439971]  ? ioctl_preallocate+0x300/0x300
[  539.444373]  ? __fget_light+0x2f7/0x440
[  539.448342]  ? fget_raw+0x20/0x20
[  539.451813]  ? task_work_run+0x22b/0x2a0
[  539.455874]  ? task_work_cancel+0x240/0x240
[  539.460198]  ? do_sys_open+0x3cb/0x720
[  539.464092]  ? security_file_ioctl+0x94/0xc0
[  539.468495]  ksys_ioctl+0xa9/0xd0
[  539.471947]  __x64_sys_ioctl+0x73/0xb0
[  539.475837]  do_syscall_64+0x1b9/0x820
[  539.479720]  ? finish_task_switch+0x1d3/0x870
[  539.484216]  ? syscall_return_slowpath+0x5e0/0x5e0
[  539.489144]  ? syscall_return_slowpath+0x31d/0x5e0
[  539.494069]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  539.499084]  ? __switch_to_asm+0x34/0x70
[  539.503142]  ? __switch_to_asm+0x34/0x70
[  539.507201]  ? __switch_to_asm+0x40/0x70
[  539.511258]  ? __switch_to_asm+0x34/0x70
[  539.515313]  ? __switch_to_asm+0x40/0x70
[  539.519373]  ? __switch_to_asm+0x34/0x70
[  539.523432]  ? __switch_to_asm+0x40/0x70
[  539.527488]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  539.532329]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  539.537528] RIP: 0033:0x456997
[  539.540730] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  539.559632] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  539.567336] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
[  539.574598] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
15:23:17 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7400000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:17 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c000000100000", 0x5c, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:18 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x40830000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:18 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x304]})

15:23:18 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:18 executing program 5 (fault-call:2 fault-nth:12):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  539.581862] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  539.589122] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  539.596382] R13: 0000000000000000 R14: 00000000004c934c R15: 000000000000000b
15:23:18 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x28eb, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:18 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x100000000000000]})

[  539.831082] FAULT_INJECTION: forcing a failure.
[  539.831082] name failslab, interval 1, probability 0, space 0, times 0
[  539.842453] CPU: 0 PID: 19255 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  539.850940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  539.860417] Call Trace:
[  539.863010]  dump_stack+0x1c9/0x2b4
[  539.866668]  ? dump_stack_print_info.cold.2+0x52/0x52
[  539.871877]  ? __kernel_text_address+0xd/0x40
[  539.876380]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  539.881930]  should_fail.cold.4+0xa/0x11
[  539.885997]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  539.891105]  ? lock_release+0xa30/0xa30
[  539.895089]  ? rcu_note_context_switch+0x730/0x730
[  539.900025]  ? kasan_check_write+0x14/0x20
[  539.904261]  ? __mutex_lock+0x6d0/0x1700
[  539.908324]  ? kernfs_activate+0x8e/0x2c0
[  539.912477]  ? lock_acquire+0x1e4/0x540
[  539.916448]  ? fs_reclaim_acquire+0x20/0x20
[  539.920775]  ? lock_downgrade+0x8f0/0x8f0
[  539.924929]  ? kernfs_add_one+0x4f/0x4d0
[  539.928993]  ? check_same_owner+0x340/0x340
[  539.933316]  ? kernfs_activate+0x21a/0x2c0
[  539.937550]  ? rcu_note_context_switch+0x730/0x730
[  539.942501]  __should_failslab+0x124/0x180
[  539.946740]  should_failslab+0x9/0x14
[  539.950551]  kmem_cache_alloc+0x2af/0x760
[  539.954700]  ? kernfs_add_one+0x2d4/0x4d0
[  539.958849]  ? lock_downgrade+0x8f0/0x8f0
[  539.963000]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  539.968017]  __kernfs_new_node+0x127/0x8d0
[  539.972271]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  539.977025]  ? kasan_check_write+0x14/0x20
[  539.981258]  ? kasan_check_write+0x14/0x20
[  539.985489]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  539.990416]  ? wait_for_completion+0x8d0/0x8d0
[  539.994999]  ? wait_for_completion+0x8d0/0x8d0
[  539.999583]  ? kasan_check_write+0x14/0x20
[  540.003814]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  540.008742]  ? mutex_unlock+0xd/0x10
[  540.012456]  ? kernfs_activate+0x21a/0x2c0
[  540.016691]  ? kernfs_walk_and_get_ns+0x340/0x340
[  540.021537]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  540.027090]  ? kernfs_link_sibling+0x1d2/0x3b0
[  540.031677]  kernfs_new_node+0x95/0x120
[  540.035651]  __kernfs_create_file+0x5a/0x340
[  540.040059]  sysfs_add_file_mode_ns+0x221/0x520
[  540.044728]  ? component_del+0x530/0x550
[  540.048789]  internal_create_group+0x3e1/0xd80
[  540.053373]  ? remove_files.isra.1+0x190/0x190
[  540.057949]  ? up_write+0x7b/0x220
[  540.061497]  ? up_read+0x110/0x110
[  540.065048]  ? down_read+0x1d0/0x1d0
[  540.068758]  ? kasan_check_write+0x14/0x20
[  540.072995]  sysfs_create_group+0x1f/0x30
[  540.077140]  lo_ioctl+0x1307/0x1d70
[  540.080774]  ? lo_rw_aio_complete+0x450/0x450
[  540.085266]  blkdev_ioctl+0x9cd/0x2030
[  540.089150]  ? lock_acquire+0x1e4/0x540
[  540.093119]  ? blkpg_ioctl+0xc40/0xc40
[  540.097006]  ? lock_release+0xa30/0xa30
[  540.100983]  ? save_stack+0xa9/0xd0
[  540.107633]  ? save_stack+0x43/0xd0
[  540.111266]  ? __fget+0x4d5/0x740
[  540.114721]  ? ksys_dup3+0x690/0x690
[  540.118434]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  540.124805]  ? kasan_check_write+0x14/0x20
[  540.129165]  ? do_raw_spin_lock+0xc1/0x200
[  540.133433]  block_ioctl+0xee/0x130
[  540.137062]  ? blkdev_fallocate+0x400/0x400
[  540.141379]  do_vfs_ioctl+0x1de/0x1720
[  540.145268]  ? ioctl_preallocate+0x300/0x300
[  540.149678]  ? __fget_light+0x2f7/0x440
[  540.153653]  ? fget_raw+0x20/0x20
[  540.157109]  ? trace_hardirqs_on+0xd/0x10
[  540.161259]  ? kmem_cache_free+0x22e/0x2d0
[  540.165493]  ? putname+0xf7/0x130
[  540.168947]  ? do_sys_open+0x3cb/0x720
[  540.172834]  ? security_file_ioctl+0x94/0xc0
[  540.177240]  ksys_ioctl+0xa9/0xd0
[  540.180692]  __x64_sys_ioctl+0x73/0xb0
[  540.184593]  do_syscall_64+0x1b9/0x820
[  540.188851]  ? finish_task_switch+0x1d3/0x870
[  540.193346]  ? syscall_return_slowpath+0x5e0/0x5e0
[  540.198276]  ? syscall_return_slowpath+0x31d/0x5e0
[  540.203203]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  540.208217]  ? __switch_to_asm+0x34/0x70
[  540.212279]  ? __switch_to_asm+0x34/0x70
[  540.216340]  ? __switch_to_asm+0x40/0x70
[  540.220397]  ? __switch_to_asm+0x34/0x70
[  540.224456]  ? __switch_to_asm+0x40/0x70
[  540.228511]  ? __switch_to_asm+0x34/0x70
[  540.232571]  ? __switch_to_asm+0x40/0x70
[  540.236632]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  540.241481]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  540.246668] RIP: 0033:0x456997
[  540.249861] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  540.268753] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
15:23:18 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x200000000000000]})

15:23:18 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c000000100000", 0x5c, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:18 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:18 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x4)
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100, 0x101000)
fsetxattr(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="62557266732e71797a2d6c861b61789a3c8c0ea41e56feea4732be435b022afb9434d7d289a6a687000009b361503537e936a2ff205475f2880000"], &(0x7f00000000c0)='%keyring\x00', 0x9, 0x3)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000040)={0x3, 0x1, 0x800, 0x2, 'syz1\x00', 0x207})
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e24, 0x0, @remote, 0x400}}, 0x100, 0xd7b0, 0x0, "a338747ff0897af749f5686ea100cb64e6f2b8f7c86b4efeb0cc8190c473ea4e9c537e971e910a3826e90bc58e3ec77f6f9b88217eba306b998fb26d081ae0488ea8896d50361a5ca1bbb9fabf7ed39d"}, 0xd8)

15:23:18 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xca58, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:18 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x1000000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:18 executing program 5 (fault-call:2 fault-nth:13):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  540.276471] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
[  540.283742] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  540.291005] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  540.298266] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  540.305529] R13: 0000000000000000 R14: 00000000004c934c R15: 000000000000000c
15:23:18 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x300000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:18 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:18 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c000000100000", 0x5c, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:18 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0xfeffffff]})

15:23:18 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x283c000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  540.539197] FAULT_INJECTION: forcing a failure.
[  540.539197] name failslab, interval 1, probability 0, space 0, times 0
[  540.550573] CPU: 0 PID: 19296 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  540.559064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  540.568415] Call Trace:
[  540.571015]  dump_stack+0x1c9/0x2b4
[  540.574649]  ? dump_stack_print_info.cold.2+0x52/0x52
[  540.579851]  ? __kernel_text_address+0xd/0x40
[  540.584355]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  540.589901]  ? replace_slot+0xc9/0x4c0
[  540.593799]  should_fail.cold.4+0xa/0x11
[  540.597865]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  540.602958]  ? lock_release+0xa30/0xa30
[  540.606920]  ? rcu_note_context_switch+0x730/0x730
[  540.611857]  ? kasan_check_write+0x14/0x20
[  540.616079]  ? __mutex_lock+0x6d0/0x1700
[  540.620130]  ? kernfs_activate+0x8e/0x2c0
[  540.624264]  ? lock_acquire+0x1e4/0x540
[  540.628219]  ? fs_reclaim_acquire+0x20/0x20
[  540.632526]  ? lock_downgrade+0x8f0/0x8f0
[  540.636658]  ? kernfs_add_one+0x4f/0x4d0
[  540.640701]  ? check_same_owner+0x340/0x340
[  540.645005]  ? kernfs_activate+0x21a/0x2c0
[  540.649223]  ? rcu_note_context_switch+0x730/0x730
[  540.654141]  __should_failslab+0x124/0x180
[  540.658371]  should_failslab+0x9/0x14
[  540.662165]  kmem_cache_alloc+0x2af/0x760
[  540.666306]  ? kernfs_add_one+0x2d4/0x4d0
[  540.670445]  ? lock_downgrade+0x8f0/0x8f0
[  540.674605]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  540.679618]  __kernfs_new_node+0x127/0x8d0
[  540.683842]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  540.688580]  ? kasan_check_write+0x14/0x20
[  540.692809]  ? kasan_check_write+0x14/0x20
[  540.697027]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  540.701948]  ? wait_for_completion+0x8d0/0x8d0
[  540.706526]  ? wait_for_completion+0x8d0/0x8d0
[  540.711101]  ? kasan_check_write+0x14/0x20
[  540.715322]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  540.720251]  ? __switch_to_asm+0x40/0x70
[  540.724307]  ? mutex_unlock+0xd/0x10
[  540.728003]  ? kernfs_activate+0x21a/0x2c0
[  540.732219]  ? kernfs_walk_and_get_ns+0x340/0x340
[  540.737047]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  540.742573]  ? kernfs_link_sibling+0x1d2/0x3b0
[  540.747142]  kernfs_new_node+0x95/0x120
[  540.751111]  __kernfs_create_file+0x5a/0x340
[  540.755513]  sysfs_add_file_mode_ns+0x221/0x520
[  540.760165]  ? component_del+0x530/0x550
[  540.764207]  internal_create_group+0x3e1/0xd80
[  540.768774]  ? remove_files.isra.1+0x190/0x190
[  540.773343]  ? up_write+0x7b/0x220
[  540.776886]  ? up_read+0x110/0x110
[  540.780412]  ? down_read+0x1d0/0x1d0
[  540.784112]  ? kasan_check_write+0x14/0x20
[  540.788336]  sysfs_create_group+0x1f/0x30
[  540.792469]  lo_ioctl+0x1307/0x1d70
[  540.796084]  ? lo_rw_aio_complete+0x450/0x450
[  540.800573]  blkdev_ioctl+0x9cd/0x2030
[  540.804459]  ? lock_acquire+0x1e4/0x540
[  540.808428]  ? blkpg_ioctl+0xc40/0xc40
[  540.812299]  ? lock_release+0xa30/0xa30
[  540.816256]  ? save_stack+0xa9/0xd0
[  540.819861]  ? save_stack+0x43/0xd0
[  540.823473]  ? __fget+0x4d5/0x740
[  540.826920]  ? ksys_dup3+0x690/0x690
[  540.830612]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  540.835188]  ? kasan_check_write+0x14/0x20
[  540.839427]  ? do_raw_spin_lock+0xc1/0x200
[  540.843655]  block_ioctl+0xee/0x130
[  540.847263]  ? blkdev_fallocate+0x400/0x400
[  540.851564]  do_vfs_ioctl+0x1de/0x1720
[  540.855451]  ? ioctl_preallocate+0x300/0x300
[  540.859851]  ? __fget_light+0x2f7/0x440
[  540.863808]  ? fget_raw+0x20/0x20
[  540.867253]  ? trace_hardirqs_on+0xd/0x10
[  540.871383]  ? kmem_cache_free+0x22e/0x2d0
[  540.875602]  ? putname+0xf7/0x130
[  540.879044]  ? do_sys_open+0x3cb/0x720
[  540.882924]  ? security_file_ioctl+0x94/0xc0
[  540.887317]  ksys_ioctl+0xa9/0xd0
[  540.890762]  __x64_sys_ioctl+0x73/0xb0
[  540.894633]  do_syscall_64+0x1b9/0x820
[  540.898522]  ? syscall_return_slowpath+0x5e0/0x5e0
[  540.903437]  ? syscall_return_slowpath+0x31d/0x5e0
[  540.908347]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  540.913345]  ? __switch_to_asm+0x34/0x70
[  540.917394]  ? __switch_to_asm+0x34/0x70
[  540.921439]  ? __switch_to_asm+0x40/0x70
[  540.925487]  ? __switch_to_asm+0x34/0x70
[  540.929528]  ? __switch_to_asm+0x34/0x70
[  540.933569]  ? __switch_to_asm+0x40/0x70
[  540.937612]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  540.942450]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  540.947641] RIP: 0033:0x456997
[  540.950827] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  540.969706] RSP: 002b:00007f1b508eca88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  540.977396] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
15:23:19 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0xfeffffff00000000]})

15:23:19 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xeca6000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:19 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x40000, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:19 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x1f000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  540.984646] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  540.991896] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  540.999155] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  541.006411] R13: 0000000000000000 R14: 00000000004c934c R15: 000000000000000d
15:23:19 executing program 5 (fault-call:2 fault-nth:14):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:19 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x6c000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:19 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000", 0x63, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:19 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x1000000]})

[  541.226030] FAULT_INJECTION: forcing a failure.
[  541.226030] name failslab, interval 1, probability 0, space 0, times 0
[  541.237479] CPU: 1 PID: 19322 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  541.245970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  541.255316] Call Trace:
[  541.257897]  dump_stack+0x1c9/0x2b4
[  541.261517]  ? dump_stack_print_info.cold.2+0x52/0x52
[  541.266695]  ? __kernel_text_address+0xd/0x40
[  541.271180]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  541.276706]  ? replace_slot+0xc9/0x4c0
[  541.280589]  should_fail.cold.4+0xa/0x11
[  541.284639]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  541.289734]  ? lock_release+0xa30/0xa30
[  541.293699]  ? rcu_note_context_switch+0x730/0x730
[  541.298623]  ? kasan_check_write+0x14/0x20
[  541.302846]  ? __mutex_lock+0x6d0/0x1700
[  541.306897]  ? kernfs_activate+0x8e/0x2c0
[  541.311036]  ? lock_acquire+0x1e4/0x540
[  541.314997]  ? fs_reclaim_acquire+0x20/0x20
[  541.319306]  ? lock_downgrade+0x8f0/0x8f0
[  541.323446]  ? kernfs_add_one+0x4f/0x4d0
[  541.327497]  ? check_same_owner+0x340/0x340
[  541.331804]  ? kernfs_activate+0x21a/0x2c0
[  541.336025]  ? rcu_note_context_switch+0x730/0x730
[  541.340951]  __should_failslab+0x124/0x180
[  541.345173]  should_failslab+0x9/0x14
[  541.348967]  kmem_cache_alloc+0x2af/0x760
[  541.353102]  ? kernfs_add_one+0x2d4/0x4d0
[  541.357242]  ? lock_downgrade+0x8f0/0x8f0
[  541.361380]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  541.366389]  __kernfs_new_node+0x127/0x8d0
[  541.370615]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  541.375356]  ? kasan_check_write+0x14/0x20
[  541.379580]  ? kasan_check_write+0x14/0x20
[  541.383804]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  541.388718]  ? wait_for_completion+0x8d0/0x8d0
[  541.393286]  ? wait_for_completion+0x8d0/0x8d0
[  541.397857]  ? kasan_check_write+0x14/0x20
[  541.402092]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  541.407010]  ? mutex_unlock+0xd/0x10
[  541.410713]  ? kernfs_activate+0x21a/0x2c0
[  541.414942]  ? kernfs_walk_and_get_ns+0x340/0x340
[  541.419780]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  541.425305]  ? kernfs_link_sibling+0x1d2/0x3b0
[  541.429880]  kernfs_new_node+0x95/0x120
[  541.433845]  __kernfs_create_file+0x5a/0x340
[  541.438243]  sysfs_add_file_mode_ns+0x221/0x520
[  541.442905]  ? component_del+0x530/0x550
[  541.446966]  internal_create_group+0x3e1/0xd80
[  541.451541]  ? remove_files.isra.1+0x190/0x190
[  541.456110]  ? up_write+0x7b/0x220
[  541.459637]  ? up_read+0x110/0x110
[  541.463160]  ? down_read+0x1d0/0x1d0
[  541.466858]  ? kasan_check_write+0x14/0x20
[  541.471094]  sysfs_create_group+0x1f/0x30
[  541.475229]  lo_ioctl+0x1307/0x1d70
[  541.478850]  ? lo_rw_aio_complete+0x450/0x450
[  541.483335]  blkdev_ioctl+0x9cd/0x2030
[  541.487211]  ? lock_acquire+0x1e4/0x540
[  541.491174]  ? blkpg_ioctl+0xc40/0xc40
[  541.495047]  ? lock_release+0xa30/0xa30
[  541.499012]  ? save_stack+0xa9/0xd0
[  541.502623]  ? save_stack+0x43/0xd0
[  541.506242]  ? __fget+0x4d5/0x740
[  541.509687]  ? ksys_dup3+0x690/0x690
[  541.513386]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  541.517956]  ? kasan_check_write+0x14/0x20
[  541.522176]  ? do_raw_spin_lock+0xc1/0x200
[  541.526404]  block_ioctl+0xee/0x130
[  541.530016]  ? blkdev_fallocate+0x400/0x400
[  541.534326]  do_vfs_ioctl+0x1de/0x1720
[  541.538203]  ? ioctl_preallocate+0x300/0x300
[  541.542595]  ? __fget_light+0x2f7/0x440
[  541.546553]  ? fget_raw+0x20/0x20
[  541.549995]  ? trace_hardirqs_on+0xd/0x10
[  541.554138]  ? kmem_cache_free+0x22e/0x2d0
[  541.558358]  ? putname+0xf7/0x130
[  541.561801]  ? do_sys_open+0x3cb/0x720
[  541.565679]  ? security_file_ioctl+0x94/0xc0
[  541.570075]  ksys_ioctl+0xa9/0xd0
[  541.573521]  __x64_sys_ioctl+0x73/0xb0
[  541.577400]  do_syscall_64+0x1b9/0x820
[  541.581275]  ? finish_task_switch+0x1d3/0x870
[  541.585760]  ? syscall_return_slowpath+0x5e0/0x5e0
[  541.590677]  ? syscall_return_slowpath+0x31d/0x5e0
[  541.595595]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  541.600598]  ? __switch_to_asm+0x34/0x70
[  541.604647]  ? __switch_to_asm+0x34/0x70
[  541.608692]  ? __switch_to_asm+0x40/0x70
[  541.612740]  ? __switch_to_asm+0x34/0x70
[  541.616784]  ? __switch_to_asm+0x40/0x70
[  541.620833]  ? __switch_to_asm+0x34/0x70
[  541.624881]  ? __switch_to_asm+0x40/0x70
[  541.628934]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  541.633767]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  541.638942] RIP: 0033:0x456997
[  541.642124] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  541.661021] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  541.668716] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
[  541.675972] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  541.683225] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  541.690477] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  541.697728] R13: 0000000000000000 R14: 00000000004c934c R15: 000000000000000e
[  541.707563] EXT4-fs: 18 callbacks suppressed
[  541.707571] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:20 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
getsockopt$inet_mreqsrc(r0, 0x0, 0x2d, &(0x7f0000000000)={@rand_addr, @remote, @multicast2}, &(0x7f0000000040)=0xc)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:20 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x2805, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:20 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf5ffffff00000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:20 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x2000000]})

15:23:20 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfffffff6, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:20 executing program 5 (fault-call:2 fault-nth:15):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  541.733899] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  541.742219] f2fs_msg: 62 callbacks suppressed
[  541.742226] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  541.753918] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:20 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x4, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:20 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa041000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  541.791117] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(0) root(3)
[  541.798110] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  541.820192] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  541.827472] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:20 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0xfffffffe]})

15:23:20 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x2d00, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:20 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000", 0x63, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

[  541.849829] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(0) root(3)
[  541.856978] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  541.982731] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  541.989575] FAULT_INJECTION: forcing a failure.
[  541.989575] name failslab, interval 1, probability 0, space 0, times 0
[  542.000863] CPU: 0 PID: 19359 Comm: syz-executor5 Not tainted 4.18.0-rc7-next-20180803+ #31
[  542.009352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  542.018701] Call Trace:
[  542.021287]  dump_stack+0x1c9/0x2b4
[  542.024915]  ? dump_stack_print_info.cold.2+0x52/0x52
[  542.030107]  should_fail.cold.4+0xa/0x11
[  542.034165]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  542.039264]  ? wait_for_completion+0x8d0/0x8d0
[  542.043843]  ? kasan_check_write+0x14/0x20
[  542.048074]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  542.052998]  ? mutex_unlock+0xd/0x10
[  542.056706]  ? kernfs_activate+0x21a/0x2c0
[  542.060938]  ? kernfs_walk_and_get_ns+0x340/0x340
[  542.065781]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  542.071310]  ? kernfs_link_sibling+0x1d2/0x3b0
[  542.075891]  ? lock_acquire+0x1e4/0x540
[  542.079865]  ? fs_reclaim_acquire+0x20/0x20
[  542.084185]  ? lock_downgrade+0x8f0/0x8f0
[  542.088326]  ? kernfs_get+0x30/0x30
[  542.091959]  ? check_same_owner+0x340/0x340
[  542.096288]  ? rcu_note_context_switch+0x730/0x730
[  542.101219]  ? sysfs_add_file_mode_ns+0x245/0x520
[  542.106837]  __should_failslab+0x124/0x180
[  542.111072]  should_failslab+0x9/0x14
[  542.114871]  kmem_cache_alloc_trace+0x2cb/0x780
[  542.119544]  ? device_create_file+0x1e0/0x1e0
[  542.124246]  kobject_uevent_env+0x20f/0x1110
[  542.128648]  ? kasan_check_write+0x14/0x20
[  542.132880]  kobject_uevent+0x1f/0x30
[  542.138434]  lo_ioctl+0x1385/0x1d70
[  542.142221]  ? lo_rw_aio_complete+0x450/0x450
[  542.146721]  blkdev_ioctl+0x9cd/0x2030
[  542.150609]  ? lock_acquire+0x1e4/0x540
[  542.154580]  ? blkpg_ioctl+0xc40/0xc40
[  542.158899]  ? lock_release+0xa30/0xa30
[  542.162889]  ? save_stack+0xa9/0xd0
[  542.166514]  ? save_stack+0x43/0xd0
[  542.170135]  ? __fget+0x4d5/0x740
[  542.173585]  ? ksys_dup3+0x690/0x690
[  542.177294]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  542.181876]  ? kasan_check_write+0x14/0x20
[  542.186108]  ? do_raw_spin_lock+0xc1/0x200
[  542.190748]  block_ioctl+0xee/0x130
[  542.194374]  ? blkdev_fallocate+0x400/0x400
[  542.198692]  do_vfs_ioctl+0x1de/0x1720
[  542.202581]  ? ioctl_preallocate+0x300/0x300
[  542.206981]  ? __fget_light+0x2f7/0x440
[  542.210955]  ? fget_raw+0x20/0x20
[  542.214407]  ? trace_hardirqs_on+0xd/0x10
[  542.218564]  ? kmem_cache_free+0x22e/0x2d0
[  542.222795]  ? putname+0xf7/0x130
[  542.226242]  ? do_sys_open+0x3cb/0x720
[  542.230128]  ? security_file_ioctl+0x94/0xc0
[  542.234531]  ksys_ioctl+0xa9/0xd0
[  542.237981]  __x64_sys_ioctl+0x73/0xb0
[  542.241864]  do_syscall_64+0x1b9/0x820
[  542.245761]  ? syscall_return_slowpath+0x5e0/0x5e0
[  542.250699]  ? syscall_return_slowpath+0x31d/0x5e0
[  542.255627]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  542.260642]  ? __switch_to_asm+0x34/0x70
[  542.264699]  ? __switch_to_asm+0x34/0x70
[  542.268757]  ? __switch_to_asm+0x40/0x70
[  542.272812]  ? __switch_to_asm+0x34/0x70
[  542.276865]  ? __switch_to_asm+0x34/0x70
[  542.280919]  ? __switch_to_asm+0x40/0x70
[  542.284984]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  542.289826]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  542.295005] RIP: 0033:0x456997
[  542.298194] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  542.317084] RSP: 002b:00007f1b5090da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  542.324801] RAX: ffffffffffffffda RBX: 0000000020000010 RCX: 0000000000456997
15:23:20 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x200000000000000]})

15:23:20 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x528, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:20 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfffffdfd, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:20 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x74a10000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  542.332064] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  542.339324] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[  542.346586] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  542.353849] R13: 0000000000000000 R14: 00000000004c934c R15: 000000000000000f
[  542.420402] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  542.427567] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:21 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5c5a0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  542.507684] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  542.541611] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  542.547702] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:21 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_udp_int(r0, 0x11, 0x65, &(0x7f00000000c0)=0x8, 0x4)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x206040, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="2d72646261202b70616473202d696fff0126fcbe05d54ed67015ff01000000000000037f7b21d883772679fc0d34f771ecec3689bba05a360f700f94d10fb35fc1a5cb44583f56c4e74c2425ca2519426cf6b9a94fd0cb5665e62c2cc9fb4a5d72108733f96d604190241401c332c2aba257a626f0dbbf6965630fe2351906f2be342d2d5751df5a3f2e764cb39c2044ef7d42db9749c105fde15ee33e4af42f7fd9"], 0x10)
signalfd4(r1, &(0x7f0000000040)={0x200}, 0x8, 0x80000)
setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000080)=0x8, 0x4)
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000100), 0x4)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:21 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0xfdfdffff]})

15:23:21 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4c, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:21 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x1c, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:21 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x74, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  542.748006] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  542.770188] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:21 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:21 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000", 0x63, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:21 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x40000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:21 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x2]})

15:23:21 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x4000000000000, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:21 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x700, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:21 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xffffffffffffffff, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  542.794478] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  542.807630] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:21 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x1c000000, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:21 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100", 0x66, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:21 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0xfffffdfd]})

15:23:21 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x70620000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:22 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000000)={@broadcast, @dev={0xac, 0x14, 0x14, 0x20}, @rand_addr=0x2}, 0xed66f6258c1dd6a9)
ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000040)='veth0\x00')
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:22 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x2805000000000000, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:22 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6402743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:22 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7a00, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:22 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100", 0x66, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:22 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x1847, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:22 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x100000000000000]})

15:23:22 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x1000000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:22 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4826000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:22 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x304000000000000]})

15:23:22 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x1c00000000000000, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:22 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100", 0x66, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:22 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x8cffffff, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:22 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:22 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0xfdfdffff00000000]})

15:23:22 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc91000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:22 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x450400, 0x0)
getdents(r1, &(0x7f0000000040)=""/93, 0x5d)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:22 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x4c00, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:22 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x28050000, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:22 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c000000100000001400000300000001000000", 0x68, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:22 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x3040000]})

15:23:22 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x48000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:22 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x10a4, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:22 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:22 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x304]})

15:23:22 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xacd20000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:22 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c000000100000001400000300000001000000", 0x68, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:22 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x1c00, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:23 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x68000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:23 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf0b9, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:23 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:23 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x403]})

15:23:23 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @multicast1}, 0xc)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:23 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x1c00000000000000}}], 0x1, 0x0, 0x0)

15:23:23 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c000000100000001400000300000001000000", 0x68, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:23 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x2d, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:23 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xf6ffffff, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:23 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x1344, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:23 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:23 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0xfffffffe]})

15:23:23 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x28050000}}], 0x1, 0x0, 0x0)

15:23:23 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x8, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:23 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x304]})

15:23:23 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:23 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x68000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:23 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x10, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:23 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:23 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4718, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:24 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r1 = socket$inet(0x2, 0x1, 0x1)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f00000000c0)={'filter\x00', 0x0, 0x4, 0x53, [], 0x4, &(0x7f0000000000)=[{}, {}, {}, {}], &(0x7f0000000040)=""/83}, &(0x7f0000000180)=0x78)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:24 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0xfffffdfd]})

15:23:24 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:24 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x1c000000}}], 0x1, 0x0, 0x0)

15:23:24 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xaf00, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:24 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:24 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:24 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x7400, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:24 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0xfdfdffff00000000]})

15:23:24 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}, {@prjjquota={'prjjquota', 0x3d, 'em1eth0'}}]})

15:23:24 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x74a1000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:24 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x1c00}}], 0x1, 0x0, 0x0)

15:23:24 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743403", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:24 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x200000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:24 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0xfeffffff00000000]})

15:23:24 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xffffffff00000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:25 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x8801, 0x0)
ioctl$KVM_GET_MP_STATE(r1, 0x8004ae98, &(0x7f0000000040))
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:25 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:25 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x1000000]})

15:23:25 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x40000}}], 0x1, 0x0, 0x0)

15:23:25 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x90fb000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:25 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743405", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:25 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x40000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:25 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x2000000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  546.968839] EXT4-fs: 42 callbacks suppressed
[  546.968850] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  546.992293] f2fs_msg: 86 callbacks suppressed
[  546.992305] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  546.993416] EXT4-fs (sda1): quotafile must be on filesystem root
[  546.996861] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:25 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x403]})

15:23:25 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x2805}}], 0x1, 0x0, 0x0)

15:23:25 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7a000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  546.997117] F2FS-fs (loop0): journaled quota format not specified
15:23:25 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x2c7b000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:25 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  547.047350] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  547.054466] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  547.065711] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:25 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x4}}], 0x1, 0x0, 0x0)

15:23:25 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x3040000]})

15:23:25 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  547.088012] F2FS-fs (loop0): journaled quota format not specified
[  547.158963] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  547.165577] EXT4-fs (sda1): quotafile must be on filesystem root
[  547.193194] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  547.202067] EXT4-fs (sda1): quotafile must be on filesystem root
[  547.216473] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  547.223555] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  547.233481] F2FS-fs (loop0): journaled quota format not specified
[  547.241699] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
15:23:26 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x40400, 0x0)
ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000040))
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:26 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xfcfdffff, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:26 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x581b0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:26 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x528}}], 0x1, 0x0, 0x0)

15:23:26 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0xfeffffff]})

15:23:26 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xf108, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:26 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:26 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:26 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x1c}}], 0x1, 0x0, 0x0)

15:23:26 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200))

15:23:26 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x11000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:26 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x2000000]})

[  547.843327] EXT4-fs (sda1): quotafile must be on filesystem root
[  547.861053] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:26 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x2805000000000000}}], 0x1, 0x0, 0x0)

15:23:26 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  547.889605] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:26 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:26 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x8f1, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  547.953237] attempt to access beyond end of device
[  547.958249] loop0: rw=12288, want=8200, limit=20
[  547.978427] attempt to access beyond end of device
[  547.983462] loop0: rw=12288, want=12296, limit=20
[  548.000931] attempt to access beyond end of device
[  548.005963] loop0: rw=12288, want=8200, limit=20
[  548.011289] attempt to access beyond end of device
[  548.016291] loop0: rw=12288, want=12296, limit=20
15:23:27 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x3e1)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x800, 0x0)
accept4$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000200)=0x14, 0x800)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000100)={@rand_addr=0x3033300, @multicast2, @loopback}, 0xc)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000000)={0x4, 0x5, 0x1, 0x13f, 0x4, [{0x8, 0x0, 0x10001, 0x0, 0x0, 0x100}, {0x5, 0x0, 0x5}, {0x400, 0x0, 0x100000001, 0x0, 0x0, 0x1400}, {0x6, 0x0, 0x5, 0x0, 0x0, 0x800}]})
remap_file_pages(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x4, 0x40)

15:23:27 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x9cdd000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:27 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0xfdfdffff]})

15:23:27 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x4000000000000}}], 0x1, 0x0, 0x0)

15:23:27 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200))

15:23:27 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:27 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x700000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:27 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x4, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:27 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf4f8000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:27 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x2]})

15:23:27 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

[  548.733827] attempt to access beyond end of device
[  548.738855] loop0: rw=12288, want=8200, limit=20
15:23:27 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:27 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:27 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x3f00000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  548.774993] attempt to access beyond end of device
[  548.780005] loop0: rw=12288, want=12296, limit=20
[  548.792978] attempt to access beyond end of device
[  548.797995] loop0: rw=12288, want=8200, limit=20
15:23:27 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:27 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x100000000000000]})

[  548.844264] attempt to access beyond end of device
[  548.849356] loop0: rw=12288, want=12296, limit=20
15:23:28 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x40)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000400)={{{@in6, @in6=@remote}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x101000)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000200)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000040)=0x48a)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004380)={'team0\x00', r3})
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:28 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x54b7000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:28 executing program 0:
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200))

15:23:28 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:28 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x200000000000000]})

15:23:28 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x10000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:28 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:28 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x6000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:28 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x304000000000000]})

[  549.562190] attempt to access beyond end of device
[  549.567212] loop0: rw=12288, want=8200, limit=20
15:23:28 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:28 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xffffffffffffffff, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:28 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa480000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:28 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

[  549.604228] attempt to access beyond end of device
[  549.609255] loop0: rw=12288, want=12296, limit=20
[  549.629457] attempt to access beyond end of device
[  549.634631] loop0: rw=12288, want=8200, limit=20
[  549.644956] attempt to access beyond end of device
15:23:28 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x403]})

[  549.649972] loop0: rw=12288, want=12296, limit=20
15:23:28 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x6800000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:28 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xffffff7f00000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:28 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
getgroups(0x4, &(0x7f0000000000)=[<r1=>0xee01, 0xee00, 0xee00, 0x0])
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = getgid()
setresgid(r1, r2, r3)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:28 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:28 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x304000000000000]})

15:23:28 executing program 0:

15:23:28 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:28 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2d000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:28 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa041, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:28 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x40000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:29 executing program 0:

15:23:29 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0xfdfdffff00000000]})

15:23:29 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x8340, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:29 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:29 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x74000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:29 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743407", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:29 executing program 0:

15:23:29 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x3040000]})

15:23:29 executing program 7:
unshare(0x2040600)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
mmap(&(0x7f0000000000/0xd15000)=nil, 0xd15000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
fgetxattr(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000000a563422a00"], &(0x7f0000000180)=""/2, 0x2)
r1 = socket$inet(0x2b, 0x80a, 0x8000000000000)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x1, 0x0)
ioctl$KVM_GET_XCRS(r2, 0x8188aea6, &(0x7f0000000080)={0x4, 0x8001, [{0x80000001, 0x0, 0x4}, {0x10000, 0x0, 0xffffffffffff0001}, {0x7f, 0x0, 0x9}, {0x8, 0x0, 0x7e6}]})
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xffffffffffffff9e)
ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000200))
setsockopt$inet_mreqsrc(r1, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r1, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:29 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x400000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:29 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x58ca000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:29 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:29 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0xfdfdffff]})

15:23:29 executing program 0:

15:23:29 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743448", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:29 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6c, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:29 executing program 0:

15:23:29 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0xfffffdfd]})

15:23:29 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000180)={0x10001}, 0x4)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000000)={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x11}}, {0x306, @broadcast}, 0xa, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1c}}, 'ip6_vti0\x00'})
r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x5, 0x200000)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000200)={<r2=>0x0, @in6={{0xa, 0x4e22, 0x4, @empty, 0x3ff}}}, &(0x7f00000000c0)=0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0x5, 0x2, 0x1, 0x7, r2}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:29 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:29 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0xfeffffff00000000]})

15:23:29 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x6000000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:29 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x60, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:29 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xfffffff6, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:29 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:30 executing program 0:

15:23:30 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x200000000000000]})

15:23:30 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:30 executing program 0:

15:23:30 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xccbc0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:30 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x1000000]})

15:23:30 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:30 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfffffdfc, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:30 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0xfeffffff]})

15:23:30 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
lseek(r0, 0x0, 0x6)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7, 0x3)
ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000040)=""/149)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))
acct(&(0x7f0000000100)='./file0\x00')

15:23:30 executing program 0:

15:23:30 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe4540000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:30 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:30 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:30 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x2000000]})

15:23:30 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfcfdffff, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:30 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xf6ffffff00000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:30 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x2]})

15:23:30 executing program 0:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x40)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000400)={{{@in6, @in6=@remote}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x101000)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000200)={{{@in, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000040)=0x48a)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004380)={'team0\x00', r3})
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:30 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xd45f0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  552.292024] EXT4-fs: 45 callbacks suppressed
[  552.292033] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  552.302628] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:30 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x0}}], 0x1, 0x0, 0x0)

15:23:30 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:30 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x300, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  552.337009] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:30 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x1c000000}], 0x1, 0x0, 0x0)

[  552.402871] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  552.424031] EXT4-fs (sda1): quotafile must be on filesystem root
[  552.436415] tls_set_device_offload_rx: netdev lo with no TLS offload
15:23:30 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x1000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  552.457929] EXT4-fs (sda1): quotafile must be on filesystem root
[  552.477667] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  552.510678] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  552.588505] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  552.624553] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:31 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="085fb64628a204cc996d68904eef8f6b17b2610fd507289b0b99a743503703bc0402b52e5aba43fa52805219d8899f1d11de7978800e96634ed370da311838dfe3b41d6b4321ca878745602faf556696aaa81bbf1d35933ed5fcea7a266c9efbf669b56ff5b5193e7b5514033b7f555288b046382b08a1b94e1380dfd36b7992c1082ea4fa6f265aacadbbd7d71fa6efccd1555bbaf41afe6d4c6e8c35fa56ac53e714442278b5416d2db3bfec71e08229a6516f6bdbf1ab2d1470bb9d90d7cb119179efe25a549b4c1c504666228722", 0xd0}, {&(0x7f0000000100)}, {&(0x7f0000000200)="fad417bfc579b8367b71779bd9423a825ae34d7f9ec70c5b17918ba9f83f57c4f027e71512e2e8e088ec7f0d35d6885e1e8c30b65dc423dce505d29adf5f10fd3c8f3e3ebb30686eb6f028ca54", 0x4d}, {&(0x7f0000000280)="0567eb46186a93845bfe4044a49daef76c1c4c434ae57ddacd88c268c2cff5f97554a1522e50ff43161510ba8acb12b0e33f0b21d0164d4f4893b13cd697c825fbc06edce316184fe82b4c13719492b3c76c4a34f799666e8a6011b686a31671e79ecb9d58f3b6ee60f980a723b6491d8002118b9745e9c64ba01941a764d26fead84a", 0x83}, {&(0x7f0000000340)="c1d622663fd4bc12b1d799377593d5d0b61cf9397175808c5f7e8681e2303e9296dbe30fb04b12b84ef6839f0523ff8f578ac208d633610e6b7b50308bab68816458c99329a4d7208d701e", 0x4b}, {&(0x7f0000000400)="29cb8c384d125d4e91d1ff48eecb7508319286638de9de9796acf9e22346e577edada3bbbb1f5499a59dea3c99367febc916264b8645f7151fd2f0198fe41245f2be369e6e5966688d478ae72ea7323a88e2d83fe6f253ea84ab5eac051d615c78d43837457c344eb7e1c3ea8159d88644d8ba3e7edd9e37221c5389f9d7fa03e80ae77dbd5ba0202e09187449c10d82b0458678eb804714ff2fc7651d8ff2f6342eeb2b63911f7832608bd8d4b560a2cc9813dda61976a107b0eb5080928c1f6b886a47ac5049d3ddd0b27c66468fed8ed25026ca1f34b8c6c7093ca5b6b28983e98ca516bbb77a2addd4c17c9a7e0e2b7eab3c", 0xf4}], 0x6, &(0x7f0000000d80)=[{0xe0, 0x107, 0xffffffffffffffc4, "d3e4fe8e7f512a07a1b44149a96b39b9ec0cffcf2f14faa5995d3650fadcc09ad349876f6e61be8b5c12293fcb89f9c00b02857620c860ead7e731540389dc9f03bcc0688dbaac3253123ef693715cfeaaca70f7f43740c93ef39859229ef4bb28c77b3f6991e13534633cee8d2f31fd5b22613a2151c123fb7f9568c58293eaa6ec938f60ed71410cff3ee64901757b01195ae064d2a7c66bb6de59c5fa2a0452b808097dc1febc5e92e49349637feb6e7aa73033bd2b9e88b8f56cc39cae602deeac27ddde48b3757b52fbfb4f"}, {0x38, 0x10f, 0x80000001, "866bb7955580466e4d6b20ad8d557d27dcdc439476b438224d941edefd9c8f9ac3"}, {0x60, 0x112, 0x25, "aaaf55baf16bacf03923d34a920301a1d829d41f7a2156b2257d754fbb73782b1b40678f8d739c7ee3fad28127afb40efb174c3f5ae0848214d8b8d82f33db3b0872dcbd84ee346896e6653fae47"}, {0x18, 0x1, 0x401, "1802c9f3802e95b3"}, {0x100, 0x109, 0x8, "6373057c1adb299b31ebed1cafbb07d70c8d5a597b6b5f7eebce19309d02b261500601251f4531a4809fe4d46781e728efbad66e9ef1663b9e3911f6a6a38cb5db6e04dabfef5d68819bc568a3c95f12f6a7acf7613f39447edb2d3ecc26ce443067418a6f7f3b05e3cc5cde37b4aa9fffc2af063cb1631fa8ff5638dc69807535b288afa0848aac130840d5b4efe698ae2568d33e9f6828aea16aae79ff0a6354740894dbca1bde253918fd390c00a4fd0f694831c6b8a770a0ec76e7dd433c58f7192fdda4c3501c328957365d24b056e82c4e8c0943caeb97f2e71c3c56dc070ef4b3472d19869352c119"}, {0xc0, 0x113, 0x20, "d3fbd896b610d74716c399198ccc04f7a6ab43d6cb2c76cd72aaeecf17a55aa6b295f1f7efa126dccf37f665418ad06ee85a8ad1d6f1058f6d0e835a136415d8a2017e49ae455f761e69b9f8c907f71305305961d971e50d1e9610a36716ae7c8c997ef7e7caddeab0d31aa32b8cc904bcd769811ad15b86bcb5727440c955c93c7a5ece753818197d47c62e65e496775d4aac510f40e6e64274f2101b9434cdee2cff77ba7de423a3c34cae21c9ab63"}, {0x1010, 0x11b, 0x5cab, "c56a7da8d1ac79cff34f09423e98fb0be73f12273641f62d4b91a878a5a7855bcca02d60c6000c6e80724474c729ea1ca4068e819a50ebcfa57a64095d9e629de70af24043fb3d3b6ff8ba6b57c1fb678d2bf4528bbb338627028a3cc434cc3393841947c2b9c5fef8f4225efdca2ff19901921a730bc85aff0b0313326db4678df3d68ff368bc56453eb42ad57f1accd7f84dab8f52c64828699f974eacc5d0e3bc07b2fe683783d271919c8cbd434049ae77869aa6a3d2b5f63e2d731e96eb48f08af1991e1c84bdd7c3b7989385fafa49db5e3335f7204109371d35cc564bd215975ca3f7b3cd9bc2b078ccd00bf19c4f89f1671a84dcf71a4b7043106002efe1e0044d9b7e29e40c50ec93590421dca836da860961236ff212b9497b495e2b903e695f12ab77a281433028452b0f08dfa86d357aeff3072e98ad4806c9534452a8f82f134ff532faef6d9d39697d7b0c440a3e7c083edf6c0724b38888b40ffdcce1c8729977c37ffaa46ca2d99084b0b7a29ff916e9af4edd4eac89d473bc859885028f481e36061af7c7799acdee214598a85b8d230eaff39dfc68edcba0d3d1e361a0290e5fec02b8241ab0bd778e00dd7d2adf05f57c6061b43118e9f3df9f6e753ccd7fa2ededa46ffeee05d4a37b5bc88a24acf1cb5b1dcbfca95e9dfbc8250c78956d3faac32fe63cc46a50026ff93515ddc1eb32d353dfe37e887d36ce80d832f86e8dca34ee9bd0d964bec74a621e1ff604e59a7fc52c5cafcd5e5607044fbf217aa0b6b8401e2d11c0bb753c9079a0f992b91673544cbc79f9fd34df1f28b25f1396ca7b46ce11b12c591b6177518ab32bdfdd02d9f284102ee8f9b515b7b74cfb8de9ae46bcae9470f422250223bfa0e5086bf8a04cf1fea630b2107da3ab67975bf3c3a47897a5797a4b0632d5ed5eee989b107896291782d8e0628994e596fc1bc81a4b5ef7d07af694255c9f95265111e928c7edf04e444190d6c3964229d7f918db5d2ce323b2eb86f9127a3e96cc8ba501201124667cf8ab326fc485e169eaa5f5309ce5c98156eaa65777d3c1bdd7de4211dcac0da72758b56e626d98b0327dce60112323c836f5bc69277c04ad65ccf8a70d32bc225548b9e4813ba3b3dba8511758b257aa1639b53a3a47df6384d8d3ed0d7579e3d653d1df882d6d9555698e3f2457ae164887254739ac8f562de23abf572e14a00d391faf12cfb398382fca9533f6a6ecd71ed33b1e18dbbbee9fa2f8c1050dbf00328b8515cf3642664c9c20e677010686d81f45f8939e6ec6f3a00baa41ebeacb2243364625e391e88809adb1ffa7928f1ceba0059c24766823edced4e7acdf77c276edcf380de9d00b8e956ac780d2f4f83375bcad2cd825d76688e70157df37830bfca2c25ccdd2a59cc89aacf1549d3d44dbca51a8ef19de43f19989b0695427ce08f8a1e120aada97662c8d6984362735339841728e2c92de82922a0c17a7d56332a5f4fba69b537067a6fb3791c5d0a4816fa5e7947e36c51c140110f5a5de5ec2b2d0b51e0d4707ba2ad2dfcae6454c07f566ee59c728bd6e22a3df2c4c1607fe79311b1c2161d1d68f3093d268589b3dce09d49832b7f5f6f2e3c30443de2323fb40937c71a6e0c126d3c6c9353cc305250e61ef59d9a0e8dd6071fe3a65f748f858a63539413a6e1d5c6d44052d9995c0fa50c26feb61fb31c12e8f8c4431a2585297b15f1769a97c6857a0019dc499ad6f1d1655c9acda86696eb1840576d620244588cce87cde1f8d7ad12a3eb6e1e901b1f468e31e33f2b12ec934ffc7d8c0614dc4b8332aa1e96a04a6fe7a846d9d1ef2f20ad2a184567bd1ab140debcc76c2186ca608f00b66b5dcf79da1e7de703bc0874c9c73828c0c77303cf7406806500fd23a74676201dd8366df4c36d695738d8cfd4f59e467377906229bb3ae758d1620d69688cf91466b1521087f2f7a7ddf81e81909de094c53e81b213c1c7971bcb04183cf4da84a8dda3df8185e6adaa417544594ed369fb69c1c071c4c3293a3b659e819c5408c76b98660ac31f588afd3177400919c31fc7b7e24dcac64739289f2398194f1d8ae05ae5f7f50bb330d8651020f2aaf892757d38d22d968e3b28362f1e99252876ff489a44b6e69bf930b7c6cf4261f0a7745f36e74fc06cc929a7c7190cf329944bde6209fcd74e5d7b6e7a601fe8895497c69746854a5aa08c3fe98680c4cd74dc6a34783a77aa29b3e430c90d70cbd95147ba99d89a1cc08932ce9650e2e7d60156e80d20abaaf4028b17d6601ecb247d78eae542e777794376794b68671d0bbb02e58ce4cefe81c43b3b4191af99e5d12eb853b252376247ad55881afda41dd18b9c0a2abc261063be707a0e34fb83f33b99cbacb2e20f9b15f5cffbebf16699ce2680e12b220ec6bdf17573b6820b8c2d08e5e266311a4d034e84b90c2300464d31a62aab5390cc441e7307377b4dcf1e4d1827b914eb07f2d31c435fd76525c94969347e8cad20c5d02dac7f2c386aa5a81ed44c70ff4cc4db6db11828d4f7c728d0434f7578f0185de6dc2916028d00217c3f71f0c9637cd504f7e66e0354b192d0e15c4c3c15d8cab72ee75ba88d2cb191ea3cbbf2b6727bfebb064868fc052328b868b52c171764b1c57bf5d4795153558936b0773f95cdb1f4f6bf0594552121bf24d6a6a9e0a09190c01427bcfbe1925450f0854c24ba3bf80d0d696fbb3d263ac60e3fd701749da0dbc52711a0ff928a9fcd23341b04e69a1c1d21f1f7fef72503fbcacf601b84066f5391d8c389517849fc940c20268e6e982d336d9cb50bdd9a442938de93dc754dd15181f861037db1c72e94d481035d8bd058e1ae9fc30ed55356604c4c11ffbd5b4126f63b0e2c5db8c812cf576c81a53697d0d0b07b2e3cc76e30b414e4878437f08cda14e3a68a889e1823a07735e9a3f66d63082687e2b2c92e839dd7bff088e3709d93b0776f87646234e763dc576e5af1277168888635fcba7d41be60bbbdbcc832fc72f92531dec3ee3061a4ef1041b2db6b402cd7842bd5a9f5ed9a8e5b56cc2baba67c09d552d6936721566e44f091f1741c19fe7aa4698cfdc7acb3e65ea12a5515c047969772a597d57098b1c67df9ae204e3593dfae4bf1650555409aaadcdd41eeac7d3f4148bb73eb137b1ea4ce507e2076cbc0cf3771b82e087dfe6215e0775e04fc8bd68e66beda196bb2dd1df29bbf93c23add055e8f48591fd3847b6a4c85f0d4fe7c561c480df113f51f5d872c295e5c7f760434cb2303b0b2b4d9b692d16f4714617f48cdf0ba847e4dce703f9efa1b44e22696a7aeb1276304aa8b3fdf9cddbabbf1afd1379755bebcba06c83ef40cb83a426293d3088fd8f0993655a5097572c185eaf2d69980a583e1133fb26eae31e721d50c9acaf1ad41d4579ac21d90f7a8babefdc3f881b0085f0c8cf2b845eb3ba14a9618b206d22d43936e58d5f13126d58bb8cdf52cd263d4430d7e7573bdaed7576d41767d2b27c14f3756feacc3757bfdf66bb46ae4ffcc0e8c76c543271ff1da4c43ff4b380a8660a4cf10fc07f5897369c52b71edb99f4c2b3d6c44d39d5b1c178a9f307d53dcb08d2b8cc70645d1ebf8ab658b11cb73728f5071bba46e87ea12b76192fcc8a8bf0f6625e268afac82a35340371e5f69d5843d15988fe3055bbe1bc20c1666aec1edf15628b0297339f4338f0a1901a46d9a0532f34e070813af8e92e88ca4f7c82315e7bc1f7781aee43919a050a9a10464826c67a636d66a62870e9a1d7f98d4b9ca3afcb65597990ae63eb15f1059fadf8d84d6cf7b36926efe5cec024dac0f83fc7a1cb820230526ed870d07f99ebc2be48ec2abae6893fc647bb1e50550473c32b054379bef490c4c61b82ff683117c0eeb2a826d7b598874b70b27009b627a964c2829ba772320aa98ffed298e927aa349c56594f341102dab8a13080eb51c72d3f3b78935208ca03c65ae76f1fcfeb2bf6c75423746f15dfbf025ee98c5613bcda10ced1a0bc536227037bb1916df7631f6b1a01164b0bbd13e99244fe1339939a16f0e49b425c77774e924694a8171c380f5b57802824d53528e947bf0e38aea216fa413401190a287f7da3c23f18172673223bc5cc1e7e9dc553a5043e5c3d970d9257fa45b1d1b8ce7dbefd873b3e58feedcfc4f37bc1da1c5f99b89ca7c6b3f92b12b17da06540b98bc44644e87f93256fa82b6e83f6d500d913fe4612569f18431896b7a95f51135d61890099ad0e24b5960ebd3c74e0f0a045e2de3899fe2c34d2c692d81067713861d286522dc3753caf50d3bd2b16b1d30cceceb40947aec4b10ac0f054a7dfdf75b1c2391e681a29ed09271f32d679d7fc62953fd6f82d1e1403da2a5b8d0eff1fd253c268ef4b0feb7665fc4816a8ace1bcde5f07239ec3b138b29ec2dcee838707b2e9fee0d4eca1a514ec507f4c8b5e4f6760e38c9d6d7a160ade7c8652e02070b4165469e9ff78e36078333af4090893b9a1773eb16deb65fb0122f082bcf0fe4810b5c5963de713db02d2921f3869dcdc9c9dc95a95216e072c6c636b36a67359f0d6fb936aad4caa66ceed0b09074778a264418a9e8a976fff1dfcdf9bea5a476cd8d00286a9bfbf289201290debac26a44978737d2e27bd212789d1f540f3dab68605f5e09df9b577a6d08c4bf95a114ef4f845776c01bfab2efb964bbece8d16a13402954df1d107ab73f834e4e874ed3e61e2d81d7ecded3bb4d6e109132384f27f1f04d3ad8b269a0dfe18b6477cb884ea8af3821e800e8c46e94095096612fb5e7dedf7c33b8c57640c6f6ed8cedf283a59673faa7018b2aa66bcab2e3b9356aae1c1e2e92bea9e7fe53b6c768371f06437bb9f3537c29f36b5a69b768a1cc1e259b3833671b8150b82c7ba0338dbaaccb57bd92a70527a202565cd12f4f8d5ad24b2154993dc62954cb2f5b4ab0792ecf5d59faf66b48f4e6bafcb466090c9d764c66357b5ed9de24f85a029b78404e6635a80ef7190e0607ee70a72e865fc4766424122a27efb43e86baedd9aa16a803108911b991bb8605c50923d4291e11968eea2db84b6812ed5aa4a04e1e3b6b9771a2b059a3059bfd059bee48222fc621779e7daba41cd2c551bc4e74cbc821fb3f1cb66869b8d0c4660ea3c99aa7bfa26394455dcac243d1af50f64bd705aaa222ff7b7b49034364482203111ec484363467066caa2ee2b82631f416d118b83c9f5c4bc138777ac7e050ec039eb603c74233105327fd947e3976279d5923f5fa50beb36d53395048f0ace6cec37bc7eb95721ed16c0d2c7ac83b53472d885721b9fc920271063b4756c22a9caff707ceb6eb8ff2799ee8457744284e8d7cf7a454f2b5e58d8de209f4084e8396d499b234b6d5bf24322ff99e8c4e70f852e57dd87b1494e0fe1667a8ede07cd709cfeeadf543c816808c46963980ae0a7d36cb7f28511dba1b261c9c0059171bab4b84021d9ea2d2c3182ccbb06e489cb9a6fe045a0a4fce2cb9f21950e9e9ed2c2780051ea81dd2d6c19573fbafc8a8ea3c171933b03010aa8bb89d8c49c7b5ea55c3f7020c8bf5f032c6b286a951f504e2b1c80c43e540657c40d8b7742c56091aa889da34fe3ae9575c5344c8a78bdd5ea30f642b213bec6c28879a0c98cd1f0bd4c9cce27c22c98a273fee29c4c157115e6f8029106c96b388358b1f0c7c9836634fd88f50ac58f49efe2e3a61abb64a8378ba3efc2c6d0a42af3eacda0a9b9282dc9869c166de461e75944"}, {0x78, 0x11, 0x99f, "476566fab9e0e4325309f2d04426b0a42e1970438a0f605d92d3898ebaf010b6747335aaf89ba97f37321b493bff788402e769e9bc1576a01713c0104a7a0d8db06ad62eee49851300b222674323f726b30ad072a8400852f480926c849c958dc86ae97c"}, {0x50, 0x88, 0x19e, "7e65d3dda57f31181c776a75baf9181ed485290dedb71bb365a4035b7f802232ace0d172c3ff477f449b530329eb70badbd5b071e534f3b7fc"}], 0x1428, 0x4}, 0x40000)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:31 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0xfffffffe]})

