35ae1efee72b61652596f980846a354ba65642ce0560fd85739df691841a7c09febcc9ca30dfa2da560d15c2abf07bb95756a4c3d9132d0f6a4f863e13bd47d1afb146654abaf306afd22cce0720283001d0f365705f22d63a80a2e49135e67a1cfff4aac566b861b413797bb4b66f877d724811f9e549f547537d9f711f7bb11fd177b0f99b1c244057e2a72ba22daac78c6fc46e9b32051ead6a938ff64ad8585f322753a48c07cb8fa23ffaea91971411485200d64e3b0b5d7277488825165fd4aba760580e61852313fa8aa8c1ba8c38d104dc9fd9a1d48c197d82fdcbe9878d5d23d1dfc506084e8ada05febf4355b3cfe161737dc257f748a606498f411089d01213ca3237cf54dfd77745ef7a6ed36576651e3a78435055c88c76a006398becdf53e608158476f033de2328354acd840fb7f3da4c39c65d1c7660f08d67b60e8917cbc11a5d613e367a15fb2ed965902bdb2ca8eb7a401271b8f3474fda09ec38947959711d0578e7776027834cf1713fea9b8224049315ff84d859fadcca2d61162b73b2e5c47b5ddcf65bdfad4f8b3747e6b48d0eb55147ec74e7d5f23ae7f888e1c42edc582d854bc8499e991b6e851318de4f6c6adebdac3ca5505a579373897e91e7da9c2c9ef7ac14d84834890ab2c8b356a0d306eae05abf7ce504f5951aac8e2a58d5cccde98af66b4ba6ffd6f147c3467b654e86bcee38a44cac7e6dc79252650ada1727c5369435aaef358d9eb443d1ade7184aae81f95f4736e7123e26fcb96177c8a38f6f8f3ee064f0696f90832aaa93d8c1805310bfc2f1253c3c664348e8e6af906791dd96fa7450d4986edb5d574b636ff9d69931dcf86378563c91cd8173c196dbed3feda51dd8f19891fecd0f1397fd01f369264015bba11f8d76d8311a55c1f0ff91b050818d0775443add016c038e1b23c80b90f4b5d6f23aed635f3b84596715a5e8a5e5a05757abb7feae7f3dbfba3142669d8dc533eccc799263e6e593741bc423c2a3688d58d274d93b583b9dbd725e34aac0e582a6ceecf3ae837b328c0e04870854c864314cb1acd7c2695cc434634fca7ece537b7d4f8fd61da548704e864db595ff7f4315cd5ec37d515fb0ea4cf30a559795e6ad15c9f4c1e2a3f2703b8697183ac4b117c7d1467af54ba05b5917cb3e88c14934978b79356edec04096667391d286b0b9289b40308cb5daf6d3ed1fca87649fcba6aab23623dab4e8510705426fc99691b4d41dd63b4d0d7cf3787992fd2bd8a0a68344ff4776212a29b3f3c5257394f9daaf9f8f36cb21e08df8675e0ba4d2365e973f3fa27ea31651a270211f90029a2567a371ad3c4dae647ff2921e34d1b11cd4042766b520e2b58f570eccafcf6ef07e2678e66a6bce15a0edef047fb8cb855a9eb6b5189418510c8436f82c695a5bfba900ca68a674e3f6c2f04d5145f57b8e050548b5240ed3fc6a3803e26c59cdbcf9b4db5184169ee1a4490888fed5fda8faef1c490cc5c29528935f495e9903b69cfaabc3fdb2ec218b8cae5570404120a61348ded597c6a5bdcb147a090d7b12f0c7bc2bccf8e4e213f2fe9a19021e3375575751ec6e2c7ddc55582518e29c5392cb81d15cae48983dec54aeef924a154be67acbbd9cbad4dd69fc6cbc5bcb51161cc1c7c932e9eba5180161d9d841c2954e1f9e5dfe76876cb833a313ad94b6e3a2ae9b543d482e9bd39975cc9367a7da640889298d9c099ccb83b6c6cf7e2be89b2568a88908f5a513b0eb3d454622987b3ad669fd7e65227bf679c3f3a986c6a145d13b5c23e200390cea6756bdbb372d5a327d4b5c89dc6248a4fdfcf4290d42c502e7677471892f6cefaee5ec30a2de48506c483960840cd6615b72ae3900368dd9bb6bf96d560d1505184b8db23a182d38d10239f57553f1dfa221ed19e3106f0c1339e690238c1f90f8589c5130950f2d7953459978127142b0e661e1b0c7b7073b396136d274ea3ed32dab9014746e73419735dfb178b006c5b763919041311a2617b38612662b45a153e6448785fa810760995d7c789fb11a017381f22204fa9430eb9652f41cd26eba5847ed067d63", 0x1000, 0xfffffffffffffffb}, {&(0x7f0000000240)="2f068168857e16b215051d05169b99f75b576c53c22b2f124693d23dfbbbca8644e517f5e5b1cf475bb7f7f5e6c42d20c9af228be8c66920e9e88dfe93031fca0e848cbd612de469a8e0e1ca4f1bfa96195519d1f95174f7e5e59cf7cc8056df3b5d9f6412a98948b31e82e92750888c8f2de0cd4defb64e21f20d777da34e3a7f5f744736b30480d3acb4f9fbe5c2a536d51daff21f2bc5941ae635", 0x9c, 0x7fff}], 0xe915be06aad61069, &(0x7f0000000840)=ANY=[@ANYBLOB="9ef7d1337744d86e8b7405752630bb9900a2ec3498c6357deb671b9fb15c020045b99476dda06eed929ce030411c81a4c1fd8de35fb2b19de70ba246024f82d66693ee35878a7e15ef77b7b038a1d51d2f7e640e36fd1e093dd65e2d67a233c947bd35e42eacfc8e58bf8035171d71d6f6b7734f5c53dc7ce2f6e2c7e690925ea6cc2fc66b2597df38d69465891e60b8f9096e5f236bca1de34dab0b8dbb1a14e43340987de1fe70b7d88eef6e976c1b70291fbf85bb00000000"])

[  566.381307] f2fs_msg: 173 callbacks suppressed
[  566.381327] F2FS-fs (loop6): Fix alignment : done, start(5120) end(19456) block(13312)
13:47:15 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)="3970e4", 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  566.454708] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  566.462143] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  566.470404] attempt to access beyond end of device
[  566.475483] loop6: rw=12288, want=8200, limit=64
[  566.481429] F2FS-fs (loop6): invalid crc value
[  566.488692] attempt to access beyond end of device
[  566.493729] loop6: rw=12288, want=12296, limit=64
[  566.499139] F2FS-fs (loop6): invalid crc value
[  566.503945] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
13:47:15 executing program 3:
r0 = socket$inet6(0xa, 0x8000000000000802, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f00000000c0)=0xffff, 0x4)
r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x40000)
r2 = epoll_create1(0x80000)
r3 = epoll_create1(0x80000)
close(r2)
syz_open_procfs(0x0, &(0x7f0000000200)="6d6f756e7c7300d00a0340fc010f77a6b13ae1e701766db3f44f8ee92facc7ec30e8afe7b2df02509ffcfe8e")
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000c85000))
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000300)='./file0\x00', &(0x7f0000000a40)='ramfs\x00', 0x0, &(0x7f0000000b80))
socket$inet6(0xa, 0xf, 0x3ff)
mount(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)="727ede8007e69ce948ef21ba537d000000000001736572667300", 0x2002, &(0x7f0000000340)="868b88b175791d37f25e9b734d0db0166ed8e53de094e5b98adb954a2b41de0e3ea5f6a595510ccaa629173f4f90a03ec0e628a68fae8b3a549899b02d33242cdd077c4b168450c2a5f8a17abe6ffa755a6420917f0acc254928ae8a96a7484b9de50e5332727b0361cbaf7df96b10cd84405393a51ede1d04bcaaccc927cd63d2e4c212c84dde80d75e8daec01b8c91760c4625c3f57eef66f2f4054dcbcad5fbf730470d6c93a051296bb533f34c845aba87130000000000000000000000")
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffc000/0x3000)=nil, 0x3000}, &(0x7f0000000140)=0x10)
utime(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240)={0x6, 0x3bed})
sendmsg$inet_sctp(r0, &(0x7f0000000080)={&(0x7f0000000400)=@in={0x2, 0x4e20}, 0x10, &(0x7f0000000000), 0xfe, 0x0, 0x152}, 0x8000)
setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f00009f0ffc), 0x4)

[  566.533194] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  566.540490] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  566.554484] attempt to access beyond end of device
[  566.559601] loop6: rw=12288, want=8200, limit=64
[  566.576620] F2FS-fs (loop6): invalid crc value
13:47:15 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
openat$rfkill(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rfkill\x00', 0x202, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:15 executing program 2:
syz_emit_ethernet(0x42, &(0x7f0000000980)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000008100000086dd60047d2c00080000fe800000000000000000000000f400bbff0100000000000000000000000000010000000000089078"], &(0x7f0000000b00))
r0 = semget$private(0x0, 0x0, 0x200)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000040)=""/113)
socketpair(0x18, 0x1, 0xc22, &(0x7f0000000000))

[  566.581493] attempt to access beyond end of device
[  566.586603] loop6: rw=12288, want=12296, limit=64
[  566.591757] F2FS-fs (loop6): invalid crc value
13:47:15 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f", 0x47, 0x10000}], 0x5, &(0x7f0000000240))

[  566.662275] attempt to access beyond end of device
[  566.667374] loop6: rw=12288, want=8200, limit=64
13:47:15 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x2f70000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  566.709114] attempt to access beyond end of device
[  566.714205] loop6: rw=12288, want=12296, limit=64
[  566.732491] attempt to access beyond end of device
[  566.737640] loop6: rw=12288, want=8200, limit=64
[  566.744134] attempt to access beyond end of device
[  566.749277] loop6: rw=12288, want=12296, limit=64
13:47:15 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x807a, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:15 executing program 1:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000900)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000100), 0x12)
clone(0x0, &(0x7f0000000180), &(0x7f0000001300), &(0x7f00000011c0), &(0x7f0000000280))
mount(&(0x7f0000001440)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f00000012c0)='proc\x00', 0x0, &(0x7f0000000100))
mount$9p_virtio(&(0x7f0000000000)="706f7369785f61636c5f6163636573731147504c00", &(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000280)='9p\x00', 0x0, &(0x7f0000001340)={'trans=virtio,', {[{@fscache='fscache'}, {@access_client='access=client'}]}})
r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
getdents64(r2, &(0x7f00000002c0)=""/4096, 0x1000)
wait4(0x0, &(0x7f0000000180), 0xa0000000, &(0x7f00000001c0))

13:47:15 executing program 2:
timer_create(0x3, &(0x7f0000044000)={0x0, 0x0, 0x1, @thr={&(0x7f0000000180), &(0x7f0000000280)}}, &(0x7f0000044000))
exit(0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000300))
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000040)={<r1=>0x0, @in={{0x2, 0x4e21, @remote}}, 0x31cf, 0xa8d}, &(0x7f0000000100)=0x90)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={r1, 0x2}, &(0x7f0000000200)=0x8)

13:47:15 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:15 executing program 3:
r0 = socket$inet6(0xa, 0x1080000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f00000001c0)="0a5cc80700315f85715070")
r1 = fcntl$getown(r0, 0x9)
rt_sigqueueinfo(r1, 0xc, &(0x7f0000000000)={0x41, 0x5, 0x20, 0x4})
r2 = socket$inet(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000eed000)={0x2, 0x1}, 0x10)
sendto$inet(r2, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000778000)={0x2, 0x1, @loopback}, 0x10)
poll(&(0x7f0000000040)=[{r2}, {r2}], 0x2, 0x1)

13:47:15 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f", 0x47, 0x10000}], 0x5, &(0x7f0000000240))

[  567.036151] attempt to access beyond end of device
[  567.041365] loop6: rw=12288, want=8200, limit=64
[  567.106419] attempt to access beyond end of device
[  567.111698] loop6: rw=12288, want=12296, limit=64
[  567.119532] attempt to access beyond end of device
[  567.124670] loop6: rw=12288, want=8200, limit=64
[  567.131856] attempt to access beyond end of device
[  567.136960] loop6: rw=12288, want=12296, limit=64
13:47:15 executing program 1:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000000000/0x3000)=nil, 0x3000}, 0x28000000000003})
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @dev}}}, &(0x7f0000000300)=0x84)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
close(r0)

[  567.211349] attempt to access beyond end of device
[  567.216434] loop6: rw=12288, want=8200, limit=64
[  567.265769] attempt to access beyond end of device
[  567.270891] loop6: rw=12288, want=12296, limit=64
13:47:16 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p<', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:16 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:16 executing program 3:
r0 = socket$nl_xfrm(0x11, 0x3, 0x6)
sendmsg(r0, &(0x7f0000000740)={&(0x7f00000001c0)=@l2={0x1f, 0x40, {0xcf, 0x4ed7, 0x7fffffff, 0x9, 0x7f, 0x80000001}, 0x100000000, 0x2}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000280)="024a42a6c594565124008cd8d2c5d20e48bb09428cea604200504346748cd923d5e1e1e803e843e2713d4ff4a39b6dbd207f03568dc60fd22bfbe523af34773d34e1398c95879a07a8c016c023a4d451de962996c6c4e7e4c904605eec10458813f499e1c607c6da951bff4a7e2655f0953e604293e6e56227feff9c9e313cce02218651588616ebde5e7775822bfa680f779461410c7105bd1c737f97ea5baf3b3e6084a5fe5ec0bb7618ded0ef9811097c6ddeb8c7162debbd52421278ca162c57cb03b13463d3c6e0babc78e0df3c1745c73418917d5b2a47f334cf", 0xdd}, {&(0x7f0000000380)="84f421c4be6aa8325a830c2581d6934c93fd4c8234b9bd7aa6b035f8d3777013e498e7e0110e05d75d1823f5abd637d25ed8fa7a8ab43228f7a24e6b410bc512566902421d830a2a62505c81e08f9c7e2c91d202ef25ad13b178f9796bc8fd8ad6c0bca7aae53ca7717ccc10f2cc5e40d628789bec1100e67f8b1d2f5604ca3da8c6911f5d882922116db16f94ca8d5513527cac987a2a9b8323a322b26f4c2459b234051e980d5e04b46044b020a6757618e06d5532b41a6fcba65d", 0xbc}, {&(0x7f0000000440)="97ef24fa2de6f04a39b1f582ba00d6d2acf9ccbaa1315d69fa08f10e906f21fccd26faf8b09c", 0x26}, {&(0x7f0000000480)="6ad8a553a21ea3eafac062c1e76526d8be0982a545be5066d526b0a7614685167d10d9e81da489f6e571cdb2695d5e08fa65611b6f6ee23247789c23d487fe3361587552faa7f5df1ea2f656377483f5d7ff92694a052e41c7b13217bae0998c0cfaa43a5924e7edc235f3c793c7cc71c08879dd056aed5ec0c7e6ecb3c3728c4b85eb1c9cb0cdf21c1f656fac08b70254eed87221547cfa553b43206b1e618067510b7f18f5011bd6d88663d0d3ac47e86c2261b0f7", 0xb6}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="d8000000000000003b010000010000004ddd0945d8b678e8a0e21a861d7be0a3d135d586d18b93e5a7df89009a84f4e598e3aad8526d02ddccbbc330e167808bfbe8ceba24c4adb5321d7bfae218ece717350dc15383f8652fd49d0d0edaee4752bebc3959f330ed9ccc00a3533fbdd427c9c3844739bdacefaae8e1ff010000000000003bc287928883cef55c9c3b735195ac0b1aed035d66bb20d8344e3ed2ca58811890b240c54a8f4432a43cb96ea935ce4d213b25b858aac67324077e0e2004c977dfeff92b096824ec2d8df4cea94729158b523175a31a0b8603874080ab54c432000000380000000000000001010000010100003e0600b74c50be17bddab106fb67cc2ab3ccb4143d9bf6d294a95ef45aeb5901c72d2c4188a6ed009800000000000000000000000700000080a0d042fdf723b16900000000000060c3d8b3ca02806071cf8c185b55108c5052266e0c22f43e7e03c34c47e15f376b4ac8a3af5fda814cd7d7438a2c6977e37a3c2a87896eecfe2200b3f7412fc04a3b6cab71f13f788b3d4ca08160e80360644a9ee2a4f19c6b72c65e758e3e03e1d86b8538640e2c0dc0"], 0x1a8, 0x20000000}, 0x4004)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x183000, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000140)={0x6}, 0x1)
ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000007c0)={0x0, 0x3f, 0x3f, &(0x7f0000000800)=0xfffffffffffffffd})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={<r2=>0x0, 0x9}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000780)={r2}, 0x8)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000080)=0x4002, 0xff7f)
r3 = creat(&(0x7f0000000180)='./file0\x00', 0x1)
getsockopt$bt_hci(r0, 0x107, 0xb, &(0x7f0000000040)=""/25, &(0x7f0000000240)=0x262)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000880)={r2, @in={{0x2, 0x4e23, @multicast2}}}, &(0x7f0000000940)=0x84)
ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000980))
ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000840)=0x3fd)

[  567.346752] attempt to access beyond end of device
[  567.351853] loop6: rw=12288, want=8200, limit=64
[  567.376094] attempt to access beyond end of device
[  567.381181] loop6: rw=12288, want=12296, limit=64
13:47:16 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48}], 0x5, &(0x7f0000000240))

13:47:16 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8038, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:16 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xfcf60000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:16 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p;', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:16 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000003, 0x0)
ioctl(r0, 0x100008912, &(0x7f0000000100)="025cc80700145f8f764070")
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x5, 0x0)
removexattr(&(0x7f0000000180)='./file0\x00', &(0x7f0000001600)=@random={'system.', '/dev/usbmon#\x00'})
sendmsg$nl_netfilter(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)={0x13c8, 0x7, 0x0, 0x4, 0x70bd25, 0x25dfdbff, {0x5, 0x0, 0xa}, [@generic="aef954c1b3fb1fc2c446a927e498ed07482907194fc80c13851b31870015", @generic="45d7972b29e131c36e7474899fa1e6e97fbe2ab56d6b2380957a8216212a33c3820fb07d70ef7e4afcbb9d344ce2ea565aedbaf15d908fedb0bedeaa91e9fc32a21e141f06c5b22c88a6765cdf8335ed308ffc0b93c6924d0e02be4439799945290922a209f787f64a7c4aa1028445a0d41611902c1961a9622c4592d061eb95ca5074f88251309101be570e0fce3800db8f3b09577cf2197ed27682a16fb419bdd1470f43d2cbe63d43030ccf6bfeaec91efcc0ab7334b67a59004b5adeaaaffb3db836585cc7ded4af5c24158da48d72366a7b20896d77945bf8c400a68c30ba089f201e51149e57bf034b598d85e4191eeca0eb", @generic="4d640adfdda15b666c581b778e384f47a6d74c9be549e65d7326d508e3026f203105e18ffac8bca5", @typed={0x8, 0x10, @ipv4=@multicast2}, @nested={0x20, 0x5f, [@typed={0x8, 0x13, @u32=0x1}, @typed={0x8, 0x40, @str='-/\x00'}, @typed={0xc, 0x53, @u64=0x7}]}, @nested={0x1144, 0x7d, [@generic="f70f3b4ddf09fb60dd6c49e5578111f153798c9fb02000ba165ec8326c1a15dbbedc43112629515187f38c1a6c2972a7ffcb8041e4e929f7a27e7eb06aa4f19e4bc1b7195b9d69090a20f544d9a66a41122a3f837b58bcb57e8068a1c735d7bccd0172be9309550ead7d1618cca16ce08aee28d698e94b4bcaed9546435f349cb5c77c7c52d4834922692e28c4b22d06e4ccf1672c282992beff841d90c48b88eb6b835fc2c17449d50ba3c5406ee7be2c44e4635d47b92f420484a113a5a7a9343fae0a0c4ed676d91c4a9f39aa892eed69857f4e527cb748a72a2297890d04b40c1dae7d381c99b0b3d061f0e757d8c922838fb73a0ed290a12e713bc4085734f2b0c73e06f221571b9d5bbd9e79f0d22243ffd0eeba79d1cdeb94e2121f453d3664e3fa9edaf117a7edb6e22bf8c06ca7d975b4443e71574ca6b8a3129fcf8782016e7274e6348b6811ccbf6c6235d8c45afd4364c00c1301a7eb8f56f00c449670e057926a4de297e21104f37a698d2fed0788e37e4e90feada71a8bf97bf0582729b2282454a346e0afc415d6b63d247b9539231c928df535156508b53ad54fcaa0304a24ea3d31333a97eac4d6e2ca15335b007aaba231d3819aefcb0cd3bae972d693b13550cc71fb366e9e6ba9dbcbdec414eef7952a30e8f6f9aed4877bee69996d3e1ca31a5b526ffc94ede15567831ad5549328e9021808c733f3be1209e102de1017b593114fa340a69851fdae56357984dd958626d7f738ca8c57a37641bad43b41e12f1ecb7b022e3e5ba48a95e6448680aef37ba486badf757e06193ced5aabfe6e0519f64d71a7f09964424836dd5d96af659035c3991d5a4514123a063fc59e785ce7ff6da0474485d0362000574c80abaaca4e2c19cf3946d0401331da3505421d191ad18c33f846709a0c12dc1fc7d321f74a53b5b42177f53ed632a32d26b2823a0fbbd049c86414d246f8ed00a36aa6d3fb6f6ea792d85488a93db10e2729b849a02306d055fafb91815b22df7b23e512b55a6a0b533225581eb3485e1161c352f59b24ff92a078e21a92c3fffd1c2738ec16fb847f5865b52a448f1f299eccaf4387ef856038a3766628bc0e521b393424f54aeadad80007baa50bef5efae02660818066b8f5dd22c594368c84e90b51b6558806e24b785308ce02de37337e546c8cde93a8970195d177fc2c3ca09d7654bb55c9dbe2492c804f29feb4b14dc04dd43c8aef7c8813e228c1b8976b64f1c9118de6847beab430bfda4864279960ac7925d93be02045f5576f4b8c52e8d5bd2c705bba7a47de0c80f811aa2fe5edb6b7b6eb8ce6d2f2813bf2af40285a6eca66acdc8d5fd5f429d8633ae23b4cb7d7efead734c1c55c118dbbff9f26d660632b1c81c1ae212544a9807782c20395d6ca31214878adbb9241cfdaeb0796d9b8fd515ed5e16b191365b7ad3c2e5062cfd6dad1674a6e98112bbe3bc15a724d493352fb591b21154df9daf25e1e8d346b9393b594b6a3decccf940284882bc81d593055ed34e447bc32d3532f9e445ec1b3e976e838b2fb6ddd2295072135965c33bfd252baa0e298af8713e1d0b2ed199561ee1bd890a061f9d307943bd824b7869fc9e292f3cacdb7640399c68a306ccc40cb4129057f9a75465bf658a33de766589a5741fa5c334f036eba916bde222ed360f41fbc9015eade8fc010bf1bb150d41030a0f80cf9c00091289d0f59db6badf0625e95f5f58025e3e68d059be3f0be231e0402d88decc2c041bc40f031f05f14c831482d3720c9474ba4ba4de88c7f52983eb683ed356ef68d6e41a694884719c3e9b3b11200665a17e2014cd13e7d6da9bbd317d5c239e6647aa412715003a8f655aca3716fd956154431428fd59ee7e7ba0ec292142da56348db20644259c2f66616fed97f31d06f57d63174bc3869ce4deedd40fdfd4b34d3d0781d4cb9200af531070b54beda2e1b05d7e2637f3cc61be04b466de93101746139a638ed58bfbfb5b95e0343e8eca5184085f5d32216b97c0d4d9d547d8f75ac0fcac6fa013159d6cbd42f7c400e5808c09a78f7af433e4b3ddf3ee893400dd00defeddac38db9b4db35ba7998fc8c8ed96b6851326b4c12c6b5d0c9890b80eeb11408cafa043e4af730fc384f132992fd1da24b198f101055ae30327377309271049e770b386b3038bee0e4ae1ee8dc0b0c4165d57898dedd89753b4995649ad93bbc16b12e6f17e5a591c2d90c3bda083e8dd1c457177af04cf2e65b1918d9080dc0f6e75f9475a10362ef18acfa22941eb5a12ea4627f2964902c6efebfb9a6074f8e9fb43de5ff08ff39bea6a62119ab7048123b2c0b7e00e6461cf9bc4f706a751813f26afaad1bda706eba2d3c7f92d68eda8ca30671eb315773873103daf46f6bbb5bc9b5eaeb6f335b9fc40c09438a984cbcd23b6e7b5c425e10c0462156fb661288d4dfad37b3457cce193288938fb6bc56818481929abd135e86bdfba5ac34925b71cbad3cfb2bc0e2afbed5186da2223bff9b7d47346af3e17e08b52cf10340384ca0253f8cc0f383374b43c1d9afa8ac31782af8bf710c4c2e42b876ba31c7330e8ed45eae5921d69aff7dcafadf34b63047a4d1675204964d2c0cf89da29af6a045b211163a32ffd366c1948c128f25161862d671587d87eea1b71c65cf64185813922acaeb4451000c8be484bc385a8755bbc242e59d394ab9926aaf193e67e8cf7deeda3c5c602afede46095cffcd012c8cc14880d4b7954ea1c1ec998441a3a2e0f11c02c6ca5e6278972cd83a0849a7f6e7e8bb672e6f3d2a56fcaaa241edd946c33936707915972884d6372d2d681f251a21e547f03052d8c180e7767b0c3ae285d682a9b877c742f079ce4b4cd77e194a9078ba368fbf889b136fd47b12cb6facc374794be93fa22d23a0467f848a8063281f000054443b309c9d3d61600cade571576e99db07ad20c7ec9d1446d543a4273864a2c44c138694f5e472002878a109b6652d294a49ae44b631aa06f5f3e34389b26291446b600c984bfa564ed743bb20776563faaef8823a47fdf7359d07651381a8ebda4747fb36eba7726dfa4d851cf2d91353f71f3b747055e1d91c70d535557439330b9e3cf0bc9443a22fefb1612cced9296c56621b3de6c1cd06711d8b0186830469c825cb8c77ee49b0f521a7620e4f89e99a9e0fe6ce4c6bda2d0a56302dc986029e9cea2a9728153aff8a8f9f752dafe5ae4f5b7319827e2514dc490adabc51bbb15b342a1402c16a897eeb187f42980212335f2ba7b68146cbef22843a910a959e9436281a5e31c133a9a5ed1a32ddd8cbe758f4bee5e29f47a284b6f556d6ad59555a480fe0f4113ed0e81a14609a658129b731e30d7e6fac0cfd98e436de773ab184ef7d4b2b3580a3360de9aed505440fb4447c72804797b5c76da5a71b71682a496e568ccb944c6087ea1ca769a442272fec1bef163e629f89b33f051f4b95c1d66b109b94ea32aa073529dafbc897b1cc15d2aca679a1482ee81b709046d225c73395fa53f7d15c62dc02920fe9ee855e2614cdaa0cf2dabfe0adc7e2f399b3dc76ce9eca5ab46966b65a2ba7cc0bfa9cb72cc3b4d7837f5f4735c3cf71d148d39d17bc626f4217a213683c35e9e88a953c74bcf8a95245e51a88bd6cefffbdd6a11980fd458002609c9ad1ba8e6bd6c164913a834be218f1961e6c0b9e58b25ed400f9c86775ca4c3d2ebc99c62628a0a71f8ef93ea2b78a1ea9d3e83678f1fe3244ae7c2b332086498123d90c9adbf7047308cb8f5e9fa437622eea06a2e14d16a5882065b9ef236148ad553c3954c85eb42bd070bb84c529ae68bbef39380ba2ed4367b8481905b7dc8a4fce8f4cf38071068f772ebc5d6ac76d455bd430fcc76c2084e934c2bf944c151e89c90d6dc52bcb975b5de5dd0ac7dcda56e42470069881c8f7910fcc98f400bf012f0e243258a7ba3a2feabfdbf08d374608fcb730fbcef3a488e4ac2e205f2f25d3ed85ba5ee4c3d38dce1829976da6fd0fb4160d2bbd6ceecafaa7f46a11a6078d0ea3a5ee855a2a4fd6328d6521d3582b5501598ca67582d672b866c4ce51baedb42678577f1edd43bed427fa80784b215b53b5a9e1f883bd8dcf0a6042d5fa6ad81ca5e9c6f5481a55a5c0da8bb978a0d1041162a4c9fe39038dbe6a3f06b5eefad60bfb872768083ea518b71e5aaf91939dd73ea83d0e40a49fd98949ce3d18f069eeaf6cb314c545b1e9edba018a7f143b71cb9d3c0f1a65ca47189d738a6b8975793aec681b9efc30653c678686b3137bc351f65fe3bbe4cff9b230811d7d14118bf5afc02a971ac20c9e144b55c3057934ceec92ece53620e9b5eb56cff7d51189dda14895ecb7cdc79eb1a6024b9a201bb4b2dc942fefaa1abca65794836ddb2bdad5c95fc98ada54bc4c0540bb69847243b8df0f94b58d8db80deddf53c80d2d1d417ef80235b9ed29933f2302c1513d34b9ee61f4e6d23d642f6961d5b797c771a28b4bc8a2a858c7cd31d4b740793525e70b754a7af14091951a254e6236954ce5f0ac172a9aab2a75de5f684ccfd604c4ef9d32557bd4d551e481d7323abd6537e7dfc6cac249ad727f462e1622ad9c2c97e6354b8e320dc7c69c657718af79962d9aafbe9d2c7503a3166cb89f1a025a52210ac25d781291a4c0db7b7130ee21661b68810e7e626d20ba5589b6ffcf5d6809449dd19e96ede2dba1b686eb3b5d64c1a942a0e857fb462afff49c7eaa628a7c58ac4c19ddbc3a6f0fb8604be64c0d397a0df971f697fd3bb9f37373aca3cc5b6e9622cf547c4d354edf9cdd1afef20ef954907d1bf053f6db0af908fc10e607ddae64da4d59b91310877bb022f78d7c2f0c1069aa0b2d7815ecc4c284de9056456f9712696ed5bfe25be667ba80125a4c7d08576165ed467a4fbbc23cc168c71fcf905e797c2fcb138ec4265623a1325b077d76544e9c06dc2ae8e49e5dbaa46c96d4238c826de91e4abb0c739175b23cdb0b69bec73f666d6a897b544295669e3c7d076c7cb9911042c49aa229c35a5fb0da15976d4036537853afd92c30a7bf075b98c730ab39abbf77666b82712d4ff587bf58987862f0dd275288776d7f267389b985cb85b1b3746ed66a127e2978881288816443ee828b7cb142462fc91e4907aba277b47b50ca7f69236dce647630a2c1e3a0d1113bc7146acaacead7441a3d466871bf4bcbed94d7aa44a6d2beab76028bf35b04ae31a22f62fe8cbd6bda27cc10019fb0e6f0179f984e3d5ae020c4545e6fae912967cd2a1f998fa610d90ac1644f45410e887dd804bab96afdd8bdb9f1b8a0318c65ccf8e0458596192e44e2a6beaf71bd74f159862aa8824714ee9cf1bd57252a9880e1f37f07c02d2e1b9dffd9ec8ec9a3ffd56045efac9038e7a87d4adc21dde018c95f91c7f5b0db85b0667bef18688e35b8e6c10bf6718250080a4777d950ce6d14920369a679de2894871f34deda088da1e8b6121c3ec39fffbc28e1f169528f7030bd3488ebd600251a26241e69f3bb6bd2a961984b2cc86919c2320a0406c94ec68b77120147cf39aec67b73c7c1b250c82f6d9319e5029442af9bbf3f676b3e3935c0fe7f0bc453bec6626abc0e7d897c703706ca654c1e630d3d59a45964c44264a9abf003ef18d0aca4fc70c545e82812a889fba15625b1b745204b079179e9eac2961861b20a13abccb1b90815eef06dc1b5a32998efedd336c55d823776371780eef2df27580ac67d3a8011ff3b61", @typed={0xe4, 0x3e, @binary="84663c96c90d0e7c21976125ad15f0b0a1076fec00c423fd2d51d9fe0382cb435072d416a166788d46a5dd8b773196240cdae0a608b6a5828448e65bc786a2486484e1e47e1cb059bbcb0b7b75b9f1342eed319af3189339c6eb98925b5c7897bca295970350209fa6c48f9ac4fbddc97c6d35d138b9c608890727d127296b50ef133bc736ae9406a39e8760c8604f33ad3ed651b75e3986929346b802b4e5f539bfc0cfab395550d111ee9518898e2323c2883110c91fdc92c4d3b8a1bde0c38530109513e9eca338e8bf977103100edfde3bbd8fbd81418f633efe6eaf"}, @generic="3778ed7c2a2c8fcaf5a8f18d841cb67421cfc47571610fb63385c8b858a6a24e3b1fd4f1acea2c48f7e9cc482d2eef5b5d6bf650330ae73adb891ac5dfa2557d9ae7b47297dd51420ff798ad74404035aaf9ffbf24ae8c7ce2979ae2"]}, @generic="a5edcd60aec8e3d39d2247c048554f464739e527d32bade940634955589797d24cf74cc361e9c86fbe7652148274", @typed={0xdc, 0xc, @binary="119e4cab3691ff383bdf32a5301d8f4706050374dd90fcf1d952ec58a6a25baf41bacaa2c21e6f9385404a0f87b7ae6cdd201ed8b1a4926930448581183b2bb1c8228e94ed728914a923cb67abcc739a341584a176d5f83f02a603d1a5cd2b6e323042787a1e18707e8e3d8c06e3220561d96c8860e6b4e82483f592dbe858b62ee628761b3964346e206264fecf03316db4c96ce73663317c7aa78c836ea8a11269793681d44656b9e74c6c9944ee34e67799aa6b6c8a5475273a06e932fdcbcf73d2c277ace2117fad178db4d4ed5e181d1d6d2ee04e"}]}, 0x13c8}, 0x1, 0x0, 0x0, 0x24040004}, 0x20000000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$vcsn(&(0x7f0000001640)='/dev/vcs#\x00', 0x4927, 0x880)
sendmsg$nl_netfilter(r2, &(0x7f0000498000)={&(0x7f0000d55000), 0xc, &(0x7f0000c8d000)={&(0x7f0000000140)=ANY=[@ANYBLOB="20000000010901000000000000000000000000000c00020008000100e0000002e2a8ce80a288f66b484838d9bbe44d8884e7f5c1987556"], 0x20}}, 0x0)
socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000001c0)=<r3=>0x0)
ptrace$cont(0x19, r3, 0x5d6, 0x6)

[  567.656371] attempt to access beyond end of device
[  567.661536] loop6: rw=12288, want=8200, limit=64
13:47:16 executing program 3:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x4, 0x4)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r2 = socket$inet6(0xa, 0x800, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[], [], @rand_addr}}, 0x118)
r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x80000)
getsockopt$IP6T_SO_GET_INFO(r3, 0x29, 0x40, &(0x7f0000001240)={'security\x00'}, &(0x7f00000001c0)=0x54)
fsync(r1)
ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000040))
getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, &(0x7f00000012c0), &(0x7f0000000100)=0xfffffe2b)
getsockopt$nfc_llcp(r3, 0x118, 0x3, &(0x7f0000000240)=""/4096, 0x1000)

13:47:16 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48}], 0x5, &(0x7f0000000240))

[  567.765339] attempt to access beyond end of device
[  567.770665] loop6: rw=12288, want=12296, limit=64
[  567.832952] attempt to access beyond end of device
[  567.838303] loop6: rw=12288, want=8200, limit=64
[  567.844023] attempt to access beyond end of device
[  567.849173] loop6: rw=12288, want=12296, limit=64
[  567.861733] netlink: 'syz-executor1': attribute type 1 has an invalid length.
13:47:16 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text16={0x10, &(0x7f0000000300)="640f92620066b9000600000f32363e670f01cf3e3e660f3a61af0040000f350fc7a85b000f01cf650f01c8660f38f6f166b8010000000f01c1"}], 0x1, 0x0, &(0x7f0000000340)=[@dstype0={0x6, 0x9}, @cr0={0x0, 0x20000012}], 0x330)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000240))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  567.894378] attempt to access beyond end of device
[  567.899603] loop6: rw=12288, want=8200, limit=64
[  567.922602] netlink: 'syz-executor1': attribute type 1 has an invalid length.
[  567.936963] attempt to access beyond end of device
[  567.942057] loop6: rw=12288, want=12296, limit=64
[  567.949829] attempt to access beyond end of device
[  567.954904] loop6: rw=12288, want=8200, limit=64
[  567.975432] attempt to access beyond end of device
[  567.980524] loop6: rw=12288, want=12296, limit=64
13:47:16 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x7524}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_IRQ_LINE_STATUS(r2, 0xc008ae67, &(0x7f0000000040))
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
fallocate(r3, 0x8, 0x0, 0x4)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x80, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r4, 0xc0305710, &(0x7f0000000180)={0x0, 0x7fffffff, 0x80000000000, 0x6})

13:47:16 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)="3970f5", 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:16 executing program 1:
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x101000, 0x0)
ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f0000000140)=""/165)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x20004e20}, 0x1c)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x6)
connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
recvmsg(r2, &(0x7f0000000280)={&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000000200)=""/86, 0x56}, 0x0)
r4 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r4, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
shutdown(r3, 0x0)

13:47:16 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8068, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:16 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x9effffff}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:16 executing program 3:
sync()
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x800, 0x0)
openat$cgroup_int(r0, &(0x7f0000000200)='cpuset.memory_spread_page\x00', 0x2, 0x0)
r1 = socket(0x40000000002, 0x3, 0x2)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0xec)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000180)={0x3, r2})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000040)={0x100000001, 0x81, 0x6f, 0x0, 0x0, [], [], [], 0x6, 0x7a7})
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000a40)={0x0, {0x2, 0x0, @local}, {0x2, 0x0, @multicast1}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x2000000000001, &(0x7f0000000b00)="7465616d5f736c6176655f313a0300"})

13:47:16 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48}], 0x5, &(0x7f0000000240))

13:47:17 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  568.419479] attempt to access beyond end of device
[  568.424742] loop6: rw=12288, want=8200, limit=64
13:47:17 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_S390_INTERRUPT_CPU(r3, 0x4010ae94, &(0x7f0000000380)={0x6000000, 0x3, 0x8})
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
getsockopt$inet_tcp_buf(r2, 0x6, 0xf, &(0x7f00000002c0)=""/104, &(0x7f0000000340)=0x68)

[  568.465005] attempt to access beyond end of device
[  568.470125] loop6: rw=12288, want=12296, limit=64
[  568.487772] attempt to access beyond end of device
[  568.492890] loop6: rw=12288, want=8200, limit=64
13:47:17 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  568.517169] attempt to access beyond end of device
[  568.522319] loop6: rw=12288, want=12296, limit=64
13:47:17 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000180)="0a5cc80700315f85715070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000005c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080), 0x0)
r2 = accept$alg(r1, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000023c0)=""/4096, 0xbb05}], 0x1, &(0x7f00000007c0)=""/16, 0x10}, 0x0)