15:23:31 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:31 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x6000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:31 executing program 0 (fault-call:0 fault-nth:0):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:31 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xedc000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:31 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x2805}], 0x1, 0x0, 0x0)

15:23:31 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x500000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  553.192658] FAULT_INJECTION: forcing a failure.
[  553.192658] name failslab, interval 1, probability 0, space 0, times 0
[  553.204048] CPU: 0 PID: 20111 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  553.212548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  553.221903] Call Trace:
[  553.224504]  dump_stack+0x1c9/0x2b4
[  553.228134]  ? dump_stack_print_info.cold.2+0x52/0x52
[  553.233331]  ? get_pid_task+0xd8/0x1a0
[  553.237230]  should_fail.cold.4+0xa/0x11
[  553.241339]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  553.246880]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  553.251984]  ? lock_downgrade+0x8f0/0x8f0
[  553.256124]  ? proc_fail_nth_write+0x9e/0x210
[  553.260610]  ? proc_cwd_link+0x1d0/0x1d0
[  553.264669]  ? kasan_check_read+0x11/0x20
[  553.268805]  ? do_raw_spin_unlock+0xa7/0x2f0
[  553.273206]  ? lock_acquire+0x1e4/0x540
[  553.277166]  ? fs_reclaim_acquire+0x20/0x20
[  553.281473]  ? lock_downgrade+0x8f0/0x8f0
[  553.285615]  ? check_same_owner+0x340/0x340
[  553.289933]  ? rcu_note_context_switch+0x730/0x730
[  553.294855]  __should_failslab+0x124/0x180
[  553.299083]  should_failslab+0x9/0x14
[  553.302897]  __kmalloc+0x2c8/0x760
[  553.306440]  ? strncpy_from_user+0x510/0x510
[  553.310839]  ? fput+0x130/0x1a0
[  553.314111]  ? __x64_sys_memfd_create+0x142/0x4f0
[  553.318944]  __x64_sys_memfd_create+0x142/0x4f0
[  553.323602]  ? memfd_fcntl+0x1e80/0x1e80
[  553.327650]  ? ksys_ioctl+0x81/0xd0
[  553.331274]  do_syscall_64+0x1b9/0x820
[  553.335163]  ? finish_task_switch+0x1d3/0x870
[  553.339657]  ? syscall_return_slowpath+0x5e0/0x5e0
[  553.344578]  ? syscall_return_slowpath+0x31d/0x5e0
[  553.349497]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  553.354501]  ? __switch_to_asm+0x34/0x70
[  553.358558]  ? __switch_to_asm+0x34/0x70
[  553.362607]  ? __switch_to_asm+0x40/0x70
[  553.366656]  ? __switch_to_asm+0x34/0x70
[  553.370701]  ? __switch_to_asm+0x40/0x70
[  553.374751]  ? __switch_to_asm+0x34/0x70
[  553.378798]  ? __switch_to_asm+0x40/0x70
[  553.382851]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  553.387686]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  553.392859] RIP: 0033:0x456b29
[  553.396042] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  553.414939] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  553.422639] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000456b29
[  553.429894] RDX: 0000000020000058 RSI: 0000000000000000 RDI: 00000000004c1c8d
15:23:31 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x1c00}], 0x1, 0x0, 0x0)

15:23:31 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xeb28, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:31 executing program 0 (fault-call:0 fault-nth:1):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  553.437147] RBP: 00000000009300a0 R08: 0000000020000058 R09: 00000000fbad8001
[  553.444402] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013
[  553.451713] R13: 00000000004d5a68 R14: 00000000004c9361 R15: 0000000000000000
15:23:32 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x100000000000000]})

15:23:32 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xf6ffffff00000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:32 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:32 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x40000000000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:32 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x4}], 0x1, 0x0, 0x0)

[  553.591244] FAULT_INJECTION: forcing a failure.
[  553.591244] name failslab, interval 1, probability 0, space 0, times 0
[  553.602540] CPU: 1 PID: 20142 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  553.611032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  553.620380] Call Trace:
[  553.622975]  dump_stack+0x1c9/0x2b4
[  553.626606]  ? dump_stack_print_info.cold.2+0x52/0x52
[  553.631801]  ? mnt_get_count+0x150/0x150
[  553.635869]  should_fail.cold.4+0xa/0x11
[  553.639933]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  553.645037]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  553.650054]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  553.654819]  ? lock_acquire+0x1e4/0x540
[  553.658789]  ? is_bpf_text_address+0xae/0x170
[  553.663289]  ? lock_downgrade+0x8f0/0x8f0
[  553.667435]  ? lock_release+0xa30/0xa30
[  553.671409]  ? kasan_check_read+0x11/0x20
[  553.675561]  ? lock_acquire+0x1e4/0x540
[  553.679532]  ? fs_reclaim_acquire+0x20/0x20
[  553.683851]  ? lock_downgrade+0x8f0/0x8f0
[  553.688005]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  553.693018]  ? check_same_owner+0x340/0x340
[  553.697339]  ? rcu_note_context_switch+0x730/0x730
[  553.702268]  ? iterate_fd+0x4b0/0x4b0
[  553.706073]  __should_failslab+0x124/0x180
[  553.710310]  should_failslab+0x9/0x14
[  553.714114]  kmem_cache_alloc+0x2af/0x760
[  553.718264]  ? lock_downgrade+0x8f0/0x8f0
[  553.722414]  ? shmem_destroy_callback+0xc0/0xc0
[  553.727086]  shmem_alloc_inode+0x1b/0x40
[  553.731143]  alloc_inode+0x63/0x190
[  553.734766]  new_inode_pseudo+0x71/0x1a0
[  553.738827]  ? prune_icache_sb+0x1c0/0x1c0
[  553.743065]  ? _raw_spin_unlock+0x22/0x30
[  553.747214]  new_inode+0x1c/0x40
[  553.750583]  shmem_get_inode+0xf1/0x910
[  553.754557]  ? shmem_encode_fh+0x340/0x340
[  553.758809]  ? lock_downgrade+0x8f0/0x8f0
[  553.762959]  ? lock_release+0xa30/0xa30
[  553.766933]  ? check_same_owner+0x340/0x340
[  553.771255]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  553.776277]  ? __check_object_size+0xa3/0x5d7
[  553.780781]  __shmem_file_setup.part.48+0x83/0x2a0
[  553.785724]  shmem_file_setup+0x65/0x90
[  553.789757]  __x64_sys_memfd_create+0x2af/0x4f0
[  553.794435]  ? memfd_fcntl+0x1e80/0x1e80
[  553.798498]  ? ksys_ioctl+0x81/0xd0
[  553.802130]  do_syscall_64+0x1b9/0x820
[  553.806017]  ? finish_task_switch+0x1d3/0x870
[  553.810515]  ? syscall_return_slowpath+0x5e0/0x5e0
[  553.815441]  ? syscall_return_slowpath+0x31d/0x5e0
[  553.820370]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  553.825382]  ? __switch_to_asm+0x34/0x70
[  553.829445]  ? __switch_to_asm+0x34/0x70
[  553.833505]  ? __switch_to_asm+0x40/0x70
[  553.837561]  ? __switch_to_asm+0x34/0x70
[  553.841619]  ? __switch_to_asm+0x40/0x70
[  553.845677]  ? __switch_to_asm+0x34/0x70
[  553.849738]  ? __switch_to_asm+0x40/0x70
[  553.853796]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  553.858638]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  553.863821] RIP: 0033:0x456b29
[  553.867016] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  553.885912] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  553.893617] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000456b29
[  553.900886] RDX: 0000000020000058 RSI: 0000000000000000 RDI: 00000000004c1c8d
[  553.908150] RBP: 00000000009300a0 R08: 0000000020000058 R09: 00000000fbad8001
[  553.915417] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013
[  553.922684] R13: 00000000004d5a68 R14: 00000000004c9361 R15: 0000000000000001
15:23:32 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @rand_addr}, 0xffffffffffffff01)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000080)={0x2e, 0x4, 0x0, {0x3, 0x4, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x2e)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:32 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x8057000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:32 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x304]})

15:23:32 executing program 0 (fault-call:0 fault-nth:2):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:32 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x1c}], 0x1, 0x0, 0x0)

15:23:32 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:32 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:32 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x7000000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:32 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:32 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x28050000}], 0x1, 0x0, 0x0)

15:23:32 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xfe80000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:32 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x2]})

[  554.352733] FAULT_INJECTION: forcing a failure.
[  554.352733] name failslab, interval 1, probability 0, space 0, times 0
[  554.364006] CPU: 0 PID: 20177 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  554.372499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  554.381855] Call Trace:
[  554.384451]  dump_stack+0x1c9/0x2b4
[  554.388093]  ? dump_stack_print_info.cold.2+0x52/0x52
[  554.393304]  should_fail.cold.4+0xa/0x11
[  554.397373]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  554.402474]  ? trace_hardirqs_on+0x10/0x10
[  554.406706]  ? unwind_get_return_address+0x61/0xa0
[  554.411637]  ? __save_stack_trace+0x8d/0xf0
[  554.415970]  ? perf_trace_lock+0x920/0x920
[  554.420205]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  554.425046]  ? kasan_slab_alloc+0x12/0x20
[  554.429215]  ? lock_acquire+0x1e4/0x540
[  554.433195]  ? fs_reclaim_acquire+0x20/0x20
[  554.437516]  ? lock_downgrade+0x8f0/0x8f0
[  554.441665]  ? check_same_owner+0x340/0x340
[  554.445985]  ? rcu_note_context_switch+0x730/0x730
[  554.450917]  __should_failslab+0x124/0x180
[  554.455579]  should_failslab+0x9/0x14
[  554.459387]  kmem_cache_alloc+0x2af/0x760
[  554.463537]  ? mpol_shared_policy_init+0x235/0x670
[  554.468491]  ? lock_downgrade+0x8f0/0x8f0
[  554.472643]  __d_alloc+0xc8/0xd50
[  554.476099]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  554.481115]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  554.486396]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  554.491930]  ? timespec64_trunc+0xea/0x180
[  554.496172]  ? inode_init_owner+0x340/0x340
[  554.500499]  ? _raw_spin_unlock+0x22/0x30
[  554.504655]  ? current_time+0x10b/0x1b0
[  554.508636]  ? __lockdep_init_map+0x105/0x590
[  554.513142]  d_alloc_pseudo+0x1d/0x30
[  554.516968]  alloc_file_pseudo+0x158/0x3f0
[  554.521210]  ? alloc_file+0x430/0x430
[  554.525015]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  554.530026]  ? __check_object_size+0xa3/0x5d7
[  554.534520]  ? kasan_check_write+0x14/0x20
[  554.538760]  __shmem_file_setup.part.48+0x110/0x2a0
[  554.543780]  shmem_file_setup+0x65/0x90
[  554.547752]  __x64_sys_memfd_create+0x2af/0x4f0
[  554.552423]  ? memfd_fcntl+0x1e80/0x1e80
[  554.556482]  ? ksys_ioctl+0x81/0xd0
[  554.560118]  do_syscall_64+0x1b9/0x820
[  554.564019]  ? finish_task_switch+0x1d3/0x870
[  554.568517]  ? syscall_return_slowpath+0x5e0/0x5e0
[  554.573447]  ? syscall_return_slowpath+0x31d/0x5e0
[  554.578376]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  554.583390]  ? __switch_to_asm+0x34/0x70
[  554.587448]  ? __switch_to_asm+0x34/0x70
[  554.591504]  ? __switch_to_asm+0x40/0x70
[  554.595561]  ? __switch_to_asm+0x34/0x70
[  554.599626]  ? __switch_to_asm+0x40/0x70
[  554.603686]  ? __switch_to_asm+0x34/0x70
[  554.607741]  ? __switch_to_asm+0x40/0x70
[  554.611807]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  554.616650]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  554.621836] RIP: 0033:0x456b29
[  554.625027] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  554.643923] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  554.651631] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000456b29
[  554.658895] RDX: 0000000020000058 RSI: 0000000000000000 RDI: 00000000004c1c8d
[  554.666160] RBP: 00000000009300a0 R08: 0000000020000058 R09: 00000000fbad8001
[  554.673423] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013
[  554.680688] R13: 00000000004d5a68 R14: 00000000004c9361 R15: 0000000000000002
15:23:33 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:33 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:33 executing program 0 (fault-call:0 fault-nth:3):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:33 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x2000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:33 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x100000000000000]})

15:23:33 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x308e000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:33 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x1c00000000000000}], 0x1, 0x0, 0x0)

[  554.815343] FAULT_INJECTION: forcing a failure.
[  554.815343] name failslab, interval 1, probability 0, space 0, times 0
[  554.826680] CPU: 0 PID: 20203 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  554.835166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  554.844513] Call Trace:
[  554.847108]  dump_stack+0x1c9/0x2b4
[  554.850738]  ? dump_stack_print_info.cold.2+0x52/0x52
[  554.855930]  should_fail.cold.4+0xa/0x11
[  554.859991]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  554.865088]  ? kasan_kmalloc+0xc4/0xe0
[  554.868979]  ? kasan_slab_alloc+0x12/0x20
[  554.873123]  ? kmem_cache_alloc+0x12e/0x760
[  554.877440]  ? __d_alloc+0xc8/0xd50
[  554.881065]  ? d_alloc_pseudo+0x1d/0x30
[  554.885041]  ? alloc_file_pseudo+0x158/0x3f0
[  554.889451]  ? __shmem_file_setup.part.48+0x110/0x2a0
[  554.894638]  ? shmem_file_setup+0x65/0x90
[  554.898785]  ? trace_hardirqs_on+0x10/0x10
[  554.903014]  ? save_stack+0xa9/0xd0
[  554.906634]  ? save_stack+0x43/0xd0
[  554.910257]  ? __lockdep_init_map+0x105/0x590
[  554.914746]  ? kasan_slab_alloc+0x12/0x20
[  554.918897]  ? lock_acquire+0x1e4/0x540
[  554.922870]  ? lock_acquire+0x1e4/0x540
[  554.926841]  ? fs_reclaim_acquire+0x20/0x20
[  554.931181]  ? lock_downgrade+0x8f0/0x8f0
[  554.935334]  ? check_same_owner+0x340/0x340
[  554.939651]  ? lock_downgrade+0x8f0/0x8f0
[  554.943797]  ? rcu_note_context_switch+0x730/0x730
[  554.948726]  __should_failslab+0x124/0x180
[  554.952957]  should_failslab+0x9/0x14
[  554.956757]  kmem_cache_alloc+0x2af/0x760
[  554.960914]  ? kasan_check_write+0x14/0x20
[  554.965143]  ? do_raw_spin_lock+0xc1/0x200
[  554.969377]  __alloc_file+0xac/0x400
[  554.973096]  ? file_free_rcu+0x90/0x90
[  554.976982]  ? select_collect+0x610/0x610
[  554.981127]  ? d_instantiate+0x79/0xa0
[  554.985011]  ? lock_downgrade+0x8f0/0x8f0
[  554.989162]  ? kasan_check_read+0x11/0x20
[  554.993327]  ? do_raw_spin_unlock+0xa7/0x2f0
[  554.997730]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  555.002311]  alloc_empty_file+0x72/0x170
[  555.006373]  alloc_file+0x5c/0x430
[  555.009929]  alloc_file_pseudo+0x261/0x3f0
[  555.014162]  ? alloc_file+0x430/0x430
[  555.017961]  ? check_same_owner+0x340/0x340
[  555.022293]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  555.027304]  ? __check_object_size+0xa3/0x5d7
[  555.031795]  ? kasan_check_write+0x14/0x20
[  555.036031]  __shmem_file_setup.part.48+0x110/0x2a0
[  555.041055]  shmem_file_setup+0x65/0x90
[  555.045165]  __x64_sys_memfd_create+0x2af/0x4f0
[  555.049833]  ? memfd_fcntl+0x1e80/0x1e80
[  555.053887]  ? ksys_ioctl+0x81/0xd0
[  555.057515]  do_syscall_64+0x1b9/0x820
[  555.061395]  ? finish_task_switch+0x1d3/0x870
[  555.065886]  ? syscall_return_slowpath+0x5e0/0x5e0
[  555.070813]  ? syscall_return_slowpath+0x31d/0x5e0
[  555.075743]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  555.080763]  ? __switch_to_asm+0x34/0x70
[  555.084823]  ? __switch_to_asm+0x34/0x70
[  555.088882]  ? __switch_to_asm+0x40/0x70
[  555.092939]  ? __switch_to_asm+0x34/0x70
[  555.097008]  ? __switch_to_asm+0x40/0x70
[  555.101069]  ? __switch_to_asm+0x34/0x70
[  555.105130]  ? __switch_to_asm+0x40/0x70
[  555.109207]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  555.114084]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  555.119271] RIP: 0033:0x456b29
[  555.122464] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  555.141683] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  555.149804] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000456b29
[  555.157075] RDX: 0000000020000058 RSI: 0000000000000000 RDI: 00000000004c1c8d
[  555.164337] RBP: 00000000009300a0 R08: 0000000020000058 R09: 00000000fbad8001
[  555.171601] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013
[  555.178866] R13: 00000000004d5a68 R14: 00000000004c9361 R15: 0000000000000003
15:23:33 executing program 0 (fault-call:0 fault-nth:4):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:33 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x3040000]})

15:23:33 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x4000000000000}], 0x1, 0x0, 0x0)

[  555.331487] FAULT_INJECTION: forcing a failure.
[  555.331487] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  555.343525] CPU: 1 PID: 20229 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  555.352031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  555.361383] Call Trace:
[  555.364067]  dump_stack+0x1c9/0x2b4
[  555.367707]  ? dump_stack_print_info.cold.2+0x52/0x52
[  555.372913]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  555.377770]  should_fail.cold.4+0xa/0x11
[  555.381842]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  555.386953]  ? lock_acquire+0x1e4/0x540
[  555.390935]  ? find_get_entry+0xa6d/0x1120
[  555.395196]  ? lock_downgrade+0x8f0/0x8f0
[  555.399356]  ? lock_release+0xa30/0xa30
[  555.403335]  ? perf_trace_lock+0x920/0x920
[  555.407581]  ? walk_component+0x94a/0x2630
[  555.411825]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  555.417370]  ? lock_acquire+0x1e4/0x540
[  555.421351]  ? fs_reclaim_acquire+0x20/0x20
[  555.425685]  ? lock_downgrade+0x8f0/0x8f0
[  555.429847]  ? check_same_owner+0x340/0x340
[  555.434179]  ? rcu_note_context_switch+0x730/0x730
[  555.439124]  __alloc_pages_nodemask+0x36e/0xdb0
[  555.443801]  ? lock_release+0xa30/0xa30
[  555.447784]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  555.452810]  ? rcu_is_watching+0x8c/0x150
[  555.456961]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  555.461636]  ? trace_hardirqs_on+0x10/0x10
[  555.465869]  ? is_bpf_text_address+0xd7/0x170
[  555.470369]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  555.475392]  ? percpu_counter_add_batch+0xf2/0x150
15:23:33 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe867000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:33 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x403]})

[  555.480327]  ? mpol_shared_policy_lookup+0xf7/0x150
[  555.485349]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  555.490893]  alloc_pages_vma+0xdd/0x540
[  555.494880]  shmem_alloc_page+0xa8/0x190
[  555.498944]  ? shmem_swapin+0x230/0x230
[  555.502920]  ? do_sys_open+0x584/0x720
[  555.506828]  shmem_alloc_and_acct_page+0x1f1/0x820
[  555.511762]  ? shmem_getattr+0x2c0/0x2c0
[  555.515825]  ? lock_release+0xa30/0xa30
[  555.519810]  shmem_getpage_gfp+0x6ea/0x3ec0
[  555.524147]  ? shmem_writepage+0x13a0/0x13a0
[  555.528558]  ? trace_hardirqs_on+0xd/0x10
[  555.532710]  ? __wake_up_common_lock+0x1d0/0x330
[  555.537463]  ? __wake_up_common+0x7b0/0x7b0
[  555.541784]  ? trace_hardirqs_on+0x10/0x10
[  555.546022]  ? trace_hardirqs_on+0x10/0x10
[  555.550259]  ? trace_hardirqs_on+0x10/0x10
[  555.554491]  ? trace_hardirqs_on+0x10/0x10
[  555.558730]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  555.563571]  ? trace_hardirqs_on+0x10/0x10
[  555.567811]  ? trace_hardirqs_on+0x10/0x10
[  555.572045]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  555.576886]  ? perf_trace_lock+0x920/0x920
[  555.581130]  ? trace_hardirqs_on+0x10/0x10
[  555.585367]  ? perf_trace_lock+0x920/0x920
[  555.589604]  ? trace_hardirqs_on+0x10/0x10
[  555.593840]  ? perf_trace_lock+0x920/0x920
[  555.598084]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  555.603101]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  555.607939]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  555.612697]  ? perf_trace_lock+0x920/0x920
[  555.616936]  ? lock_acquire+0x1e4/0x540
[  555.620912]  ? is_bpf_text_address+0xae/0x170
[  555.625411]  ? perf_trace_lock+0x920/0x920
[  555.629651]  ? trace_hardirqs_on+0x10/0x10
[  555.633880]  ? rcu_is_watching+0x8c/0x150
[  555.638024]  ? trace_hardirqs_on+0x10/0x10
[  555.642266]  ? lock_acquire+0x1e4/0x540
[  555.646240]  ? simple_xattr_get+0x106/0x180
[  555.650562]  ? current_time+0x72/0x1b0
[  555.654449]  ? lock_downgrade+0x8f0/0x8f0
[  555.658592]  ? kasan_check_read+0x11/0x20
[  555.662740]  ? lock_release+0xa30/0xa30
[  555.666714]  ? kasan_check_write+0x14/0x20
[  555.670943]  ? do_raw_spin_lock+0xc1/0x200
[  555.675179]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
15:23:34 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @local}, 0xfffffffffffffdfa)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000000)={'syzkaller0\x00', 0x7})
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000140)={@rand_addr=0x3033300, @multicast2, @loopback}, 0x28)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:34 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x40000}], 0x1, 0x0, 0x0)

15:23:34 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x283c0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:34 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]})

15:23:34 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x74, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:34 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  555.680719]  ? iov_iter_fault_in_readable+0x23d/0x460
[  555.685907]  ? copy_page_from_iter+0x890/0x890
[  555.690493]  ? __sanitizer_cov_trace_cmp2+0x20/0x20
[  555.695518]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  555.700712]  shmem_write_begin+0x10a/0x1e0
[  555.704952]  generic_perform_write+0x3ae/0x6c0
[  555.709549]  ? add_page_wait_queue+0x2c0/0x2c0
[  555.714125]  ? file_update_time+0xe4/0x640
[  555.718365]  ? current_time+0x1b0/0x1b0
[  555.722350]  ? down_write+0x8f/0x130
[  555.726071]  __generic_file_write_iter+0x26e/0x630
[  555.731008]  generic_file_write_iter+0x438/0x870
[  555.735771]  ? __generic_file_write_iter+0x630/0x630
[  555.740880]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  555.746420]  ? iov_iter_init+0xc9/0x1f0
[  555.750400]  __vfs_write+0x6af/0x9d0
[  555.754123]  ? kernel_read+0x120/0x120
[  555.758026]  ? lock_release+0xa30/0xa30
[  555.762538]  ? __fget_light+0x2f7/0x440
[  555.766517]  ? fget_raw+0x20/0x20
[  555.769983]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  555.775531]  ? __sb_start_write+0x17f/0x300
[  555.779858]  vfs_write+0x1fc/0x560
[  555.783409]  ksys_pwrite64+0x181/0x1b0
[  555.787299]  ? __ia32_sys_pread64+0xf0/0xf0
[  555.791625]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  555.797159]  ? fput+0x130/0x1a0
[  555.800437]  ? do_sys_ftruncate+0x44e/0x560
[  555.804764]  __x64_sys_pwrite64+0x97/0xf0
[  555.808931]  do_syscall_64+0x1b9/0x820
[  555.812826]  ? syscall_return_slowpath+0x5e0/0x5e0
[  555.817763]  ? syscall_return_slowpath+0x31d/0x5e0
[  555.822704]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  555.827725]  ? __switch_to_asm+0x34/0x70
15:23:34 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x989e0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  555.831790]  ? __switch_to_asm+0x34/0x70
[  555.835851]  ? __switch_to_asm+0x40/0x70
[  555.839913]  ? __switch_to_asm+0x34/0x70
[  555.844000]  ? __switch_to_asm+0x34/0x70
[  555.848061]  ? __switch_to_asm+0x40/0x70
[  555.852128]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  555.856976]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  555.862165] RIP: 0033:0x4108c7
[  555.865366] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  555.884268] RSP: 002b:00007f33a70e2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  555.891983] RAX: ffffffffffffffda RBX: 0000000020000050 RCX: 00000000004108c7
[  555.899254] RDX: 0000000000000069 RSI: 0000000020000280 RDI: 0000000000000014
[  555.906526] RBP: 0000000000000000 R08: 0000000020000058 R09: 00000000fbad8001
[  555.913794] R10: 0000000000001400 R11: 0000000000000293 R12: 0000000000000014
[  555.921060] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000004
15:23:34 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x300, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:34 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x528}], 0x1, 0x0, 0x0)

15:23:34 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})

[  555.939211] f2fs_msg: 26 callbacks suppressed
[  555.939223] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  555.950829] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  555.973726] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  555.980803] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
15:23:34 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x283c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  556.007799] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  556.014881] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  556.038618] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  556.045736] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
15:23:34 executing program 0 (fault-call:0 fault-nth:5):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  556.141800] FAULT_INJECTION: forcing a failure.
[  556.141800] name failslab, interval 1, probability 0, space 0, times 0
[  556.153041] CPU: 0 PID: 20272 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  556.161528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  556.170878] Call Trace:
[  556.173476]  dump_stack+0x1c9/0x2b4
[  556.177111]  ? dump_stack_print_info.cold.2+0x52/0x52
[  556.182331]  should_fail.cold.4+0xa/0x11
[  556.186944]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  556.192067]  ? trace_hardirqs_on+0x10/0x10
[  556.196310]  ? __update_load_avg_se+0xb80/0xb80
[  556.200983]  ? attach_entity_load_avg+0x860/0x860
[  556.205835]  ? trace_hardirqs_on+0x10/0x10
[  556.210086]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  556.214935]  ? update_load_avg+0x389/0x27d0
[  556.219258]  ? unwind_get_return_address+0x61/0xa0
[  556.224190]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  556.229726]  ? perf_trace_lock+0x920/0x920
[  556.233969]  ? trace_hardirqs_on+0x10/0x10
[  556.238202]  ? lock_downgrade+0x8f0/0x8f0
[  556.242355]  __should_failslab+0x124/0x180
[  556.246588]  should_failslab+0x9/0x14
[  556.250393]  kmem_cache_alloc+0x47/0x760
[  556.254458]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  556.259999]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  556.264844]  xas_alloc+0x38a/0x490
[  556.268436]  ? minmax_running_min+0x690/0x690
[  556.272948]  ? perf_trace_lock+0x920/0x920
[  556.277232]  xas_create+0x3ae/0x1150
[  556.280960]  ? xas_descend+0x5f0/0x5f0
[  556.284851]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  556.290386]  ? xas_start+0x23d/0x740
[  556.294102]  ? xas_create_range+0x5c0/0x5c0
[  556.298430]  ? lock_acquire+0x1e4/0x540
[  556.302409]  ? shmem_add_to_page_cache+0x8bb/0x1440
[  556.307439]  ? percpu_counter_add_batch+0xf2/0x150
[  556.312372]  xas_create_range+0x193/0x5c0
[  556.316530]  shmem_add_to_page_cache+0x8f9/0x1440
[  556.321382]  ? mem_cgroup_throttle_swaprate+0x272/0x888
[  556.326745]  ? shmem_write_end+0x9a0/0x9a0
[  556.330999]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  556.336536]  ? mem_cgroup_throttle_swaprate+0x2ef/0x888
[  556.341900]  ? swap_duplicate+0x80/0x80
[  556.345878]  ? shmem_getattr+0x2c0/0x2c0
[  556.349938]  ? lock_release+0xa30/0xa30
[  556.353923]  shmem_getpage_gfp+0xaad/0x3ec0
[  556.358277]  ? shmem_writepage+0x13a0/0x13a0
[  556.362688]  ? attach_entity_load_avg+0x860/0x860
[  556.367523]  ? __wake_up_common_lock+0x1d0/0x330
[  556.372285]  ? trace_hardirqs_on+0x10/0x10
[  556.376525]  ? trace_hardirqs_on+0x10/0x10
[  556.380756]  ? attach_entity_load_avg+0x860/0x860
[  556.385610]  ? trace_hardirqs_on+0x10/0x10
[  556.389851]  ? trace_hardirqs_on+0x10/0x10
[  556.394109]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  556.398958]  ? trace_hardirqs_on+0x10/0x10
[  556.403190]  ? trace_hardirqs_on+0x10/0x10
[  556.407428]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  556.412268]  ? perf_trace_lock+0x920/0x920
[  556.416507]  ? trace_hardirqs_on+0x10/0x10
[  556.420736]  ? perf_trace_lock+0x920/0x920
[  556.424979]  ? trace_hardirqs_on+0x10/0x10
[  556.429213]  ? perf_trace_lock+0x920/0x920
[  556.433450]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  556.438466]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  556.443309]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  556.448079]  ? perf_trace_lock+0x920/0x920
[  556.453897]  ? lock_acquire+0x1e4/0x540
[  556.457890]  ? is_bpf_text_address+0xae/0x170
[  556.462387]  ? perf_trace_lock+0x920/0x920
[  556.466627]  ? trace_hardirqs_on+0x10/0x10
[  556.471528]  ? rcu_is_watching+0x8c/0x150
[  556.475677]  ? trace_hardirqs_on+0x10/0x10
[  556.479918]  ? lock_acquire+0x1e4/0x540
[  556.483893]  ? simple_xattr_get+0x106/0x180
[  556.488213]  ? current_time+0x72/0x1b0
[  556.492098]  ? lock_downgrade+0x8f0/0x8f0
[  556.496244]  ? kasan_check_read+0x11/0x20
[  556.500392]  ? lock_release+0xa30/0xa30
[  556.504364]  ? kasan_check_write+0x14/0x20
[  556.508598]  ? do_raw_spin_lock+0xc1/0x200
[  556.512869]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  556.518405]  ? iov_iter_fault_in_readable+0x23d/0x460
[  556.523591]  ? copy_page_from_iter+0x890/0x890
[  556.528175]  ? __sanitizer_cov_trace_cmp2+0x20/0x20
[  556.533190]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  556.538382]  shmem_write_begin+0x10a/0x1e0
[  556.542630]  generic_perform_write+0x3ae/0x6c0
[  556.547225]  ? add_page_wait_queue+0x2c0/0x2c0
[  556.551804]  ? file_update_time+0xe4/0x640
[  556.556038]  ? current_time+0x1b0/0x1b0
[  556.560018]  ? down_write+0x8f/0x130
[  556.563734]  __generic_file_write_iter+0x26e/0x630
[  556.568669]  generic_file_write_iter+0x438/0x870
[  556.573430]  ? __generic_file_write_iter+0x630/0x630
[  556.578537]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  556.584072]  ? iov_iter_init+0xc9/0x1f0
[  556.588045]  __vfs_write+0x6af/0x9d0
[  556.591758]  ? kernel_read+0x120/0x120
[  556.595650]  ? lock_release+0xa30/0xa30
[  556.599627]  ? __fget_light+0x2f7/0x440
[  556.603609]  ? fget_raw+0x20/0x20
[  556.607072]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  556.612612]  ? __sb_start_write+0x17f/0x300
[  556.617024]  vfs_write+0x1fc/0x560
[  556.620568]  ksys_pwrite64+0x181/0x1b0
[  556.624465]  ? __ia32_sys_pread64+0xf0/0xf0
[  556.628789]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  556.634325]  ? fput+0x130/0x1a0
[  556.637606]  ? do_sys_ftruncate+0x44e/0x560
[  556.641934]  __x64_sys_pwrite64+0x97/0xf0
[  556.646086]  do_syscall_64+0x1b9/0x820
[  556.649973]  ? syscall_return_slowpath+0x5e0/0x5e0
[  556.654902]  ? syscall_return_slowpath+0x31d/0x5e0
[  556.659834]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  556.664847]  ? __switch_to_asm+0x34/0x70
[  556.668906]  ? __switch_to_asm+0x34/0x70
[  556.672977]  ? __switch_to_asm+0x40/0x70
[  556.677038]  ? __switch_to_asm+0x34/0x70
[  556.681103]  ? __switch_to_asm+0x34/0x70
[  556.685159]  ? __switch_to_asm+0x40/0x70
[  556.689217]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  556.694064]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  556.699245] RIP: 0033:0x4108c7
[  556.702435] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  556.721341] RSP: 002b:00007f33a70e2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  556.729048] RAX: ffffffffffffffda RBX: 0000000020000050 RCX: 00000000004108c7
[  556.736310] RDX: 0000000000000069 RSI: 0000000020000280 RDI: 0000000000000014
15:23:35 executing program 7:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000280)='/dev/snd/pcmC#D#p\x00', 0x3, 0x80000002040)
ioctl$EVIOCGABS3F(r1, 0x8018457f, &(0x7f0000000040)=""/236)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000140)={<r2=>0xffffffffffffffff}, 0x111, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000300)={0x12, 0x10, 0xfa00, {&(0x7f0000000000), r2, r1}}, 0x18)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000340)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000200)={'vcan0\x00', <r3=>0x0})
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={r3, @loopback, @rand_addr=0x1}, 0xc)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000003c0)='tls\x00', 0x1b5)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x2, &(0x7f0000000180)={@local, @multicast2, @loopback}, 0xc)
recvmmsg(r0, &(0x7f0000003180)=[{{&(0x7f0000000680)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000c00), 0x0, &(0x7f0000000c80)=""/229, 0xe5}}], 0x1, 0x2042, &(0x7f0000003340))

15:23:35 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x304]})

[  556.743577] RBP: 0000000000000000 R08: 0000000020000058 R09: 00000000fbad8001
[  556.750845] R10: 0000000000001400 R11: 0000000000000293 R12: 0000000000000014
[  556.758110] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000005
15:23:35 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x2805000000000000}], 0x1, 0x0, 0x0)

15:23:35 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc46a, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:35 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  556.792399] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  556.799589] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:35 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0xc0ed0000, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:35 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x3, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:35 executing program 0 (fault-call:0 fault-nth:6):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:35 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xd020000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:35 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0xfffffffe]})

15:23:35 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

[  556.957991] FAULT_INJECTION: forcing a failure.
[  556.957991] name failslab, interval 1, probability 0, space 0, times 0
[  556.969496] CPU: 0 PID: 20313 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  556.977996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  556.987375] Call Trace:
[  556.989990]  dump_stack+0x1c9/0x2b4
[  556.993731]  ? dump_stack_print_info.cold.2+0x52/0x52
[  556.999002]  ? lock_downgrade+0x8f0/0x8f0
[  557.003158]  should_fail.cold.4+0xa/0x11
[  557.007222]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  557.012327]  ? up_write+0x7b/0x220
[  557.015866]  ? up_read+0x110/0x110
[  557.019416]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  557.024960]  ? __generic_file_write_iter+0x1bd/0x630
[  557.030097]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  557.035638]  ? generic_file_write_iter+0x4a3/0x870
[  557.040572]  ? lock_acquire+0x1e4/0x540
[  557.044549]  ? fs_reclaim_acquire+0x20/0x20
[  557.048871]  ? lock_downgrade+0x8f0/0x8f0
[  557.053028]  ? check_same_owner+0x340/0x340
[  557.057347]  ? fsnotify+0xbac/0x14e0
[  557.061935]  ? rcu_note_context_switch+0x730/0x730
[  557.066866]  ? lock_downgrade+0x8f0/0x8f0
[  557.071027]  __should_failslab+0x124/0x180
[  557.075440]  should_failslab+0x9/0x14
[  557.079241]  kmem_cache_alloc+0x2af/0x760
[  557.083413]  getname_flags+0xd0/0x5a0
[  557.087226]  getname+0x19/0x20
[  557.091464]  do_sys_open+0x3a2/0x720
[  557.095192]  ? filp_open+0x80/0x80
[  557.098732]  ? do_sys_ftruncate+0x44e/0x560
[  557.103069]  __x64_sys_open+0x7e/0xc0
[  557.106881]  do_syscall_64+0x1b9/0x820
[  557.110767]  ? finish_task_switch+0x1d3/0x870
[  557.115264]  ? syscall_return_slowpath+0x5e0/0x5e0
[  557.120195]  ? syscall_return_slowpath+0x31d/0x5e0
[  557.125126]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  557.130141]  ? __switch_to_asm+0x34/0x70
[  557.134200]  ? __switch_to_asm+0x34/0x70
[  557.139206]  ? __switch_to_asm+0x40/0x70
[  557.143265]  ? __switch_to_asm+0x34/0x70
[  557.147327]  ? __switch_to_asm+0x40/0x70
[  557.151385]  ? __switch_to_asm+0x34/0x70
[  557.157072]  ? __switch_to_asm+0x40/0x70
[  557.161137]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  557.165988]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  557.171719] RIP: 0033:0x410861
[  557.174913] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  557.193813] RSP: 002b:00007f33a70e2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  557.201519] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000410861
15:23:35 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xfe80, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:35 executing program 0 (fault-call:0 fault-nth:7):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:35 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x304000000000000]})

15:23:35 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfcfdffff00000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  557.208787] RDX: 00007f33a70e2afa RSI: 0000000000000002 RDI: 00007f33a70e2af0
[  557.216054] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  557.223320] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014
[  557.230586] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000006
15:23:35 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

[  557.348822] EXT4-fs: 27 callbacks suppressed
[  557.348834] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  557.361994] FAULT_INJECTION: forcing a failure.
[  557.361994] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  557.373827] CPU: 1 PID: 20334 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  557.382325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  557.391685] Call Trace:
[  557.394287]  dump_stack+0x1c9/0x2b4
[  557.397925]  ? dump_stack_print_info.cold.2+0x52/0x52
[  557.403125]  ? shmem_unused_huge_scan+0x180/0x180
[  557.407975]  ? current_time+0x72/0x1b0
[  557.411878]  should_fail.cold.4+0xa/0x11
[  557.415953]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  557.421062]  ? iov_iter_advance+0x2ec/0x14e0
[  557.425490]  ? trace_hardirqs_on+0x10/0x10
[  557.429738]  ? check_same_owner+0x340/0x340
[  557.434067]  ? shmem_write_begin+0x10a/0x1e0
[  557.438485]  ? shmem_write_begin+0x113/0x1e0
[  557.442904]  ? shmem_unused_huge_scan+0x180/0x180
[  557.447759]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  557.453309]  ? generic_perform_write+0x305/0x6c0
[  557.458086]  ? generic_file_write_iter+0x447/0x870
[  557.463028]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  557.467879]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  557.473429]  ? should_fail+0x246/0xd86
[  557.477327]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  557.482443]  __alloc_pages_nodemask+0x36e/0xdb0
[  557.487115]  ? up_write+0x7b/0x220
[  557.490659]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  557.495687]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  557.501233]  ? generic_file_write_iter+0x4a3/0x870
[  557.506176]  ? lock_acquire+0x1e4/0x540
[  557.510158]  ? fs_reclaim_acquire+0x20/0x20
[  557.514490]  ? lock_downgrade+0x8f0/0x8f0
[  557.518652]  ? lock_release+0xa30/0xa30
[  557.522634]  ? check_same_owner+0x340/0x340
[  557.526963]  cache_grow_begin+0x91/0x710
[  557.531037]  kmem_cache_alloc+0x689/0x760
[  557.535199]  getname_flags+0xd0/0x5a0
[  557.539011]  getname+0x19/0x20
[  557.542207]  do_sys_open+0x3a2/0x720
[  557.545927]  ? filp_open+0x80/0x80
[  557.549469]  ? do_sys_ftruncate+0x44e/0x560
[  557.553789]  __x64_sys_open+0x7e/0xc0
[  557.557593]  do_syscall_64+0x1b9/0x820
[  557.561483]  ? finish_task_switch+0x1d3/0x870
[  557.565982]  ? syscall_return_slowpath+0x5e0/0x5e0
[  557.570919]  ? syscall_return_slowpath+0x31d/0x5e0
[  557.575850]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  557.580868]  ? __switch_to_asm+0x34/0x70
[  557.584933]  ? __switch_to_asm+0x34/0x70
[  557.588996]  ? __switch_to_asm+0x40/0x70
[  557.593057]  ? __switch_to_asm+0x34/0x70
[  557.597115]  ? __switch_to_asm+0x40/0x70
[  557.601174]  ? __switch_to_asm+0x34/0x70
[  557.605232]  ? __switch_to_asm+0x40/0x70
[  557.609297]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  557.614148]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  557.619336] RIP: 0033:0x410861
[  557.622532] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  557.641433] RSP: 002b:00007f33a70e2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
15:23:36 executing program 7 (fault-call:5 fault-nth:0):
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:36 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:36 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x581b000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:36 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]})

15:23:36 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

[  557.649140] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000410861
[  557.656410] RDX: 00007f33a70e2afa RSI: 0000000000000002 RDI: 00007f33a70e2af0
[  557.663677] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  557.670944] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014
[  557.678209] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000007
15:23:36 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x68, &(0x7f0000000500), 0x30, &(0x7f0000000100))

15:23:36 executing program 0 (fault-call:0 fault-nth:8):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  557.731724] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  557.769278] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:36 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:36 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0xfeffffff]})

15:23:36 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:36 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x8496, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:36 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x500000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  557.777042] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:36 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  557.818687] EXT4-fs (sda1): quotafile must be on filesystem root
[  557.860622] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  557.879978] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  557.903277] FAULT_INJECTION: forcing a failure.
[  557.903277] name failslab, interval 1, probability 0, space 0, times 0
[  557.914557] CPU: 0 PID: 20375 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  557.923054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  557.932399] Call Trace:
[  557.934985]  dump_stack+0x1c9/0x2b4
[  557.938620]  ? dump_stack_print_info.cold.2+0x52/0x52
[  557.943816]  should_fail.cold.4+0xa/0x11
[  557.947877]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  557.952979]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  557.958512]  ? __set_page_dirty_no_writeback+0x14a/0x290
[  557.963956]  ? do_writepages+0x1a0/0x1a0
[  557.968019]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  557.973036]  ? trace_hardirqs_on+0x10/0x10
[  557.977270]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  557.982281]  ? do_writepages+0x1a0/0x1a0
[  557.986338]  ? lock_acquire+0x1e4/0x540
[  557.990305]  ? fs_reclaim_acquire+0x20/0x20
[  557.994624]  ? lock_downgrade+0x8f0/0x8f0
[  557.998770]  ? check_same_owner+0x340/0x340
[  558.003111]  ? unlock_page+0x1d1/0x2c0
[  558.006996]  ? rcu_note_context_switch+0x730/0x730
[  558.011940]  __should_failslab+0x124/0x180
[  558.016174]  should_failslab+0x9/0x14
[  558.019970]  kmem_cache_alloc+0x2af/0x760
[  558.024117]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  558.029653]  ? shmem_write_end+0x374/0x9a0
[  558.033886]  __alloc_file+0xac/0x400
[  558.037599]  ? file_free_rcu+0x90/0x90
[  558.041482]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  558.046491]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  558.051264]  ? lock_acquire+0x1e4/0x540
[  558.055233]  ? is_bpf_text_address+0xae/0x170
[  558.059725]  ? lock_downgrade+0x8f0/0x8f0
[  558.063873]  alloc_empty_file+0x72/0x170
[  558.067929]  path_openat+0x15f/0x5300
[  558.071724]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  558.076395]  ? is_bpf_text_address+0xd7/0x170
[  558.080888]  ? kernel_text_address+0x79/0xf0
[  558.085294]  ? __kernel_text_address+0xd/0x40
[  558.089790]  ? path_lookupat.isra.45+0xc00/0xc00
[  558.094548]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  558.099559]  ? expand_files.part.8+0x571/0x9c0
[  558.104137]  ? iterate_fd+0x4b0/0x4b0
[  558.107942]  ? lock_acquire+0x1e4/0x540
[  558.111915]  ? __alloc_fd+0x34e/0x710
[  558.115709]  ? lock_downgrade+0x8f0/0x8f0
[  558.119850]  ? do_sys_open+0x3a2/0x720
[  558.123738]  ? kasan_check_read+0x11/0x20
[  558.127885]  ? do_raw_spin_unlock+0xa7/0x2f0
[  558.132288]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  558.141137]  ? kasan_check_write+0x14/0x20
[  558.145382]  ? do_raw_spin_lock+0xc1/0x200
[  558.149620]  ? _raw_spin_unlock+0x22/0x30
[  558.153762]  ? __alloc_fd+0x34e/0x710
[  558.158441]  ? usercopy_warn+0x120/0x120
[  558.162505]  do_filp_open+0x255/0x380
[  558.166312]  ? may_open_dev+0x100/0x100
[  558.170294]  ? get_unused_fd_flags+0x122/0x1a0
[  558.174873]  ? __alloc_fd+0x710/0x710
[  558.178677]  do_sys_open+0x584/0x720
[  558.182387]  ? filp_open+0x80/0x80
[  558.186221]  ? do_sys_ftruncate+0x44e/0x560
[  558.190544]  __x64_sys_open+0x7e/0xc0
[  558.194341]  do_syscall_64+0x1b9/0x820
[  558.198222]  ? finish_task_switch+0x1d3/0x870
[  558.202718]  ? syscall_return_slowpath+0x5e0/0x5e0
[  558.207653]  ? syscall_return_slowpath+0x31d/0x5e0
[  558.212578]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  558.217592]  ? __switch_to_asm+0x34/0x70
[  558.221666]  ? __switch_to_asm+0x34/0x70
[  558.225726]  ? __switch_to_asm+0x40/0x70
[  558.229785]  ? __switch_to_asm+0x34/0x70
[  558.233841]  ? __switch_to_asm+0x40/0x70
[  558.237899]  ? __switch_to_asm+0x34/0x70
[  558.241969]  ? __switch_to_asm+0x40/0x70
[  558.246028]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  558.250884]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.256067] RIP: 0033:0x410861
[  558.259256] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  558.278146] RSP: 002b:00007f33a70e2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  558.285850] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000410861
[  558.293116] RDX: 00007f33a70e2afa RSI: 0000000000000002 RDI: 00007f33a70e2af0
15:23:36 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x5460, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:36 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x1000000]})