13:47:17 executing program 3:
r0 = socket(0x3, 0xb, 0x141)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$VHOST_SET_VRING_KICK(r1, 0x3302, &(0x7f0000000240))

[  568.561413] attempt to access beyond end of device
[  568.566518] loop6: rw=12288, want=8200, limit=64
[  568.595091] attempt to access beyond end of device
[  568.600192] loop6: rw=12288, want=12296, limit=64
[  568.637640] attempt to access beyond end of device
[  568.642714] loop6: rw=12288, want=8200, limit=64
[  568.667143] attempt to access beyond end of device
[  568.672191] loop6: rw=12288, want=12296, limit=64
13:47:17 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:17 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8003, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:17 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x1e00}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:17 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:17 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f00000002c0))

13:47:17 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x208000, 0x0)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000100)=0x7fffffff, &(0x7f00000000c0)=0x2)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000080), 0x8)

[  569.013686] attempt to access beyond end of device
[  569.018894] loop6: rw=12288, want=8200, limit=64
[  569.025277] attempt to access beyond end of device
[  569.030490] loop6: rw=12288, want=12296, limit=64
[  569.072727] attempt to access beyond end of device
[  569.077852] loop6: rw=12288, want=8200, limit=64
13:47:17 executing program 4 (fault-call:0 fault-nth:0):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:17 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:17 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x4)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000080)={<r1=>r0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000100)={{{@in=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f0000000200)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000002b00)={{{@in6=@mcast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@loopback}}, &(0x7f0000002c00)=0xe8)
sendmsg$netlink(r1, &(0x7f0000003ec0)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000003dc0)=[{&(0x7f0000000240)={0x340, 0x3b, 0x300, 0x70bd2a, 0x25dfdbfc, "", [@nested={0x98, 0xa, [@typed={0x4, 0x6b}, @typed={0x4, 0x77}, @generic="620e9f8f31187a20e23ec9e2a909bc4ed60d9ec5d3c07056e565d62a05b93023cad68eedc172a14b506ca703ecdf681de364d768455377e6d0d3b4ffd935d7c1ac1cee95a1dde648a6bb73ec0b6d077668ff053befdcb8194d748838874e34cb7d8f5c8451059edd8f7df4d4db15", @typed={0x8, 0x73, @uid=r2}, @typed={0x14, 0x8a, @ipv6=@mcast1}]}, @typed={0xc, 0x59, @u64=0x2}, @generic="8ae6a4a7fceb02ce7b4693ce51f7bec2b71498c9f5a9c19c6dbbba74eeef249536ce1d1f3bc3aea0b13749e79bf2772d2e106451c62fbff2dda43550e8badb96cc7e8a753492ee5549527079624480497adf78e445bb9cc56b0a5a7f2ba6a10b7f32ba27b1b1bcb9e4f9d8dc452164786f33072faa6327983da2c56fb809315d15e57e206cbf5c028400969d990599a38320f867fa5bd8d93d813b00d105489426b1e7d6ec0d1afe6ab771e1f09c19728c1a2a4e8af38e946373bfb038def7d32a409e346a49d1fca4ca1935a5d526dd305bf717863da2165c", @nested={0xd0, 0x94, [@generic="0373ec55e74ced2f0d02792cb2022d811306689c44a29c92b41bc7898f0e892ac3bdd0d884cefdb59ac7846f453888d34293d8be29ec80d8531a03848484c41d657c5f36305b20e8a3a1c2c32465cbc6abefdc9480baadd85242e6fdfec87920e77d5b1797eb04f52fdb91f6eff85d3cd85d6cc6890f7ac69be8ebbe786d75da6e8e246a5a57d2cdc79e6d819b9bd80726f4c1d2891c50355adef64f836d300b7a3b6af421021f649aed8a659587352568527f8dd5eb", @typed={0x8, 0x75, @fd=r0}, @typed={0xc, 0x43, @u64=0x401}]}, @nested={0xe0, 0x43, [@generic="93926e59f33134fd4ae33a805d750c9f672a0fa6745e6f02021f6fa1a7226648c72880c89f1b721d0b343fed66ba962ab3bad91d14018f394aae02043b82d1ebe8c1d36e751a8d810edf0444a8d78290d4e0d60396c2b211f19c56132b81069f6562fec22d5daf5813bf4d223ea37455768225849a1f90649703d6f87063ed55453a45fe551f1076cb4b421aded4e77826dc0d189016a7b537d45d700a843f0965779a97f4493fa6d8b359576172845e9f005741", @typed={0x28, 0x70, @str='vboxnet1vboxnet1posix_acl_access\x00'}]}]}, 0x340}, {&(0x7f0000000580)={0x10, 0x12, 0x400, 0x70bd28, 0x25dfdbfe}, 0x10}, {&(0x7f00000005c0)={0x231c, 0x22, 0x110, 0x70bd2c, 0x25dfdbfe, "", [@generic="8ecd88c8e0b734fc45a90b31d49b24c79a9e045658cc3aeda8a93966a769b54ca82f1333ba728702b60d3aadbc0acbe8", @nested={0x20ec, 0x33, [@generic="5165a1af0a211c8ea4021fe3f4d79c437703ec22f869a822e5819eb57d87ce55bb157f0a6ee094afb6bbb5", @generic, @generic="c15a15486affc5b49b4f9e7415de485fc1e2283a9e937cb97f50c4287d666782f83c73806925791210eedeac92efaf01b6ea964353d3778ebba35a26a54cc478aaaf226b37dd186501a0da30b58d87e224841b5fc89bfa412c3c46b7ea63b520f9a16981828a925b26b3c9490b8593850bd02cf51bdd2685b0fa2f661bb5d127a9014d479425808424e17814eaec52853f57eac5b6fff6eb5bd8ac40323f7b076ecc66d4afbca289bd1995de6610cbeaa735caaa7f92c3c15cf0c80ed35432ce4bd4de557c863aff5cee76f2b8f9c606d2ead61d7d8f69ca4ecc69ab39bf01fff73bb8d408721efb71c93054178c30d5e65cdf532c66f3051f02fc2b89263680cabcf369dde397cf255d5daf1f48700b5089f931ba880bf9f388b6590b40910239dff72acad7dd2abc838b47f9684e295566b28d0dea3458175596b62e23c48fd7ba8159f565c413e5cecedc2c45b126776cdc7f1a8ff0d8b224de7da40a030a08a81f3bef2c33fe1824aca9a440a9ef66f7f78992f856de9d40919e3183ac6f922361439cd114fae32105b4a6241b49c241f697873bfe33de7c42eb99488c52dd80ba0960c0fbd711291e6e338f14b7a52aa3028b76629ba62ed1d78aee1dd39d7b6a2a75ecabd2eccddba24e040e3abe5590a7683a210cfdab3d7a587fc0af7abd3147effd90eaa4c1380ab9be93318ec5c480b4bfa61b411ad56229b2b0f76f856136acf8a1e1aec83b63d2f3dc8228facf2723506a998533970b6b2a14582c384bf42506e398693348225c3692f6a4e9e91946597ce04a9f7863e33de05215775e1b3630cfb5f7ccd21d8584ded90fe22862eea41b80c97187cf85101573808db5477fdf448c275198f45ced6ac4ed30e3bdce6ce6b24edc4d2a0f0bc2a12cd97760af0b0b66cd7ced248ee085625a2966b5161460d09e3d47aa006a9dc6f9e4ac2d749fa000d4b8acf878212bb0d7f8e083a55b02271357e009d2e8b00d590fab268d1dd2894f7077dd5d1d7428a4ca7085089b725ccd1b34f658202cb83c0c9d25cce8bf46ee76c02767aa0500076483e747e5e9ebc250026b4934c502fdf59a733d56496434d6f83b72f49c572d3a2fe0c86fbafdd176d60fb704c22757074f4cad5e50c788fb2550053130e7430355c9848ed13265d2df81e25d368a325cbdf28b6555eda97af38ff01312c7aff5cb8b812a35eeb8f4f85c44bb04a895024b0645857341dd2721a718f51c66fd7abe6fcf8bd93715ddaaa335edf0a3a3e45bae95ac96a235da2446925e351707de66854be36422bc63321b4752705c1ddb825b1adb28459f6d1a74f0b2901532d664c6bd65775324b33651037b2c3459f634d0b0d8591a4cc00185497bd8160450983e1ee3fc6fc9e00ea960098d064c050d0d571d96557ed3cfda1b7369eefa32a32460cb1c9dc231625a6ff3fde281c16de4a842bdfa15e1bf36fa5eeb6b2ca1f725ea9ff2ef9306ae832a90c83ad39765a4cd7442a6caac192414c63f817de7aeb887ce6a4d73c5757ecfc5e1aaa4744b45c7147975f49ddd983f758ec44ff6dd72b1328096087fdc1c42a10b824c102b7784220be3b6f457cb50213e2da265296f56af1ef97575328cd22d4d499f486fe376b224426b5d0006d9c7e4958c8dfda107118ce042ae3d078373b14a8f66f99db51a995cef8f81b8a0252c7f3e463d7100365bf1b7273c9f84062511a2e81de4a601f19fa5bca7923e6d4019653db3023c968aa7f799ea11910b1c04f07cb1474a2a4ac9ecb6059c89e56be72fb2ba2422b7ed3493c67dcf44b83963d3a65f17c401cbf1566e29da7c9ba4d4db6145123fab6ad151f6ea911fab6b457ad8c78443bc29415f0be30ca09eb96d05441d6d3f3fd110c1ffa37145407f7b8d1a0c7ba1461458c434ecdc29d5c5e80f285c932bb0003bc6f60826cc05778cbae96a1ac9fa97b56d00ba4f11dff938bd7bf0f4e73e20dd5a8c030fd012489534f2b2d7cda777a7f49ac537be0214904cf511f37248e489144adee2630f5217f1497f89065cff365b353e2e1b963a603f5af17bc7ea085250e8ebc673a4cec2818a4d82f674783919d8cf5494a16c238c6158ed6f7f39067d5060dc7f2f11e4fdc0eb48afd239c0821bdf7d6fc62324e25701fc2baf4d062d1fd24ceff94289c2b20ed5ff4afc8da2ad3a6e82d5ce6c39386d1d7c3c54efa48cc02c56a8cffeca0f31f5ea99c5b691537b340cf7c170951316e6683f2bf2226eb444152ea405721252748bd6954fe391d9bee4af2f79ad303f6d46bde4d789268e5cd026b746aa7c0c05d6e8ab161c852d0384b871a32db20f54babbea2abb1c84e5dfda1accd0231fbd682ae5eb8973b118d50f93c57de3aa39a538f5ea6c6a1995fda0adb905983ad908ebbdd927f2e21e57f2d4a10dcfbc31bb87f207b5385280d0271987716ad2759ed3cebf46a8b33be7b2d27027abf9a432156eedaf4b65a181e2ea0c6bfb45cea093c2a4647d5739a464c49d71fb61f35a3cb37b6fbf2363f02110b28adbf4b617c40b3d95aed772721b7881d000230f0c5b3cb4b5de4dbf74a8e67154571c131f6edbf9ac4b1eff9997c1343b7d126e8c7541bd4f7b640d4029fbb1ec475b6110b20918a9270a3d2a8115d4b82d37742b790b281561611e771d1202200d48046e11ae3a46b3010af874fa93a8f08f4cb040b9fc0c07164caef0fdeb7bf4375210e3fd4a359f28258499471f11ed905ffd393ba6ea2de4f658558b20e08a5e4b7fba91b91e5947426bc388bce1622b6589092784cf3018af24ce7e8f8b78e9852b523c600870876360c95fd702615fb9b4beb0284c4ab7844e2f470763d982c64ba9bc6288748323a4967336017deeb816851dd7ef435fbb49f67bb6e7f084684f59720eb1adee3ffa2b824f0d7c57bca120165c2581754b1740ddf90b1d8319848495558c8433e160e1cb73d2ac458c93587558490c289e2eaa7bbff527c6c241c636c3d92ff9d4d3634ede08ee4486105db936377b74f9366d0ad887c70337bf2806add650cfe3f3458a4b3b8d2bc440c20153c606df58b3c772c4a3dae57ae576f64b50883b2343706093ff92db9f923cd61fb8eae33d53289fba3263611c3592891e38c4ebc8a588ce395120f7a50963921be0adb51868220a3339ee68014d341f4309fd339d689572ac419acca340167cf87c8c56673d7a9630fa221fc8e499a93a9bfe628d94e2f5c4ea0d1228fe409428cda10a81c3524f78ce3b56f7a4d45e44c9d162b7ad1e988985a3223ff042602847032dbe6614b2f3badff2f58f70df5d04d9bd5cfdeab105a504c1b62ef27244a1f126b5c34aed376e187ae52055fdd9d5a046cd02f248ecba561a20fef441a583fc93e9f5e416d9b9fda55b4b1c9a4fe50eeee615aeeedad8aad70f93fcddbb8b2310448bdab6dea357a14a331bbcad9ee50579ef74fcae42b54872ef273346c6b4957b4d3f214ddb5bf3eb529b547f47c3270ebe68fd57e869d88d9541bb9f8099e362e6b88aee47992465b6b79dd8cee2b8ae8c62b6b323c83a194107312c4b2049e28e6681eda178eddd873e60b297a5b1da008599a81d8b811d021f40946780f5bae21f03d54e495892e38ff9b28215e375454c0f30dbfaa1e000cb592e75e28186862cad23016f284d922da26899ce678e88c5ebb5551a98a6b33f992ca7bc5d0b8c44f114de27cb0c5feb55fab92515cb4b3781efb45dd0916b3e2cec1c355c8fc37da830dd3ebf6a7a7103f352713b8d157734235510b9477c6279c0d15a590626f2a8faf85cc45b9328516940be057125574d898ae8e434a3a87406bac78333246b34f1d50877893826ea0c75c08869df9b1d2a3b20e203490bd18bfbbbbd5e7bc940841feba097b69bee92f0507dd6a87003c67c725e6427b80a64deae3a6b76ff26598d0942208f385281b586448d52effa81807c177f1a5d5d199c7be204039f3fcc0b7fa7b7b08b3e785853489b42b15954f646ee61f575abda5f372d4c985080481f43fbef14200f622ba87fe91cf8d8efbece1369640e251ff5f036a5081ff5e5d774e27d405c7a342a0949f1ee8109dc21f14fca4cf414229cc4a7d91d9aaf502b0b547566c983f5be7eec09ae5c072ed3ff7eafacdb9a4af68030a1a1c76aef02480648b75bbf7e998eb656f0d7f74dfeb912f34d066df35b6674c9bc138ebba105ce058aa18149a7009485266d57ee48f029767e7acb6d0908a97d4df674d727e17b2d20e45bb69aeaa2d20d6aa4192ff6fa349393577ab6009409b15e4fa61e1dbc9180e466a949e3272ae072ae690fd57c3247c37e19354b0291cc743dd5dc7368691b6edda5dcc38aa16d00f72735e30c3cf96b2bbe123bb52f53cda0a0ee1aaba519934d79bc17e6baae4e03a411595d3df6464c5a83758b0e509de67967acac9aa7c4c1bdc4a6ca372aa2c713705991e59c80f0e1b41fc42c10f15758267a83325946a696387f39ec252ccb8b4acceb5440bff8f8d73f0573355c7f099dfc4d10dd4f4333195d0fb9678c7cbf099befb9885088663af69a429be2ecd675cac672dea20026197031bf003d02431972973943b68d9e7f03905803cf9d352d085aa3e7816d1edf4596bef58119cae8e128f79099a52c10f3f0c9c5b5649c75f4518e5de5fd9739bb72ba60ffe7d98f02526039f4ea2071cc174c9514648371865fb55831d0f3d9beb4e22dea9f79f6be77b275edfad8619a22056aad851612d67bc3d7e7fe1b0f8f125da056931c124c7fd35d24f72b27f7835cb9d5a791ad5379ec7549c701e1c802defd4a1e66f67f2cc6f705de5d39a6abced6696fd29217114171daf94934fdba07dd69454d9e15db79a8042106ce65ccd23da675eacf46bb0074502223a15729216b0e4b3ed7b066b11f026e39244f0218d85d725434ec182f160285b27084e788c4a4bf0dc8c5941266f3c59deac0494f59b08e2d4f6de7fd03c6ac4c1d6c0c3eb40bfd7135acb8067e81cc649f10e6378660701c12ee29df534f173ebac74ae0a1bc03625687e79f94cad958fdad842ecdeebb89df5d08dc01bb3e912106523db9ed03ad749bfddd30249fdafc833b01d8a2c1c75a71ec9796d0a395c2036d2f6f0ec7b50c0d0a0f562f61b41ca498c4bceffdb23acfde00b7c3ce410f4f2163cf683eb6672a85c1b0f462fd4ce45acf533a20fbd95ee94735d5abbb21c34718cfce90a4b69f530aad9c990b85ea2d0dd57e0a336749baf50cf57ede1eb4207a20404a86442c84b146c1aba6982c6579bf5287b3ea834a0e76e1c033e0ee862cba9f70e2adc5d1b5b007e43ad234b0f8791bfce5874cf7ee590d89fe1d24ac6f7c253bd9f93ac228bcfbbe848c22df429b34149a6d83bd9556c2b5e6c2aec94ec4031f79b801a7b230dbb651355409e5c38d93792d1cf9c64295f1f2c92f6c846cd032d4fc76964b938f59be94b15f560c572331b5ce3fe45f9d437e1f92423182f26daaa882697c313cfcb488b2cd32e4d4aa3ca95e9b67f454c69a6f8e5ef9c3a4c98cb48c2f18f5a1e43f0d279bb77833ecb03dc6dfdef281e83cbb01c687b9f2b316b951105f3430ad0c5543c9b2c654e4a37b32622bf1abb8a99b9748cd64699b1c80e71c18190421a5d5a110da50c8d1f8d9be19fafa0ec38d6e9b0b63c4deb87e33174a4214543ef9d98bbc5d962a7103fabf074390a95018388c3b8e62bf689bfa63c5a0f37a135763e9f6e915f1100a20b43b3779de1f60dcb5444b50e773eb4bd435dd97c4fcd935c5c7a1ab375754", @generic="beb4b58e26d61cddce8a829a5b3ec12e5fb90832dcb2137ec634fbfd8141e474991240db762aa1f014610ac858dd6dd5bd", @generic="e38f06cac891f30e7f98d262bdcc487ab77cd3936eeee83700c390fd3032ceacc448f4bd2ce77e2da8e9bd6830d333330546606555a47be1604b3aa30f02915be4bff7029f2a7bba0d88a5e8a72fd8c57010c27239c08d09f1b08641b95a5360d44d345b04bc621bd5ec5fe7d4dce74531f5f704df428e7f39225f7fc9ee5d0b1071c86a5e9ee5da92dc1d5e7f18bf0f60bd21a38b2b26ce28a24ec9b5df29b5d503659a100c6cf3d0e4b458d2957158310b8463172a60775437a46682f82485b88c422f049dd89a5e6f96e2abbe57f8dcc8bcf281401c1a04193885e1c598f0605b861556e9866722a736af886d42064f005f82faeb70d4f7bc030c3094d1c4679909e48b4975a436db9b022b801b12c59158548fcbb16dc68140849299829aaf0b86b856fb8161641dbd573fc624c076f4b47929fc19522a1e8009fcbf2df1c8b7a5b671acc7ac962e8a1f03ad46107a770128859197256290f22219e32c8d4e23ddf4570d6bc9b3504cee350e21eed063ac2d1ea985efd0621b77dc76c027535890ae7c132e3fbdff023e714ad699c7113850235051fb93e4ed7c93afc5cb65a387d46ae010ca4a5a0579bb6097d2516d4b33ff79a78973b701cd71d7b7172ed31c5eb3e0fc585112509e6190bcb2f35397a5f4e35656ce75bad9f600fd51d267851988abb21f14c4217b168b15b128ec96147715512262856dd6a203809a6a39f74998ecfc7bf4abf73b860fb431a11dde553472bc61ef0a11789af07cf5478a58f900c72305d397b2fe384827a970cce85442d896dd9f254c1d1147f9007389737aae24fa9b930e92191b3c9ba31c6aa7b9177b75208a040448852fb0299f8041cab979a017bd34f2afee625ee30921b64be340446c8d444d7c2003bae636c420d8149cd72ed98dcb4c4a10a9c66db3bde653f8f48e8af8a3124103a5ba58be14d87b9e0a5f8439cc94ac6c7536dc2816c095f7ea027ad09bbfd40ec16c2085c850f061957c75d39fd5a9591ce80c25d8fba04260357bb1921a8cbe9ccc24bcbdf644d9bde933ebd439f1b6105d0ff30b1145af7adbc2628dd65b3f41ebb48e87a720e408220716dd3f6b135bb2a6ee9c0f74f86450b298127933aa946cbee34de3f20d0d1bd186edbc36f2e859be047dda3a1ce1281e0b1d94c3d1388704f6e13f3dc940b884d5d4d48a544e4901d20b6d661ef9f157971ac3aeed00033d254e33028d20abfc250630c9a14175bbf8d4d1966ae66799fdb8844871fd0def8fda0d4765a1a8894a9b8d4344c431dbeb3d4ad52eef014d5996c70c7702727d136a2f931aa58abd1517a6c0871420325ae79a6a12c36df0765ce677d8f9c359b91d6ece00c09d52c6bed1cef6fd91d0ccb2e7f9755165df914a7c4b6a806f409dd3540ece811d357eef0464625863de5d0de14796d451cd206768e9b682760196c875f25679c435c8dc4837f3129258ffc18621c76e7cda08e44e16222a8985c24c50ef7151b5630236740aef5d88bf568941c64963db918b5fe4bd3344bac0431e0586ed3cf5ec40873320d98260749b0b59548feca23df1ab76d70beeb882f91ca45a6399ed9d4ed2a0d3621fa1201b7a83a6bfef10b60d9ea120469689ff14f1d598b96fb9fe4cfcf1cc6f1b6dd9d8e31de6dd4241cdd568acd53c4437ba4e66ec6fcfca830fe073b203a81b1edc24cc82ab093b2f8ec15e9dd570b0b4a17425a1130b2a81a2e2264a49d5bc03e4100500ae126d4ee1a043ded589dd3456f0a4c784d1a42af2aade958df530ee23fe83264d025c0c15d89030070a1db121f235888052f5598b9ab414d45eec5e9e18575d6cdc58f494d188b157f85f32172150b1e8b644e3507ade8da8330b37af5ebdec9350a6cd67f51dc333a6bc81447d4ccd1a843397c765c5509ace9153aecc5563b501c8ff587917e27361c437eefb432b3d5db1f3b91b31178a33be94a61f08909dbeb34c86afc8064b68cfde856dfe6d90b3dac096a3cad593099f548d7def2cf179e18ec51ce0bfc304f72064bb1721e72795c717a2aaf3002385460ac6bccd0a69c0211b2aa322a004ab58442a58cf0fcbb4375595f1273e16e56bac7545bb0bf972c37f5b676fbc46e3ab92bf1d4c6650bbf7997d2e872399bab81f943b7af673d2f1848971eb0d8f67ad018d2d1741f28d1a212d7e50b81c2b4f0c088ca09b44bfe5cfe7812cecce214618bb86255e2d7aabbb53a256a7558a2fffca084a27391b23759af62af729a34bd483b2ccbb156ddc4b57fa81258b099ade525f9363efd501b72fceae061c4492e9764147ba2fc6fec834c24ed585f41c36b08164f3abda8cfb9d6a483ab5bd4456f26ff801ee74174fbd23d2f6a8f08e340eafc5b7f48f6b4cf5878708d7c46098ab8276192e6fcdcf4c4f009945656bbc70146cb0d3c9d3b9c31981feefdb073f266a1630a4575d70edcb7785bfa6cc74bfadfe8efedc6a44f437126ed4a0e5809e4bde747bb3710f7b4c33ded7b3bd8376dc042aa99289cd012903c368d174068680ab49c0f7e2d1f73b759329ae43d2ce0fd8207c221cdb80ca54c168d0ccc331aa9fabc5c561c8f532ca02a8d106561dbc3538cc7c5c4cff3278df8489e020a3918d1bcb640ece5430831f2817c64a58aa00cf172183b4db88018c433c2b8c14dadfe55948609b6c43a20df37be2aa41d4ae2413245bcf51e6194734b80c3e87616a1b388f2a06da2b127c45ec6ca214df0348a8bcdb0d6c805679b22a350c81dcca49ea8b57d1114522569a2b722ced0f3877e12ec847e62ec2625d7c5466ff9c52ca62c683eeeadaa3b5bc83812648b708d4e4f0dd0d38f417df549d2b39732c3eb269bf730e0ec9cb1b0e292e626fca3d58550a788def3b0f38d6f818799a97c32bbf70a92b77f42a2649aedb3ac2538a140ae1120c7519db793e82f26e2b9d1ea4d5b478b2cda7086ba6d47c4209ecb5981d8844bc2f65ee10e65464c6746a2285f4c315d97a875512993ca9745c1e8801eebce8973f3f3e1387d61953776fecf35d3243b1332c401eb892493419b47523a53f18481c982f702f3a939d316632dc9ebedfae72a78d6ed264b7d647d189a3365c05c5fd04233b1f91c0f055e09a18b684073307eea6e2834d08876b1540b91eeb42869fc04c3e9a2c15e96e35c9673edff6fd09350348567ab304e8648ffea4efc220583315597200da749640b9f748fb3f9a310bebc0d0e3d13ae938e33241d40b689696d2a3e06ec2d9e5e5e46bc823dac5ddf0d4559d41b4888d074896f592296c45f9f3190251ee02a5d8832e6b675100d8ec9f9a200bf6b11c292b1d8140f86ce9e016dd0b8c551b8de761314b8e98c0096343c6c4a3d7daa27894cb177d9117037d4bbde30e422ff4076748f8d08edfd2b4d367c1cba9e76250906915790ec37b87eda9ef84567adeb85f3be906070e7ae79bd8423690b159669ffe58fa0adfe0ea8712f8b3855b68d4ed5408442a5af581244b53e5db189a55b0b23a3a39e2bb097be91fafda1c624afa99027f87aec942ce40ba7cd756be1d59dc8c99af47e3237d380162b83b65527fc88dcff59c4c6aaf5a45dfa2ee539a8961b32409ab1b87859eea06ef5317b381cdbe99a61daeb8ec6cce529bb0e91e5dc599906ac0f39f5232d2f2a7b424e0d1ab5c78811447e9afb09d847836b9aead671f48758af4efccf3384b4569de5adb94dcf44e0735b5fb240739efc4e5ca3fb73cc41c87fb199b1abfdc1d727266a4543bc0a9090c2da4946cbe4905827f1b722a0bdc03f9ae2e12e9b439d48481f5651d8e2cdb6b84f3947e6cc75f6694517cc42ec3377368f7812ca6fc051c7ceb93c26ed4856636fc214ea127e17af0d6db11f0db6a993494ac226c38538886480de47deb6c0efc28337c68e3f3d0d86ea0d91ac7a447f9b2fd7a4d1a08bdf0f9f89b6c4821ef71914f9db939ff0deff6b5259394f3a16fa6ceec05cff7cfedb23fe6ba57119ac26a08ebf38d5b68576da0b9001f45defbf68699e33c09e5b3869ba5908e73f6f7e8a9ad86f69018b4de759a1e98d9475c4222b077f90f7672a5f6635fe3a695dfaf9cd70a862ea2c18d1d69e85de49e0858dc92ca13d5a9c93608da1689f978d06e395b7365ab79bafd99e7652dee030047a7e65ac0efde06ae87da7b0bb5ef98494e1de06556fdb09f77a516fa16bb8162fe20d3875447c8c69d0b5ceecc9ab72fbb2504819f7db14703105386d703b1f3e02f91d01ce9e138ceab9fcfae1f6d9b5677cb549ba418ef5e87f24167f4fba517b8d2e2c2ac2f1357a7e129418be2d2f5340bff746e5cef52f2a64b290b76838a022315a1d4fa43fefa50ed8a74c6baf9b3c71e6a4d7fa0ed7a1f9d131a15ab89b7c50fefa663f16f2040afe887ac3bb1037039fa273f90123454d871967330ea0c66c15ce2977d6c4590bbe444f7b7870153654ca900d3581a6c0aff2e1b7e9aa2c75d9de1248f4bb60f050c9c8a74262f2e7afdf3078fd09845d77d99cb03412b0328898b4a655a11687974d7b2b0e42c5e907a9d8b6dcdcf4f0600a4bb8c819a624a43b1d9457c6bf31d30cbb7a56a3810986c1f877f036228e4eae635d1ee984276f305220583c4ba5d9205a846609e7897529b045363da88a2c95d4d80850ab19fd91d9a7d0cecb3ceacece89024837f324957fdacd7856a189caa8264fe9b30101bf05aefb2c0c72bb25f0898d22b2a048f92aad555eed6bb87be0872dc66ec1ba6f0958d846a658cab0f424828f29bb9e0c71403ca8ae7e4f6e23aaab6fe1e79f6eb20372c7e7d76c7e228c2cea44566ce4bd94da200da835c54eac5a38dd14b343a5c40ba13727ea5c19823698d3022c6f54fc4484cd555e40793110d0a6b3760b079a2356027b9cd758274b0c72193403e6ac00079aa41c1d11ad4605b256e07ec4281d12cb3f59be05458638c2091ec053ef6ae64c9d8bb38239338344ce64236558f591aeb215cba546f2c62fdeeefae03bbece9f1a960924c4f2cbb5f6775584a8b2ddee53d9261a69b9d656f079d89bc112223e7ca892e4ee7b1f80ad379111e9bb8337437b354da3e8a021cd08ecc385d0005469e2f6353e8c764fb46ed71cb7981f5be85daf55a5ee9a8bb88bfbfe0f41477abcd81a7b45900fbd55e6510db6caaacb4296fd9b42fdec2fd92e753da732ad2caa6823e66b2c5f1b9e73ac98ed848f3ed65f7230ee4796bac3b99b4da49bad9b08598ba6d22db2f9d20c829e6bee489fbbedc904344147d44665f9f418bd78939984f41a56c8116897d75d8bbd70590348f86b888a1d6b4c1721807c09b9b3e37b323b75eeffa2ae9be7210948aacbe6ad57446ad4ac266af49d949c525289ff169bb28be969a2f8a877939145dcd556366811342317b8b4cd90500c6185b7de4e5e14eee283600afb3b876cf387d1640189541d3b81fc19077f2009121fde0175e1de826c8d6cd790fd6b0d2bc21ba63d9a4d7aab38740fb4ee2f2c52e53099788e22775df699a4794a55a3cece0c74558b96938d9dd7f2d1fb663bdb2f115c450d4f23eb3ca0fd2198342428c33f1fe7c058ad738deeff64979e59fe4c71eae7523ff95eb4b6686522c2f415fb420665c94db02951477e87ee8dd2db149cc6df2a1173afa4332f63a527fd66d0a5400017b78037310c67d58c94f255ed7e01391e3707e2b2fa800f5ac74487aae0dbcdc74bbdbc77c2a4db0b3c2d5ddd682134edd0857ba542e9e0ffa53ebfb854f58bfde3d9d6e5dbcc3cac5e4f914d6779724379be8a38ca0fa53", @generic="98440f7280c636a651b457919cb8f66c7e9d46eefc51b8d50ced6ba7d2ad478fea3be90274197258532bd4bb68bdd96cbea61363c46cf126d66ee6a870a72d7ef30c38472aea89c31244d9a1e41e626b5f0fc891cf860850e9d1e753a631d4fe75e6654c78a5ae31c9b6e7df60e6bb9f43927a902de058739e9cda36e3ba445e20d9", @typed={0x8, 0x44, @ipv4}]}, @generic="0c2355d660ede70449350391e9d64e8fc3", @generic="fdf6ddcc554619bc41c5de8e2cf20040d4fa823fe12bc965caadb72158276d51c5450ab4f255f897dbe499aa87be02545f925597e2deb6f71a4a16d99a80b966d241f0df204d6c389895fdaf3bdec284bfe8a80084aa1e85e63a38a381", @nested={0x180, 0x81, [@generic="4d12125b86e31ed67cc296372425a07c9e1504ac4d80193c071c6342fe0398739cb5811b736db78a2d52bd9cd708f382b55b35a1d23639140979e5d7af22a262bac0ad716e45d970f11e2978d8b2f913f48c595bed9ae975", @generic="105ac16faa615e45a7c2f5fc56fec46a60cb7708972ff6b611b878c1fdf65434058a0cfadf9828", @typed={0x4, 0x94}, @typed={0x8, 0x16, @fd=r0}, @typed={0xc, 0x3f, @u64=0x4}, @typed={0x14, 0x4f, @ipv6=@mcast1}, @generic="b926f23e50000c171a0ab85b13279cc03cee8c003a680a49dda05e1d2e10c8ebe77322babc27309977f22ee09932f3064bca86d4c5e207191a909e2fd3e77d86a8e81785c0632004f8bbe4023e0388c8df92dfb89cea8e5bec6c675843bf87a301922b9359375212eca2cbc94ec9c6822b579b5056f96b9ab957c712acafd4076ef307e2ed31fb3a4565af468021199be60db0ab2db180bf52af435c0e86f5f3068ae9e372e55f1e296750a4904550c76b3830644d32e0e667aedb52340c8d36ad31e55872dddcb91ea3dc5397b48f7d"]}]}, 0x231c}, {&(0x7f0000002900)={0x1ec, 0x1b, 0x0, 0x70bd25, 0x25dfdbff, "", [@generic="ccafea3fafa025f3fa", @nested={0x1d0, 0x1a, [@generic="7901d5bff808ef4004c1144ca1826c305880b6b6e4ef3fcd6bfbe115743088a4e768c871a64d64401deb41bdd310a1c070669d09dc052e28f63ddea8c77cb291374e33d6d1640e61147086e8bc120700454cce5d8592ba605baf36315724c250dce35383474bf2ee4746a655f1bee8f11930c9e3bd16df2863473b9229dc403519b806f1ef5c105beab3caf3b2ef8aeeb6a558cb4cea7e23a2d49b8b17b7c80b71bd7eabfd566f6a0dd811dd06ab79aa0985bfa50666a93d93d1e1a83f4cc78f31e37eda4b90d44f80fbee375e38150fb4e5aca15838883987c6b68b274e47916f47cec435a2357a3f8b2ee371099b14d0c26e", @typed={0x8, 0x6d, @u32=0x20}, @generic="54591c0dfc56ac185a66a4fbbff0096cefefbe00f97c821243f6b671ba657a954e0d08154ddead0c8682b639834430e14d40e2058e16ef5fd98cb7f1fd927820c8e592e0746c79cbca1646829d41605b652cac2f32ce9779270d1214175f5687b899b95721979dc231918dcd9aba83b2a1755cbada2eb9c80fade6198a9123f8c45649d22fae11c266eebe484f3449a520c2438ee1929ce1787252aaf2ae603dcd8bed06ec81677b43b4a156665e29e6034116f60e0e6a3d7160e3cbbdf6278b6f552f6fbfbe287cf89646332aea3a45"]}]}, 0x1ec}, {&(0x7f0000002c40)={0x1148, 0x42, 0x700, 0x70bd2b, 0x25dfdbff, "", [@typed={0x8, 0x68, @u32=0x2}, @generic="267265e312ca2687a7dfb7e2001eeb238965aa43a9889271cd4381b4dd94e6bf87a44e7e709b5773fdb6db9d1ce05c1d57dd4e6ac05e987e227ac6ad76e6d19c0ef9d9113b20bc0fc3cb6792228573f62d1ff39137c91a066409c08372005864546db0f0461a39fb943d6b94cd163b76f767255202ad12f2ba367436632c29ff05b579a61bec8dd9b16e567f289afffef37e3f100d56d93e1880f696820b1a092f2457fe687b59f47f72", @generic="0ce6cf88eb49b623b2bea006047e39bae17031f52f5d3cb4635cfc5951fcfb87dae5a14e7d93b7fb50525939cb5feb30db2aa2fd532a5c21e2a0e5a33a20b6a2c5974666fdfc7771f9eb1ffe607184cf6ef4678faf35037f231cc33f8ef880f29f2f2553630637c4ba0a724e37109b61db697cf7d8e6a532e0e7ca87dcf866607fec1e48c12b1535fbc3a6ba8e26236ce016fe53d11cd998a4cfa219364a881b7c7cfeb1299f6b075e7a6ae6bf64d7a2f3dacc123a1b4a3e502380aa60c9b08ddef0482355662d73585d2fb106f8d00f6265487e0db403000f3494a9f3bab96644796ae20a4490967bc51990a26be8f84862e590d4f3ac89d921ef859b1e37f6de7046b55e562596e1a266069389f74e47c58089df0ce154e6e4502dd49f38bd6c82e68eb0098cf57d730ae272dc8d1e7f9e3beb21ac41c9bdb74118811b9435d5fcede58c35bdf8035b13384e2ccf17df9323346dea7ddeec3d9fc155c7cfadb571357d86bd436ebd947da60b4beea77e0e8455c323c45f41b3a0b88161fbd5a7c861bca030d49328f933349826f2b1bd66c678ea9799e89c3219a682e0e91a7d015b277e3f62efb06ab391146944b2db26a271160db1352de5214a9ea265f68e166332bc7ec5d2d0c1f1c42b14a745739e78ed72d3d6c9cbcc5be58da315b16b80bc26cd777562988d560f6fa1309f37e18763bb1c80b0528a89e5f7348e6e6b3e900483652a75a4df86f9451e90384f42c5b4664f9c40cfdd36a47228570e89bebde7ae310f8f66d89e86a20a0264e76c889b075625788356247838f204281e7d91b92b31ba98a2fccfc10f189d9f4fde2b113d8b9d3851f7da85d045eddbfeaf1b0f7e230d309d8c44a4408f81b11ee76765dbc271a7cab9eecea306d2c98c1f5d02e87a1e14b29aec6c186d91d60049c6b4e7fc51b7340e9d6d554ec8b84903cdc374610893d4bc30791806b0570fe5910a5c81bf860b74aa418a945ce4e2017a06774dd16c3fa034595b390340600b0e3c1861b1a5b99b48cebc9275263191e639198708d28c7187ea0cb110f5c76ad38e43a71019323ba78d5af8bdac1b3692b1032724df2bbc71484acfd682493851cb20cda37b99258ae6c3f6ab6f2998651b1a94c2f59efe8f3c9d4337ba73d13dca9cb2321ec3fb8291405b7147de524e93df98eca03d9de7c6e421ea4d8a030e65add7bb94b992816adf470e7b1096948a6762217fdab8fe6e0fc89435a17e38fb1c5f78f314edba1844784cee340475186e67b8ef1ad49c61ab30255267c80b7eae2a43dccbf3b36e87ada267d3ed2e52e9a4f555124746eb9a2466a74c6c373aaef240f4d0737e8641e8b466c9456317c7a0ef7c1b881bb58d783cdaf366563d293cad121fe059b6ba560faa08c1c8ae6cedf5da9fecd0e0f4af43328df80ad1d0b270a504a51809caf6cc8df6229152cea696c084e5ccbbf79faa98d3bea8a9bfb55d52c54c060feaafc66599ad6a0e4ae6a0743c8ae9b6fa6a3b1f0ea185d7eef05d8ec1f9e41de0b2f4a33a30f80a421115cbac1a0bf13271fba92866b50aaf60483f2bc782dffb728f568c1b0891cbd84d5f733f8cc789707f5ebdd64afbd904a3f05d115c709767d61df45e66e72d2beedeccb3745d2346dd345abda07d6e93e03b453e4dd553b05943d0f98236b069c2e6d89bb5c286244df245fffe6bdd87dc464cedcd173187006457687cb55ebb23dd811518be15c299d24d31aa3ed93947ba350957bebc6041c9fa50693fb8485060ad0c4c72234c2d0ff3ce76afabbea429e83d5a252fbd678d365abc7e33d8454462351f30107a4ddc73872cedd38d2ca2352e27565053838c994dc51ff790219df2f9a66149eef02670a7e9836ffb8c590f8558a54870906db1f4da9e5ff7c3e9ff49e3f1cef0a8bc0d0ebf3bb1522b470653a765eaef1d17dfbb18b932d33f74fb9c0fcdaed2f5d98edde6295f6f53e684fe254fbd35dfa9f623f1648f9cfa41efec4df9b3ce2149ef3129029a5f4ab2da4e44b5b8948ebc86a95080155b341ed82d0531f63dfde347de5f2f0e6bfd7b785a06950995a05d88da8966ceff07b7fe4a5cdddfc5bda2e38f639815d6ae38cb3c2d5c3762b1ced6c34918a69128628ed16a02efe1b2a99105cf1769fc241c54607ad41fc6b300fd22216053a013b7712f28f44a9664b3fa6d956a7073cd16b8e0bb6018c4e01721d69ff48ec309482a51e4b5cf8c2e77f3f08bef5ba5a3417d4caf60b75898f8e83856567065d62b46e0664d548ca21e65bbc6ab51cf9dc78f1853ade79b7e9edf9e608de24813af2dd30f9e059587f0d68764d76e8f2604c102acfa7c74378e86f9eb300fffe390716eb420b9f954ed4a7cfbe055ec2abc3bd3092eaba8715c79e83b6b14af2af7cce6407726b43db7223cb4ffe05e9a5fe55b0c00a486948afe50702a085bcb71bb04218f0589f35e34d3d5636b71ef64c85bbbf344b5e3b100497790c404b57beb3f9951a314970b8b7640b8ac87cd6da0dca6bdb3482583a2143c7f812ce2fdb8092301f86cb8f900fb8effe830e760a43e465a7c4bfbbc1b7623f32594504f2bd19ed123b2972e48cb15782dd67d3f518210a015115629c75c2f4338ac05514ec9bed3ace5688cc75fe80115158fbf69a105950abc19d9792239f9849714fffcae4863283477f1260c8c341a0eea48de55295ff28921213e9ba75b688f2c19fd6763f5e86d9ba7356f7d5b2c9b59f315ca14fd904a6605e2251b5ad718d62a051ec4d71e54647f6b3823edbe3ff7304b744c2a6643cb1d723af5e6d31fd296fcf528bbd3995f2367e579cf995c42506fe154dfc5e532ea812538650065b2de5016546fc265fed3e32a4b12ef0eb790c92ff551e531d01db5dbf65614e0a5a59ba50e9dfbb12c6d6201444aeb7ea85b57bf9e2c9699ca41d38a625cfef0e8e6ab001b25203aedde4c7e0e39cad4cc1c8b592dd634d4806ef192e4bc0a55380c11bc84ff82c8bbe82e9774993f5dc959b2c99edd9960e565aee9bf3ca229cc00ee9195502c6f7013460e8caa6c51adcce0b80e6028084c98c8c6001bf72357159ac30af9ec21001511c98b03000bd1aa65adc71b4e816583e08bc6edc102c7a0d37b1769893369ccc0a8d06c2a74e0654258ccab739cf2431dccc60536d1ef24035a1351bfee34a1a5d7126476fa239398a9f0a5300a27e51d531589cf7decb3be23010dd819d37c677d058e512a21eeb25a44001734c278bb1f955fc21906837609a71b0522e8f35a69dbd7b5ae408a00a7a6b223903b2bbdd22c4ca6b7ef6360794fa4b68af7fe14a9edcdcded54b04166f45fda03ebee28c30ed23e7f4fb75c24aad0eacbe00be5324b9043d8c3d9e8b87a3848a84c5dfc6b16f5c6225a8262d5ca96495159e6613ce8a86c898a713e35ec119c272b8b8a6a02b23ebda1d99d7e8a3213bf369464dd3e2df17463a997aa63200b424ac872410dc3b0065d1f7323807400b60d2de3c88ddc0350c13041d9112125a30ce2eefaa154033e74dd138bbcf4e0ea8e1950aa00e014201ace792dba05dae110723d4d337af4a21321fafc9ed812cbb25d559aaf42252870017dd32092583f1fb6a182d7dda72755260c763263547cb32db1de0c539fb94a51f8c2340d5fd1405b2d5050aff687443c802863794c83b3a31037a1c5a8e8075e44b458148ae87579234d0eed3280cca5c796d5b6c5d9d6cf1874d5fee1f50f19e751768f02bbe995e7db895f71e87d5e7ff65576e97515ae5f40b602746e7db2410102613014922d70c399e698546f35715a5a0c4b8a06770a98a4cd870bd92c32cb54be06932e282748994983298174651caae6e8c62a785fe6db4d207a5f0fe8120119d4e61cbc16a2043005cf50b0c2d72a3d9095b753f17ba50ea6b10b549622ece4fd2c8356df50c5f8046b35b4918427a627dbf6213cc8503386c54d78cfc217ed5a774f93e91c887044edc9447d953caac6c10cdf5f72ee0152878d987fd921a50047c0d1f977e443258edd4dab0b13f3fc9372e5323fb4c6a91a1bdce670cd93847468d0f626c17043959cc68246c1312e5e65dcf629db6018546e7eff0b97edea875291eeaed49717e77986238e6c7cb2ebae44fec2b33e0db1737e0625a9790625a0d2808b8d5cb963d2dd2b90a6b8eb2712a7d65d9166d4ed05b19c66ba350f37792e3b196ae24cd6c23651dd9c3f8ae69f135a72d8dc214602692cdf54f28e342327e476dca16f7bfcc2e5b3a84b6b2dcc7df8fe4a71b990408ee5aee8c664bc2141bef42de4cb478aa8d32054ffa434c1e7341e7eb66d6714cd5ef5a432e971a36963498c013ae3e5c09b503618a468a5325b77f88bc0061e0b1d8eb6624ed3a3fada01c6f240c664a0233bce02908e61107bf958f9633f5c577b6511eed40c06af3265baa869bc3c16d88548e05f36d2be6aa668e699b4961a99a3d819714d14075ece0682886d7b7bf5316eec699eb40370fb02735162387148579bcb4df346db944e71a9c652eef3a7699ff6fcb9c8b10922513545c1c2169184a431a061a036f4e54bc3e7a192cc47721c7f0fe50692a310174cd75cf0a987c76d9efa747b86efe4d14ac59fa5816081553e68a3e383679a795010ec2d3dc4e714d95ffe5b3c4191e5e3c629c6b2e940ba34516b332cda63c1b4efa574bd7428df5b92d25ce82fcd6801e0eedb7ae908db8df914ea034f3e96ac7b99f2cdd39d690afec024bbd560a7fe5b10b7e1e247cb47f8062795757f0f6ca34b1afbc30f20cc2e13e5416041f25c6599f4eedba30c38c9cb2e43788399406eb6340bd8f072a357aec9bbdaf216add462f813afd64e9fdb7d2d73794dcf58091506fa5517d76e342970ae7b553e27022fafe47c5c4a985fbfd8791b48141bc4e22fd46375fd236b6589bfd8cb9394cae288455d53b6d28f063d975fd0456318561f92d8de5f07076177f54077a82f3350e21337f343208aa8b87a48a222dffc391eaba709fb5c630976630ef4f633b4e2ca58ce6b9f000071a5329ad2f8b9d0cbda6218a376ca6cca996e4544450e8bb1dbc59b10676a4231e5b75a08aa8a47e357075a3efb6ac21d3bce792ce00628775cd7817ce8d538cb3e1dba20d1618e9c9f9d90cb0e30031948e589a364dbb42ef3ed1b180ec500f0fa1960def85fc47a6752e380d5f5a96d34918c0484d3235377d05c0f08160bfde12532d37ed7b4f26e15a166389d727f7707754040101f6eb62936231967fd9539eba7d34ea2675f862b4a8e4a1fa5666f0bded5f17ed700f80859ac555c5a3d23f46541b12c4861fc22e8366d2720a30d9c656652ced193d215c446cbc9a6bc65e7f043eafa916cc22b6ad3bf9013d1844cc8ba4be932ea2cc51546fff7152bbb8085602a3cf477f95bdc729c4061a1a79a17e696e05b629822d5352286b0735c3c7f5d911d6a7b5b638c08af62debeb8d49c2c527029ec65b789b07c630da5a0a368f37df0f255b520bf955547d394077faf9f03988b544e88dd4b005f9b364622484b57538128ec6815fb74a1975dd82ae6c8dfd84da0f4505bbf0dce09937084d023b1ff6d16214a6dc51a07d72fb8b785dad1d9e86bd4505d6dad30a39914ed8784ace35b396a793957ef487ae2d79a2d9a30b33c5b4d62ce57c613ead3a9e78e78165f340c0cd1f9cc4fad0a23f8fee77bee868f4075acf837d548a44d1787ea35bf5ce3d88e272c9bb5fff2166ae03c2e6aed2941513e87b56c1f50ec4aa095ddd610cb61bf903a126a6b5d9fea93", @typed={0x8, 0x56, @uid=r3}, @generic="9db4288dc46e4d8f9256d029390b96380177be0b4fa948980cc1840ce06d8409af985f2632d2bdad838c5f9555b878c6a252a759d36366b7672b54156c2a35a58c678e59e3055ded87787d65b6d37d153333915327bca5a84e8e5729cfeb4562eab0b029d977caee", @typed={0x14, 0x1f, @ipv6=@dev={0xfe, 0x80, [], 0x21}}]}, 0x1148}], 0x5, &(0x7f0000003e40)=[@rights={0x18, 0x1, 0x1, [r0, r0]}, @rights={0x20, 0x1, 0x1, [r0, r0, r0]}, @rights={0x20, 0x1, 0x1, [r0, r0, r0, r0]}], 0x58, 0x20fb42dd3d8147b}, 0x4)
fcntl$addseals(r0, 0x409, 0x2)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc), 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040), 0x4)