15:23:36 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x3, &(0x7f0000000500), 0x30, &(0x7f0000000100))

[  558.300378] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  558.307642] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014
[  558.314904] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000008
15:23:36 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x2bc0, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:36 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:36 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x401870c8, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:36 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x600000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  558.362925] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  558.369118] EXT4-fs (sda1): quotafile must be on filesystem root
[  558.391406] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:36 executing program 0 (fault-call:0 fault-nth:9):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:36 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

15:23:36 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x5452, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:36 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf5ffffff, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  558.508034] FAULT_INJECTION: forcing a failure.
[  558.508034] name failslab, interval 1, probability 0, space 0, times 0
[  558.519324] CPU: 1 PID: 20410 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  558.527822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  558.537178] Call Trace:
[  558.539776]  dump_stack+0x1c9/0x2b4
[  558.543422]  ? dump_stack_print_info.cold.2+0x52/0x52
[  558.548628]  should_fail.cold.4+0xa/0x11
[  558.552703]  ? fault_create_debugfs_attr+0x1f0/0x1f0
15:23:37 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe0c40000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  558.557814]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  558.562663]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  558.567517]  ? refcount_inc_checked+0x29/0x70
[  558.572028]  ? lock_acquire+0x1e4/0x540
[  558.576017]  ? perf_trace_lock+0x920/0x920
[  558.580263]  ? lock_acquire+0x1e4/0x540
[  558.584259]  ? fs_reclaim_acquire+0x20/0x20
[  558.588596]  ? lock_downgrade+0x8f0/0x8f0
[  558.592764]  ? check_same_owner+0x340/0x340
[  558.597093]  ? rcu_note_context_switch+0x730/0x730
[  558.602037]  __should_failslab+0x124/0x180
15:23:37 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5408, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  558.606278]  should_failslab+0x9/0x14
[  558.610087]  kmem_cache_alloc_trace+0x2cb/0x780
[  558.614763]  ? init_wait_entry+0x1c0/0x1c0
[  558.619013]  ? loop_get_status64+0x140/0x140
[  558.623422]  __kthread_create_on_node+0x13d/0x530
[  558.628272]  ? __kthread_parkme+0x1b0/0x1b0
[  558.632608]  ? ksys_dup3+0x690/0x690
[  558.636334]  ? __lockdep_init_map+0x105/0x590
[  558.640839]  ? __lockdep_init_map+0x105/0x590
[  558.645345]  ? loop_get_status64+0x140/0x140
[  558.649761]  kthread_create_on_node+0xb1/0xe0
[  558.654259]  ? __kthread_create_on_node+0x530/0x530
[  558.659292]  lo_ioctl+0x7f6/0x1d70
[  558.662854]  ? lo_rw_aio_complete+0x450/0x450
[  558.667359]  blkdev_ioctl+0x9cd/0x2030
[  558.671258]  ? lock_acquire+0x1e4/0x540
[  558.675246]  ? blkpg_ioctl+0xc40/0xc40
[  558.679147]  ? lock_release+0xa30/0xa30
[  558.683126]  ? save_stack+0xa9/0xd0
[  558.686755]  ? save_stack+0x43/0xd0
[  558.690389]  ? __fget+0x4d5/0x740
[  558.693849]  ? ksys_dup3+0x690/0x690
[  558.697565]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  558.702153]  ? kasan_check_write+0x14/0x20
15:23:37 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5a5c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  558.706387]  ? do_raw_spin_lock+0xc1/0x200
[  558.710625]  block_ioctl+0xee/0x130
[  558.714253]  ? blkdev_fallocate+0x400/0x400
[  558.718579]  do_vfs_ioctl+0x1de/0x1720
[  558.722476]  ? ioctl_preallocate+0x300/0x300
[  558.726889]  ? __fget_light+0x2f7/0x440
[  558.730861]  ? fget_raw+0x20/0x20
[  558.734321]  ? trace_hardirqs_on+0xd/0x10
[  558.738473]  ? kmem_cache_free+0x22e/0x2d0
[  558.742713]  ? putname+0xf7/0x130
[  558.746169]  ? do_sys_open+0x3cb/0x720
[  558.750058]  ? security_file_ioctl+0x94/0xc0
[  558.754469]  ksys_ioctl+0xa9/0xd0
[  558.757932]  __x64_sys_ioctl+0x73/0xb0
[  558.761826]  do_syscall_64+0x1b9/0x820
[  558.765715]  ? finish_task_switch+0x1d3/0x870
[  558.770221]  ? syscall_return_slowpath+0x5e0/0x5e0
[  558.775154]  ? syscall_return_slowpath+0x31d/0x5e0
[  558.780102]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  558.785126]  ? __switch_to_asm+0x34/0x70
[  558.789190]  ? __switch_to_asm+0x34/0x70
[  558.793256]  ? __switch_to_asm+0x40/0x70
[  558.797324]  ? __switch_to_asm+0x34/0x70
[  558.801390]  ? __switch_to_asm+0x40/0x70
[  558.805451]  ? __switch_to_asm+0x34/0x70
[  558.809520]  ? __switch_to_asm+0x40/0x70
[  558.813585]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  558.818438]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  558.823625] RIP: 0033:0x456997
[  558.826820] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  558.845722] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  558.853435] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  558.860707] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  558.867982] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  558.875259] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  558.882529] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000009
15:23:37 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x42, &(0x7f0000000100))

15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x1100000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:37 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x200000000000000]})

15:23:37 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0xc020660b, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:37 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:37 executing program 0 (fault-call:0 fault-nth:10):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:37 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:37 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6000000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  558.981232] FAULT_INJECTION: forcing a failure.
[  558.981232] name failslab, interval 1, probability 0, space 0, times 0
[  558.992511] CPU: 1 PID: 20460 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  559.001007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  559.010361] Call Trace:
[  559.012962]  dump_stack+0x1c9/0x2b4
[  559.016596]  ? dump_stack_print_info.cold.2+0x52/0x52
[  559.022458]  ? cpuacct_css_alloc+0x160/0x160
[  559.026870]  should_fail.cold.4+0xa/0x11
[  559.030933]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  559.036038]  ? __account_cfs_rq_runtime+0x770/0x770
[  559.041052]  ? update_curr+0x450/0xc00
[  559.044943]  ? trace_hardirqs_on+0x10/0x10
[  559.049174]  ? lock_release+0xa30/0xa30
[  559.053151]  ? cpuacct_css_alloc+0x160/0x160
[  559.057563]  ? pick_next_entity+0x197/0x390
[  559.061885]  ? lock_acquire+0x1e4/0x540
[  559.065859]  ? fs_reclaim_acquire+0x20/0x20
[  559.070182]  ? lock_downgrade+0x8f0/0x8f0
[  559.074331]  ? check_same_owner+0x340/0x340
[  559.078658]  ? rcu_note_context_switch+0x730/0x730
[  559.083592]  ? __enqueue_entity+0x10d/0x1f0
[  559.087925]  __should_failslab+0x124/0x180
[  559.092170]  should_failslab+0x9/0x14
[  559.095985]  kmem_cache_alloc+0x2af/0x760
[  559.100136]  ? rcu_note_context_switch+0x571/0x730
[  559.105079]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  559.110106]  __kernfs_new_node+0x127/0x8d0
[  559.114346]  ? lock_downgrade+0x8f0/0x8f0
[  559.118492]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  559.123248]  ? kasan_check_read+0x11/0x20
[  559.127397]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  559.131978]  ? lock_repin_lock+0x430/0x430
[  559.136209]  ? kasan_check_write+0x14/0x20
[  559.140451]  ? trace_hardirqs_on+0xd/0x10
[  559.144607]  ? _raw_spin_unlock_irq+0x27/0x70
[  559.149110]  ? __schedule+0x14da/0x1ec0
[  559.153089]  ? kasan_check_read+0x11/0x20
[  559.157239]  ? __sched_text_start+0x8/0x8
[  559.161391]  ? dequeue_task_fair+0xfd/0xa10
[  559.165717]  kernfs_new_node+0x95/0x120
[  559.169695]  kernfs_create_dir_ns+0x4d/0x160
[  559.174106]  internal_create_group+0x5fe/0xd80
15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5cf8, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:37 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1263, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:37 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x2000000]})

15:23:37 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:37 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]})

[  559.178695]  ? remove_files.isra.1+0x190/0x190
[  559.183278]  ? up_write+0x7b/0x220
[  559.186816]  ? up_read+0x110/0x110
[  559.190357]  ? down_read+0x1d0/0x1d0
[  559.194066]  ? kasan_check_write+0x14/0x20
[  559.198309]  sysfs_create_group+0x1f/0x30
[  559.202467]  lo_ioctl+0x1307/0x1d70
[  559.206100]  ? lo_rw_aio_complete+0x450/0x450
[  559.210600]  blkdev_ioctl+0x9cd/0x2030
[  559.214492]  ? lock_acquire+0x1e4/0x540
[  559.218466]  ? blkpg_ioctl+0xc40/0xc40
[  559.222349]  ? __switch_to_asm+0x40/0x70
[  559.226407]  ? lock_release+0xa30/0xa30
15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xd824, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  559.230380]  ? __switch_to_asm+0x34/0x70
[  559.234437]  ? __switch_to_asm+0x40/0x70
[  559.238495]  ? __switch_to_asm+0x34/0x70
[  559.242556]  ? __switch_to_asm+0x40/0x70
[  559.246619]  ? __schedule+0x884/0x1ec0
[  559.250515]  ? __fget+0x4d5/0x740
[  559.253973]  ? ksys_dup3+0x690/0x690
[  559.257685]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  559.262265]  ? kasan_check_write+0x14/0x20
[  559.266504]  ? do_raw_spin_lock+0xc1/0x200
[  559.270741]  block_ioctl+0xee/0x130
[  559.274370]  ? blkdev_fallocate+0x400/0x400
[  559.278688]  do_vfs_ioctl+0x1de/0x1720
15:23:37 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})

15:23:37 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x28eb000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  559.282574]  ? ioctl_preallocate+0x300/0x300
[  559.286981]  ? __fget_light+0x2f7/0x440
[  559.290955]  ? __schedule+0x1ec0/0x1ec0
[  559.294933]  ? fget_raw+0x20/0x20
[  559.298390]  ? kmem_cache_free+0x22e/0x2d0
[  559.302643]  ? putname+0xf7/0x130
[  559.306100]  ? do_sys_open+0x3cb/0x720
[  559.309990]  ? security_file_ioctl+0x94/0xc0
[  559.314400]  ksys_ioctl+0xa9/0xd0
[  559.317860]  __x64_sys_ioctl+0x73/0xb0
[  559.321758]  do_syscall_64+0x1b9/0x820
[  559.325656]  ? finish_task_switch+0x1d3/0x870
[  559.330166]  ? syscall_return_slowpath+0x5e0/0x5e0
[  559.335102]  ? syscall_return_slowpath+0x31d/0x5e0
[  559.340039]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  559.345061]  ? __switch_to_asm+0x34/0x70
[  559.349122]  ? __switch_to_asm+0x34/0x70
[  559.353185]  ? __switch_to_asm+0x40/0x70
[  559.357250]  ? __switch_to_asm+0x34/0x70
[  559.361316]  ? __switch_to_asm+0x40/0x70
[  559.365383]  ? __switch_to_asm+0x34/0x70
[  559.369444]  ? __switch_to_asm+0x40/0x70
[  559.373513]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  559.378361]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  559.383546] RIP: 0033:0x456997
[  559.386736] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  559.405631] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  559.413346] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  559.420616] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  559.427887] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  559.435160] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  559.442429] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000000a
15:23:38 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0xa, &(0x7f0000000100))

15:23:38 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x403]})

15:23:38 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x88a90000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:38 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}, 0x0}], 0x1, 0x0, 0x0)

15:23:38 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x4020940d, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:38 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:38 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x1f00, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:38 executing program 0 (fault-call:0 fault-nth:11):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:38 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:38 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]})

[  559.605144] FAULT_INJECTION: forcing a failure.
[  559.605144] name failslab, interval 1, probability 0, space 0, times 0
[  559.616428] CPU: 1 PID: 20517 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  559.624915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  559.634266] Call Trace:
[  559.636864]  dump_stack+0x1c9/0x2b4
[  559.640495]  ? dump_stack_print_info.cold.2+0x52/0x52
[  559.645684]  ? lock_release+0xa30/0xa30
[  559.649663]  should_fail.cold.4+0xa/0x11
[  559.653732]  ? __kernel_text_address+0xd/0x40
[  559.658235]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  559.663337]  ? kasan_check_write+0x14/0x20
[  559.667568]  ? osq_lock+0xd80/0xd80
[  559.671191]  ? lock_release+0xa30/0xa30
[  559.675155]  ? check_same_owner+0x340/0x340
[  559.679470]  ? rcu_note_context_switch+0x730/0x730
[  559.684398]  ? lock_acquire+0x1e4/0x540
[  559.688359]  ? fs_reclaim_acquire+0x20/0x20
[  559.692672]  ? lock_downgrade+0x8f0/0x8f0
[  559.696814]  ? check_same_owner+0x340/0x340
[  559.701129]  ? kasan_check_write+0x14/0x20
[  559.705355]  ? rcu_note_context_switch+0x730/0x730
[  559.710273]  __should_failslab+0x124/0x180
[  559.714514]  should_failslab+0x9/0x14
[  559.718302]  kmem_cache_alloc+0x2af/0x760
[  559.722437]  ? kasan_check_read+0x11/0x20
[  559.726574]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  559.731579]  __kernfs_new_node+0x127/0x8d0
[  559.735802]  ? kernfs_add_one+0x2d4/0x4d0
[  559.739940]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  559.744691]  ? kasan_check_write+0x14/0x20
[  559.748917]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  559.753831]  ? __kernfs_new_node+0x692/0x8d0
[  559.758228]  ? wait_for_completion+0x8d0/0x8d0
[  559.762794]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  559.767543]  ? kasan_check_write+0x14/0x20
[  559.771762]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  559.776681]  ? task_fork_fair+0x680/0x680
[  559.780820]  ? wait_for_completion+0x8d0/0x8d0
[  559.785397]  ? mutex_unlock+0xd/0x10
[  559.789099]  ? kernfs_activate+0x21a/0x2c0
[  559.793327]  kernfs_new_node+0x95/0x120
[  559.797294]  __kernfs_create_file+0x5a/0x340
[  559.801692]  sysfs_add_file_mode_ns+0x221/0x520
[  559.806350]  ? component_del+0x530/0x550
[  559.810403]  internal_create_group+0x3e1/0xd80
[  559.814977]  ? remove_files.isra.1+0x190/0x190
[  559.819543]  ? up_write+0x7b/0x220
[  559.823071]  ? up_read+0x110/0x110
[  559.826605]  ? down_read+0x1d0/0x1d0
[  559.830307]  ? kasan_check_write+0x14/0x20
[  559.834534]  sysfs_create_group+0x1f/0x30
[  559.838671]  lo_ioctl+0x1307/0x1d70
[  559.842290]  ? lo_rw_aio_complete+0x450/0x450
[  559.846774]  blkdev_ioctl+0x9cd/0x2030
[  559.850655]  ? lock_acquire+0x1e4/0x540
[  559.854619]  ? blkpg_ioctl+0xc40/0xc40
[  559.858499]  ? lock_release+0xa30/0xa30
[  559.862474]  ? save_stack+0xa9/0xd0
[  559.866092]  ? save_stack+0x43/0xd0
[  559.869715]  ? __fget+0x4d5/0x740
[  559.873159]  ? ksys_dup3+0x690/0x690
[  559.876858]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  559.881428]  ? kasan_check_write+0x14/0x20
[  559.885651]  ? do_raw_spin_lock+0xc1/0x200
[  559.889876]  block_ioctl+0xee/0x130
[  559.893491]  ? blkdev_fallocate+0x400/0x400
[  559.897800]  do_vfs_ioctl+0x1de/0x1720
[  559.901677]  ? ioctl_preallocate+0x300/0x300
[  559.906073]  ? __fget_light+0x2f7/0x440
[  559.910043]  ? fget_raw+0x20/0x20
[  559.913483]  ? trace_hardirqs_on+0xd/0x10
[  559.917620]  ? kmem_cache_free+0x22e/0x2d0
[  559.921843]  ? putname+0xf7/0x130
[  559.925285]  ? do_sys_open+0x3cb/0x720
[  559.929164]  ? security_file_ioctl+0x94/0xc0
[  559.933562]  ksys_ioctl+0xa9/0xd0
[  559.937007]  __x64_sys_ioctl+0x73/0xb0
[  559.940884]  do_syscall_64+0x1b9/0x820
[  559.944766]  ? finish_task_switch+0x1d3/0x870
[  559.949249]  ? syscall_return_slowpath+0x5e0/0x5e0
[  559.954166]  ? syscall_return_slowpath+0x31d/0x5e0
[  559.959090]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  559.964109]  ? __switch_to_asm+0x34/0x70
[  559.968155]  ? __switch_to_asm+0x34/0x70
[  559.972201]  ? __switch_to_asm+0x40/0x70
[  559.976248]  ? __switch_to_asm+0x34/0x70
[  559.980294]  ? __switch_to_asm+0x40/0x70
[  559.984343]  ? __switch_to_asm+0x34/0x70
[  559.988387]  ? __switch_to_asm+0x40/0x70
[  559.992439]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  559.997274]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  560.002449] RIP: 0033:0x456997
[  560.005631] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  560.024519] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  560.032216] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  560.039473] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  560.046727] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
15:23:38 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x80081272, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:38 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743474", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:38 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x2, 0x0, 0x0)

[  560.053983] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  560.061238] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000000b
15:23:38 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xffffffff00000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:38 executing program 0 (fault-call:0 fault-nth:12):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:38 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x304000000000000]})

[  560.212923] FAULT_INJECTION: forcing a failure.
[  560.212923] name failslab, interval 1, probability 0, space 0, times 0
[  560.224218] CPU: 1 PID: 20549 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  560.232710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  560.242073] Call Trace:
[  560.244674]  dump_stack+0x1c9/0x2b4
[  560.248316]  ? dump_stack_print_info.cold.2+0x52/0x52
[  560.253521]  ? __kernel_text_address+0xd/0x40
[  560.258028]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  560.263577]  should_fail.cold.4+0xa/0x11
[  560.267643]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  560.272753]  ? lock_release+0xa30/0xa30
[  560.276735]  ? rcu_note_context_switch+0x730/0x730
[  560.281675]  ? kasan_check_write+0x14/0x20
[  560.285915]  ? __mutex_lock+0x6d0/0x1700
[  560.289976]  ? kernfs_activate+0x8e/0x2c0
[  560.294134]  ? lock_acquire+0x1e4/0x540
[  560.298107]  ? fs_reclaim_acquire+0x20/0x20
[  560.302429]  ? lock_downgrade+0x8f0/0x8f0
[  560.306576]  ? kernfs_add_one+0x4f/0x4d0
[  560.310639]  ? check_same_owner+0x340/0x340
[  560.314958]  ? kernfs_activate+0x21a/0x2c0
[  560.319195]  ? rcu_note_context_switch+0x730/0x730
[  560.324129]  __should_failslab+0x124/0x180
[  560.328366]  should_failslab+0x9/0x14
[  560.332169]  kmem_cache_alloc+0x2af/0x760
[  560.336318]  ? kernfs_add_one+0x2d4/0x4d0
[  560.340466]  ? lock_downgrade+0x8f0/0x8f0
[  560.344619]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  560.349636]  __kernfs_new_node+0x127/0x8d0
[  560.353877]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  560.358630]  ? kasan_check_write+0x14/0x20
[  560.362869]  ? kasan_check_write+0x14/0x20
[  560.367104]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  560.372037]  ? wait_for_completion+0x8d0/0x8d0
[  560.376620]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  560.381374]  ? wait_for_completion+0x8d0/0x8d0
[  560.385954]  ? kasan_check_write+0x14/0x20
[  560.390189]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  560.395120]  ? mutex_unlock+0xd/0x10
[  560.398836]  ? kernfs_activate+0x21a/0x2c0
[  560.403079]  ? kernfs_walk_and_get_ns+0x340/0x340
[  560.407930]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  560.413467]  ? kernfs_link_sibling+0x1d2/0x3b0
[  560.418058]  kernfs_new_node+0x95/0x120
[  560.422038]  __kernfs_create_file+0x5a/0x340
[  560.426458]  sysfs_add_file_mode_ns+0x221/0x520
[  560.431128]  ? component_del+0x530/0x550
[  560.435197]  internal_create_group+0x3e1/0xd80
[  560.439785]  ? remove_files.isra.1+0x190/0x190
[  560.444366]  ? up_write+0x7b/0x220
[  560.447907]  ? up_read+0x110/0x110
[  560.451445]  ? down_read+0x1d0/0x1d0
[  560.455157]  ? kasan_check_write+0x14/0x20
[  560.459400]  sysfs_create_group+0x1f/0x30
[  560.463549]  lo_ioctl+0x1307/0x1d70
[  560.467180]  ? lo_rw_aio_complete+0x450/0x450
[  560.471684]  blkdev_ioctl+0x9cd/0x2030
[  560.475576]  ? lock_acquire+0x1e4/0x540
[  560.479550]  ? blkpg_ioctl+0xc40/0xc40
[  560.483440]  ? lock_release+0xa30/0xa30
[  560.487420]  ? save_stack+0xa9/0xd0
[  560.491050]  ? save_stack+0x43/0xd0
[  560.494677]  ? __fget+0x4d5/0x740
[  560.498130]  ? ksys_dup3+0x690/0x690
[  560.501844]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  560.506425]  ? kasan_check_write+0x14/0x20
[  560.510676]  ? do_raw_spin_lock+0xc1/0x200
[  560.514914]  block_ioctl+0xee/0x130
[  560.518540]  ? blkdev_fallocate+0x400/0x400
[  560.522863]  do_vfs_ioctl+0x1de/0x1720
[  560.526750]  ? ioctl_preallocate+0x300/0x300
[  560.531165]  ? __fget_light+0x2f7/0x440
[  560.535137]  ? fget_raw+0x20/0x20
[  560.538590]  ? trace_hardirqs_on+0xd/0x10
[  560.542738]  ? kmem_cache_free+0x22e/0x2d0
[  560.546968]  ? putname+0xf7/0x130
[  560.550419]  ? do_sys_open+0x3cb/0x720
[  560.554307]  ? security_file_ioctl+0x94/0xc0
[  560.558716]  ksys_ioctl+0xa9/0xd0
[  560.562171]  __x64_sys_ioctl+0x73/0xb0
[  560.566065]  do_syscall_64+0x1b9/0x820
[  560.569954]  ? finish_task_switch+0x1d3/0x870
[  560.574449]  ? syscall_return_slowpath+0x5e0/0x5e0
[  560.579384]  ? syscall_return_slowpath+0x31d/0x5e0
[  560.584318]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  560.589338]  ? __switch_to_asm+0x34/0x70
[  560.593400]  ? __switch_to_asm+0x34/0x70
[  560.597461]  ? __switch_to_asm+0x40/0x70
[  560.601521]  ? __switch_to_asm+0x34/0x70
[  560.605578]  ? __switch_to_asm+0x40/0x70
[  560.609635]  ? __switch_to_asm+0x34/0x70
[  560.613698]  ? __switch_to_asm+0x40/0x70
[  560.617761]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  560.622607]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  560.627791] RIP: 0033:0x456997
[  560.630983] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  560.649880] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  560.657592] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
15:23:39 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa6ec, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:39 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x401870cb, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:39 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x7, 0x0, 0x0)

15:23:39 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x23, &(0x7f0000000100))

15:23:39 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]})

15:23:39 executing program 0 (fault-call:0 fault-nth:13):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:39 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434f1", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  560.664860] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  560.672129] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  560.679400] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  560.686666] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000000c
15:23:39 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x8cffffff00000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:39 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

15:23:39 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0xa, 0x0, 0x0)

15:23:39 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x200000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:39 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x5450, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  560.812006] FAULT_INJECTION: forcing a failure.
[  560.812006] name failslab, interval 1, probability 0, space 0, times 0
[  560.823335] CPU: 0 PID: 20573 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  560.831824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  560.841165] Call Trace:
[  560.843742]  dump_stack+0x1c9/0x2b4
[  560.847360]  ? dump_stack_print_info.cold.2+0x52/0x52
[  560.852539]  ? __kernel_text_address+0xd/0x40
[  560.857023]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  560.862552]  should_fail.cold.4+0xa/0x11
[  560.866605]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  560.871697]  ? lock_release+0xa30/0xa30
[  560.875660]  ? rcu_note_context_switch+0x730/0x730
[  560.880582]  ? kasan_check_write+0x14/0x20
[  560.884805]  ? __mutex_lock+0x6d0/0x1700
[  560.888854]  ? kernfs_activate+0x8e/0x2c0
[  560.892993]  ? lock_acquire+0x1e4/0x540
[  560.896957]  ? fs_reclaim_acquire+0x20/0x20
[  560.901266]  ? lock_downgrade+0x8f0/0x8f0
[  560.905401]  ? kernfs_add_one+0x4f/0x4d0
[  560.909452]  ? check_same_owner+0x340/0x340
[  560.913769]  ? kernfs_activate+0x21a/0x2c0
[  560.917991]  ? rcu_note_context_switch+0x730/0x730
[  560.922913]  __should_failslab+0x124/0x180
[  560.927137]  should_failslab+0x9/0x14
[  560.930926]  kmem_cache_alloc+0x2af/0x760
[  560.935060]  ? kernfs_add_one+0x2d4/0x4d0
[  560.939201]  ? lock_downgrade+0x8f0/0x8f0
[  560.943338]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  560.948342]  __kernfs_new_node+0x127/0x8d0
[  560.952565]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  560.957305]  ? kasan_check_write+0x14/0x20
[  560.961530]  ? kasan_check_write+0x14/0x20
[  560.965751]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  560.970667]  ? wait_for_completion+0x8d0/0x8d0
[  560.975237]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  560.979982]  ? wait_for_completion+0x8d0/0x8d0
[  560.984564]  ? kasan_check_write+0x14/0x20
[  560.988791]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  560.993712]  ? mutex_unlock+0xd/0x10
[  560.997411]  ? kernfs_activate+0x21a/0x2c0
[  561.001635]  ? kernfs_walk_and_get_ns+0x340/0x340
[  561.006486]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  561.012009]  ? kernfs_link_sibling+0x1d2/0x3b0
[  561.016581]  kernfs_new_node+0x95/0x120
[  561.020557]  __kernfs_create_file+0x5a/0x340
[  561.024956]  sysfs_add_file_mode_ns+0x221/0x520
[  561.029617]  ? component_del+0x530/0x550
[  561.033665]  internal_create_group+0x3e1/0xd80
[  561.038243]  ? remove_files.isra.1+0x190/0x190
[  561.042810]  ? up_write+0x7b/0x220
[  561.046339]  ? up_read+0x110/0x110
[  561.049864]  ? down_read+0x1d0/0x1d0
[  561.053565]  ? kasan_check_write+0x14/0x20
[  561.057792]  sysfs_create_group+0x1f/0x30
[  561.061928]  lo_ioctl+0x1307/0x1d70
[  561.065549]  ? lo_rw_aio_complete+0x450/0x450
[  561.070040]  blkdev_ioctl+0x9cd/0x2030
[  561.073915]  ? lock_acquire+0x1e4/0x540
[  561.077874]  ? blkpg_ioctl+0xc40/0xc40
[  561.081749]  ? lock_release+0xa30/0xa30
[  561.085717]  ? __switch_to_asm+0x34/0x70
[  561.089765]  ? __switch_to_asm+0x34/0x70
[  561.093812]  ? __switch_to_asm+0x40/0x70
[  561.097862]  ? __schedule+0x884/0x1ec0
[  561.101741]  ? __fget+0x4d5/0x740
[  561.105187]  ? ksys_dup3+0x690/0x690
[  561.108886]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  561.113457]  ? kasan_check_write+0x14/0x20
[  561.117687]  ? do_raw_spin_lock+0xc1/0x200
[  561.121913]  block_ioctl+0xee/0x130
[  561.125530]  ? blkdev_fallocate+0x400/0x400
[  561.129838]  do_vfs_ioctl+0x1de/0x1720
[  561.133713]  ? ioctl_preallocate+0x300/0x300
[  561.141093]  ? __fget_light+0x2f7/0x440
[  561.145053]  ? __schedule+0x1ec0/0x1ec0
[  561.149016]  ? fget_raw+0x20/0x20
[  561.152460]  ? kmem_cache_free+0x22e/0x2d0
[  561.157510]  ? putname+0xf7/0x130
[  561.161377]  ? do_sys_open+0x3cb/0x720
[  561.165260]  ? security_file_ioctl+0x94/0xc0
[  561.169657]  ksys_ioctl+0xa9/0xd0
[  561.173104]  __x64_sys_ioctl+0x73/0xb0
[  561.177096]  do_syscall_64+0x1b9/0x820
[  561.180991]  ? finish_task_switch+0x1d3/0x870
[  561.185478]  ? syscall_return_slowpath+0x5e0/0x5e0
[  561.190397]  ? syscall_return_slowpath+0x31d/0x5e0
[  561.195315]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  561.200318]  ? __switch_to_asm+0x34/0x70
[  561.204364]  ? __switch_to_asm+0x34/0x70
[  561.208409]  ? __switch_to_asm+0x40/0x70
[  561.212455]  ? __switch_to_asm+0x34/0x70
[  561.216503]  ? __switch_to_asm+0x40/0x70
[  561.220548]  ? __switch_to_asm+0x34/0x70
[  561.224592]  ? __switch_to_asm+0x40/0x70
[  561.228642]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  561.233479]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  561.238659] RIP: 0033:0x456997
[  561.241840] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
15:23:39 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x19, 0x0, 0x0)

[  561.260727] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  561.268425] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  561.275679] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  561.282931] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  561.290187] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  561.297441] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000000d
15:23:39 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x25, &(0x7f0000000100))

15:23:39 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]})

[  561.310100] f2fs_msg: 28 callbacks suppressed
[  561.310113] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  561.321756] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  561.345662] F2FS-fs (loop0): journaled quota format not specified
15:23:39 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x10a40000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:39 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="640374348c", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  561.360942] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  561.368029] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  561.393578] F2FS-fs (loop0): journaled quota format not specified
15:23:39 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2d00000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:39 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1300, 0x0, 0x0)

15:23:39 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3040000]})

15:23:39 executing program 0 (fault-call:0 fault-nth:14):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:39 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0xc0045878, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:40 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x2b, &(0x7f0000000100))

[  561.585515] FAULT_INJECTION: forcing a failure.
[  561.585515] name failslab, interval 1, probability 0, space 0, times 0
[  561.596821] CPU: 0 PID: 20624 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  561.605313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  561.614656] Call Trace:
[  561.617231]  dump_stack+0x1c9/0x2b4
[  561.620851]  ? dump_stack_print_info.cold.2+0x52/0x52
[  561.626034]  ? __kernel_text_address+0xd/0x40
[  561.630523]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  561.636052]  ? replace_slot+0xc9/0x4c0
[  561.639947]  should_fail.cold.4+0xa/0x11
[  561.644140]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  561.649258]  ? lock_release+0xa30/0xa30
[  561.653217]  ? rcu_note_context_switch+0x730/0x730
[  561.658139]  ? kasan_check_write+0x14/0x20
[  561.662360]  ? __mutex_lock+0x6d0/0x1700
[  561.666436]  ? kernfs_activate+0x8e/0x2c0
[  561.670567]  ? lock_acquire+0x1e4/0x540
[  561.674529]  ? fs_reclaim_acquire+0x20/0x20
[  561.678833]  ? lock_downgrade+0x8f0/0x8f0
[  561.682973]  ? kernfs_add_one+0x4f/0x4d0
[  561.687025]  ? check_same_owner+0x340/0x340
[  561.691346]  ? kernfs_activate+0x21a/0x2c0
[  561.695563]  ? rcu_note_context_switch+0x730/0x730
[  561.700479]  __should_failslab+0x124/0x180
[  561.704704]  should_failslab+0x9/0x14
[  561.708499]  kmem_cache_alloc+0x2af/0x760
[  561.712640]  ? kernfs_add_one+0x2d4/0x4d0
[  561.716772]  ? lock_downgrade+0x8f0/0x8f0
[  561.720909]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  561.725912]  __kernfs_new_node+0x127/0x8d0
[  561.730138]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  561.734876]  ? kasan_check_write+0x14/0x20
[  561.739100]  ? kasan_check_write+0x14/0x20
[  561.743318]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  561.748229]  ? wait_for_completion+0x8d0/0x8d0
[  561.752794]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  561.757531]  ? wait_for_completion+0x8d0/0x8d0
[  561.762102]  ? kasan_check_write+0x14/0x20
[  561.766325]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  561.771245]  ? __switch_to_asm+0x40/0x70
[  561.775287]  ? mutex_unlock+0xd/0x10
[  561.778993]  ? kernfs_activate+0x21a/0x2c0
[  561.783210]  ? kernfs_walk_and_get_ns+0x340/0x340
[  561.788035]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  561.793563]  ? kernfs_link_sibling+0x1d2/0x3b0
[  561.798125]  kernfs_new_node+0x95/0x120
[  561.802094]  __kernfs_create_file+0x5a/0x340
[  561.806495]  sysfs_add_file_mode_ns+0x221/0x520
[  561.811148]  ? component_del+0x530/0x550
[  561.815204]  internal_create_group+0x3e1/0xd80
[  561.819775]  ? remove_files.isra.1+0x190/0x190
[  561.824340]  ? up_write+0x7b/0x220
[  561.827875]  ? up_read+0x110/0x110
[  561.831398]  ? down_read+0x1d0/0x1d0
[  561.835138]  ? kasan_check_write+0x14/0x20
[  561.839359]  sysfs_create_group+0x1f/0x30
[  561.843495]  lo_ioctl+0x1307/0x1d70
[  561.847115]  ? lo_rw_aio_complete+0x450/0x450
[  561.851597]  blkdev_ioctl+0x9cd/0x2030
[  561.855474]  ? lock_acquire+0x1e4/0x540
[  561.859437]  ? blkpg_ioctl+0xc40/0xc40
[  561.863312]  ? lock_release+0xa30/0xa30
[  561.867293]  ? save_stack+0xa9/0xd0
[  561.870916]  ? save_stack+0x43/0xd0
[  561.874533]  ? __fget+0x4d5/0x740
[  561.877979]  ? ksys_dup3+0x690/0x690
[  561.881680]  ? do_raw_spin_trylock+0x1c0/0x1c0
15:23:40 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x74a1, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:40 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x304]})

[  561.886275]  ? kasan_check_write+0x14/0x20
[  561.890494]  ? do_raw_spin_lock+0xc1/0x200
[  561.894710]  block_ioctl+0xee/0x130
[  561.898318]  ? blkdev_fallocate+0x400/0x400
[  561.902630]  do_vfs_ioctl+0x1de/0x1720
[  561.906505]  ? ioctl_preallocate+0x300/0x300
[  561.910913]  ? __fget_light+0x2f7/0x440
[  561.914870]  ? fget_raw+0x20/0x20
[  561.918314]  ? trace_hardirqs_on+0xd/0x10
[  561.922462]  ? kmem_cache_free+0x22e/0x2d0
[  561.926701]  ? putname+0xf7/0x130
[  561.930161]  ? do_sys_open+0x3cb/0x720
15:23:40 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1279, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  561.934053]  ? security_file_ioctl+0x94/0xc0
[  561.938466]  ksys_ioctl+0xa9/0xd0
[  561.941921]  __x64_sys_ioctl+0x73/0xb0
[  561.945814]  do_syscall_64+0x1b9/0x820
[  561.949705]  ? syscall_return_slowpath+0x5e0/0x5e0
[  561.954639]  ? syscall_return_slowpath+0x31d/0x5e0
[  561.959678]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  561.964720]  ? __switch_to_asm+0x34/0x70
[  561.968780]  ? __switch_to_asm+0x34/0x70
[  561.972838]  ? __switch_to_asm+0x40/0x70
[  561.976900]  ? __switch_to_asm+0x34/0x70
[  561.980963]  ? __switch_to_asm+0x34/0x70
15:23:40 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x1c00000000000000, 0x0)

[  561.985028]  ? __switch_to_asm+0x40/0x70
[  561.989092]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  561.993940]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  561.999126] RIP: 0033:0x456997
[  562.002320] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  562.021235] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  562.028943] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  562.036209] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  562.043475] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  562.050740] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  562.058002] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000000e
15:23:40 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4c00000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:40 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  562.088085] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  562.095254] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  562.103424] F2FS-fs (loop0): journaled quota format not specified
[  562.121956] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
15:23:40 executing program 0 (fault-call:0 fault-nth:15):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:40 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff]})

15:23:40 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x2d, &(0x7f0000000100))

[  562.277260] FAULT_INJECTION: forcing a failure.
[  562.277260] name failslab, interval 1, probability 0, space 0, times 0
[  562.288556] CPU: 1 PID: 20660 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  562.297048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  562.306401] Call Trace:
[  562.308997]  dump_stack+0x1c9/0x2b4
[  562.312632]  ? dump_stack_print_info.cold.2+0x52/0x52
[  562.317829]  ? __kernel_text_address+0xd/0x40
[  562.322334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.327881]  ? replace_slot+0xc9/0x4c0
[  562.331768]  should_fail.cold.4+0xa/0x11
[  562.335828]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  562.340932]  ? lock_release+0xa30/0xa30
[  562.344896]  ? rcu_note_context_switch+0x730/0x730
[  562.349821]  ? kasan_check_write+0x14/0x20
[  562.354041]  ? __mutex_lock+0x6d0/0x1700
[  562.358090]  ? kernfs_activate+0x8e/0x2c0
[  562.362232]  ? lock_acquire+0x1e4/0x540
[  562.366193]  ? fs_reclaim_acquire+0x20/0x20
[  562.370505]  ? lock_downgrade+0x8f0/0x8f0
[  562.374649]  ? kernfs_add_one+0x4f/0x4d0
[  562.378701]  ? check_same_owner+0x340/0x340
[  562.383010]  ? kernfs_activate+0x21a/0x2c0
[  562.387231]  ? rcu_note_context_switch+0x730/0x730
[  562.392152]  __should_failslab+0x124/0x180
[  562.396378]  should_failslab+0x9/0x14
[  562.400167]  kmem_cache_alloc+0x2af/0x760
[  562.404301]  ? kernfs_add_one+0x2d4/0x4d0
[  562.408440]  ? lock_downgrade+0x8f0/0x8f0
[  562.412574]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  562.417577]  __kernfs_new_node+0x127/0x8d0
[  562.421804]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  562.426548]  ? kasan_check_write+0x14/0x20
[  562.430769]  ? kasan_check_write+0x14/0x20
[  562.434993]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  562.439907]  ? wait_for_completion+0x8d0/0x8d0
[  562.444477]  ? wait_for_completion+0x8d0/0x8d0
[  562.449044]  ? kasan_check_write+0x14/0x20
[  562.453275]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  562.458205]  ? mutex_unlock+0xd/0x10
[  562.461906]  ? kernfs_activate+0x21a/0x2c0
[  562.466127]  ? kernfs_walk_and_get_ns+0x340/0x340
[  562.470964]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  562.476494]  ? kernfs_link_sibling+0x1d2/0x3b0
[  562.481065]  kernfs_new_node+0x95/0x120
[  562.485034]  __kernfs_create_file+0x5a/0x340
[  562.489431]  sysfs_add_file_mode_ns+0x221/0x520
[  562.494093]  ? component_del+0x530/0x550
[  562.498146]  internal_create_group+0x3e1/0xd80
[  562.502722]  ? remove_files.isra.1+0x190/0x190
[  562.507291]  ? up_write+0x7b/0x220
[  562.510816]  ? up_read+0x110/0x110
[  562.514344]  ? down_read+0x1d0/0x1d0
[  562.518045]  ? kasan_check_write+0x14/0x20
[  562.522277]  sysfs_create_group+0x1f/0x30
[  562.526413]  lo_ioctl+0x1307/0x1d70
[  562.530030]  ? lo_rw_aio_complete+0x450/0x450
[  562.534516]  blkdev_ioctl+0x9cd/0x2030
[  562.538394]  ? lock_acquire+0x1e4/0x540
[  562.542363]  ? blkpg_ioctl+0xc40/0xc40
[  562.546240]  ? lock_release+0xa30/0xa30
[  562.550203]  ? save_stack+0xa9/0xd0
[  562.553817]  ? save_stack+0x43/0xd0
[  562.557442]  ? __fget+0x4d5/0x740
[  562.560883]  ? ksys_dup3+0x690/0x690
[  562.564584]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  562.569153]  ? kasan_check_write+0x14/0x20
[  562.573385]  ? do_raw_spin_lock+0xc1/0x200
[  562.577609]  block_ioctl+0xee/0x130
[  562.581222]  ? blkdev_fallocate+0x400/0x400
[  562.585530]  do_vfs_ioctl+0x1de/0x1720
[  562.589407]  ? ioctl_preallocate+0x300/0x300
[  562.593802]  ? __fget_light+0x2f7/0x440
[  562.597763]  ? fget_raw+0x20/0x20
[  562.601204]  ? trace_hardirqs_on+0xd/0x10
[  562.605342]  ? kmem_cache_free+0x22e/0x2d0
[  562.609567]  ? putname+0xf7/0x130
[  562.613010]  ? do_sys_open+0x3cb/0x720
[  562.616889]  ? security_file_ioctl+0x94/0xc0
[  562.621295]  ksys_ioctl+0xa9/0xd0
[  562.624738]  __x64_sys_ioctl+0x73/0xb0
[  562.628614]  do_syscall_64+0x1b9/0x820
[  562.632487]  ? finish_task_switch+0x1d3/0x870
[  562.636968]  ? syscall_return_slowpath+0x5e0/0x5e0
[  562.641892]  ? syscall_return_slowpath+0x31d/0x5e0
[  562.646811]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  562.651818]  ? __switch_to_asm+0x34/0x70
[  562.655869]  ? __switch_to_asm+0x34/0x70
[  562.659915]  ? __switch_to_asm+0x40/0x70
[  562.663960]  ? __switch_to_asm+0x34/0x70
[  562.668007]  ? __switch_to_asm+0x40/0x70
[  562.672053]  ? __switch_to_asm+0x34/0x70
[  562.676100]  ? __switch_to_asm+0x40/0x70
[  562.680148]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  562.684983]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  562.690159] RIP: 0033:0x456997
[  562.693349] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  562.712237] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  562.719931] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
15:23:41 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]})

15:23:41 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x3138, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:41 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x4000000000000, 0x0)

15:23:41 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127e, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  562.727187] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  562.734440] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  562.741694] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  562.748947] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000000f
[  562.760318] EXT4-fs: 28 callbacks suppressed
[  562.760328] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:41 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:41 executing program 0 (fault-call:0 fault-nth:16):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:41 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x300000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  562.788503] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:41 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x3b, &(0x7f0000000100))

15:23:41 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1262, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:41 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xcfd0, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:41 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]})

15:23:41 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x28050000, 0x0)

[  562.938405] FAULT_INJECTION: forcing a failure.
[  562.938405] name failslab, interval 1, probability 0, space 0, times 0
[  562.949772] CPU: 0 PID: 20685 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  562.958372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  562.967726] Call Trace:
[  562.970366]  dump_stack+0x1c9/0x2b4
[  562.974000]  ? dump_stack_print_info.cold.2+0x52/0x52
[  562.979195]  ? __kernel_text_address+0xd/0x40
[  562.983694]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  562.989233]  ? replace_slot+0xc9/0x4c0
[  562.993132]  should_fail.cold.4+0xa/0x11
[  562.997193]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  563.002305]  ? lock_release+0xa30/0xa30
[  563.006279]  ? rcu_note_context_switch+0x730/0x730
[  563.011232]  ? kasan_check_write+0x14/0x20
[  563.015470]  ? __mutex_lock+0x6d0/0x1700
[  563.019530]  ? kernfs_activate+0x8e/0x2c0
[  563.023671]  ? lock_acquire+0x1e4/0x540
[  563.027639]  ? fs_reclaim_acquire+0x20/0x20
[  563.031955]  ? lock_downgrade+0x8f0/0x8f0
[  563.036100]  ? kernfs_add_one+0x4f/0x4d0
[  563.040152]  ? check_same_owner+0x340/0x340
[  563.044461]  ? kernfs_activate+0x21a/0x2c0
[  563.048684]  ? rcu_note_context_switch+0x730/0x730
[  563.053619]  __should_failslab+0x124/0x180
[  563.057845]  should_failslab+0x9/0x14
[  563.061636]  kmem_cache_alloc+0x2af/0x760
[  563.065771]  ? kernfs_add_one+0x2d4/0x4d0
[  563.069910]  ? lock_downgrade+0x8f0/0x8f0
[  563.074047]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  563.079052]  __kernfs_new_node+0x127/0x8d0
[  563.083284]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  563.088029]  ? kasan_check_write+0x14/0x20
[  563.092253]  ? kasan_check_write+0x14/0x20
[  563.096491]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  563.101414]  ? wait_for_completion+0x8d0/0x8d0
[  563.105983]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  563.110727]  ? wait_for_completion+0x8d0/0x8d0
[  563.115309]  ? kasan_check_write+0x14/0x20
[  563.119530]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  563.124447]  ? mutex_unlock+0xd/0x10
[  563.128149]  ? kernfs_activate+0x21a/0x2c0
[  563.132370]  ? kernfs_walk_and_get_ns+0x340/0x340
[  563.139772]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  563.145334]  ? kernfs_link_sibling+0x1d2/0x3b0
[  563.149907]  kernfs_new_node+0x95/0x120
[  563.153870]  __kernfs_create_file+0x5a/0x340
[  563.158294]  sysfs_add_file_mode_ns+0x221/0x520
[  563.162956]  ? component_del+0x530/0x550
[  563.167110]  internal_create_group+0x3e1/0xd80
[  563.171686]  ? remove_files.isra.1+0x190/0x190
[  563.176274]  ? up_write+0x7b/0x220
[  563.179803]  ? up_read+0x110/0x110
[  563.183329]  ? down_read+0x1d0/0x1d0
[  563.187030]  ? kasan_check_write+0x14/0x20
[  563.191256]  sysfs_create_group+0x1f/0x30
[  563.195395]  lo_ioctl+0x1307/0x1d70
[  563.199012]  ? lo_rw_aio_complete+0x450/0x450
[  563.203496]  blkdev_ioctl+0x9cd/0x2030
[  563.207368]  ? lock_acquire+0x1e4/0x540
[  563.211331]  ? blkpg_ioctl+0xc40/0xc40
[  563.215207]  ? lock_release+0xa30/0xa30
[  563.219171]  ? save_stack+0xa9/0xd0
[  563.222785]  ? save_stack+0x43/0xd0
[  563.226402]  ? __fget+0x4d5/0x740
[  563.229846]  ? ksys_dup3+0x690/0x690
[  563.233545]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  563.238116]  ? kasan_check_write+0x14/0x20
[  563.242336]  ? do_raw_spin_lock+0xc1/0x200
[  563.246563]  block_ioctl+0xee/0x130
[  563.250175]  ? blkdev_fallocate+0x400/0x400
[  563.254485]  do_vfs_ioctl+0x1de/0x1720
[  563.258365]  ? ioctl_preallocate+0x300/0x300
[  563.262759]  ? __fget_light+0x2f7/0x440
[  563.266721]  ? fget_raw+0x20/0x20
[  563.270163]  ? trace_hardirqs_on+0xd/0x10
[  563.274306]  ? kmem_cache_free+0x22e/0x2d0
[  563.278527]  ? putname+0xf7/0x130
[  563.281970]  ? do_sys_open+0x3cb/0x720
[  563.285845]  ? security_file_ioctl+0x94/0xc0
[  563.290253]  ksys_ioctl+0xa9/0xd0
[  563.293729]  __x64_sys_ioctl+0x73/0xb0
[  563.297606]  do_syscall_64+0x1b9/0x820
[  563.301480]  ? finish_task_switch+0x1d3/0x870
[  563.305964]  ? syscall_return_slowpath+0x5e0/0x5e0
[  563.310882]  ? syscall_return_slowpath+0x31d/0x5e0
[  563.315799]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  563.320802]  ? __switch_to_asm+0x34/0x70
[  563.324848]  ? __switch_to_asm+0x34/0x70
[  563.328895]  ? __switch_to_asm+0x40/0x70
[  563.332941]  ? __switch_to_asm+0x34/0x70
[  563.336989]  ? __switch_to_asm+0x40/0x70
[  563.341036]  ? __switch_to_asm+0x34/0x70
[  563.345086]  ? __switch_to_asm+0x40/0x70
[  563.349151]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  563.353985]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  563.359158] RIP: 0033:0x456997
[  563.362340] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  563.381237] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
15:23:41 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]})

15:23:41 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127b, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:41 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x1c000000, 0x0)

15:23:41 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x2099000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  563.388938] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  563.396191] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  563.403446] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  563.410702] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  563.417956] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000010
[  563.430019] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:42 executing program 0 (fault-call:0 fault-nth:17):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:42 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x100000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:42 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  563.462549] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  563.468627] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:42 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x74})

15:23:42 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})

15:23:42 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1261, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:42 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc910000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:42 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x528, 0x0)