[  569.149759] attempt to access beyond end of device
[  569.154852] loop6: rw=12288, want=12296, limit=64
[  569.227365] FAULT_INJECTION: forcing a failure.
[  569.227365] name failslab, interval 1, probability 0, space 0, times 0
[  569.238706] CPU: 1 PID: 8643 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  569.245784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  569.255160] Call Trace:
[  569.257791]  dump_stack+0x1c9/0x2b4
[  569.261465]  ? dump_stack_print_info.cold.2+0x52/0x52
[  569.266835]  should_fail.cold.4+0xa/0x11
[  569.270927]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  569.276057]  ? save_stack+0xa9/0xd0
[  569.279716]  ? lock_downgrade+0x8f0/0x8f0
[  569.283889]  ? proc_fail_nth_write+0x9e/0x210
[  569.288406]  ? proc_cwd_link+0x1d0/0x1d0
[  569.292500]  ? find_held_lock+0x36/0x1c0
[  569.296622]  ? check_same_owner+0x340/0x340
[  569.300969]  ? rcu_note_context_switch+0x730/0x730
[  569.305932]  __should_failslab+0x124/0x180
[  569.310194]  should_failslab+0x9/0x14
[  569.314014]  __kmalloc+0x2c8/0x760
[  569.317604]  ? strncpy_from_user+0x510/0x510
[  569.322037]  ? fput+0x130/0x1a0
[  569.325346]  ? __x64_sys_memfd_create+0x142/0x4f0
[  569.330216]  __x64_sys_memfd_create+0x142/0x4f0
[  569.334912]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  569.340472]  ? memfd_fcntl+0x1580/0x1580
[  569.344579]  ? ksys_ioctl+0x81/0xd0
[  569.348236]  ? do_syscall_64+0x9a/0x820
[  569.352238]  do_syscall_64+0x1b9/0x820
[  569.356158]  ? syscall_return_slowpath+0x5e0/0x5e0
[  569.361115]  ? syscall_return_slowpath+0x31d/0x5e0
[  569.366079]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  569.371469]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  569.376340]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  569.381570] RIP: 0033:0x457089
[  569.384795] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  569.403724] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  569.411454] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
[  569.418743] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
13:47:18 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  569.426029] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  569.433322] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  569.440605] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000000
13:47:18 executing program 3:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
dup(r0)
r1 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0)
read(r1, &(0x7f0000001900)=""/4096, 0xae4)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070894b47e91f00aa9216628759c8a5522671c660eff279b6de96a88a009d26a1633b281fcca27b27aac56257bbf314bf146527808d4d6083b9d6c9b71bb59b23ff85be3bebb3604ed6f7d53d2fdbbe78f7cb57420000000000000000e2a22da586efcea0")
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000140)={<r3=>0xffffffffffffffff}, 0x13f, 0x100b}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r1, &(0x7f00000001c0)={0x10, 0x30, 0xfa00, {&(0x7f00000000c0), 0x3, {0xa, 0x4e21, 0x80000001, @dev={0xfe, 0x80, [], 0x20}, 0x80000000}, r3}}, 0x38)
ftruncate(r1, 0x80080)
r4 = mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x8010, r1, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000680)={r4})
sendfile(r2, r1, &(0x7f0000000080), 0x2008000fffffffe)
r5 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x0, 0x22000)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000300)={<r6=>0x0})
setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000640)=0x408b5607, 0x4)
r7 = mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x13, r0, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000440)={<r8=>0x0})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000480)={<r9=>0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000600)={0xe0, 0x0, &(0x7f00000004c0)=[@decrefs, @reply_sg={0x40486312, {{0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x28, 0x40, &(0x7f0000000280)=[@ptr={0x70742a85, 0x0, &(0x7f0000000240), 0x1, 0x0, 0xc}], &(0x7f00000002c0)=[0x28, 0x38, 0x4a9e76c5a04035e7, 0x58, 0x0, 0x38, 0x20, 0x0]}, 0x7}}, @increfs_done={0x40106308, r6}, @transaction_sg={0x40486311, {{0x2, 0x0, 0x2, 0x0, 0x10, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000380)=[@fda={0x66646185, 0x4, 0x1, 0x39}, @ptr={0x70742a85, 0x1, &(0x7f0000000340), 0x1, 0x0, 0x14}, @flat={0x77622a85, 0x100, r7, 0x3}], &(0x7f0000000400)=[0x78, 0x58, 0x58]}, 0x3}}, @free_buffer={0x40086303, r8}, @exit_looper, @clear_death={0x400c630f, 0x4, 0x4}, @free_buffer={0x40086303, r9}], 0xd8, 0x0, &(0x7f00000006c0)="fddff26d5ee9d122b923cf680e59ae07824fe659cbd63c8b01e8143ff338a5c5ecdc3e823c761ec490064bcd25f32ecd33f3fd8a6b7f4faf162a65e5f3f3953fc2971056d60a91ed69d5094444169eca0c8725ffffffff00000000a7294ec1e3e13c0fb4a8d98ee0425fb694b9615dc980da9a7d590ac09a7b6538e372d816ded1a46af359e5e01f9e4557e4602f0ba1637fef722dd76776c58d88c434561a84ee1b202ccb1c4881f17477e544f7063017f74fcb0424dc45c041a2032bf08abd0f1c9cb29ed2b87cc3b65baa9e0c2c57127b7c2b266efae6"})

13:47:18 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8023, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:18 executing program 4 (fault-call:0 fault-nth:1):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:18 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:18 executing program 1:
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x101000, 0x0)
ioctl$IOC_PR_RESERVE(r1, 0x401070c9, &(0x7f0000000080)={0x88, 0x7, 0x7fff})
getsockopt$packet_int(r0, 0x107, 0x15, &(0x7f0000000000), &(0x7f00000003c0)=0x1)

13:47:18 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:18 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x7a00}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  569.778709] attempt to access beyond end of device
[  569.783793] loop6: rw=12288, want=8200, limit=64
[  569.808419] FAULT_INJECTION: forcing a failure.
[  569.808419] name failslab, interval 1, probability 0, space 0, times 0
[  569.819762] CPU: 0 PID: 8679 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  569.826723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  569.836097] Call Trace:
[  569.838730]  dump_stack+0x1c9/0x2b4
[  569.842401]  ? dump_stack_print_info.cold.2+0x52/0x52
[  569.847650]  should_fail.cold.4+0xa/0x11
[  569.851402] attempt to access beyond end of device
[  569.851748]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  569.856761] loop6: rw=12288, want=12296, limit=64
[  569.861856]  ? find_held_lock+0x36/0x1c0
[  569.861883]  ? graph_lock+0x170/0x170
[  569.861897]  ? __lock_acquire+0x7fc/0x5020
13:47:18 executing program 3:
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000100)={0x8, 0x1})
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000380)={0x8003, 0xa})
r1 = shmget(0x0, 0x1000, 0x78001496, &(0x7f0000ffc000/0x1000)=nil)
shmctl$SHM_INFO(r1, 0xe, &(0x7f0000000000)=""/18)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_VOICE(r2, 0x112, 0xb, &(0x7f0000000040)=0xfffffffffffffffc, &(0x7f0000000080)=0x2)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

13:47:18 executing program 7:
r0 = creat(&(0x7f0000001340)='./file0\x00', 0x103)
ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000001380)=0x1)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup3(r0, r1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000001400)=@req3={0x9, 0x2, 0x7ff, 0x7, 0x100, 0x0, 0xfffffffffffffffb}, 0x1c)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000001440)={0x2, 0xf004, 0x800, 0x4, 0x8b6})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
symlink(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00')
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000)={0x100000000000}, &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0x8)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x5, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
read$FUSE(r4, &(0x7f0000000340), 0x1000)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r1, 0x4008ae48, &(0x7f00000013c0)=0x7004)

[  569.861916]  ? lock_downgrade+0x8f0/0x8f0
[  569.883116]  ? find_held_lock+0x36/0x1c0
[  569.883131] attempt to access beyond end of device
[  569.887222]  ? check_same_owner+0x340/0x340
[  569.887243]  ? rcu_note_context_switch+0x730/0x730
[  569.887258]  ? find_held_lock+0x36/0x1c0
[  569.887284]  __should_failslab+0x124/0x180
[  569.892254] loop6: rw=12288, want=8200, limit=64
[  569.896577]  should_failslab+0x9/0x14
[  569.896597]  kmem_cache_alloc+0x2af/0x760
[  569.896610]  ? lock_downgrade+0x8f0/0x8f0
[  569.896635]  ? shmem_destroy_callback+0xc0/0xc0
[  569.908015] attempt to access beyond end of device
[  569.909886]  shmem_alloc_inode+0x1b/0x40
[  569.909903]  alloc_inode+0x63/0x190
[  569.909920]  new_inode_pseudo+0x71/0x1a0
[  569.909935]  ? prune_icache_sb+0x1b0/0x1b0
[  569.909954]  ? _raw_spin_unlock+0x22/0x30
[  569.909972]  new_inode+0x1c/0x40
[  569.915009] loop6: rw=12288, want=12296, limit=64
[  569.918577]  shmem_get_inode+0xf1/0x910
[  569.918600]  ? shmem_encode_fh+0x340/0x340
[  569.918614]  ? lock_downgrade+0x8f0/0x8f0
[  569.918630]  ? lock_release+0xa30/0xa30
[  569.981330]  ? check_same_owner+0x340/0x340
[  569.985676]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  569.990707]  ? __check_object_size+0xa3/0x5d7
[  569.995225]  __shmem_file_setup.part.45+0x83/0x2a0
[  570.000171]  shmem_file_setup+0x65/0x90
[  570.004251]  __x64_sys_memfd_create+0x2af/0x4f0
[  570.009036]  ? memfd_fcntl+0x1580/0x1580
[  570.013110]  ? ksys_ioctl+0x81/0xd0
[  570.016769]  ? do_syscall_64+0x9a/0x820
[  570.020758]  do_syscall_64+0x1b9/0x820
[  570.024658]  ? finish_task_switch+0x1d3/0x870
[  570.029173]  ? syscall_return_slowpath+0x5e0/0x5e0
[  570.034119]  ? syscall_return_slowpath+0x31d/0x5e0
[  570.039078]  ? __switch_to_asm+0x34/0x70
[  570.043160]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  570.048574]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  570.053425]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  570.058616] RIP: 0033:0x457089
[  570.061827] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  570.081207] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  570.088935] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
[  570.096204] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
[  570.103486] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  570.110768] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  570.118046] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000001
[  570.143482] attempt to access beyond end of device
[  570.148699] loop6: rw=12288, want=8200, limit=64
[  570.162092] attempt to access beyond end of device
[  570.167137] loop6: rw=12288, want=12296, limit=64
[  570.173466] attempt to access beyond end of device
[  570.178761] loop6: rw=12288, want=8200, limit=64
[  570.185095] attempt to access beyond end of device
13:47:18 executing program 4 (fault-call:0 fault-nth:2):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:18 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8002, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  570.190229] loop6: rw=12288, want=12296, limit=64
13:47:18 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)="3970ff", 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:18 executing program 1:
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
bind$nfc_llcp(r1, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754a539d39c2bd6a40fa8c8aa024d86cdc834bc921c0525fec2541e21ccf67e1d7b55cabe9e068dd58ce565aa9a9d325ebac7627ffe7a54cdbd77b3"}, 0x60)
bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x4, 0x0, 0x0, "48fb39fe415d84daa8cb821aaba7ba58c6a4d537711ecd89e537bc02b181f187b19423316480477beec2c29087e9a63a84d101b8f1615ab346e600"}, 0x60)
dup2(r1, r0)

[  570.445142] FAULT_INJECTION: forcing a failure.
[  570.445142] name failslab, interval 1, probability 0, space 0, times 0
[  570.456474] CPU: 1 PID: 8710 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  570.463435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  570.472805] Call Trace:
[  570.475438]  dump_stack+0x1c9/0x2b4
[  570.479117]  ? dump_stack_print_info.cold.2+0x52/0x52
[  570.484359]  should_fail.cold.4+0xa/0x11
[  570.488464]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  570.493611]  ? trace_hardirqs_on+0x10/0x10
[  570.497867]  ? __kernel_text_address+0xd/0x40
[  570.502506]  ? unwind_get_return_address+0x61/0xa0
[  570.507513]  ? find_held_lock+0x36/0x1c0
[  570.511835]  ? check_same_owner+0x340/0x340
[  570.516190]  ? rcu_note_context_switch+0x730/0x730
[  570.521152]  __should_failslab+0x124/0x180
[  570.525416]  should_failslab+0x9/0x14
[  570.529244]  kmem_cache_alloc+0x2af/0x760
[  570.533416]  ? mpol_shared_policy_init+0x235/0x670
[  570.538372]  ? lock_downgrade+0x8f0/0x8f0
[  570.542577]  __d_alloc+0xc8/0xd50
[  570.546056]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  570.551108]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  570.556152]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  570.561373]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  570.566935]  ? timespec64_trunc+0xea/0x180
[  570.571195]  ? inode_init_owner+0x340/0x340
[  570.575567]  ? _raw_spin_unlock+0x22/0x30
[  570.579752]  ? current_time+0x131/0x1b0
[  570.583749]  ? timespec64_trunc+0x180/0x180
[  570.588104]  ? __lockdep_init_map+0x105/0x590
[  570.592642]  d_alloc_pseudo+0x1d/0x30
[  570.596473]  alloc_file_pseudo+0x158/0x3f0
[  570.600741]  ? alloc_file+0x430/0x430
[  570.604593]  ? check_same_owner+0x340/0x340
[  570.608947]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  570.613990]  ? __check_object_size+0xa3/0x5d7
[  570.618514]  ? kasan_check_write+0x14/0x20
[  570.622814]  __shmem_file_setup.part.45+0x110/0x2a0
[  570.627867]  shmem_file_setup+0x65/0x90
[  570.631870]  __x64_sys_memfd_create+0x2af/0x4f0
[  570.636590]  ? memfd_fcntl+0x1580/0x1580
[  570.640675]  ? ksys_ioctl+0x81/0xd0
[  570.644328]  ? do_syscall_64+0x9a/0x820
[  570.648332]  do_syscall_64+0x1b9/0x820
[  570.652243]  ? syscall_return_slowpath+0x5e0/0x5e0
[  570.657194]  ? syscall_return_slowpath+0x31d/0x5e0
[  570.662149]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  570.667566]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  570.672442]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  570.677649] RIP: 0033:0x457089
[  570.680870] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  570.699785] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  570.707518] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
[  570.714826] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
[  570.722114] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  570.729401] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  570.736815] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000002
13:47:19 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240))

13:47:19 executing program 3:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x4031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x7, 0x0, 0x4, 0x0, 0x200})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f00000000c0)={<r1=>0x0, 0x7}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={r1, @in6={{0xa, 0x4e21, 0x9, @empty, 0x20}}, 0x2c6, 0x1, 0x7069, 0x5, 0x42}, 0x98)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f0000000040)={'tunl0\x00', {0x2, 0x4e21, @loopback}})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000838fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1})
r3 = dup(0xffffffffffffffff)
futex(&(0x7f0000012ffc), 0x0, 0x0, &(0x7f0000000000), &(0x7f00003cfffc), 0x0)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000f8d000)={&(0x7f0000012000/0x2000)=nil, 0x2000})
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f0000000400)={&(0x7f0000000140), 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="ec000000", @ANYRES16=r4, @ANYBLOB="040026bd70df250900000008000600d300000050000100080002003b000000080001000a00000008000b0073697000080009002a0000001400030000000000000000000000ffffac1414aa08000800150e00402e315d5d86f30008000200ef00000008000800f6f9ffff50010000080003000100000008000300040000001400020073797a5f74756e00000000000000000008000100030000000800040005000000080007004e210000080001000100fb9f08000100000000000c00020008080009000000240001000c00070037000000050000000c0007000100000031000000080009003d000000a3d318d2d25b94bea9264a97eabeb611c4405aa17125161e4308da160f8c3fb11ea710dff9e92c2591be"], 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x800)

[  570.809029] attempt to access beyond end of device
[  570.814126] loop6: rw=12288, want=8200, limit=64
[  570.831495] attempt to access beyond end of device
[  570.836675] loop6: rw=12288, want=12296, limit=64
[  570.844202] attempt to access beyond end of device
[  570.849244] loop6: rw=12288, want=8200, limit=64
[  570.854311] attempt to access beyond end of device
[  570.859445] loop6: rw=12288, want=12296, limit=64
[  570.907127] attempt to access beyond end of device
[  570.912437] loop6: rw=12288, want=8200, limit=64
13:47:19 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p>', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:19 executing program 4 (fault-call:0 fault-nth:3):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  570.989004] attempt to access beyond end of device
[  570.994095] loop6: rw=12288, want=12296, limit=64
[  571.026889] attempt to access beyond end of device
[  571.031982] loop6: rw=12288, want=8200, limit=64
13:47:19 executing program 1:
r0 = syz_open_pts(0xffffffffffffffff, 0x4001)
ioctl$KDMKTONE(r0, 0x4b30, 0x1)
syz_emit_ethernet(0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaafffff7ffffff08004500005c0000000000019078b11414bbac1414110502907800000000400100130044748b52b15f8602000000002f0000ac1414aaac1414005f23ef3313baa326000000007f00000100000000ffffffff00000000e00000ac141400000000000000000000"], &(0x7f0000000000)={0x0, 0x3, [0x0, 0x0, 0x8dd]})
syz_open_dev$adsp(&(0x7f0000000380)='/dev/adsp#\x00', 0x8, 0x4000)
syz_open_dev$dspn(&(0x7f0000000480)='/dev/dsp#\x00', 0x8, 0x103800)
socket$inet6(0xa, 0xa, 0x40)
syz_init_net_socket$bt_l2cap(0x1f, 0xb, 0x0)
syz_open_dev$mice(&(0x7f0000000500)='/dev/input/mice\x00', 0x0, 0x109000)
socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000580)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000540)=<r2=>0x0)
sched_setattr(r2, &(0x7f0000000180)={0x30, 0x0, 0x0, 0x0, 0x4f69b82b, 0x1875, 0xc36, 0xb9e}, 0x0)
r3 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x3ff, 0x800)
r4 = getuid()
stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
write$FUSE_CREATE_OPEN(r3, &(0x7f00000002c0)={0xa0, 0x0, 0x3, {{0x2, 0x0, 0x8, 0xa4b, 0x0, 0xdf7, {0x6, 0xaef9, 0x0, 0x7, 0x3ff, 0xa55b, 0x2, 0x70e7, 0x6, 0x80000001, 0x4b5, r4, r5, 0x3, 0x80000000}}, {0x0, 0x4}}}, 0xa0)
r6 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x3, 0x400102)
recvmmsg(r6, &(0x7f00000000c0), 0x0, 0x40010003, &(0x7f0000000100)={0x0, 0x1c9c380})

13:47:19 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8004, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  571.037843] attempt to access beyond end of device
[  571.042971] loop6: rw=12288, want=12296, limit=64
13:47:19 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240))

13:47:19 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x4c00}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:19 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r1 = socket$inet6(0xa, 0x100000003, 0x3a)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000003c0)={&(0x7f0000000180)='./file0\x00', r0}, 0x10)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x100)
clock_gettime(0x0, &(0x7f0000000580)={<r3=>0x0, <r4=>0x0})
timerfd_settime(r2, 0x1, &(0x7f0000000500)={{r3, r4+30000000}, {0x0, 0x1c9c380}}, &(0x7f0000000540))
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000002c0)={@in={{0x2, 0x4e20, @rand_addr=0x9}}, 0xffff, 0x40, 0x7e26, "ab4499b28c1bc64245602f5c36a6abb0407d40eadefe04b401eea2323c9a46849246a0392f3b246e9cb2f8cce4b38175c9e027b8694315adc6fa2a34131286706eeb22a241c14d3f4c109bcfca568c33"}, 0xd8)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x599000, 0x0)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000140), &(0x7f00000001c0)=0x4)
ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f00000000c0)={'bond_slave_1\x00'})
r6 = accept(0xffffffffffffffff, &(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, &(0x7f0000000400)=0x80)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000040), &(0x7f0000000080)=0x4)
ioctl$SG_GET_RESERVED_SIZE(r5, 0x2272, &(0x7f00000004c0))
sendto$inet6(r1, &(0x7f0000000240)="17b56ab286e4161d8cf9b83643820100d91c52de119fa6a11c1f95000000000000", 0x21, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty, 0x7fff}, 0x1c)

[  571.207575] FAULT_INJECTION: forcing a failure.
[  571.207575] name failslab, interval 1, probability 0, space 0, times 0
[  571.218952] CPU: 0 PID: 8745 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  571.225904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  571.235282] Call Trace:
[  571.237912]  dump_stack+0x1c9/0x2b4
[  571.241610]  ? dump_stack_print_info.cold.2+0x52/0x52
[  571.246850]  should_fail.cold.4+0xa/0x11
[  571.251033]  ? save_stack+0x43/0xd0
[  571.254698]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  571.259852]  ? lock_downgrade+0x8f0/0x8f0
[  571.264040]  ? graph_lock+0x170/0x170
[  571.267882]  ? kasan_check_read+0x11/0x20
[  571.272070]  ? find_held_lock+0x36/0x1c0
[  571.276313]  ? check_same_owner+0x340/0x340
[  571.280667]  ? graph_lock+0x170/0x170
[  571.284501]  ? rcu_note_context_switch+0x730/0x730
[  571.289498]  ? kasan_check_read+0x11/0x20
[  571.293721]  __should_failslab+0x124/0x180
[  571.297982]  should_failslab+0x9/0x14
[  571.301804]  kmem_cache_alloc+0x2af/0x760
[  571.305977]  ? find_held_lock+0x36/0x1c0
[  571.310051]  alloc_empty_file+0x11a/0x580
[  571.314265]  ? proc_nr_files+0x60/0x60
[  571.318163]  ? kasan_check_read+0x11/0x20
[  571.322316]  ? do_raw_spin_unlock+0xa7/0x2f0
[  571.326750]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  571.331354]  ? kasan_check_write+0x14/0x20
[  571.335599]  ? do_raw_spin_lock+0xc1/0x200
[  571.339863]  alloc_file+0x5c/0x430
[  571.343454]  alloc_file_pseudo+0x261/0x3f0
[  571.347726]  ? alloc_file+0x430/0x430
[  571.351596]  ? check_same_owner+0x340/0x340
[  571.356072]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  571.361164]  ? __check_object_size+0xa3/0x5d7
[  571.365689]  ? kasan_check_write+0x14/0x20
[  571.369961]  __shmem_file_setup.part.45+0x110/0x2a0
[  571.375021]  shmem_file_setup+0x65/0x90
[  571.379010]  __x64_sys_memfd_create+0x2af/0x4f0
[  571.383684]  ? memfd_fcntl+0x1580/0x1580
[  571.387768]  ? ksys_ioctl+0x81/0xd0
[  571.391610]  ? do_syscall_64+0x9a/0x820
[  571.395635]  do_syscall_64+0x1b9/0x820
[  571.399591]  ? finish_task_switch+0x1d3/0x870
[  571.404114]  ? syscall_return_slowpath+0x5e0/0x5e0
[  571.409066]  ? syscall_return_slowpath+0x31d/0x5e0
[  571.414021]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  571.419397]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  571.424322]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  571.429529] RIP: 0033:0x457089
[  571.432765] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  571.451938] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  571.459765] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
[  571.467113] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
[  571.474438] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  571.481724] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  571.488999] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000003
13:47:20 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:20 executing program 1:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
semop(0x0, &(0x7f0000000100)=[{}], 0x1)
r0 = accept4$vsock_stream(0xffffffffffffff9c, &(0x7f0000000000)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10, 0x800)
pread64(r0, &(0x7f0000000040)=""/102, 0x66, 0x0)

13:47:20 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p=', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:20 executing program 4 (fault-call:0 fault-nth:4):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  571.614417] f2fs_msg: 133 callbacks suppressed
[  571.614436] F2FS-fs (loop6): Fix alignment : done, start(5120) end(19456) block(13312)
[  571.627710] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  571.635112] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  571.659659] attempt to access beyond end of device
[  571.664704] loop6: rw=12288, want=8200, limit=64
[  571.682889] F2FS-fs (loop6): invalid crc value
[  571.688340] attempt to access beyond end of device
[  571.693581] loop6: rw=12288, want=12296, limit=64
[  571.699251] F2FS-fs (loop6): invalid crc value
[  571.704051] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
13:47:20 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240))

[  571.710846] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  571.718051] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  571.728661] attempt to access beyond end of device
[  571.733956] loop6: rw=12288, want=8200, limit=64
[  571.739408] F2FS-fs (loop6): invalid crc value
[  571.745238] attempt to access beyond end of device
[  571.750341] loop6: rw=12288, want=12296, limit=64
[  571.756248] F2FS-fs (loop6): invalid crc value
13:47:20 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x21f7}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  571.824534] attempt to access beyond end of device
[  571.829699] loop6: rw=12288, want=8200, limit=64
[  571.836527] attempt to access beyond end of device
[  571.841654] loop6: rw=12288, want=12296, limit=64
13:47:20 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000100)=ANY=[@ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYRESDEC=r0, @ANYRES32=r0, @ANYBLOB="00000000d16f0000000000000000000000000000000000000000000006191c5e8ff180c076a86d"])
ioctl$TUNSETLINK(r0, 0x400454cd, 0x313)