15:23:42 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xbc180000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  563.673215] FAULT_INJECTION: forcing a failure.
[  563.673215] name failslab, interval 1, probability 0, space 0, times 0
[  563.684618] CPU: 0 PID: 20726 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  563.693111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  563.702465] Call Trace:
[  563.705049]  dump_stack+0x1c9/0x2b4
[  563.708673]  ? dump_stack_print_info.cold.2+0x52/0x52
[  563.713865]  ? __kernel_text_address+0xd/0x40
[  563.718372]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  563.723898]  should_fail.cold.4+0xa/0x11
[  563.727963]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  563.733065]  ? lock_release+0xa30/0xa30
[  563.737035]  ? rcu_note_context_switch+0x730/0x730
[  563.741965]  ? kasan_check_write+0x14/0x20
[  563.746202]  ? __mutex_lock+0x6d0/0x1700
[  563.750276]  ? kernfs_activate+0x8e/0x2c0
[  563.754423]  ? lock_acquire+0x1e4/0x540
[  563.758408]  ? fs_reclaim_acquire+0x20/0x20
[  563.762746]  ? lock_downgrade+0x8f0/0x8f0
[  563.766906]  ? kernfs_add_one+0x4f/0x4d0
[  563.770962]  ? check_same_owner+0x340/0x340
[  563.775305]  ? kernfs_activate+0x21a/0x2c0
[  563.779537]  ? rcu_note_context_switch+0x730/0x730
[  563.784455]  __should_failslab+0x124/0x180
[  563.788688]  should_failslab+0x9/0x14
[  563.792494]  kmem_cache_alloc+0x2af/0x760
[  563.796627]  ? kernfs_add_one+0x2d4/0x4d0
[  563.800766]  ? lock_downgrade+0x8f0/0x8f0
[  563.804903]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  563.809906]  __kernfs_new_node+0x127/0x8d0
[  563.814137]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  563.818878]  ? kasan_check_write+0x14/0x20
15:23:42 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304]})

15:23:42 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x1c, 0x0)

[  563.823107]  ? kasan_check_write+0x14/0x20
[  563.827347]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  563.832282]  ? wait_for_completion+0x8d0/0x8d0
[  563.836984]  ? wait_for_completion+0x8d0/0x8d0
[  563.841570]  ? kasan_check_write+0x14/0x20
[  563.845814]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  563.850770]  ? mutex_unlock+0xd/0x10
[  563.854504]  ? kernfs_activate+0x21a/0x2c0
[  563.858744]  ? kernfs_walk_and_get_ns+0x340/0x340
[  563.863595]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  563.869137]  ? kernfs_link_sibling+0x1d2/0x3b0
[  563.873726]  kernfs_new_node+0x95/0x120
[  563.877710]  __kernfs_create_file+0x5a/0x340
[  563.882127]  sysfs_add_file_mode_ns+0x221/0x520
[  563.886800]  ? component_del+0x530/0x550
[  563.888658] EXT4-fs (sda1): Unrecognized mount option "t" or missing value
[  563.890863]  internal_create_group+0x3e1/0xd80
[  563.890885]  ? remove_files.isra.1+0x190/0x190
[  563.890899]  ? up_write+0x7b/0x220
[  563.890913]  ? up_read+0x110/0x110
[  563.890927]  ? down_read+0x1d0/0x1d0
[  563.890941]  ? kasan_check_write+0x14/0x20
[  563.890957]  sysfs_create_group+0x1f/0x30
[  563.890977]  lo_ioctl+0x1307/0x1d70
[  563.929819]  ? lo_rw_aio_complete+0x450/0x450
[  563.934318]  blkdev_ioctl+0x9cd/0x2030
[  563.938210]  ? lock_acquire+0x1e4/0x540
[  563.942194]  ? blkpg_ioctl+0xc40/0xc40
[  563.946085]  ? lock_release+0xa30/0xa30
[  563.950063]  ? save_stack+0xa9/0xd0
[  563.953691]  ? save_stack+0x43/0xd0
[  563.957316]  ? __fget+0x4d5/0x740
[  563.960770]  ? ksys_dup3+0x690/0x690
[  563.964483]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  563.969080]  ? kasan_check_write+0x14/0x20
[  563.973312]  ? do_raw_spin_lock+0xc1/0x200
[  563.977552]  block_ioctl+0xee/0x130
[  563.981179]  ? blkdev_fallocate+0x400/0x400
[  563.985507]  do_vfs_ioctl+0x1de/0x1720
[  563.989402]  ? ioctl_preallocate+0x300/0x300
[  563.993826]  ? __fget_light+0x2f7/0x440
[  563.997799]  ? fget_raw+0x20/0x20
[  564.001258]  ? trace_hardirqs_on+0xd/0x10
[  564.005406]  ? kmem_cache_free+0x22e/0x2d0
[  564.009656]  ? putname+0xf7/0x130
[  564.013112]  ? do_sys_open+0x3cb/0x720
[  564.016999]  ? security_file_ioctl+0x94/0xc0
[  564.021409]  ksys_ioctl+0xa9/0xd0
[  564.024862]  __x64_sys_ioctl+0x73/0xb0
[  564.028755]  do_syscall_64+0x1b9/0x820
[  564.032640]  ? finish_task_switch+0x1d3/0x870
[  564.037138]  ? syscall_return_slowpath+0x5e0/0x5e0
[  564.042067]  ? syscall_return_slowpath+0x31d/0x5e0
[  564.046996]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  564.052009]  ? __switch_to_asm+0x34/0x70
[  564.056072]  ? __switch_to_asm+0x34/0x70
[  564.060132]  ? __switch_to_asm+0x40/0x70
[  564.064231]  ? __switch_to_asm+0x34/0x70
[  564.068307]  ? __switch_to_asm+0x40/0x70
[  564.072369]  ? __switch_to_asm+0x34/0x70
[  564.076430]  ? __switch_to_asm+0x40/0x70
[  564.080492]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  564.085346]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  564.090532] RIP: 0033:0x456997
[  564.093723] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  564.112624] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  564.120340] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  564.127604] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  564.134871] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  564.144840] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  564.152114] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000011
[  564.165192] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:42 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x401870cc, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:42 executing program 0 (fault-call:0 fault-nth:18):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:42 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0xedc000000000})

15:23:42 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4c000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  564.171568] EXT4-fs (sda1): quotafile must be on filesystem root
[  564.181634] EXT4-fs (sda1): Unrecognized mount option "t" or missing value
[  564.211199] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:42 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:42 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})

15:23:42 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x9e98, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:42 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x125f, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:42 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x2805000000000000, 0x0)

[  564.348876] FAULT_INJECTION: forcing a failure.
[  564.348876] name failslab, interval 1, probability 0, space 0, times 0
[  564.360175] CPU: 1 PID: 20767 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  564.368662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  564.378024] Call Trace:
[  564.380617]  dump_stack+0x1c9/0x2b4
[  564.384244]  ? dump_stack_print_info.cold.2+0x52/0x52
[  564.389432]  ? is_bpf_text_address+0xd7/0x170
[  564.393928]  should_fail.cold.4+0xa/0x11
[  564.397992]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  564.403095]  ? save_stack+0xa9/0xd0
[  564.406717]  ? save_stack+0x43/0xd0
[  564.410337]  ? kasan_kmalloc+0xc4/0xe0
[  564.414226]  ? kmem_cache_alloc_trace+0x152/0x780
[  564.419064]  ? kobject_uevent_env+0x20f/0x1110
[  564.423732]  ? kobject_uevent+0x1f/0x30
[  564.427701]  ? lo_ioctl+0x1385/0x1d70
[  564.431494]  ? blkdev_ioctl+0x9cd/0x2030
[  564.435550]  ? block_ioctl+0xee/0x130
[  564.439350]  ? do_vfs_ioctl+0x1de/0x1720
[  564.444011]  ? ksys_ioctl+0xa9/0xd0
[  564.447633]  ? __x64_sys_ioctl+0x73/0xb0
[  564.451696]  ? do_syscall_64+0x1b9/0x820
[  564.455943]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  564.461304]  ? kernfs_activate+0x21a/0x2c0
[  564.465539]  ? lock_acquire+0x1e4/0x540
[  564.469521]  ? fs_reclaim_acquire+0x20/0x20
[  564.473854]  ? lock_downgrade+0x8f0/0x8f0
[  564.478005]  ? check_same_owner+0x340/0x340
[  564.482328]  ? lock_release+0xa30/0xa30
[  564.486331]  ? rcu_note_context_switch+0x730/0x730
[  564.491264]  __should_failslab+0x124/0x180
[  564.495497]  should_failslab+0x9/0x14
[  564.499299]  __kmalloc+0x2c8/0x760
[  564.502844]  ? kobject_get_path+0xc2/0x1a0
[  564.507075]  kobject_get_path+0xc2/0x1a0
[  564.511136]  kobject_uevent_env+0x234/0x1110
[  564.515541]  ? kasan_check_write+0x14/0x20
[  564.519790]  kobject_uevent+0x1f/0x30
[  564.523596]  lo_ioctl+0x1385/0x1d70
[  564.527235]  ? lo_rw_aio_complete+0x450/0x450
[  564.531737]  blkdev_ioctl+0x9cd/0x2030
[  564.535640]  ? lock_acquire+0x1e4/0x540
[  564.539623]  ? blkpg_ioctl+0xc40/0xc40
[  564.543519]  ? lock_release+0xa30/0xa30
[  564.547489]  ? save_stack+0xa9/0xd0
[  564.551112]  ? save_stack+0x43/0xd0
[  564.554730]  ? __fget+0x4d5/0x740
[  564.558190]  ? ksys_dup3+0x690/0x690
[  564.561889]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  564.566460]  ? kasan_check_write+0x14/0x20
[  564.570679]  ? do_raw_spin_lock+0xc1/0x200
[  564.574907]  block_ioctl+0xee/0x130
[  564.578527]  ? blkdev_fallocate+0x400/0x400
[  564.582834]  do_vfs_ioctl+0x1de/0x1720
[  564.586719]  ? ioctl_preallocate+0x300/0x300
[  564.591113]  ? __fget_light+0x2f7/0x440
[  564.595073]  ? fget_raw+0x20/0x20
[  564.598520]  ? trace_hardirqs_on+0xd/0x10
[  564.602658]  ? kmem_cache_free+0x22e/0x2d0
[  564.606879]  ? putname+0xf7/0x130
[  564.610322]  ? do_sys_open+0x3cb/0x720
[  564.614197]  ? security_file_ioctl+0x94/0xc0
[  564.618592]  ksys_ioctl+0xa9/0xd0
[  564.622037]  __x64_sys_ioctl+0x73/0xb0
[  564.625912]  do_syscall_64+0x1b9/0x820
[  564.629785]  ? finish_task_switch+0x1d3/0x870
[  564.634268]  ? syscall_return_slowpath+0x5e0/0x5e0
[  564.639184]  ? syscall_return_slowpath+0x31d/0x5e0
[  564.644105]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  564.649110]  ? __switch_to_asm+0x34/0x70
[  564.653157]  ? __switch_to_asm+0x34/0x70
[  564.657202]  ? __switch_to_asm+0x40/0x70
[  564.661255]  ? __switch_to_asm+0x34/0x70
[  564.665304]  ? __switch_to_asm+0x40/0x70
[  564.669352]  ? __switch_to_asm+0x34/0x70
[  564.673414]  ? __switch_to_asm+0x40/0x70
[  564.677467]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  564.682304]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  564.687491] RIP: 0033:0x456997
[  564.690674] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  564.709562] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  564.717257] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  564.724522] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  564.731786] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  564.739039] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  564.746303] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000012
15:23:43 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x400000000000000})

15:23:43 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]})

15:23:43 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x1c00, 0x0)

15:23:43 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1264, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:43 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x28eb0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:43 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6c000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:43 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:43 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]})

15:23:43 executing program 0 (fault-call:0 fault-nth:19):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:43 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x6c000000})

15:23:43 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x40000, 0x0)

15:23:43 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1278, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:43 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc91, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:43 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]})

15:23:43 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x5, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:43 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:43 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff]})

15:23:43 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa893, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:43 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0xf6ffffff})

[  565.230077] FAULT_INJECTION: forcing a failure.
[  565.230077] name failslab, interval 1, probability 0, space 0, times 0
[  565.241508] CPU: 1 PID: 20848 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  565.249999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  565.259354] Call Trace:
[  565.261951]  dump_stack+0x1c9/0x2b4
[  565.265594]  ? dump_stack_print_info.cold.2+0x52/0x52
[  565.270798]  should_fail.cold.4+0xa/0x11
[  565.274867]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  565.279969]  ? wait_for_completion+0x8d0/0x8d0
[  565.284547]  ? kasan_check_write+0x14/0x20
[  565.288778]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  565.293721]  ? mutex_unlock+0xd/0x10
[  565.297424]  ? kernfs_activate+0x21a/0x2c0
[  565.301651]  ? kernfs_walk_and_get_ns+0x340/0x340
[  565.306484]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  565.312009]  ? kernfs_link_sibling+0x1d2/0x3b0
[  565.316581]  ? lock_acquire+0x1e4/0x540
[  565.320541]  ? fs_reclaim_acquire+0x20/0x20
[  565.324853]  ? lock_downgrade+0x8f0/0x8f0
[  565.328992]  ? kernfs_get+0x30/0x30
[  565.332610]  ? check_same_owner+0x340/0x340
[  565.336923]  ? rcu_note_context_switch+0x730/0x730
[  565.341838]  ? sysfs_add_file_mode_ns+0x245/0x520
[  565.346669]  __should_failslab+0x124/0x180
[  565.350892]  should_failslab+0x9/0x14
[  565.354682]  kmem_cache_alloc_trace+0x2cb/0x780
[  565.359351]  ? device_create_file+0x1e0/0x1e0
[  565.363838]  kobject_uevent_env+0x20f/0x1110
[  565.368234]  ? kasan_check_write+0x14/0x20
[  565.372471]  kobject_uevent+0x1f/0x30
[  565.376264]  lo_ioctl+0x1385/0x1d70
[  565.379886]  ? lo_rw_aio_complete+0x450/0x450
[  565.384369]  blkdev_ioctl+0x9cd/0x2030
[  565.388246]  ? lock_acquire+0x1e4/0x540
[  565.392208]  ? blkpg_ioctl+0xc40/0xc40
[  565.396092]  ? lock_release+0xa30/0xa30
[  565.400062]  ? save_stack+0xa9/0xd0
[  565.403679]  ? save_stack+0x43/0xd0
[  565.407296]  ? __fget+0x4d5/0x740
[  565.410747]  ? ksys_dup3+0x690/0x690
[  565.414447]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  565.419017]  ? kasan_check_write+0x14/0x20
[  565.423236]  ? do_raw_spin_lock+0xc1/0x200
[  565.427471]  block_ioctl+0xee/0x130
[  565.431099]  ? blkdev_fallocate+0x400/0x400
[  565.435409]  do_vfs_ioctl+0x1de/0x1720
[  565.439287]  ? ioctl_preallocate+0x300/0x300
[  565.443680]  ? __fget_light+0x2f7/0x440
[  565.447641]  ? fget_raw+0x20/0x20
[  565.451091]  ? trace_hardirqs_on+0xd/0x10
[  565.455235]  ? kmem_cache_free+0x22e/0x2d0
[  565.459459]  ? putname+0xf7/0x130
[  565.462904]  ? do_sys_open+0x3cb/0x720
[  565.466782]  ? security_file_ioctl+0x94/0xc0
[  565.471180]  ksys_ioctl+0xa9/0xd0
[  565.474624]  __x64_sys_ioctl+0x73/0xb0
[  565.478503]  do_syscall_64+0x1b9/0x820
[  565.482379]  ? syscall_return_slowpath+0x5e0/0x5e0
[  565.487297]  ? syscall_return_slowpath+0x31d/0x5e0
[  565.492216]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  565.497222]  ? __switch_to_asm+0x34/0x70
[  565.501272]  ? __switch_to_asm+0x34/0x70
[  565.505320]  ? __switch_to_asm+0x40/0x70
[  565.509370]  ? __switch_to_asm+0x34/0x70
[  565.513416]  ? __switch_to_asm+0x34/0x70
[  565.517461]  ? __switch_to_asm+0x40/0x70
[  565.521513]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  565.526356]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  565.531536] RIP: 0033:0x456997
[  565.534717] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  565.553608] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  565.561314] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  565.568591] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
15:23:43 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3040000]})

15:23:44 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7a, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:44 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:44 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127d, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:44 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x4, 0x0)

[  565.575849] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  565.583108] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  565.590373] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000013
15:23:44 executing program 0 (fault-call:0 fault-nth:20):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:44 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x6cfe000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:44 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x403]})

15:23:44 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x2d00})

15:23:44 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x40081271, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:44 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf85c0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:44 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x2805, 0x0)

15:23:44 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

15:23:44 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x400000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:44 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:44 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x68)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:44 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]})

[  565.853178] FAULT_INJECTION: forcing a failure.
[  565.853178] name failslab, interval 1, probability 0, space 0, times 0
[  565.864554] CPU: 0 PID: 20895 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  565.873048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  565.882398] Call Trace:
[  565.884987]  dump_stack+0x1c9/0x2b4
[  565.888630]  ? dump_stack_print_info.cold.2+0x52/0x52
[  565.893815]  ? is_bpf_text_address+0xd7/0x170
[  565.898296]  should_fail.cold.4+0xa/0x11
15:23:44 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x401070cd, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  565.902349]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  565.907439]  ? save_stack+0xa9/0xd0
[  565.911056]  ? save_stack+0x43/0xd0
[  565.914667]  ? kasan_kmalloc+0xc4/0xe0
[  565.918536]  ? kmem_cache_alloc_trace+0x152/0x780
[  565.923364]  ? kobject_uevent_env+0x20f/0x1110
[  565.927926]  ? kobject_uevent+0x1f/0x30
[  565.931892]  ? blkdev_ioctl+0x9cd/0x2030
[  565.935950]  ? block_ioctl+0xee/0x130
[  565.939756]  ? do_vfs_ioctl+0x1de/0x1720
[  565.943822]  ? ksys_ioctl+0xa9/0xd0
[  565.947456]  ? __x64_sys_ioctl+0x73/0xb0
[  565.951535]  ? do_syscall_64+0x1b9/0x820
[  565.955596]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  565.960962]  ? lock_acquire+0x1e4/0x540
[  565.964937]  ? fs_reclaim_acquire+0x20/0x20
[  565.969531]  ? lock_downgrade+0x8f0/0x8f0
[  565.973685]  ? check_same_owner+0x340/0x340
[  565.978026]  ? rcu_note_context_switch+0x730/0x730
[  565.982952]  ? kasan_check_read+0x11/0x20
[  565.987104]  __should_failslab+0x124/0x180
[  565.991337]  should_failslab+0x9/0x14
[  565.995135]  __kmalloc+0x2c8/0x760
[  565.998682]  ? kobject_get_path+0xc2/0x1a0
[  566.002916]  kobject_get_path+0xc2/0x1a0
[  566.006984]  kobject_uevent_env+0x234/0x1110
[  566.011391]  ? kasan_check_write+0x14/0x20
[  566.015650]  kobject_uevent+0x1f/0x30
[  566.019457]  lo_ioctl+0x1385/0x1d70
[  566.023092]  ? lo_rw_aio_complete+0x450/0x450
[  566.027587]  blkdev_ioctl+0x9cd/0x2030
[  566.031472]  ? lock_acquire+0x1e4/0x540
[  566.035444]  ? blkpg_ioctl+0xc40/0xc40
[  566.039332]  ? lock_release+0xa30/0xa30
[  566.043318]  ? save_stack+0xa9/0xd0
[  566.046950]  ? save_stack+0x43/0xd0
[  566.050580]  ? __fget+0x4d5/0x740
[  566.054053]  ? ksys_dup3+0x690/0x690
[  566.057761]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  566.062339]  ? kasan_check_write+0x14/0x20
[  566.066566]  ? do_raw_spin_lock+0xc1/0x200
[  566.070800]  block_ioctl+0xee/0x130
[  566.074425]  ? blkdev_fallocate+0x400/0x400
[  566.078742]  do_vfs_ioctl+0x1de/0x1720
[  566.082632]  ? ioctl_preallocate+0x300/0x300
[  566.087035]  ? __fget_light+0x2f7/0x440
[  566.091014]  ? fget_raw+0x20/0x20
[  566.094467]  ? trace_hardirqs_on+0xd/0x10
[  566.098613]  ? kmem_cache_free+0x22e/0x2d0
[  566.102847]  ? putname+0xf7/0x130
[  566.106305]  ? do_sys_open+0x3cb/0x720
[  566.110206]  ? security_file_ioctl+0x94/0xc0
[  566.114612]  ksys_ioctl+0xa9/0xd0
[  566.118068]  __x64_sys_ioctl+0x73/0xb0
[  566.121959]  do_syscall_64+0x1b9/0x820
[  566.125843]  ? finish_task_switch+0x1d3/0x870
[  566.130337]  ? syscall_return_slowpath+0x5e0/0x5e0
[  566.135660]  ? syscall_return_slowpath+0x31d/0x5e0
[  566.140592]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  566.145608]  ? __switch_to_asm+0x34/0x70
[  566.149663]  ? __switch_to_asm+0x34/0x70
[  566.155425]  ? __switch_to_asm+0x40/0x70
[  566.159487]  ? __switch_to_asm+0x34/0x70
[  566.163544]  ? __switch_to_asm+0x40/0x70
[  566.167603]  ? __switch_to_asm+0x34/0x70
[  566.172263]  ? __switch_to_asm+0x40/0x70
[  566.176329]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  566.181176]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  566.186721] RIP: 0033:0x456997
15:23:44 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x9684, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  566.189917] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  566.208815] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  566.216535] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  566.223797] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  566.231060] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  566.238326] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  566.245593] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000014
15:23:44 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x6800})

15:23:44 executing program 0 (fault-call:0 fault-nth:21):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:44 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})

15:23:44 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4f6c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:44 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x1, 0x20100)
ioctl$KDSKBLED(r1, 0x4b65, 0x100000000)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000340)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f00000003c0)={0x12, 0x10, 0xfa00, {&(0x7f0000000300), r3, r1}}, 0x18)
recvfrom$inet(r0, &(0x7f0000000000)=""/154, 0x9a, 0x3, &(0x7f00000000c0)={0x2, 0x4e23, @multicast2}, 0x10)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000180))

15:23:44 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x2, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:44 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]})

15:23:44 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:45 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6800, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:45 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x7400})

[  566.523834] FAULT_INJECTION: forcing a failure.
[  566.523834] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  566.535677] CPU: 0 PID: 20930 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  566.544157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  566.553499] Call Trace:
[  566.556087]  dump_stack+0x1c9/0x2b4
[  566.559717]  ? dump_stack_print_info.cold.2+0x52/0x52
[  566.564907]  ? kernfs_activate+0x8e/0x2c0
[  566.569061]  should_fail.cold.4+0xa/0x11
[  566.573121]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  566.578228]  ? kernfs_add_one+0x4f/0x4d0
[  566.582294]  ? kernfs_activate+0x21a/0x2c0
[  566.586532]  ? lock_downgrade+0x8f0/0x8f0
[  566.590696]  ? trace_hardirqs_on+0x10/0x10
[  566.594941]  ? kasan_check_read+0x11/0x20
[  566.599090]  ? do_raw_spin_unlock+0xa7/0x2f0
[  566.603501]  ? idr_alloc+0x1b0/0x1b0
[  566.607215]  ? kernfs_add_one+0x2d4/0x4d0
[  566.611359]  ? lock_downgrade+0x8f0/0x8f0
[  566.615505]  ? kasan_check_write+0x14/0x20
[  566.619749]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  566.624673]  ? __kernfs_new_node+0x692/0x8d0
[  566.629083]  ? wait_for_completion+0x8d0/0x8d0
[  566.633661]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  566.638415]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  566.643951]  ? should_fail+0x246/0xd86
[  566.647843]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  566.652948]  __alloc_pages_nodemask+0x36e/0xdb0
[  566.657611]  ? kasan_check_write+0x14/0x20
[  566.661843]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  566.666790]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  566.671803]  ? mutex_unlock+0xd/0x10
[  566.675515]  ? kernfs_activate+0x21a/0x2c0
[  566.679744]  ? kernfs_walk_and_get_ns+0x340/0x340
[  566.684587]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  566.690125]  ? lock_acquire+0x1e4/0x540
[  566.694097]  ? fs_reclaim_acquire+0x20/0x20
[  566.698417]  ? lock_downgrade+0x8f0/0x8f0
[  566.702578]  ? lock_release+0xa30/0xa30
[  566.706566]  ? kernfs_get+0x30/0x30
[  566.710194]  ? check_same_owner+0x340/0x340
[  566.714518]  cache_grow_begin+0x91/0x710
[  566.718584]  kmem_cache_alloc_trace+0x6a5/0x780
[  566.723259]  ? device_create_file+0x1e0/0x1e0
[  566.727749]  kobject_uevent_env+0x20f/0x1110
[  566.732150]  ? kasan_check_write+0x14/0x20
[  566.736388]  kobject_uevent+0x1f/0x30
[  566.740186]  lo_ioctl+0x1385/0x1d70
[  566.743816]  ? lo_rw_aio_complete+0x450/0x450
[  566.748322]  blkdev_ioctl+0x9cd/0x2030
[  566.752204]  ? lock_acquire+0x1e4/0x540
[  566.756175]  ? blkpg_ioctl+0xc40/0xc40
[  566.760058]  ? lock_release+0xa30/0xa30
[  566.764029]  ? save_stack+0xa9/0xd0
[  566.767652]  ? save_stack+0x43/0xd0
[  566.771278]  ? __fget+0x4d5/0x740
[  566.774730]  ? ksys_dup3+0x690/0x690
[  566.778441]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  566.783019]  ? kasan_check_write+0x14/0x20
[  566.787249]  ? do_raw_spin_lock+0xc1/0x200
[  566.791492]  block_ioctl+0xee/0x130
[  566.795118]  ? blkdev_fallocate+0x400/0x400
[  566.799434]  do_vfs_ioctl+0x1de/0x1720
[  566.803321]  ? ioctl_preallocate+0x300/0x300
[  566.807723]  ? __fget_light+0x2f7/0x440
[  566.811696]  ? fget_raw+0x20/0x20
[  566.815157]  ? trace_hardirqs_on+0xd/0x10
[  566.819300]  ? kmem_cache_free+0x22e/0x2d0
[  566.823531]  ? putname+0xf7/0x130
[  566.826978]  ? do_sys_open+0x3cb/0x720
[  566.830866]  ? security_file_ioctl+0x94/0xc0
[  566.835272]  ksys_ioctl+0xa9/0xd0
[  566.838722]  __x64_sys_ioctl+0x73/0xb0
[  566.842606]  do_syscall_64+0x1b9/0x820
[  566.846486]  ? finish_task_switch+0x1d3/0x870
[  566.850978]  ? syscall_return_slowpath+0x5e0/0x5e0
[  566.855921]  ? syscall_return_slowpath+0x31d/0x5e0
[  566.860850]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  566.865877]  ? __switch_to_asm+0x34/0x70
[  566.869967]  ? __switch_to_asm+0x34/0x70
[  566.874021]  ? __switch_to_asm+0x40/0x70
[  566.878075]  ? __switch_to_asm+0x34/0x70
[  566.882135]  ? __switch_to_asm+0x40/0x70
[  566.886189]  ? __switch_to_asm+0x34/0x70
[  566.890244]  ? __switch_to_asm+0x40/0x70
[  566.894303]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  566.899148]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  566.904329] RIP: 0033:0x456997
15:23:45 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]})

[  566.907537] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  566.926431] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  566.934137] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  566.941411] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  566.948672] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  566.955936] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  566.963198] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000015
15:23:45 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x301, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:45 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x600000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  566.995294] f2fs_msg: 38 callbacks suppressed
[  566.995306] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  567.006969] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  567.024826] F2FS-fs (loop0): journaled quota format not specified
15:23:45 executing program 4:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer\x00', 0x111000, 0x0)
getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000400), &(0x7f0000000440))
kexec_load(0x95, 0x2, &(0x7f0000000100)=[{&(0x7f0000000640)="6db6189fc3f7780b928ccde9888d58e37839fc1b40e94519cf22d496de63442d49c5c924ccc2b92ea0e914d0a890201bca417fbc7690c950aff0519487bf6343a4b11c31d90caac4ba47bec943444b309ad8bc374e6e1e82ca006d7cbd6500fbbf2ff27fc6919f3222e1c440374a795563856f708d7804d06ec87fd73baddb59a815e4ea385d5c028ecbcacc5d43721c7248752daf7f02d3cf5ce0a3c546efbf0c855be72c388189fe990fb3ae004d565604e175569e93846660a3aa426287bb3072b3dea8b818136075057ddfcdc0c9a0d25aed9dd191e74ba22700aae786a07c9f999112087ddddc8c963fe17d50011a611a8a76cd0cf5b89a067a34dbe36c77d6c6b07726dfa451db89884b45fc0a9c1e28419427259c6dc650bf9a23e8dd6493ca175c6de11ea1097faa4f9cf342f04f103b1dc19e1b2796b3b607fd377cc1c0698889dbc84f58694db971d6e9098b0122d5c2c9ba7b5e81023030213886dc19f77846b2e5dee42805b957c69ed1862016eedd20685c0a4283029b4af37674426ad6e9a0042e5884afa406f8acebd290c3187d3fb9b90de874bb503c9099adce544b0344358dfbcd9789d1847d6bab11649f228d52e5993fcda596f8316bd3359c0312cbb5b04074433d3e2dd93395a36595b54bde0e9803d2823de14b7b11bc8d85ef0b24df4f570abd9bc05b487ac749ca20a89cbd33f9047cd76f4bdc23737e8cc30a372c244002db0df70d014b7795141b3567e2bb58627a06b99a850e12763bb90fdd533924094c2341f41a62161583b15e2586d91dc3c4601448f865bc5efe8b6e68feff35bc47dc0bbc6d1e1ded5f1c104136b49feeb12035ba57c0a3a1e6cc3bd54c082c6a8abd8805b0c0d83437628ccbb400b8bee41d9cf4e8974f44e2b1974f09461e122b93bb65beb8f3fee167b2f1b31fa91936636a3b509defc19d2528047300cbb2b8009c6d2a726906a2ba21c7008d684a55eed27f3c9a9e902b31c2bf75c65e8004ef0f4e95f143a62a7b169b2379c04c7eeb198682487a8d9df2114d6dd963d02fc6affdbdc386e93c05f1def43b2ffacf038a7f68cdd5ae7602a2329a5642adb37c24c5a1e004e9d52b578f9e8dc8ea443d95b23d73ff563ecd3449c757c0d64148c6833a576800130d4bf628f66024b433aae170b9fca8288b2f3c01136f5da542b116625a8046d5cb9763219806aff122c0773344e4cd6486fbb592113d283af61d3f5776e9e5350df1d8431258ec04ada6656a448bf091a443aa6dbe80630d8111dee437a78b62a450b3769ff9d51a28ca38267e217b88bc2f02491d6d628a0c4d74c752c0c48466dfa363f503fbe2da3922494469e24d559fffab289322a21c8da3065db18d6e4b9a1fcab749611b4ee386c2d75b198fca7f45f3a828645377970558120c930bddacca5a554e1e216c5749ab8c17d2ed813a7fd9c2d2b9cc5481f62b793275d1035587ccda23e843acae9099d77d07fba0e107cf13d005287217c848e0d8940b89ab43e1cb2a431323934195f6e4eef01e322a4680001ebf748ef35b3803c6c8d127ec6ffb17eb34148d8d39d6d90c09e003c488619ae1bde830c2c2abdaf9e99aedde71ea74b82ff490a24d6aec249e45eb4512671ca40f46a1c0c8815a0ea2f0caca838a8245c322c90a44a096a616d00d4eb2ab5c40b225e53857446c819899fd65b6e90b1e83bfc7a4346af4a690c03c2bab8f608db96adfe9e32279a144d920540064e778403e10753b56a2943e059aa365e9ca75f4d7b3a13eb6d63d8042bc33649cc15ec7beb2e8a248d4a9b833e220cb2607071fbdd982bb1493ba8c0e483b0d420d28a79ed4bd90ca0a5da793c3ca4d2a5a27d753fa4381dc7da883123c0580905f4ff142f99a11c26e76871dd7181c459c5a09c32150041be021f3e1fd2666767ad0224af4f6c131e679c96a03c243b2a8cb6859da2e6e3ec0ae38616fa251504bdf1f529a6e35c10218c71ee4b53631c1b600f577cbfab66aff32e93c143b728cd0d7ba271279c5298299d12cccddf2e8288775382c64c4e76c72ae332ee6b85b4d62729c197d3c11d007934e9077f4124614a0fe1f1a1e502ab482997f3e037b643a5fd04a2e6e120a4688838e1280c7f5f9511df5ade2e105388fb811435ebee49ebf10da2060325ef9af440551d2ff4b6b15327a3a620c590f97d64515ce22e9e158e023c625f7e00f2b0ef463a165af443542da1b425778a941b28e82978c7675bbd9bd1bddf50d72035730ada8f4b2c6884752ac1d55795433e8316e6b64bdc6610cccdd1ceecda32e61d6e9392f4724a3402070f4a7b87c1ff2d09c669aec7716ea7306ec46bb4f1a693fb522567452371be24f0e560ea27261c6806075d4d994360cc1dfa45a1e641482943c914c4566ad834a7d8bf253c1be9cc7f5de1d3c140372033dd1f14d7672bb8f819a193693345fc55735fa6bf572bf7aecac413aa4434b890743ef6f9fc7abe75aa88babdc2099cb887cb5fa1052071895c68b17c35b61964388f8d545dd6bbca09e700983f8681e8ce1caf7f715fbef5df0820a33ba67e42f099c194cc382d4755cdb54c142c3453fc63cb930800f594b19a5ee54ab7d30bed6967e44e417774d0d814e295d1873f11b754f2f37bccd6f07bc707970ea9a80c60eac3753b4587573837aa0e3c8e170d67adcec696e19f661d7e5f861d1ea7a514e4b40ea3ffbf78e7240715a6c4f8494cacd8c1feacf147147b74cd12da5bd85de2b798b7e0b1cba7f98fbe53b28a201983c1b8b7af90f0cb396395d6eb431f6555c5783014e70c04776164371b1c3ec0952bd18c40cdb61b96cd1016a21c76ffc184faaa8f13ca2ad37b26f3d02f40775d8abb3021d732a7f45d2ef9a5ef50b168727dc30fa01bd4d0150efc0257db0faa60973c42318ee01e3a69c75a42f5de95e45878cef02a305230952d5853559bd1eb2cb018650da973b250b7032584a0cc43dbe9390214012f70b49596012c30e25375528763631ab405f037d78a55014259335888eccba72d1a2f3ab4da6d9d6a6837c69837a5f55db5ac4aaeed850e6a6ebe0cd0f7fa5a50d28d27d1342f2fb90fece6cd7876e042d1a2f754a459107cd25bccd93c4c638d0ff9e7e4afb36da1214aaf9e96fda81e0a5c7c2571770a4c69df274b428563056d659cd635ce972744e272068e85d385d618a495ef77f3c24bbfdcde76250b4f187b4507978d5116f79152b0866107c416dbf311da74f25daed2e473eafbf6fe6f3553a17eae75fd745c4a425d81efa6104c3f3fef66efd7019c50345be312494180662ccd929c8ded00502799c43deaa6655dbdcc824c85ce65db25b2edb85735cbed7f9ae0e441d1745d72856ac58d5536ce09ce80a995303a212c815a73b2e39c721095a6f470b3a8f24e57f4fc5a58b0ad8db5643f322690651dfdf56b3161d1d0ae9b5140a1626fa3918282594fab9a5033be9d97040751645b9e409bc2e8a32a26765bae03604e28a3c9a8037b241e939fe1109e31166c8036f5cf25421c46ea8322e914c90300c0c6b16003b28b8a74447b4aa35b25e8e2318f75a9daab8cddacdf2c24dc844a6cde159a90700c3b4590dff56018bfaf72048c3e5a97726a9e7d41e3f8b41666827564b6256a843620a6c0d3f43b75b471214e61f9510a57574b6ea00c0ba89ddd1dea7789df5958327293cd642188978f63e1c4a7a9019a457cfe33efd740fe97b2686ae215863f61dcc05c5956cf9483fd8e6a3aea8c514925d4de3b0a3c7c7c62bb6168ae1cbae6b516643cd8d92c77f26888472cef761900d341462a6ee6b8ca1b97691d8228e4f6233c1d947d5b98a5a593b1c9f44120515fff7ffa7969d8c7beb8f4a1c3107ab47b779e0746b8d7157f70c52daa5ec36e0d8e7af678ecf4b7dceb1ceafe66e5c818214383871fd1c8b10bb0d64fb35ba873ab03b3480cb66aa86fc88b7d92d171f5efa8f7385113991a89179069f41ff5544da681535f4e1902244c54e3fe801ff44c2062934da1c50ac7bb92c0211c5665580b392df7cb0fb711e7df69befd46c3626247cb756c4332f5b6925aae5fc9fff4e45bb2eb5815c4e988be84f4bc1ff1f0919eaa357272be6f59414ae9e0e07b3649ddb309e6e18f6e005b26bb81288cb4a54c968ca0c845cdbaba3e72d7b457b2f229e9294401b6a672ed823d33d5832fd704804a1c7ba7d3feaed97fa88fe7178dff18cade2e107b211700c24afee1f984b024aa965a22326be83e3531105b7fe851a039072f0a6bcb2dee47ec78d23cc0a196ddfae2bd382c8eccdf05711958c2b5f33aa1645b0a5b6c609fe70a460abf1b04ac6854bb3432a12ea7b957dda3f3094550f4ed312df43baf0d840105e28ebcede39633e83766689bce71b2f909053373640453251e8a471d447597a118b3311210295a8560fc835c475bcc62e83ef682284381ddd375b2cd903f3fcf600d940b34ffd4542f810b292371fe03faa4b7f53caad728d3c9ed876b80a1b46f71bf82243b254388cf1ab28e06ffd898c04dda73aa9b4fcfad040260f57b81bbd48ac1689d25c66e5f7487d7ba321972f7180317fc74d689e974ee4b4c68dc406e5d93acc85c884b65ad6849f82fcd2cf3b12c910d41cb8ae088a314fa57848858c18e183b7fb75188baa3f748cfca18672f885fa8168a2655aeb7b1d528bd36fd40119be057080cd44fad90f146f9b5f52874dd74270dafe5f5c1a95c34cf6bab39c22c66745e064bae9a726b918f80e90799e2ab632f051264cf818689d44c9c9c43552cb56ee5f4c9fa68fce932a4cbfb4dd87ad1ba4dec6a163dc951bc0bef7747a5b15e1af563efb6ed95937d65f160f3494df208a08464f9b933663a246d47f5a6f1b5aee4769a1e93b1f5f9cf98afb75d33f2473b5838c9afc4ca524ad09bc346c6ed80f651f7b2623af56076179766198e621f5f2ce47943f7ac22bb01a14d759aaae43fcb245ecf2bb7af261e11677a8e47ca98a68c68f96284e462699a4ddd69430f76451efb7ad9520a76a231eac229e2262a4f1ae7d7dcdbef912cf76994cb4ffa78d53f2e5031bc304b26161aefb9f0d22923d511f88fd3308e7619c30b3796597998142af2b9a7b4b7cd4b72d94b70d0292439e676fb4dce40327fd594d558ab4b83ef33c502afe2a6f29fc6f4c977cfba426569e16332e3e1bfd0a7a62d2615ecff0b11df8596f5af1534c84c82f28c1f3112ed4aeeab760c12ef54898d26297f0920237b6c3c7f4f57d0abf9fa26d4392b83de843b531ebcf0babfd0a7b95333beb470256c37b2913162c406c8a4b106b92f97e1a1fa557e1a12dc55fdd281906a4617eb31fb96d76306ddf85cc38eae2d529fdf60d01710e59045929fd1c089a3591a7fe94b1da4b0441df868a902bc8a478fe0e65b0def0173aa87f7f05085aed6f2a219e65ee6b9200f6619a1d9e3edb37a6ac91dfcae98b9b2d33c424c37d68c1f0a184cf0344f92bad04d032139f23b29255a3e301d794b63ae4902d268d3c8313f46b556357fbacf7dbb5f8f00fa4b9108fdbfd6efe7042ba74bc1749409fff65b286cf8e91a34be2bdd3ad5fbd2b0a46e145502a0e8e7513eb0d108d7bdcb8558dc7e3c5f03bcc1fffcbc2b4bd3d8a1b9f540790bdbab25c8bf691cc8f325fcdb7d6e07eaa84e833aa262073fadd4f239772843920889088564e3aa24e6600d2d751f5056df0d6c1a57f6730605540f4b417c2ff41f58addfbdfba805483be641d56aafbfc09cfd8984d70d28b27cf8df3a4b8", 0x1000, 0x9ff6, 0x1}, {&(0x7f0000000040)="656c12586678d38ea174f7d6a181aea4e3c916097f6a5aa10fde195184c72962268340abff024312b06dae2c44f85818efcbf69ce9d6014135c796648edb6027764b4e24f541d8d907f3d1183cba00e1b2656832cd95f9acda5c85430289bd2b53e0b0cf601f3e5a82dfa98792bf8763e68fb6ef2ed3fe5c226a47e000db36e15c90ccffc5bb0acbf90fa2d01a44280969ace6eded9519758a807bf2b07ada459e7e77baba29fef308f235f2e5d1", 0xae, 0x45c9}], 0x3e0001)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x3f, &(0x7f0000000000)=0x4, 0x4)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x45)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000300)=[@in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e20, 0x4, @local, 0x6}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e23, 0x10000, @loopback, 0x714}, @in6={0xa, 0x4e21, 0x3f, @remote, 0x199}, @in6={0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0x18}, 0x5}, @in={0x2, 0x4e23, @broadcast}, @in={0x2, 0x4e21}], 0xb0)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000001640)="0a80000704315f85572e9c49134741700ab6420c7de8fc759ebb165233d5f14b84fcd073a79ec697bc1eb46b421b6ff1dc8dcd31db040280f966c70c8a0a6cd2c776a055a2f20082393a57bcd3964d7e2c4bbfca722fa941201135b280975f23d8f9ccecfef0dbb17b8a0df6c198d5a8ef540698a0f4733bbe6c8a169a37af592a3f8947d15618e71bd0dc2dd44c8f5d9235d03b348c16bc26c9aad391a91c349b416f3bcfe25a4e47adde9fde88fb4b43f614e160949a6a88f27ab101452fb34ade9b62ccd5e5ee40350bbf685cab50658d64067ae3c91f28a30b5cd14cc9c93eaea003702d726a0aa19c50d62a86bc871c1d0d96259a9846f3baa62413825da28edaa78eca37d999540eebf9c7ffd03d0000002bf2bd92a969ec")
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x2b9, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5, 0x1}}], 0x1, 0x0, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x2d, &(0x7f0000000480)=""/206, &(0x7f0000000400)=0xce)

15:23:45 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]})

15:23:45 executing program 0 (fault-call:0 fault-nth:22):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  567.050824] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  567.057954] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  567.069444] F2FS-fs (loop0): journaled quota format not specified
15:23:45 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434ff", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:45 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127c, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:45 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x300000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:45 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304000000000000]})

15:23:45 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x0, 0x408000)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r3=>0x0})
lseek(r2, 0x0, 0x2)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f0000000080)=r3)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  567.249696] FAULT_INJECTION: forcing a failure.
[  567.249696] name failslab, interval 1, probability 0, space 0, times 0
[  567.260967] CPU: 1 PID: 20977 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  567.269455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  567.278820] Call Trace:
[  567.281415]  dump_stack+0x1c9/0x2b4
[  567.285057]  ? dump_stack_print_info.cold.2+0x52/0x52
[  567.290252]  ? lock_acquire+0x1e4/0x540
[  567.294230]  ? is_bpf_text_address+0xae/0x170
15:23:45 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]})

15:23:45 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x125d, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:45 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x200000, 0x0)
ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000040)={0x9, 0xc, 0xe, 0x19, 0x7, 0xffffffffffffffff, 0x1, 0xf0, 0xffffffffffffffff})
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  567.298728]  ? lock_downgrade+0x8f0/0x8f0
[  567.302887]  should_fail.cold.4+0xa/0x11
[  567.306963]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  567.312070]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  567.316743]  ? is_bpf_text_address+0xd7/0x170
[  567.321241]  ? kernel_text_address+0x79/0xf0
[  567.325654]  ? __kernel_text_address+0xd/0x40
[  567.330148]  ? unwind_get_return_address+0x61/0xa0
[  567.335082]  ? __save_stack_trace+0x8d/0xf0
[  567.339415]  ? lock_acquire+0x1e4/0x540
[  567.343393]  ? fs_reclaim_acquire+0x20/0x20
[  567.347718]  ? lock_downgrade+0x8f0/0x8f0
[  567.351872]  ? __alloc_skb+0x155/0x770
[  567.355764]  ? check_same_owner+0x340/0x340
[  567.360097]  ? block_ioctl+0xee/0x130
[  567.363901]  ? do_vfs_ioctl+0x1de/0x1720
[  567.367966]  ? ksys_ioctl+0xa9/0xd0
[  567.371598]  ? rcu_note_context_switch+0x730/0x730
[  567.376538]  __should_failslab+0x124/0x180
[  567.380779]  should_failslab+0x9/0x14
[  567.384588]  kmem_cache_alloc+0x2af/0x760
[  567.388752]  ? lock_acquire+0x1e4/0x540
[  567.392748]  skb_clone+0x1be/0x500
[  567.396297]  ? refcount_add_not_zero_checked+0x320/0x330
[  567.401750]  ? skb_split+0x11f0/0x11f0
[  567.405643]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  567.410666]  ? netlink_trim+0x1ba/0x380
[  567.414638]  ? netlink_skb_destructor+0x210/0x210
[  567.419487]  netlink_broadcast_filtered+0x10b7/0x1620
[  567.424677]  ? __netlink_sendskb+0xd0/0xd0
[  567.428910]  ? pointer+0x990/0x990
[  567.432437]  ? device_get_devnode+0x2e0/0x2e0
[  567.436916]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  567.442437]  ? refcount_inc_not_zero_checked+0x1e5/0x2f0
[  567.447871]  ? refcount_add_not_zero_checked+0x330/0x330
[  567.453308]  ? netlink_has_listeners+0x2cf/0x4a0
[  567.458064]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  567.463095]  netlink_broadcast+0x3a/0x50
[  567.467147]  kobject_uevent_env+0x829/0x1110
[  567.471555]  ? kasan_check_write+0x14/0x20
[  567.475781]  kobject_uevent+0x1f/0x30
[  567.479563]  lo_ioctl+0x1385/0x1d70
[  567.483192]  ? lo_rw_aio_complete+0x450/0x450
[  567.487692]  blkdev_ioctl+0x9cd/0x2030
[  567.491581]  ? lock_acquire+0x1e4/0x540
[  567.495550]  ? blkpg_ioctl+0xc40/0xc40
[  567.499427]  ? lock_release+0xa30/0xa30
[  567.503393]  ? save_stack+0xa9/0xd0
[  567.507006]  ? save_stack+0x43/0xd0
[  567.510624]  ? __fget+0x4d5/0x740
[  567.514063]  ? ksys_dup3+0x690/0x690
[  567.517762]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  567.522343]  ? kasan_check_write+0x14/0x20
[  567.526568]  ? do_raw_spin_lock+0xc1/0x200
[  567.530785]  block_ioctl+0xee/0x130
[  567.534404]  ? blkdev_fallocate+0x400/0x400
[  567.538720]  do_vfs_ioctl+0x1de/0x1720
[  567.542598]  ? ioctl_preallocate+0x300/0x300
[  567.546987]  ? __fget_light+0x2f7/0x440
[  567.550952]  ? fget_raw+0x20/0x20
[  567.554387]  ? trace_hardirqs_on+0xd/0x10
[  567.558519]  ? kmem_cache_free+0x22e/0x2d0
[  567.562734]  ? putname+0xf7/0x130
[  567.566169]  ? do_sys_open+0x3cb/0x720
[  567.570052]  ? security_file_ioctl+0x94/0xc0
[  567.574443]  ksys_ioctl+0xa9/0xd0
[  567.577889]  __x64_sys_ioctl+0x73/0xb0
[  567.581816]  do_syscall_64+0x1b9/0x820
[  567.585695]  ? syscall_return_slowpath+0x5e0/0x5e0
[  567.590618]  ? syscall_return_slowpath+0x31d/0x5e0
[  567.595541]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  567.600548]  ? __switch_to_asm+0x34/0x70
[  567.604594]  ? __switch_to_asm+0x34/0x70
[  567.608635]  ? __switch_to_asm+0x40/0x70
[  567.612675]  ? __switch_to_asm+0x34/0x70
[  567.616727]  ? __switch_to_asm+0x34/0x70
[  567.620775]  ? __switch_to_asm+0x40/0x70
[  567.624830]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  567.629668]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  567.634845] RIP: 0033:0x456997
15:23:46 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]})

15:23:46 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x54b70000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:46 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6c00, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:46 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f0000000180)={0xc4, 0xbef, &(0x7f0000000000)="93fb6078e2fb63e6b8b6db89bf4075f3548dc9c232946e285bc3c753383bdfb7f77b602e476b5a3d4d67f8c72249f584e2535f377fb24a9482149266ded6277f989684fbe6a261a74412134a31d287283cfe2668dc75f8e9653e4af25b431bde06d8471ec3f939eaa89b461c19e4d50a307d95940e38b95a9529c77e751861e342fa414f37dd5bc6182b8eab5c0e6fb0747f8b598c0fb23333953f07f7fc8a1fa45e22ba0a882c1be6f8a5b02a3fd388f2ba425a5717534450", &(0x7f00000000c0)="e7cd0f1a7270f559c5a55708cf38ebea98dd052f24e2e935bf277a9f0cfcc93a174e4ae3c193c7a3de73770a2597984f76802240fbbccf88fd510316e4a1d001a9c57a6b9d3490c90d5af19ba1cfb918f968ef627feb7da801561427c6b38e9ccac9f54b345cb1381928c0f9759a3f8de67bdc463b8944", 0xb9, 0x77})

15:23:46 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1267, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:46 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x2000})

[  567.638020] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  567.656988] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  567.664679] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000456997
[  567.671931] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015
[  567.679181] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  567.686438] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  567.693694] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000016
15:23:46 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743402", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  567.732788] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  567.739998] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  567.778458] F2FS-fs (loop0): journaled quota format not specified
[  567.795496] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  567.812995] EXT4-fs: 37 callbacks suppressed
[  567.813007] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:46 executing program 0 (fault-call:0 fault-nth:23):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:46 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x403]})

15:23:46 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x700, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:46 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x2, [<r2=>0x0, 0x0]}, &(0x7f0000000040)=0xc)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000080)={r2, 0x8}, 0x8)

15:23:46 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127f, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:46 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7400, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  567.831711] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  567.856814] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  567.866628] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  567.918391] EXT4-fs (sda1): quotafile must be on filesystem root
[  567.928412] FAULT_INJECTION: forcing a failure.
[  567.928412] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  567.940232] CPU: 1 PID: 21033 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  567.948715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  567.958062] Call Trace:
[  567.960659]  dump_stack+0x1c9/0x2b4
15:23:46 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000000)=0x5)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:46 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]})

[  567.961757] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  567.964289]  ? dump_stack_print_info.cold.2+0x52/0x52
[  567.964312]  ? trace_hardirqs_off+0xd/0x10
[  567.964336]  should_fail.cold.4+0xa/0x11
[  567.983822]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  567.988930]  ? trace_hardirqs_off+0xd/0x10
[  567.993173]  ? wait_for_completion+0x8d0/0x8d0
[  567.997766]  ? __kasan_slab_free+0x131/0x170
[  568.002197]  ? trace_hardirqs_on+0x10/0x10
[  568.006442]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  568.011991]  ? filemap_check_errors+0xd8/0x110
15:23:46 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xcd34, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:46 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})