[  571.872508] attempt to access beyond end of device
[  571.877643] loop6: rw=12288, want=8200, limit=64
[  571.892157] attempt to access beyond end of device
[  571.897235] loop6: rw=12288, want=12296, limit=64
[  572.001317] FAULT_INJECTION: forcing a failure.
[  572.001317] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  572.013277] CPU: 1 PID: 8800 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  572.020234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  572.029604] Call Trace:
[  572.032223]  dump_stack+0x1c9/0x2b4
[  572.035882]  ? dump_stack_print_info.cold.2+0x52/0x52
[  572.041110]  should_fail.cold.4+0xa/0x11
[  572.045199]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  572.050326]  ? print_usage_bug+0xc0/0xc0
[  572.054409]  ? graph_lock+0x170/0x170
[  572.058234]  ? find_held_lock+0x36/0x1c0
[  572.062320]  ? graph_lock+0x170/0x170
[  572.066159]  ? find_held_lock+0x36/0x1c0
[  572.070252]  ? __lock_is_held+0xb5/0x140
[  572.074354]  ? check_same_owner+0x340/0x340
[  572.078701]  ? find_get_entry+0x2e4/0xc90
[  572.082873]  ? rcu_note_context_switch+0x730/0x730
[  572.087839]  __alloc_pages_nodemask+0x36e/0xdb0
[  572.092529]  ? trace_hardirqs_on+0x10/0x10
[  572.096818]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  572.101879]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  572.106917]  ? percpu_counter_add_batch+0xf2/0x150
[  572.111881]  ? mpol_shared_policy_lookup+0xf7/0x150
[  572.116929]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  572.122495]  alloc_pages_vma+0xdd/0x540
[  572.126502]  shmem_alloc_page+0xa8/0x190
[  572.130610]  ? shmem_swapin+0x230/0x230
[  572.134638]  shmem_alloc_and_acct_page+0x1f1/0x820
[  572.139613]  ? shmem_alloc_hugepage+0x4e0/0x4e0
[  572.144300]  ? print_usage_bug+0xc0/0xc0
[  572.148395]  shmem_getpage_gfp+0x6ea/0x41e0
[  572.152757]  ? shmem_writepage+0x1380/0x1380
[  572.157184]  ? print_usage_bug+0xc0/0xc0
[  572.161266]  ? print_usage_bug+0xc0/0xc0
[  572.165344]  ? print_usage_bug+0xc0/0xc0
[  572.169426]  ? __lock_acquire+0x7fc/0x5020
[  572.173680]  ? print_usage_bug+0xc0/0xc0
[  572.177766]  ? print_usage_bug+0xc0/0xc0
[  572.181853]  ? check_noncircular+0x20/0x20
[  572.186112]  ? print_usage_bug+0xc0/0xc0
[  572.190197]  ? print_usage_bug+0xc0/0xc0
[  572.194280]  ? trace_hardirqs_on+0x10/0x10
[  572.198539]  ? check_noncircular+0x20/0x20
[  572.202821]  ? __lock_acquire+0x7fc/0x5020
[  572.207083]  ? __lock_acquire+0x7fc/0x5020
[  572.211351]  ? trace_hardirqs_on+0x10/0x10
[  572.215621]  ? print_usage_bug+0xc0/0xc0
[  572.219724]  ? graph_lock+0x170/0x170
[  572.223565]  ? print_usage_bug+0xc0/0xc0
[  572.227649]  ? print_usage_bug+0xc0/0xc0
[  572.231732]  ? __lock_acquire+0x7fc/0x5020
[  572.235987]  ? __lock_acquire+0x7fc/0x5020
[  572.240241]  ? __lock_acquire+0x7fc/0x5020
[  572.244496]  ? graph_lock+0x170/0x170
[  572.248322]  ? find_held_lock+0x36/0x1c0
[  572.252402]  ? print_usage_bug+0xc0/0xc0
[  572.256489]  ? lock_downgrade+0x8f0/0x8f0
[  572.260654]  ? kasan_check_read+0x11/0x20
[  572.264817]  ? lock_release+0xa30/0xa30
[  572.268813]  ? mark_held_locks+0xc9/0x160
[  572.272984]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  572.278540]  ? iov_iter_fault_in_readable+0x23d/0x460
[  572.283773]  ? copy_page_from_iter+0x890/0x890
[  572.288372]  ? __sanitizer_cov_trace_pc+0x4d/0x50
[  572.293235]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  572.298445]  shmem_write_begin+0x110/0x1e0
[  572.302707]  generic_perform_write+0x3ae/0x6c0
[  572.307319]  ? add_page_wait_queue+0x2c0/0x2c0
[  572.311914]  ? file_update_time+0xe4/0x640
[  572.316169]  ? current_time+0x1b0/0x1b0
[  572.320173]  ? down_write+0x8f/0x130
[  572.323907]  __generic_file_write_iter+0x26e/0x630
[  572.328859]  generic_file_write_iter+0x438/0x870
[  572.333693]  ? __generic_file_write_iter+0x630/0x630
[  572.338817]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  572.344371]  ? iov_iter_init+0xc9/0x1f0
[  572.348370]  __vfs_write+0x6af/0x9d0
[  572.352106]  ? kernel_read+0x120/0x120
[  572.356018]  ? __lock_is_held+0xb5/0x140
[  572.360114]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  572.365670]  ? __sb_start_write+0x17f/0x300
[  572.370012]  vfs_write+0x1f8/0x560
[  572.373597]  ksys_pwrite64+0x181/0x1b0
[  572.377504]  ? __ia32_sys_pread64+0xf0/0xf0
[  572.381844]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  572.387413]  ? fput+0x130/0x1a0
[  572.390711]  ? do_sys_ftruncate+0x44e/0x560
[  572.395124]  __x64_sys_pwrite64+0x97/0xf0
[  572.399296]  do_syscall_64+0x1b9/0x820
[  572.403202]  ? finish_task_switch+0x1d3/0x870
[  572.407716]  ? syscall_return_slowpath+0x5e0/0x5e0
[  572.412667]  ? syscall_return_slowpath+0x31d/0x5e0
[  572.417617]  ? __switch_to_asm+0x34/0x70
[  572.421694]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  572.427094]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  572.432201]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  572.437403] RIP: 0033:0x410e27
[  572.440619] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  572.459531] RSP: 002b:00007f935cfd3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  572.467278] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 0000000000410e27
[  572.474576] RDX: 0000000000000048 RSI: 0000000020000500 RDI: 0000000000000004
[  572.481858] RBP: 0000000000000000 R08: 0000000020000218 R09: 00000000fbad8001
[  572.489140] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004
[  572.496423] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000004
13:47:21 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8009, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:21 executing program 1:
r0 = socket$kcm(0x29, 0x200000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000040)="0042fc2f07d82c99240970")
r1 = socket(0x40000000015, 0x5, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r2=>0x0}, &(0x7f0000000200)=0x5)
r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x6, 0xe4400)
ioctl$IOC_PR_REGISTER(r3, 0x401870c8, &(0x7f00000000c0)={0x100000001, 0x80000001})
setresuid(r2, r2, 0x0)
setfsuid(0x0)
bind$rds(r3, &(0x7f0000000100)={0x2, 0x4e22, @broadcast}, 0x10)
connect$bt_sco(r1, &(0x7f0000000000)={0x1f, {0x2, 0x50c2, 0x100000001, 0x6, 0x18b1d49c, 0x8}}, 0x8)

13:47:21 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9pF', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:21 executing program 3:
r0 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
ioctl$BLKZEROOUT(r0, 0x1277, &(0x7f0000000040)={0x1002})
llistxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=""/119, 0x77)

13:47:21 executing program 4 (fault-call:0 fault-nth:5):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:21 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500), 0x0, 0x10000}], 0x0, &(0x7f0000000240))

13:47:21 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x840, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000100)=0x5, 0x8)
r1 = socket$netlink(0x10, 0x3, 0x1f)
recvfrom$inet(r0, &(0x7f0000000180)=""/178, 0xb2, 0x40000040, 0x0, 0x0)
getpgid(0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000340)=<r2=>0x0)
timer_create(0x80000000000000, &(0x7f0000000380)={0x0, 0x2c, 0x0, @tid=r2}, &(0x7f0000000240))
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000040), 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000140))
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000080)=0xc)

13:47:21 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f00000002c0))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r0, 0xae80, 0x0)

[  572.832099] attempt to access beyond end of device
[  572.837224] loop6: rw=12288, want=8200, limit=64
[  572.857738] attempt to access beyond end of device
[  572.862930] loop6: rw=12288, want=12296, limit=64
[  572.873588] attempt to access beyond end of device
13:47:21 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xf7}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  572.878681] loop6: rw=12288, want=8200, limit=64
[  572.889448] attempt to access beyond end of device
[  572.894576] loop6: rw=12288, want=12296, limit=64
13:47:21 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  572.949008] attempt to access beyond end of device
[  572.954117] loop6: rw=12288, want=8200, limit=64
[  572.967075] attempt to access beyond end of device
[  572.972168] loop6: rw=12288, want=12296, limit=64
13:47:21 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000580)={&(0x7f0000000140), 0xc, &(0x7f0000000080)={&(0x7f0000000200)={0x14, 0xb, 0x6, 0x1}, 0x14}}, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x10000, 0x0)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0xffffffffffffffff, 0x4, 0xfff, 0x23}, {0x1ff, 0x4, 0xce, 0x400}]})

[  572.997116] attempt to access beyond end of device
[  573.002452] loop6: rw=12288, want=8200, limit=64
[  573.049645] FAULT_INJECTION: forcing a failure.
[  573.049645] name failslab, interval 1, probability 0, space 0, times 0
[  573.057953] attempt to access beyond end of device
[  573.061517] CPU: 0 PID: 8853 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  573.066764] loop6: rw=12288, want=12296, limit=64
[  573.073773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  573.073781] Call Trace:
[  573.073811]  dump_stack+0x1c9/0x2b4
[  573.073842]  ? dump_stack_print_info.cold.2+0x52/0x52
[  573.073866]  ? print_usage_bug+0xc0/0xc0
[  573.103588]  should_fail.cold.4+0xa/0x11
[  573.107675]  ? print_usage_bug+0xc0/0xc0
[  573.111768]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  573.116897]  ? __lock_acquire+0x7fc/0x5020
[  573.121160]  ? print_usage_bug+0xc0/0xc0
[  573.125236]  ? __lock_acquire+0x7fc/0x5020
[  573.129492]  ? __lock_acquire+0x7fc/0x5020
[  573.133747]  ? trace_hardirqs_on+0x10/0x10
[  573.138095]  ? rb_erase_cached+0xc82/0x32c0
[  573.142439]  ? __lock_acquire+0x7fc/0x5020
[  573.146693]  ? print_usage_bug+0xc0/0xc0
[  573.150767]  ? trace_hardirqs_on+0x10/0x10
[  573.155022]  ? __lock_acquire+0x7fc/0x5020
[  573.159275]  ? print_usage_bug+0xc0/0xc0
[  573.163354]  ? trace_hardirqs_on+0x10/0x10
[  573.167613]  ? __lock_is_held+0xb5/0x140
[  573.171770]  __should_failslab+0x124/0x180
[  573.176047]  should_failslab+0x9/0x14
[  573.179872]  kmem_cache_alloc+0x47/0x760
[  573.183958]  ? radix_tree_node_alloc.constprop.19+0x310/0x310
[  573.189874]  radix_tree_node_alloc.constprop.19+0x1e6/0x310
[  573.195620]  __radix_tree_create+0x4d6/0x840
[  573.200059]  ? radix_tree_maybe_preload_order+0x110/0x110
[  573.205620]  ? find_held_lock+0x36/0x1c0
[  573.209708]  ? __lock_acquire+0x7fc/0x5020
[  573.213966]  ? find_held_lock+0x36/0x1c0
[  573.218063]  ? trace_hardirqs_on+0x10/0x10
[  573.222313]  ? mark_held_locks+0xc9/0x160
[  573.226484]  __radix_tree_insert+0x107/0x8f0
[  573.230912]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  573.235944]  ? trace_hardirqs_on+0xd/0x10
[  573.240112]  ? __radix_tree_create+0x840/0x840
[  573.244778]  ? lock_acquire+0x1e4/0x540
[  573.248777]  ? shmem_add_to_page_cache+0x49c/0xe00
[  573.253730]  ? lock_release+0xa30/0xa30
[  573.257727]  ? lock_downgrade+0x8f0/0x8f0
[  573.261890]  ? rcu_is_watching+0x8c/0x150
[  573.266061]  ? kasan_check_write+0x14/0x20
[  573.270315]  ? do_raw_spin_lock+0xc1/0x200
[  573.274598]  shmem_add_to_page_cache+0x988/0xe00
[  573.279381]  ? shmem_put_link+0x280/0x280
[  573.283614]  ? lock_downgrade+0x8f0/0x8f0
[  573.287790]  ? kasan_check_read+0x11/0x20
[  573.291957]  ? rcu_is_watching+0x8c/0x150
[  573.296124]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  573.300822]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  573.306383]  ? mem_cgroup_throttle_swaprate+0x2ef/0x888
[  573.311768]  ? swap_duplicate+0x80/0x80
[  573.315774]  ? shmem_alloc_hugepage+0x4e0/0x4e0
[  573.320614]  ? __lock_acquire+0x7fc/0x5020
[  573.324873]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  573.329908]  ? __radix_tree_preload+0x173/0x1d0
[  573.334629]  shmem_getpage_gfp+0x81b/0x41e0
[  573.338997]  ? shmem_writepage+0x1380/0x1380
[  573.343525]  ? print_usage_bug+0xc0/0xc0
[  573.347642]  ? print_usage_bug+0xc0/0xc0
[  573.351717]  ? print_usage_bug+0xc0/0xc0
[  573.355798]  ? __lock_acquire+0x7fc/0x5020
[  573.360051]  ? print_usage_bug+0xc0/0xc0
[  573.364127]  ? print_usage_bug+0xc0/0xc0
[  573.368436]  ? check_noncircular+0x20/0x20
[  573.372687]  ? print_usage_bug+0xc0/0xc0
[  573.376764]  ? print_usage_bug+0xc0/0xc0
[  573.380842]  ? trace_hardirqs_on+0x10/0x10
[  573.385100]  ? check_noncircular+0x20/0x20
[  573.389354]  ? __lock_acquire+0x7fc/0x5020
[  573.393612]  ? __lock_acquire+0x7fc/0x5020
[  573.397878]  ? trace_hardirqs_on+0x10/0x10
[  573.402126]  ? print_usage_bug+0xc0/0xc0
[  573.406205]  ? graph_lock+0x170/0x170
[  573.410019]  ? print_usage_bug+0xc0/0xc0
[  573.414099]  ? print_usage_bug+0xc0/0xc0
[  573.418182]  ? __lock_acquire+0x7fc/0x5020
[  573.422437]  ? __lock_acquire+0x7fc/0x5020
[  573.426691]  ? __lock_acquire+0x7fc/0x5020
[  573.430950]  ? graph_lock+0x170/0x170
[  573.434779]  ? find_held_lock+0x36/0x1c0
[  573.438863]  ? print_usage_bug+0xc0/0xc0
[  573.442949]  ? lock_downgrade+0x8f0/0x8f0
[  573.447111]  ? kasan_check_read+0x11/0x20
[  573.451279]  ? lock_release+0xa30/0xa30
[  573.455272]  ? mark_held_locks+0xc9/0x160
[  573.459444]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  573.465000]  ? iov_iter_fault_in_readable+0x23d/0x460
[  573.470213]  ? copy_page_from_iter+0x890/0x890
[  573.474874]  ? __sanitizer_cov_trace_pc+0x4d/0x50
[  573.479737]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  573.485025]  shmem_write_begin+0x110/0x1e0
[  573.489287]  generic_perform_write+0x3ae/0x6c0
[  573.493900]  ? add_page_wait_queue+0x2c0/0x2c0
[  573.498501]  ? file_update_time+0xe4/0x640
[  573.502810]  ? current_time+0x1b0/0x1b0
[  573.506819]  ? down_write+0x8f/0x130
[  573.510587]  __generic_file_write_iter+0x26e/0x630
[  573.515564]  generic_file_write_iter+0x438/0x870
[  573.520353]  ? __generic_file_write_iter+0x630/0x630
[  573.525479]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  573.531037]  ? iov_iter_init+0xc9/0x1f0
[  573.535034]  __vfs_write+0x6af/0x9d0
[  573.538774]  ? kernel_read+0x120/0x120
[  573.542688]  ? __lock_is_held+0xb5/0x140
[  573.546783]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  573.552338]  ? __sb_start_write+0x17f/0x300
[  573.556683]  vfs_write+0x1f8/0x560
[  573.560249]  ksys_pwrite64+0x181/0x1b0
[  573.564445]  ? __ia32_sys_pread64+0xf0/0xf0
[  573.568785]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  573.574342]  ? fput+0x130/0x1a0
[  573.577647]  ? do_sys_ftruncate+0x44e/0x560
[  573.581994]  __x64_sys_pwrite64+0x97/0xf0
[  573.586162]  do_syscall_64+0x1b9/0x820
[  573.590070]  ? finish_task_switch+0x1d3/0x870
[  573.594612]  ? syscall_return_slowpath+0x5e0/0x5e0
[  573.599588]  ? syscall_return_slowpath+0x31d/0x5e0
[  573.604539]  ? __switch_to_asm+0x34/0x70
[  573.608652]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  573.614035]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  573.618924]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  573.624129] RIP: 0033:0x410e27
[  573.627337] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
13:47:22 executing program 1:
r0 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000240)={<r1=>0x0, @in={{0x2, 0x4e20, @broadcast}}, [0x3, 0x40, 0x8, 0x7a8, 0x7fff, 0x9, 0x3f, 0x51, 0x9e1, 0xfffffffffffffffe, 0x5, 0x9, 0x2, 0x0, 0xfffffffffffffff7]}, &(0x7f0000000100)=0x100)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000340)={r1, @in6={{0xa, 0x4e22, 0x101, @loopback, 0x1}}, [0x0, 0x3, 0x10000, 0x3, 0x10001, 0x4, 0x100000000, 0x80, 0x6f1afaac, 0x1f, 0x8, 0x4, 0x0, 0x1, 0xfffffffffffffffb]}, &(0x7f0000000140)=0x100)
pwritev(r0, &(0x7f0000f50f90)=[{&(0x7f00001f2000)="aa", 0x1}], 0x1, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000f3eff0)="01010000000ef40000000300409d9254", 0x10)
r3 = accept4(r2, 0x0, &(0x7f0000000040), 0x0)
sendfile(r3, r0, &(0x7f0000000000), 0xff)

13:47:22 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500), 0x0, 0x10000}], 0x0, &(0x7f0000000240))

[  573.646251] RSP: 002b:00007f935cfd3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  573.653976] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 0000000000410e27
[  573.661259] RDX: 0000000000000048 RSI: 0000000020000500 RDI: 0000000000000004
[  573.668541] RBP: 0000000000000000 R08: 0000000020000218 R09: 00000000fbad8001
[  573.675858] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004
[  573.683139] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000005
13:47:22 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8006, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:22 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000002c0)=<r2=>0x0)
syz_open_procfs(r2, &(0x7f0000000300)='net/arp\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:22 executing program 4 (fault-call:0 fault-nth:6):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:22 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)="3970ff", 0x0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:22 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
listen(r0, 0x3)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendto$inet6(r1, &(0x7f0000000040)='b', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000080), 0x0, 0x1, &(0x7f0000000100)={0xa, 0x4e23, 0x7, @mcast2, 0xfffffffffffff800}, 0x1c)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

13:47:22 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
io_setup(0x6, &(0x7f0000000100)=<r1=>0x0)
close(r0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
io_submit(r1, 0x2000000000000026, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000140), 0x4000}])
getsockname$packet(0xffffffffffffff9c, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000240)={{{@in=@remote, @in=@loopback, 0x4e23, 0x4, 0x4e21, 0x101, 0x2, 0x20, 0x80, 0x11, r3, r4}, {0x8, 0x4, 0x7842, 0x2, 0xdac, 0x8000, 0x10000, 0x2}, {0x7fffffff, 0x1, 0x3, 0x8001}, 0x7, 0x6e6bb8, 0x0, 0x1, 0x3, 0x3}, {{@in6=@local, 0x4d6, 0x32}, 0xa, @in=@broadcast, 0x3505, 0x3, 0x2, 0x4, 0x5, 0x2563, 0x90000000}}, 0xe8)

[  573.965102] attempt to access beyond end of device
[  573.970156] loop6: rw=12288, want=8200, limit=64
[  573.995967] attempt to access beyond end of device
[  574.001032] loop6: rw=12288, want=12296, limit=64
[  574.028614] attempt to access beyond end of device
[  574.033776] loop6: rw=12288, want=8200, limit=64
13:47:22 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500), 0x0, 0x10000}], 0x0, &(0x7f0000000240))

[  574.075952] attempt to access beyond end of device
[  574.080993] loop6: rw=12288, want=12296, limit=64
[  574.134484] attempt to access beyond end of device
[  574.139612] loop6: rw=12288, want=8200, limit=64
[  574.145054] attempt to access beyond end of device
[  574.150077] loop6: rw=12288, want=12296, limit=64
[  574.155639] attempt to access beyond end of device
[  574.160666] loop6: rw=12288, want=8200, limit=64
[  574.169641] FAULT_INJECTION: forcing a failure.
[  574.169641] name failslab, interval 1, probability 0, space 0, times 0
[  574.180952] CPU: 1 PID: 8905 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  574.187899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  574.197264] Call Trace:
[  574.199878]  dump_stack+0x1c9/0x2b4
[  574.203527]  ? dump_stack_print_info.cold.2+0x52/0x52
[  574.208751]  ? lock_downgrade+0x8f0/0x8f0
[  574.212923]  should_fail.cold.4+0xa/0x11
[  574.217006]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  574.222134]  ? up_write+0x7b/0x220
[  574.225695]  ? up_read+0x110/0x110
[  574.229254]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  574.234809]  ? __generic_file_write_iter+0x1bd/0x630
[  574.239940]  ? find_held_lock+0x36/0x1c0
[  574.244039]  ? check_same_owner+0x340/0x340
[  574.248383]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  574.253938]  ? rcu_note_context_switch+0x730/0x730
[  574.258880]  ? lock_downgrade+0x8f0/0x8f0
[  574.263053]  __should_failslab+0x124/0x180
[  574.267318]  should_failslab+0x9/0x14
[  574.271139]  kmem_cache_alloc+0x2af/0x760
[  574.275323]  getname_flags+0xd0/0x5a0
[  574.279141]  ? __sb_end_write+0xac/0xe0
[  574.283137]  getname+0x19/0x20
[  574.286352]  do_sys_open+0x3a2/0x760
[  574.290098]  ? filp_open+0x80/0x80
[  574.293714]  ? do_sys_ftruncate+0x44e/0x560
[  574.298059]  __x64_sys_open+0x7e/0xc0
[  574.301890]  do_syscall_64+0x1b9/0x820
[  574.305805]  ? syscall_return_slowpath+0x5e0/0x5e0
[  574.310763]  ? syscall_return_slowpath+0x31d/0x5e0
[  574.315718]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  574.321123]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  574.325993]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  574.331202] RIP: 0033:0x410dc1
[  574.334433] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  574.353348] RSP: 002b:00007f935cfd3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  574.361093] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000410dc1
[  574.368377] RDX: 00007f935cfd3afa RSI: 0000000000000002 RDI: 00007f935cfd3af0
[  574.375748] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  574.383033] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[  574.390318] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000006
[  574.398672] attempt to access beyond end of device
[  574.403730] loop6: rw=12288, want=12296, limit=64
13:47:23 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x500000000000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:23 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x8f1, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:23 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x2000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:23 executing program 4 (fault-call:0 fault-nth:7):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:23 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000180)=0x10000000000062)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000140))
r2 = syz_open_pts(r0, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)

13:47:23 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000040)="0a5cc80700315f85715070")
mkdir(&(0x7f0000000300)='./control\x00', 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x2400, 0x0)
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f00000004c0)=""/4096)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000480))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0)
write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0)
dup2(r4, r3)
unlink(&(0x7f0000000140)='./control/file0\x00')
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x80000, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x400000, 0x0)
rmdir(&(0x7f0000000040)='./control\x00')
link(&(0x7f0000000080)='./control/file0\x00', &(0x7f0000000100)='./control\x00')
close(r2)

13:47:23 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ptmx\x00', 0x20000, 0x0)
ioctl(r0, 0xfffffffffffffffc, &(0x7f0000000300)="0a5cc80700315f85712cbcb2365079f8824aa214ae9b04a035837cea7c4f4f6bbfba85bcade45795ac018b68f77b42c67286944cae0e2832579e5c0f364f4b5f244a0ba8186ca905d147ff22eae7444adeb756046e8702d7683b2f076059d4cb016bb88cb0698cbc3511a2b14982bb01fd4d4c862392356cb8395e4c061fcccb07005843ae9daa8d7f6a092a2be00b42d9011a813eeb5c")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:23 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f0000000240))

13:47:23 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4126020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  574.738910] FAULT_INJECTION: forcing a failure.
[  574.738910] name failslab, interval 1, probability 0, space 0, times 0
[  574.750360] CPU: 0 PID: 8938 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  574.757321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  574.766697] Call Trace:
[  574.769322]  dump_stack+0x1c9/0x2b4
[  574.773270]  ? dump_stack_print_info.cold.2+0x52/0x52
[  574.778505]  ? __lock_acquire+0x7fc/0x5020
[  574.782825]  should_fail.cold.4+0xa/0x11
[  574.786935]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  574.792074]  ? __lock_acquire+0x7fc/0x5020
[  574.796344]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  574.801948]  ? __set_page_dirty_no_writeback+0x14a/0x290
[  574.807443]  ? do_writepages+0x1a0/0x1a0
[  574.811575]  ? print_usage_bug+0xc0/0xc0
[  574.815697]  ? trace_hardirqs_on+0x10/0x10
[  574.819972]  ? find_held_lock+0x36/0x1c0
[  574.824096]  ? check_same_owner+0x340/0x340
[  574.828462]  ? rcu_note_context_switch+0x730/0x730
[  574.833436]  __should_failslab+0x124/0x180
[  574.833461]  should_failslab+0x9/0x14
[  574.833483]  kmem_cache_alloc+0x2af/0x760
[  574.833499]  ? shmem_write_end+0x374/0x9a0
[  574.833534]  alloc_empty_file+0x11a/0x580
[  574.833591]  ? proc_nr_files+0x60/0x60
[  574.833624]  ? lock_downgrade+0x8f0/0x8f0
[  574.862343]  ? graph_lock+0x170/0x170
[  574.866174]  path_openat+0x15f/0x4c90
[  574.870002]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  574.874707]  ? graph_lock+0x170/0x170
[  574.878541]  ? path_lookupat.isra.45+0xc00/0xc00
[  574.883368]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  574.888406]  ? expand_files.part.8+0x571/0x9c0
[  574.893102]  ? find_held_lock+0x36/0x1c0
[  574.897195]  ? lock_downgrade+0x8f0/0x8f0
[  574.901362]  ? do_sys_open+0x3a2/0x760
[  574.905281]  ? kasan_check_read+0x11/0x20
[  574.909452]  ? do_raw_spin_unlock+0xa7/0x2f0
[  574.914006]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  574.918625]  ? __lock_is_held+0xb5/0x140
[  574.922746]  ? _raw_spin_unlock+0x22/0x30
[  574.926921]  ? __alloc_fd+0x34e/0x710
[  574.926935]  ? usercopy_warn+0x120/0x120
[  574.926962]  do_filp_open+0x255/0x380
[  574.926979]  ? may_open_dev+0x100/0x100
[  574.942659]  ? strncpy_from_user+0x3be/0x510
[  574.947110]  ? mpi_free.cold.1+0x19/0x19
[  574.951224]  ? get_unused_fd_flags+0x122/0x1a0
[  574.955838]  ? getname_flags+0x26e/0x5a0
[  574.959921]  ? __sb_end_write+0xac/0xe0
[  574.963927]  do_sys_open+0x584/0x760
[  574.967665]  ? filp_open+0x80/0x80
[  574.971225]  ? do_sys_ftruncate+0x44e/0x560
[  574.975597]  __x64_sys_open+0x7e/0xc0
[  574.979419]  do_syscall_64+0x1b9/0x820
[  574.983324]  ? finish_task_switch+0x1d3/0x870
[  574.987836]  ? syscall_return_slowpath+0x5e0/0x5e0
[  574.992929]  ? syscall_return_slowpath+0x31d/0x5e0
[  574.997878]  ? __switch_to_asm+0x34/0x70
[  575.001959]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  575.007343]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  575.012207]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  575.017474] RIP: 0033:0x410dc1
[  575.020685] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
13:47:23 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x48000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:23 executing program 4 (fault-call:0 fault-nth:8):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  575.039603] RSP: 002b:00007f935cfd3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[  575.047333] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000410dc1
[  575.054616] RDX: 00007f935cfd3afa RSI: 0000000000000002 RDI: 00007f935cfd3af0
[  575.061898] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  575.069181] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[  575.076523] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000007
13:47:23 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070")
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @remote}, {0x0, @remote}, 0x4, {0x2, 0x0, @dev}, "73797a5f74756e0000000300"})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000013e95), 0x4)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0xb, &(0x7f00000002c0), 0xc)
close(r3)
close(r1)

[  575.178728] attempt to access beyond end of device
[  575.183844] loop6: rw=12288, want=8200, limit=16
[  575.194648] attempt to access beyond end of device
[  575.199787] loop6: rw=12288, want=12296, limit=16
[  575.214343] attempt to access beyond end of device
[  575.219407] loop6: rw=12288, want=8200, limit=16
13:47:23 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
socket$vsock_dgram(0x28, 0x2, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  575.225235] attempt to access beyond end of device
[  575.230375] loop6: rw=12288, want=12296, limit=16
[  575.252103] attempt to access beyond end of device
[  575.257206] loop6: rw=12288, want=8200, limit=16
[  575.273099] attempt to access beyond end of device
[  575.278225] loop6: rw=12288, want=12296, limit=16
[  575.284330] attempt to access beyond end of device
[  575.289534] loop6: rw=12288, want=8200, limit=16
[  575.295343] attempt to access beyond end of device
[  575.300412] loop6: rw=12288, want=12296, limit=16
13:47:24 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f0000000240))

[  575.437698] FAULT_INJECTION: forcing a failure.
[  575.437698] name failslab, interval 1, probability 0, space 0, times 0
[  575.449217] CPU: 1 PID: 8979 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  575.456170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  575.465536] Call Trace:
[  575.468217]  dump_stack+0x1c9/0x2b4
[  575.471890]  ? dump_stack_print_info.cold.2+0x52/0x52
[  575.477134]  should_fail.cold.4+0xa/0x11
[  575.481225]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  575.486348]  ? __lock_acquire+0x7fc/0x5020
[  575.490622]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  575.496185]  ? __set_page_dirty_no_writeback+0x14a/0x290
[  575.501833]  ? do_writepages+0x1a0/0x1a0
[  575.505921]  ? print_usage_bug+0xc0/0xc0
[  575.510010]  ? trace_hardirqs_on+0x10/0x10
[  575.514282]  ? find_held_lock+0x36/0x1c0
[  575.518392]  ? check_same_owner+0x340/0x340
[  575.522742]  ? rcu_note_context_switch+0x730/0x730
[  575.527707]  __should_failslab+0x124/0x180
[  575.531979]  should_failslab+0x9/0x14
[  575.535807]  kmem_cache_alloc+0x2af/0x760
[  575.539982]  ? shmem_write_end+0x374/0x9a0
[  575.544253]  alloc_empty_file+0x11a/0x580
[  575.548429]  ? proc_nr_files+0x60/0x60
[  575.552355]  ? lock_downgrade+0x8f0/0x8f0
[  575.556534]  ? graph_lock+0x170/0x170
[  575.560393]  path_openat+0x15f/0x4c90
[  575.564752]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  575.569495]  ? graph_lock+0x170/0x170
[  575.573322]  ? path_lookupat.isra.45+0xc00/0xc00
[  575.578105]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  575.583143]  ? expand_files.part.8+0x571/0x9c0
[  575.587918]  ? find_held_lock+0x36/0x1c0
[  575.592009]  ? lock_downgrade+0x8f0/0x8f0
[  575.596175]  ? do_sys_open+0x3a2/0x760
[  575.600095]  ? kasan_check_read+0x11/0x20
[  575.604265]  ? do_raw_spin_unlock+0xa7/0x2f0
[  575.608695]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  575.613317]  ? __lock_is_held+0xb5/0x140
[  575.617426]  ? _raw_spin_unlock+0x22/0x30
[  575.621628]  ? __alloc_fd+0x34e/0x710
[  575.625448]  ? usercopy_warn+0x120/0x120
[  575.629570]  do_filp_open+0x255/0x380
[  575.633403]  ? may_open_dev+0x100/0x100
[  575.637401]  ? strncpy_from_user+0x3be/0x510
[  575.641841]  ? mpi_free.cold.1+0x19/0x19
[  575.645930]  ? get_unused_fd_flags+0x122/0x1a0
[  575.650535]  ? getname_flags+0x26e/0x5a0
[  575.654642]  ? __sb_end_write+0xac/0xe0
[  575.658641]  do_sys_open+0x584/0x760
[  575.662377]  ? filp_open+0x80/0x80
[  575.665942]  ? do_sys_ftruncate+0x44e/0x560
[  575.670286]  __x64_sys_open+0x7e/0xc0
[  575.674114]  do_syscall_64+0x1b9/0x820
[  575.678023]  ? finish_task_switch+0x1d3/0x870
[  575.682538]  ? syscall_return_slowpath+0x5e0/0x5e0
[  575.687514]  ? syscall_return_slowpath+0x31d/0x5e0
[  575.692492]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  575.697878]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  575.702747]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  575.707955] RIP: 0033:0x410dc1
[  575.711168] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  575.730086] RSP: 002b:00007f935cfd3a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
13:47:24 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8048, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  575.737815] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000410dc1
[  575.745101] RDX: 00007f935cfd3afa RSI: 0000000000000002 RDI: 00007f935cfd3af0
[  575.752386] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  575.759668] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[  575.766954] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000008
13:47:24 executing program 4 (fault-call:0 fault-nth:9):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:24 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = accept4(0xffffffffffffff9c, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f0000000100)=0x80, 0x80800)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000140)={<r1=>0x0, 0x7}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000240)={r1, 0x6, 0x4, [0x4, 0x3, 0x1e, 0x7]}, &(0x7f0000000280)=0x10)
getitimer(0x2, &(0x7f00000000c0))

13:47:24 executing program 1:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x200000000003e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @dev, [], {@ipv4={0x8864, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @remote}, @icmp=@timestamp_reply}}}}, &(0x7f0000000100))
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000780)='net/tcp\x00')
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000007c0)={0x8, 0x0, 0x860f, 0x2, 0x8, 0xc2f2, 0x7f}, 0xc)

13:47:24 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xffffff8c, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:24 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
syz_open_dev$dmmidi(&(0x7f00000002c0)='/dev/dmmidi#\x00', 0x2, 0x200000)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
readahead(r3, 0xf8c4, 0x80000000)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:24 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  576.069037] FAULT_INJECTION: forcing a failure.
[  576.069037] name failslab, interval 1, probability 0, space 0, times 0
[  576.080393] CPU: 1 PID: 9008 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  576.087350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  576.096722] Call Trace:
[  576.099354]  dump_stack+0x1c9/0x2b4
[  576.103080]  ? dump_stack_print_info.cold.2+0x52/0x52
[  576.108322]  should_fail.cold.4+0xa/0x11
[  576.112430]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  576.117608]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  576.123184]  ? refcount_inc_checked+0x29/0x70
[  576.127727]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  576.133296]  ? graph_lock+0x170/0x170
[  576.137104]  ? lo_ioctl+0x8e/0x1d90
[  576.140762]  ? find_held_lock+0x36/0x1c0
[  576.144869]  ? __lock_is_held+0xb5/0x140
[  576.148997]  ? check_same_owner+0x340/0x340
[  576.153365]  ? rcu_note_context_switch+0x730/0x730
[  576.158338]  __should_failslab+0x124/0x180
[  576.162626]  should_failslab+0x9/0x14
[  576.166473]  kmem_cache_alloc_trace+0x2cb/0x780
[  576.171181]  ? init_wait_entry+0x1c0/0x1c0
[  576.175467]  ? loop_get_status64+0x140/0x140
[  576.179919]  __kthread_create_on_node+0x13d/0x530
[  576.184806]  ? __kthread_parkme+0x1b0/0x1b0
[  576.189192]  ? __lockdep_init_map+0x105/0x590
[  576.193729]  ? __lockdep_init_map+0x105/0x590
[  576.198284]  ? loop_get_status64+0x140/0x140
[  576.202735]  kthread_create_on_node+0xb1/0xe0
[  576.207268]  ? __kthread_create_on_node+0x530/0x530
[  576.212314]  ? kasan_check_read+0x11/0x20
[  576.216498]  lo_ioctl+0x7f6/0x1d90
[  576.220096]  ? lo_rw_aio_complete+0x450/0x450
[  576.223943] attempt to access beyond end of device
[  576.224628]  blkdev_ioctl+0x9cd/0x2030
[  576.224652]  ? blkpg_ioctl+0xc40/0xc40
[  576.224678]  ? kasan_check_read+0x11/0x20
[  576.224694]  ? rcu_is_watching+0x8c/0x150
[  576.224713]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  576.224746]  ? __fget+0x4d5/0x740
[  576.224771]  ? ksys_dup3+0x690/0x690
[  576.224798]  ? kasan_check_write+0x14/0x20
[  576.224819]  ? do_raw_spin_lock+0xc1/0x200
[  576.224847]  block_ioctl+0xee/0x130
[  576.229822] loop6: rw=12288, want=8200, limit=64
[  576.233673]  ? blkdev_fallocate+0x400/0x400
[  576.233690]  do_vfs_ioctl+0x1de/0x1720
[  576.233704]  ? rcu_is_watching+0x8c/0x150
[  576.233722]  ? ioctl_preallocate+0x300/0x300
[  576.239273] attempt to access beyond end of device
[  576.241763]  ? __fget_light+0x2f7/0x440
[  576.241782]  ? fget_raw+0x20/0x20
[  576.241794]  ? putname+0xf2/0x130
[  576.241813]  ? rcu_read_lock_sched_held+0x108/0x120
[  576.241827]  ? kmem_cache_free+0x25c/0x2d0
[  576.241844]  ? putname+0xf7/0x130
[  576.241862]  ? do_sys_open+0x3cb/0x760
[  576.241886]  ? security_file_ioctl+0x94/0xc0
[  576.241905]  ksys_ioctl+0xa9/0xd0
[  576.241923]  __x64_sys_ioctl+0x73/0xb0
[  576.246104] loop6: rw=12288, want=12296, limit=64
[  576.250763]  do_syscall_64+0x1b9/0x820
[  576.250780]  ? finish_task_switch+0x1d3/0x870
[  576.250798]  ? syscall_return_slowpath+0x5e0/0x5e0
[  576.250817]  ? syscall_return_slowpath+0x31d/0x5e0
[  576.359076]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  576.364474]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  576.369350]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  576.374583] RIP: 0033:0x456ef7
[  576.377799] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  576.396722] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  576.404518] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  576.411836] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
13:47:24 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2", 0x24, 0x10000}], 0x0, &(0x7f0000000240))

[  576.419214] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  576.426498] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  576.434060] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000009
[  576.444062] attempt to access beyond end of device
[  576.449149] loop6: rw=12288, want=8200, limit=64
[  576.463458] attempt to access beyond end of device
[  576.468522] loop6: rw=12288, want=12296, limit=64
13:47:25 executing program 3:
r0 = add_key(&(0x7f0000000040)='id_resolver\x00', &(0x7f0000000080), &(0x7f0000000200)="a0", 0x1, 0xfffffffffffffffc)
keyctl$restrict_keyring(0x4, r0, &(0x7f0000000140)='encrypted\x00', &(0x7f0000000300)='\x00')
keyctl$chown(0x4, r0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/pid\x00')

13:47:25 executing program 4 (fault-call:0 fault-nth:10):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  576.543459] attempt to access beyond end of device
[  576.548581] loop6: rw=12288, want=8200, limit=64
[  576.572996] attempt to access beyond end of device
[  576.578048] loop6: rw=12288, want=12296, limit=64
13:47:25 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1a0ffffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  576.619658] f2fs_msg: 93 callbacks suppressed
[  576.619670] F2FS-fs (loop6): invalid crc value
[  576.629090] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
13:47:25 executing program 1:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/userio\x00', 0x400000, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x16)

13:47:25 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
timerfd_settime(r2, 0x1, &(0x7f00000002c0), &(0x7f0000000300))
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:25 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f0000000240))

[  576.773844] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  576.781018] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  576.799501] attempt to access beyond end of device
[  576.804705] loop6: rw=12288, want=8200, limit=64
[  576.828764] F2FS-fs (loop6): invalid crc value
[  576.832961] FAULT_INJECTION: forcing a failure.
[  576.832961] name failslab, interval 1, probability 0, space 0, times 0
[  576.844751] CPU: 0 PID: 9047 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  576.846298] attempt to access beyond end of device
[  576.851714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  576.851724] Call Trace:
[  576.851757]  dump_stack+0x1c9/0x2b4
[  576.851785]  ? dump_stack_print_info.cold.2+0x52/0x52
13:47:25 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x8912, &(0x7f00000001c0)="0a5cc80700315f85715070")
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c)
write$binfmt_aout(r1, &(0x7f0000000080)={{0x2c, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2c}}, 0x20)
setrlimit(0xd, &(0x7f0000000000)={0x93f, 0x6})