15:23:46 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xa821, 0x101000)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f0000000040), 0x4)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  568.016581]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  568.022124]  ? mutex_unlock+0xd/0x10
[  568.025843]  ? lo_ioctl+0xe6/0x1d70
[  568.029485]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  568.035034]  ? should_fail+0x246/0xd86
[  568.038929]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  568.044035]  ? blkpg_ioctl+0xc40/0xc40
[  568.047931]  __alloc_pages_nodemask+0x36e/0xdb0
[  568.052609]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  568.057624]  ? save_stack+0xa9/0xd0
[  568.061254]  ? save_stack+0x43/0xd0
[  568.064883]  ? __fget+0x4d5/0x740
[  568.068339]  ? lock_acquire+0x1e4/0x540
[  568.072317]  ? fs_reclaim_acquire+0x20/0x20
[  568.076640]  ? lock_downgrade+0x8f0/0x8f0
[  568.080784]  ? lock_release+0xa30/0xa30
[  568.084759]  ? check_same_owner+0x340/0x340
[  568.089084]  cache_grow_begin+0x91/0x710
[  568.093150]  kmem_cache_alloc+0x689/0x760
[  568.097296]  ? fget_raw+0x20/0x20
[  568.100749]  getname_flags+0xd0/0x5a0
[  568.104548]  do_mkdirat+0xc5/0x310
[  568.108084]  ? __ia32_sys_mknod+0xb0/0xb0
[  568.112229]  ? fput+0x130/0x1a0
[  568.115504]  ? ksys_ioctl+0x81/0xd0
[  568.119128]  __x64_sys_mkdir+0x5c/0x80
[  568.123012]  do_syscall_64+0x1b9/0x820
[  568.126898]  ? finish_task_switch+0x1d3/0x870
[  568.131391]  ? syscall_return_slowpath+0x5e0/0x5e0
[  568.136321]  ? syscall_return_slowpath+0x31d/0x5e0
[  568.141250]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  568.146268]  ? prepare_exit_to_usermode+0x291/0x3b0
[  568.151294]  ? perf_trace_sys_enter+0xb10/0xb10
[  568.155963]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  568.160814]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  568.165998] RIP: 0033:0x455f67
[  568.169185] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  568.188082] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  568.195790] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  568.203054] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  568.210322] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
15:23:46 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x6c})

15:23:46 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1269, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  568.217584] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  568.224845] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000017
15:23:46 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:46 executing program 0 (fault-call:0 fault-nth:24):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:46 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]})

[  568.263069] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:46 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x500, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:46 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x1434000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:46 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
socket$inet6(0xa, 0x80001, 0x1)
ioctl(r0, 0x3, &(0x7f0000000040)="76e801e45793f811c9b3c99d6c2383e3d8bb2ab52705a827d2d9db254017d9590e4976c338205678786d73b9752230341adba282ca6d4cce18c72b30262f1b2e511837c39f96df37e0fe9019029f16b906a52f887535b74bcefc0d068f5522f28a6c1bdbcf0bf809e5fa00bad93ef8b54405545ac97e753876cd11d18862b7b62fec2bc04ed7e6da1a288c0926d4534c6049323fa1a445c0c450092650dc8b25c90423fadc025b34bf1197092d59783500ecc7308b4d186322dcaa33187b7c27f5d527fc8f803c16c17d259755a6177594")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:46 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x80081270, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  568.353638] EXT4-fs (sda1): Unrecognized mount option "l" or missing value
[  568.371018] FAULT_INJECTION: forcing a failure.
[  568.371018] name failslab, interval 1, probability 0, space 0, times 0
[  568.382313] CPU: 1 PID: 21069 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  568.390816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  568.400154] Call Trace:
[  568.402734]  dump_stack+0x1c9/0x2b4
[  568.406356]  ? dump_stack_print_info.cold.2+0x52/0x52
[  568.411536]  ? trace_hardirqs_on+0x10/0x10
[  568.415760]  ? perf_trace_lock+0x920/0x920
[  568.419984]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  568.424836]  should_fail.cold.4+0xa/0x11
[  568.428887]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  568.433979]  ? walk_component+0x3fe/0x2630
[  568.438204]  ? lock_downgrade+0x8f0/0x8f0
[  568.442342]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  568.447173]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  568.452004]  ? kasan_check_write+0x14/0x20
[  568.456234]  ? perf_trace_lock+0x920/0x920
[  568.460466]  ? trace_hardirqs_on+0x10/0x10
[  568.464685]  ? perf_trace_lock+0x920/0x920
[  568.468911]  ? path_parentat.isra.43+0x20/0x160
[  568.473574]  ? lock_downgrade+0x8f0/0x8f0
[  568.477716]  ? lock_acquire+0x1e4/0x540
[  568.481678]  ? fs_reclaim_acquire+0x20/0x20
[  568.485993]  ? lock_downgrade+0x8f0/0x8f0
[  568.490154]  ? check_same_owner+0x340/0x340
[  568.494467]  ? rcu_note_context_switch+0x730/0x730
[  568.499395]  __should_failslab+0x124/0x180
[  568.503621]  should_failslab+0x9/0x14
[  568.507411]  kmem_cache_alloc+0x2af/0x760
[  568.511547]  ? perf_trace_lock+0x920/0x920
[  568.515771]  ? perf_trace_lock+0x920/0x920
[  568.520000]  __d_alloc+0xc8/0xd50
[  568.523445]  ? shrink_dcache_sb+0x350/0x350
[  568.527758]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  568.532767]  ? d_alloc_parallel+0x1eb0/0x1eb0
[  568.537254]  ? lock_release+0xa30/0xa30
[  568.541217]  ? lock_acquire+0x1e4/0x540
[  568.545180]  ? filename_create+0x1b2/0x5b0
[  568.549423]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  568.554428]  d_alloc+0x96/0x380
[  568.557692]  ? __d_lookup+0x9e0/0x9e0
[  568.561489]  ? __d_alloc+0xd50/0xd50
[  568.565213]  __lookup_hash+0xd9/0x190
[  568.569008]  filename_create+0x1e5/0x5b0
[  568.573159]  ? kern_path_mountpoint+0x40/0x40
[  568.577645]  ? fget_raw+0x20/0x20
[  568.581094]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  568.586615]  ? getname_flags+0x26e/0x5a0
[  568.590665]  do_mkdirat+0xda/0x310
[  568.594193]  ? __ia32_sys_mknod+0xb0/0xb0
[  568.598330]  ? ksys_ioctl+0x81/0xd0
[  568.601946]  __x64_sys_mkdir+0x5c/0x80
[  568.605825]  do_syscall_64+0x1b9/0x820
[  568.609704]  ? finish_task_switch+0x1d3/0x870
[  568.614188]  ? syscall_return_slowpath+0x5e0/0x5e0
[  568.619105]  ? syscall_return_slowpath+0x31d/0x5e0
[  568.624029]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  568.629119]  ? __switch_to_asm+0x34/0x70
[  568.633165]  ? __switch_to_asm+0x34/0x70
[  568.637211]  ? __switch_to_asm+0x40/0x70
[  568.641260]  ? __switch_to_asm+0x34/0x70
[  568.645305]  ? __switch_to_asm+0x40/0x70
[  568.649351]  ? __switch_to_asm+0x34/0x70
[  568.653408]  ? __switch_to_asm+0x40/0x70
[  568.657459]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  568.662293]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  568.667467] RIP: 0033:0x455f67
[  568.670651] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  568.689539] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  568.697237] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
15:23:47 executing program 0 (fault-call:0 fault-nth:25):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  568.704490] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  568.711745] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  568.718999] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  568.726252] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000018
[  568.735351] EXT4-fs (sda1): Unrecognized mount option "l" or missing value
15:23:47 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1276, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:47 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304000000000000]})

15:23:47 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x904c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:47 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  568.775440] EXT4-fs (sda1): quotafile must be on filesystem root
[  568.834232] FAULT_INJECTION: forcing a failure.
[  568.834232] name failslab, interval 1, probability 0, space 0, times 0
[  568.845596] CPU: 0 PID: 21098 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  568.854098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  568.863450] Call Trace:
[  568.866042]  dump_stack+0x1c9/0x2b4
[  568.869680]  ? dump_stack_print_info.cold.2+0x52/0x52
[  568.874952]  should_fail.cold.4+0xa/0x11
[  568.879014]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  568.884113]  ? __switch_to_asm+0x34/0x70
[  568.888170]  ? __switch_to_asm+0x40/0x70
[  568.892225]  ? __switch_to_asm+0x34/0x70
[  568.896285]  ? __switch_to_asm+0x40/0x70
[  568.900343]  ? __switch_to_asm+0x34/0x70
[  568.904397]  ? __switch_to_asm+0x40/0x70
[  568.908454]  ? __switch_to_asm+0x34/0x70
[  568.912514]  ? __switch_to_asm+0x34/0x70
[  568.916569]  ? __switch_to_asm+0x34/0x70
[  568.920624]  ? __switch_to_asm+0x40/0x70
[  568.924684]  ? __switch_to_asm+0x34/0x70
[  568.928743]  ? __switch_to_asm+0x40/0x70
[  568.932805]  ? __schedule+0x884/0x1ec0
[  568.936689]  ? __sched_text_start+0x8/0x8
[  568.940889]  ? __fget+0x4d5/0x740
[  568.944353]  ? lock_acquire+0x1e4/0x540
[  568.948325]  ? fs_reclaim_acquire+0x20/0x20
[  568.952643]  ? lock_downgrade+0x8f0/0x8f0
[  568.956795]  ? check_same_owner+0x340/0x340
[  568.961113]  ? block_ioctl+0xee/0x130
[  568.964911]  ? rcu_note_context_switch+0x730/0x730
[  568.969841]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  568.975392]  __should_failslab+0x124/0x180
[  568.979628]  should_failslab+0x9/0x14
[  568.983426]  kmem_cache_alloc+0x2af/0x760
[  568.987567]  ? __schedule+0x1ec0/0x1ec0
[  568.991541]  ? fget_raw+0x20/0x20
[  568.994995]  getname_flags+0xd0/0x5a0
[  568.998796]  do_mkdirat+0xc5/0x310
[  569.002332]  ? __ia32_sys_mknod+0xb0/0xb0
[  569.006480]  ? syscall_slow_exit_work+0x500/0x500
[  569.011333]  ? ksys_ioctl+0x81/0xd0
[  569.014973]  __x64_sys_mkdir+0x5c/0x80
[  569.018872]  do_syscall_64+0x1b9/0x820
[  569.022761]  ? syscall_return_slowpath+0x5e0/0x5e0
[  569.027692]  ? syscall_return_slowpath+0x31d/0x5e0
[  569.032621]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  569.037636]  ? __switch_to_asm+0x34/0x70
[  569.041742]  ? __switch_to_asm+0x34/0x70
[  569.045799]  ? __switch_to_asm+0x40/0x70
[  569.049857]  ? __switch_to_asm+0x34/0x70
[  569.053913]  ? __switch_to_asm+0x34/0x70
[  569.057968]  ? __switch_to_asm+0x40/0x70
[  569.062025]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  569.066875]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  569.072059] RIP: 0033:0x455f67
[  569.075249] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  569.094146] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  569.101871] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  569.109133] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  569.116394] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  569.123658] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
15:23:47 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1268, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:47 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2d, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:47 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x4c})

15:23:47 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

[  569.130953] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000019
15:23:47 executing program 0 (fault-call:0 fault-nth:26):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:47 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")

15:23:47 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe867, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:47 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]})

15:23:47 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1265, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  569.269213] FAULT_INJECTION: forcing a failure.
[  569.269213] name failslab, interval 1, probability 0, space 0, times 0
[  569.280483] CPU: 1 PID: 21116 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  569.288963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  569.298304] Call Trace:
[  569.300895]  dump_stack+0x1c9/0x2b4
[  569.304521]  ? dump_stack_print_info.cold.2+0x52/0x52
[  569.309707]  ? trace_hardirqs_on+0x10/0x10
[  569.313939]  ? save_stack+0xa9/0xd0
[  569.317569]  should_fail.cold.4+0xa/0x11
[  569.321630]  ? block_ioctl+0xee/0x130
[  569.325429]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  569.330527]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  569.336061]  ? walk_component+0x3fe/0x2630
[  569.340297]  ? lock_downgrade+0x8f0/0x8f0
[  569.344440]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  569.349021]  ? kasan_check_write+0x14/0x20
[  569.353254]  ? trace_hardirqs_on+0x10/0x10
[  569.357481]  ? path_parentat.isra.43+0x20/0x160
[  569.362148]  ? lock_downgrade+0x8f0/0x8f0
[  569.366303]  ? lock_acquire+0x1e4/0x540
[  569.370272]  ? fs_reclaim_acquire+0x20/0x20
[  569.374592]  ? lock_downgrade+0x8f0/0x8f0
[  569.378742]  ? check_same_owner+0x340/0x340
[  569.383063]  ? rcu_note_context_switch+0x730/0x730
[  569.387992]  __should_failslab+0x124/0x180
[  569.392226]  should_failslab+0x9/0x14
[  569.396027]  kmem_cache_alloc+0x2af/0x760
[  569.400177]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  569.404757]  __d_alloc+0xc8/0xd50
[  569.408208]  ? shrink_dcache_sb+0x350/0x350
[  569.412529]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  569.417547]  ? d_alloc_parallel+0x1eb0/0x1eb0
[  569.422038]  ? mntput+0x74/0xa0
[  569.425320]  ? lock_release+0xa30/0xa30
[  569.429293]  ? lock_acquire+0x1e4/0x540
[  569.433262]  ? filename_create+0x1b2/0x5b0
[  569.437516]  ? mnt_want_write+0x3f/0xc0
[  569.441496]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  569.446508]  d_alloc+0x96/0x380
[  569.449781]  ? __d_lookup+0x9e0/0x9e0
[  569.453582]  ? __d_alloc+0xd50/0xd50
[  569.457302]  __lookup_hash+0xd9/0x190
[  569.461104]  filename_create+0x1e5/0x5b0
[  569.465166]  ? kern_path_mountpoint+0x40/0x40
[  569.469663]  ? fget_raw+0x20/0x20
[  569.473118]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  569.478655]  ? getname_flags+0x26e/0x5a0
[  569.482715]  do_mkdirat+0xda/0x310
[  569.486253]  ? __ia32_sys_mknod+0xb0/0xb0
[  569.490396]  ? ksys_ioctl+0x81/0xd0
[  569.494020]  __x64_sys_mkdir+0x5c/0x80
[  569.497900]  do_syscall_64+0x1b9/0x820
[  569.501786]  ? finish_task_switch+0x1d3/0x870
[  569.506281]  ? syscall_return_slowpath+0x5e0/0x5e0
[  569.511206]  ? syscall_return_slowpath+0x31d/0x5e0
[  569.516140]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  569.521162]  ? __switch_to_asm+0x34/0x70
[  569.525220]  ? __switch_to_asm+0x34/0x70
[  569.529282]  ? __switch_to_asm+0x40/0x70
[  569.533341]  ? __switch_to_asm+0x34/0x70
[  569.537403]  ? __switch_to_asm+0x40/0x70
[  569.541459]  ? __switch_to_asm+0x34/0x70
[  569.545518]  ? __switch_to_asm+0x40/0x70
[  569.549583]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  569.554425]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  569.559613] RIP: 0033:0x455f67
[  569.562807] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  569.581704] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  569.589413] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  569.596675] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  569.603937] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  569.611202] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  569.618467] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000001a
15:23:48 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x4e21, @multicast2}, {0x6, @broadcast}, 0x0, {0x2, 0x4e23, @local}, 'ifb0\x00'})
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:48 executing program 0 (fault-call:0 fault-nth:27):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:48 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x40049409, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:48 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff]})

15:23:48 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:48 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x6000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  569.778079] FAULT_INJECTION: forcing a failure.
[  569.778079] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  569.789926] CPU: 1 PID: 21150 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  569.798418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  569.807783] Call Trace:
[  569.810382]  dump_stack+0x1c9/0x2b4
[  569.814022]  ? dump_stack_print_info.cold.2+0x52/0x52
[  569.819221]  ? trace_hardirqs_off+0xd/0x10
[  569.823468]  should_fail.cold.4+0xa/0x11
[  569.827531]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  569.832634]  ? trace_hardirqs_off+0xd/0x10
[  569.836866]  ? wait_for_completion+0x8d0/0x8d0
[  569.841446]  ? __kasan_slab_free+0x131/0x170
[  569.845853]  ? trace_hardirqs_on+0x10/0x10
[  569.850087]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  569.855623]  ? filemap_check_errors+0xd8/0x110
[  569.860204]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  569.865740]  ? mutex_unlock+0xd/0x10
[  569.869450]  ? lo_ioctl+0xe6/0x1d70
[  569.873085]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  569.878622]  ? should_fail+0x246/0xd86
[  569.882509]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  569.887608]  ? blkpg_ioctl+0xc40/0xc40
[  569.891499]  __alloc_pages_nodemask+0x36e/0xdb0
[  569.896166]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  569.901179]  ? save_stack+0xa9/0xd0
[  569.904802]  ? save_stack+0x43/0xd0
[  569.908434]  ? __fget+0x4d5/0x740
[  569.911899]  ? lock_acquire+0x1e4/0x540
[  569.915877]  ? fs_reclaim_acquire+0x20/0x20
[  569.920197]  ? lock_downgrade+0x8f0/0x8f0
[  569.924342]  ? lock_release+0xa30/0xa30
[  569.928313]  ? check_same_owner+0x340/0x340
[  569.932640]  cache_grow_begin+0x91/0x710
[  569.936703]  kmem_cache_alloc+0x689/0x760
[  569.940847]  ? fget_raw+0x20/0x20
[  569.944296]  getname_flags+0xd0/0x5a0
[  569.948096]  do_mkdirat+0xc5/0x310
[  569.951631]  ? __ia32_sys_mknod+0xb0/0xb0
[  569.955775]  ? fput+0x130/0x1a0
[  569.959052]  ? ksys_ioctl+0x81/0xd0
[  569.962677]  __x64_sys_mkdir+0x5c/0x80
[  569.966564]  do_syscall_64+0x1b9/0x820
[  569.970459]  ? finish_task_switch+0x1d3/0x870
[  569.974954]  ? syscall_return_slowpath+0x5e0/0x5e0
[  569.979894]  ? syscall_return_slowpath+0x31d/0x5e0
[  569.984824]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  569.989838]  ? __switch_to_asm+0x34/0x70
[  569.993896]  ? __switch_to_asm+0x34/0x70
[  569.997956]  ? __switch_to_asm+0x40/0x70
[  570.002012]  ? __switch_to_asm+0x34/0x70
[  570.006070]  ? __switch_to_asm+0x40/0x70
[  570.010136]  ? __switch_to_asm+0x34/0x70
[  570.014200]  ? __switch_to_asm+0x40/0x70
[  570.018262]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  570.023114]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  570.028295] RIP: 0033:0x455f67
[  570.031486] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  570.050388] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  570.058100] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  570.065364] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
15:23:48 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1277, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:48 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]})

15:23:48 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x20602, 0x0)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0x8, 0x4, 0x5, 0x7b4, 0x8, 0x1, 0x4, 0x6, 0x1, 0x8, 0x7, 0x1})
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:48 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x3})

15:23:48 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x2dc, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:48 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  570.072631] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  570.079897] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  570.087161] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000001b
15:23:48 executing program 0 (fault-call:0 fault-nth:28):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:48 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0xc0481273, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:48 executing program 4:
r0 = socket$inet(0x2b, 0x2, 0x7)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x40100, 0x0)
ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000080))
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0xc)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x8)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000))

15:23:48 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3040000]})

15:23:48 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xd0200000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:48 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x6c00000000000000})

[  570.253030] FAULT_INJECTION: forcing a failure.
[  570.253030] name failslab, interval 1, probability 0, space 0, times 0
[  570.264404] CPU: 1 PID: 21188 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  570.272895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  570.282247] Call Trace:
[  570.284846]  dump_stack+0x1c9/0x2b4
[  570.288476]  ? dump_stack_print_info.cold.2+0x52/0x52
[  570.293681]  should_fail.cold.4+0xa/0x11
[  570.297750]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  570.302861]  ? trace_hardirqs_on+0x10/0x10
[  570.307095]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  570.312110]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  570.316869]  ? lock_acquire+0x1e4/0x540
[  570.320839]  ? is_bpf_text_address+0xae/0x170
[  570.325332]  ? lock_downgrade+0x8f0/0x8f0
[  570.329480]  ? lock_release+0xa30/0xa30
[  570.333452]  ? rcu_is_watching+0x8c/0x150
[  570.337595]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  570.342265]  ? is_bpf_text_address+0xd7/0x170
[  570.346759]  ? kernel_text_address+0x79/0xf0
[  570.351167]  __should_failslab+0x124/0x180
[  570.355403]  should_failslab+0x9/0x14
[  570.359207]  kmem_cache_alloc+0x47/0x760
[  570.363274]  ? __es_tree_search.isra.13+0x1ba/0x220
[  570.368294]  __es_insert_extent+0x305/0x1140
[  570.372707]  ? ext4_es_insert_extent+0x21c/0x7e0
[  570.377461]  ? ext4_es_free_extent+0x820/0x820
[  570.382042]  ? lock_release+0xa30/0xa30
[  570.386023]  ? __x64_sys_mkdir+0x5c/0x80
[  570.390082]  ? do_syscall_64+0x1b9/0x820
[  570.394146]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  570.399511]  ? kasan_check_write+0x14/0x20
[  570.403748]  ? kasan_check_write+0x14/0x20
[  570.407979]  ? do_raw_write_lock+0xbd/0x1b0
[  570.412307]  ext4_es_insert_extent+0x2ea/0x7e0
[  570.416894]  ? ext4_es_find_delayed_extent_range+0xd80/0xd80
[  570.422694]  ? kasan_unpoison_shadow+0x35/0x50
[  570.427278]  ? kasan_kmalloc+0xc4/0xe0
[  570.431168]  ? __kmalloc+0x315/0x760
[  570.434883]  ext4_ext_put_gap_in_cache+0x158/0x1f0
[  570.439814]  ? ext4_zeroout_es+0x160/0x160
[  570.444059]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  570.449590]  ext4_ext_map_blocks+0x2453/0x62e0
15:23:48 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x600, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:48 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1260, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:48 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})

[  570.454175]  ? unregister_lsm_notifier+0x20/0x20
[  570.458928]  ? ext4_init_acl+0x1d6/0x300
[  570.462987]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  570.468004]  ? block_commit_write+0x30/0x30
[  570.472327]  ? __ext4_new_inode+0xb0d/0x6600
[  570.476737]  ? lock_acquire+0x1e4/0x540
[  570.480712]  ? ext4_es_lookup_extent+0x42c/0xde0
[  570.485468]  ? lock_downgrade+0x8f0/0x8f0
[  570.489619]  ? lock_release+0xa30/0xa30
[  570.493594]  ? lock_acquire+0x1e4/0x540
[  570.497566]  ? ext4_map_blocks+0x480/0x1b60
[  570.501894]  ? lock_release+0xa30/0xa30
[  570.505869]  ? check_same_owner+0x340/0x340
[  570.510194]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  570.515728]  ? ext4_es_lookup_extent+0x465/0xde0
[  570.520479]  ? rcu_note_context_switch+0x730/0x730
[  570.525414]  ? down_read+0xb5/0x1d0
[  570.529043]  ? ext4_map_blocks+0x480/0x1b60
[  570.533362]  ? __down_interruptible+0x700/0x700
[  570.538032]  ? kernel_text_address+0x79/0xf0
[  570.542445]  ext4_map_blocks+0xe31/0x1b60
[  570.546596]  ? __save_stack_trace+0x8d/0xf0
[  570.550921]  ? ext4_issue_zeroout+0x190/0x190
[  570.555412]  ? save_stack+0x43/0xd0
[  570.559041]  ? __kasan_slab_free+0x11a/0x170
[  570.563443]  ? kasan_slab_free+0xe/0x10
[  570.567417]  ? kmem_cache_free+0x86/0x2d0
[  570.571561]  ext4_getblk+0x10e/0x630
[  570.575275]  ? ext4_iomap_begin+0x1350/0x1350
[  570.579772]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  570.585304]  ? __dquot_initialize+0x61d/0xde0
[  570.589798]  ext4_bread+0x95/0x2b0
[  570.593333]  ? ext4_getblk+0x630/0x630
[  570.597214]  ? dquot_get_next_dqblk+0x180/0x180
[  570.601879]  ? debug_check_no_obj_freed+0x30b/0x595
[  570.606888]  ? kasan_check_write+0x14/0x20
[  570.611126]  ext4_append+0x14e/0x370
[  570.614843]  ext4_mkdir+0x532/0xe60
[  570.618474]  ? ext4_init_dot_dotdot+0x510/0x510
[  570.623143]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  570.628679]  ? security_inode_permission+0xd2/0x100
[  570.633696]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  570.639228]  ? security_inode_mkdir+0xe8/0x120
[  570.643809]  vfs_mkdir+0x42e/0x6b0
[  570.647351]  do_mkdirat+0x27b/0x310
[  570.650978]  ? __ia32_sys_mknod+0xb0/0xb0
[  570.655125]  ? ksys_ioctl+0x81/0xd0
[  570.658747]  __x64_sys_mkdir+0x5c/0x80
[  570.662637]  do_syscall_64+0x1b9/0x820
[  570.666522]  ? syscall_return_slowpath+0x5e0/0x5e0
[  570.671450]  ? syscall_return_slowpath+0x31d/0x5e0
[  570.676376]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  570.681391]  ? __switch_to_asm+0x34/0x70
[  570.685448]  ? __switch_to_asm+0x34/0x70
[  570.689503]  ? __switch_to_asm+0x40/0x70
[  570.693556]  ? __switch_to_asm+0x34/0x70
[  570.697614]  ? __switch_to_asm+0x34/0x70
[  570.701670]  ? __switch_to_asm+0x40/0x70
[  570.705728]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  570.710574]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  570.715758] RIP: 0033:0x455f67
[  570.718953] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  570.737850] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  570.745555] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
15:23:49 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434fd", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:49 executing program 0 (fault-call:0 fault-nth:29):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:49 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
r2 = request_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000100)='vmnet0wlan1posix_acl_access,.(}*\x00', 0xffffffffffffffff)
keyctl$clear(0x7, r2)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000000180)=[{{&(0x7f0000000080)=@nfc, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000640)=""/4096}, {&(0x7f0000000300)=""/65}, {&(0x7f0000000380)=""/153}, {&(0x7f0000000440)=""/165}, {&(0x7f0000000500)=""/175}, {&(0x7f0000001b00)=""/4096}, {&(0x7f0000000100)}, {&(0x7f0000001640)=""/113}, {&(0x7f00000016c0)=""/226}], 0x0, &(0x7f0000001880)=""/231, 0x0, 0x40}, 0x65f40a05}], 0x2cd, 0x124f647ba283e290, 0x0)

[  570.752820] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  570.760084] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  570.767359] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  570.774622] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000001c
15:23:49 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]})

15:23:49 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x15e0, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:49 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x1274, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:49 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x111000, 0x0)
getpeername$unix(r1, &(0x7f0000000080), &(0x7f0000000100)=0x6e)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0xf)
ioctl$KDSETMODE(r3, 0x4b3a, 0x9)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:49 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304]})

15:23:49 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x5421, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  570.924470] FAULT_INJECTION: forcing a failure.
[  570.924470] name failslab, interval 1, probability 0, space 0, times 0
[  570.935831] CPU: 0 PID: 21216 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  570.944327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  570.953670] Call Trace:
[  570.956245]  dump_stack+0x1c9/0x2b4
[  570.959869]  ? dump_stack_print_info.cold.2+0x52/0x52
[  570.965068]  should_fail.cold.4+0xa/0x11
[  570.969139]  ? fault_create_debugfs_attr+0x1f0/0x1f0
15:23:49 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x3f00000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:49 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa893000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  570.974243]  ? do_raw_spin_unlock+0xa7/0x2f0
[  570.978658]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  570.983280]  ? kasan_check_write+0x14/0x20
[  570.987525]  ? do_raw_spin_lock+0xc1/0x200
[  570.991772]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  570.997314]  ? __mark_inode_dirty+0x495/0x1550
[  571.001898]  ? __inode_attach_wb+0x13d0/0x13d0
[  571.006483]  ? kasan_check_read+0x11/0x20
[  571.010749]  ? do_raw_spin_unlock+0xa7/0x2f0
[  571.015165]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  571.019750]  ? kasan_check_write+0x14/0x20
[  571.024085]  ? check_same_owner+0x340/0x340
[  571.028411]  ? __dquot_alloc_space+0x4b6/0x8c0
[  571.033022]  ? rcu_note_context_switch+0x730/0x730
[  571.037955]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  571.042975]  __should_failslab+0x124/0x180
[  571.047210]  should_failslab+0x9/0x14
[  571.051013]  kmem_cache_alloc+0x2af/0x760
[  571.055165]  ? percpu_counter_add_batch+0xf2/0x150
[  571.060100]  ext4_mb_new_blocks+0x774/0x4740
[  571.064513]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  571.069531]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  571.074294]  ? ext4_discard_preallocations+0x13d0/0x13d0
[  571.079750]  ? lock_release+0xa30/0xa30
[  571.083721]  ? kasan_check_read+0x11/0x20
[  571.087874]  ? rcu_is_watching+0x8c/0x150
[  571.092022]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  571.096710]  ? is_bpf_text_address+0xd7/0x170
[  571.101209]  ? kernel_text_address+0x79/0xf0
[  571.105635]  ? __kernel_text_address+0xd/0x40
[  571.110130]  ? unwind_get_return_address+0x61/0xa0
[  571.115060]  ? __save_stack_trace+0x8d/0xf0
[  571.119414]  ? save_stack+0xa9/0xd0
[  571.123038]  ? save_stack+0x43/0xd0
[  571.126659]  ? kasan_kmalloc+0xc4/0xe0
[  571.130542]  ? __kmalloc+0x14e/0x760
[  571.134254]  ? ext4_find_extent+0x775/0xa10
[  571.139117]  ? ext4_ext_map_blocks+0x293/0x62e0
[  571.143782]  ? ext4_map_blocks+0x8f3/0x1b60
[  571.148099]  ? ext4_getblk+0x10e/0x630
[  571.151988]  ? ext4_bread+0x95/0x2b0
[  571.155900]  ? ext4_append+0x14e/0x370
[  571.159783]  ? ext4_mkdir+0x532/0xe60
[  571.163584]  ? vfs_mkdir+0x42e/0x6b0
[  571.167294]  ? do_mkdirat+0x27b/0x310
[  571.171872]  ? __x64_sys_mkdir+0x5c/0x80
[  571.175935]  ? do_syscall_64+0x1b9/0x820
[  571.179996]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  571.185362]  ? save_stack+0xa9/0xd0
[  571.188982]  ? save_stack+0x43/0xd0
[  571.192608]  ? __kasan_slab_free+0x11a/0x170
[  571.197025]  ? kasan_slab_free+0xe/0x10
[  571.200996]  ? kfree+0xd9/0x260
[  571.204277]  ? ext4_ext_map_blocks+0xede/0x62e0
[  571.208941]  ? ext4_map_blocks+0xe31/0x1b60
[  571.213258]  ? ext4_getblk+0x10e/0x630
[  571.217144]  ? ext4_bread+0x95/0x2b0
[  571.220852]  ? ext4_append+0x14e/0x370
[  571.224736]  ? ext4_mkdir+0x532/0xe60
[  571.228532]  ? vfs_mkdir+0x42e/0x6b0
[  571.232238]  ? do_mkdirat+0x27b/0x310
[  571.236036]  ? __x64_sys_mkdir+0x5c/0x80
[  571.240094]  ? do_syscall_64+0x1b9/0x820
[  571.244155]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  571.249515]  ? kasan_check_read+0x11/0x20
[  571.253663]  ? do_raw_spin_unlock+0xa7/0x2f0
[  571.258073]  ? check_same_owner+0x340/0x340
[  571.262389]  ? kasan_check_write+0x14/0x20
[  571.266624]  ? kasan_unpoison_shadow+0x35/0x50
[  571.271214]  ? kasan_kmalloc+0xc4/0xe0
[  571.275104]  ? __kmalloc+0x315/0x760
[  571.278851]  ? trace_hardirqs_off+0xd/0x10
[  571.283083]  ? ext4_find_extent+0x775/0xa10
[  571.287404]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  571.292939]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  571.298478]  ? ext4_inode_to_goal_block+0x2e3/0x3f0
[  571.303498]  ext4_ext_map_blocks+0x2dc0/0x62e0
[  571.308089]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  571.313102]  ? perf_trace_lock+0x920/0x920
[  571.317335]  ? perf_trace_lock+0x920/0x920
[  571.321572]  ? __ext4_new_inode+0xb0d/0x6600
[  571.325980]  ? lock_acquire+0x1e4/0x540
[  571.329949]  ? ext4_es_lookup_extent+0x42c/0xde0
[  571.334702]  ? lock_downgrade+0x8f0/0x8f0
[  571.338854]  ? lock_acquire+0x1e4/0x540
[  571.342823]  ? ext4_map_blocks+0x480/0x1b60
[  571.347145]  ? lock_acquire+0x1e4/0x540
[  571.351114]  ? ext4_map_blocks+0x88b/0x1b60
[  571.355439]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  571.360994]  ? lock_release+0xa30/0xa30
[  571.364965]  ? ext4_map_blocks+0x66a/0x1b60
[  571.369285]  ? rcu_note_context_switch+0x730/0x730
[  571.374223]  ? down_write+0x8f/0x130
[  571.377931]  ? ext4_map_blocks+0x88b/0x1b60
[  571.382248]  ? down_read+0x1d0/0x1d0
[  571.385967]  ext4_map_blocks+0x8f3/0x1b60
[  571.390115]  ? __save_stack_trace+0x8d/0xf0
[  571.394469]  ? ext4_issue_zeroout+0x190/0x190
[  571.398963]  ? save_stack+0x43/0xd0
[  571.402585]  ? __kasan_slab_free+0x11a/0x170
[  571.406987]  ? kasan_slab_free+0xe/0x10
[  571.410963]  ? kmem_cache_free+0x86/0x2d0
[  571.415108]  ext4_getblk+0x10e/0x630
[  571.418821]  ? ext4_iomap_begin+0x1350/0x1350
[  571.423330]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  571.428863]  ? __dquot_initialize+0x61d/0xde0
[  571.433359]  ext4_bread+0x95/0x2b0
[  571.436897]  ? ext4_getblk+0x630/0x630
[  571.440784]  ? dquot_get_next_dqblk+0x180/0x180
[  571.445478]  ? retint_kernel+0x10/0x10
[  571.449380]  ext4_append+0x14e/0x370
[  571.453993]  ext4_mkdir+0x532/0xe60
[  571.457631]  ? ext4_init_dot_dotdot+0x510/0x510
[  571.462303]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  571.469036]  ? security_inode_permission+0xd2/0x100
[  571.474060]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  571.480150]  ? security_inode_mkdir+0xe8/0x120
[  571.484730]  vfs_mkdir+0x42e/0x6b0
[  571.488276]  do_mkdirat+0x27b/0x310
[  571.491906]  ? __ia32_sys_mknod+0xb0/0xb0
[  571.496724]  ? ksys_ioctl+0x81/0xd0
[  571.500356]  __x64_sys_mkdir+0x5c/0x80
[  571.507304]  do_syscall_64+0x1b9/0x820
[  571.511205]  ? finish_task_switch+0x1d3/0x870
[  571.515698]  ? syscall_return_slowpath+0x5e0/0x5e0
[  571.520628]  ? syscall_return_slowpath+0x31d/0x5e0
[  571.525558]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  571.530572]  ? __switch_to_asm+0x34/0x70
[  571.534636]  ? __switch_to_asm+0x34/0x70
[  571.538696]  ? __switch_to_asm+0x40/0x70
[  571.542758]  ? __switch_to_asm+0x34/0x70
[  571.546821]  ? __switch_to_asm+0x40/0x70
[  571.550879]  ? __switch_to_asm+0x34/0x70
[  571.554936]  ? __switch_to_asm+0x40/0x70
[  571.559001]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  571.563852]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  571.569040] RIP: 0033:0x455f67
[  571.572236] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  571.591135] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  571.598859] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  571.606123] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  571.613387] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
15:23:50 executing program 0 (fault-call:0 fault-nth:30):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  571.620655] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  571.627919] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000001d
15:23:50 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x6000000})

15:23:50 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743406", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:50 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304000000000000]})

15:23:50 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0xc0045878, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:50 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xb888, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:50 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x300, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r1)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x2000000000000282, 0x0)

[  571.791590] FAULT_INJECTION: forcing a failure.
[  571.791590] name failslab, interval 1, probability 0, space 0, times 0
[  571.802895] CPU: 0 PID: 21248 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  571.811381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  571.820727] Call Trace:
[  571.823319]  dump_stack+0x1c9/0x2b4
[  571.826944]  ? dump_stack_print_info.cold.2+0x52/0x52
[  571.832263]  ? preempt_notifier_register+0x200/0x200
[  571.837380]  ? __switch_to_asm+0x34/0x70
[  571.841482]  ? __switch_to_asm+0x40/0x70
[  571.845546]  should_fail.cold.4+0xa/0x11
[  571.849612]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  571.854721]  ? trace_hardirqs_on+0x10/0x10
[  571.858952]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  571.863964]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  571.868719]  ? lock_acquire+0x1e4/0x540
[  571.872690]  ? is_bpf_text_address+0xae/0x170
[  571.877181]  ? lock_downgrade+0x8f0/0x8f0
[  571.881327]  ? lock_release+0xa30/0xa30
[  571.885299]  ? rcu_is_watching+0x8c/0x150
[  571.889444]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  571.894112]  ? is_bpf_text_address+0xd7/0x170
[  571.898604]  ? kernel_text_address+0x79/0xf0
[  571.903010]  __should_failslab+0x124/0x180
[  571.907251]  should_failslab+0x9/0x14
[  571.911049]  kmem_cache_alloc+0x47/0x760
[  571.915108]  ? __es_tree_search.isra.13+0x1ba/0x220
[  571.920121]  __es_insert_extent+0x305/0x1140
[  571.924531]  ? ext4_es_insert_extent+0x21c/0x7e0
[  571.929295]  ? ext4_es_free_extent+0x820/0x820
[  571.933872]  ? lock_release+0xa30/0xa30
[  571.937838]  ? __x64_sys_mkdir+0x5c/0x80
[  571.941892]  ? do_syscall_64+0x1b9/0x820
[  571.945953]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  571.951315]  ? kasan_check_write+0x14/0x20
[  571.955548]  ? kasan_check_write+0x14/0x20
[  571.959782]  ? do_raw_write_lock+0xbd/0x1b0
[  571.964101]  ext4_es_insert_extent+0x2ea/0x7e0
[  571.968684]  ? ext4_es_find_delayed_extent_range+0xd80/0xd80
[  571.974478]  ? kasan_unpoison_shadow+0x35/0x50
[  571.979054]  ? kasan_kmalloc+0xc4/0xe0
[  571.982944]  ? __kmalloc+0x315/0x760
[  571.986670]  ext4_ext_put_gap_in_cache+0x158/0x1f0
[  571.991598]  ? ext4_zeroout_es+0x160/0x160
[  571.995842]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  572.001378]  ext4_ext_map_blocks+0x2453/0x62e0
[  572.005960]  ? unregister_lsm_notifier+0x20/0x20
[  572.010709]  ? ext4_init_acl+0x1d6/0x300
[  572.014766]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  572.019777]  ? block_commit_write+0x30/0x30
[  572.024103]  ? __ext4_new_inode+0xb0d/0x6600
[  572.028508]  ? lock_acquire+0x1e4/0x540
[  572.032477]  ? ext4_es_lookup_extent+0x42c/0xde0
[  572.037226]  ? lock_downgrade+0x8f0/0x8f0
[  572.041373]  ? lock_release+0xa30/0xa30
[  572.045346]  ? lock_acquire+0x1e4/0x540
[  572.049313]  ? ext4_map_blocks+0x480/0x1b60
[  572.053634]  ? lock_release+0xa30/0xa30
[  572.057607]  ? check_same_owner+0x340/0x340
[  572.061922]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.067481]  ? ext4_es_lookup_extent+0x465/0xde0
[  572.072237]  ? rcu_note_context_switch+0x730/0x730
[  572.077165]  ? down_read+0xb5/0x1d0
[  572.080809]  ? ext4_map_blocks+0x480/0x1b60
[  572.085125]  ? __down_interruptible+0x700/0x700
[  572.089794]  ? kernel_text_address+0x79/0xf0
[  572.094201]  ext4_map_blocks+0xe31/0x1b60
[  572.098351]  ? __save_stack_trace+0x8d/0xf0
[  572.102677]  ? ext4_issue_zeroout+0x190/0x190
[  572.107172]  ? save_stack+0x43/0xd0
[  572.110789]  ? __kasan_slab_free+0x11a/0x170
[  572.115189]  ? kasan_slab_free+0xe/0x10
[  572.119158]  ? kmem_cache_free+0x86/0x2d0
[  572.123304]  ext4_getblk+0x10e/0x630
[  572.127014]  ? ext4_iomap_begin+0x1350/0x1350
[  572.131505]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.138790]  ? __dquot_initialize+0x61d/0xde0
[  572.143280]  ext4_bread+0x95/0x2b0
[  572.146814]  ? ext4_getblk+0x630/0x630
[  572.150699]  ? dquot_get_next_dqblk+0x180/0x180
[  572.156666]  ? debug_check_no_obj_freed+0x30b/0x595
[  572.161680]  ? kasan_check_write+0x14/0x20
[  572.165917]  ext4_append+0x14e/0x370
[  572.169634]  ext4_mkdir+0x532/0xe60
[  572.174317]  ? ext4_init_dot_dotdot+0x510/0x510
[  572.178985]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.184517]  ? security_inode_permission+0xd2/0x100
[  572.191324]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.196872]  ? security_inode_mkdir+0xe8/0x120
[  572.201449]  vfs_mkdir+0x42e/0x6b0
[  572.204983]  do_mkdirat+0x27b/0x310
[  572.208607]  ? __ia32_sys_mknod+0xb0/0xb0
[  572.212748]  ? ksys_ioctl+0x81/0xd0
[  572.216377]  __x64_sys_mkdir+0x5c/0x80
[  572.220260]  do_syscall_64+0x1b9/0x820
[  572.224143]  ? syscall_return_slowpath+0x5e0/0x5e0
[  572.229069]  ? syscall_return_slowpath+0x31d/0x5e0
[  572.233993]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  572.239002]  ? __switch_to_asm+0x34/0x70
[  572.243067]  ? __switch_to_asm+0x34/0x70
[  572.247143]  ? __switch_to_asm+0x40/0x70
[  572.251201]  ? __switch_to_asm+0x34/0x70
[  572.255266]  ? __switch_to_asm+0x34/0x70
[  572.259320]  ? __switch_to_asm+0x40/0x70
[  572.263417]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  572.268259]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  572.273439] RIP: 0033:0x455f67
[  572.276631] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  572.295526] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  572.303229] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  572.310490] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  572.317750] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  572.325024] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  572.332288] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000001e
15:23:50 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})

[  572.366737] f2fs_msg: 20 callbacks suppressed
[  572.366749] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  572.378338] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  572.395711] F2FS-fs (loop0): journaled quota format not specified
[  572.402370] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  572.409452] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
15:23:50 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xffffff7f, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:50 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0xc0189436, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:50 executing program 0 (fault-call:0 fault-nth:31):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:50 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  572.430059] F2FS-fs (loop0): journaled quota format not specified
15:23:51 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743404", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:51 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x600})

15:23:51 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
fremovexattr(r0, &(0x7f0000000080)=@random={'os2.', '/dev/rtc0\x00'})
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
socket$unix(0x1, 0x2, 0x0)
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x20000, 0x0)
ioctl$IOC_PR_RELEASE(r2, 0x401070ca, &(0x7f0000000040)={0x1, 0x2})

15:23:51 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3040000]})

15:23:51 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xb0e5000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  572.590792] FAULT_INJECTION: forcing a failure.
[  572.590792] name failslab, interval 1, probability 0, space 0, times 0
[  572.602196] CPU: 1 PID: 21287 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  572.610678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  572.620018] Call Trace:
[  572.622606]  dump_stack+0x1c9/0x2b4
[  572.626235]  ? dump_stack_print_info.cold.2+0x52/0x52
[  572.631426]  should_fail.cold.4+0xa/0x11
[  572.635490]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  572.640592]  ? trace_hardirqs_on+0x10/0x10
[  572.644832]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  572.649847]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  572.654603]  ? lock_acquire+0x1e4/0x540
[  572.658574]  ? is_bpf_text_address+0xae/0x170
[  572.663064]  ? lock_downgrade+0x8f0/0x8f0
[  572.667210]  ? lock_release+0xa30/0xa30
[  572.671184]  ? rcu_is_watching+0x8c/0x150
[  572.675329]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  572.679999]  ? is_bpf_text_address+0xd7/0x170
[  572.684490]  ? kernel_text_address+0x79/0xf0
[  572.688883]  __should_failslab+0x124/0x180
[  572.693106]  should_failslab+0x9/0x14
[  572.696908]  kmem_cache_alloc+0x47/0x760
[  572.700959]  ? __es_tree_search.isra.13+0x1ba/0x220
[  572.705962]  __es_insert_extent+0x305/0x1140
[  572.710357]  ? ext4_es_insert_extent+0x21c/0x7e0
[  572.715100]  ? ext4_es_free_extent+0x820/0x820
[  572.719669]  ? lock_release+0xa30/0xa30
[  572.723626]  ? __x64_sys_mkdir+0x5c/0x80
[  572.727672]  ? do_syscall_64+0x1b9/0x820
[  572.731718]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  572.737068]  ? kasan_check_write+0x14/0x20
[  572.741294]  ? kasan_check_write+0x14/0x20
[  572.745527]  ? do_raw_write_lock+0xbd/0x1b0
[  572.749839]  ext4_es_insert_extent+0x2ea/0x7e0
[  572.754411]  ? ext4_es_find_delayed_extent_range+0xd80/0xd80
[  572.760192]  ? kasan_unpoison_shadow+0x35/0x50
[  572.764757]  ? kasan_kmalloc+0xc4/0xe0
[  572.768631]  ? __kmalloc+0x315/0x760
[  572.772331]  ext4_ext_put_gap_in_cache+0x158/0x1f0
[  572.777242]  ? ext4_zeroout_es+0x160/0x160
[  572.781463]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  572.786988]  ext4_ext_map_blocks+0x2453/0x62e0
[  572.791553]  ? unregister_lsm_notifier+0x20/0x20
[  572.796295]  ? ext4_init_acl+0x1d6/0x300
[  572.800345]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  572.805346]  ? block_commit_write+0x30/0x30
[  572.809661]  ? __ext4_new_inode+0xb0d/0x6600
[  572.814055]  ? lock_acquire+0x1e4/0x540
[  572.818018]  ? ext4_es_lookup_extent+0x42c/0xde0
[  572.822756]  ? lock_downgrade+0x8f0/0x8f0
[  572.826890]  ? lock_release+0xa30/0xa30
[  572.830851]  ? lock_acquire+0x1e4/0x540
[  572.834810]  ? ext4_map_blocks+0x480/0x1b60
[  572.839115]  ? lock_release+0xa30/0xa30
[  572.843075]  ? check_same_owner+0x340/0x340
[  572.847382]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.852901]  ? ext4_es_lookup_extent+0x465/0xde0
[  572.857641]  ? rcu_note_context_switch+0x730/0x730
[  572.862559]  ? down_read+0xb5/0x1d0
[  572.866170]  ? ext4_map_blocks+0x480/0x1b60
[  572.870478]  ? __down_interruptible+0x700/0x700
[  572.875136]  ? kernel_text_address+0x79/0xf0
[  572.879530]  ext4_map_blocks+0xe31/0x1b60
[  572.883662]  ? __save_stack_trace+0x8d/0xf0
[  572.887977]  ? ext4_issue_zeroout+0x190/0x190
[  572.892456]  ? save_stack+0x43/0xd0
[  572.896065]  ? __kasan_slab_free+0x11a/0x170
[  572.900458]  ? kasan_slab_free+0xe/0x10
[  572.904415]  ? kmem_cache_free+0x86/0x2d0
[  572.908549]  ext4_getblk+0x10e/0x630
[  572.912250]  ? ext4_iomap_begin+0x1350/0x1350
[  572.916731]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.922252]  ? __dquot_initialize+0x61d/0xde0
[  572.926752]  ext4_bread+0x95/0x2b0
[  572.930276]  ? ext4_getblk+0x630/0x630
[  572.934144]  ? dquot_get_next_dqblk+0x180/0x180
[  572.938800]  ? debug_check_no_obj_freed+0x30b/0x595
[  572.943800]  ? kasan_check_write+0x14/0x20
[  572.948022]  ext4_append+0x14e/0x370
[  572.951721]  ext4_mkdir+0x532/0xe60
[  572.955332]  ? ext4_init_dot_dotdot+0x510/0x510
[  572.959984]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.965503]  ? security_inode_permission+0xd2/0x100
[  572.970503]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.976022]  ? security_inode_mkdir+0xe8/0x120
[  572.980588]  vfs_mkdir+0x42e/0x6b0
[  572.984110]  do_mkdirat+0x27b/0x310
[  572.987722]  ? __ia32_sys_mknod+0xb0/0xb0
[  572.991855]  ? ksys_ioctl+0x81/0xd0
[  572.995463]  __x64_sys_mkdir+0x5c/0x80
[  572.999332]  do_syscall_64+0x1b9/0x820
[  573.003204]  ? finish_task_switch+0x1d3/0x870
[  573.007680]  ? syscall_return_slowpath+0x5e0/0x5e0
[  573.012594]  ? syscall_return_slowpath+0x31d/0x5e0
[  573.017924]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  573.022921]  ? __switch_to_asm+0x34/0x70
[  573.026964]  ? __switch_to_asm+0x34/0x70
[  573.031009]  ? __switch_to_asm+0x40/0x70
[  573.035053]  ? __switch_to_asm+0x34/0x70
[  573.039099]  ? __switch_to_asm+0x40/0x70
[  573.043140]  ? __switch_to_asm+0x34/0x70
[  573.047185]  ? __switch_to_asm+0x40/0x70
[  573.051228]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  573.056058]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  573.061234] RIP: 0033:0x455f67
[  573.064416] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  573.083303] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
15:23:51 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x125e, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  573.090994] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  573.098244] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  573.105494] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  573.112747] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  573.119999] R13: 0000000000000001 R14: 00000000004c9361 R15: 000000000000001f
[  573.149196] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  573.156304] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  573.167170] EXT4-fs: 21 callbacks suppressed
[  573.167180] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:51 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304]})

15:23:51 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x400000, 0x0)
ioctl$KVM_GET_PIT(r2, 0xc048ae65, &(0x7f0000000040))
syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0x0, 0x10080)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:51 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2d00, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:51 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x40101283, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  573.206589] F2FS-fs (loop0): journaled quota format not specified
[  573.221649] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  573.227755] EXT4-fs (sda1): quotafile must be on filesystem root
[  573.239759] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
15:23:51 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4c65, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:51 executing program 0 (fault-call:0 fault-nth:32):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  573.252171] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:51 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:51 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]})

15:23:51 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @broadcast}, 0x10)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r2=>r0})
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000040), 0x4)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0))

15:23:51 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x401070c9, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:51 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff]})

[  573.354800] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  573.374991] FAULT_INJECTION: forcing a failure.
[  573.374991] name failslab, interval 1, probability 0, space 0, times 0
[  573.386267] CPU: 1 PID: 21327 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  573.394759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  573.404109] Call Trace:
[  573.406697]  dump_stack+0x1c9/0x2b4
[  573.410327]  ? dump_stack_print_info.cold.2+0x52/0x52
[  573.415515]  ? list_lru_add+0x471/0xa70
[  573.419489]  ? lock_downgrade+0x8f0/0x8f0
[  573.423647]  should_fail.cold.4+0xa/0x11
[  573.427710]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  573.432814]  ? kasan_check_write+0x14/0x20
[  573.437046]  ? do_raw_spin_lock+0xc1/0x200
[  573.441280]  ? _raw_spin_unlock+0x22/0x30
[  573.445437]  ? lock_acquire+0x1e4/0x540
[  573.449409]  ? mntput_no_expire+0x160/0xbc0
[  573.453735]  ? lock_downgrade+0x8f0/0x8f0
[  573.457895]  ? lock_release+0xa30/0xa30
[  573.461874]  ? dput.part.26+0x248/0x7a0
[  573.465851]  ? lock_acquire+0x1e4/0x540
[  573.469825]  ? fs_reclaim_acquire+0x20/0x20
[  573.474142]  ? lock_downgrade+0x8f0/0x8f0
[  573.478290]  ? check_same_owner+0x340/0x340
[  573.482616]  ? mnt_get_count+0x150/0x150
[  573.486682]  ? rcu_note_context_switch+0x730/0x730
[  573.491612]  ? dput.part.26+0x276/0x7a0
[  573.495588]  __should_failslab+0x124/0x180
[  573.499828]  should_failslab+0x9/0x14
[  573.503631]  __kmalloc_track_caller+0x2c4/0x760
[  573.508304]  ? strncpy_from_user+0x510/0x510
[  573.512713]  ? strndup_user+0x77/0xd0
[  573.516513]  memdup_user+0x2c/0xa0
[  573.520054]  strndup_user+0x77/0xd0
[  573.523681]  ksys_mount+0x3c/0x140
[  573.527224]  __x64_sys_mount+0xbe/0x150
[  573.531197]  do_syscall_64+0x1b9/0x820
[  573.535082]  ? syscall_return_slowpath+0x5e0/0x5e0
[  573.540010]  ? syscall_return_slowpath+0x31d/0x5e0
[  573.544942]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  573.550046]  ? __switch_to_asm+0x34/0x70
[  573.554110]  ? __switch_to_asm+0x34/0x70
[  573.558167]  ? __switch_to_asm+0x40/0x70
[  573.562229]  ? __switch_to_asm+0x34/0x70
[  573.566287]  ? __switch_to_asm+0x34/0x70
[  573.570347]  ? __switch_to_asm+0x40/0x70
[  573.574412]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  573.579262]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  573.584449] RIP: 0033:0x45955a
[  573.587644] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  573.606546] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  573.614257] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  573.621527] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  573.628795] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  573.636064] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  573.643339] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000020
15:23:52 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x68})

15:23:52 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xfb90, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:52 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x5451, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:52 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(r0, 0x11a, 0x0, &(0x7f0000000000)={@multicast2, @multicast2, @loopback}, 0xc)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
r2 = shmget(0x2, 0x4000, 0x8, &(0x7f0000ff9000/0x4000)=nil)
shmctl$IPC_RMID(r2, 0x0)
ioctl(r1, 0x4a2, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:52 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]})

15:23:52 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:52 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xffffff8c, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  573.657983] EXT4-fs (sda1): quotafile must be on filesystem root
[  573.687407] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:52 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x401070ca, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:52 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5780, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:52 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netfilter\x00')
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000040)={0xd8, "c0cca672f098413c80a60e02a4449dfce1cd1c121c719f84aabbbd0265a411748eff45465914e53b9b9cdd15bdb227602214e46f29d03d3563771341def2975629492dd096a3db283ba747cc544842f1f9960e74b4e2980d022d2ee3c00152daa0b94595f38cc6e8c8dd477dd1807d0e12453e4979128e57ac19e32397867cdc4dafe7bb2aefae3254e3f3f2a18308b5a4dd95c0567ef580718e84ec47e07cdf0ac48e1e58b76ff8fd66afc88aef63b22805b0a5efd168ac666cb4f5ddde84e281efcfbd5c4d8a8d14e7026be364e6ae8c55cbce742fd565"})
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  573.783081] EXT4-fs (sda1): Unrecognized mount option "h" or missing value
[  573.840146] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  573.846980] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:52 executing program 0 (fault-call:0 fault-nth:33):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:52 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]})

15:23:52 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x2})

15:23:52 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf4f80000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:52 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0xc0101282, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:52 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x68, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:52 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:52 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x101000, 0x0)
ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000040)={0x0, 0x0, @ioapic})
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'yam0\x00', <r2=>0x0})
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000340)={r2, @dev={0xac, 0x14, 0x14, 0x1c}, @multicast1}, 0xc)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000180)="0a5cc80700315f85714070")
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:52 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:52 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000000)={0x6}, 0x4)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  574.071645] FAULT_INJECTION: forcing a failure.
[  574.071645] name failslab, interval 1, probability 0, space 0, times 0
[  574.082930] CPU: 1 PID: 21401 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  574.091418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  574.100762] Call Trace:
[  574.103341]  dump_stack+0x1c9/0x2b4
[  574.106958]  ? dump_stack_print_info.cold.2+0x52/0x52
[  574.112145]  ? ext4_getblk+0x10e/0x630
[  574.116024]  ? ext4_bread+0x95/0x2b0
15:23:52 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x44130000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:52 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]})

[  574.119731]  ? ext4_append+0x14e/0x370
[  574.123613]  ? ext4_mkdir+0x532/0xe60
[  574.127413]  ? do_mkdirat+0x27b/0x310
[  574.131210]  should_fail.cold.4+0xa/0x11
[  574.135256]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  574.140352]  ? kasan_check_write+0x14/0x20
[  574.144596]  ? do_raw_spin_lock+0xc1/0x200
[  574.148843]  ? trace_hardirqs_on+0x10/0x10
[  574.153086]  ? debug_check_no_obj_freed+0x30b/0x595
[  574.158116]  ? trace_hardirqs_off+0xd/0x10
[  574.162353]  ? quarantine_put+0x10d/0x1b0
[  574.166504]  ? __kasan_slab_free+0x131/0x170
[  574.170922]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  574.175765]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  574.181301]  ? ext4_ext_map_blocks+0xfb2/0x62e0
[  574.185979]  ? perf_trace_lock+0x920/0x920
[  574.190225]  __should_failslab+0x124/0x180
[  574.194463]  should_failslab+0x9/0x14
[  574.198267]  kmem_cache_alloc+0x47/0x760
[  574.202329]  ? perf_trace_lock+0x920/0x920
[  574.206567]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  574.211582]  ? ext4_es_can_be_merged+0x238/0x2a0
[  574.216340]  __es_insert_extent+0x305/0x1140
[  574.220755]  ? ext4_es_free_extent+0x820/0x820
[  574.225342]  ? lock_release+0xa30/0xa30
[  574.229319]  ? lock_acquire+0x1e4/0x540
[  574.233290]  ? ext4_map_blocks+0x480/0x1b60
[  574.237608]  ? kasan_check_write+0x14/0x20
[  574.241838]  ? do_raw_write_lock+0xbd/0x1b0
[  574.246168]  ext4_es_insert_extent+0x2ea/0x7e0
[  574.250755]  ? lock_release+0xa30/0xa30
[  574.254730]  ? ext4_es_find_delayed_extent_range+0xd80/0xd80
[  574.260524]  ? rcu_note_context_switch+0x730/0x730
[  574.265459]  ? down_write+0x8f/0x130
[  574.269168]  ? ext4_map_blocks+0x88b/0x1b60
[  574.273486]  ? down_read+0x1d0/0x1d0
[  574.277202]  ext4_map_blocks+0xb08/0x1b60
[  574.281347]  ? __save_stack_trace+0x8d/0xf0
[  574.285679]  ? ext4_issue_zeroout+0x190/0x190
[  574.290179]  ? save_stack+0x43/0xd0
[  574.293803]  ? __kasan_slab_free+0x11a/0x170
[  574.298208]  ? kasan_slab_free+0xe/0x10
[  574.302182]  ? kmem_cache_free+0x86/0x2d0
[  574.306330]  ext4_getblk+0x10e/0x630
[  574.310044]  ? ext4_iomap_begin+0x1350/0x1350
[  574.314542]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  574.320082]  ? __dquot_initialize+0x61d/0xde0
[  574.324579]  ext4_bread+0x95/0x2b0
[  574.328120]  ? ext4_getblk+0x630/0x630
[  574.332007]  ? dquot_get_next_dqblk+0x180/0x180
[  574.336677]  ? debug_check_no_obj_freed+0x30b/0x595
[  574.341693]  ? kasan_check_write+0x14/0x20
[  574.345930]  ext4_append+0x14e/0x370
[  574.349647]  ext4_mkdir+0x532/0xe60
[  574.353277]  ? ext4_init_dot_dotdot+0x510/0x510
[  574.357942]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  574.363479]  ? security_inode_permission+0xd2/0x100
[  574.368495]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  574.374029]  ? security_inode_mkdir+0xe8/0x120
[  574.378609]  vfs_mkdir+0x42e/0x6b0
[  574.382154]  do_mkdirat+0x27b/0x310
[  574.385781]  ? __ia32_sys_mknod+0xb0/0xb0
[  574.389928]  ? ksys_ioctl+0x81/0xd0
[  574.393555]  __x64_sys_mkdir+0x5c/0x80
[  574.402304]  do_syscall_64+0x1b9/0x820
[  574.406191]  ? syscall_return_slowpath+0x5e0/0x5e0
[  574.411120]  ? syscall_return_slowpath+0x31d/0x5e0
[  574.416052]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  574.421065]  ? __switch_to_asm+0x34/0x70
[  574.425122]  ? __switch_to_asm+0x34/0x70
[  574.429182]  ? __switch_to_asm+0x40/0x70
[  574.433243]  ? __switch_to_asm+0x34/0x70
[  574.437304]  ? __switch_to_asm+0x34/0x70
[  574.441365]  ? __switch_to_asm+0x40/0x70
[  574.445430]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  574.450278]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  574.455464] RIP: 0033:0x455f67
[  574.458663] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  574.477565] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  574.485273] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000455f67
[  574.492540] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200001c0
[  574.499808] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  574.507074] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014
[  574.514337] R13: 0000000000000001 R14: 00000000004c9361 R15: 0000000000000021
15:23:53 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4800000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:53 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:53 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0xfcfdffff00000000})

15:23:53 executing program 0 (fault-call:0 fault-nth:34):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]})

15:23:53 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x6b, &(0x7f0000000000), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:53 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x3000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:53 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:53 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x188)
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$TIOCLINUX5(r2, 0x541c, &(0x7f0000000040)={0x5, 0x3ff, 0x4b3, 0x8001, 0x8000})
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  574.722795] FAULT_INJECTION: forcing a failure.
[  574.722795] name failslab, interval 1, probability 0, space 0, times 0
[  574.734121] CPU: 0 PID: 21437 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  574.742611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  574.751961] Call Trace:
[  574.754578]  dump_stack+0x1c9/0x2b4
[  574.758200]  ? dump_stack_print_info.cold.2+0x52/0x52
[  574.763397]  ? __kernel_text_address+0xd/0x40
[  574.767883]  ? unwind_get_return_address+0x61/0xa0
[  574.772821]  should_fail.cold.4+0xa/0x11
[  574.776879]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  574.781975]  ? save_stack+0xa9/0xd0
[  574.785590]  ? save_stack+0x43/0xd0
[  574.789201]  ? kasan_kmalloc+0xc4/0xe0
[  574.793079]  ? __kmalloc_track_caller+0x14a/0x760
[  574.797911]  ? memdup_user+0x2c/0xa0
[  574.801609]  ? strndup_user+0x77/0xd0
[  574.805399]  ? ksys_mount+0x3c/0x140
[  574.809105]  ? do_syscall_64+0x1b9/0x820
[  574.813160]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  574.818510]  ? lock_acquire+0x1e4/0x540
[  574.822473]  ? mntput_no_expire+0x160/0xbc0
[  574.826779]  ? lock_downgrade+0x8f0/0x8f0
[  574.830916]  ? lock_release+0xa30/0xa30
[  574.835011]  ? dput.part.26+0x248/0x7a0
[  574.838977]  ? lock_acquire+0x1e4/0x540
[  574.842937]  ? fs_reclaim_acquire+0x20/0x20
[  574.847249]  ? lock_downgrade+0x8f0/0x8f0
[  574.851386]  ? check_same_owner+0x340/0x340
[  574.855695]  ? lock_release+0xa30/0xa30
[  574.859658]  ? rcu_note_context_switch+0x730/0x730
[  574.864573]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  574.869579]  __should_failslab+0x124/0x180
[  574.873807]  should_failslab+0x9/0x14
[  574.877597]  __kmalloc_track_caller+0x2c4/0x760
[  574.882257]  ? strncpy_from_user+0x510/0x510
[  574.886653]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  574.892177]  ? strndup_user+0x77/0xd0
[  574.895968]  memdup_user+0x2c/0xa0
[  574.899497]  strndup_user+0x77/0xd0
[  574.903116]  ksys_mount+0x73/0x140
[  574.906644]  __x64_sys_mount+0xbe/0x150
[  574.910610]  do_syscall_64+0x1b9/0x820
[  574.914488]  ? syscall_return_slowpath+0x5e0/0x5e0
[  574.919403]  ? syscall_return_slowpath+0x31d/0x5e0
[  574.924331]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  574.929337]  ? __switch_to_asm+0x34/0x70
[  574.933384]  ? __switch_to_asm+0x34/0x70
[  574.937431]  ? __switch_to_asm+0x40/0x70
[  574.941481]  ? __switch_to_asm+0x34/0x70
[  574.945529]  ? __switch_to_asm+0x34/0x70
[  574.949575]  ? __switch_to_asm+0x40/0x70
[  574.953625]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  574.958459]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  574.963634] RIP: 0033:0x45955a
[  574.966813] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  574.985698] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  574.993393] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  575.000646] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  575.007903] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  575.015165] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
15:23:53 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xf1080000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:53 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:53 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x1000000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:53 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]})

15:23:53 executing program 0 (fault-call:0 fault-nth:35):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  575.022422] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000022
15:23:53 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0xfffffff6})

15:23:53 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x403]})

15:23:53 executing program 4:
r0 = socket$inet(0x2b, 0x80002, 0x80000000)
sendmmsg(r0, &(0x7f0000000f80)=[{{&(0x7f0000000080)=@nfc={0x27, 0x1, 0x1, 0x7}, 0x80, &(0x7f0000000100)=[{&(0x7f0000000440)="c25aa4d47b372d57eaa1fe3dc61b4bc20c5bdfb23d93d8c434b24008f5f87478082fc4d1bae98ff9c492f76f2e45ed26c24414e9889d28d07caee14bb07f8ef9ddf278fc", 0x44}, {&(0x7f00000004c0)="9ccf12a8fa240b7d93171fd44645badd4a395d91dd97e3e543c906028ea6a6e28b0854904723bc7a196c873e188e2a068f49619b9eabf2e1c45d2736879eaa81c0d77a664c7903093803e4b213e37a4b707326c30e1c77e43597232a70b69735f6b0356f4401fc11656e430542332bde8cd8fef49010c3124f8074b394eb3998e68a787d7a081be9216e809c7779b7dce924689b6f863ccf06b629778d466e7f6962bf7e95babc3e34730b4031a6357f94f0a28c412ab91b3cb4300e", 0xbc}, {&(0x7f0000000640)="4150eff122aff7281afe79fbe010e5c670f5dc314e27ebb8b35c625ccd26e5e55151df2b21310668aa9b8281a76862b1508264a6fd871cb3e3aac59b9c771d0b15cf808c6c19c6b993cd815cc25d4e1e0bce0591f1f0978287229278d5a1285e085678206505be3d9683b889ce2b8b9ffac41e3a8b1c9754a45f831b99b934b5ec6ce9548148ef1cbd", 0x89}, {&(0x7f0000000700)="1574a9c0880b3e7f5691b82c35a56cb8fe71b14968e6dfadeed3e29ea79618145dfb30dd06404f1663ddc8293a21f20c8b7f3544e4f3bdca627d83225300e8c3c196c320cf854ed0ed9f8fa1c4dd632a43db07a032d477ae3d4e004f021753676e6013b32e5a7f3607b30d6911dfc81b50de4d4e5431cf73e6943728d3b71c08ccd2e66ebf45966c865d4034453992a9632cc5e9669813d88dc90dbe4cd95252f731bf9ebba5502a4733e19e85715108883b3f7ac3a66618277e0d449c8da8819c390ee8a4c655c1745deff49e8f2c1243b76732ca563926ef33f02e5e9ed2e4", 0xe0}], 0x4, &(0x7f0000000800)=[{0xc8, 0x156d60f198630d47, 0x0, "360bfbc1b992fd458889bde2cc828cc69a9286465fada3bc53143d660263949f9b4bf6be08eca5f245a80e92ff8cdd38b23984d8d3b7f6034630190b7fb179828ddae21b5f8ad783e8cb586bf325ebe5b43a5f94c997c46feb82062cfe1b2e1434c546eaf71e61ca5145254a54eb09a5ce15670ff6eeeb1b7d44ebd5005d1dc7e64cea8a99d1c94b63512f6b76f80e662344375e5520807a33bea871da2448ebe6079c7c7f66d2a7572c20e504d848502e5a00"}, {0x90, 0x11f, 0x8, "6ebf060c3a0eb3eac5c89c5bc4a6c513c86de6af423b57bab4bf38feb8c95db1aa95972af4b547e42354170f9d0827f3539c2da2c0326a74161ea8e1ba002fb2c5ba9aa6b7d10c3cded90eb84fb98da3291b444dc8ec2fbb6ae9366f70602e22bd7db9b88bd4a1a97fc81c276d1da8b91b570bb1c04a3aff83960e"}, {0x110, 0x111, 0x0, "5abe517f103eef10054564b046eb29d1470706e3888b7a90443755f84efe4db0dcd4d78874ed38eb1215dabb94b7a66d09d19cb7038121af118714d8c03f57d2fb2a32bfb79f04b4e0faaae6bb76d8099b7ab40d339f3230582fd0b6949a057338fe2125f4fd7849d4a9c8333fa03657f6281ac075a69c25b4599ddc31a0d61319f0be8642773aac4e834f698e22ed608c701666f72fda7c24e0f6a46017c1177fb521ebf2dd93f01ac0952f981955ddc0613ba424589a50a1466c54b93d02c5b599c03382d46b81330cf7617263753ff7e1193f1e7c5e800a5741c8e2a4deeab4e014aec9af85c317f1fc6730a5217f0d4d48fe987467ab5380615f204d21"}, {0x50, 0x108, 0x8001, "e3860ece6107e0756b24251ef2251b00061d434431b25b05e9d26614511422ca7db5a5f1baa1c5193ad9eb088cd33708d3e2a839a9ec1517649b44e1bad3e896"}, {0x48, 0x113, 0x1, "b2703121918ec2150a7092f9c0d5f3e6a8321e85e76bb7c4994e590af0f63f2a1f412212ac0e1a94bf51a06b889c1c736fab7e4b6b"}, {0xd8, 0x88, 0x1, "bfe35f3f21f9390de83b576d51b1bcdc8c5f0595fdc15b3e4cc5e092f5d62727fc103bc979f7b73d15966ac1ad0ae147407c6da9c8aaa1706bf8f8df4546eddae86c16cf87623c8766207870b04eaacbde08bbd72326cf6a0a35c85421250b9bc96e01ad3e8d75a3a7fdc8d0163554326c53af8304b47b73b5fc4df0e294555b4f8d9892afad67f2a940a87418d8ecb249fe33d641dfa8a330398791f99f8ac154bc9c84c17450ed3b335faa467566c2baa20730faf1e0c1ef39b3ea6a365017e731534515"}, {0x70, 0x110, 0x7, "549446f0604127d7f2725cf59a6441c7dbd76e33acafc91fc1af12979c0ae7c4cdc79e0c790e24c2e8d52877f80e755938d377f1cd2d5cf24ef429d422f0b77e8bc47d5ee7131f1ca41fc95e136108cc66c90f2c9236ed2c9111d3e7"}], 0x448, 0x80}, 0x25d4}, {{&(0x7f0000000580)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x3, 0x3, 0x2, 0x3, {0xa, 0x4e24, 0x3, @local, 0x2}}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000c80)="cb22f7e0d3d647f78ea601f1c8fe23a43cc053a6907870f957c4edff244b20d02df2fe12a57b5588dd24f81ac6bca5c8650cb5e76cf9f12cd0c65db4e199217086d4187145d9b4398a0342609cb371b81ee054deb894bd655a2e09b3837a5240e13d5b15d5516fbe079826007d56fc20fea744", 0x73}, {&(0x7f0000000d00)="13c779b964e3865d27dd10b5a0264dbf46b1ae3d8385c1d2949d775503523dcf00fea7b3a7994d462d96cb7e6221e4238cbdd31858aba116f3513684e017c0f3ccb43d35ae8079a2e131ae905b58d437fcb20efc2eb17aa2a5f02b602df1ba4a0a1d168e3e0c3592b8b87f3c1d20545ed348944d3b3184ce798adc48c0c72164fdfbc4567c9fc8bc571799e26df5608bb8fdf170c8a3df", 0x97}, {&(0x7f0000000dc0)="426938acb5ecb6fafe4307c96f7be97f3b383ba78100b072bfb175c46eb6aac6bc8bc825d2445992553df4f4f47f7c03440be9de7d653616c4d0348b9d80dbb0042ba64f29399751757da78cb080ed115719b6e7b16b13", 0x57}, {&(0x7f0000000e40)="29b90ab10d68feee073c2f2d3daa2aacbf4ba02ad6aee448a561a61c5d8684c51078ed3b256506cb0e493d321fec4a07056bda0746362381d8aab4ad99b236c3b949bbd7943e26ee8604314c8b1a73a4a4056b9ec1b9b0e32b192a97b51d4860fa2e95efa75095548ea42bbf999c13d32042a9dd7b99645503c3fc37d87f18d2bc23084d31f87b8ee1f6352b95ae97a7c0851a698e771d6db3b06bb17ea0f0c278233e8fbee46077e1f8f5cffe2cf1820c1e03fe910c8a691550030180e0ae471a3d904e0d9e", 0xc6}], 0x4, &(0x7f0000000f40), 0x0, 0x8000}, 0x4}], 0x2, 0x1)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = dup3(r0, r0, 0x80000)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x3e2, 0x4d, 0x2}, 0x7)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r2 = socket$inet6(0xa, 0x1000000000002, 0xfffffffffffffffd)
ioctl(r2, 0x8912, &(0x7f0000000300)="000000d70000000d71407074a72737b79200cb00100000002c46e3649b9c17d7471d000000eedea2617aa8bc2e3a141240e5459467ae700dd979238747d4fb137ddb084cc928168185ead7c7a66ef60320ffad8cda59d92a98f34c01507323198f0284f9778d18079c5dfd5328a2a68a0d2f5f33ed7eeb64cfb775c5f927c31ed43876c4714f3c6626c2415f3863dfbf63c29c9ad6bb556ee484c351a4818bc2c6cc5b94e29f7ed1f3b411963f6266e9d6f11dbb013f09a2eb7a2780c19b62ef5837bd18d0c934b230bb278d62000000000000219b79a503f63d49b9759546ff9fd24604248911541d3caf82c8060d81a308012c31f59d5d41e2c438e7537e120bff50178189006d94fe96ba3ec6e82b69afc66dcc96550265627d60bbdb997aa13028640db2958ab7e16c2d93b9f51ff5fa2611")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x98000, 0x0)

15:23:53 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xd0cf0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:53 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x3000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  575.234584] FAULT_INJECTION: forcing a failure.
[  575.234584] name failslab, interval 1, probability 0, space 0, times 0
[  575.245848] CPU: 1 PID: 21471 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  575.254340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  575.263693] Call Trace:
[  575.266290]  dump_stack+0x1c9/0x2b4
[  575.269930]  ? dump_stack_print_info.cold.2+0x52/0x52
[  575.275127]  ? filename_lookup+0x397/0x510
[  575.279372]  ? user_path_at_empty+0x40/0x50
15:23:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

15:23:53 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:53 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
creat(&(0x7f00000005c0)='./file0\x00', 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x27, &(0x7f0000000000)={@empty, @remote, @broadcast}, 0x1a1)
r1 = socket$inet6(0xa, 0x1000000000002, 0x41ff)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r2 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x6, 0x1)
accept$inet(r0, &(0x7f0000000100)={0x2, 0x0, @rand_addr}, &(0x7f0000000140)=0x10)
ioctl$RTC_UIE_ON(r2, 0x7003)
recvmsg(r0, &(0x7f0000000540)={&(0x7f0000000300)=@hci={0x1f, <r3=>0x0}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000380)=""/206, 0xce}, {&(0x7f0000000480)=""/165, 0xa5}], 0x2, &(0x7f0000000640)=""/203, 0xcb, 0x4}, 0x40)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000580)={r3, @empty, @dev={0xac, 0x14, 0x14, 0xf}}, 0xc)

[  575.283712]  ? do_mount+0x17f/0x1e20
[  575.287432]  ? ksys_mount+0x12d/0x140
[  575.291239]  ? do_syscall_64+0x1b9/0x820
[  575.295312]  should_fail.cold.4+0xa/0x11
[  575.299383]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  575.304487]  ? kasan_check_write+0x14/0x20
[  575.308726]  ? do_raw_spin_lock+0xc1/0x200
[  575.312971]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  575.318080]  ? debug_check_no_obj_freed+0x30b/0x595
[  575.323110]  ? trace_hardirqs_off+0xd/0x10
[  575.327350]  ? quarantine_put+0x10d/0x1b0
15:23:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})

15:23:53 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[  575.331508]  ? lock_acquire+0x1e4/0x540
[  575.335488]  ? fs_reclaim_acquire+0x20/0x20
[  575.340341]  ? lock_downgrade+0x8f0/0x8f0
[  575.344497]  ? check_same_owner+0x340/0x340
[  575.348822]  ? lock_downgrade+0x8f0/0x8f0
[  575.352970]  ? rcu_note_context_switch+0x730/0x730
[  575.357909]  __should_failslab+0x124/0x180
[  575.362154]  should_failslab+0x9/0x14
[  575.365964]  kmem_cache_alloc_trace+0x2cb/0x780
[  575.370640]  ? kasan_check_write+0x14/0x20
[  575.374881]  ? do_raw_read_unlock+0x3f/0x60
[  575.379213]  vfs_new_fs_context+0x5a/0x6d0
15:23:53 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]})

[  575.383458]  do_mount+0x605/0x1e20
[  575.387005]  ? check_same_owner+0x340/0x340
[  575.391337]  ? lock_release+0xa30/0xa30
[  575.395324]  ? copy_mount_string+0x40/0x40
[  575.399565]  ? kasan_kmalloc+0xc4/0xe0
[  575.403455]  ? kmem_cache_alloc_trace+0x318/0x780
[  575.408302]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  575.413854]  ? _copy_from_user+0xdf/0x150
[  575.418017]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  575.423569]  ? copy_mount_options+0x285/0x380
[  575.428070]  ksys_mount+0x12d/0x140
[  575.431708]  __x64_sys_mount+0xbe/0x150
[  575.435685]  do_syscall_64+0x1b9/0x820
[  575.439577]  ? finish_task_switch+0x1d3/0x870
[  575.444077]  ? syscall_return_slowpath+0x5e0/0x5e0
[  575.449010]  ? syscall_return_slowpath+0x31d/0x5e0
[  575.453948]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  575.458969]  ? __switch_to_asm+0x34/0x70
[  575.463036]  ? __switch_to_asm+0x34/0x70
[  575.467099]  ? __switch_to_asm+0x40/0x70
[  575.471167]  ? __switch_to_asm+0x34/0x70
[  575.475232]  ? __switch_to_asm+0x40/0x70
[  575.479299]  ? __switch_to_asm+0x34/0x70
15:23:53 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0xfffffffffffffffe, &(0x7f0000000180)=[{&(0x7f0000000300)=""/80}, {&(0x7f0000000100)=""/6}, {&(0x7f0000000380)=""/223}], 0x187, &(0x7f0000000000)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
[  575.483368]  ? __switch_to_asm+0x40/0x70
[  575.487440]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  575.492292]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  575.492980] FAT-fs (loop4): bogus logical sector size 25731
[  575.497477] RIP: 0033:0x45955a
[  575.497493] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  575.497501] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x5, 0x6, &(0x7f0000001800)=[{&(0x7f0000000480)="594ac5e1c55728a6d60f5cc80d1e6a61b6c813264562cf8c1f5eb997c875245cee3e637369a1c78cc889594332838c984f82f5bcf0c5615d7c0389e6f60e224fce932368f8ba49f13b5b0a3eb4a2357ce25d5db49c15159741cc7f9c660e3da87dd8c337f4d65f968c2f7dc49f1b49e42274557ccdc2b21da10c9b46c96f1e2a1fb92d28b552c092876a6aa772f39a55299961d75afc98a300f19df14c89497d4c68021aff605c3388efbb5eb48ef53a069a3781539a3def4762eb65c9e7532debac0ea0d2910f8560b4aeed3d9d3709403c5195ba", 0x1fc, 0x1f}, {&(0x7f0000000640)="c710702bb6f3753065f36d1c2b7d49ecab4f5c8e174a08c7f4a4b333fde9651ace004227184a16058c0079c67a1b3d645cbae8dea67bbd5c54381edc01a40b5fb5dff07c1f578a43b3167ff8d1dd59878bee479a7efd47d3e082bf8197888534b490aa9c4e1401465adbb1617d836a943d285fe01ca1c210627237f9a595e014c81ecd0b3a2936a7e074ac2e7397f9fb6c80db4334ea4c659e30f38f43a9035fc7a228fbe50ed874f29200bad008ab24127442d29e31ab396be69a9c15ac4e2c791189", 0xc3, 0xe6}, {&(0x7f0000000740)="df42c556f100122dc10759946dac0e0f4a167812d66524cc0fa8b7f508caed2051f6dae5064c7a5cda26500848ae31c884f41adc5dd9bc1f5daf976026211dd8ab85b280bff5734e9c97d10a2b0146c6ccf35b462eaec5ae6daa6419376dffd47eab7cc9b3dcdfa40992c85a4de037078e0081f4bb24e11fa6343ad94ca3617b36f651c777cb74f722389fd85396a5aa4824", 0x92, 0x9b}, {&(0x7f0000001a40)="b09d5de2e8bf104b9e83643433cb7a19ef4bfefc231df31fc90d68591381a9a5fd661938094846566da2ff7f2ad5951e606f98766d940be70b606f20c96f1aa7a854ee2d2bf87de886db87ec60f1aaf1a2ff", 0x52, 0x2}, {&(0x7f0000000800)="b7ffb9476242d5f6062a66835d22f6a75461f062f5f3e65ae70ccf75c0585e5ede2c642ea89005843f4e6bcd429a3ec7db172e1f4a4741652484b7bbe78e2ced3da45424769a15074f055b0941b933ef9b8dcff82ee5b8be87f15cbec41dca4877ff090972c0b69fb1d16a8834ceb688510fd424e8cb49a52bb7b4745d4636691145b10709cb5017329aeb5d6698bc3deebe92f32e225bf8c9f42661ee9f0bda2b148f883ba0ae15adcf3d4704c1d6c56e61d3fd11112c355a789202961bbcf9b1b85164765ae4c430f4d7ff75ea980e5c2e692341f12825635abb5257e54aeb61cd58de70a6f5eca9a322aff66665e84192eb5d6863ed17ef7c3570ecac90056dbb901896fc40bef2e9597987b08b87ae4b3de1a6425e76b9178cd8ba57c78c8768290f2f002d10908fed4422efccf658da99e50aecc5f0d1a4ed9cc0d1dee8cb3aded047452d503e997649bca15f359862b6c866493847b3897141a3decedf3dc806e0812b182878e71a7451a360909f69ff1c3633c80f341f7d79977fe42e9a2875f9f1f774009a3481a195af3d104f18922c63e4f2a0207a491d26ea8cd61a4b974e128bd2f358ef1544399a25be5aea0903d6d8377f1fd9d1840dd0b5310b9c1098ab7fbb914f92e591d615c739c36495310980ecac1f7ed50f0604eb190318524b42e82662feaffd1ccd8edb9cb3d998ccd692de94c5fc3ac7593e8ada10ef486e7353b59eb54d5f1e30fcf82e89d2f0c3e310152f0af1e57d977ad0559516a4516350e75cddd350952101ad342f87e853e5c51f8d7f29055ad82dd7d756c7fa625425936d44bfd118943db965c453273fc2f236cf4fdc6fc658c0e5163551a9180b3c403f71190cce639a8522412e2afcd468850034485ddbcdb0023fbc0398a8ac3cb8075e9fecc014d546c046c847bf40325d998552ef692fc29c7ab5a33c08c679eb42a67b838ad659d92764e944c634cb4a59e4b5aeda6204e39dbe64f37cc38c78e9518a610553c3580741e0c0f864f524e748030742d80c7ed97e746b9ffd5a971f470adb3ba7c242d9d7960b816e9ee0ef572510ecbbd96806b04261d46d84a78c6303443f892f03f83ce3ec5980a0891017474ff53aedf6a9e7db37671ec8d54624e1f15b672f892c83ff39e6438b754bb69925a77b6ced0f02876558fadab2c831a1d8fbc03d15186a412463c6423c82ea7a30bec524432720546bbd3b02b029b8a955f677e348946272334f5a69b3fa56fef2c7252b270d8b6a3d59fc0178158f218c7fca9aa65a1956e8a394722c89ac4b3bac92f2be11fa24998e046d839b32fc9bac0a8ff834dc6c6ca352ffc19fcb17bd2769a53916ef6bcac6f14df3c240ff2aff7dc2948206bd802ab08b9cac09ce04f88438f2f32fb6d9b1f0d8f5be1ccaa49df2151dcef110a0cf83effab89a9128022633995c256ee41e0c409139df6d694a87e198c3f0ba4537aca503c765348851103f610f954d7b98d83c31d9a3fcd8260a0126ba0d7d0c40e70a74f5c4f9f1f76052488d45d64b7bcf69ee74fbb4b5f3365608a0e89a543bead86f77c56c69323a4b182507b2b098b67ce1f1cf499861bbbd53ccfa11184fce5031ba1b9e26ec714739deaa06c397a042c690cda79413c9d35f569473be221e1b8ff83e957c65ada172fc2114b93dc827e071497d64d0ea4c58826422645b803b3dd377a1c2f36df0a62d86858478df933e33b9d7e521c2eec87a441a679e2e764d280b9edaf7af7f0151859f652d666893fb4cf58f18cecbf838bc77751ae44e717b100b34d45f8e8fd3722e1967486f32a1341d1bfe5bff5bfd46693519e9579975ee8d47cb4e6a7e5627e43609c4248f5552c73adb156946a2f05646df8dfc237adcaa3fb03389dba52e791c0a9a7f2abcffa03499baa22b1f235157b919b059459a0ca171cc9f5db8e34a6ec1c09265d37b09abf3623d445509f40b3138408cf8391f3ed24eb2663ba831783617a497569c0cf98e1bfa74bcdde3ed0623168e7c29f34e0f7fb6e261ddfacbb8fdd1e4c19917913da3c2badc3e46777f7f05aacaeb793c29f52e7479d6d0e09f5e3164f57ccc983ad7b585089fbad5dfe2928d9531ab9f0b4ce9fb53e5827364a0a78cdd49981ea59155d91ba86e42fa9f92f23f4687a2210b8cddf35d55067a8867e9a477acb83f6457c26c3fded16c66090efdb8f14585a495164b69112f2666dd1ada75198cc58ee3ec8514a80ee69561d1982356c0bf13085c7659ca0737b883ba3f45814731c65157ccb6cf489ffa9538c44d27a25acd53ff518e086f64f9abe938b30356285264624e7229811b67c459ca07035bbc32c34dd9a2848ce46d691930f4114649d4756c74b8b5725f418c995b4f8e035ae16487b992285fbc70118b8931dfe685668757cbfc3236b6916c48a92d0349cb89bbe8c18feede2efb60f67a1384dbf7e649fa6e8aef20aff090ec7f94a3b9098211932f0f63517622a8235a3cc6bf68deac3f90c7a3a592802f9fca72c6fdcb470352fb3061ab0a227f043bbdaa588d6e630f4215c1b186b5c53b60463aa0252f0a8449f2c457b1ffa53cc8d59e1307736c105b65d0b05e9cb305257850103b449035722479d5754f285c1d8eb36f8e8b0b4018edcee4ec852afecb4b7956a7bf5624c9fbcf37910e2c366ce26926fe5a285146bac32159bb9220d8c6facfa592d1bb8a32a9324640f619ab9242de712579663e30e96419e090e3f6da34c279d2af1b9bedd4bf0cdf6b4899fc8427bdfd0c84aa0beae2796cc9572595d250b324c3403b156af3f648f63fc4b3d9f6ac09cd11f1b69b20166e8858309951562aaa4c84a3a00225385387e6898c8d32d503f7cd7113fc69748cb0244d4d8bd53f1fc10e1d8a935ca26364f139e20404a08e01e09041a7e02b10cc49efb5f9d44dbbe2dde612f56010b819bab82dde7478dbb5132303c8a339448c3b6e7474a95ff16fbff5ded935500628914fbd96f5a2911eacdde1667475074168a3a530d57a1b68fe9d6ef3486c546ecf757803b8bafe82c263a8cc3c9d9b1d29ef5e27eeca947173ba57eae98736d56c96f153bf5d897f56cf324190c7a8118e3d025202f17981efbf0837201c9c9bd02977226689ca2a7cd16a3674b9a2172f95c19fdef411fc5d12b27a4edb2456020a28ecfba3188711b36497865abaa2c147c70e95296f56a7b476427f8d8088b84d41df9b2b9f16c03d58126266c4ede235178fe813398bb0609a73b9d9861839562c34103cc7778c0a4fc149ed0eac0e1f3d2ccf8d5c77c3707f20d6dc8c07465d7390f1ba96b65167d532a450a0a5994e5be6e8f7896ee42287553ec6e167e7773433dd880b31008699836cb580a6f30415ba623da6e319dc3e8d7196f40b7d254efdbd43de2aaa135f207afe328fce15af1829e8c583ccb428ff7d3b43d8e5ff8d712f6136a4ccd98b0849863b3cfbe5e6028f04eebef27a4908b6dff0042e1cf071e18dfdb99add8eed24a5479b671ba2cec926dfeff377a1a1c882e5d98311fee79e391d634318d6d3d40a6d452ec805f8928e74d311445c96ddc650d34e5389a67fbba2d695d79dda5b5f1d647e938204596ddbbbb1ae11171e41d20d87dfba3f4de520bd36bb4b7cec26a3dd3dcf287ce735ff07b2a27543b792e34d71c1f834d8d85b6e68790b9f364564e537e0afcaba9b071a59f16afa6bf8d7872e25dc8ebbecee57e0f81ff0cacb7606b435030a73fc49194e8a19f625d01a71e0d5081a5bf03f87745b841fb881623efb321e224a7926bb10bc09bf303318ec47fbf42491049dd8a7cf7ccb38c2c77e47597337d020d1f69aaab3c0584fafcc8bb87bdca420229a9bd3e1bd7dbe2158a8d44dc5ecfcf5fb5709d1d65a78131610df1f5a88c8a8a1539c44dd3f64a00fc8e139ecb232aa911d9b02c05b0adfdadb201cc4551b0dcaa24485ec5e86d8df1050a58c98f83d91959d0fbef7f8fbee8df6b6e88e2397588c1ce586d0c15802a2487e98335fe27ed0e8369a57117ca5e866bb231f00bc11bb1639fb9d7234a49439cf8e5d482f0322dfbc8a2cb7cd1d3279c04af55ab1c857b103cc612fe5babd46b5c4a1f5779eb87a6bd9ca50e3b05ce06914463a73d6239e4c63e3337c28901e02d7a7b76702f7f37b5afb4588a99b6fc310dde02f7723e6efad10d1d8b13ba3e2dd1b1a7282fa2e25bb921a29aef57b8d51bfdc52d17c342e1f75d9f6a2d1a173de194b043c76da60525372ca9f7df7d10b09cb279f0fb7294bd58c08e22cc0f849424d4b75567b9bc219823c860e5653684ee9d7776aa9a34c479646dbbfc222abc843da0044eb4c3bcc4e8a07fb00c2861995b2d76f238a34633e9462092fc4800e6d138bcf2ebead09b69adc13a1301cd150c22596a7bc0aa4c557ab6eed5e4eb194d3cd5517ad17c2ee4582f81edf4e4a001ec4dbc0b918ea4a1b4cb1b47e19b7d015637669c8220d343d6c99778503aac1b2ae5a03f658ff6d2e217f845d51494642257999e103f5c781eeea8952dab00325d07c0393b29f602abf894a397dabe4fb88688de15aa5e85807d718319dc90972537a1a1eef860820dee4f886004d09f5a05c962a53ef904ad678d9bbcece58d27898faf919d4b6b1c5d29c1a1b842f87385c18765a7fed7850de20e4894de026f244d347d484e00083e0828d238920df71221d6afc9bf663d2933b9ec7ccebde76d325a8c9f9eea633db48c6af830f9109e140fae5ac7755a442298a4d48b70e6627140bfd11a9c562bd4c8ee34e7ce1e0c199681815849f32cb8bb1b469bf5e7612da040b9d9acd56d39daa78478791b361eb7eb111e638a942679c0c3d4f28a27f5cef99e36636dfb51710b9638c408396919d4d6a7c1317873ba87d510557fd3cb3947f762a6c1527b918b022df0648af388ec06a6d7e5c394a952fd85dac53396c59438a8ba2154d8dddd39241a82acde6f3e9406ab87cbf4d0ccc3bc1e0193fa8fa0e876cb8dbf57ab16386365bca6c1455f55e5d5f4c3595adf7fcb3a7aa1e4cc6872b589fb4f3c0fdffa4c06221216a8ed9eead8ff6ff6ed34dffdbf15ca6503ce0d5919934740719b712d12854503478fc3bc48d242aac53d07aaaafa1c00b8ccf71b55981653a72cd9b942c65e1c3d624804e30d3b911b5ddcc26f34c8a64e5afae5c5f5ff4ed367af844bfa3615e16d15928a1c9579524c40ef95e00d7ec1fe2f0a54942d807e8ab7950daf8d03e09f84f7e424a81e533e20a25b2d62b539c4212c1278204e6895a1125d3ac15e9ca576dbbac6434070862b041a3e1086951790a85b92f11b7634c00edc023bd028e6777c7f83b8dd291879545ef022ec33ef3576f8b37011c9f56137de75ab220acefd5095aa26447556166ac07d8cd00c7f455881de9976e1359dcf83b1037ffa66c6f845f77cc255ec7081713dc3b405915e10e8c73ef856e2157f57c4ef2d0a42c702068110d2fd5e810e54ac14f494d4cb2ec895fc145c8d7ff01e20bba37650bbcea0537a249c4c0adc187713828975b0581d1105646343ffdab98156af46181a6112ef39a93b40366d6ba93c90a2710bf005c7d111d45a7d4a0034041d1d1cc59454a8b6c6354316388b6020ddc3b1ba215e000960fc8825eec067470936bb1c6b2f3f20db69af319709be5871af468f13b118002de7f50e942f405cc871b625f432efb97aec3a19c298f407fad9c72ceada7ae539d8cf414d5c98694cc11a86f6b861373a99af15c6a7b240d479f2219421e825c7df877406df4b7115b", 0x1000, 0x400}, {&(0x7f0000001b00)="9eebb6894b757c904231f8119aac04a9f8f108b042e0c22f299a809a8b4bc1fc51aae3380ebbf6ecde2c9828fb5d8cbe925b1f6bafb6d5a43eacaa1239bef56e3cc48ba7ab015780be91635b9ef8f8a049688010e2a8dbc70186099577d07e2994341bee073e65a6d436133f45a2fab44ac6d48f2b0ac7410763d44d25872965edc0528341c44bcda14381b3c7afc5df30efc58fed98c5e401bc69d2e99a114ced95a8513890d856431a0e2611e8e044319337d913fc449eeb4e919304681626a38e494843ccf2ec690b07a88507037f593cf177215f7e89a5ecf010f72994867f961ac7acf4d9300e236996ed8af9fc03ac162f17900dd89e0ddec6a7528965dfa8b8e44efd2162d4cbb61b03f60d97799ed977ac09780af8baf9f04d287f96318e37f7b370a4012281090bd18c6761526427ca92c1dca3dcb435f3cb60a5e120f90827447cb79c999434c7fcd12d08c719bcc7b7e300feed2e16c3d26b1e5667518093ed1ee835dde39595096756ed4aeb29983cfa0f0ad344567c5053d2cf9d5bac1e507a54148eb9505eace7ccf13dedc1358efcfbb1d85d2d86eb69f88a9fdeb14d0126c05d3f063e3be23fe0468cea404167a2853ad8e92b3d19ac7b94479769f16cdc076baeab4fed1016865bce772e4c88849dc4b8c3515133f16a57b0bcc4a8792f3cbaa44801d1118e395c09de82213b1d8745e1d5d65d89fb4194ef1c1cb1159faa02409049ef46a93108b6c9ebade91b843dc4340ee5179aa4d03816c769b82cb6147cc668a19ea0c50b8b4563007d473db5aa92ec8f1f45350252aecfa3eea0087bc6f6f7537528dd9d586166fcdf55d877cdfb68191d30fecbf47ea2083c33744330e53fb170d71416476f02c274b04d12cf5e7d20e0ca63a8972d24385333e7ee366c6d52dadc12652bbdc75bd5261f93c038cc8a1da25509b6c8956d36e57dba423cb9cb7fe30941f31fee93f6dceec2e3489cb50c6168747aa7d9487fcd495970eb2871e01461c65b1b2794fc331e0ecf83f975753a7b741b21fa7010d4513f0739761800f9d09b47764cb1403f133d770e1aeb6b22db26f2b22fbab21473cb5feffce846693f722727f630ae593d9651d2234e585cd0d597ff122e79dc07ee48cbdc93ec1a19fe0c2a8de9c936b55c006dd760ca322745a1a60c0ff457784cd91328da1a194139ae68dee733fc78a789a4bc9ea6fe8ebd461145b5f900b8ad4384166b102bc77769cef64e11b53e6cfd29d68dd9ef6d46a57e66b63218b16f93d96a4fac482bb60dbff8b6f92fd7c4a26b5f39b27fbe325f33e40bd88cc2b827f500c85b4aaa1d22738f4c5137e46ae959ff8b369d39709373b3dbb2df12cca678dea51d624eb360a43f15438ed71c9ec76779c4b2e3fe22073a770f5048adc820e1a65c412cb862dd56896c0c852a9c34bf6182f9837079f8c34dd8019c5244b54afd2a4b69671032f3975d374e4bb48b2c1694c2fe870a9118620db6c5ec42a1c03465dfb79f4dc54c9bb217a0bfb19a1d10855772cabbd1d3071805f15aa4023ee8ef038f302324c7482d7c9d5a22af71b2d55bad3155cb1af486defeb937d3940347d807448732bf2fd17e3d7ce151692d05b4fb008d3137ae7bc7c9bb3365ca742d9efbf98b087fe4fe70cd5b0180688994e24a7e64dc62e75602ab9dba99bfd561901d1693c530c361b00490b3900f1df85a169f9cc47bcc80c57b1450280a6f634bb481df9635278bfff1e22a2398be70800ae6e185dd93492a7c0d880c1a4156d6180fbbe9630f9e2ee409e594abfe48b24ae281f74b8d6fe9c7c76655003e458b3b768f678cba2ac6c37f9be06b565e93c0e40ee97b7364a691bf37dcfc0c2af6895aa3312615962cc4956f3b17356ee153d3c048365d6f0456a7f928b31d0a56f2b940078313462b426869bfeda90bca2981e353de7a5ca048fd491e97b71c15cdd5584cfbc94ec374508b5b21ed5f18ae9f449960390bd86c8648bde556471fb3082b1b1a00e43023c9280bc695a754e39d9f9818743b76bca66f2a5a82a2d61bf9e643c396e3cfa93541773766d4ef4e6428d87a2ac4195e4715cafb1f49c0d1806d92138d81bf32793d26b6e35fd1915900464c67403d6f85bb947345079c3717a6d93bd7c320ee1f78e845cdc114087743a0f43b9c61e70cfee65d0649f3d06d5510449cc55354b02166e136dc7ffcceea43433e993d9369f8798588b9ad4721894effbe013bc330879f56c0bf0ef4ab62dda93566ded98db651e174779a99b6b017d1a36af42ef3dbb88a35178ec66bb203555b14e27e861db3bd17f574323ab4d6ea3cb2aaecfc8876352c7a1b9dd86771ae097f13b0b7f24b9086cc17b7fb6490341350ab981e2165ce6baeb9e96edafe223206d58bc8cc66f3b598378507c167e145f0d8d0de56e1dd30de500871c501374974e288e108d67a7f3edb34d596e7084ca801953f987ff700d444c15fb1a5408e544b7a65df089be3815bca1d617f2b4ad80d997005241d0827521a9cf409c092d96fbea9b838bda65ddf2b9b3d736455eca0f19a9c0e0355615f926c31d1dcc5614068a4d92bd645829000dc651f6acf3e8b1fbd8d9138f609c49428a666e149e97e494c3ca1e1ac97d71eb094c5ec48644ae8bf2161502a26c17d1baefca4408d31bc9549dbf7cfc1520456d33fbe8022d8621967880a1cabb559402430494ee2446a23d985835f22037540098d86443544a920f30981ff6720ea78439beea318a7539246d483d8c1a07329765d12695e483ef587b90fff7fc2b9685aa0e13de639d51afdee98fa46ab2660bdc0ca850de932133d29c3d997ec7a786ef72013241588defc7ed53f20874ded7bcba624bf7815a370a59d423765f869b67af366c094b4089b5fa7c0de434c01dfb89fa46183a4ff20f09e9196ab435474b89e286e4ae80765972d4d1632df00fe445e5e8493b9a6ca8f0e351614ea0123b187ab0dad10da5201d63f9240dc3a02e23da469d79dc235816fa2c19f4f6151890188a94b56e6a57e68991df72ed22bf2986994e1e2ddfb2b12d34ebe21ef99177e57bdb5425a93ed11c4c9f2d7e28f23ee4b8aa674f1c32f46436d17aed81eb3c3ec230ed15f71d57df89a01d79b8f143e5897479b2e4bd00a9a66880c252dccb9274cdccf5ba844d10474b1fc6e3f45dc93e8d2355e91321a1315e3838dd26bca4999bea1255fcdb090f04fe8df09a20b71bfbd34a943cae983f809f627eb9efdacfa4a40e109645a367abd6dbad197bfe43f90720aea79908510e6b4110217021386ea65acd69a70dd6dcb81da3b7d04462a048981865c980291d89290a63ed3b3a9fff998ae65729090e1324b804efb5fb8a61e16ff6f09fe91acdcd143c3751714278156faf228cc81ec3b8cd5b5deee299be6f3f5a9d4c9f8b06360a308b8faaafc86bb08d17095644f9a860e04e7bce2dc73d0ebcbe31a895d1b7e48716cd7c9d3f2b193a4dcdd1b8bc8429d0bfb27370bcdf2c0c2ffa4ba171c85973355cb8a54dce50a42a0cced6bdee065eb4cdb00aef537e4b3607cbacdf2219e8894bfd752f60ee314913d168b238d1b59b0ff8d43de942ee1cc17b0dbc72b7af7462319124f7a7ec7a3ab246c326d84fe075cf5393fc89a1964daf83425c75ab2d5a51d15aa70f88373d631364771d2cc9c10fdb9fea2d6997308cae843efd15c90285cb2e286ff5b9cb889dfc50e5c4c63922bbea26a3d4ca8aaf6894be9c673b4bcf36dafba76a630e741ddaebc89e268d69bb827a1479884bf78c540b04473dd4d3911a24b8b22f6ebfcd8b162a402673c8d63a2504b170787a94e51bd3895aff469f2b7c5d1c20a765b66971e608616d6af6795273302479d7d6aed1acb9f93a4738ef27371285b1d9be8ea48782f9deaac6c31d8101c16ef8a0f5a78f7e342099142098824f5782a6f92af82448cd31e654c44b93e2a58ff55c5634241df46d30d5ea25069abd9661988765640b950de6bb5419a4b88620933309160393e255438c495e80d6b1ed88bf5a2640d3746be7852733ca2139688b9b5c41add9c1636ce9ede5d6f872a6458b2c84c91ddce50e6905c2651e8df94c28006b0ac5af85edd6c9facce9882236763431c818657f44d66789933062b41cef6eeb0d38bf6eec10065fe3bb775f28af99f7c2d48ba0752c39228a8242488c38e6957a177b5103c86fc51b6bda79868dc9ad10b34f4689b8808b635dac09c223737dbe1d59d2afe30be901a5bcfc98ab8f7c3cfaa8dbd405981e71c46f254cdff498e50302947e632283aaa81b27b3f2495687ddf9f25e50513f554081001888b10f8f3b1649df258fdd85e1a07738b1e07014d3d077ddedb516312694f937e350d0d8a9684da32479a4bddeb554f741211f64b851925032efc799c6ee8d9a67e1640eda1f61e106f6157513450ac13dd43e0738e9ba479ac320d3e3c9edb3f1fde4343d701e862360bdaeef4930400f5ed8bafb3b6ed981c353ac633727b578d2b9ece562c7409f8d6701ca6dc5c781667c07d709bf3a8bfa23c97afc03fdbcde971d9be7116ba3549928444ddae67889cc5a3050ae0cfdef03a9d5f689d21b3c56044c0f0e8d54a427e5c65c2027ad1f4c0bd49ac38e226d205289f1b488ecb693b36adf8c6cee2a40d0a1231ee2d7e62ee90b86db7ab89837351b2085cc990e2cefe2cd309179dcae4b75e7e6b6720a9717e09881305878030daa5b884de7838d3a0e1e27a0cd04ec38c6e86eb7c687e853d278031476420aa68f4dadf5ece8b08da8e8eab680cb7206f1499576c56005bcdc1c05c6a55289f81a933a671771f84bfba61a9031cfd9cb818a3b863b6761efc94b56c9da4d1566350fdc734925527c9d407eeb22d0542a5e40cfe71f9f238d51514a4c77d347984b22f96113c30455d93a66991871c12c3c21418f2a31a7b4ea80e58a7165c9b7a63d99f2f6e3948209b64e74d6f8bbfd22082d00165cf46e79cb53e4f4de4758588a790f86881c74cb3386d3948240ebd9e92a5422e489784f1b54b89610a4c312f9af57c96d5036645c8a93ea8db3a31f94a70386461ed02f3956e91205300bf78fba1a39efb8a461c338644c3189b8caa6f433dd63b087e2d9e22d38eb86b097ec354eac5f7ceb5676f67646f9ecb2c1a6f1904f43708e779b374b07c020b287f1621e27c4ef30d325eb2b5682d87ba891dbfc479786cc2c63840855480100608ab22ed70c301b5816ee8b438efaf41b8a072da4589a1ace3fa0b1caea6a2b18ebeb27c873adfdacc33251328d585add55f4373541da4d3f9382016c4945b4f629d5438d0e75e534f91718eb2f14a900e67da941dfae8fcd689fc0482a951f2459bd95d2c039e9d1311bf3625be011c61e41fa66029fe37e8a7e12cdb84bcbd7dde6d732ba02255f5087080d3f38e910edd027e195c7909702698872fe2789999966b24fec5a6aef3db6ab9d39fb066817a7572975fb9d4f35515ad16c9413aa8f2fe0fa71172b577f36d04779bc27d3b6cf0d24db38787231e1af0e7e2f07d347639a9e6c23534bb83cb117b61b969a6eb7e418bedcdfd9545643a3599082d730dfc37fd4d184da4404411d4170c7e8cf4278b6bf6012935b2b54cd4e358a31c98ff40654e63303b8e6317d3cf15b74ae52a097de307a09a299e7b3cc8572ee17bd1ba93d9dc5e35a23b3c14614d73f31a000aaeefe4f209bb2f156008549a8ed69c6cea44c4bd04c53c290ac44e36fe430dd34f65d9b4b2b8d83d6a9f42b44bf7f65cd7a687", 0x1000, 0x39}], 0x200000, &(0x7f00000019c0)={[{@fat=@sys_immutable='sys_immutable'}, {@dots='dots'}, {@fat=@usefree='usefree'}, {@nodots='nodots'}, {@fat=@fmask={'fmask'}}, {@nodots='nodots'}, {@dots='dots'}, {@nodots='nodots'}]})