[  576.851808]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  576.851840]  should_fail.cold.4+0xa/0x11
[  576.851863]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  576.856847] loop6: rw=12288, want=12296, limit=64
[  576.866191]  ? __account_cfs_rq_runtime+0x770/0x770
[  576.866210]  ? trace_hardirqs_on+0x10/0x10
[  576.866232]  ? graph_lock+0x170/0x170
[  576.866244]  ? print_usage_bug+0xc0/0xc0
[  576.866264]  ? find_held_lock+0x36/0x1c0
[  576.866285]  ? __lock_is_held+0xb5/0x140
[  576.893783] F2FS-fs (loop6): invalid crc value
[  576.896514]  ? check_same_owner+0x340/0x340
[  576.896535]  ? graph_lock+0x170/0x170
[  576.896584]  ? rcu_note_context_switch+0x730/0x730
[  576.896608]  __should_failslab+0x124/0x180
[  576.896628]  should_failslab+0x9/0x14
[  576.901722] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
[  576.905906]  kmem_cache_alloc+0x2af/0x760
[  576.905921]  ? print_usage_bug+0xc0/0xc0
[  576.905948]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  576.967151]  __kernfs_new_node+0x127/0x8d0
[  576.971413]  ? lock_downgrade+0x8f0/0x8f0
[  576.975610]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  576.980389]  ? mark_held_locks+0xc9/0x160
[  576.984579]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  576.989299]  ? _raw_spin_unlock_irq+0x27/0x70
[  576.993817]  ? graph_lock+0x170/0x170
[  576.997638]  ? trace_hardirqs_on+0xd/0x10
[  577.001801]  ? _raw_spin_unlock_irq+0x27/0x70
[  577.006333]  ? __schedule+0x14da/0x1ec0
[  577.010334]  ? find_held_lock+0x36/0x1c0
[  577.014424]  kernfs_new_node+0x95/0x120
[  577.018421]  kernfs_create_dir_ns+0x4d/0x160
[  577.022856]  internal_create_group+0x21d/0xcd0
[  577.027465]  ? remove_files.isra.1+0x190/0x190
[  577.032063]  ? up_write+0x7b/0x220
[  577.035621]  ? up_read+0x110/0x110
[  577.039176]  ? down_read+0x1d0/0x1d0
[  577.042920]  sysfs_create_group+0x1f/0x30
[  577.047085]  lo_ioctl+0x1310/0x1d90
[  577.050740]  ? lo_rw_aio_complete+0x450/0x450
[  577.055252]  blkdev_ioctl+0x9cd/0x2030
[  577.059159]  ? blkpg_ioctl+0xc40/0xc40
[  577.063070]  ? kasan_check_read+0x11/0x20
[  577.067237]  ? rcu_is_watching+0x8c/0x150
[  577.071403]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  577.076101]  ? __fget+0x4d5/0x740
[  577.079607]  ? ksys_dup3+0x690/0x690
[  577.083345]  ? kasan_check_write+0x14/0x20
[  577.087611]  ? do_raw_spin_lock+0xc1/0x200
[  577.091871]  block_ioctl+0xee/0x130
[  577.095515]  ? blkdev_fallocate+0x400/0x400
[  577.099885]  do_vfs_ioctl+0x1de/0x1720
[  577.103794]  ? rcu_is_watching+0x8c/0x150
[  577.107971]  ? ioctl_preallocate+0x300/0x300
[  577.112397]  ? __fget_light+0x2f7/0x440
[  577.116388]  ? fget_raw+0x20/0x20
[  577.119854]  ? putname+0xf2/0x130
[  577.123436]  ? rcu_read_lock_sched_held+0x108/0x120
[  577.128470]  ? kmem_cache_free+0x25c/0x2d0
[  577.132723]  ? putname+0xf7/0x130
[  577.136196]  ? do_sys_open+0x3cb/0x760
[  577.140111]  ? security_file_ioctl+0x94/0xc0
[  577.144542]  ksys_ioctl+0xa9/0xd0
[  577.148053]  __x64_sys_ioctl+0x73/0xb0
[  577.151966]  do_syscall_64+0x1b9/0x820
[  577.155872]  ? finish_task_switch+0x1d3/0x870
[  577.160389]  ? syscall_return_slowpath+0x5e0/0x5e0
[  577.165342]  ? syscall_return_slowpath+0x31d/0x5e0
[  577.170293]  ? __switch_to_asm+0x34/0x70
[  577.174374]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  577.179760]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  577.184627]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  577.189832] RIP: 0033:0x456ef7
[  577.193046] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  577.211959] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  577.219684] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
13:47:26 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x87000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  577.226966] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  577.234248] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  577.241529] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  577.248849] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000000a
13:47:26 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8074, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:26 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x14000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:26 executing program 1:
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000040), 0xc, &(0x7f0000058000)={&(0x7f000023f000)=ANY=[@ANYBLOB="840008000000000000bd7000ffffffff0000dffc0c00000000000000000000005b659a62290ffc380c2dbfdc5e9f13e1a04810d464fbc3f4c1b4e2bf501fb1bb949869c2984d914d9f04005e4fcd4dd3050bc1700612dbc3080c91745fa158cf0d70309f7f1969136edfd73294c0356675ffff000044f2a432a15b4ce56aa166b5040d"], 0x83}}, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000289000)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f000023f000)=ANY=[@ANYBLOB="840000000000000000000000000000000000ffff"], 0x14}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000)=0xa, 0x20b)
mq_unlink(&(0x7f0000000080)='em1eth1\x00')

13:47:26 executing program 4 (fault-call:0 fault-nth:11):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  577.665071] F2FS-fs (loop6): Fix alignment : done, start(5120) end(19456) block(13312)
[  577.681745] FAULT_INJECTION: forcing a failure.
[  577.681745] name failslab, interval 1, probability 0, space 0, times 0
[  577.693046] CPU: 0 PID: 9091 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  577.700001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  577.709377] Call Trace:
[  577.712095]  dump_stack+0x1c9/0x2b4
[  577.715768]  ? dump_stack_print_info.cold.2+0x52/0x52
[  577.720996]  ? graph_lock+0x170/0x170
[  577.724839]  should_fail.cold.4+0xa/0x11
[  577.728941]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  577.728971]  ? kernfs_activate+0x8e/0x2c0
[  577.728997]  ? graph_lock+0x170/0x170
[  577.729017]  ? lock_release+0xa30/0xa30
[  577.729037]  ? check_same_owner+0x340/0x340
[  577.729067]  ? find_held_lock+0x36/0x1c0
[  577.754511]  ? __lock_is_held+0xb5/0x140
[  577.758726]  ? check_same_owner+0x340/0x340
[  577.763085]  ? rcu_note_context_switch+0x730/0x730
[  577.768049]  __should_failslab+0x124/0x180
[  577.772309]  should_failslab+0x9/0x14
[  577.776139]  kmem_cache_alloc+0x2af/0x760
[  577.780314]  ? find_held_lock+0x36/0x1c0
[  577.784416]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  577.789463]  __kernfs_new_node+0x127/0x8d0
[  577.793728]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  577.798509]  ? kasan_check_write+0x14/0x20
[  577.802770]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  577.807720]  ? __kernfs_new_node+0x692/0x8d0
[  577.812159]  ? wait_for_completion+0x8d0/0x8d0
[  577.816768]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  577.821580]  ? graph_lock+0x170/0x170
[  577.821602]  ? kasan_check_write+0x14/0x20
[  577.821625]  ? __lock_is_held+0xb5/0x140
[  577.821644]  ? wait_for_completion+0x8d0/0x8d0
[  577.821673]  ? mutex_unlock+0xd/0x10
[  577.821687]  ? kernfs_activate+0x21a/0x2c0
[  577.821704]  kernfs_new_node+0x95/0x120
[  577.850389]  __kernfs_create_file+0x5a/0x340
[  577.854854]  sysfs_add_file_mode_ns+0x221/0x520
[  577.859584]  ? component_del+0x550/0x550
13:47:26 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f0000000240))

13:47:26 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xa0008000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:26 executing program 3:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000000)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000140), &(0x7f0000000180)=0x8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f000019ffe9)={0xc1})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0xc0305302, &(0x7f000035d000)={0x80})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000080)={{}, 'port0\x00'})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0)

13:47:26 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x6800000000000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  577.863679]  internal_create_group+0x422/0xcd0
[  577.868280]  ? remove_files.isra.1+0x190/0x190
[  577.872877]  ? up_write+0x7b/0x220
[  577.876442]  ? up_read+0x110/0x110
[  577.876649] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  577.880003]  ? down_read+0x1d0/0x1d0
[  577.880034]  sysfs_create_group+0x1f/0x30
[  577.880052]  lo_ioctl+0x1310/0x1d90
[  577.880075]  ? lo_rw_aio_complete+0x450/0x450
[  577.880096]  blkdev_ioctl+0x9cd/0x2030
[  577.887147] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
13:47:26 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x8000000023)
writev(r0, &(0x7f0000e11ff0)=[{&(0x7f0000000100)="580000001400192340834b80040d8c560a02000000ff81004e227e00000058000b4824ca944f64009400050028925aa8000000000000008000f0ffffffff09000000fff5dd000000100001000b0c0900fcff0000040e05a5", 0x58}], 0x10000000000001a3)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x101100, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000080)=0x3, 0x4)

13:47:26 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000340)='/dev/null\x00', 0x4, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r4, 0x54a0)

[  577.890838]  ? blkpg_ioctl+0xc40/0xc40
[  577.890859]  ? kasan_check_read+0x11/0x20
[  577.890874]  ? rcu_is_watching+0x8c/0x150
[  577.890891]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  577.931471]  ? __fget+0x4d5/0x740
[  577.934955]  ? ksys_dup3+0x690/0x690
[  577.938698]  ? kasan_check_write+0x14/0x20
[  577.943033]  ? do_raw_spin_lock+0xc1/0x200
[  577.945592] attempt to access beyond end of device
[  577.947299]  block_ioctl+0xee/0x130
[  577.947316]  ? blkdev_fallocate+0x400/0x400
[  577.947334]  do_vfs_ioctl+0x1de/0x1720
[  577.947349]  ? rcu_is_watching+0x8c/0x150
[  577.947373]  ? ioctl_preallocate+0x300/0x300
[  577.952338] loop6: rw=12288, want=8200, limit=64
[  577.955943]  ? __fget_light+0x2f7/0x440
[  577.955960]  ? fget_raw+0x20/0x20
[  577.955972]  ? putname+0xf2/0x130
[  577.955994]  ? rcu_read_lock_sched_held+0x108/0x120
[  577.960753] attempt to access beyond end of device
[  577.964202]  ? kmem_cache_free+0x25c/0x2d0
[  577.964218]  ? putname+0xf7/0x130
[  577.964238]  ? do_sys_open+0x3cb/0x760
[  577.964262]  ? security_file_ioctl+0x94/0xc0
[  577.964280]  ksys_ioctl+0xa9/0xd0
[  577.968456] loop6: rw=12288, want=12296, limit=64
[  577.972918]  __x64_sys_ioctl+0x73/0xb0
[  577.972939]  do_syscall_64+0x1b9/0x820
[  577.972959]  ? finish_task_switch+0x1d3/0x870
[  577.978509] attempt to access beyond end of device
[  577.981701]  ? syscall_return_slowpath+0x5e0/0x5e0
[  577.981719]  ? syscall_return_slowpath+0x31d/0x5e0
[  577.981743]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  577.981765]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  577.981786]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  577.985270] loop6: rw=12288, want=8200, limit=64
[  577.988746] RIP: 0033:0x456ef7
[  577.988763] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  577.988771] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  577.994160] attempt to access beyond end of device
[  577.998806] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  577.998815] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  577.998824] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  577.998833] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  577.998842] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000000b
[  578.143154] loop6: rw=12288, want=12296, limit=64
13:47:26 executing program 4 (fault-call:0 fault-nth:12):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:26 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8060, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  578.186398] attempt to access beyond end of device
[  578.191468] loop6: rw=12288, want=8200, limit=64
[  578.202101] attempt to access beyond end of device
[  578.207155] loop6: rw=12288, want=12296, limit=64
[  578.212670] attempt to access beyond end of device
[  578.217770] loop6: rw=12288, want=8200, limit=64
[  578.223151] attempt to access beyond end of device
[  578.228214] loop6: rw=12288, want=12296, limit=64
[  578.461921] FAULT_INJECTION: forcing a failure.
[  578.461921] name failslab, interval 1, probability 0, space 0, times 0
[  578.473500] CPU: 0 PID: 9126 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  578.480495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  578.489876] Call Trace:
[  578.492509]  dump_stack+0x1c9/0x2b4
[  578.496215]  ? dump_stack_print_info.cold.2+0x52/0x52
[  578.501444]  ? __kernel_text_address+0xd/0x40
[  578.505977]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  578.511579]  should_fail.cold.4+0xa/0x11
[  578.515673]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  578.520822]  ? rcu_note_context_switch+0x730/0x730
[  578.525784]  ? graph_lock+0x170/0x170
[  578.529643]  ? find_held_lock+0x36/0x1c0
[  578.533735]  ? __lock_is_held+0xb5/0x140
[  578.537837]  ? check_same_owner+0x340/0x340
[  578.542189]  ? rcu_note_context_switch+0x730/0x730
[  578.547148]  __should_failslab+0x124/0x180
[  578.551408]  should_failslab+0x9/0x14
[  578.555336]  kmem_cache_alloc+0x2af/0x760
[  578.559508]  ? lock_downgrade+0x8f0/0x8f0
[  578.563685]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  578.568730]  __kernfs_new_node+0x127/0x8d0
[  578.572993]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  578.577776]  ? graph_lock+0x170/0x170
[  578.581623]  ? kasan_check_write+0x14/0x20
[  578.585892]  ? __lock_is_held+0xb5/0x140
[  578.589975]  ? wait_for_completion+0x8d0/0x8d0
[  578.594621]  ? mutex_unlock+0xd/0x10
[  578.598356]  ? kernfs_activate+0x21a/0x2c0
[  578.602683]  ? kernfs_walk_and_get_ns+0x340/0x340
[  578.607581]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  578.613139]  ? kernfs_link_sibling+0x1d2/0x3b0
[  578.617748]  kernfs_new_node+0x95/0x120
[  578.621752]  __kernfs_create_file+0x5a/0x340
[  578.626190]  sysfs_add_file_mode_ns+0x221/0x520
[  578.630884]  ? component_del+0x550/0x550
[  578.634973]  internal_create_group+0x422/0xcd0
[  578.639619]  ? remove_files.isra.1+0x190/0x190
[  578.644224]  ? up_write+0x7b/0x220
[  578.647795]  ? up_read+0x110/0x110
[  578.651362]  ? down_read+0x1d0/0x1d0
[  578.655111]  sysfs_create_group+0x1f/0x30
[  578.659279]  lo_ioctl+0x1310/0x1d90
[  578.662930]  ? lo_rw_aio_complete+0x450/0x450
[  578.667506]  blkdev_ioctl+0x9cd/0x2030
[  578.671416]  ? blkpg_ioctl+0xc40/0xc40
[  578.675327]  ? kasan_check_read+0x11/0x20
[  578.679491]  ? rcu_is_watching+0x8c/0x150
[  578.683658]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  578.688353]  ? __fget+0x4d5/0x740
[  578.691851]  ? ksys_dup3+0x690/0x690
[  578.695611]  ? kasan_check_write+0x14/0x20
[  578.700011]  ? do_raw_spin_lock+0xc1/0x200
[  578.704275]  block_ioctl+0xee/0x130
[  578.707919]  ? blkdev_fallocate+0x400/0x400
[  578.712262]  do_vfs_ioctl+0x1de/0x1720
[  578.716167]  ? rcu_is_watching+0x8c/0x150
[  578.720337]  ? ioctl_preallocate+0x300/0x300
[  578.724767]  ? __fget_light+0x2f7/0x440
[  578.728763]  ? fget_raw+0x20/0x20
[  578.732232]  ? putname+0xf2/0x130
[  578.735710]  ? rcu_read_lock_sched_held+0x108/0x120
[  578.740744]  ? kmem_cache_free+0x25c/0x2d0
[  578.744996]  ? putname+0xf7/0x130
[  578.748532]  ? do_sys_open+0x3cb/0x760
[  578.752477]  ? security_file_ioctl+0x94/0xc0
[  578.756910]  ksys_ioctl+0xa9/0xd0
[  578.760388]  __x64_sys_ioctl+0x73/0xb0
[  578.764297]  do_syscall_64+0x1b9/0x820
[  578.768207]  ? syscall_return_slowpath+0x5e0/0x5e0
[  578.773155]  ? syscall_return_slowpath+0x31d/0x5e0
[  578.778105]  ? __switch_to_asm+0x34/0x70
[  578.782187]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  578.787665]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  578.792533]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  578.797769] RIP: 0033:0x456ef7
[  578.800980] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  578.819897] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  578.827625] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  578.834905] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  578.842188] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  578.849468] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  578.856751] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000000c
13:47:27 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x0, 0x6})

13:47:27 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xfdffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:27 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000", 0x36, 0x10000}], 0x0, &(0x7f0000000240))

13:47:27 executing program 4 (fault-call:0 fault-nth:13):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  579.010503] attempt to access beyond end of device
[  579.015863] loop6: rw=12288, want=8200, limit=64
[  579.045008] attempt to access beyond end of device
[  579.050200] loop6: rw=12288, want=12296, limit=64
13:47:27 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$VT_WAITACTIVE(r3, 0x5607)

13:47:27 executing program 3:
r0 = socket$key(0xf, 0x3, 0x2)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x200000, 0x0)
name_to_handle_at(r1, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="2c001516580700000000000000e423c81a66f93f418d7535a4b6efe2d4c0c5fc947cba0d4800000033a7c216"], &(0x7f00000001c0), 0x1400)
sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02de71549a92d7358badb14bef000000"], 0xfffffffffffffd75}}, 0x0)
r2 = dup(r0)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000117, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f0000000000)={'vlan0\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x6}}})

13:47:27 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x7000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  579.079643] attempt to access beyond end of device
[  579.084748] loop6: rw=12288, want=8200, limit=64
[  579.090613] attempt to access beyond end of device
[  579.095918] loop6: rw=12288, want=12296, limit=64
[  579.147417] attempt to access beyond end of device
[  579.152918] loop6: rw=12288, want=8200, limit=64
[  579.167624] attempt to access beyond end of device
[  579.172761] loop6: rw=12288, want=12296, limit=64
[  579.178543] attempt to access beyond end of device
[  579.184046] loop6: rw=12288, want=8200, limit=64
[  579.190663] attempt to access beyond end of device
13:47:27 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x800a, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  579.196047] loop6: rw=12288, want=12296, limit=64
[  579.360374] FAULT_INJECTION: forcing a failure.
[  579.360374] name failslab, interval 1, probability 0, space 0, times 0
[  579.371733] CPU: 1 PID: 9166 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  579.378692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  579.388086] Call Trace:
[  579.390729]  dump_stack+0x1c9/0x2b4
[  579.394402]  ? dump_stack_print_info.cold.2+0x52/0x52
[  579.399633]  ? __kernel_text_address+0xd/0x40
[  579.404174]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  579.409763]  should_fail.cold.4+0xa/0x11
[  579.413869]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  579.419025]  ? rcu_note_context_switch+0x730/0x730
[  579.423996]  ? graph_lock+0x170/0x170
[  579.427848]  ? find_held_lock+0x36/0x1c0
[  579.431960]  ? __lock_is_held+0xb5/0x140
[  579.436095]  ? check_same_owner+0x340/0x340
[  579.440465]  ? rcu_note_context_switch+0x730/0x730
[  579.445443]  __should_failslab+0x124/0x180
[  579.449712]  should_failslab+0x9/0x14
[  579.453546]  kmem_cache_alloc+0x2af/0x760
[  579.457750]  ? lock_downgrade+0x8f0/0x8f0
[  579.461998]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  579.467047]  __kernfs_new_node+0x127/0x8d0
[  579.471313]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  579.476100]  ? graph_lock+0x170/0x170
[  579.479928]  ? kasan_check_write+0x14/0x20
[  579.484194]  ? __lock_is_held+0xb5/0x140
[  579.488278]  ? wait_for_completion+0x8d0/0x8d0
[  579.492898]  ? mutex_unlock+0xd/0x10
[  579.496638]  ? kernfs_activate+0x21a/0x2c0
[  579.500952]  ? kernfs_walk_and_get_ns+0x340/0x340
[  579.505825]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  579.511474]  ? kernfs_link_sibling+0x1d2/0x3b0
[  579.516091]  kernfs_new_node+0x95/0x120
[  579.520102]  __kernfs_create_file+0x5a/0x340
[  579.524543]  sysfs_add_file_mode_ns+0x221/0x520
[  579.529318]  ? component_del+0x550/0x550
[  579.533407]  internal_create_group+0x422/0xcd0
[  579.538019]  ? remove_files.isra.1+0x190/0x190
[  579.542622]  ? up_write+0x7b/0x220
[  579.546179]  ? up_read+0x110/0x110
[  579.549742]  ? down_read+0x1d0/0x1d0
[  579.553491]  sysfs_create_group+0x1f/0x30
[  579.557660]  lo_ioctl+0x1310/0x1d90
[  579.561699]  ? lo_rw_aio_complete+0x450/0x450
[  579.566209]  blkdev_ioctl+0x9cd/0x2030
[  579.570112]  ? blkpg_ioctl+0xc40/0xc40
[  579.574013]  ? kasan_check_read+0x11/0x20
[  579.578169]  ? rcu_is_watching+0x8c/0x150
[  579.582326]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  579.587008]  ? __fget+0x4d5/0x740
[  579.590472]  ? ksys_dup3+0x690/0x690
[  579.594194]  ? kasan_check_write+0x14/0x20
[  579.598432]  ? do_raw_spin_lock+0xc1/0x200
[  579.602678]  block_ioctl+0xee/0x130
[  579.606315]  ? blkdev_fallocate+0x400/0x400
[  579.610643]  do_vfs_ioctl+0x1de/0x1720
[  579.614537]  ? rcu_is_watching+0x8c/0x150
[  579.618703]  ? ioctl_preallocate+0x300/0x300
[  579.623119]  ? __fget_light+0x2f7/0x440
[  579.627101]  ? fget_raw+0x20/0x20
[  579.630566]  ? putname+0xf2/0x130
[  579.634026]  ? rcu_read_lock_sched_held+0x108/0x120
[  579.639049]  ? kmem_cache_free+0x25c/0x2d0
[  579.643296]  ? putname+0xf7/0x130
[  579.646761]  ? do_sys_open+0x3cb/0x760
[  579.650661]  ? security_file_ioctl+0x94/0xc0
[  579.655086]  ksys_ioctl+0xa9/0xd0
[  579.658558]  __x64_sys_ioctl+0x73/0xb0
[  579.662459]  do_syscall_64+0x1b9/0x820
[  579.666355]  ? finish_task_switch+0x1d3/0x870
[  579.670857]  ? syscall_return_slowpath+0x5e0/0x5e0
[  579.675793]  ? syscall_return_slowpath+0x31d/0x5e0
[  579.680732]  ? __switch_to_asm+0x34/0x70
[  579.684802]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  579.690181]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  579.695034]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  579.700223] RIP: 0033:0x456ef7
[  579.703424] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  579.722324] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  579.730046] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  579.737349] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  579.744636] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  579.751905] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
13:47:28 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xe4ffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:28 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ff", 0x3f, 0x10000}], 0x0, &(0x7f0000000240))

[  579.759174] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000000d
13:47:28 executing program 1:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x800, 0x0)
sendto$inet(r0, &(0x7f0000000100)="0accb25a4462d6c845def158c15067030b9f77a57b03f69d0a64917befe94f0b4a1d0864c80c822f23c8897ad09a94a13afc4b38061e862d23ccb26205df50c09fef416a2e3cddc96541ef57a00a3391d75aead140203e68f973e3fe52db880ebc9221048701d57bc49cda8399b6f66191d1eb93dbed36cb0b78a56aebbb71618a5df67777044ac5f09e3e70515e9b90b6", 0x91, 0x4000, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
close(0xffffffffffffffff)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0)
poll(&(0x7f00000002c0)=[{r2}], 0x1, 0x100)

13:47:28 executing program 3:
r0 = socket$inet6(0xa, 0x80806, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070")
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3000002, 0x32, 0xffffffffffffffff, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000280))

[  579.896292] attempt to access beyond end of device
[  579.901484] loop6: rw=12288, want=8200, limit=64
13:47:28 executing program 4 (fault-call:0 fault-nth:14):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  579.958180] attempt to access beyond end of device
[  579.963342] loop6: rw=12288, want=12296, limit=64
[  579.976665] attempt to access beyond end of device
[  579.981709] loop6: rw=12288, want=8200, limit=64
[  580.053727] attempt to access beyond end of device
[  580.058830] loop6: rw=12288, want=12296, limit=64
13:47:28 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ff", 0x3f, 0x10000}], 0x0, &(0x7f0000000240))

13:47:28 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xf5ffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:28 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
tee(r0, r1, 0x4f, 0x8)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x0, &(0x7f0000000340)=[@dstype3={0x7, 0xd}, @vmwrite={0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1000}], 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000000, 0x50, r1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  580.153735] attempt to access beyond end of device
[  580.158958] loop6: rw=12288, want=8200, limit=64
[  580.172982] attempt to access beyond end of device
[  580.178042] loop6: rw=12288, want=12296, limit=64
[  580.195607] attempt to access beyond end of device
13:47:28 executing program 3:
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x24)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000180)=0xc)
ioctl$TUNSETGROUP(r0, 0x400454ce, r1)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x22)
ioctl$BLKRRPART(r2, 0x125f, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0xc0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x1000000000b)
acct(&(0x7f0000000000)='./file0\x00')
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r2, 0x40045730, &(0x7f0000000040)=0x7f)

13:47:28 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:28 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x806c, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  580.200650] loop6: rw=12288, want=8200, limit=64
[  580.210614] attempt to access beyond end of device
[  580.215738] loop6: rw=12288, want=12296, limit=64
[  580.257224] FAULT_INJECTION: forcing a failure.
[  580.257224] name failslab, interval 1, probability 0, space 0, times 0
[  580.268595] CPU: 0 PID: 9214 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  580.275537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  580.284918] Call Trace:
[  580.287577]  dump_stack+0x1c9/0x2b4
[  580.291232]  ? dump_stack_print_info.cold.2+0x52/0x52
[  580.296416]  ? __kernel_text_address+0xd/0x40
[  580.300936]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  580.306471]  should_fail.cold.4+0xa/0x11
[  580.310594]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  580.315713]  ? rcu_note_context_switch+0x730/0x730
[  580.320646]  ? graph_lock+0x170/0x170
[  580.324470]  ? find_held_lock+0x36/0x1c0
[  580.328543]  ? __lock_is_held+0xb5/0x140
[  580.332638]  ? check_same_owner+0x340/0x340
[  580.336953]  ? rcu_note_context_switch+0x730/0x730
[  580.341883]  __should_failslab+0x124/0x180
[  580.346125]  should_failslab+0x9/0x14
[  580.349952]  kmem_cache_alloc+0x2af/0x760
[  580.354093]  ? lock_downgrade+0x8f0/0x8f0
[  580.358251]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  580.363288]  __kernfs_new_node+0x127/0x8d0
[  580.367517]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  580.372268]  ? graph_lock+0x170/0x170
[  580.376083]  ? kasan_check_write+0x14/0x20
[  580.380323]  ? __lock_is_held+0xb5/0x140
[  580.384376]  ? wait_for_completion+0x8d0/0x8d0
[  580.388962]  ? mutex_unlock+0xd/0x10
[  580.392675]  ? kernfs_activate+0x21a/0x2c0
[  580.396921]  ? kernfs_walk_and_get_ns+0x340/0x340
[  580.401762]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  580.407328]  ? kernfs_link_sibling+0x1d2/0x3b0
[  580.411925]  kernfs_new_node+0x95/0x120
[  580.415931]  __kernfs_create_file+0x5a/0x340
[  580.420371]  sysfs_add_file_mode_ns+0x221/0x520
[  580.425044]  ? component_del+0x550/0x550
[  580.429103]  internal_create_group+0x422/0xcd0
[  580.433687]  ? remove_files.isra.1+0x190/0x190
[  580.438275]  ? up_write+0x7b/0x220
[  580.441814]  ? up_read+0x110/0x110
[  580.445347]  ? down_read+0x1d0/0x1d0
[  580.449084]  sysfs_create_group+0x1f/0x30
[  580.453224]  lo_ioctl+0x1310/0x1d90
[  580.456856]  ? lo_rw_aio_complete+0x450/0x450
[  580.461363]  blkdev_ioctl+0x9cd/0x2030
[  580.465292]  ? blkpg_ioctl+0xc40/0xc40
[  580.469178]  ? kasan_check_read+0x11/0x20
[  580.473314]  ? rcu_is_watching+0x8c/0x150
[  580.477452]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  580.482147]  ? __fget+0x4d5/0x740
[  580.485599]  ? ksys_dup3+0x690/0x690
[  580.489313]  ? kasan_check_write+0x14/0x20
[  580.493601]  ? do_raw_spin_lock+0xc1/0x200
[  580.497846]  block_ioctl+0xee/0x130
[  580.501472]  ? blkdev_fallocate+0x400/0x400
[  580.505793]  do_vfs_ioctl+0x1de/0x1720
[  580.509714]  ? rcu_is_watching+0x8c/0x150
[  580.513901]  ? ioctl_preallocate+0x300/0x300
[  580.518315]  ? __fget_light+0x2f7/0x440
[  580.522281]  ? fget_raw+0x20/0x20
[  580.525739]  ? putname+0xf2/0x130
[  580.529213]  ? rcu_read_lock_sched_held+0x108/0x120
[  580.534221]  ? kmem_cache_free+0x25c/0x2d0
[  580.538448]  ? putname+0xf7/0x130
[  580.541906]  ? do_sys_open+0x3cb/0x760
[  580.545802]  ? security_file_ioctl+0x94/0xc0
[  580.550222]  ksys_ioctl+0xa9/0xd0
[  580.553671]  __x64_sys_ioctl+0x73/0xb0
[  580.557560]  do_syscall_64+0x1b9/0x820
[  580.561440]  ? finish_task_switch+0x1d3/0x870
[  580.565928]  ? syscall_return_slowpath+0x5e0/0x5e0
[  580.570849]  ? syscall_return_slowpath+0x31d/0x5e0
[  580.575771]  ? __switch_to_asm+0x34/0x70
[  580.579837]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  580.585195]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  580.590027]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  580.595203] RIP: 0033:0x456ef7
[  580.598383] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  580.617283] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  580.624993] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  580.632258] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  580.639522] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  580.646815] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  580.654087] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000000e
13:47:29 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000200), 0xc, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x34, 0x10, 0x29, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_IFNAME={0x14, 0x3, '/pq0\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x20000, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000780)=ANY=[@ANYBLOB="030000669a09d511b205d58923c527e57a7da775203438949f88134f182f8a89a79e43301ae61ce99dacbfde8f1804cdff0b867b5b7a29c4751278d37ff2b58810f2dd217e29647ca53ef34640cbb65a51b3f2f6ba504b077eb1f46c23ca7a7b7a15315ff39b992a06292c8c3b98972f34f2f11b255c02328276ae4b404322002c01d9d6c1fa364dc21a8cbdf51e557e19ed290680757ab6cda9c4dd6dc662412e5db6d60a81b1c2c303f8841de4883829e088028093cf78803568b4261c6fc95d1fe4578ee73de8b429250d8d8276bc279b98d5570ce05807f15be09d41ac30f2f9c345ad82b8f030fff16ff916c5f05dbf37bbb229daa53fb58c25f4cd8aafc3175fecd171a4334b4ecebedb26e95c7b63394878f719bcd5e5fcc95f6cb5", @ANYBLOB="9f52a8a4fdf12ef6b6036b9823388f9405c349fa6048c1fdbfc9bbb036772799cab82114e18735430626ffaea6ccf77c0dbf50ae9c080ce05effcbe32ebad9de0db6d4cc8e356337f8", @ANYRES32=0x0, @ANYRES64=r2], &(0x7f0000000100)=0x4)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r2, 0xc0505350, &(0x7f0000000240)={{0x400, 0xffffffffffffb9bd}, {0x0, 0x81}, 0x7ff, 0x7, 0x8})

13:47:29 executing program 4 (fault-call:0 fault-nth:15):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:29 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ff", 0x3f, 0x10000}], 0x0, &(0x7f0000000240))

13:47:29 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1fffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:29 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f00000002c0), &(0x7f0000000300)=0x30)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  580.993852] Process accounting resumed
13:47:29 executing program 1:
r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff)
ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f00000000c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x40080, 0x0)
r3 = dup2(r2, r2)
sendmsg$netlink(r3, &(0x7f0000028fc8)={0x0, 0x0, &(0x7f0000000a40), 0x0, &(0x7f0000000040)=[@rights={0x18, 0x1, 0x1, [r1]}], 0x18}, 0x0)

[  581.025467] Process accounting resumed
[  581.043659] attempt to access beyond end of device
[  581.048743] loop6: rw=12288, want=8200, limit=64
13:47:29 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(r0, &(0x7f0000000280)={&(0x7f0000000080), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=@ipv6_newaddr={0x40, 0x14, 0x835, 0x0, 0x0, {}, [@IFA_ADDRESS={0x14}, @IFA_LOCAL={0x14}]}, 0x40}}, 0x0)

[  581.098518] attempt to access beyond end of device
[  581.103771] loop6: rw=12288, want=12296, limit=64
[  581.125628] attempt to access beyond end of device
[  581.130746] loop6: rw=12288, want=8200, limit=64
[  581.135894] attempt to access beyond end of device
[  581.140961] loop6: rw=12288, want=12296, limit=64
[  581.179892] FAULT_INJECTION: forcing a failure.
[  581.179892] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  581.185465] attempt to access beyond end of device
[  581.191737] CPU: 0 PID: 9259 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  581.191749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  581.191755] Call Trace:
[  581.191789]  dump_stack+0x1c9/0x2b4
[  581.191819]  ? dump_stack_print_info.cold.2+0x52/0x52
[  581.196763] loop6: rw=12288, want=8200, limit=64
13:47:29 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x40000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  581.203677]  ? print_usage_bug+0xc0/0xc0
[  581.203706]  should_fail.cold.4+0xa/0x11
[  581.203730]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  581.239043] attempt to access beyond end of device
[  581.242370]  ? lock_downgrade+0x8f0/0x8f0
[  581.242396]  ? trace_hardirqs_on+0x10/0x10
[  581.242415]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  581.242431]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  581.242452]  ? delete_node+0x311/0xce0
[  581.247397] loop6: rw=12288, want=12296, limit=64
[  581.251521]  ? graph_lock+0x170/0x170
[  581.251539]  ? idr_destroy+0x1c0/0x1c0
[  581.251568]  ? radix_tree_clear_tags+0xc0/0xc0
[  581.257436] attempt to access beyond end of device
[  581.261345]  ? __kernel_text_address+0xd/0x40
[  581.261363]  ? replace_slot+0x153/0x500
[  581.261386]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  581.261402]  ? should_fail+0x246/0xd86
[  581.261423]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  581.266993] loop6: rw=12288, want=8200, limit=64
[  581.270863]  __alloc_pages_nodemask+0x36e/0xdb0
[  581.270887]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  581.270911]  ? find_held_lock+0x36/0x1c0
[  581.276237] attempt to access beyond end of device
[  581.279533]  ? __lock_is_held+0xb5/0x140
[  581.279583]  ? check_same_owner+0x340/0x340
[  581.279607]  cache_grow_begin+0x91/0x710
[  581.279632]  kmem_cache_alloc+0x689/0x760
[  581.283527] loop6: rw=12288, want=12296, limit=64
[  581.288109]  __kernfs_new_node+0x127/0x8d0
[  581.288127]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  581.288144]  ? graph_lock+0x170/0x170
[  581.373468]  ? kasan_check_write+0x14/0x20
[  581.377723]  ? __lock_is_held+0xb5/0x140
[  581.381793]  ? wait_for_completion+0x8d0/0x8d0
[  581.386394]  ? mutex_unlock+0xd/0x10
[  581.390128]  ? kernfs_activate+0x21a/0x2c0
[  581.394381]  ? kernfs_walk_and_get_ns+0x340/0x340
[  581.399232]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  581.404772]  ? kernfs_link_sibling+0x1d2/0x3b0
[  581.409366]  kernfs_new_node+0x95/0x120
[  581.413351]  __kernfs_create_file+0x5a/0x340
[  581.417773]  sysfs_add_file_mode_ns+0x221/0x520
[  581.422450]  ? component_del+0x550/0x550
[  581.426520]  internal_create_group+0x422/0xcd0
[  581.431125]  ? remove_files.isra.1+0x190/0x190
[  581.435709]  ? up_write+0x7b/0x220
[  581.439254]  ? up_read+0x110/0x110
[  581.442801]  ? down_read+0x1d0/0x1d0
[  581.446534]  sysfs_create_group+0x1f/0x30
[  581.450699]  lo_ioctl+0x1310/0x1d90
[  581.454343]  ? lo_rw_aio_complete+0x450/0x450
[  581.458844]  blkdev_ioctl+0x9cd/0x2030
[  581.462740]  ? blkpg_ioctl+0xc40/0xc40
[  581.466639]  ? kasan_check_read+0x11/0x20
[  581.470791]  ? rcu_is_watching+0x8c/0x150
[  581.474947]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  581.479631]  ? __fget+0x4d5/0x740
[  581.483091]  ? ksys_dup3+0x690/0x690
[  581.486813]  ? kasan_check_write+0x14/0x20
[  581.491057]  ? do_raw_spin_lock+0xc1/0x200
[  581.495304]  block_ioctl+0xee/0x130
[  581.498933]  ? blkdev_fallocate+0x400/0x400
[  581.503261]  do_vfs_ioctl+0x1de/0x1720
[  581.507154]  ? rcu_is_watching+0x8c/0x150
[  581.511309]  ? ioctl_preallocate+0x300/0x300
[  581.515723]  ? __fget_light+0x2f7/0x440
[  581.520192]  ? fget_raw+0x20/0x20
[  581.523649]  ? putname+0xf2/0x130
[  581.527110]  ? rcu_read_lock_sched_held+0x108/0x120
[  581.532143]  ? kmem_cache_free+0x25c/0x2d0
[  581.536398]  ? putname+0xf7/0x130
[  581.539858]  ? do_sys_open+0x3cb/0x760
[  581.543757]  ? security_file_ioctl+0x94/0xc0
[  581.548176]  ksys_ioctl+0xa9/0xd0
[  581.551638]  __x64_sys_ioctl+0x73/0xb0
[  581.555533]  do_syscall_64+0x1b9/0x820
[  581.559461]  ? finish_task_switch+0x1d3/0x870
[  581.564173]  ? syscall_return_slowpath+0x5e0/0x5e0
[  581.569108]  ? syscall_return_slowpath+0x31d/0x5e0
[  581.574062]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  581.579460]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  581.584312]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  581.589503] RIP: 0033:0x456ef7
[  581.592707] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  581.611619] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  581.619330] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
13:47:30 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x4ab, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  581.626601] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  581.633869] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  581.641138] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  581.648410] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000000f
13:47:30 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f424852", 0x44, 0x10000}], 0x0, &(0x7f0000000240))

13:47:30 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4426020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:30 executing program 4 (fault-call:0 fault-nth:16):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:30 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000040)="0a5cc80700315f85715070")
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x0, 0x0)
ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000140)={0x0, 0x1000, &(0x7f00000003c0)="59a3a0e9a5076c93f158cc768b0243148499e8ef9cc5787207d608e0cf0d5562a7702a91beedc706d1001907fd0b8bb18e206b86ea689119783e1adb7ca95bd71bcca38b05239dfac82b4464a063af8699458fe85299423383ddddfb743d7255f3e0b2e6a83377401ec316b079b010dfcf3007f4da00a992455a6b5c22171fb0ad88faf5b598a4fd0c366519b5c34cd2d51f5349317219b7306d71faf98ae1c8ded5b75666167bd9b7c7b6b6eca1509862e6f24f4d98853483b684b04ea93ed0c24933b9ed941888df53e6af4da9578eeb3c80b552d20155ca7ddb589516a54783519b707753e0e37d88a488bc0d81dcc5030df6c788b4037222a0a69e5db2d417602345c372e0482e5adf4daffd5a2a82b5843d2a52375e8db49e79f844f373147608e20661b5d6323e91ba09aab3941734951f5f499d8b1e30edea79a23fd7ff5cdf46cbd3c50c7db18792d3956631bd189503f8bb9c5799bb50d896945bb19b6ad7d48da441c924ffff5cb6cd0fd1cc80ca178ae9dd92dea819ac1bf6069dabce07206cc3ee5e048293e39d131602b68cce3e02975c014365504e6dc133cdedabf9190c73406e8438038507d2d883887d3d1f164ce38bfc7186177bc4f2d0abe99c287e6463cb6d80e40136d4509e9e2bd333c6bb6c5dfcdce44cf8edfcff32e82dafab09d66dededb66aed9bdaee41e4995c6d361c9b93b300cb2186c5a2f1a78b4339cdafb4b118ef9822ab1d0283b3692f262171ab2b5c14b92cbdb32ef610ebe77523f5c8e2586378036733aeb08d0de2c8d89808bd4f6cc4e536cf1ec46aff2b668b6fde0588e2c9b398907aecb79ddc6aec6687167355a494f625c0d45d013a0a644f8db06531dbdbd9a9e04a84597399061648a02ddfce6a0b2fb741f711880551f0ae92f8af17b8a7a794bd1755f289fedc669d1f5e0f8df9eb32ce5917d461a092252c88c9f1b21d47cc127d934cb34fa6c44c623377c37a27cc633b64e5528e8c014e1321ffc88ca4c200b3de762928f6a826d8dc06185684fd27982088cc6ab8789462f69a1044c0d21e85325f21c5c006da5fe7b0f4cf64b8c4f93b0073e90fd4634a6aec6c721e2788e4f6d9dbbf01336a36c93e41617cdf4bb66d56c43fa951ff110c6162834c9e6b76c63dba7678bf46bdb0f88ea8aeb7ff4bfd8435a8bb159062d728d166139422d260c6b31b8ee201a62f8027656da8db0ffd604e4a3495e1f6c005a1ef21a775589b2c8d42c3dc424fdf291fce4dbe5653675fd54fdc498732e7e8781da046ebd71770d2a3dd0edf80e228b9f87ea7f19d5e20c54f0a5a1824b232a4f32aa84a645c108ffef72be07c6060850ecfe337ea5121f0f418cbc34bbfe945d34bf44c2e53eecf30206baa68bf3df5ce29509108d44b391786fb2ab9bc7a1a2f583a8af6d72320286bfcdee4b0635b4312ad7d179f3ed26234453fdee5ef82cc52ec360118524d56740c45e961e6b15f42ca11250c753e3e8a6fb34f37ff1292001a0b1eea3412309ca62ee45e044e5f837f879826724691e366acfd289e946897f09b99a86bbb52444ec9912df9af9709053bae159a9363cf40faf03e522c4468f05b453f2382c0f660f2f6afecc2541e17b86040104f820ba634a5c7e291537dfd4b64352f386d579a98f3f6cd1f473b64b1ea037dfc4182e297c14a96c14a736b5f8e79c80c2bd621cd6dc94728c9b3fe054b9f6774de8ca89111583b392fef1a67915deb27073cb9f8a31a2af5748a8dec5db75840bfdeb363598078e49c62e767e6fa5e49167d241a89c94a7305612794a1ca39c3b24e9884a7d56381a30f242b1164528d792681a77356a869aa99b6279ae66be0d958c31f67e829725622437df09c359d35e6b04890565056978f27b22ba7b69ecba93008247e6e490e31a105baf748370798bec693ae1c6df9205ce9d69a1b54ca26a798337d9a6bcebf92e93287f15a95963a76c42e80b4a824b4a6c99c03632c11f671fe5712700ff3898e7e9efb87c8415163e59e558b400a7c4849e86ad8f382e8fc701bc73332dc5e3712b1b6998b238388c74271fc2ef24e7a5cefc81241c1b8178d726a3649712957a1782ca937bacef7703b780a87ed456dcff1323b0450c3ebe08c934795bb756403ce89fc1dcebe334682397063445384c506bfad54709648cdbb6d3e9eadab8bf1b15937bbde2e14e4085b715086470f7d325446a644eacd675d9b7bb59ee5e47a89b59b0045022cdfa4def79ca6b34b513bd64d2430116a050b7080aed2191d8a4ec7df0ac78715b987dab25bbcaeb9a4f8caaa6b4cd79cab8330e9bfe5575d0229e772c9d76b91fa192ff9ae98d0b7f5a7c630e4054a8aadc34112b4c32fd291fdae34ffd23fdad002a671f38e7b22b4f0e48c6b2fed4f8c8333be2330a516f0b4a3bd1c414c792969cb5f3d37170c4dad441a69cb1e74c7196eb6641e4e93ba80728908a1b3aec77a35bf5561298998b1c7aeb4deee74be53cccb878439aaa3fe299f939ee9b6e2adabdb83fa6c606781caca7e0065807ddc4484e3cea3e2fe8e13eb84753e031114e437f29db3f72a582638c4636f406c20428a606aeed86c685a5c825f3d8ee791521006428a439bd3c9757ab3a95cac57897b5a830e9946af84eccb484b9b334f7f76e1d566bbe8c3127a2da24b2feb1c097dc280e7bf1df78643d1ecf44bf353ecdb82760df1446d09c1ca8df6d27a248c851cf115c1532b45fb17954edae0fe1ad8a2dc765b7a479c79dd2fda63583f4cb5a294933519fd27eb2529f581fda9f02cdf7f1a7cb10c096ee3c4da7ff7c3d5991ecf2049943e07dab0a341e2a348cd17db18c5172fbde39e9afe13b106d9ea44b2dff0a727933990ef0642d31214df0cd504cd82920ed71c227b9b59d2aae1deb7e1317e111e1a55ee02892dc2eed97276324900d2c7a054ac3c8dcb767c4b2ea81bf4546f56025ef3925ae07be42ac978a6d8bdc99fa35ead464b1d1a7bd9e8cb7ba78e1124d0e74338e6efdee6c7ecbfae08d4a0055cd85d61911856a08e1d238d61586d42fbcd585bb72f37468e5903098f64f2723d2c87bcb95ba88ecfa179685a887afa090906ccb9d577581c282ccf3d67fc2a78692c29ff53e6517ec8aabcfa00aa4226a641654493eb32f1a871504e382ee4a79338fdc6a0042e93b01136dd1da5987ed3454f56d59927bd8332ee8716f15a6eebdffa2defa6e45b82db0aeb5714def2e370dad9e3b4ac4addd22e01a5980c20a4bfdd55ce5745d3023d7b1bbe3736cbf45e6ef5c4c29d091e16cfed7f2b563883210d76504631a53e91c5c503814450a9f660ea5545ab3ba090d2a48c063705b63ce106193347afb14eb1507bbcf23f36fd96fd2dcbc5565de337dc0f0fdcef4fe7a9b963cc236aaabb62910762b3f1e04e9b64a32c3ad880bad7858bb1937abf30c89c235079d1eec4f2e1fccd4dcec08cc54aa1edfb9fd5e404abf65c446f83bcaf29662c00d476ab3a698316811643b277c433a365c7609e1178e2c3bcbc54498c9530b0f4b0b32859106c2fb42779802c48b9f4f10915261f28228aaf5949603c22d0f926acda7547b0db42365586812dd50eedc0bdfd5e5166669eb157d0124b3e31230062ec7266631ba2c0f845ceb55f53774771b38258f7ccca41a4afb838eeed88983727ed371981bd3331e92762ef19991449805757dcf5c165e2eaa80911f12e30efee80807acc203fc8f5bd7eb5192d135485b61b34e389930e62b298f0cfd7aca40e3e15b6ee2e2a32de5170d67b52a595e1dc046363ce03089e1ddc67da1f7868819baf2bf5e2b3f26d518ba817087a4349959cafab9c71ac7c06d7e3651cc7e36a518b92bc1b2c2bb3bca39f084cf4ed9325b40e0a89735974a543901ad43182ebee0069e524be8a15af00bccc763e4eb3bcb8be03de6ce1af363a87f048c493827e81a7a31d93b860161a119929154ed9a9b3aeac05bba082af8081bb5f6c8967ba585110a8c557983557df2a6414a8d43dc19f92ff4a533042945663810af783e960759d644914e9fe0e0e8814461c6916744e0adc2c1e11e4555196fef496248b42aef1d3b34853c581edc69d790dc21c822612d941e388d2134c0c5f01169200d1da6c1955886cd1a85db36de0cabbdd2c94e24467ad53ebc8c11dadf8e327a6a208e4a71eacfefe0831ad865a18f853403b322de76a2e4f58a4dc5fb82c91fbe6186c9ddca7aa120405ae2b7324c6a22e9aa1990b7c125c75076b2bb79ea8f6b6bb71bd7b53a8100ae6bd55acb13dc2738b1a799f7dbbdd4b240c46482d12a59eb58b51ad2d6d7481db75ece79a7787297804e78d1775103f803e9afd8cfa131337c52d1cff52fa73b3252127cc2879323b15cd6419a025cb87901e14c7d12d4e2dce4627c4d35c8b4e4b558b201ea31283004cbe92752621df07aec12092b1c650904131b3a03fba643f57bbf2f575f1a94da22b845b9e04b310c600658029809dc9d2d287b23d3166c454d0b499eaf89da4adbe0440a5bf96e54ba508b8f2f6ae51157650d5b5dbe15a31f6783a7f8398c9498a09540810f960dd75499979ce0d5c71f5dc27ad0572d2efb33de2ad2fcaa200ac3e5a4203d4dd5bcf8163db581cc8cbcbe9cd8333f15911c1987bac591a8974c519718577e40535be2e4cecee686ece6b0dcf4686632c878992c3af554951fcfd29344557e6f83ccf52ec0219e593311340d419af47cd328790b2ae221dc0388790a4958a8e8856a312ba28e31860d45779c9a1e198fece6dc8848aeb520b3b27d6fa0ee47b970fe80e9e9f4bb5a094051ea88f37ba081dfd9bca456072554be1b36220c076c4abe023ac4dc7025112fac4bab37e2e17256fd4a341c8129d132602c9469495e8ce4b549ef95f9601eec2a8034fb348ab2c670f1e2d40018a7e3487352a0771e04fc81b047d2d746b7d91ddced6f5d697d9eb38661b9fe0e69d557eaf3af912d1d406453db4879ce3f788190f039fb642be258a5e8f703b612f791ed59644509f52f4e83f1eb53dc1a721c41879b6246a604eb7818d28209656389a5d28eb63c2e5b31b8da9c7c2e72da4a73c384b06116b6196f41a9dbb7f9ead269d4a201b7284d13087696a94db3b8c30a0ae7c48e43408e1d52eb4fe91ff52125715c5eede46fb806e223f77a3b968954a7be95a687fa95f95c7174f9c2dab7b2ee710765505aaf7aedd7c25a0714a33add6d4e597eb77089cdf89ddcfb52c9bea853b0e4d2cec4101f26e9759c5d8fa5f5595dfea73ef6af7b07d60e3c08037ce242ebbf76c4cf9c0e47dd043bc31d4c6ef8e46c89b41bd90f5267b179702ec7cd289069d973f6b62e6b969b3b82407bbe1a1be66a2889f3036512c4aa2fcc9bfcf998502e7c6de7d553ec150d7804ed4b0779e8295ca2f68c2b67f874cb076cc28721701e0aae7304f9a84928b325f47629abe52752396c8bd7369c2946cffea3f0d2861e1ecc4724c3765864a887ba9d03b7a2c331d4ddde083f308a155fdb51893817ea26255cdc49722ccfd0d2259dd78f27568d9bf2fc36c9173a0e29ddba262e19637d19661aeadab80af6d8094de2fdea9dd965ca6d1fb3d5e2802eec838645c3c3bfe323180f7e9b2262ff53ccb1d39ddbaf471cbed447ad2819bd20844d02ceed2818d0a43651df4e8de29c706de36d8f407163f2157d21c247094f5876552f1a9beee0b58f7778e125cbca0fb01a02b0d6be2ad2af9577cd9bbee4e5077898db2f6269990cc531a0c4aff18731844b16af6e40bbd57c8"})
r2 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000000)={0xfffb, 0x1b, 0x0, <r3=>0xffffffffffffffff})
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000080)=0x3)
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000380)=0x5)

13:47:30 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000024000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000023ff0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000002900ff1a0000f9ffffffffff02000000"], 0x14}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x2000, 0xc0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000280)={0x6, 0x4, 0x5, 0x2b, 0x7fffffff}, 0x14)
getrusage(0x1, &(0x7f0000000180))
r2 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0xf6fb, 0x200001)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000140)={0x3, 0x0, 0x1, 0x3, 0x101})
symlinkat(&(0x7f0000000080)='./file0\x00', r2, &(0x7f0000000100)='./file0\x00')

13:47:30 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x4, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:30 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:30 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x24f7}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  582.190415] FAULT_INJECTION: forcing a failure.
[  582.190415] name failslab, interval 1, probability 0, space 0, times 0
[  582.201832] CPU: 1 PID: 9314 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  582.202931] ion_buffer_destroy: buffer still mapped in the kernel
[  582.208768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  582.208776] Call Trace:
[  582.208808]  dump_stack+0x1c9/0x2b4
[  582.208837]  ? dump_stack_print_info.cold.2+0x52/0x52
[  582.235798]  ? __kernel_text_address+0xd/0x40
13:47:30 executing program 1:
r0 = socket$inet6(0xa, 0x80002, 0x100000000000088)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23}, 0x1c)
socketpair(0xf, 0x0, 0x5aa, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f00000000c0)={{0x7fff, 0x6de9}, 0x1, 0x5, 0x400, {0x6a, 0x4}, 0x6, 0x7ff})
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r3 = socket$inet6(0xa, 0x802, 0x88)
read(r0, &(0x7f0000000380)=""/4096, 0x1000)
r4 = accept4$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000240)=0x1c, 0x800)
setsockopt$inet6_udp_int(r4, 0x11, 0x6f, &(0x7f0000000280)=0x1, 0x3bd)
sendto$inet6(r3, &(0x7f0000000080)='g', 0x1, 0x0, &(0x7f0000000340)={0xa, 0x10000000004e23, 0x0, @dev={0xfe, 0x80, [], 0x15}}, 0x1c)

[  582.240313]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  582.245864]  should_fail.cold.4+0xa/0x11
[  582.249934]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  582.255069]  ? rcu_note_context_switch+0x730/0x730
[  582.260027]  ? graph_lock+0x170/0x170
[  582.263859]  ? find_held_lock+0x36/0x1c0
[  582.267950]  ? __lock_is_held+0xb5/0x140
[  582.272044]  ? check_same_owner+0x340/0x340
[  582.276393]  ? rcu_note_context_switch+0x730/0x730
[  582.281348]  __should_failslab+0x124/0x180
[  582.285596]  should_failslab+0x9/0x14
[  582.289411]  kmem_cache_alloc+0x2af/0x760
[  582.293584]  ? lock_downgrade+0x8f0/0x8f0
[  582.297761]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  582.302794]  __kernfs_new_node+0x127/0x8d0
[  582.307050]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  582.311831]  ? graph_lock+0x170/0x170
[  582.315653]  ? kasan_check_write+0x14/0x20
[  582.319909]  ? __lock_is_held+0xb5/0x140
[  582.323987]  ? wait_for_completion+0x8d0/0x8d0
[  582.328615]  ? mutex_unlock+0xd/0x10
[  582.332360]  ? kernfs_activate+0x21a/0x2c0
13:47:31 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  582.336613]  ? kernfs_walk_and_get_ns+0x340/0x340
[  582.341474]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  582.347022]  ? kernfs_link_sibling+0x1d2/0x3b0
[  582.351668]  kernfs_new_node+0x95/0x120
[  582.355666]  __kernfs_create_file+0x5a/0x340
[  582.360098]  sysfs_add_file_mode_ns+0x221/0x520
[  582.364791]  ? component_del+0x550/0x550
[  582.368875]  internal_create_group+0x422/0xcd0
[  582.373485]  ? remove_files.isra.1+0x190/0x190
[  582.378099]  ? up_write+0x7b/0x220
[  582.381656]  ? up_read+0x110/0x110
[  582.385213]  ? down_read+0x1d0/0x1d0
[  582.388958]  sysfs_create_group+0x1f/0x30
[  582.393126]  lo_ioctl+0x1310/0x1d90
[  582.396777]  ? lo_rw_aio_complete+0x450/0x450
[  582.401283]  blkdev_ioctl+0x9cd/0x2030
[  582.405178]  ? blkpg_ioctl+0xc40/0xc40
[  582.409083]  ? kasan_check_read+0x11/0x20
[  582.413233]  ? rcu_is_watching+0x8c/0x150
[  582.417383]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  582.422069]  ? __fget+0x4d5/0x740
[  582.425541]  ? ksys_dup3+0x690/0x690
[  582.429376]  ? kasan_check_write+0x14/0x20
[  582.433611]  ? do_raw_spin_lock+0xc1/0x200
[  582.437860]  block_ioctl+0xee/0x130
[  582.441490]  ? blkdev_fallocate+0x400/0x400
[  582.445821]  do_vfs_ioctl+0x1de/0x1720
[  582.449714]  ? rcu_is_watching+0x8c/0x150
[  582.453871]  ? ioctl_preallocate+0x300/0x300
[  582.458283]  ? __fget_light+0x2f7/0x440
[  582.462264]  ? fget_raw+0x20/0x20
[  582.465716]  ? putname+0xf2/0x130
[  582.469179]  ? rcu_read_lock_sched_held+0x108/0x120
[  582.474201]  ? kmem_cache_free+0x25c/0x2d0
[  582.478439]  ? putname+0xf7/0x130
[  582.481899]  ? do_sys_open+0x3cb/0x760
[  582.485797]  ? security_file_ioctl+0x94/0xc0
[  582.490216]  ksys_ioctl+0xa9/0xd0
[  582.493679]  __x64_sys_ioctl+0x73/0xb0
[  582.497585]  do_syscall_64+0x1b9/0x820
[  582.501476]  ? finish_task_switch+0x1d3/0x870
[  582.505975]  ? syscall_return_slowpath+0x5e0/0x5e0
[  582.510914]  ? syscall_return_slowpath+0x31d/0x5e0
[  582.515855]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  582.521230]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  582.526089]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  582.531284] RIP: 0033:0x456ef7
[  582.534485] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  582.553389] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  582.561581] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  582.568875] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  582.576150] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  582.583416] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
13:47:31 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f424852", 0x44, 0x10000}], 0x0, &(0x7f0000000240))

[  582.590686] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000010
13:47:31 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x8, 0x0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000280)=""/4096)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x6, 0x4)
fsetxattr(r1, &(0x7f00000001c0)=@known='security.evm\x00', &(0x7f0000000200)='\x00', 0x1, 0x1)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000001280)=0x2, 0x4)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x7}, &(0x7f0000000080)=0x8)
sendto$inet6(r1, &(0x7f0000000180)="3f010000f7080000ffffa88894bc4a91985e7b8e8fbe0d8e", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x4, @remote}, 0x1c)

13:47:31 executing program 1:
mkdir(&(0x7f000002b000)='./file0\x00', 0x0)
mount(&(0x7f0000000100)='./file0\x00', &(0x7f000002c000)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x4040, &(0x7f0000000180))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000000), 0x2)
r2 = creat(&(0x7f0000002500)='./file0/bus\x00', 0xcebb6074bb566d03)
stat(&(0x7f0000000040)='./file0/bus/file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = getgid()
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000180)={0xa0, 0x0, 0x3, {{0x3, 0x1, 0x80000001, 0x6, 0xa20, 0x1, {0x1, 0x3, 0x1, 0x1, 0x1f, 0x0, 0x200, 0x8, 0x4, 0xfffffffffffffffc, 0x7fffffff, r3, r4, 0x6ff5dfa5, 0xcc}}, {0x0, 0x1}}}, 0xa0)
fcntl$setlease(r2, 0x400, 0x0)
r5 = open$dir(&(0x7f0000eb6000)='./file0/bus\x00', 0x0, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, r5, 0x0)