[  575.497516] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  575.497524] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  575.497532] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  575.497539] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  575.497552] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000023
[  575.503271] FAT-fs (loop4): Can't find a valid FAT filesystem
15:23:54 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x403]})

15:23:54 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:54 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x20990000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:54 executing program 0 (fault-call:0 fault-nth:36):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:54 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x2000000000000000})

[  575.661130] FAULT_INJECTION: forcing a failure.
[  575.661130] name failslab, interval 1, probability 0, space 0, times 0
[  575.672412] CPU: 1 PID: 21523 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  575.680915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  575.690272] Call Trace:
[  575.692862]  dump_stack+0x1c9/0x2b4
[  575.696497]  ? dump_stack_print_info.cold.2+0x52/0x52
[  575.701703]  ? __kernel_text_address+0xd/0x40
[  575.706190]  ? unwind_get_return_address+0x61/0xa0
[  575.711120]  should_fail.cold.4+0xa/0x11
[  575.715183]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  575.720295]  ? save_stack+0xa9/0xd0
[  575.723924]  ? kasan_kmalloc+0xc4/0xe0
[  575.727814]  ? __kmalloc_track_caller+0x14a/0x760
[  575.732657]  ? memdup_user+0x2c/0xa0
[  575.736448]  ? strndup_user+0x77/0xd0
[  575.740255]  ? ksys_mount+0x73/0x140
[  575.743974]  ? __x64_sys_mount+0xbe/0x150
[  575.748122]  ? do_syscall_64+0x1b9/0x820
[  575.752179]  ? lock_acquire+0x1e4/0x540
[  575.756148]  ? mntput_no_expire+0x160/0xbc0
[  575.760479]  ? lock_downgrade+0x8f0/0x8f0
[  575.764620]  ? lock_release+0xa30/0xa30
[  575.768587]  ? dput.part.26+0x248/0x7a0
[  575.772554]  ? lock_acquire+0x1e4/0x540
[  575.776530]  ? fs_reclaim_acquire+0x20/0x20
[  575.780842]  ? lock_downgrade+0x8f0/0x8f0
[  575.784983]  ? check_same_owner+0x340/0x340
[  575.789291]  ? lock_release+0xa30/0xa30
[  575.793254]  ? check_same_owner+0x340/0x340
[  575.797564]  ? rcu_note_context_switch+0x730/0x730
[  575.802482]  ? __check_object_size+0xa3/0x5d7
[  575.806972]  __should_failslab+0x124/0x180
[  575.811206]  should_failslab+0x9/0x14
[  575.815000]  kmem_cache_alloc_trace+0x2cb/0x780
[  575.819669]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  575.825204]  ? _copy_from_user+0xdf/0x150
[  575.829363]  copy_mount_options+0x5f/0x380
[  575.833601]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  575.839129]  ksys_mount+0xd0/0x140
[  575.842659]  __x64_sys_mount+0xbe/0x150
[  575.846626]  do_syscall_64+0x1b9/0x820
[  575.850502]  ? finish_task_switch+0x1d3/0x870
[  575.854994]  ? syscall_return_slowpath+0x5e0/0x5e0
[  575.859911]  ? syscall_return_slowpath+0x31d/0x5e0
[  575.864831]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  575.869833]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  575.875360]  ? prepare_exit_to_usermode+0x291/0x3b0
[  575.880362]  ? perf_trace_sys_enter+0xb10/0xb10
[  575.885021]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  575.889867]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  575.895053] RIP: 0033:0x45955a
15:23:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

15:23:54 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  575.898239] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  575.917143] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  575.924841] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  575.932098] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  575.939358] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  575.946622] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  575.953879] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000024
15:23:54 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000300)={<r2=>0x0, 0xec, "eb577cd66b1c759b27356006ade70f69eb6bca0e9fa10a8bd8e4c6638eac391b4c4265913a07f8ae503bc854e4d5293422af133872782f3b29e559d0c79d422fb98267379fdc76fa4194b27b312c8bc612af684fcf25ac8cfbcd4b496bcfd3317cffc1f871254b95f8a1c6a03846cd8cff2d36423ff46af3f14cb6dafc8d03d9a7b85fd71474fac5631230dc8f92ffd7d74668522e6c442c72c23dd1673fe95f020bf30f5073504b557d96d627db6931463c01faa0cdb67eda46beade804cb06f806c5b2d5313d5ca0cb5d5613cddfdcd94fd5d0460a5280642196366b1b6cf4bfa01bbe78e718388728a77c"}, &(0x7f0000000080)=0xf4)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={r2, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e21}]}, &(0x7f0000000180)=0x10)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000640)=@security={'security\x00', 0xe, 0x4, 0x438, 0x2a8, 0x0, 0x148, 0x2a8, 0x0, 0x3a0, 0x3a0, 0x3a0, 0x3a0, 0x3a0, 0x4, &(0x7f0000000040), {[{{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@icmp={0x28, 'icmp\x00', 0x0, {0x13, 0x101, 0x4, 0x1}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x0, 0xd8, 0x3}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @local, 0x7, 0xd, [0xc, 0x12, 0xd, 0x14, 0x2a, 0xe, 0x3b, 0x23, 0x30, 0x12, 0x8, 0x2b, 0x32, 0x0, 0x3b, 0x12], 0x3, 0x5, 0xf5}}}, {{@ip={@remote, @remote, 0x0, 0x0, 'bond_slave_1\x00', 'syzkaller0\x00', {0xff}, {0xff}, 0x2, 0x1, 0x4}, 0x0, 0x100, 0x160, 0x0, {}, [@common=@set={0x40, 'set\x00', 0x0, {{0x1bb, [0x3, 0x0, 0xffffffff, 0xffffffff, 0x7ff, 0xffffffff], 0xfffffffffffffffd, 0x2, 0x6}}}, @common=@ttl={0x28, 'ttl\x00', 0x0, {0x3, 0x1}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @dev={[], 0x21}, 0xb9, 0x1, [0x1f, 0x13, 0x1b, 0xc, 0x15, 0x20, 0x3e, 0x30, 0x3c, 0x30, 0x3f, 0x32, 0x2a, 0x19, 0xc, 0x1b], 0x0, 0x2, 0x8}}}, {{@uncond, 0x0, 0x98, 0xf8}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x8, [0x8, 0x8da, 0xfffffffffffffc01, 0x23b, 0x7, 0x8], 0x7207, 0x5, 0xff}, {0x2, [0x9, 0x4, 0x1000, 0xe622, 0x2, 0x3], 0x45, 0x3, 0x6}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x498)

15:23:54 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x1000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:54 executing program 0 (fault-call:0 fault-nth:37):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:54 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x308e, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]})

15:23:54 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:54 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="640374346c", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:54 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
socketpair(0x2, 0x6, 0x5, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000040)={[0x3000, 0x2000, 0xf000, 0xd001], 0xfff, 0x10, 0x6})
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  576.094317] FAULT_INJECTION: forcing a failure.
[  576.094317] name failslab, interval 1, probability 0, space 0, times 0
[  576.105631] CPU: 0 PID: 21553 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  576.114129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  576.123484] Call Trace:
[  576.126079]  dump_stack+0x1c9/0x2b4
[  576.129712]  ? dump_stack_print_info.cold.2+0x52/0x52
[  576.134904]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  576.141366]  should_fail.cold.4+0xa/0x11
[  576.145437]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  576.150544]  ? lock_release+0xa30/0xa30
[  576.154521]  ? kasan_check_read+0x11/0x20
[  576.158688]  ? rcu_is_watching+0x8c/0x150
[  576.162835]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  576.167507]  ? is_bpf_text_address+0xd7/0x170
[  576.172010]  ? kernel_text_address+0x79/0xf0
[  576.176417]  ? __kernel_text_address+0xd/0x40
[  576.180917]  ? lock_acquire+0x1e4/0x540
[  576.185415]  ? fs_reclaim_acquire+0x20/0x20
[  576.189740]  ? lock_downgrade+0x8f0/0x8f0
[  576.193900]  ? check_same_owner+0x340/0x340
[  576.198224]  ? rcu_note_context_switch+0x730/0x730
[  576.203152]  ? copy_mount_options+0x5f/0x380
[  576.207559]  ? ksys_mount+0xd0/0x140
[  576.211275]  __should_failslab+0x124/0x180
[  576.215533]  should_failslab+0x9/0x14
[  576.219336]  kmem_cache_alloc+0x2af/0x760
[  576.223489]  getname_flags+0xd0/0x5a0
[  576.227292]  ? fs_reclaim_acquire+0x20/0x20
[  576.231613]  user_path_at_empty+0x2d/0x50
[  576.235762]  do_mount+0x17f/0x1e20
[  576.239300]  ? check_same_owner+0x340/0x340
[  576.243633]  ? lock_release+0xa30/0xa30
[  576.247627]  ? copy_mount_string+0x40/0x40
[  576.251862]  ? kasan_kmalloc+0xc4/0xe0
[  576.255754]  ? kmem_cache_alloc_trace+0x318/0x780
[  576.260604]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  576.266142]  ? _copy_from_user+0xdf/0x150
[  576.270295]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  576.275832]  ? copy_mount_options+0x285/0x380
[  576.280331]  ksys_mount+0x12d/0x140
[  576.283970]  __x64_sys_mount+0xbe/0x150
[  576.287954]  do_syscall_64+0x1b9/0x820
[  576.291840]  ? syscall_return_slowpath+0x5e0/0x5e0
[  576.296770]  ? syscall_return_slowpath+0x31d/0x5e0
[  576.301687]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  576.306690]  ? __switch_to_asm+0x34/0x70
[  576.310749]  ? __switch_to_asm+0x34/0x70
[  576.314796]  ? __switch_to_asm+0x40/0x70
[  576.318843]  ? __switch_to_asm+0x34/0x70
[  576.322901]  ? __switch_to_asm+0x34/0x70
[  576.326964]  ? __switch_to_asm+0x40/0x70
[  576.331026]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  576.335862]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  576.341040] RIP: 0033:0x45955a
[  576.344224] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  576.363119] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  576.370817] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  576.378091] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  576.385348] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
15:23:54 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:54 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x8c39000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:54 executing program 0 (fault-call:0 fault-nth:38):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:54 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3040000]})

[  576.392605] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  576.399861] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000025
15:23:54 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfdfdffff, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:54 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x7a000000})

15:23:55 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xb9f0, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:55 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]})

15:23:55 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0xd)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000000)={{{@in=@rand_addr, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@loopback}}, &(0x7f0000000100)=0xe8)
setsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000180)={@local, r2}, 0x14)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0), 0x0, 0x0, 0x0)

15:23:55 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434f6", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  576.567127] FAULT_INJECTION: forcing a failure.
[  576.567127] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  576.578967] CPU: 0 PID: 21590 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  576.587449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  576.596792] Call Trace:
[  576.599384]  dump_stack+0x1c9/0x2b4
[  576.603013]  ? dump_stack_print_info.cold.2+0x52/0x52
[  576.608200]  ? unwind_get_return_address+0x61/0xa0
[  576.613137]  should_fail.cold.4+0xa/0x11
[  576.617199]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  576.622303]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  576.627149]  ? perf_trace_lock+0x920/0x920
[  576.631396]  ? trace_hardirqs_on+0x10/0x10
[  576.635631]  ? kasan_check_read+0x11/0x20
[  576.639774]  ? do_raw_spin_unlock+0xa7/0x2f0
[  576.644177]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  576.648774]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  576.653784]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  576.658537]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  576.663377]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  576.668912]  ? should_fail+0x246/0xd86
[  576.672805]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  576.677914]  __alloc_pages_nodemask+0x36e/0xdb0
[  576.682584]  ? rcu_is_watching+0x8c/0x150
[  576.686735]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  576.691749]  ? is_bpf_text_address+0xd7/0x170
[  576.696245]  ? kernel_text_address+0x79/0xf0
[  576.700650]  ? __kernel_text_address+0xd/0x40
[  576.705147]  ? lock_acquire+0x1e4/0x540
[  576.709120]  ? fs_reclaim_acquire+0x20/0x20
[  576.713445]  ? lock_downgrade+0x8f0/0x8f0
[  576.717604]  ? lock_release+0xa30/0xa30
[  576.721576]  ? check_same_owner+0x340/0x340
[  576.725898]  cache_grow_begin+0x91/0x710
[  576.729965]  kmem_cache_alloc+0x689/0x760
[  576.734121]  getname_flags+0xd0/0x5a0
[  576.737923]  ? fs_reclaim_acquire+0x20/0x20
[  576.742240]  user_path_at_empty+0x2d/0x50
[  576.746391]  do_mount+0x17f/0x1e20
[  576.749967]  ? check_same_owner+0x340/0x340
[  576.754290]  ? lock_release+0xa30/0xa30
[  576.758265]  ? copy_mount_string+0x40/0x40
[  576.762501]  ? retint_kernel+0x10/0x10
[  576.766393]  ? copy_mount_options+0x1f0/0x380
[  576.770884]  ? copy_mount_options+0x1f6/0x380
[  576.775379]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  576.780912]  ? copy_mount_options+0x285/0x380
[  576.785413]  ksys_mount+0x12d/0x140
[  576.789042]  __x64_sys_mount+0xbe/0x150
[  576.793019]  do_syscall_64+0x1b9/0x820
[  576.796920]  ? finish_task_switch+0x1d3/0x870
[  576.801414]  ? syscall_return_slowpath+0x5e0/0x5e0
[  576.806351]  ? syscall_return_slowpath+0x31d/0x5e0
[  576.811454]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  576.816481]  ? __switch_to_asm+0x34/0x70
[  576.820536]  ? __switch_to_asm+0x34/0x70
[  576.824597]  ? __switch_to_asm+0x40/0x70
[  576.828657]  ? __switch_to_asm+0x34/0x70
[  576.832712]  ? __switch_to_asm+0x40/0x70
[  576.836769]  ? __switch_to_asm+0x34/0x70
[  576.840824]  ? __switch_to_asm+0x40/0x70
[  576.844882]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  576.849728]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  576.854914] RIP: 0033:0x45955a
[  576.858107] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  576.877004] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  576.884713] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  576.891976] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  576.899237] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  576.906500] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  576.913765] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000026
15:23:55 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x8f1, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:55 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0xf108})

15:23:55 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x578, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304000000000000]})

15:23:55 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:55 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'osx.', '(\x00'}, &(0x7f0000000640)=""/4096, 0x1000)

15:23:55 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7a00000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:55 executing program 0 (fault-call:0 fault-nth:39):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304]})

15:23:55 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa805000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:55 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:55 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0xffffffffffffffff})

15:23:55 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0xfffffffffffffee4)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:55 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:55 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/35, 0x23}, {&(0x7f0000000100)=""/4, 0x4}, {&(0x7f0000000180)=""/44, 0x2c}], 0x3, 0x0, 0x0, 0xcd1}, 0x40000040)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='system.posix_acl_default\x00', &(0x7f0000000080)=""/50, 0x32)

[  577.340316] FAULT_INJECTION: forcing a failure.
[  577.340316] name failslab, interval 1, probability 0, space 0, times 0
[  577.351589] CPU: 1 PID: 21663 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  577.360077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  577.369436] Call Trace:
[  577.372045]  dump_stack+0x1c9/0x2b4
[  577.375685]  ? dump_stack_print_info.cold.2+0x52/0x52
[  577.380883]  ? filename_lookup+0x397/0x510
[  577.385123]  ? user_path_at_empty+0x40/0x50
[  577.389452]  ? do_mount+0x17f/0x1e20
[  577.393171]  ? ksys_mount+0x12d/0x140
[  577.396986]  ? do_syscall_64+0x1b9/0x820
[  577.401057]  should_fail.cold.4+0xa/0x11
[  577.405132]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  577.410238]  ? kasan_check_write+0x14/0x20
[  577.414483]  ? do_raw_spin_lock+0xc1/0x200
[  577.418729]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  577.423845]  ? debug_check_no_obj_freed+0x30b/0x595
[  577.428873]  ? trace_hardirqs_off+0xd/0x10
[  577.433113]  ? quarantine_put+0x10d/0x1b0
[  577.437286]  ? lock_acquire+0x1e4/0x540
[  577.441269]  ? fs_reclaim_acquire+0x20/0x20
[  577.445602]  ? lock_downgrade+0x8f0/0x8f0
[  577.449759]  ? check_same_owner+0x340/0x340
[  577.454091]  ? lock_downgrade+0x8f0/0x8f0
[  577.458248]  ? rcu_note_context_switch+0x730/0x730
[  577.463188]  __should_failslab+0x124/0x180
[  577.467433]  should_failslab+0x9/0x14
[  577.471243]  kmem_cache_alloc_trace+0x2cb/0x780
[  577.475918]  ? kasan_check_write+0x14/0x20
[  577.480157]  ? do_raw_read_unlock+0x3f/0x60
[  577.484491]  vfs_new_fs_context+0x5a/0x6d0
[  577.488746]  do_mount+0x605/0x1e20
[  577.492299]  ? copy_mount_string+0x40/0x40
[  577.496545]  ? kasan_kmalloc+0xc4/0xe0
[  577.500446]  ? kmem_cache_alloc_trace+0x318/0x780
[  577.505298]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  577.510851]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  577.516403]  ? copy_mount_options+0x285/0x380
[  577.521608]  ksys_mount+0x12d/0x140
[  577.525245]  __x64_sys_mount+0xbe/0x150
[  577.529226]  do_syscall_64+0x1b9/0x820
[  577.533116]  ? finish_task_switch+0x1d3/0x870
15:23:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]})

15:23:55 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:55 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})

15:23:55 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]})

15:23:56 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})

[  577.537619]  ? syscall_return_slowpath+0x5e0/0x5e0
[  577.542553]  ? syscall_return_slowpath+0x31d/0x5e0
[  577.547488]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  577.552509]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  577.558048]  ? prepare_exit_to_usermode+0x291/0x3b0
[  577.563066]  ? perf_trace_sys_enter+0xb10/0xb10
[  577.567742]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  577.572601]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  577.577809] RIP: 0033:0x45955a
15:23:56 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xffffff7f00000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  577.581008] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  577.599912] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  577.607630] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  577.614907] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  577.622186] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  577.629461] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  577.636734] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000027
15:23:56 executing program 0 (fault-call:0 fault-nth:40):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:56 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]})

15:23:56 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x1000000000})

15:23:56 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x5c5a000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:56 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
fcntl$setpipe(r0, 0x407, 0xc4c)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000100)="0a5cc80700315f85714070")
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000300)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="2e0000004250dbbdf8d36568c71b0666a0297da34afab49e2630ea56ec777db4e05e1f6f39608fc11f0a8e828ed78b05b6d42ecde5d28f03837ea49c60505fcbe9855301681b633d90cd080000669c1b8b390ce6c54b2646bd8fd9be85a4f2104dee71cff4532f588809d5fbfc898a925c9497"], &(0x7f0000000040)=0x36)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r2, 0x401}, &(0x7f00000000c0)=0x8)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:56 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743468", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]})

15:23:56 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8915, &(0x7f0000000000)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x803, 0x4)

15:23:56 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:56 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xac230000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff]})

[  577.817781] FAULT_INJECTION: forcing a failure.
[  577.817781] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  577.829887] CPU: 0 PID: 21712 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  577.838383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  577.847743] Call Trace:
[  577.850332]  dump_stack+0x1c9/0x2b4
[  577.853968]  ? dump_stack_print_info.cold.2+0x52/0x52
[  577.859153]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  577.863992]  should_fail.cold.4+0xa/0x11
[  577.868056]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  577.873156]  ? kasan_check_read+0x11/0x20
[  577.877293]  ? rcu_is_watching+0x8c/0x150
[  577.881439]  ? is_bpf_text_address+0xd7/0x170
[  577.885935]  ? kernel_text_address+0x79/0xf0
[  577.890337]  ? __kernel_text_address+0xd/0x40
[  577.894825]  ? unwind_get_return_address+0x61/0xa0
[  577.899750]  ? lock_acquire+0x1e4/0x540
[  577.903714]  ? fs_reclaim_acquire+0x20/0x20
[  577.908024]  ? lock_downgrade+0x8f0/0x8f0
[  577.912163]  ? check_same_owner+0x340/0x340
[  577.916475]  ? rcu_note_context_switch+0x730/0x730
[  577.921392]  ? legacy_parse_monolithic+0xde/0x1e0
[  577.926232]  __alloc_pages_nodemask+0x36e/0xdb0
[  577.930895]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  577.935903]  ? lock_downgrade+0x8f0/0x8f0
[  577.940048]  ? kasan_check_read+0x11/0x20
[  577.944260]  ? do_raw_spin_unlock+0xa7/0x2f0
[  577.948661]  ? kasan_check_write+0x14/0x20
[  577.952886]  ? do_raw_spin_lock+0xc1/0x200
[  577.957111]  ? kasan_unpoison_shadow+0x35/0x50
[  577.961689]  ? kasan_kmalloc+0xc4/0xe0
[  577.965571]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  577.971102]  alloc_pages_current+0x10c/0x210
[  577.975505]  get_zeroed_page+0x14/0x50
[  577.979388]  legacy_validate+0x133/0x220
[  577.983438]  ? vfs_set_fs_source+0x180/0x180
[  577.987834]  vfs_get_tree+0x144/0x5c0
[  577.991623]  ? vfs_set_fs_source+0x12c/0x180
[  577.996023]  do_mount+0x6f2/0x1e20
[  577.999550]  ? do_raw_spin_unlock+0xa7/0x2f0
[  578.003950]  ? copy_mount_string+0x40/0x40
[  578.008171]  ? kasan_kmalloc+0xc4/0xe0
[  578.012050]  ? kmem_cache_alloc_trace+0x318/0x780
[  578.016890]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  578.022586]  ? copy_mount_options+0x285/0x380
[  578.027084]  ksys_mount+0x12d/0x140
[  578.030702]  __x64_sys_mount+0xbe/0x150
[  578.034850]  do_syscall_64+0x1b9/0x820
[  578.038725]  ? finish_task_switch+0x1d3/0x870
[  578.043218]  ? syscall_return_slowpath+0x5e0/0x5e0
[  578.048150]  ? syscall_return_slowpath+0x31d/0x5e0
[  578.053088]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  578.058098]  ? __switch_to_asm+0x34/0x70
[  578.062146]  ? __switch_to_asm+0x34/0x70
[  578.066302]  ? __switch_to_asm+0x40/0x70
[  578.070358]  ? __switch_to_asm+0x34/0x70
[  578.074407]  ? __switch_to_asm+0x40/0x70
[  578.078458]  ? __switch_to_asm+0x34/0x70
[  578.082505]  ? __switch_to_asm+0x40/0x70
[  578.086558]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  578.091395]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.096578] RIP: 0033:0x45955a
[  578.099762] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  578.118912] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  578.126610] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  578.133865] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  578.142223] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  578.150656] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  578.157927] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000028
15:23:56 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x1f00000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  578.169305] EXT4-fs: 44 callbacks suppressed
[  578.169315] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
15:23:56 executing program 4:
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x9, 0x80)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040)=0x80, 0x4)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:56 executing program 0 (fault-call:0 fault-nth:41):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:56 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]})

15:23:56 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [0x100000000000000]})

15:23:56 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xc02b, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:56 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  578.237344] EXT4-fs (sda1): quotafile must be on filesystem root
[  578.260616] EXT4-fs (sda1): quotafile must be on filesystem root
[  578.405872] FAULT_INJECTION: forcing a failure.
[  578.405872] name failslab, interval 1, probability 0, space 0, times 0
[  578.417339] CPU: 0 PID: 21750 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  578.425824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  578.435169] Call Trace:
[  578.437773]  dump_stack+0x1c9/0x2b4
[  578.441402]  ? dump_stack_print_info.cold.2+0x52/0x52
[  578.446591]  ? __kernel_text_address+0xd/0x40
[  578.452954]  should_fail.cold.4+0xa/0x11
[  578.457043]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  578.462165]  ? save_stack+0xa9/0xd0
[  578.465791]  ? save_stack+0x43/0xd0
[  578.469418]  ? kasan_kmalloc+0xc4/0xe0
[  578.473302]  ? __kmalloc_track_caller+0x14a/0x760
[  578.478140]  ? kmemdup_nul+0x31/0xa0
[  578.481849]  ? vfs_set_fs_source+0x67/0x180
[  578.486171]  ? ksys_mount+0x12d/0x140
[  578.489982]  ? __x64_sys_mount+0xbe/0x150
[  578.494128]  ? do_syscall_64+0x1b9/0x820
[  578.498192]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.503556]  ? do_syscall_64+0x1b9/0x820
[  578.507625]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.512991]  ? trace_hardirqs_off+0xd/0x10
[  578.517221]  ? quarantine_put+0x10d/0x1b0
[  578.521365]  ? lock_acquire+0x1e4/0x540
[  578.525344]  ? fs_reclaim_acquire+0x20/0x20
[  578.529776]  ? lock_downgrade+0x8f0/0x8f0
[  578.533920]  ? lock_downgrade+0x8f0/0x8f0
[  578.538068]  ? lock_release+0xa30/0xa30
[  578.542042]  ? check_same_owner+0x340/0x340
[  578.546360]  ? check_same_owner+0x340/0x340
[  578.550683]  ? debug_mutex_init+0x2d/0x60
[  578.554840]  ? rcu_note_context_switch+0x730/0x730
[  578.559777]  __should_failslab+0x124/0x180
[  578.564016]  should_failslab+0x9/0x14
[  578.567843]  __kmalloc_track_caller+0x2c4/0x760
[  578.572532]  ? __kmalloc_track_caller+0x311/0x760
[  578.577382]  ? legacy_parse_monolithic+0xde/0x1e0
[  578.582226]  kmemdup+0x24/0x50
[  578.585419]  legacy_parse_monolithic+0xde/0x1e0
[  578.590088]  ? vfs_set_fs_source+0x12c/0x180
[  578.594497]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  578.599252]  do_mount+0x6d1/0x1e20
[  578.602793]  ? check_same_owner+0x340/0x340
[  578.607112]  ? lock_release+0xa30/0xa30
[  578.611091]  ? copy_mount_string+0x40/0x40
[  578.614961] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  578.615319]  ? kasan_kmalloc+0xc4/0xe0
[  578.615336]  ? kmem_cache_alloc_trace+0x318/0x780
[  578.615356]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  578.635529]  ? _copy_from_user+0xdf/0x150
[  578.639679]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  578.645227]  ? copy_mount_options+0x285/0x380
[  578.649747]  ksys_mount+0x12d/0x140
[  578.653379]  __x64_sys_mount+0xbe/0x150
[  578.657354]  do_syscall_64+0x1b9/0x820
[  578.661237]  ? finish_task_switch+0x1d3/0x870
[  578.665800]  ? syscall_return_slowpath+0x5e0/0x5e0
[  578.670734]  ? syscall_return_slowpath+0x31d/0x5e0
[  578.675663]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  578.680625] EXT4-fs (sda1): quotafile must be on filesystem root
[  578.680682]  ? __switch_to_asm+0x34/0x70
[  578.690878]  ? __switch_to_asm+0x34/0x70
[  578.694939]  ? __switch_to_asm+0x40/0x70
[  578.698999]  ? __switch_to_asm+0x34/0x70
[  578.703059]  ? __switch_to_asm+0x40/0x70
[  578.707120]  ? __switch_to_asm+0x34/0x70
[  578.711175]  ? __switch_to_asm+0x40/0x70
[  578.715236]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  578.720083]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.725267] RIP: 0033:0x45955a
[  578.728460] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  578.747374] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  578.755102] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  578.762367] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  578.769635] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  578.776913] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  578.784190] R13: 0000000000000000 R14: 00000000004c9361 R15: 0000000000000029
15:23:57 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x200000000000000})

15:23:57 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x2, 0x0)
write$FUSE_IOCTL(r1, &(0x7f0000000040)={0x20, 0x0, 0x8, {0x2, 0x148b48388ecb6b7a, 0x0, 0xffffffffffffffff}}, 0x20)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x4240, 0x0)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:57 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [0x1000000]})

15:23:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]})

15:23:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xa174, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:57 executing program 0 (fault-call:0 fault-nth:42):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:57 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x4000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:57 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  578.824183] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]})

15:23:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf449000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:57 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000500), 0x4)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/pfkey\x00', 0x2000, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, &(0x7f0000000380)={'security\x00', 0xfa, "843af194871976619ecf2651d7231ddc5917d97b2b633d1969893662eac69e90b9d6629834dadc38874df0bfccd26307b665f22284c125f80ad2970ba60c18148e6d67d8825e01e44848cb36472ea474c62868b22c2b4ef5abc4da1a0ac1b12b0e5dfa3fbe033ca81cc25f24600ea73975f6722c381ca41dd17d5b54b1fa7896d994b9c91a552b0e876500ee0591ccb1c2bd3404ef249f4567b5cb87483fa9448a3ce7b6d1cacf2064a69d0d39783b9507a32a888862e718b6417f567a78483697fb121a6cc378c61f374e146773837786e4c4627588d23ebf5fd703e062068d5f51c32ce30fd03c945e641847fafd67c401307de1097024a7d3"}, &(0x7f00000004c0)=0x11e)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getsockopt(r1, 0x6, 0x3, &(0x7f0000000000)=""/83, &(0x7f0000000080)=0x53)
r3 = dup3(r0, r0, 0x80000)
ioctl$KDGKBTYPE(r3, 0x4b33, &(0x7f0000000300))
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='ppp0\x00', r4}, 0x10)

15:23:57 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [0x0, 0x100000000000000]})

[  578.975076] FAULT_INJECTION: forcing a failure.
[  578.975076] name failslab, interval 1, probability 0, space 0, times 0
[  578.986365] CPU: 0 PID: 21771 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  578.994849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  579.004281] Call Trace:
[  579.006887]  dump_stack+0x1c9/0x2b4
[  579.010538]  ? dump_stack_print_info.cold.2+0x52/0x52
[  579.015736]  ? __kernel_text_address+0xd/0x40
[  579.020257]  should_fail.cold.4+0xa/0x11
[  579.024322]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  579.029423]  ? save_stack+0xa9/0xd0
[  579.033044]  ? save_stack+0x43/0xd0
[  579.036752]  ? kasan_kmalloc+0xc4/0xe0
[  579.040636]  ? __kmalloc_track_caller+0x14a/0x760
[  579.045496]  ? kmemdup_nul+0x31/0xa0
[  579.049205]  ? vfs_set_fs_source+0x67/0x180
[  579.053523]  ? ksys_mount+0x12d/0x140
[  579.057319]  ? __x64_sys_mount+0xbe/0x150
[  579.061465]  ? do_syscall_64+0x1b9/0x820
[  579.065535]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  579.070903]  ? do_syscall_64+0x1b9/0x820
[  579.074964]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  579.080327]  ? trace_hardirqs_off+0xd/0x10
[  579.084564]  ? quarantine_put+0x10d/0x1b0
[  579.088715]  ? lock_acquire+0x1e4/0x540
[  579.092692]  ? fs_reclaim_acquire+0x20/0x20
[  579.097011]  ? lock_downgrade+0x8f0/0x8f0
[  579.101156]  ? lock_downgrade+0x8f0/0x8f0
[  579.105304]  ? lock_release+0xa30/0xa30
[  579.109280]  ? check_same_owner+0x340/0x340
[  579.113599]  ? check_same_owner+0x340/0x340
[  579.117916]  ? debug_mutex_init+0x2d/0x60
[  579.122413]  ? rcu_note_context_switch+0x730/0x730
[  579.127352]  __should_failslab+0x124/0x180
[  579.131614]  should_failslab+0x9/0x14
[  579.135421]  __kmalloc_track_caller+0x2c4/0x760
[  579.140228]  ? __kmalloc_track_caller+0x311/0x760
[  579.145083]  ? legacy_parse_monolithic+0xde/0x1e0
[  579.149930]  kmemdup+0x24/0x50
[  579.153419]  legacy_parse_monolithic+0xde/0x1e0
[  579.158091]  ? vfs_set_fs_source+0x12c/0x180
[  579.162499]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  579.167254]  do_mount+0x6d1/0x1e20
[  579.171137]  ? check_same_owner+0x340/0x340
[  579.175454]  ? lock_release+0xa30/0xa30
[  579.179428]  ? copy_mount_string+0x40/0x40
[  579.183661]  ? kasan_kmalloc+0xc4/0xe0
[  579.187791]  ? kmem_cache_alloc_trace+0x318/0x780
[  579.192640]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  579.198181]  ? _copy_from_user+0xdf/0x150
[  579.202328]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  579.207877]  ? copy_mount_options+0x285/0x380
[  579.212377]  ksys_mount+0x12d/0x140
[  579.216007]  __x64_sys_mount+0xbe/0x150
[  579.219995]  do_syscall_64+0x1b9/0x820
[  579.223879]  ? syscall_return_slowpath+0x5e0/0x5e0
[  579.228806]  ? syscall_return_slowpath+0x31d/0x5e0
[  579.233732]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  579.238750]  ? __switch_to_asm+0x34/0x70
[  579.242808]  ? __switch_to_asm+0x34/0x70
[  579.246865]  ? __switch_to_asm+0x40/0x70
[  579.250923]  ? __switch_to_asm+0x34/0x70
[  579.254982]  ? __switch_to_asm+0x34/0x70
[  579.259038]  ? __switch_to_asm+0x40/0x70
[  579.263100]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  579.267942]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  579.273124] RIP: 0033:0x45955a
[  579.276313] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  579.295205] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  579.302912] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  579.310175] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  579.317441] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
15:23:57 executing program 0 (fault-call:0 fault-nth:43):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:57 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304000000000000]})

[  579.324717] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  579.331983] R13: 0000000000000000 R14: 00000000004c9361 R15: 000000000000002a
15:23:57 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x68bf0000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:57 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x20000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  579.400901] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  579.435886] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:58 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x4})

15:23:58 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [0x0, 0x1000000]})

15:23:58 executing program 4:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000340)=0x200, 0x4)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000300)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
preadv(r1, &(0x7f0000000180)=[{&(0x7f0000000000)=""/255, 0xff}, {&(0x7f0000000100)=""/46, 0x2e}], 0x2, 0x0)

15:23:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]})

[  579.455011] EXT4-fs (sda1): re-mounted. Opts: ,errors=continue
[  579.476729] EXT4-fs (sda1): quotafile must be on filesystem root
15:23:58 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  579.520077] FAULT_INJECTION: forcing a failure.
[  579.520077] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  579.532042] CPU: 1 PID: 21804 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  579.540538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  579.549897] Call Trace:
[  579.552510]  dump_stack+0x1c9/0x2b4
[  579.556158]  ? dump_stack_print_info.cold.2+0x52/0x52
[  579.561367]  should_fail.cold.4+0xa/0x11
[  579.565529]  ? fault_create_debugfs_attr+0x1f0/0x1f0
15:23:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]})

15:23:58 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [], 0x100000000000000})

[  579.570638]  ? kasan_check_read+0x11/0x20
[  579.574810]  ? rcu_is_watching+0x8c/0x150
[  579.578971]  ? is_bpf_text_address+0xd7/0x170
[  579.583477]  ? kernel_text_address+0x79/0xf0
[  579.587898]  ? __kernel_text_address+0xd/0x40
[  579.592400]  ? unwind_get_return_address+0x61/0xa0
[  579.597335]  ? lock_acquire+0x1e4/0x540
[  579.601315]  ? fs_reclaim_acquire+0x20/0x20
[  579.605645]  ? lock_downgrade+0x8f0/0x8f0
[  579.609804]  ? check_same_owner+0x340/0x340
[  579.614142]  ? rcu_note_context_switch+0x730/0x730
15:23:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff]})

15:23:58 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [], 0x1000000})

[  579.619079]  ? legacy_parse_monolithic+0xde/0x1e0
[  579.623933]  __alloc_pages_nodemask+0x36e/0xdb0
[  579.628612]  ? trace_hardirqs_off+0xd/0x10
[  579.632852]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  579.637875]  ? lock_acquire+0x1e4/0x540
[  579.641860]  ? fs_reclaim_acquire+0x20/0x20
[  579.646181]  ? lock_downgrade+0x8f0/0x8f0
[  579.650326]  ? lock_release+0xa30/0xa30
[  579.654305]  ? check_same_owner+0x340/0x340
[  579.658631]  ? check_same_owner+0x340/0x340
[  579.662956]  ? debug_mutex_init+0x2d/0x60
15:23:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x304]})

15:23:58 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [], 0x0})

[  579.667110]  ? kasan_unpoison_shadow+0x35/0x50
[  579.671703]  ? kasan_kmalloc+0xc4/0xe0
[  579.675595]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  579.681143]  alloc_pages_current+0x10c/0x210
[  579.685554]  get_zeroed_page+0x14/0x50
[  579.689443]  legacy_validate+0x133/0x220
[  579.693504]  ? vfs_set_fs_source+0x180/0x180
[  579.697906]  vfs_get_tree+0x144/0x5c0
[  579.701719]  ? vfs_set_fs_source+0x12c/0x180
[  579.706132]  do_mount+0x6f2/0x1e20
[  579.709671]  ? check_same_owner+0x340/0x340
[  579.714000]  ? lock_release+0xa30/0xa30
15:23:58 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399", [], 0x0})

[  579.717982]  ? copy_mount_string+0x40/0x40
[  579.722219]  ? kasan_kmalloc+0xc4/0xe0
[  579.726110]  ? kmem_cache_alloc_trace+0x318/0x780
[  579.730956]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  579.736490]  ? _copy_from_user+0xdf/0x150
[  579.740627]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  579.746167]  ? copy_mount_options+0x285/0x380
[  579.750672]  ksys_mount+0x12d/0x140
[  579.754300]  __x64_sys_mount+0xbe/0x150
[  579.758276]  do_syscall_64+0x1b9/0x820
[  579.762162]  ? finish_task_switch+0x1d3/0x870
[  579.766662]  ? syscall_return_slowpath+0x5e0/0x5e0
[  579.771601]  ? syscall_return_slowpath+0x31d/0x5e0
[  579.776551]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  579.781555]  ? __switch_to_asm+0x34/0x70
[  579.785611]  ? __switch_to_asm+0x34/0x70
[  579.789674]  ? __switch_to_asm+0x40/0x70
[  579.793730]  ? __switch_to_asm+0x34/0x70
[  579.797785]  ? __switch_to_asm+0x40/0x70
[  579.801841]  ? __switch_to_asm+0x34/0x70
[  579.805901]  ? __switch_to_asm+0x40/0x70
[  579.809962]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  579.814807]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  579.819989] RIP: 0033:0x45955a
[  579.823178] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  579.842076] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  579.849787] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  579.858270] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
15:23:58 executing program 0 (fault-call:0 fault-nth:44):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x403]})

15:23:58 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000000)={0x3, 0x0, [{0x40000000, 0x5c8, 0x1, 0x1, 0xfffffffffffffffe, 0x7, 0x3991}, {0x2, 0xffffffff80000001, 0x1, 0x8, 0xfffffffffffff000, 0x7}, {0x8000001f, 0x80000000, 0x2, 0x5, 0x81, 0x9}]})
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  579.865533] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  579.872793] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  579.880059] R13: 0000000000000000 R14: 00000000004c9361 R15: 000000000000002b
15:23:58 executing program 4:
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
r1 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @local}, 0x10)
syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x7666639f, 0x2000)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000100)={<r2=>0x0, @local, @rand_addr}, &(0x7f0000000180)=0xc)
setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000300)={r2, @local, @remote}, 0xc)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
setsockopt$inet6_MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000040)={0x7f, 0x1, 0x10001, 0x1000, 0x9}, 0xc)
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

[  580.002149] FAULT_INJECTION: forcing a failure.
[  580.002149] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  580.013992] CPU: 1 PID: 21849 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  580.022473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  580.031821] Call Trace:
[  580.034412]  dump_stack+0x1c9/0x2b4
[  580.038041]  ? dump_stack_print_info.cold.2+0x52/0x52
[  580.043233]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  580.048773]  should_fail.cold.4+0xa/0x11
[  580.052835]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  580.057936]  ? __account_cfs_rq_runtime+0x770/0x770
[  580.062953]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  580.068488]  ? __perf_event_task_sched_out+0x2f0/0x1a60
[  580.073849]  ? trace_hardirqs_on+0x10/0x10
[  580.078088]  ? trace_hardirqs_on+0x10/0x10
[  580.082329]  ? perf_event_update_userpage+0xd30/0xd30
[  580.087519]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  580.092537]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  580.098070]  ? should_fail+0x246/0xd86
[  580.101959]  ? is_bpf_text_address+0xae/0x170
[  580.106892]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  580.111995]  ? should_fail+0x246/0xd86
[  580.115887]  __alloc_pages_nodemask+0x36e/0xdb0
[  580.120551]  ? kasan_check_read+0x11/0x20
[  580.124694]  ? rcu_is_watching+0x8c/0x150
[  580.128841]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  580.133856]  ? is_bpf_text_address+0xd7/0x170
[  580.138361]  ? kernel_text_address+0x79/0xf0
[  580.142777]  ? lock_acquire+0x1e4/0x540
[  580.146753]  ? fs_reclaim_acquire+0x20/0x20
[  580.151075]  ? lock_downgrade+0x8f0/0x8f0
[  580.155229]  ? lock_release+0xa30/0xa30
[  580.159202]  ? check_same_owner+0x340/0x340
[  580.163516]  ? check_same_owner+0x340/0x340
[  580.167836]  cache_grow_begin+0x91/0x710
[  580.171900]  kmem_cache_alloc+0x689/0x760
[  580.176044]  ? __alloc_pages_nodemask+0x6e3/0xdb0
[  580.180891]  ? trace_hardirqs_off+0xd/0x10
[  580.185128]  getname_kernel+0x54/0x370
[  580.189014]  kern_path+0x1e/0x40
[  580.192378]  lookup_bdev+0x10c/0x250
[  580.196090]  ? blkdev_open+0x280/0x280
[  580.199973]  ? check_same_owner+0x340/0x340
[  580.204288]  ? check_same_owner+0x340/0x340
[  580.208605]  ? debug_mutex_init+0x2d/0x60
[  580.212752]  blkdev_get_by_path+0x1f/0xe0
[  580.216899]  mount_bdev+0x61/0x3e0
[  580.220436]  ? f2fs_commit_super+0x400/0x400
[  580.224844]  f2fs_mount+0x3c/0x50
[  580.228295]  ? kill_f2fs_super+0x330/0x330
[  580.232527]  legacy_get_tree+0x131/0x460
[  580.236596]  vfs_get_tree+0x1cb/0x5c0
[  580.240391]  ? vfs_set_fs_source+0x12c/0x180
[  580.244797]  do_mount+0x6f2/0x1e20
[  580.248329]  ? check_same_owner+0x340/0x340
[  580.252649]  ? lock_release+0xa30/0xa30
[  580.256623]  ? copy_mount_string+0x40/0x40
[  580.260856]  ? retint_kernel+0x10/0x10
[  580.264746]  ? copy_mount_options+0x1f0/0x380
[  580.269240]  ? copy_mount_options+0x1f6/0x380
[  580.273732]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  580.279267]  ? copy_mount_options+0x285/0x380
[  580.283760]  ksys_mount+0x12d/0x140
[  580.287390]  __x64_sys_mount+0xbe/0x150
[  580.291365]  do_syscall_64+0x1b9/0x820
[  580.295253]  ? syscall_return_slowpath+0x5e0/0x5e0
[  580.300180]  ? syscall_return_slowpath+0x31d/0x5e0
[  580.305111]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  580.310128]  ? __switch_to_asm+0x34/0x70
[  580.314185]  ? __switch_to_asm+0x34/0x70
[  580.318240]  ? __switch_to_asm+0x40/0x70
[  580.322295]  ? __switch_to_asm+0x34/0x70
[  580.326351]  ? __switch_to_asm+0x34/0x70
[  580.330406]  ? __switch_to_asm+0x40/0x70
[  580.334465]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  580.339309]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  580.344493] RIP: 0033:0x45955a
[  580.347683] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  580.366575] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  580.374282] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  580.381548] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  580.388814] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  580.396082] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  580.403347] R13: 0000000000000000 R14: 00000000004c9361 R15: 000000000000002c
[  580.412725] f2fs_msg: 14 callbacks suppressed
[  580.412736] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  580.424322] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  580.447495] F2FS-fs (loop0): journaled quota format not specified
15:23:58 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x7a})

15:23:58 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x7000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:58 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x606d, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:58 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]})

15:23:58 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})
recvfrom$llc(r2, &(0x7f0000000000)=""/248, 0xf8, 0x40010102, 0x0, 0x0)

15:23:58 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:58 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9}, &(0x7f00000002c0))
r0 = socket$inet(0x2b, 0x1, 0x1)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00')
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000100)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000440)=0x14)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000540)={'veth0_to_team\x00', <r6=>0x0})
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@mcast2, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@broadcast}, 0x0, @in=@remote}}, &(0x7f0000000580)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000005c0)={'team0\x00', <r8=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000740)={{{@in=@multicast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@local}, 0x0, @in6=@loopback}}, &(0x7f0000000840)=0xe8)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'veth0_to_bridge\x00', <r10=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000013c0)={'vcan0\x00', <r11=>0x0})
getsockopt$inet6_mreq(r1, 0x29, 0x1f, &(0x7f00000014c0)={@dev, <r12=>0x0}, &(0x7f0000001500)=0x14)
getpeername$packet(r0, &(0x7f0000001680)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000016c0)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f00000017c0)={0x11, 0x0, <r14=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001800)=0x14)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000001840)={0x11, 0x0, <r15=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001880)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000002b00)={'team0\x00', <r16=>0x0})
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000180)={<r17=>0x0, 0x4000000000000000}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000340)={r17, 0x8}, 0x8)
getsockname$packet(0xffffffffffffffff, &(0x7f0000002b40)={0x11, 0x0, <r18=>0x0}, &(0x7f0000002b80)=0x14)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000002bc0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0}}, {{@in6=@remote}, 0x0, @in6=@local}}, &(0x7f0000002cc0)=0xe8)
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f00000030c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x91000410}, 0xc, &(0x7f0000003080)={&(0x7f0000000880)=ANY=[@ANYBLOB="64030000", @ANYRES16=r3, @ANYBLOB="00000008000100f3dd8bb37704531c386638045715071a9838c9907747f4945e0645ae5744d5eaeffa8bec9548ff96487301d9f34d03d7df73a1f765fe42f63a51526dc28d9d7d87115eba4a4171e13ffde36823d7f089ae28d5b7b65a7144f1dd8d43f8f5c6828ca81b81e10e768a35304b7f61b8ca5e28094fa421d4aa7572f49daaeb7555bac0f0015c4044af24ef3541de55ecec3a026f83e3d62798af19885a0c8e76a813bdcb2ffd9afe907b389c0e3b890ea31f9ee5bc024a6b993d1699881720d5", @ANYRES32=r4, @ANYBLOB="f80002003c000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000000c00040072616e646f6d0000400001002400010071756575655f6964000000000000000000000000000000000000000000000000080003000300000008000400ffff000008000600", @ANYRES32=r5, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000010000008000600", @ANYRES32=r6, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="7c01020040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000200000008000600", @ANYRES32=r9, @ANYBLOB="400001002400010071756575655f6964000000000000000000000000000000000000000000000000080003000300000008000400f801000008000600", @ANYRES32=r10, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004006e00000008000600", @ANYRES32=r11, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400950a000008000600", @ANYRES32=r13, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r14, @ANYBLOB="08000100", @ANYRES32=r15, @ANYBLOB="7c0002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r16, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r18, @ANYBLOB="08000100", @ANYRES32=r19, @ANYBLOB="400002003c000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000000c00040072616e646f6d0000"], 0x364}, 0x1, 0x0, 0x0, 0x40081}, 0x40)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:58 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x2924, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:59 executing program 0 (fault-call:0 fault-nth:45):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  580.454219] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  580.461318] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  580.486187] F2FS-fs (loop0): journaled quota format not specified
15:23:59 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]})

15:23:59 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

[  580.600543] FAULT_INJECTION: forcing a failure.
[  580.600543] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  580.612394] CPU: 1 PID: 21891 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  580.620874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  580.630218] Call Trace:
[  580.632806]  dump_stack+0x1c9/0x2b4
[  580.636432]  ? dump_stack_print_info.cold.2+0x52/0x52
[  580.641625]  should_fail.cold.4+0xa/0x11
[  580.645685]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  580.650444]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  580.655548]  ? lock_acquire+0x1e4/0x540
[  580.659514]  ? is_bpf_text_address+0xae/0x170
[  580.664002]  ? lock_downgrade+0x8f0/0x8f0
[  580.668159]  ? trace_hardirqs_on+0x10/0x10
[  580.672390]  ? kasan_check_read+0x11/0x20
[  580.676530]  ? rcu_is_watching+0x8c/0x150
[  580.680671]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  580.685338]  ? is_bpf_text_address+0xd7/0x170
[  580.689833]  ? kernel_text_address+0x79/0xf0
[  580.694238]  ? __kernel_text_address+0xd/0x40
[  580.698728]  ? unwind_get_return_address+0x61/0xa0
[  580.703659]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  580.709195]  ? should_fail+0x246/0xd86
[  580.713081]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  580.718188]  __alloc_pages_nodemask+0x36e/0xdb0
[  580.722852]  ? save_stack+0x43/0xd0
[  580.726476]  ? kasan_kmalloc+0xc4/0xe0
[  580.730358]  ? __kmalloc_track_caller+0x14a/0x760
[  580.735197]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  580.740208]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  580.745568]  ? do_syscall_64+0x1b9/0x820
[  580.749624]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  580.754985]  ? trace_hardirqs_off+0xd/0x10
[  580.759215]  ? quarantine_put+0x10d/0x1b0
[  580.763366]  ? lock_acquire+0x1e4/0x540
[  580.767336]  ? fs_reclaim_acquire+0x20/0x20
[  580.771660]  ? lock_downgrade+0x8f0/0x8f0
[  580.775804]  ? lock_downgrade+0x8f0/0x8f0
[  580.779948]  ? lock_release+0xa30/0xa30
[  580.783921]  ? lock_release+0xa30/0xa30
[  580.787909]  ? check_same_owner+0x340/0x340
[  580.792229]  ? check_same_owner+0x340/0x340
[  580.796555]  cache_grow_begin+0x91/0x710
[  580.800621]  __kmalloc_track_caller+0x684/0x760
[  580.805284]  ? __kmalloc_track_caller+0x311/0x760
[  580.810127]  ? legacy_parse_monolithic+0xde/0x1e0
[  580.814965]  kmemdup+0x24/0x50
[  580.818156]  legacy_parse_monolithic+0xde/0x1e0
[  580.822820]  ? vfs_set_fs_source+0x12c/0x180
[  580.827227]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  580.831983]  do_mount+0x6d1/0x1e20
[  580.835522]  ? copy_mount_string+0x40/0x40
[  580.839753]  ? retint_kernel+0x10/0x10
[  580.843643]  ? copy_mount_options+0x1e3/0x380
[  580.848137]  ? __sanitizer_cov_trace_pc+0x14/0x50
[  580.852975]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  580.858508]  ? copy_mount_options+0x285/0x380
[  580.863001]  ksys_mount+0x12d/0x140
[  580.866636]  __x64_sys_mount+0xbe/0x150
[  580.870610]  do_syscall_64+0x1b9/0x820
[  580.874493]  ? finish_task_switch+0x1d3/0x870
[  580.878990]  ? syscall_return_slowpath+0x5e0/0x5e0
[  580.883921]  ? syscall_return_slowpath+0x31d/0x5e0
[  580.888847]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  580.893858]  ? __switch_to_asm+0x34/0x70
[  580.897913]  ? __switch_to_asm+0x34/0x70
[  580.901970]  ? __switch_to_asm+0x40/0x70
[  580.906036]  ? __switch_to_asm+0x34/0x70
[  580.910094]  ? __switch_to_asm+0x40/0x70
[  580.914152]  ? __switch_to_asm+0x34/0x70
[  580.918226]  ? __switch_to_asm+0x40/0x70
[  580.922285]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  580.927133]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  580.932319] RIP: 0033:0x45955a
15:23:59 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf0ff7f00000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:59 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x400000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

[  580.935507] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  580.954402] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  580.962106] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  580.969367] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  580.976628] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  580.983892] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  580.991154] R13: 0000000000000000 R14: 00000000004c9361 R15: 000000000000002d
15:23:59 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
r1 = accept4$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14, 0x800)
ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f0000000180))
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
r3 = getpid()
ptrace$getenv(0x4201, r3, 0x400, &(0x7f0000000000))
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000040)="ee1974fcf2abbbd9efa18274f5b04964bfdc1c588defbdba0bf1f9ec2e068d0a05207f2ab7880fdcecee06f1d37020b9fa8ce05431309d7e41c6f101586a1d71b3f5787b11", 0x45)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x4000, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0x400454d0, 0xe)
r5 = accept4(r0, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f00000003c0)=0x80, 0x800)
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000000440)={{{@in6=@loopback, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@loopback}}}, &(0x7f0000000540)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
fchown(r5, r6, r7)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000140)={0x0, @local, @multicast2}, &(0x7f0000000300)=0xc)
ioctl$VHOST_GET_VRING_BASE(r4, 0xc008af12, &(0x7f00000005c0))

15:23:59 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:59 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0xffffff8c})

15:23:59 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]})

[  581.003256] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  581.010431] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  581.020549] F2FS-fs (loop0): journaled quota format not specified
[  581.027562] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
15:23:59 executing program 0 (fault-call:0 fault-nth:46):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:23:59 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})

15:23:59 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x4ee000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:23:59 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000000)=""/102, &(0x7f0000000080)=0x66)
recvmmsg(r0, &(0x7f0000001ac0)=[{{&(0x7f00000000c0)=@ax25, 0x80, &(0x7f0000000180)=[{&(0x7f00000002c0)=""/251, 0xfb}, {&(0x7f0000000140)=""/6, 0x6}], 0x2, &(0x7f00000001c0)=""/11, 0xb, 0x7f}, 0x8}, {{&(0x7f00000003c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000240)=""/24, 0x18}, {&(0x7f0000000500)=""/155, 0x9b}, {&(0x7f00000005c0)=""/176, 0xb0}], 0x3, &(0x7f00000006c0)=""/6, 0x6, 0x27a2704d}, 0x2}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000700)=""/203, 0xcb}, {&(0x7f0000000800)=""/180, 0xb4}, {&(0x7f00000008c0)=""/176, 0xb0}, {&(0x7f0000000980)=""/232, 0xe8}], 0x4, &(0x7f0000000ac0)=""/18, 0x12, 0x3}, 0xffff}, {{&(0x7f0000000b00)=@ethernet={0x0, @local}, 0x80, &(0x7f0000000d40)=[{&(0x7f0000000b80)=""/255, 0xff}, {&(0x7f0000000c80)=""/50, 0x32}, {&(0x7f0000000cc0)=""/98, 0x62}], 0x3, &(0x7f0000000d80)=""/88, 0x58}, 0x1}, {{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000e00)=""/44, 0x2c}, {&(0x7f0000000e40)=""/143, 0x8f}, {&(0x7f0000000f00)=""/247, 0xf7}], 0x3, &(0x7f0000001040)=""/225, 0xe1, 0x7}, 0x6}, {{0x0, 0x0, &(0x7f0000001900)=[{&(0x7f0000001140)=""/154, 0x9a}, {&(0x7f0000001200)=""/235, 0xeb}, {&(0x7f0000001300)=""/229, 0xe5}, {&(0x7f0000001400)=""/255, 0xff}, {&(0x7f0000001500)=""/152, 0x98}, {&(0x7f00000015c0)=""/237, 0xed}, {&(0x7f00000016c0)=""/50, 0x32}, {&(0x7f0000001700)=""/5, 0x5}, {&(0x7f0000001740)=""/204, 0xcc}, {&(0x7f0000001840)=""/180, 0xb4}], 0xa, 0x0, 0x0, 0x2}}, {{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f00000019c0)=""/23, 0x17}, {&(0x7f0000001a00)=""/46, 0x2e}, {&(0x7f0000001a40)=""/59, 0x3b}], 0x3, 0x0, 0x0, 0x80}, 0x4}], 0x7, 0x2041, &(0x7f0000001c80)={0x77359400})
r2 = getpgrp(0x0)
r3 = dup2(r0, r1)
write$FUSE_NOTIFY_POLL(r3, &(0x7f00000024c0)={0x18, 0x1, 0x0, {0x7}}, 0x18)
r4 = getuid()
stat(&(0x7f0000001f40)='./file0\x00', &(0x7f0000001f80)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = gettid()
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000002000)={{{@in6=@mcast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@multicast2}, 0x0, @in=@loopback}}, &(0x7f0000002100)=0xe8)
fstat(r0, &(0x7f0000002140)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
sendmmsg$unix(r1, &(0x7f0000002440)=[{&(0x7f0000001cc0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001f00)=[{&(0x7f0000001d40)="17459e30f2", 0x5}, {&(0x7f0000001d80)="a09c74b0c2c6f57b667aebe58bd7bf4c6e93e23946e8c76b8e6acb3c806baa3444b81d986a57b360ab66fe4ba204ae8d28007a047af3bfbaf550fc1dcb11ceb42b94fd677cc070664f18e39e93b20182e569", 0x52}, {&(0x7f0000001e00)="2be82069f4e984045a09b137be4c51d7d8c3ae7f35512a6dbd9b743580fbefd1f9bcdba123c8dcd1ad2841b4fbf4b18e20268a14e0f0f615d0db4bf7f0f4319b417ce1996449809eb565c4c4bce781e8752d3a0b7b9bae31c7ec1f3506a83433f58ce9ab2107026096587a8945fc6ca7657f6e1efdcd7e8a9818075c94b1f496c4bbf5e915685881d116d1916262f87023c7e696a66268b2dbb94a00a2f086b368158e1534fdf78a9f4f706940621ba2b1584c26cca26256956735bbdcbb76dc16ea9404960b0f214321039ca3672532d79be3caac50f3348a65ddf78657ff822fb4430b2a9cbd08055a6e2b998a378fcf063e3a83120ee0f01f", 0xfa}], 0x3, &(0x7f00000021c0)=[@cred={0x20, 0x1, 0x2, r2, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}], 0x40, 0x44000}, {&(0x7f0000002200)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f00000023c0)=[{&(0x7f0000002280)="21f380fa54344df7", 0x8}, {&(0x7f00000022c0)="8b0b660d81d1edec35ad", 0xa}, {&(0x7f0000002300)="734689a74b4b220dceaeddb05fc400873343fb34ed568a5f627d2f21f616555ea49270296d4462a98d149fe9ce1a107928faf4", 0x33}, {&(0x7f0000002340)="39ba062b6e69b317edcd6cddeddf5dad8e6a4183b15c7c845a7ef1ce8e3eb749d3fcc239245b3f26081b7a4a81394fffb16744614fea3b9aca0940a087ae3310e8a039584f0dd7", 0x47}], 0x4, &(0x7f0000002540)=ANY=[@ANYBLOB="380000000000000001000000016dbe00efdd4c632100bc5109972398885d9b958546d3fbe5d4da645c254a10e96d613d06873d834b301eed8bbe7a263d55b7ec128e8f656fbfb890393d0d8645e2f37bdad1b908be82032fd99f30bebd62d466c410bf04b2a1167923d384367be8b972611f82153ef48505931a695b8c5bc15e3d89e5ef20cbf02b5134ff63fba6e9687b0bdfb8500bda79b046b9aa69553dc269", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0], 0x38, 0x4}], 0x2, 0x0)
r9 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000002500)=0x9)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r10 = dup2(r9, r9)
ioctl$LOOP_SET_STATUS(r10, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

15:23:59 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0xfdfdffff00000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:23:59 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
flistxattr(r0, &(0x7f0000000000)=""/76, 0x4c)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000080)={0x6, [0x0, 0x0, 0x0, 0x0, <r1=>0x0, 0x0]}, &(0x7f00000000c0)=0x1c)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000100)={r1}, &(0x7f0000000180)=0x8)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:23:59 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="6403743400", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:23:59 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

15:23:59 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x7400000000000000})

[  581.213856] IPVS: length: 102 != 8
[  581.223855] FAULT_INJECTION: forcing a failure.
[  581.223855] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  581.235831] CPU: 0 PID: 21921 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  581.244325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  581.253668] Call Trace:
[  581.256254]  dump_stack+0x1c9/0x2b4
[  581.259877]  ? dump_stack_print_info.cold.2+0x52/0x52
[  581.265060]  should_fail.cold.4+0xa/0x11
[  581.269118]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  581.274207]  ? kasan_check_read+0x11/0x20
[  581.278337]  ? rcu_is_watching+0x8c/0x150
[  581.282543]  ? is_bpf_text_address+0xd7/0x170
[  581.287032]  ? kernel_text_address+0x79/0xf0
[  581.291442]  ? __kernel_text_address+0xd/0x40
[  581.295927]  ? unwind_get_return_address+0x61/0xa0
[  581.300848]  ? lock_acquire+0x1e4/0x540
[  581.304806]  ? fs_reclaim_acquire+0x20/0x20
[  581.309141]  ? lock_downgrade+0x8f0/0x8f0
[  581.313287]  ? check_same_owner+0x340/0x340
[  581.317601]  ? rcu_note_context_switch+0x730/0x730
[  581.322522]  ? legacy_parse_monolithic+0xde/0x1e0
[  581.327363]  __alloc_pages_nodemask+0x36e/0xdb0
[  581.332026]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  581.337038]  ? lock_downgrade+0x8f0/0x8f0
[  581.341179]  ? kasan_check_read+0x11/0x20
[  581.345307]  ? do_raw_spin_unlock+0xa7/0x2f0
[  581.349706]  ? kasan_check_write+0x14/0x20
[  581.353921]  ? do_raw_spin_lock+0xc1/0x200
[  581.358137]  ? kasan_unpoison_shadow+0x35/0x50
15:23:59 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x2040, 0x0)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f0000000040)={0x7ff, 0x5, 0x5e41, 0x8, 0x1, 0x7fff, 0x2, 0x3b7, 0x2, 0x0, 0x4, 0x2})
r2 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r3 = dup2(r2, r2)
ioctl$LOOP_SET_STATUS(r3, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  581.362706]  ? kasan_kmalloc+0xc4/0xe0
[  581.366580]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  581.372108]  alloc_pages_current+0x10c/0x210
[  581.376504]  get_zeroed_page+0x14/0x50
[  581.380378]  legacy_validate+0x133/0x220
[  581.384427]  ? vfs_set_fs_source+0x180/0x180
[  581.388838]  vfs_get_tree+0x144/0x5c0
[  581.392659]  ? vfs_set_fs_source+0x12c/0x180
[  581.397084]  do_mount+0x6f2/0x1e20
[  581.400641]  ? copy_mount_string+0x40/0x40
[  581.404877]  ? kasan_kmalloc+0xc4/0xe0
[  581.408766]  ? kmem_cache_alloc_trace+0x318/0x780
15:23:59 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x9c2e000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  581.413615]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  581.419156]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  581.424700]  ? copy_mount_options+0x285/0x380
[  581.429195]  ksys_mount+0x12d/0x140
[  581.432819]  __x64_sys_mount+0xbe/0x150
[  581.436795]  do_syscall_64+0x1b9/0x820
[  581.440677]  ? finish_task_switch+0x1d3/0x870
[  581.445173]  ? syscall_return_slowpath+0x5e0/0x5e0
[  581.452849]  ? syscall_return_slowpath+0x31d/0x5e0
[  581.457777]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  581.462789]  ? __switch_to_asm+0x34/0x70
[  581.466846]  ? __switch_to_asm+0x34/0x70
[  581.472996]  ? __switch_to_asm+0x40/0x70
[  581.477059]  ? __switch_to_asm+0x34/0x70
[  581.481121]  ? __switch_to_asm+0x40/0x70
[  581.485184]  ? __switch_to_asm+0x34/0x70
[  581.489243]  ? __switch_to_asm+0x40/0x70
[  581.493304]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  581.498147]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  581.503333] RIP: 0033:0x45955a
[  581.506524] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  581.525418] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  581.533129] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  581.540395] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  581.547659] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  581.554920] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
15:24:00 executing program 0 (fault-call:0 fault-nth:47):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

[  581.562197] R13: 0000000000000000 R14: 00000000004c9361 R15: 000000000000002e
15:24:00 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]})

15:24:00 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
write$binfmt_elf32(r0, &(0x7f0000001400)=ANY=[@ANYBLOB="7f454c4695047ffeff070000000000000200060000000000cf020000380000006e030000080000000600200001000800200001000000000055e5747400000080020000007f000000400000008000000004000000176b000007000000ff010000040000000700000009000000990000007f00000007000000821329dd2bc8ad13325c880000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003034b4d47958145ccbd1c8b90000000000000000000000000000000000000000000000000000000000000000000000000000c21816f100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0dfffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009e853f1e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000041358e13ab38a57a0000000000000000000000002900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000011056e72cebe29b7c4fbfd0e28e971f91edde0eaa50325b909f3b827a392ec1b5a509aa7e8ca88b90450cdf5f2e540d9613f8747ec5e16b055dac8f47e1af0a20094fba8cfcd2d69c5a8fe852568ccf7ab1a31dfad323d0bd0381132c9b01043ead5a2ea75ed59fec04cbdaf5fdca6e6183e3a01047ff814f2aed06c5ad35e13cf04b22c5c8b135975a603f505527e6d8a754adc0b8bb5799ed2621116ad88b3e6331135a5eb776cf8b370c8f239ae745f552d4c7776a13a1371da160931d3ae2d119fa091fdce5fdb01bacdcfb5854faa2f589f300c758e4558fb7f9cd5c12e119bdd24ed3c882cbaf0eb8f74c87c0c415d440be2536e2d66b40f7e52020000005bfd06d1c06a21b42b1f4e467bd959caf1c5e6bfca9df236deb75da7698130807d3917d2aa92aaf549d26f2ae175c8bb420b598c399847d953"], 0x583)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0), 0x402, 0x10000, 0x0)
r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x7a, 0x0)
ioctl$EVIOCGEFFECTS(r2, 0x80044584, &(0x7f0000000080)=""/162)
r3 = dup3(r1, r0, 0x80004)
ioctl$TIOCOUTQ(r3, 0x5411, &(0x7f0000000000))

15:24:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xe454, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:24:00 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000000, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000180)='/dev/usbmon#\x00', 0xffffffffffffb6b8, 0x400)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0xa, 0x3, 0x5, "b1b2461678858e6f9ea98484cbe949f0f371f2b8dc61feb633d6423090b3c62eec24053e6916c9b13f834ed6ad9e9c430acbd26ce45f6e012b122d5992ec4b30", "eba7b2b640aab6bf2a93e4514698e526749dca5d9d1147e65d54882224996849", [0x1, 0x9]})
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r3 = dup2(r1, r1)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={<r4=>0x0, 0x401, 0xc12, 0x2}, &(0x7f0000000040)=0x10)
setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000080)={r4, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f0000000380)={r4, 0x8, 0x7eec, 0x6, 0x100, 0x4, 0x2, 0x2, {r4, @in={{0x2, 0x4e24, @rand_addr=0x9}}, 0x5, 0x1ff, 0x3f, 0x7}}, &(0x7f0000000440)=0xb0)
getsockopt$IPT_SO_GET_REVISION_TARGET(r3, 0x0, 0x43, &(0x7f00000001c0)={'IDLETIMER\x00'}, &(0x7f0000000240)=0x1e)
ioctl$LOOP_SET_STATUS(r1, 0x127a, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd766b616155647a4f32f399000000000000000000001d", [0x8, 0xfe]})

[  581.764767] FAULT_INJECTION: forcing a failure.
[  581.764767] name failslab, interval 1, probability 0, space 0, times 0
[  581.776082] CPU: 1 PID: 21953 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180803+ #31
[  581.784585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  581.793948] Call Trace:
[  581.796551]  dump_stack+0x1c9/0x2b4
[  581.800188]  ? dump_stack_print_info.cold.2+0x52/0x52
[  581.805489]  ? kasan_check_read+0x11/0x20
[  581.809650]  should_fail.cold.4+0xa/0x11
[  581.813725]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  581.818839]  ? kernel_text_address+0x79/0xf0
[  581.823258]  ? lock_acquire+0x1e4/0x540
[  581.827241]  ? crypto_alg_lookup+0x43/0x1d0
[  581.831574]  ? perf_trace_module_refcnt+0x9a0/0x9a0
[  581.836603]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  581.842149]  ? refcount_sub_and_test_checked+0x21a/0x350
[  581.847615]  ? lock_acquire+0x1e4/0x540
[  581.851596]  ? fs_reclaim_acquire+0x20/0x20
[  581.855934]  ? lock_downgrade+0x8f0/0x8f0
[  581.860093]  ? check_same_owner+0x340/0x340
[  581.864439]  ? __crypto_alg_lookup+0x31b/0x390
[  581.864457]  ? rcu_note_context_switch+0x730/0x730
[  581.864477]  __should_failslab+0x124/0x180
[  581.864493]  should_failslab+0x9/0x14
[  581.864505]  __kmalloc+0x2c8/0x760
[  581.864522]  ? crypto_larval_alloc+0x1d0/0x1d0
[  581.890190]  ? check_same_owner+0x340/0x340
[  581.890209]  ? crypto_create_tfm+0x87/0x310
[  581.890226]  crypto_create_tfm+0x87/0x310
[  581.890242]  crypto_alloc_tfm+0x1b5/0x2d0
[  581.890257]  ? wait_for_completion+0x8d0/0x8d0
[  581.890272]  crypto_alloc_shash+0x2c/0x40
[  581.890287]  f2fs_fill_super+0x2b6/0x8120
[  581.890302]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  581.890317]  ? __memcg_init_list_lru_node+0x20a/0x2d0
[  581.890329]  ? kasan_kmalloc+0xc4/0xe0
[  581.890343]  ? kvfree_rcu+0x20/0x20
[  581.890360]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  581.890374]  ? up_read+0x1a/0x110
[  581.890395]  ? f2fs_commit_super+0x400/0x400
[  581.890410]  ? prealloc_shrinker+0x231/0x4a0
[  581.890430]  ? __lockdep_init_map+0x105/0x590
[  581.890445]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  581.890459]  ? widen_string+0xe0/0x2e0
[  581.890474]  ? format_decode+0xaf0/0xaf0
[  581.890492]  ? string+0x225/0x2d0
[  581.890506]  ? widen_string+0x2e0/0x2e0
[  581.890522]  ? register_shrinker_prepared+0x15b/0x1c0
[  581.890541]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  581.890554]  ? bdev_name.isra.8+0x1a1/0x1f0
[  581.890571]  ? pointer+0x157/0x990
[  581.890587]  ? netdev_bits+0xb0/0xb0
[  581.890600]  ? format_decode+0x1b1/0xaf0
[  581.890615]  ? set_precision+0xe0/0xe0
[  581.890626]  ? do_raw_spin_unlock+0xa7/0x2f0
[  581.890645]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  581.890656]  ? vsnprintf+0x20d/0x1b60
[  581.890673]  ? pointer+0x990/0x990
[  581.890692]  ? snprintf+0xae/0xe0
[  581.890704]  ? vsprintf+0x40/0x40
[  581.890720]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  581.890734]  ? set_blocksize+0x2c1/0x340
[  581.890752]  mount_bdev+0x314/0x3e0
[  581.890762]  ? mount_bdev+0x314/0x3e0
[  581.890779]  ? f2fs_commit_super+0x400/0x400
[  582.055019]  f2fs_mount+0x3c/0x50
[  582.058472]  ? kill_f2fs_super+0x330/0x330
[  582.062708]  legacy_get_tree+0x131/0x460
[  582.066769]  vfs_get_tree+0x1cb/0x5c0
[  582.070579]  ? vfs_set_fs_source+0x12c/0x180
[  582.074993]  do_mount+0x6f2/0x1e20
[  582.078531]  ? check_same_owner+0x340/0x340
[  582.082851]  ? lock_release+0xa30/0xa30
[  582.086827]  ? copy_mount_string+0x40/0x40
[  582.091063]  ? kasan_kmalloc+0xc4/0xe0
[  582.094956]  ? kmem_cache_alloc_trace+0x318/0x780
[  582.099819]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  582.105357]  ? _copy_from_user+0xdf/0x150
[  582.109510]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  582.115048]  ? copy_mount_options+0x285/0x380
[  582.119551]  ksys_mount+0x12d/0x140
[  582.123180]  __x64_sys_mount+0xbe/0x150
[  582.127163]  do_syscall_64+0x1b9/0x820
[  582.131179]  ? finish_task_switch+0x1d3/0x870
[  582.135686]  ? syscall_return_slowpath+0x5e0/0x5e0
[  582.140629]  ? syscall_return_slowpath+0x31d/0x5e0
[  582.145559]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  582.150575]  ? __switch_to_asm+0x34/0x70
[  582.154641]  ? __switch_to_asm+0x34/0x70
[  582.158701]  ? __switch_to_asm+0x40/0x70
[  582.162764]  ? __switch_to_asm+0x34/0x70
[  582.166825]  ? __switch_to_asm+0x40/0x70
[  582.170894]  ? __switch_to_asm+0x34/0x70
[  582.174958]  ? __switch_to_asm+0x40/0x70
[  582.179022]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  582.183868]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  582.189062] RIP: 0033:0x45955a
[  582.192258] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
15:24:00 executing program 3:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000080)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x2000000000000000, 0x0, &(0x7f0000001700), 0x30, &(0x7f0000000180))

15:24:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x68bf, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:24:00 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
setsockopt$inet_dccp_buf(r0, 0x21, 0xc, &(0x7f0000000000)="32648fe3a3a383ffb5bbd14b5f2f8ad6599aa49f6b7575b2718eb14dbd6b737c2c56ec26bbf63985c8d53811c58d7e572251675202f10d69c32e11eccad559673145b2a5a99290c13293ebe7c176846dfbe26999fddcb5a13eebc6f32c1d14e98db4b6d97d7d83f8a04b", 0x6a)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x6, 0x40040)

15:24:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xdd9c, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:24:00 executing program 4:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x240000, 0x0)
setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000040)=0x76e, 0x2)
r1 = socket$inet(0x2b, 0x1, 0x0)
getgid()
bind$inet(r1, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r1, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
sendto$inet(r0, &(0x7f0000000640)="dc0e6faa16929dcd3011bb5ffef8dc7e23015781421b072f5193845a8a67df6f5f9942614f116eb456ca346e6d90136cd60496f428f29b9fc1311a5b34fa696b37414f4872efd57dd70c70be809826347f7bc4b36b61905139b6b6d29abb3d27fee80931336096f5e896c4b1bd1c5cfd17bb187616b5d928ea2c27c9fed0f87d0f080f03f598c2ed2912c8c5be98817dadff051a375a97cb8397ffe64324681df83a52221fd1a692b96d5e698cfae2cef5769eae24466852f0442ec80cafb20d9ab5d3542872a531ae80490bff0f718217f468c657cf3eb7d5c0a633f0e8c0462a4c7158cf7660fd42344d63ed88c26c2ff7cd968ce11ae829898bac9fc4926207970a7629c36d4edc0ff9017d013199243ab6d92b46121a0647e366f1a9ed2550922c38f60bd7493bab1fbdf2d140336d485d5ef5c5dadadd7b616f4f285fb44bca1d9faa57514c1b9cef4720aff137028019599e52c1d088e130a0a681a137e90028e412cbe5f76bce981e2ce4b20a73b31ce9c03a84231d87ca43925f424f50210e69273f89b144851464830b2b93e53f3cc4d76ff0d649f5e4907e99449e2e9166b47e2d093a27e08ab62e65cfd2ba9ff969dc092e87decc5918b47265153385594251a8451d0dc18f8ef796860ba83e553eca9d2516bf60cd0676738b9dd9031a24bc9155078c0dd16bc06e3fe297929e734adcdf232c5320183846eff4b2e29c76291ca24c7b14714c2224318e4470300852de64ac3aa302261e91ebbe4dda133357af3fb3663c31fa65cdb2866b8a135c87dfa350b5fec9a7d59a4204f8654f005974e1a86cc0a9eb635786c142451a8742076e7986527cfd41da1dce46722a2fec3c20f2e243412f988200c53940816b001afa368bf02922850c5312a3b6156bfa2eeedbed51f637d3a5cb1854e716365bc2de4ae25ee0495eed7763d43588aeb3adedc8e2bab46429a4cec319f345d1150f7e43f0deb325716b8ccdbbc3d12dc973fe171da37d163510707dd04cfb70f72bd02f4a358b8d5ef0139513b7414bd68c8b4e2988258c9ef8f0399ddf1e527e545cd99e8cf4158f298c371deab4be44f16f99918abcac131b15e56b5090c1bc916e9290aadd7dfcd531cc4318c4587af810132d83af0235901402b3b6a06b03966615730d6f21e32513ddd3dce3e2d2e8dde5840361b730980671fbc5fcdbe1745c0a31f76c49b0f6ba8d594dbb434ab0554b898053f9fe72734109fd4c5676fe57263ac6aa33d886a8515765797876d76336e1abad1bf4c63fc15b01140a30d509cc574ec14560335a17e37187c18ead0ffae7d1a501f9502579e3ed8f2601757e75a9135a5ae6cadbb7c442d8589cfa06ea1288fce00924760080d8ad91684e961b9ee8e60f767860c09fdeb522af80dc14b55f9a0f998983f9d5507c19bac762d4440d19a325e2971ecb03939c7f888e84ba2942227a5ffc46d7165390c873784e65eaa3701f7930496ac592e16901af7c541f38d51382e0d90a99568ff69f0ed073fa892575c02eed06cddb5dfd599df322447930902308ab6f72502dbfb20c0938a41b9afd208cb953983b25f884c0d81fa2448f6de284fefe89550e22af5d8fee8ca6728be930c11c1d30a305b5b1bd636bc10f008b0d13db6bc2005819281934ab5383b637cb3727aa016e7f127d758c0039249de6f59c5cfef8c9c8fc27954c64cfe6db161f6ceb0e1d7b62226760b9eb42f3dce69015f846add972973192da3bab82ec5d371ab69544a8c0572a836d9420bab54291b4a8b61511e58ecbbe7396a8f9fd10ed582f5dfe30c7a78f458ef8724247f3a6b01210d5a8abfecb7e626e4eb48e072cb709a8441d04c68a96f1e301d9818ff6009566358a0c3a31f9b1e0ad96c52717f4914ce42d1b81ee38589887281e65f9cbcd242059b15a323c7f175909591c5b25952331951f2e4c9d93f5512fb51306f709e359f8b667175183fc1f40649faec817c3e2d00633c28a129e8edb029fece478bd8934396bca25cad28da4351468e0f0bf4e94e835ffad1c9662831bbca8c6fc2386e3e2dc1caf6cf949e91a57744eea1842437a1d47b0169f5ece584f5729693764937ab949a126631e1b798537e87a71bf23b1d6cd133d8857a0492b1e921bcaa0757dc92381d22eda80ee0f5975262f77a3bef489b3901897a249238ad145be8300a5451d3858e952580d23ab6bf2ea6972a2b2e8dd075f4e58d90407ad90b73aac6c9ae2287ed8f37751e15096de4b88e40be94ee6594cf047204821ed440e669ef47d563345713bad0bb584c5cf60c09fe240dfed66c139d4685562323ce9b4f908977cb188376570a8e55c70bd9cc5c2fa65e36c70bbd133c24579b8616d52d970150335859cc4039c308df2b2531a868dd75eed6943031dc73dc0d75241ed0d47f53e3752383060a4a875fc5f38487e67a3b43c51b089b7cc9f5672d8402764f2d7ad363cbc11e9b7891174479adb6a492b77ac0de7731fa6869913533d71173dd9ef02be910b0dd71462453d1c381f87fb3fb0820c527767e3acb6731ef9409fe58ad6175ffe73b8698f76df6339e6220da6d6249bdc2f3e9d38a3b1a0c3db09d344c218b3e23ab5101ebe43d45ffa03961e50bd9f93a8bae396f84cf45c6d73d6a7c27d0245ed580da0504a433e2d4683c3e52bb8b483a1b26696d6a4086b9eadbe425bb576c8dc940d6bda8106b8c0932d6e948a10e7009fe6f2d6f226d2fc2b5f954c1e52965bda3a0b05469a6d5a5f4e5ccd0cc4e26996fb5a16d2adcce0c014dd04c34d5c39236355fb83d60c3c9392d22ca367e674aaa07fe0b830ffe67ef4373971f1ed567a676d35ba102e97b462bfd5cb981489a36d8931d0ce15d51350427f9a8ca8340e6789d2a1d25a4c3d860c98211526ca80db5f69c4001afba4aaaca9ccf66dcfdb3296ceb561735de796a075752d57c21093f9ae44f7b3a06cafcd3a42b656b57585b31470c374b1d7e6824a6f532b66d4a33a88e349dcc42618f07e971f82b71358bc28c4971b62fd8a37da14a48f11e2dee60ece44e47363bc1cce7e10c1a74c1d58813f16ab1e868bc6a1aa0d4fcde4419d22142d7253a2bbac46880162c95035c53d5fd731bb4b12b8e13d6572df7cc77f196be58febb19293cd09bacf98ed5bcbbbd7728f0cbfad7a9f3e98b5b19b55a03eaf7cdfa3b9451b0a921410ccd11b5d1ba57b2b65caea65f30ba5b333cf33c9db879481449beae75c99cf344416961fdd4c565ced3301ba8682b754e6f4e5b9cbbfaf19508b74d844c882b9ce3f7c3a98b24367bdb0e0fc5d3283c20c264d0ad6f61a544b0a1ed25d875ee5e0d384da9489ae40df1718bdb4ad625cdc4e89d9f08688014ea1d9a513567c2b40c91ae157c003d0d803d69afcd10f866563c9ccdb21043700edd3a197d9875cf8a058be4947b467f21a3ae0b7abae4f5fdff0cff8451a207f6249a37a84e5c35feca28471820f300971f2784cda30bb465f4982b999cd4b08630e8fba272abd807fcc11c257992b12ae96be4c828d5b81fe84316fc442103dcb01093015077549bf07302145683d72d127daa51a7914afb2c3f24f42787856c560378345a2008d6dda380f76f4efe092f7b8f4207c38ca4071acf18b18371c0111067ed3def1774949e03da2cbebade25da17bacaef7636fbf5cf3c8b229e6b2e81a6e4e20d93c749483c5e724b209adcaf39ef59be7894d5db5aa639e8454305a97584055966a43d85b7bc2e1d43ed5ad71c7297d47ab1c2883a557dbff7482b08066f33ede6298f998823d94621f968e4916c5304a6c8b9a070340fb55d3a2e774236d0163c5e593053fbcbaccf766e59413ceb04b9703262b68ba5ed357216171106b5ce8cf9e1c714751b42f48929be8a45eb63c9f5f65dbdf073c0d8fceca643d5c4334a79f570570866f6196c892a3b33d64d4598b5c2a454eb8bbdf2e7e6e62a77d4264e5770051267334c4697d4274e8b8817d54ecf3a3f405e0a07226c5c1aef01425260b2d83641a25f7ca7cb0441688908ccde98890ba816fa4f2fe673490bc7ac87eccdb026ff317f3d117db25130254a96f3d6f0a5968684df395268c6d2ae0fe1f6d3a0101bf8bb856eae0190f953b8a50fda31b2adc315fb3adf23949e24c862757c036e9bf99af557f0db3e9b54b05afa2d08e9c91e06d3d69ebd175aa111df1662e90b181da6deb5f9c2285cadeb14ebe838bc7be086dd00cf8ea90f9f014b2e47eeb6b8b37d72ebb5e421ff2c24b986bf7924c88b51d1b3332c22bbbafdcf81daf22946e2e27c9af8210ebaba313976e504b8ba6efc3df6c0c289801c4c1fc10cdac547fc12cd2a7ca489363c3a2ae68319a1e717c97d2f938699fa639014965af4b3c20178e363172474e0a7213aa577bf1c67458f0f9d3acc64c8cd24f93fd0acdf8f7f441cccda482aea46b2d8b701b1d7ae74adc54089a21c7148fc183a74de6ff4848fa45ab894708a5f52170cc5fc51a39db8dc95c68b3f8000c85d4313b45e6168a14bd55299ee84146bb46844a89e812a54b976fed5cd4c3f1c0993368b7b24e9a8d373107e16c5d345f7aa610912f36d60ac783b7dc771b35228aa939466d9cfddd1a41d32267d7a50c3d368ad5c76a00ba88af225181fd545a4530ed3527aea74cab644af7f275283b77ff20f01ee941d00e3ed2ef124f7188a69cae0d05579d55a8737fdbd8e499c7e72778880b28d6e28e44b736a57b3262be1faf824f4eb90e32bb9d971fdb4698662545b68749afe6599b6ecf8b82b2116ab0c80161270b20839d87ea2a20e55eacbd425986b4d722bf3a2f4bfff10951a58cc24291aeacb45a967d83d94991e4ae774b42ebdfe9bb200a6c38381dcb1b2d9d4fc3e03f30a50a7aa17f3b898dd96e5dc2f5c756bb7d132589b95a6309c4872186ba7d000676627395015e286c61fe093dc1201a9c8e235ebd740b4d5c53ccb5a81251bbee2cf5a79dc772b3a585202dc464239ffcb08b0d7b1d04b45ecd63fe6c7394611a553996630c07cc0304fd16be89c7071be5b59635bfa2039319a1a690d271f8562d30aa6057baf001bf462a2876cc0ec46e61a15e10d5c8f84bac6513e4144200059eed86d62868c7cbcdb6b1fc0b046cd542657dc952ceb83fb61647d925b6717995dbab5a7a2e964a80bbfb53a850ebeb8d8fc520ecefe1e26e7a6997d847e0aaca8a83c2aec393b7b9d626e1b30d457ead92ff1d29134adb4a5ec38762026e1fec9352bb43aa307573a88f163739302979b740ed0b0ed920d6792bbbedbb97874ab7a8375ec6909435a33e00a1c8dc5a7ffd945d16eeeaf0094bef3d0a6915e139ada6c61a016ecc1f2b7bc24b2c48b8885e5b95c87e387ab75b73ab7badb4ba06b4ab645e4a6fa451ae8754863aacb1c527f237cff98d9d3765ce71d862955316bd78a21cd6620ec0b237bf0847031eb0e887d872ef138b6880719612c9ebdfb035c3c6e77ad53681373bdb4e14fc88b4c03f07d47dc20dfbbbecd9aab350173a8d5c6f3f7b092f3fd70665c367877fb867cbbea9ecb73de62ec800ab45a5945f0d6b9d0485b7c90ae70274bfaf296fee81c0293ee12552d7695976306d1c78394a291ff870abb1008f154bd112e9c8bb5a62dd3ef5bc9b253caaf03e435ab3c601a26b0ef16c85de19d3b16fc4de56c27903a82867173520f7e5d0af4d7c36f0fd816da6a8d29968548dda1cf32436eba6e6dee3e51d9b6a6fee5b027cd2533229dd961f5558a7d77a513a01362ac7e08f6e06c7670ff7c6d768", 0x1000, 0x8000, &(0x7f0000000080)={0x2, 0x4e24, @remote}, 0x10)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x1, 0x8, 0x2, 0x0, 0x1d})
r2 = socket$inet6(0xa, 0x80086, 0x6b2)
ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x1)
recvmmsg(r1, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000180)=0x9, 0x2)

15:24:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xf0a0, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  582.211156] RSP: 002b:00007f33a70e2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  582.218869] RAX: ffffffffffffffda RBX: 00007f33a70e2b30 RCX: 000000000045955a
[  582.226138] RDX: 00007f33a70e2ad0 RSI: 00000000200001c0 RDI: 00007f33a70e2af0
[  582.233402] RBP: 00000000200001c0 R08: 00007f33a70e2b30 R09: 00007f33a70e2ad0
[  582.240669] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014
[  582.247938] R13: 0000000000000000 R14: 00000000004c9361 R15: 000000000000002f
15:24:00 executing program 5:
mkdir(&(0x7f00000003c0)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000300)=ANY=[])
syz_mount_image$ext4(&(0x7f0000000140)="64037434c0", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000000), 0x30, &(0x7f0000000180)={[{@usrjquota_path={'usrjquota', 0x3d, './file1'}}]})

15:24:00 executing program 4:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x4e23, @rand_addr}, 0x10)
ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000))
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x11a, 0x0, &(0x7f0000000140)={@rand_addr, @multicast2, @loopback}, 0x28)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
recvmmsg(r0, &(0x7f0000001ac0)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/229, 0xe5}}], 0x1, 0x0, 0x0)

15:24:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x7062000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

15:24:00 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3040000]})

15:24:00 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mount$9p_xen(&(0x7f0000000040)='/\x00', &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='9p\x00', 0x7048, &(0x7f0000000000)=ANY=[])
syz_mount_image$ext4(&(0x7f00000000c0)="6578740500", &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000500), 0x30, &(0x7f0000000100)={[], 0x40000000000000})

15:24:00 executing program 0 (fault-call:0 fault-nth:48):
syz_mount_image$f2fs(&(0x7f0000000300)='f2fs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000280)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000200)={[{@prjjquota={'prjjquota', 0x3d, '.vmnet1'}}]})

15:24:00 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1000000, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0xfffffffffffffffe, 0xa, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f0000000040)=["07e646d400"], 0x5, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]})

15:24:00 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0xffffdffffffffffe, 0x1)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
flistxattr(r0, &(0x7f0000000000)=""/93, 0x5d)
r2 = dup2(r1, r1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0xc00, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})

[  582.374977] kasan: CONFIG_KASAN_INLINE enabled
[  582.379635] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  582.387049] general protection fault: 0000 [#1] SMP KASAN
[  582.392604] CPU: 1 PID: 22001 Comm: syz-executor4 Not tainted 4.18.0-rc7-next-20180803+ #31
[  582.401117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  582.410497] RIP: 0010:smc_ioctl+0x880/0x1250
[  582.414920] Code: 48 c1 ea 03 80 3c 02 00 0f 85 e4 07 00 00 4c 8b ab 98 04 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7d 20 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e c2 07 00 00 4c 8d bb f8 04 00
[  582.433834] RSP: 0018:ffff88019a59f5c8 EFLAGS: 00010202
[  582.439211] RAX: dffffc0000000000 RBX: ffff8801b35514c0 RCX: ffffc9000ae3c000
[  582.446478] RDX: 0000000000000004 RSI: ffffffff8684dfd2 RDI: 0000000000000020
[  582.453747] RBP: ffff88019a59f9b0 R08: ffff8801c7bdc200 R09: 0000000000000000
[  582.461066] R10: ffffed00366aa2a9 R11: ffff8801b355154b R12: 1ffff100334b3ebd
[  582.468329] R13: 0000000000000000 R14: 0000000020000000 R15: 0000000000000001
[  582.475589] FS:  00007fa593af8700(0000) GS:ffff8801db100000(0000) knlGS:0000000000000000
[  582.483802] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  582.489671] CR2: 0000001b30d20000 CR3: 00000001a9ad7000 CR4: 00000000001406e0
[  582.496931] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  582.504186] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  582.511440] Call Trace:
[  582.514033]  ? smc_connect_rdma+0x9d0/0x9d0
[  582.518366]  ? trace_hardirqs_on+0x10/0x10
[  582.522632]  ? trace_hardirqs_on+0x10/0x10
[  582.526893]  sock_do_ioctl+0xe4/0x3e0
[  582.530681]  ? __fget+0x4ac/0x740
[  582.534493]  ? compat_ifr_data_ioctl+0x170/0x170
[  582.539240]  ? lock_release+0xa30/0xa30
[  582.543218]  ? trace_hardirqs_on+0x10/0x10
[  582.547458]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  582.552637]  sock_ioctl+0x30d/0x680
[  582.556253]  ? dlci_ioctl_set+0x40/0x40
[  582.560220]  ? retint_kernel+0x10/0x10
[  582.564106]  ? do_vfs_ioctl+0x163/0x1720
[  582.568155]  ? dlci_ioctl_set+0x40/0x40
[  582.572117]  do_vfs_ioctl+0x1de/0x1720
[  582.576000]  ? ioctl_preallocate+0x300/0x300
[  582.580394]  ? __fget_light+0x2f7/0x440
[  582.584363]  ? fget_raw+0x20/0x20
[  582.587808]  ? finish_task_switch+0x1d3/0x870
[  582.592294]  ? lock_downgrade+0x8f0/0x8f0
[  582.596425]  ? finish_task_switch+0x18a/0x870
[  582.600912]  ? security_file_ioctl+0x94/0xc0
[  582.605311]  ksys_ioctl+0xa9/0xd0
[  582.608760]  __x64_sys_ioctl+0x73/0xb0
[  582.612635]  do_syscall_64+0x1b9/0x820
[  582.616519]  ? finish_task_switch+0x1d3/0x870
[  582.621276]  ? syscall_return_slowpath+0x5e0/0x5e0
[  582.626203]  ? syscall_return_slowpath+0x31d/0x5e0
[  582.631122]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  582.636146]  ? __switch_to_asm+0x34/0x70
[  582.640198]  ? __switch_to_asm+0x34/0x70
[  582.644244]  ? __switch_to_asm+0x40/0x70
[  582.648292]  ? __switch_to_asm+0x34/0x70
[  582.652343]  ? __switch_to_asm+0x40/0x70
[  582.656397]  ? __switch_to_asm+0x34/0x70
[  582.660446]  ? __switch_to_asm+0x40/0x70
[  582.664499]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  582.669339]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  582.674530] RIP: 0033:0x456b29
[  582.677713] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  582.696616] RSP: 002b:00007fa593af7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  582.704317] RAX: ffffffffffffffda RBX: 00007fa593af86d4 RCX: 0000000000456b29
[  582.711585] RDX: 0000000020000000 RSI: 0000000000005411 RDI: 0000000000000013
[  582.718845] RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
15:24:00 executing program 1:
r0 = socket$kcm(0xa, 0x522000000003, 0x11)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), 0xa}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0xbcc7000000000000, 0xffffff7f00000000, 0x0, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0)

[  582.726102] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  582.733367] R13: 00000000004d1370 R14: 00000000004c6dd2 R15: 0000000000000001
[  582.740641] Modules linked in:
[  582.743833] Dumping ftrace buffer:
[  582.747353]    (ftrace buffer empty)
[  582.751266] ---[ end trace d6140d7f6494225f ]---
[  582.756108] RIP: 0010:smc_ioctl+0x880/0x1250
15:24:01 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r1)
poll(&(0x7f0000000000)=[{r1, 0x4003}, {r0, 0x2000}], 0x2, 0x1)
ioctl$LOOP_SET_STATUS(r2, 0x127a, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "4134e475824fbfaeefb678580e4aedd886c0b629cd32c56ebff9ff7fc3ab2a4b8c171676b94083085709923fd77ead8ca0073183b09c00000673944ded2f376e", "49710f29a576931228cd8c92a1b9375555874f087c766b616155647a2732f399"})
socket$vsock_dgram(0x28, 0x2, 0x0)

[  582.760551] Code: 48 c1 ea 03 80 3c 02 00 0f 85 e4 07 00 00 4c 8b ab 98 04 00 00 48 b8 00 00 00 00 00 fc ff df 49 8d 7d 20 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e c2 07 00 00 4c 8d bb f8 04 00
[  582.779501] RSP: 0018:ffff88019a59f5c8 EFLAGS: 00010202
[  582.784904] RAX: dffffc0000000000 RBX: ffff8801b35514c0 RCX: ffffc9000ae3c000
[  582.792226] RDX: 0000000000000004 RSI: ffffffff8684dfd2 RDI: 0000000000000020
[  582.799533] RBP: ffff88019a59f9b0 R08: ffff8801c7bdc200 R09: 0000000000000000
[  582.806838] R10: ffffed00366aa2a9 R11: ffff8801b355154b R12: 1ffff100334b3ebd
[  582.814135] R13: 0000000000000000 R14: 0000000020000000 R15: 0000000000000001
[  582.821450] FS:  00007fa593af8700(0000) GS:ffff8801db100000(0000) knlGS:0000000000000000
[  582.829700] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  582.835615] CR2: 0000001b30d20000 CR3: 00000001a9ad7000 CR4: 00000000001406e0
[  582.842918] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  582.850224] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  582.857523] Kernel panic - not syncing: Fatal exception
[  582.863297] Dumping ftrace buffer:
[  582.866830]    (ftrace buffer empty)
[  582.870521] Kernel Offset: disabled
[  582.874137] Rebooting in 86400 seconds..