13:47:31 executing program 4 (fault-call:0 fault-nth:17):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  582.695206] f2fs_msg: 85 callbacks suppressed
[  582.695228] F2FS-fs (loop6): Fix alignment : done, start(5120) end(19456) block(13312)
[  582.724921] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  582.732273] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  582.740637] attempt to access beyond end of device
[  582.745749] loop6: rw=12288, want=8200, limit=64
13:47:31 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000006440)={<r2=>0x0}, &(0x7f0000006480)=0xc)
r3 = syz_open_procfs(r2, &(0x7f00000064c0)='fd/4\x00')
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000003c0)=<r6=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000400)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000500)=0xe8)
getgroups(0x2, &(0x7f0000000540)=[<r8=>0xffffffffffffffff, 0xee00])
r9 = gettid()
fstat(r4, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
fstat(r3, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000005f00)=<r12=>0x0)
stat(&(0x7f0000005f40)='./file0\x00', &(0x7f0000005f80)={0x0, 0x0, 0x0, 0x0, <r13=>0x0})
getgroups(0x3, &(0x7f0000006000)=[0xee00, <r14=>0xee01, 0xffffffffffffffff])
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000006040)=<r15=>0x0)
r16 = getegid()
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000006080)=<r17=>0x0)
fstat(r4, &(0x7f00000060c0)={0x0, 0x0, 0x0, 0x0, <r18=>0x0})
getresgid(&(0x7f0000006140), &(0x7f0000006180)=<r19=>0x0, &(0x7f00000061c0))
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000006200)={<r20=>0x0}, &(0x7f0000006240)=0xc)
getresuid(&(0x7f0000006280), &(0x7f00000062c0)=<r21=>0x0, &(0x7f0000006300))
lstat(&(0x7f0000006340)='./file0\x00', &(0x7f0000006380)={0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0})
sendmmsg$unix(r3, &(0x7f0000006500)=[{&(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000340)="271f9da1e64d68d05b8027de349fa53b85363a38aacfd6a8c24956eb9139ca0d435e11498fb2dab62ff2e2e8cc0f0be3fbe51bbe2a91b18888", 0x39}, {&(0x7f0000000600)="e25a9c4a4e30fa80d008f701bdf4a2270839df0653632c83ed112681cc7f7c2295bde6f319a8d1f508def8202ed1d96fa1eb00545c82ef84f6a44661ce775b22c662a472203a555889c028929b1ad5f7099329ca20075c5f3e8d1cf40057912dc25c8d647c0e2f9ce69fef6bf9336bb4629f999619c7ef2e21bff4502d1b7b533210b04b952c528c1c303e2781740d4825ef1380c3b339a35002cf8858a9d6a1d2cf3569f781f127fcb5fb11c647711e8c52e752ddacbd88d20b14618fe19c909dc338655e709e521f74a866093a19b816e45b658cc6a689a7cb122d73123482425f728a029f63b30ee8c20535ba1be42e0b380d83886fddd69d613fb0ecbf1f5c17d70448c94359476ac09187a9d028d43a0e8755faef93e95103e6f778cde5c0d4d6bf4875bdfd6777e7bd218e0c4e59804f4d8b75d7a39dfacfe54d68b640316e67e719ea2a589c1f906a63d99c0fc99be03ce910425291fe2f156909afd3b0f4e11205f6f6270547f931cee6ddfa21d3dc28ece889c23b9271527fa5faf9ccd1dfa94aa561abc5bcf0e78524bbd715983d44cdc9d0f75ccc4da19472baf3f2817fa1e7f635148af48a2f983bc91f819b47a36211eca69a185fc4bdc124540a3e141a960a421585a6f7696a5c7e6092da2f31604c2fbe5af7abbd4e075360b22bff09cde917866e47df72265e8ffe4923551c13ed6c114dc6da3e76e78ee01b175c2895fab8c9a7b57141def33dfb343040dbea618a6bfc8da72fde576771d59c1c47ae7597907936b9d341789fac195f7912457eb0f5a7364d90806ae4f8df924b5c90e98721334fd485143f4a9f0c41794ae2ff05e9822ed019f38aee7e6a66e62e6ce390125a89ffed0a0b30b70c90fa34753279e4392cc8c5b14a0973b707c7f5d0bddd91a034b29f2358159be5cc263c2c3a29584f0b1dbe5ee146823ab90b5d7e232159b7855ee9bc696ac3871b4b9fa9435674a2a7e98b862a688b7c0effc3b192add2468a8358f7287587f3a4d42ee1863864d579f62484e5b0b0704325c55eb2d94bee991e2d315c4f794fc5acc2bc078d68893ed0371bfdff62cd7f8d4c9e051569c748d7a086e7061a33036939d553838ad5bb1601227a83dabe6c969e4b88b4aae0a4f3b169f80f7e563001a90d54ff3e5c8c632de676fae10c8cea7cb2a832bedd693c824a9b4e130318a0cee4ffc75dbf948f8472d35fa7b6e446c11426594d5343bf57c2c3b3c3b978ed3c295b777a635d70f766d7f1f08be34f42aa3230e15b20eaea54be9862f30755526aa8617b8b6f19ff08da9946094cb440265692c678df758098faf0101e1bf6f46ec075b358e79bc7f26b3d1bb7682e5196a06b5cbc9bd9b7716324895f5837ebab3b54e965b8dc03fdf2224259d34d1ed34331fd20c5607c4940bdc549ad87f38e2eaa36173c3bb29feb5041facf6693b9f21c175c146d6872e51c81fd1422f05d8aabaf81260c9561aa3b1058471dff4317690930cc24805ea1da15b5ee9ef6eb7b460ea18b6142b8bd58c1aa5539cf9224db6d863bfe8a8b7575440561a9fe691fba7f84b7a8b26ad87c6a2a5f4136c99cc86e1231d66e77b0cf94d7f6bf30239e9255dbfb729eaf2935885fd6c09bb1c0ecf0b01d31b26f05840b5005f695c15b28d818a9b16a5439b677f53e63e53cf2c994cb5ff52e3f5279a6878396973f2c3f15f448f9680b87795b76044a63d8ffd3cf3d58d5a5d323224aabb29da3841084a58885618b017bd6dc91264e08a989ccf41d1758005c138d070f800f7959fc9c81083e84bf5d8fc2f87f550b0616b08861bb7625f71c0aaed75d466e10d71067bebf469ff492db719890fdd8d4820b5df239057e04bed7322fb52d76ff857c7c3e8227f1a9660e524b59dab3fca9c5c735a8c0b9939f0736a8865618f6d61f8d65ac56731a878bd843c492ae47037f8881c85c582e9a70f2af6e9499168a4d279d292832f9e8fb8a8e016d950bb8d74972f9ceacdc96bea88bb9607fcdefb0fe487d144a18286ae790973a81a83df3190641552cfb05a34cba8f950d48e5034f88285be467019ffa308ace44aabd98799358b4a0bb2cbf4a32d4634173bf4f79372dad4f3b7dc413ae2dfbf448d5b4f1e0c5726fb5499adecae3e679b9b00a055764371760daf55a9753c3c036d0ebc314617ebf1cb94e9fe013764979c78c63e048573d1863592566408b9805b0436c235a98fd1158b765d1f1c7e9830fd6f5c2aa16087cf6e0198c02024b4942b77a9c04e3a33ae924d49bf9e1ce422b53fbdf71e473587eef493177edead1e9f237ea791abfe500a40cd558e6820bd2af2e0aa7d5f1bad9d5814bf78c93dc2ef356576a4ea9919ac3113f7da0648087ffe6ebfe5b116599ef8052e1f32f12f2cb1e85847b9ed58e9eafecf14139ebc8f7739ebeea0896d3820e761ad1ccd6e5ae7261b9ffc95c17d034d1274afe684950ee548ecb524fe56148a90894fef233ab4029545f5fbf4001d064b42490b6a3fd8c098976dcc4ee0011d30947ccb6ab7a9ed0b7596557b2549be11ae95a00620f01b85d5ae7caa333a916e55dd922789a5ba0391dfc113b85a3d118de2e1c1534e8f5a9bb23ff8c2f94f6f83fcf930ddbca12da0216658f84e7290c127ca546df3883da88a200caac1c53f004e8e5f2b3b5b75597dc8f632dc7a777e6fdc1e250b1f630180e52c0713c9cd330bb04172fa1680f26daaf910c0536786d8b1959aa31d97e5bf7109fed0f6a1a309c0d454e358fabb7eeb06ccf9707a8f9e906328030cbdbf796256166e1737f9f883c6a51793cfa1618a207c6327c0ab3e756230c4c9b8aecf8b257a25e353fbc56b73f92c3e8233ba7e80e8dec01098862eea332f4be3d9e7788292891679f35cccea9bd04ce5eb572e2683bbba169178fb2bafa02c72b9bc166f7ac8426af5f941899dca35a6cfd15138aee657d7926d09872f1d1894e885879d64f34d1cc0d2604d10615ae6719716d996bf977dd71f8809d12332f4af262f05ae91b3beccd494d9009f39a0199a55c4e6a8c30ca3a7eaf715694fd0e93af3fe9899308320febad044e740b8e2d29670a25422e64bcb4cbdb0cf24c7e18a3d18fab980839c4b7ced1d34735bc2195e1347389084ce973c861412da7731f106da0b6000ef492cad2f9696aa9e59bdd96c96d3c395a02ab5aeb995b2111ebd1f178881229099e9016497a63b6ea337d937568e2dbd5a33ddeb7267ec14335a140d88edfcdf5399b55b9c1b7793adb740526d91582a9d82195c61d5bc2b9674c456576b1d57235ed74602c5bbcc6f5f8d8372c7eac71aec7dd6887313225bf4dfa75d2976e1278190444b31a25e8ae48997aa6b3e8f55dc3ca025e109f2544dd5f6dab3e03beaa28a4fa3ce3ea88af4a1544f6cb362547cdab5d91c251f4e964498ff880728ea35df74acdf7cd1b0aa4ebc58d5aace6612c00e2ed431dc6b22cb6969e1c3b6d334fc1a7a51fcc4e947d335577d5a51bb669fdad0a5621be5f225f8d51c77a0d34cf667b16f8833e50af749a675d78f5f254ac23aa609ac2f4ed9e08060a0f6a1507c38a8c016b47eb9b62fd7dbf8b9794b8e9c07b53e212e1431c8085d3fc0c72b1832cecb52a7932e60d106f9588c7de40cdd5ea8c9370d001d56c074c942231148ce63f5955d9d109540c97f3bc885a8c1180adc8e6a8bfa74f7b9661be69c86507702b6f546dcda85b8762d4a1f77466bc36397158c45f3672c10b0e521ec22b6d87062d6f559727459a284ca81a4e5ce29efd040e86491641c2c91d7b95b95f678800eb2e4e09fdef37f576f9985f3ccfe81c56455574847a3afa5f26b90d66fd07f89bab36371fc6218f16faac66b4edd3dad569bfb185d81c71b2c1726403fa07a1a458bb63bc71c91a8191b48ce340bc0f140616ee8f98fd2e709087e09f59fb97b5efc7ec5bf7c44b346ecc1ee0e2d07cd98084eabc2a0e9685f94f4e6389bc07b10f04a7c37890098e1fe6803a12c55a9329498a9f86c4117e8a1b92b139373f93722e4e66ca43a841a697ce8c002542606b41aac281dc1ec1fc5b1970d58be464b21926521db85d723761a6a61c2eefedb38a0e0e80e96730c9db92c9207eeeb2ab3338655d4bd68eb72a3f57f18ae2c9e6d6a2dd8cbc4cfdbfde08c2bd0efab9cb047e224e6d41758f2a5d97c8eeb93211ee9c0472c1ce648872b163818303423ef39d0eff21ede255837cd7685c1897c0f014978d716093d5a5d40bae2ab6c55d1909c6cacfe8a7d708400f608cc9f2984120ac4b694a8c103512832e0eb4dc3011bbd9552657da56f2b4e182463fb57ca1f4a2f195e086a2a21ce08888ef482715021d12a2e33ba0afb94c119313296f6f270750c958839b53b5e6b629bdddd179f8fe3aee2189737c6f3ed5e497d956661cec6ed14db7abbc9f91178d26aea756dc0dc0ff9ca9589013023151dec776935d43d2a28c5a7faa132ad309e31966e5701c1eef7feff7a81b5f9f0a0b81237b340dd264976bb1e93fcb3e30e437a2b7e0f6e924af09861a6a1a436bd6e0628aabce9de4cfffde57906507f45e0ea0de96f78bd496705bfcd96e9abaf45c069e2a10cf0b2f400017afea5e6f8987ed58185a32b5bd09ae2302b6a9ab2fc54ba72f4b8994ed643d9068a7976078f841a23e10e441df44246f71e16c4a64fa32a49635134f867e946358b2e87ae1ebecb3c1bbc481acdb3209560ab4625d5907d99adb3a8454a5ae04b2b353b2376be5d32b98d16a4be9382837f6a3c53dc4f4c00991fb685eb211531cc93a6c9986a142c214b0b905bc84ca9c82619366a6329213071c568595f9a7f49cbf3902eecb1d56d5d3dc30ab4000e526ef2e9c0d63f085f6e1306e090a895a5596de9e7db071e2ff507aa63d037f763ff181904f784d7a62d307e5ac64a08a40a528cf88fa88ddc887fb57076185feac93f7e11298afec16e1f304604bedc6f9ec886ca08f3e04875ba699e66a406fa0744038705e8f35a5177fb37de7b6e6bfc5a465facacaca7db9ca097c8e9a283196519389e6dda6b1d1b3a567b6d6d3f264708da3eed0b295570132db01113ac10e0112a2dc014b4e2c24158180071405346a28bb72119f65aa232b2caeef1413401da5cfac067f77011bf65b1f4aab660457a26dd6af995fb85243b5a4c5359e0f7a22162896e5b4aa913fa85ea0aa250a51dc8dbc35b026a900912544b2f4052fd263725ef225a79f2c5fccfff5e69b4fad0c6e865ceebfe502b9e1857ac82f392db8f4e4cc5d51d09e3251f9a3108dcc182f38a6545a3a616fb13e3d77a2bc9184ef451c58ccaf6b1355d7b174b0d1b6771048f808cc0b0660e2fc08674c6504f80a8f1cc44cd6ecf2124bd0aa0caed05978db273e851ec9c7883a9752d0292b9c85c7847599686288c9e8d41e002f25f45f33687cd53185682301648f456ead59cc934118e082a0864233f3b0fb99319889fffaf45b7d04ea2dc3a482bebeb063307463a25c29f9988769bd1796ac74b815e771eb1663b9e1601bcb912c17b16951d5126de5adaf3ed0d718fd781e19f1650ec9e951a935566c72b2b5aa5e8868aae4665610eaaafda5402af76647b8673d49458a8af712eb1598f437eb8a618d72002e90edea2744b5cb35a143029cd3b45a37a7e10e0bd65ab61b9625722132bf61cbb95b7691e604aae5311462f69473ba63732e9f8c9bbf95d7969b9fff528474397dffad3b746aed8563bce344a375ba01fec49d50933016ca46e9fd2f61a8f128a2a05826ae73ecda", 0x1000}, {&(0x7f0000001600)="7651fa248050623e2063b9902b6ed2cb93270706f7e25593b6258ac86fee2b8932f719f95cd246a03b293a6dad74635170da6a08e78f309973fcb76715798a428363155efa3e2e1f15f303141604e5482dfd0742fcc5179ce8165f4916f29f8391883e0c3fa6c5023cafe11ad2e853be861f2c94410f14377dce4bd7ed7ac7badfc9b0241df506bcba0ed629542f3f0aa6655d37ea50c5018c13084635e2a09df0e203fb48afc8efa63c6bf959916a40537cbee9dcf01c5b8b9f4b7eb957c6bc30c3fec07b977be00577230c495dd93644345906d1ad881bceccec68be8bbe31ea4d0bc10bd0283de4b0f556ef684d93f610fc985a875f50943b83e52ab9dbd4b5155e9a4e4582dd02c8d8edb0647ddf24fb403f41d91c11a933b991419f1ea4820a3750fe00af6099170787d1d63b908d2a01a915201e1c8d2e3c863d57801122c952453026154e633a84f2ff674ab36d1fe9dde370d796829ebdece93504156e215d3aaa789a4922503a60ada5370d30ea54d14e588647a3c3f1150d83e3ecf01fa82c8e366b923b68fc0e7b7038856b42fa2488bf522fb652963fe66bc6ec7e5e7a44a8d56629bb6e732412c60eb84e5934d90db595759ee50d42115609885944e2cdb3c542c691e10cbd316f012444996ee227d1a7668a031c633741c321eeab72a24b5c38802db9e1845df676499378bf0cf09bbd12652865c08b91ab502fcac556cf02686d5b6a963900c1de4df5e8d4c06508a1f96ee8cd82d3e178dfd5b86efba2b507bc9e45f24e68d83abea4d58eab8a7cff5c9c0d82f50c34931ed531a0bcaa14e5bb6c205f525084407e418371436ed2c76d7512ad71cc22fac1056844692d45aef8fa3c2ee85abc01973c7628551dff0c516fad19a94ed82f69054ae4b0a394f8c271de309e8970d453c75a2790bbbfd0de8ef3cf128805b3bce981a0f463b6df6723ba67ad43ccb3f3ea86a0770ac0724f3f1ab78916b24a9f408d65737fd3b8d12580ffe02a651590a886d823dcc8fdc095dcb8f937f82ae0edf4bd8bd82d8e6274602c7193764c6a864ce25df3105ec59336001766fd94662b977307bcb88a644fd022be52f6d1fecdeeb4a147ec5df40da6e95091c77d0e10f3a84f57e1e8a67092f416e0ac18bc142ebf40a92bd0d6888aadb1d9270a250bb096997cb2b9e40c9163725d5ac88a2fd1c9fb440a6579f7f0058a0c2c58f6949f1ebf89f1b0c9364dff5dd54a011fbc45a786424957572bb3cd7087786083a274c62755cc60a5697634ea808969bd9306f4fad1c2b086f1ae646ef50a82f61d19a057b6d00d331813e5cf7ad2b921dcd25e83653b4d6205e0a650e348e1221547c04bf0a40a95a07a7a652f4dbf7b8a945eb3cc051b5c9416950d630e5106af50b2675a485a392891ea346a707e9523e719464b2b5d44b40a9f13dc5962cac901918b335a391933065a12dd75b5e3bf5f7081bd512e29495d1233155b7f2b43afbb686789b2efd519641abf92ebc1a77ed6cf21fe4772a98df52b57a4ce066887d10a9ce2abfd8f6a0f0aa850709d9dcbbc863539c51e0d7252ef0309abf854f42898fdad77c0e48e2a064beb794ede686083c82bea1eb203d0d23f4e2ad6d82b414a3b4a05f59c1e023648c2360459311f50a35528fdb3eb6c411f13a73eee34c39f0fb67e1da65001b5f33688c37a8e5d0e2a7e3e8246c584b2f17494bf89203c8bc91333489e34c8010de4e01d983e9cde4bfcf57942ba24c93e5eb7c5c56e440248c5c88c3ac5b51e7e38621860d6e06d262a26e92df8a3723a1d2c6716c4dc7cfd2b9280ff1cb8e3e0904d4c516a789b4ca5a97933eb9071c42714f57025d3ef55752253a9483d3d992beb27b11cd39831654a48cb8d139c13e973d8b6650aaffdb061bcd2d6fe89a2a30e55524ae4c41bfaa73f348f8175083cb79b3411d3783fbf9d14ee2f31a4e5d50878e6099570855aa18467cedebbcdc9fa8a4287b8b864b0d25bb0a61ab07f570b3f05976cea760c208e804ad0dc5d52e842b4efcb9b035d39358e165eca9ce89ed610b72f07a97430750dabda0de14c2c1c63984ee7ffda4774d046235afdf294500531a77fd5206b5ffc6ba450796d6882915f65f1aaaba15ff077a5a452a71b4bcbb96816c4f84bb93a9f34aa29002f7f32002e973e345e3ffd12c71d45f33e083a754841b74b8d9861a66d9b2bc1b2629412b5683f573a4af4ae50bfbf84a29f89cfd99ff570d2b7693f56a14bea319b7864842de08c9e72d9b6c27d0c917f96c0d0ac56da5bf515c672eadbe2046ed856e3d6171e5514db458ea25eebbd1f77fba49390c96de9e7710063460064014c28a271fdfa384a769ecce99d4db88ba2081957dab7ac227ce8a6d271554e5d73c6d7a108cd220ab0f88f55782ccdf0860d717600d5c87b46a8e10661d347e0f2cb39502cb52135150337b126f85a9a0b85c31c1613e9f9fa77a01862a927c96c7c467ce3cadb15087dfea2ec13b072c1b4b1af0946d3a8544b5db8c5b8fae6097f8f5877cd4316f10a3b5527e1b1c4a90d900f58157cb7a40482c5b992dab3c82976011155eb942ccd29a77a7f0bde4ba030f0006435d17d0418778e1e7649680dced12165befc0d7c1f5dd4daad03927258d2ab580775cb6a7d29fc9a38f8965a9c4ca9816ddbf4327f56cb6b2f51c042cf7f22bdc8cf47c6d5ff678600b38f9cce94e806ecc09230af3efc72ec8bb368fc3ba26244801604b168fc87c091420713c9558a1868f553e72f741563a3b0beaa9cbd0374613e3f7a055db4e3692497e0e9b5c073dd6a76d986eb37dcc0c7fc61a9d58756a69ce3e2f27ff0f2e5dd933d7b80c6e645a9a0925198b9b466ce03e831f2efea6995534edbff3ffbf327b17f4db3668009376ba92754ad56d1f6c1ae9702ecfdb8249de54936730dcd27425b780e325df187ea28ddc2ac262ab8f9d0f5d631c14a9097717a21e8e88e70aa06229bac0695c1f4a9bcca363ac1152276e5961ab07837acb0ca86d5092d3693a0f010dfb64672de329b6ff0d941330ba2de04f50f063c9a9f1a818c1e92e5d2f738be79f712c3f61795beec289f3d5e756e8a58d8a32ad1865089e7a4870417ec2a1c2f01b659ccc62e748e06575212b469a3b07f2d2f683ec21279843bfa9494c2ba13174fa7cce1d8f01bd45a64c92b71b222a95a4e6ad92086503828e96a6e5ea30dd1cd4468cd8040387b94edf7ea17322ce9622e507303a6e617282ca6a5f0fe15f99b6224a8c707cd2f8101982780237be2c7b119710bfb9c8d489c2f11db4c232113bc5b4f0c42910e1953eb5e728bf82c576928038a86e97593a6fe75b4bfb246c9c78f3a5e8dd25aaa42215910696f555be01fac6e74c41c4441a57aeeb2d931a2827301d8ab3899b23ac7a2f9068d975a4bf4a4eb2e49a3a16aa90cb334ef893bd366421a998d6b693316c2f89cf44b7516db6da5b4353590ac0c3097d34855e520492f5a2a37eb36f95ce9978223a4cd21d7f6c3c9ad879cb2ef5f5eeb118b7360aebe092e42cb447eca13b77f83e25f167dcc485ef0ce63f7325e13779ee33c8afea8d59272dcec90e5a511c1e78de7d2f5d1ca0701c9be9c01c03fa14a94deb61580e8190a8ac7e6d74262f4737737dadc2a067beb365419e182dd4096584c3d8b9f5d42d75c5545fdd8e662a3c9bef79f4ecefc3476ebac9066de38713dd6f8fb7a9b433b5044968e3068a3aa1cdc1c166a399e88c5825bc26e0c76e9798cc68946011bca951305f03c7ddab092553f68bc384bb906c0f5963fb02c637f1f4573d1669755745b9b3b9ee3e5f53919d344e06302821bdb1339385ea4a3890c69c09837dceef74bb323f1c6b284c08d92d114b62f346421c99a4dfa77396a17ac537366b3a2eebaa854cd6453fb17c80e00c840964cd4b1177502d2317795a6552d128b3487900cc26da1e86c50420e0d114f32bd36fae0037d10c140c39ee7b4992445580e581bd0506a63ef2178c347f5d892619e46855b7b99fd750cc21e04bcb51a2150459a1d44533400e9f1a7b716ab25ad7bff45bfb35c7cf334710d27c41f8e0678c964e297a8990b22d46c266bff20825b637cea3b7f2f7e9d457f01c5dd7207ce0ac71a8342918858b02ba63894419da913324217cc88a0fcc34fb08f74feca59d359ac5308caa958bbe84748fd58500de81b5a11ef5e952bbf01a90da36d355d2d5efd6d49a2cef9fe6a2c162e0cfcf83338f02d11a4a0e326430094a9bfefc9e79fe86b9353880e94b50c503ea1b056445963b4080254dc37ea2e501a62cd01b607c7da6d9fc77cecac82c3d3c6c06a183d18f2047430c23662583d6b7a69a86cf43ded1493e5e590bfbeab5ceef3dfab0a0a2fae56757b95d97205fe07d42de3c44f6f331980586bd99bd104140bf0b33dcd7b58cad3e4267ca560ec3d988967902b64c51d63811c4303f88e2790d0366665a3d74ae4a0018a81a753192b0d224a542c9d74a2f5d5205b2bcb595d3d2223a89c618228e0a5eeb64595d718faff59301bfd2e2c69bbbaeeff5d713341457fe91232413ce72eb3e4c1e44193a0517ea98b799308b208dc18134741f6fbdf89206c7ac08b4786c4f372174ad7920c38292caaec54323866abbdccf479f589dc35281cbfb7072dd928deb6d6f624b2e0950298edf78df60a2f0fb41de4e9dcc941003812425189556c1afaafb5b7b6cb600ab9b7f9f04fc8336cf49baececa368e8ae78ccc4ffc3c1331111091e299535fd89302518c43a3d93a459453a9defa3a5141649016fec106ae5c399c9bfc76aa6e64c51b16f2348df592a97492696b0d3c2605e10268d1dd283ee736e8ec07b7d007c66b5c64487f5a39b5b771927ec6ee2913806514d9dc1145eda9a3d84068fbd1616c1a885c05616b4252183fbe0c8c98f1639d77e27f0e8e64eafda5281792ac3d631053551fe3e2679cf71d3cb929baf7304e3109a1f5854e0f01c2fa0c62fe02193c722cfc88b4b5f4ebc44f4ff5b54be81882e9f520bc974e4c4e362f3ef2c51872ef7522263606e3de3f0cf185602e19b78f9f18d37dea7a1147da378ba2060c40bbb56c9b27f6a8e8efa7f971ae599a1f344f5cdd2be364956db3a122dd6f9a6104098d52d3c167d53bfd0868dae7de887772f4f49c139609b0a6d4a8f109e17dc38084d9741ca3b4d81569afe3948751794a71f96ffc52e186a65822cf0cea71c1277c3a1631c7e1f3f73766267c420035d64d7e610ee29b35e2eef907aa6bec3eafaae02651dd5de0a6bcc1c6a54592962dbcf19f03ccbaa86b23d2aafb7280e17adb0d361e3421630bcbeedc90de649bd4fc73fc0d74bf427169579d5ded056e8d346d4ee38c32246b976ee526e3be2a2871925fccaff344f46a4d24e2b4a3d271e85392f0d894cb384861802fac4625d4360767caa7355de9976a1869e02193a7b3601573e5599a6846b14b2e4e9205ae2883e6ff88b42118d3a45d038cd386e00d29d2a4d8ee71a3dbbde19577c73a2de74328c9e619b5d0ffa156d275d493a682a81181fc72d3f2a70dba335a6bd2309a7f8929d35a80381f2266dc85d71aadb666941dca1c17153140ae9c5be7aed5598e4aa713603552cfcb68780886a40f109313b5b7c1966f34305e98c069ad455e061ac2ecdad38a142086e2bc38c624234e9b13963526b5a749d88bfedb51bea21af56c0620281adbd2b547ed42ad1b2f3528b47e073e0860936b1ec201df4a9e7a5af88664738d6768d051416b1b2f8addd4b2e5efb15181", 0x1000}], 0x3, &(0x7f0000000580)=[@cred={0x20, 0x1, 0x2, r6, r7, r8}], 0x20, 0x20040080}, {&(0x7f0000002600)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000002740)=[{&(0x7f0000002680)="f907673d5d531e4a0ca82526a75660cf6f890574ac7aff928b93444d0a7d4a14c67315213ecbc2753111c30179aacd7c01fcb926778ae249f8b337cfb9370fb048fe60f03c272c50b17c4f5e3ebaaab3460080f99803ada6a9bf68676b172539401583ea321fd223be76c5ef3d39f8b50e333582381d924bedf51cdc7fd87756c3fdc0", 0x83}], 0x1, &(0x7f0000002880)=[@cred={0x20, 0x1, 0x2, r9, r10, r11}], 0x20, 0x40}, {&(0x7f00000028c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000002a40)=[{&(0x7f0000002940)="a06d8d5ad5232bfeb20761a6625fb694ec9e518988d1a6857d48dad497b8b426e3c40435da6eb0af4f4f259f60a2ec1c3b579914ea16af6b972495ea319496a9e8ce2e426ebe326ba4eaed80a5cf93b999b5bd606d0262fd2f402d3b7364bbe9f141060fbd116ec9b0911dad270d8f7278e42dac93bbc978625979c449c2b1c1fee532dcd51e08d008d4829934a05c8721e625daaa7718a42710398dd8804ff536cb32205edf107d281b94267b40142ea31c925b0e79d25993abe8b385b1a8fcf718f7fe0e5fa0d43ae54de2389eb2b0150a0d310dbf8614b1aaac955b5c435f", 0xe0}], 0x1, &(0x7f0000002a80)=[@rights={0x30, 0x1, 0x1, [r4, r5, r1, r4, r5, r0, r4, r1]}, @rights={0x28, 0x1, 0x1, [r3, r5, r5, r0, r3]}, @rights={0x30, 0x1, 0x1, [r0, r4, r1, r5, r5, r3, r3, r5]}], 0x88}, {&(0x7f0000002b40)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000002c00)=[{&(0x7f0000002bc0)="c66b655a86ee72c0f5f603cd", 0xc}], 0x1, 0x0, 0x0, 0x8000}, {&(0x7f0000002c40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000041c0)=[{&(0x7f0000002cc0)="6f3edafce4a3a0ca277c53e601ac023fc5740e68498ed8807fc370fdb9ebcf703f001c8610a71872a02a62a2463c", 0x2e}, {&(0x7f0000002d00)="72f28cd2bfabb6b31d220f74b881c3bd524a61bcb4e72138d576d86f2fe323197afb25fb8cab4be9a3ea5f0d4eec1791fe9afe627d78490bc6bc78fa12ab8e4d96e1f7ca5c9e5cf1d976beaf80072e8f41a17ad3a0c1e7699dd8588d99cca8cc277f4727d90eba1970a8dcdba1d1f40cc46c1ae7aa634dd9c6681c70cf12129be8bc87adf5dcaf7bc20692dd2f7bd7778336d73556046434523c4495a216812aeb66e1b403fe7d01662b1805e444ffd0e31a4e71ab3393b2121c7975beb5bd90271901c81171952426ec67a97e3595d9f0909412ecb959d52e0ffe", 0xdb}, {&(0x7f0000002e00)="d97302b99b03a6343b0aacfa76ab62fce5859c16e79eee09b61c3255a2ef6fafc14d75d39fb7b073aef8a2fa71d1e71f8f1704732aa7b3b683afec8d8cd3bfc407a6621df4377df80c803522eb26430753790d4a0f92cfe45ada8d57621ccbb138d99836cd2eb7fb3335a978c91e762a53d8cac1fa9ce0bc9da46bafebe588601224dcb74e30ed4b85ef93fc59a2d1f0f3456c16e9310926bf4097ee8eb1ade475538e4065c9a209918828843d81c098", 0xb0}, {&(0x7f0000002ec0)="9f74680c7de3c00fd0daa2170f064b0ffef2c44b05d87397c042cb0e9d294dfe35b09d0edeab1bf57c10c6cbec3fca92e10981ccfe87b540c5c0d2a28e26696152eb835c60292ef6e10c51", 0x4b}, {&(0x7f0000002f40)="01fc21c8037f3dda0eb9a07df48b71fea9f192ba114ae08a5e4665fccb4a4cbb2c4a9081583da4dc65e04a6035749ea76c3d1a6dbe4ff4da4c8075630755f8bf5ae0840d08410b1057a185bd82fb66a230153616a1f7f11c2199d6a8b176d227f00a923f825878db5dbcda5951c860d6b681a9199952543f5e14a5d5d4da6b64b25a2f4abc4ecd5b8c7350c18ebf609d0a23cf7727180be5d46cbdc40ad5c9d1b5140cc0683ce5bdb572a8e4814d9cff99fc0752293fc7461a539d4fe4fd38946c272ee1806b33681c40b1e9469952971735db509f6c98ebc7bfdc34999b58a86a", 0xe1}, {&(0x7f0000003040)="25b4f7c4e7ec66356524eca16dbe33d7564e24697762d48f062d", 0x1a}, {&(0x7f0000003080)="72a03905490f7330523dd8aab9e89f2f055cd874a5fedbb494df73edf2b9392113142b1c7d20f3fee388dc48cc27e44f31002c1b739ca7af4f0ff8935c7caee95c5c29", 0x43}, {&(0x7f0000003100)="86bf18054ce1a49c506fff77f5f0ba759d9c53f8cab077b4cc80a7177ba417efb1a59d25572b45d01e5cd8ce0d75a6a926204781927aef30fc4038109803f77cb85003c7ed57b69f47a5c28bf3ca5ea275630184df3c5fde4e617e24a5b086ec6b5e9604f155a2e0b03018d0252e2257d0fa0bca188fffff479e194d3872943d2057f6c3794ffc1518037363e844f1efdc1d4cf006c1ac61d52c22b2a93b11929ed059e370b653d98e3b6c499bb03f310fe501eaa62cfd24f4d69986e311c218bc17c67309ebfc1444af9ddb52ebd879b11bf114124da8845cffaf36506cd7666a4ae18d0776332fbec8d64a611360cc1a2ed1aaff7d585892f3d18efb920e24f569a636054fbd532f1f3c10c6bd7cb9c5e320413443c3b1ed2651007417b9bef5db7661b16a2e6b403e7f51080e5e283a922ffb6cbc27111b6a1805199df7fee7cafcad62dcda24a49ae7a44db271b5ccac2b4f4763bbbef540651c6b78d866e48174592565f9e1dab403af39dcc727e35d7ab79dc7fd5456825809dab86da4b048d66987f3e851c8a875cfcfe18c2d90759655d71f25d0ef846726bd178fae3eaa78d86356833a2035ca2cd579b238abaab52e502d7b5dae570d215da871a76df5a3b65c4f117f7290d53282ea63eb57835ee0c6a63ae1117d44090380cd59e4e5840e54c436ef1eae97c66b2bbd76d30235a84de3abccca1770411c7c3914c4df16bd1034e37d4534618fc2d2e85c495ee0090b9556eb307291dd49cb068b2df6355e1adefcab511c2baed8e8bcb899aa6f56d49e5de7a56151937c258c7f1b3975b8d8b5884ff56a9c1831351093a6961a0ba5f53957d38ef743ce1bf4f774e5b17831ecff0b2df4b85b0c25ee750337793e0a9d19c66281cb7f5350cb79cc8183d2e3e3981bb12e51657f806193c5f8ca69e37623e49200b80dd3c65e447e933d84ad8ebe6d76b10f5bf01cba0512402e5814c235d19b9e596fdc5b651e9742aea683f20d2c8ec727325080ff41a278bfbc455c4f591e8bde0ea5162884424d47d830c3bb53e485e12c4ef570aa7730d58acf01260b1c406041017dbe5c462ce5a55fa0bc390837600bf15bad48fac5cabcea0e58d853deba44a085eaa5740fd1eaf408a99b9bcd4ee4c92244b8a71e0a48abc36358ab00527c1aaf4e26027a3776cc07ce1baf7babb2a7dcf2a7adece37436300d1b43c7f998aa405a05fd4ccc1f5b63486976109ebd014ad5b9db9526e6bbf49eed317ff42c72c6e3e4517a982ba838095904e1d2d48db279050bfc7def8e0bf5b386c9336b02767f485ec2a52c46be9bc77f7aa506c0457b2af1a9e384e7684cb3addbce7bd4c8839e86869954bd0da40f859e4d934ba483497b12f94b6e804664afe7d102ebbd24af8978e146b02eae1701935badf03144b8f9d9a31ff75593abd74cab9e44dda3af55ef0838e1523b4640e66c36bab4b56906fc5b36d3dafd6b911558beb463031a3d9e7c270cfb8eca6828113c2f04704229d2ef98902fe9ba18e0d75264977c299d2b2d5f0de1b2810642c6bea8d82622283722845a78d499321fbdc82ee0f1b686c3a9f4a91aad534fa456bc6b939da363dd55d7b5b14e78dc07ede88908d602b011f341c5b7a0ef095d2ecd152e7e7d8ec0d06dc90620aebb55754ffa1931943e81b555a5175aeb1e23e265a0130a26df78ce4a217f156f5676bd7322b43df00fa3211571e7737aa76636dba1c23e86d5ffc4a4f1d7d30691511da1e3171e4fcafee4dd2f069cf792004d50834d51eaa853e2c4bdd3134018baa12f744e76c24c365d50adb5c20a5de7a79cbbfee2b5ef83481dfb1724d6e49a5649921fd24dabb4a2de28e1068c33b948a83eb3a5a593fc5bc2835b55ac554737b6535789b39070aa205b4c82ce40f90c2547d541f35a73b6fc6033edcfc26784c83b66346d4f0edd812516b2dcd0932baf24db28ec7c5180930301f200310ae8f741553811b235c84ae05e4cea462bebb70acec07d21ba5a9e0428104bef5cd9497d645580f7c6369d759822d02967081c2cecc1df8122f5eb85b3329db217bb8da6fa180772ab9829ae69e88b7ff434bfbef76e18863689dc0a10d4a5f99c92a8a185a78f006e2a6ddcfa31d7e76426aa545c1d294c47ee73e824ba23c1c66b50c70396b0ad4d802882599b92babdc06174ef79676b30bb45b8f96970e62b627c653e9d693b89d8052aa026aa74322da1ed15684e5fa500105e6f45b57304bb336663632f1e74430bf132735640b0f527e89710828c338fa175eff85a1aec985103ea8596e363ac974f9b7a2db52e9e3e7cf1d03a69aa44b05c228243f22951e01227f6668bf9788d8f91cc5b29424618fbb19761e3a2ce5979ca1965ca1d7d504e87f75ea84e1a6880b7aa178eb61a8121a3867eb71a4b9015493254efe72f37fc1da348a32b169e063206824108d32621439e7ce5c8834ddbfde2c5936ddcbdc794f91e2a79774e94aa00de032769a8d71f02354fd0dbf473fda8ec2d5db321c485f15caa019c938b430fd846a42c0c63d22975287b98a1a798c8f1097831e216b1e0890b8d452d2d2c7411d61d07033fa3c47268002dc9dcfda7b8fb92d410b90c65334c44832f17fb66d8b6c0543f80b74d0c83003901de04728b10e2df69755f595cb8ea843c5738f95541c288544fe6a0741a2b80a7af73725fc80b77305e4f3e7cee0b886d9163aeb5fc3ad19094b7cc8963e6bbfce8e43e21a260f99a6f846427d28ec229a5fc98595fd743c426907b52d25e4b7b9c6d866c7e127e55e85510d58c949c70a7c72503e81b965413250a1f9924be1aa0f833378c2aff147c595450b2ad1263ac28e729f07f25e78c88121ad984187c77a4f5f03adc70e60c2c9ffafc866d508d95cdd2533679e00d8565737ea0ed2246bde0c2f00131d2077cda9c20c1a5460b902348e63e37f0da85ca66c0946a4f3d02d26eae69c6a889e633c4e0936d09c40ed58e1d223c286dd735b17a3ab86b54d21e289e22101c421768fb590328bc5b7a972c49d1435459efc6c58d74303d36c1a9df81a33eed92ed4fdcfdf231aa48d61de791f5ad6546c79d9d22ef1ce7dcd61922b9b86e38f3f8e6ebfea7f1ac2e5b3b7ed29787e1317f07f15b613038189e56b345f82846afab275eb57ef69a17169b3b9a1d51fb46b98f7a7fd145f9932a0b172c3afca97b098b951912b14eab6c535c7ad242fbc614bb38f380068c2dc58db1466dcf736e83e6ba69f4ed993321bb84a6545e918a92aa571548178399bfeabdba836d76feb0ce089e953ff3554c3f22cac4275216a5f8c064a40f8043ee55b6b5c2fcfe85d3a3f4e038e3fefa3ee0d59617129dc88c1c8395bc88e1076dfa02ebd14301ae5f33e0b317ce43ae64ab64cccb2e74ef6b8c9176f1a4d054246ba1a47ab45a053978d253d2a15d6aaad37ffd89a77e91575fb8dc2bbc0ea8ef8e197966066771acfae9e2a51e33e243aecfe20ef8efef410469eb37a8cfb1a0e74c60b200fd408bdcc0dbe09e877012f49775cd4c782c5020428a3626a60e89756347124eb04a84367d86083fd65c42df0852feca90604893ee7bd40e9933e98ef6bd736db2802b3c8ec6b6aaac88c61eed898a32f604e9d6b919b46f8907b98e3a9725aa47e79b6837ebb1b8bf4bbfc2d3d950d7809b08d0672d5dafdfec8884cb4dcad9a3ac6af6ab6e7708bba92b174535daaa888697ee7d79f9b45aa2f02e1ab207fe1eca68861909030c1577d4404e3865b1518714d2b280a03915018f269b65fe9e35f0c907ad521b38b060786c52dfdc6b8edfcfa03866bd22df5f3c1881e9c3313164c41c404b4a35811c7d7eab3cb68e743ea75d75249a117306016c4df2f32b3a06583c5d6d13f4044a48cd301da4065aec075169340c1ed4491af2753bb4bbdf657b2c1e34bce16e7c2b700759f4779478e722586da2f01bad756499c1c136bd88473391956d813df56e67608e44559e32871d97eff6eec34ade7964e5b1d0e2a22b488c37104e879fa2f52957e820f0007615e80931ab4ce956d7ee0dd5f9528a279eea79deab5b4b3fe4fe9e8fc59fb768a3e92b7403358137dd5eb3054e180c6d5257716692e77c5e74d46f109988b174bf9b612186a6d56291fad1a6dbaf02551d7148bf948e6140b1f15f8c50b4dbe9896c51629c7b9fb62e2114dcdaf06283c480714abb1d1d3f12ae99fb61fabd8148b1fcd42b3cee16806a7c80b73dd47187118df3ddc0d8b165381921671aa693e9b24f12e44828b6ea72abd1ff0c9365daa43cd669887f1c99efffe2334d36c5330849f1ca895d0a45ea6d5f5be94073d104fe8cd6d25f5c4547a8b9b026fe8cb11ec93e3d32ddddbac8138f41962a0f48f9788d7e5fd53f76ef323229fd32c36dd3c25db65c1114063c3ba5996b7537f49bf04807078fc95f2aedd7655a9b1d161abe8878de44da36a2720b4245cbf3f6699fd5218cfca02466e8e5fc5202e2266b0ce1ef99a10a980bfa195880231aacab4d1ae0d16597356a4aa82777b7d3bd4acef89f8017e60cffbb3830fd1fd194f7e3591e46a6b6fc64fcbf64618751003d7a25a45e0d4b5ac4b5971a2b62439a51b409e9a2102e64b9cf2ed13f51a72407b2c708de4ffe4cca36b75757e4ad403bce87c245c19408c94e1660dedc349e40615fb6c9c5979e83b33113971152057f537e72e607dcb681a0fcd399909ee9f69e10ffdcd3cbaa383ad4f4b77e3aea1e32bd42877bab0dd86d19e92e9e7b787c059662c779c8b4b1a4ed118f795fe2a28fa3cc3288811c5f31b33a1153978f613ee064b57df36220eb2394eda2ceafac873fc56e4dac3ac4e6c7aa74cde88be6608e986c6a75040a18b9c89f7e4b6e5e7c5a688f3c9733f0f41a0a59f63902b5dcf966c9283d86423f44fbb19f56bd36287953ebbffce5ab8f80d8e865c2babf6ce78f9f7d8415b06a4bd870cfd9a972a30c0d20bc8120cad44e1fcba021dffb723bb0be04a229365fabddd3946e186cc746566a1f01efac57876c32406d1a919e6b0261fbefb61da62907c362a0b50f8a1d7cd309d746377f142bd018590402537eba61fd874633015839a70b17b076ea7bd0d78d3904c359a2ee9a4a67ed393116066b3d651db9aa6c267c93781fb5536e1fe1e413b8b494d73a4854ad672b94592d2a3dcd6c89bf8d9c7b85259c8eed14b3c311c33b0bda9c49937a53ed78eac472a34b07754d53285ed48315e10474deee6eabe064363c41b7fa62ec1e31bb32b779a342d36f968d867f90ead4f3fde300f59287677319a59e96cfb5707bbfa15898c5f69e57b7d1c6a3dc5c2c5a958e738b3fa1eafd96669dda53f645b55493a6ae2b558c1be32ccf43e54dcc2d15530c1656390c73de862395a652b8e66467c66d502b00abe488858b03d465fdebbcb1a918f854b3dc0a8a8f1463de2f342f7b891f639bfcce99408d14b3abb80c3d21cb9062401661d3978a4f2f1f623ef25a1fd6da043b7bb0f9d3488aa3bcc0f35bc7ff452f6bd00a4a02b131b981150938e47982976be5a76f4c9a5a2dbbaa063f3406f34f0c8592272c1a6e1b3b9eecf0878fbbfb76dfce53c8cd647220352d4bed4e59dfe2673c57fc50fc92e69bd6a56736609209244ed13059448fadd4886540fbc0a20522d09fd917204b12d461997ee9f5a75297ae9340647e61f7bb840fa54400ba851f6146948c67428ce92efade0044ac02b75e051c26c254c110bc22e2455e458136ee85c57ce802a9267c1c3453dc7c4cb8da38c2eb6389e1", 0x1000}, {&(0x7f0000004100)="52866935d78f2cbd70eb4ebe94d2e57a5c2e2e2da8befeb47b5a69bdd5823b414f380b402e704bee65e1aff4ae1ef3bcfb256db998a0c13fa62cf9679be7a8945d7921c6865cc2e7e23a41621c4127c35557b7b663d594d7ceada36640449e92dd41bcbfb91680107888a69e5c803965683dbc4d275164bf3a3243cbe505b66fc47dc1937f5518ce689d2fbb9da3363b9989526b12894e8eb9ea746fb2e655bab7897bee1426e05f9625dec170230602b2a20e67496192be", 0xb8}], 0x9, &(0x7f0000004280)=[@rights={0x20, 0x1, 0x1, [r5, r0, r1, r5]}], 0x20, 0x4000000}, {&(0x7f00000042c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000005540)=[{&(0x7f0000004340)="36c9a96e6cb66ad79da6bf657ae9446e59680844f310f4c836c62419cddb0ebc6e16b051db008d2772aebbbb5096f2567008785bdf4882b950177c088d8e61f2614c477a192a6058069cd0182b3f259c8fcf50ae732915e1f07b8d975b119d1a324a2e7c21c47100d2525f7a2d7627e4d44d7eb14e004e6e01ada52271", 0x7d}, {&(0x7f00000043c0)="4773e50fa66007fed96d6e500b693fe01f66e210829575731a1bfda557bc88afc19e8d3b525769be5a30f99ffd638825fb4a8961622d23f8118f9b58c5cefa0512a1b028d2775e97920398ce81d6e39499906a1c2df1c7f08e9f310c125af9ce50ac317f0b7c1a2a4636b9965e74cff3b9ea67931aef4d26170fb4663e9ae05042a90f7206722c7a061b75b38d9cb549047a86c63c55078d103fd407516e9f37159fb2ad97f1c8985a083286c61ef0acae958636fc63af6226a65ba4630ee8448596d587da529bcc915e9517368dacf0a786edb48a0602595b3607e07d1be29d2bb8b591", 0xe4}, {&(0x7f00000044c0)="83e638c336d9d218910023e0ae32312548408e34252fdcc7e5515fa7c0b10793aeb9a0f46be37cb29d285533c1a4a47845825a089b9bf9ca67f45b79d0a0e504d0b7c353263ed3c8077614a24d81e9714b25ba809eb2379d24c7cb2743f1fd49d5b7558ab061de2191e1e74ce2134414", 0x70}, {&(0x7f0000004540)="edeaba4f32566aba624634d05d719059cdcf5cf1c528da0a46d853cfdc8cb6809283f306bdafd88e2eeb2d327820a6bceb95d147e593b3afb8e0d8ca10aaa968138f6de1c616ea4402efeef67822abc2459abac21b774fffce3a7e741dbbf8ca4bfc169acf27b1aef8d3933ae5358a3787d0e980a5e5fdc985932b277e260ec9f4ec0b4f65433a2a2671305b214171daf702f56c5b665f51f694c1fa84b4654b1dfee84fa7ad274e6e3990ff0e31b270b23df0e17f72b93cc2671f1b904f15670ab87173710b13908aa27a3cbdcfd99d88f6d8b4c638f003842bc97e130f1ab2a73ee0be99e56522a95fd1c9a3ade24cf80ce019e0aec4099c19a6f53ffe9844b9032fd3d24a06d954cd5c89734c12788f5b3bc6b8713689214556b665d2e5aa75cb74b3ad4dd89ba8d413a527454a11b18b22f06946d4d4d8b84d905f9b18b74b86ed9616df98c5506908ab426e413b6bac5eeeb7a9ab84d56d0c1ce74013396176a6cd1d15459fabffba89f138e53e010493740e9f1b6a986067ae2a325ba1473c37271b85353f7294053199aba115e46a9f98ec1b8d3fa4ad376db028ce8119cb0946dbfa9e74f1a94159eb4c4cbf534f85af6e9759d6e3f46f8c63be94d9160ee153ef67b63fd397eef96e2b1ca7c6a0cfa7001dfbba1777570442c02834d48fd656cfa9d61bbc39bc6def97f65276dd18b3d72be58802589202efecee70801e3bbce0c6ff24b05ccaad88edb8383925e7ac8570735c0c16710002b9ce6d812af634901f669202f1e53cba368aa8fe9c09487cb5c4ed3ef556fd16736b04914f3e5a8e8d0ea0fb1ba94bda35536e41fce7ccb8a7c18012337d4cbfe2902e2626fb914522640eca093d698e779ae008bd676cf5f7208c78fecf9615a7b878c2f40a5024e62d4a56c692e0ced0ef463718841cbace34ee1f4b5f15dc4213b5a5514b66afd75f902f93a3af905bea131bd48e25be2bfa6caf6f1e5f14e31798bc6aea55d71f4652aa772f54c1eef61ba9ff8f8639ec313cd2febf6d207cf41193d2ef35ea3b48222b47d37846b49a1f36cafc32bc2efbcdaf7d33412154e213515e2cbf61fe7953c29258a033a25ca1ae71ffbb2f9a02c18ccf785afd9e55c2f0aa9958b79800fdff86522fcfdb5757645adebd6d8123eabdcc70f94cd5e931e6de5ba32de1d76e4c0fbffaabf9bf631072681e085397abbaa111e94a727a0c7271cfba16bf80164d6ebcf198d25b1f8962ecb3027cac865321bfa33c732210ac7d7115bace93c8608ca4f6db60b86903e4e57397f9ba0603a457f27be6883bcc24af9afc5394855727f6a2841d7e7f620340020f5b5b34fd3baf8bf0a3954c8ac2a1ab3b03cba56c69f90f97fa22189c4fdef8f4f289deb3112559871d903e58e127aa0b6e2ba3d1d72f5918c191d87b336bdc51787becd063b584a11435b4eb4011d82c5ba3ec76f1d71f8e6e143663d60d9b57bbd55d48311fbb5ec87b73af8fc5ee23e5d9d5597bc8e68619451c62c0519976b2531774578b95f0f8102be73bb0ae66439cdf247a39609042275f0eff9232cf126adac6df11aee69a6a40814b2f49e407774707844f99d602abb331591d542a891c8c2cbf6fbfaa6740dc4a80967dd3690eaf77385e7adac61c20acb5c5edca7fbbd1beb68aba6946644ab9423e7301a59ab622adf03128ce55c937b4f16841bdd3a6b9d574b684144ca5a65e9485257469263e3ba53e038a849d0af22e97a35b8f43a43b000fb75072e40ca6a002df223de0a545f1f42a7764c756dcfde279405c4bef30ed0b9c2c77362ac6991bb3b108ab7f741246e08b2851887965cf0326c8535c9450ec03a506d0a04d2be5ba9d0d7fd57886e0a954e325723f15feda5421abd318e8e8637b2ad9ee52f63cd5bed57f5f48d0d1498a1846f6e36d6ddc61104c5d57bb5bb4735679be3bbef33148662c6d1e7f4551433b18b180075ee4e7c904167fdf4c372cc49b5ecab2d4ed2a871b137eef3f9a01bea436293d04fef653cc7be831aa50c3f803ff0758f3cfa1ed08e17eb135b428aa74bd226147c69950545833963aa4a2dbc73b076e0727c2d3211576c60d89e034d60792129701d1fabc48fedfe2b2259a301b7b07e8653623efd04932db6f70ba75c9f11a37fb9a284085fc386ddbb2b231ec0677fa350dc6b473e6d371291babd93a6ac9a9760ee605e72fff03e975d8b3132924a0d2cfcc34bc56a4e8e625bda3207f461fd7447cc091fad20efe3a923c069ae9216d06f8f383037100aaf554a60c5a2e47b551aaa5e214cc71e67f3e038607bc9ac8804e873d34774ac9c9a9ba4fccd616af06a6af5d8cd9de0dccb6eba7766e2a44bdbc227fdf6665667d48275cb06429874042fb739e14df37aa2da5dfe6d8a4489bd57746b448c2ed78230702913a2806397cb3e7f32c97cf1e682bc0ec6c464f3ee058d8a8cd6d3c4f560d21585c9891444effe184357074c9bc7f569e10e500108072f5a679b9a9ce4547e6e169d1672108e2a65a039c22d3bb74b807651cdd95514aed752e613c307ceae5dd6eb9b709b47f8ae79c588675c05237cff0ee1ee03524418d6d028d6d13e2a541c1c7fb6213716fbd655b385809ca4ac18225411524220683eefc856201e919047c6362ca52e723700f0e2c212c7e6ca675e1f9bdfc2a19f55aadfd0fd0c77cecd7bfc090d3ab1c8e217aefd09a4a087bb191b4bd867b28e46d8333f1f1292abd75497e66698f3b67c7cae19156377953ed3ae75cc0a14443705e6a50f124894c54b40659e832cf0210fd3544f1e142c1856b706d65e9d167387eda0b361aabc74b502d1843f7d8b8f4049901ebb5d8d42c49c3185f617ed1c4cf72336df3a994a20fdc54dcfc5b2750c97da1d1454f3fd53873542ae960578fb8c4cc487896194f2cb52eeaa97e84afd20318f8b7f253e5967b8b2bc9f550f52638bb4cc8e44967f1c0189d7d22206f1f28289e2f5eac2a26fe1f51e3baa299d5cbf3ced3bb64f87ebf6a56a91e3ff0c9af3894edf090feb270287fc5cdf7e13829d8fa67e93650ecf0dfc3e35919f84422d5c2e4f1a08ca98f8dc59001c07607a0ac73baca4e9b89d5307e1776faf26bbec62ef7c314dee2507759ec93ad6771c035376391a79aa28c9202a2b611b457dda953782b45e61c3454e02567474cdac7defe40ad19d73472171dc375ab46464a91f6de911af28f0ee93bc2d63f1e5b81e22847653dfdb38a0514d30093b0fb7aa0d84dd98138ebaab1cc23b0a3e93e41a0a8d4d78967db72ef0812dd8def5fd62df70865035f9e6b9687c2514bf1ec215a251a104eec76daca8b0d4e2bc169eff43ba266f52e6802418b93249cda19ed6e708410c77e91480601f83dbe3ebba9866786db2181d61411b5441f4da02dfa2c2279ca5f49b6bc25a709ad6a4f67aee92a3137d9256ecc25040470c61c86b236b76726b268870ba2fe344d671baf60aa77bd7b4c74dc9efa52849b65f678cebfaf47fc407741ada25e7d5ca2bb9492ecb4a4090789945f88bc1b9711beb266ae70cf640205a7ad0800fcb388c13caa612906bc5eab8bf1f99245a7e22f79383bba219b066371f5777976299e09ffedd81aa29a5277e5104aa6581671f11a4b6cc4629a2e363e4492e49b26c1a11f823281eb955cf5d849d7d8da79160bca6b0d48a3d0b0538cb6ae8d5f7a46508bee0c10fdef3c98af8f3a2c0ade12fa349d5de7e43709040abcde3de6ba746557babfb3bfc3e500f1e672f06150cd760388f1fefea02a4d3705feba33c8ce1fa445f3e315cdb0f5c441e7ef9d59a2908723fab20f7b9ecae58769a32725e0e644af5065151450d966a75d85b9d7e63de7a22e7d332274ca3447f4a471c48b2fa6b062ada0d7faf2e7692c672c743edae46d8d549ddb5af37973236c16359055e18729926270f1ac9435729801bd2a9061e91e1cf35557e780bc6f11083f9a4eed3f66337e357ae9b3e84f640c23910fca34243bab4935f5037712ed5c6acbc8cec39fe5f0a7814a6b9325b84ce2729b68fd81732f056d9168ef669a4e85bf5c555b62ebd9bdc2406276f170639e98a2d26d1754753aecf023b4a40d2d9d8e0e75d475aac1666ff5afbc8902ee8aa4b3a6f763948a492ac172e1ee84cdee402d4d3080fa6401ffc8b8ce8cc00c7fb9bb41ff6a0df363b926cf8eccf43ec81b0c807c5e9d1805a907cd2613fcc7c3fff9d3b21fd576dd92e2216da856c37715a2e66e0ab55854a44bde45fc38c3be64b929d2d3dc78ff20b0ae0d11351596c3a689ce98be8b7600c9bf9f7728dddc511607173f90b814d879b83633a7e569d9d9f00b60dc9740ca34867b0ff4ac6e36131cadefad2fbeacbb965646ccc0aedf26a2b7e8c945b2d3c9558c342e856d287d2f7d346e4af3ac29f87393226cd4a4ae45c927872f8db0f9836182ab4230b5399591168387e0213336d9ef689a01a8988faa87b9eec8b2d2016d5bfd249e8ea95ae299d745ef9cae3942a12428af2bc335d9794f2ae73f030a49bac8fee3f90b985a7824cb14558b7f665beb3b53cf44aa4e0f68fc30fb69b60abbd6d251c34fa9dd6342d42209b4c4ac63f9b73c2857b49366df995bdd83c8935d09a790ee182ad86d085582a1dc50dc00300092de08fe1db6e8a928f4e5f196fcaf8fb7274bc98480a8392a41e55029439e4dbec295c5587c55a509ed3f2015bcec7ecca7c07b1e8893ff0c0afe7b7b1f80b8389ddcc37f5a8f852ab09425c3be7240fe89c393300b85a59fa64d3d78f94a6415c30904580f96df3b9f415e6a0b95df9664069864e51bdd867531b6f2728aeadc7fa378fcc494b802cad51c853dfc8c2b1173cdb4e5330224bdb649145bb867ef675d6df9c7897fc63a08415ffaed079b4a94c1b64ca8549779a7f270e4084ebe404f67fa4652e18e54b70170d6bf8ad4f5a2b1c1a284a3e9211e1d5a17e873616039241e8825a94417b9714dae52835cefcf4f1727f129c41d5065b7182bf8e7bd3b49abd3d109544a59aadd9d0db0ba4e1f07682aaa4c634fc474be8a3a78aac3a7c7272199ade3310e0c64260a614db79648e52ef23237eb0facc86c7f64936e8d2e85d4e1e7a357e84478b4e33f1df1c7af975bd28ea6db5fa136f8d30904a412912bee97fca56865ecb5a1d627b52bcb2044e9c8abb8b457789212f1ffb86f5512f8407d5ba7bafbacc5e71ef921ef9b5067a9f45365be602b6251feaa6b51b42ab57e2ae6d6ee13437e42e0268f6c96daa268117c2bef337bd48167c2ac4a905de93e7c360491fc08741c273904f7d6e07d7ece3202c18a91f1d971c1336c854c397a914d55bb228c79573b86020aba1bbdf6cd1546f251fb1271d701af2025a8c86652d868c7279a1f80160ff1f25695c2cf9ee55fe0c9bf05c9d9607ffef86e17d127da48cc05ce2f945d8c3bfa6c842b6af6bbb798f5ba705ddd478aa46c2aafc4c74e10bbb4a209d2130f52ac99669b8e2a63887fa8c544a8b4761d25efe4658005fa838bccf59ee6888b30506d9612d328c13d8bb98f3054ee94ea4bf1249d998ed199f7d56d347f91bda679eb749b8b3f8a65a63677cc45a05796fdb31baaf72f1f04f9e324e9d592fd342ee5e4363b23ca8c232b8b3cc9a6f5e99971eeea38484c1b6c4e9e876a61fd27b2e2f443041c02ab3547ef7bff0703b8a770d2a51236d0fcd7dd0fcfed659cd3a63939326d7cb60b0c0537e831bf2bed6078b4e2467594504e33b0f60079734c43e1dcf471bbea510fb9987e27cfd450405951dc14b12c", 0x1000}], 0x4, 0x0, 0x0, 0x800}, {&(0x7f0000005580)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000005940)=[{&(0x7f0000005600)="60e61708beec751e8b0c51133ad3700a4268c2e13a3759f38352a0ed8b6b60206cba35cafacd8df544396d977eade22a856351586fc43d2d580f0fcc684948008b80d95e334ed71795b8ab810cf24b981db53ab63c4c8194d65290cbc5bda8a39ed9b4e3242c34a871487c72e3e14eeaae2baf84bd485dac4b777d85d5fa639b1a1dbddf97a146c011d3cd38c932f20fe12c12f15c21b5bab5d8b2e4000173e5e0b078691a6d7cc4db34c15fc4bda7e20cd69af828f354f7d87c9a659c8e5d034061cd98d0ee87d1efb75d5352a41e4f847ac8584e97843a1a1cf4c2a18383c908315dc225bedca1ca1b", 0xea}, {&(0x7f0000005700)="bf7b4e182eb5a561d3cc2621d7cfaa47b3eec4a7d3140786871adb6eea33a2e9cacd1ff363b8229e0ac9a690dc82da66592d246c1cb440c4915a5c01bceaa478565393fb3fecd145bced2323b714d752f65f77a2304e3cb2d86dbcab452936ea14354f162f1fdd65992dbb5c43ffaf6738a5e805087b938240e0b8ac439b1adfdc81714bad70edc436d0c59a44ff72dffb638a142e57e025a2e3384112cb7c770960c7593900a5", 0xa7}, {&(0x7f00000057c0)="e70fddd3e5fc8e7554ec813f351ba7", 0xf}, {&(0x7f0000005800)="12d9574f66847df7d7e1195f41360f9359f06066744bc46af31eae5276f18e26a76fa2cfabb969957281ed16f3caccffd46c072bdb27e075d0aa8b4d20bd41e7097324536541de0ed2215172925bead8a1d0e5cf377353f5c33d942dbca9197a3cf8c6ea067b438bcbd477c179a4592e5415a057b058f5d6d256db95774d8c6a415a7322f86eb6a861d4621d2eb410d53c39f62da58eca650d2c7967bba695fc477500cbc5038c", 0xa7}, {&(0x7f00000058c0)="b239f5a2ea08fa1d76bce19e47e67b1faffd47279c510f4c47689413ea3aa9af2a6ecb5dcdb99ad43cfee389a64a3da1dd05e23be891c3c60ad3b197f18ddd8d0f", 0x41}], 0x5, 0x0, 0x0, 0x4008811}, {&(0x7f00000059c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000005e80)=[{&(0x7f0000005a40)="c0ed0a367aeb57f35d3ce92be81a2c41259b75bacd436662433bca39dcd9572d1354a24a5dd6333aecd3f2e71f5580b3cd308c9eaaf58b6c13c0e53fd463a45ad285b1d79e3f7ddff7a2be4bd737654352f3b2d2cadcacc8679d7c05a62efb31fbd7cf132e26e49d6e7214756050a20aa18f0c3544594a93e10044cdfeab03fc13", 0x81}, {&(0x7f0000005b00)="d0a4edc6e511a55c7767e599f23a726a06bfe05372ec76075467d5650a197e3be11fc88e72bc1e1f44aa1278f151b515c6417b2a05e46907a95ecb6814056e836820e63266f79f28c943fb6d175e15ccdeaf8fee2716", 0x56}, {&(0x7f0000005b80)="27a35cdff9de38e1cad628f7d5b5e77d1eab038e50057fbd5db33288bca68a56bb870bac1a11689072b777f806524242a445e69eae69c6f585c9fd2c38ac0a7f8445c7f7adb37148e5a791793728de7fcaabbbd4bab72783f92a837916722ee5be64975ee17b266a8d44f304727cf193ca3c63d9f94654c5e6f2461b25f1d0f90db25cb45d1a330d121301ec402257fde2", 0x91}, {&(0x7f0000005c40)="f366251a86228a20b50b45de14e42019b9377c237c22290f254a684e076fa8258b79ccbeb1a4f1622faeee84caafdda8c4a8c45cc3dd991aca2c13bc5cd68bdb285bcd5613699dc9e209afb5e4094a265604bd252cd640e5d55859fa0a5f59b7c03ee75c4a19df6d739da852134bc2b2b215783377e90c639fc3634f92bfcc312745060bb248857dbdf41d2ae749e3af909b92b7b8b2009e3b83da1c473759cff2273ac165d89a54c807529aabd6b82f20475d9435c0e297b6c60de808620eec12344f90762b2090233cfd32b230619d49b247c69f03a9796d5827047e07564959af42cd007cec1c8aeb702187123145e59a", 0xf2}, {&(0x7f0000005d40)="8a40d24a3a7961dbfce228de9ddaf88feddb557a64307ced91d9bbd11f06bac764e4f9be5aa1de38c53439a1cd876809c22718b47c390a4d8ddcd34d805eff7e954fe36e412650add0a2e642ec169c77", 0x50}, {&(0x7f0000005dc0)="b946e331c98fc20304870d23339d6a428f8267507bc42a4459ed30f894ca5b712f8a79b7589dc7080a5db3d4643e2def06a553844204ca7a305ba4ec88e33936c960d58b3a6aa3f994323c40c341ecd21114ef79123c6f925c5ca1e150a87ef92e2aa320ece2c6a502c2e4f896bd2985bfccbac0a77b63efd125477f5c2973e44fd1becc629f0fabbeede5f06c", 0x8d}], 0x6, &(0x7f00000066c0)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32=r12, @ANYRES32=r13, @ANYRES32=r14, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r15, @ANYRES32, @ANYRES32=r16, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r17, @ANYRES32=r18, @ANYRES32=r19, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r5, @ANYRES32=r3, @ANYRES32=r0, @ANYRES32=r5, @ANYRES32=r4, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r20, @ANYRES32=r21, @ANYRES32=r22, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r5, @ANYRES32=r3, @ANYRES32=r0, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="30000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r1, @ANYRES32=r5, @ANYRES32=r4, @ANYRES32=r0, @ANYRES32=r4, @ANYBLOB="001a37070000000000006213bac626a120001000"], 0x100, 0x800}], 0x8, 0x20000000)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  582.767415] F2FS-fs (loop6): invalid crc value
[  582.774493] attempt to access beyond end of device
[  582.779573] loop6: rw=12288, want=12296, limit=64
[  582.784651] F2FS-fs (loop6): invalid crc value
[  582.789357] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
[  582.796235] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  582.803429] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  582.811143] attempt to access beyond end of device
[  582.816164] loop6: rw=12288, want=8200, limit=64
[  582.821095] F2FS-fs (loop6): invalid crc value
[  582.825850] attempt to access beyond end of device
[  582.830873] loop6: rw=12288, want=12296, limit=64
[  582.835964] F2FS-fs (loop6): invalid crc value
13:47:31 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x900, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:31 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x5, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  583.009059] skbuff: bad partial csum: csum=0/65535 len=14
[  583.030302] FAULT_INJECTION: forcing a failure.
[  583.030302] name failslab, interval 1, probability 0, space 0, times 0
[  583.033068] skbuff: bad partial csum: csum=0/65535 len=14
[  583.041617] CPU: 1 PID: 9366 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  583.041629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  583.041636] Call Trace:
[  583.041675]  dump_stack+0x1c9/0x2b4
[  583.069656]  ? dump_stack_print_info.cold.2+0x52/0x52
[  583.074853]  ? __kernel_text_address+0xd/0x40
[  583.079355]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  583.084908]  should_fail.cold.4+0xa/0x11
[  583.088978]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  583.094104]  ? rcu_note_context_switch+0x730/0x730
[  583.099045]  ? graph_lock+0x170/0x170
[  583.102862]  ? find_held_lock+0x36/0x1c0
[  583.106933]  ? __lock_is_held+0xb5/0x140
[  583.111015]  ? check_same_owner+0x340/0x340
[  583.115342]  ? rcu_note_context_switch+0x730/0x730
[  583.120280]  __should_failslab+0x124/0x180
[  583.124521]  should_failslab+0x9/0x14
[  583.128337]  kmem_cache_alloc+0x2af/0x760
[  583.132490]  ? lock_downgrade+0x8f0/0x8f0
[  583.136647]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  583.141673]  __kernfs_new_node+0x127/0x8d0
[  583.145915]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[  583.150676]  ? graph_lock+0x170/0x170
[  583.154484]  ? kasan_check_write+0x14/0x20
[  583.158727]  ? __lock_is_held+0xb5/0x140
[  583.162793]  ? wait_for_completion+0x8d0/0x8d0
[  583.167392]  ? mutex_unlock+0xd/0x10
[  583.171111]  ? kernfs_activate+0x21a/0x2c0
[  583.175353]  ? kernfs_walk_and_get_ns+0x340/0x340
[  583.180201]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  583.185745]  ? kernfs_link_sibling+0x1d2/0x3b0
[  583.190335]  kernfs_new_node+0x95/0x120
[  583.194324]  __kernfs_create_file+0x5a/0x340
[  583.198745]  sysfs_add_file_mode_ns+0x221/0x520
[  583.203422]  ? component_del+0x550/0x550
[  583.207494]  internal_create_group+0x422/0xcd0
[  583.212095]  ? remove_files.isra.1+0x190/0x190
[  583.216679]  ? up_write+0x7b/0x220
[  583.220238]  ? up_read+0x110/0x110
[  583.223797]  ? down_read+0x1d0/0x1d0
[  583.227528]  sysfs_create_group+0x1f/0x30
[  583.231695]  lo_ioctl+0x1310/0x1d90
[  583.235330]  ? lo_rw_aio_complete+0x450/0x450
[  583.239832]  blkdev_ioctl+0x9cd/0x2030
[  583.243723]  ? blkpg_ioctl+0xc40/0xc40
[  583.247625]  ? kasan_check_read+0x11/0x20
[  583.251781]  ? rcu_is_watching+0x8c/0x150
[  583.255933]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  583.260616]  ? __fget+0x4d5/0x740
[  583.264085]  ? ksys_dup3+0x690/0x690
[  583.267807]  ? kasan_check_write+0x14/0x20
[  583.272048]  ? do_raw_spin_lock+0xc1/0x200
[  583.276302]  block_ioctl+0xee/0x130
[  583.279932]  ? blkdev_fallocate+0x400/0x400
[  583.284259]  do_vfs_ioctl+0x1de/0x1720
[  583.288152]  ? rcu_is_watching+0x8c/0x150
[  583.292306]  ? ioctl_preallocate+0x300/0x300
[  583.296716]  ? __fget_light+0x2f7/0x440
[  583.300695]  ? fget_raw+0x20/0x20
[  583.304148]  ? putname+0xf2/0x130
[  583.307608]  ? rcu_read_lock_sched_held+0x108/0x120
[  583.312630]  ? kmem_cache_free+0x25c/0x2d0
[  583.316870]  ? putname+0xf7/0x130
[  583.320332]  ? do_sys_open+0x3cb/0x760
[  583.324231]  ? security_file_ioctl+0x94/0xc0
[  583.328648]  ksys_ioctl+0xa9/0xd0
[  583.332113]  __x64_sys_ioctl+0x73/0xb0
[  583.336007]  do_syscall_64+0x1b9/0x820
[  583.339902]  ? finish_task_switch+0x1d3/0x870
[  583.344402]  ? syscall_return_slowpath+0x5e0/0x5e0
[  583.349338]  ? syscall_return_slowpath+0x31d/0x5e0
[  583.354283]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  583.359657]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  583.364512]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  583.369702] RIP: 0033:0x456ef7
[  583.372904] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  583.391809] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  583.399523] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
13:47:32 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f424852", 0x44, 0x10000}], 0x0, &(0x7f0000000240))

[  583.406801] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  583.414071] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  583.421348] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  583.428618] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000011
13:47:32 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000040)="0a5cc80700315f857150703bffdb0e10f836ad65e9a191a4d8898ca3709750841e2211a6914c9f3196e9833edf8db48a347c7977b9ab64dfcde50393b0fbc04c24dc48e82b17325ee34f095539bc4111e864f077d20000000000000000000000000000")
r1 = timerfd_create(0x0, 0x0)
timerfd_settime(r1, 0x3, &(0x7f0000000000)={{}, {0x0, 0x1c9c380}}, &(0x7f0000000100))
dup3(r0, r1, 0x0)

13:47:32 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2c0401, 0x0)
ioctl$void(r0, 0xc0045c7f)
sendmmsg(0xffffffffffffffff, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000540)}}, {{&(0x7f00000004c0)=@in6={0xa, 0x4e22, 0x0, @mcast2}, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1400000000000000290000004300000000000070"], 0x14}}], 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
sendmmsg(r1, &(0x7f0000007e00), 0x136a88c8311572c, 0x0)

13:47:32 executing program 4 (fault-call:0 fault-nth:18):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:32 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f00000002c0)={0x1})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000300)=[@in={0x2, 0x4e20, @multicast2}, @in6={0xa, 0x4e23, 0x1, @loopback, 0x3}], 0x2c)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:32 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x22647, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:32 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x1f00}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  583.681916] attempt to access beyond end of device
[  583.687109] loop6: rw=12288, want=8200, limit=64
13:47:32 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r3 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x4, 0x202)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r3, 0x5386, &(0x7f0000000040))
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f00000013c0)={0x2, 0xf000000, @ioapic={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [{}, {}, {0x0, 0x0, 0x0, [0x0, 0xc0ffffff]}, {}, {}, {}, {}, {0x0, 0x9, 0x0, [], 0xc0ffffff}]}})

13:47:32 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f4248526653", 0x46, 0x10000}], 0x0, &(0x7f0000000240))

[  583.754180] attempt to access beyond end of device
[  583.759296] loop6: rw=12288, want=12296, limit=64
[  583.766359] attempt to access beyond end of device
[  583.771663] loop6: rw=12288, want=8200, limit=64
[  583.777180] attempt to access beyond end of device
[  583.782292] loop6: rw=12288, want=12296, limit=64
[  583.803572] attempt to access beyond end of device
[  583.808671] loop6: rw=12288, want=8200, limit=64
[  583.813983] attempt to access beyond end of device
[  583.819134] loop6: rw=12288, want=12296, limit=64
[  583.828210] attempt to access beyond end of device
[  583.833232] loop6: rw=12288, want=8200, limit=64
[  583.838723] FAULT_INJECTION: forcing a failure.
[  583.838723] name failslab, interval 1, probability 0, space 0, times 0
[  583.850245] CPU: 0 PID: 9405 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  583.857192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  583.866566] Call Trace:
[  583.869183]  dump_stack+0x1c9/0x2b4
[  583.872695] attempt to access beyond end of device
[  583.872822]  ? dump_stack_print_info.cold.2+0x52/0x52
[  583.872872]  should_fail.cold.4+0xa/0x11
[  583.877860] loop6: rw=12288, want=12296, limit=64
[  583.882993]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  583.883022]  ? __lock_is_held+0xb5/0x140
[  583.883045]  ? wait_for_completion+0x8d0/0x8d0
[  583.905683]  ? graph_lock+0x170/0x170
[  583.909489]  ? mutex_unlock+0xd/0x10
[  583.913214]  ? find_held_lock+0x36/0x1c0
[  583.917285]  ? __lock_is_held+0xb5/0x140
[  583.921367]  ? check_same_owner+0x340/0x340
[  583.925701]  ? rcu_note_context_switch+0x730/0x730
[  583.930640]  ? sysfs_add_file_mode_ns+0x245/0x520
[  583.935494]  __should_failslab+0x124/0x180
[  583.939736]  should_failslab+0x9/0x14
[  583.943542]  kmem_cache_alloc_trace+0x2cb/0x780
[  583.948242]  ? device_create_file+0x1e0/0x1e0
[  583.952740]  kobject_uevent_env+0x20f/0x1110
[  583.957164]  kobject_uevent+0x1f/0x30
[  583.960969]  lo_ioctl+0x138e/0x1d90
[  583.964616]  ? lo_rw_aio_complete+0x450/0x450
[  583.969119]  blkdev_ioctl+0x9cd/0x2030
[  583.973011]  ? blkpg_ioctl+0xc40/0xc40
[  583.976907]  ? kasan_check_read+0x11/0x20
[  583.981058]  ? rcu_is_watching+0x8c/0x150
[  583.985212]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  583.989897]  ? __fget+0x4d5/0x740
[  583.993359]  ? ksys_dup3+0x690/0x690
[  583.997081]  ? kasan_check_write+0x14/0x20
[  584.001319]  ? do_raw_spin_lock+0xc1/0x200
[  584.005588]  block_ioctl+0xee/0x130
[  584.009223]  ? blkdev_fallocate+0x400/0x400
[  584.013560]  do_vfs_ioctl+0x1de/0x1720
[  584.017460]  ? rcu_is_watching+0x8c/0x150
[  584.021618]  ? ioctl_preallocate+0x300/0x300
[  584.026028]  ? __fget_light+0x2f7/0x440
[  584.030008]  ? fget_raw+0x20/0x20
[  584.033461]  ? putname+0xf2/0x130
[  584.036919]  ? rcu_read_lock_sched_held+0x108/0x120
[  584.041940]  ? kmem_cache_free+0x25c/0x2d0
[  584.046179]  ? putname+0xf7/0x130
[  584.049640]  ? do_sys_open+0x3cb/0x760
[  584.053538]  ? security_file_ioctl+0x94/0xc0
[  584.057969]  ksys_ioctl+0xa9/0xd0
[  584.061431]  __x64_sys_ioctl+0x73/0xb0
[  584.065326]  do_syscall_64+0x1b9/0x820
[  584.069221]  ? finish_task_switch+0x1d3/0x870
[  584.073723]  ? syscall_return_slowpath+0x5e0/0x5e0
[  584.078656]  ? syscall_return_slowpath+0x31d/0x5e0
[  584.083599]  ? __switch_to_asm+0x34/0x70
[  584.087666]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  584.093038]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  584.097895]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  584.103084] RIP: 0033:0x456ef7
[  584.106283] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  584.125182] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  584.132915] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  584.140184] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  584.147453] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
13:47:32 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$rtc(&(0x7f0000000040)='/dev/rtc#\x00', 0x20, 0x440800)
r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x40, 0xa1)
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000000c0))
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @local, 0x7}, r2}}, 0x30)

13:47:32 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309b9, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  584.154725] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  584.161993] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000012
13:47:32 executing program 4 (fault-call:0 fault-nth:19):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:33 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x97ffffff00000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  584.515017] FAULT_INJECTION: forcing a failure.
[  584.515017] name failslab, interval 1, probability 0, space 0, times 0
[  584.527003] CPU: 0 PID: 9443 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  584.533947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  584.543309] Call Trace:
[  584.545931]  dump_stack+0x1c9/0x2b4
[  584.549604]  ? dump_stack_print_info.cold.2+0x52/0x52
[  584.554829]  should_fail.cold.4+0xa/0x11
[  584.558917]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  584.564058]  ? lock_release+0xa30/0xa30
[  584.568067]  ? graph_lock+0x170/0x170
[  584.571906]  ? find_held_lock+0x36/0x1c0
[  584.576001]  ? __lock_is_held+0xb5/0x140
[  584.580142]  ? check_same_owner+0x340/0x340
[  584.584495]  ? graph_lock+0x170/0x170
[  584.588324]  ? rcu_note_context_switch+0x730/0x730
[  584.593269]  __should_failslab+0x124/0x180
[  584.597500]  should_failslab+0x9/0x14
[  584.601300]  kmem_cache_alloc_node+0x272/0x780
[  584.605899]  ? find_held_lock+0x36/0x1c0
[  584.609974]  __alloc_skb+0x119/0x770
[  584.613687]  ? skb_scrub_packet+0x490/0x490
[  584.618018]  ? kasan_check_read+0x11/0x20
[  584.622165]  ? rcu_is_watching+0x8c/0x150
[  584.626322]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  584.631005]  ? netlink_has_listeners+0x2cf/0x4a0
[  584.635753]  ? netlink_tap_init_net+0x3e0/0x3e0
[  584.640422]  alloc_uevent_skb+0x89/0x220
[  584.644483]  kobject_uevent_env+0x866/0x1110
[  584.648892]  kobject_uevent+0x1f/0x30
[  584.652701]  lo_ioctl+0x138e/0x1d90
[  584.656353]  ? lo_rw_aio_complete+0x450/0x450
[  584.660877]  blkdev_ioctl+0x9cd/0x2030
[  584.664774]  ? blkpg_ioctl+0xc40/0xc40
[  584.668685]  ? kasan_check_read+0x11/0x20
[  584.672859]  ? rcu_is_watching+0x8c/0x150
[  584.677035]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  584.681742]  ? __fget+0x4d5/0x740
[  584.685202]  ? ksys_dup3+0x690/0x690
[  584.688939]  ? kasan_check_write+0x14/0x20
[  584.693185]  ? do_raw_spin_lock+0xc1/0x200
[  584.697445]  block_ioctl+0xee/0x130
[  584.701082]  ? blkdev_fallocate+0x400/0x400
[  584.705412]  do_vfs_ioctl+0x1de/0x1720
[  584.709289]  ? rcu_is_watching+0x8c/0x150
[  584.713433]  ? ioctl_preallocate+0x300/0x300
[  584.717845]  ? __fget_light+0x2f7/0x440
[  584.721829]  ? fget_raw+0x20/0x20
[  584.725296]  ? putname+0xf2/0x130
[  584.728763]  ? rcu_read_lock_sched_held+0x108/0x120
[  584.733787]  ? kmem_cache_free+0x25c/0x2d0
[  584.738024]  ? putname+0xf7/0x130
[  584.741478]  ? do_sys_open+0x3cb/0x760
[  584.745369]  ? security_file_ioctl+0x94/0xc0
[  584.749775]  ksys_ioctl+0xa9/0xd0
[  584.753233]  __x64_sys_ioctl+0x73/0xb0
[  584.757117]  do_syscall_64+0x1b9/0x820
[  584.760994]  ? finish_task_switch+0x1d3/0x870
[  584.765478]  ? syscall_return_slowpath+0x5e0/0x5e0
[  584.770400]  ? syscall_return_slowpath+0x31d/0x5e0
[  584.775329]  ? __switch_to_asm+0x34/0x70
[  584.779389]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  584.784754]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  584.789613]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  584.794812] RIP: 0033:0x456ef7
[  584.798002] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
13:47:33 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = shmget$private(0x0, 0x4000, 0x1c80, &(0x7f0000ff9000/0x4000)=nil)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000300)=0x14)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000340)={@loopback, @dev={0xfe, 0x80, [], 0x13}, @remote, 0x8c3, 0xba08, 0x4, 0x100, 0x20, 0x0, r3})
ioctl$TIOCGWINSZ(r2, 0x5413, &(0x7f0000000040))
ioctl$KVM_S390_UCAS_MAP(r2, 0x4018ae50, &(0x7f0000000100)={0x2, 0x80000000, 0x400000})
ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000240)={'yam0\x00', 0x43})
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r2, 0x80dc5521, &(0x7f0000000140)=""/189)
shmctl$IPC_RMID(r1, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)

13:47:33 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f4248526653", 0x46, 0x10000}], 0x0, &(0x7f0000000240))

13:47:33 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0xc)
r2 = getpid()
r3 = syz_open_procfs(r2, &(0x7f0000000380)="e66ce5f3c4e1eb2c9b8db7de38053afd8edf2f933cefbeaef4d5ff2865c78d925da4eed9af99010076d9791834c5")
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000140)={0xd000, 0x1000, 0x3e89, 0x3, 0xfffffffffffffff7})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r3, 0x8008ae9d, &(0x7f00000002c0)=""/25)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  584.816893] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  584.824622] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  584.831887] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  584.839156] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  584.846415] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  584.853681] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000013
13:47:33 executing program 4 (fault-call:0 fault-nth:20):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2, 0x0)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000200)="681604810bf9fcffe352b28ef7e9f7d4363ee17901a6850e4ae33c2194e48d61da7263f1c233feafbc9f424f80f34c3e59763a766f63f65a8c5ef063370f487fbe302b7a68ad55c34c3afd8e5c0dfee3c3fe720232ffb27b75d8795446b648feb6903c1eeacdd8fd4c4002f2911dc7fb4e408ccdaeba7b87024901d7e6a2aac4ee3611ec9188215005e06f4cdb31c958ae5e13a9e058a0f9c773d668fe6afd6ae2470a417760376ff88272052872baf485c50023934860653afae3d24e721316", 0x35}], 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040))

13:47:33 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xc}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:33 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309b0, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  585.231742] FAULT_INJECTION: forcing a failure.
[  585.231742] name failslab, interval 1, probability 0, space 0, times 0
[  585.243101] CPU: 1 PID: 9481 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  585.250034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  585.259386] Call Trace:
[  585.261988]  dump_stack+0x1c9/0x2b4
[  585.265636]  ? dump_stack_print_info.cold.2+0x52/0x52
[  585.270845]  should_fail.cold.4+0xa/0x11
[  585.274914]  ? __kernel_text_address+0xd/0x40
[  585.279423]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  585.284533]  ? __save_stack_trace+0x8d/0xf0
[  585.288919]  ? graph_lock+0x170/0x170
[  585.292728]  ? save_stack+0x43/0xd0
[  585.296360]  ? kasan_kmalloc+0xc4/0xe0
[  585.300275]  ? find_held_lock+0x36/0x1c0
[  585.304349]  ? __lock_is_held+0xb5/0x140
[  585.308421]  ? neigh_periodic_work+0x980/0xc50
[  585.313025]  ? check_same_owner+0x340/0x340
[  585.317357]  ? rcu_note_context_switch+0x730/0x730
[  585.322299]  __should_failslab+0x124/0x180
[  585.326547]  should_failslab+0x9/0x14
[  585.330376]  kmem_cache_alloc_node_trace+0x26f/0x770
[  585.335503]  __kmalloc_node_track_caller+0x33/0x70
[  585.340455]  __kmalloc_reserve.isra.41+0x3a/0xe0
[  585.345224]  __alloc_skb+0x155/0x770
[  585.348954]  ? skb_scrub_packet+0x490/0x490
[  585.353286]  ? kasan_check_read+0x11/0x20
[  585.357442]  ? rcu_is_watching+0x8c/0x150
[  585.361608]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  585.366298]  ? netlink_has_listeners+0x2cf/0x4a0
[  585.371063]  ? netlink_tap_init_net+0x3e0/0x3e0
[  585.375755]  alloc_uevent_skb+0x89/0x220
[  585.379836]  kobject_uevent_env+0x866/0x1110
[  585.384265]  kobject_uevent+0x1f/0x30
[  585.388082]  lo_ioctl+0x138e/0x1d90
[  585.391735]  ? lo_rw_aio_complete+0x450/0x450
[  585.396239]  blkdev_ioctl+0x9cd/0x2030
[  585.400139]  ? blkpg_ioctl+0xc40/0xc40
[  585.404038]  ? kasan_check_read+0x11/0x20
[  585.408188]  ? rcu_is_watching+0x8c/0x150
[  585.412346]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  585.417034]  ? __fget+0x4d5/0x740
[  585.420516]  ? ksys_dup3+0x690/0x690
[  585.424254]  ? kasan_check_write+0x14/0x20
[  585.428498]  ? do_raw_spin_lock+0xc1/0x200
[  585.432746]  block_ioctl+0xee/0x130
[  585.436383]  ? blkdev_fallocate+0x400/0x400
[  585.440713]  do_vfs_ioctl+0x1de/0x1720
[  585.444607]  ? rcu_is_watching+0x8c/0x150
[  585.448767]  ? ioctl_preallocate+0x300/0x300
[  585.453181]  ? __fget_light+0x2f7/0x440
[  585.457161]  ? fget_raw+0x20/0x20
[  585.460620]  ? putname+0xf2/0x130
[  585.464087]  ? rcu_read_lock_sched_held+0x108/0x120
[  585.469114]  ? kmem_cache_free+0x25c/0x2d0
[  585.473353]  ? putname+0xf7/0x130
[  585.476819]  ? do_sys_open+0x3cb/0x760
[  585.480724]  ? security_file_ioctl+0x94/0xc0
[  585.485140]  ksys_ioctl+0xa9/0xd0
[  585.488604]  __x64_sys_ioctl+0x73/0xb0
[  585.492501]  do_syscall_64+0x1b9/0x820
[  585.496403]  ? finish_task_switch+0x1d3/0x870
[  585.500907]  ? syscall_return_slowpath+0x5e0/0x5e0
[  585.505844]  ? syscall_return_slowpath+0x31d/0x5e0
[  585.510779]  ? __switch_to_asm+0x34/0x70
[  585.514850]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  585.520227]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  585.525086]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  585.530281] RIP: 0033:0x456ef7
[  585.533479] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  585.552381] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  585.560095] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  585.567825] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  585.575099] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
13:47:34 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1f00000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:34 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="41a6a4eec6"], &(0x7f0000000180)="4550d4001f91eb2f57b73224433025039c3096b20c6b439348bf689c08608537d6223e63adc0624fbae2e109359dce6922324ccc13160b68cae6430697259dd52d1f73e16adc3592d02925dffae85e9cd2398c6c67c87fb5b12602f145b484be45912966e8b7e2f66069c56dd76c1dc112013c3a6b4de999cdcdc8855aee3437dcc87580cfbe546fbbfbc0eb56d8bbbea2904a7c73c2", 0x0, 0x60, &(0x7f0000000000)=""/195}, 0x16)

[  585.582368] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  585.589636] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000014
13:47:34 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x800004}, 0x2c)
accept4$packet(0xffffffffffffff9c, &(0x7f0000000140)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14, 0x80800)
bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000000100)=@raw=[@exit], &(0x7f0000f6bffb)='GPL\x00', 0x80000000000000, 0xfffffffffffffdbc, &(0x7f0000000000)=""/251, 0x40f00, 0x0, [], r0}, 0x48)
r1 = syz_open_dev$amidi(&(0x7f00000001c0)='/dev/amidi#\x00', 0x7ff, 0x400c00)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff}, 0x0, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000280)={0x7, 0x8, 0xfa00, {r2, 0x4}}, 0x10)

13:47:34 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f4248526653", 0x46, 0x10000}], 0x0, &(0x7f0000000240))

13:47:34 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x267e, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:34 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000))
openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0xfffffffffffffffc, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x4000000002, 0x2)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f00000002c0)=0x2, 0x4)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

13:47:34 executing program 4 (fault-call:0 fault-nth:21):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:34 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x3f00000000000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:34 executing program 1:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
socket$kcm(0x2, 0x3, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x408200)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)="2f02726f75702e7374617000", 0x2761, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)=ANY=[@ANYBLOB="0500000000"])
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0xc0c0583b, 0x20000001)
readv(r1, &(0x7f0000000040), 0x0)

13:47:34 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(rfc4543(gcm(aes-generic)))\x00'}, 0x58)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0xfffffffffffffeb5)

13:47:34 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2000000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:34 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x0, &(0x7f00000002c0), 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0xa0000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  586.105343] FAULT_INJECTION: forcing a failure.
[  586.105343] name failslab, interval 1, probability 0, space 0, times 0
[  586.116859] CPU: 0 PID: 9525 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  586.123799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  586.133160] Call Trace:
[  586.135778]  dump_stack+0x1c9/0x2b4
[  586.139453]  ? dump_stack_print_info.cold.2+0x52/0x52
[  586.144659]  should_fail.cold.4+0xa/0x11
[  586.148744]  ? __kernel_text_address+0xd/0x40
[  586.153236]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  586.158337]  ? __save_stack_trace+0x8d/0xf0
[  586.162682]  ? graph_lock+0x170/0x170
[  586.166481]  ? save_stack+0x43/0xd0
[  586.170110]  ? kasan_kmalloc+0xc4/0xe0
[  586.174017]  ? find_held_lock+0x36/0x1c0
[  586.178110]  ? __lock_is_held+0xb5/0x140
[  586.182211]  ? check_same_owner+0x340/0x340
[  586.186570]  ? rcu_note_context_switch+0x730/0x730
[  586.191502]  __should_failslab+0x124/0x180
[  586.195743]  should_failslab+0x9/0x14
[  586.199593]  kmem_cache_alloc_node_trace+0x26f/0x770
[  586.204716]  __kmalloc_node_track_caller+0x33/0x70
[  586.209663]  __kmalloc_reserve.isra.41+0x3a/0xe0
[  586.214439]  __alloc_skb+0x155/0x770
[  586.218160]  ? skb_scrub_packet+0x490/0x490
[  586.222495]  ? kasan_check_read+0x11/0x20
[  586.226650]  ? rcu_is_watching+0x8c/0x150
[  586.230807]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  586.235522]  ? netlink_has_listeners+0x2cf/0x4a0
[  586.240306]  ? netlink_tap_init_net+0x3e0/0x3e0
[  586.244989]  alloc_uevent_skb+0x89/0x220
[  586.249076]  kobject_uevent_env+0x866/0x1110
[  586.253511]  kobject_uevent+0x1f/0x30
[  586.257341]  lo_ioctl+0x138e/0x1d90
[  586.261006]  ? lo_rw_aio_complete+0x450/0x450
[  586.265514]  blkdev_ioctl+0x9cd/0x2030
[  586.269394]  ? blkpg_ioctl+0xc40/0xc40
[  586.273288]  ? kasan_check_read+0x11/0x20
[  586.277489]  ? rcu_is_watching+0x8c/0x150
[  586.281655]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  586.286330]  ? __fget+0x4d5/0x740
[  586.289781]  ? ksys_dup3+0x690/0x690
[  586.293514]  ? kasan_check_write+0x14/0x20
[  586.297765]  ? do_raw_spin_lock+0xc1/0x200
[  586.301998]  block_ioctl+0xee/0x130
[  586.305615]  ? blkdev_fallocate+0x400/0x400
[  586.309937]  do_vfs_ioctl+0x1de/0x1720
[  586.313840]  ? rcu_is_watching+0x8c/0x150
[  586.317995]  ? ioctl_preallocate+0x300/0x300
[  586.322390]  ? __fget_light+0x2f7/0x440
[  586.326354]  ? fget_raw+0x20/0x20
[  586.329805]  ? putname+0xf2/0x130
[  586.333278]  ? rcu_read_lock_sched_held+0x108/0x120
[  586.338314]  ? kmem_cache_free+0x25c/0x2d0
[  586.342573]  ? putname+0xf7/0x130
[  586.346055]  ? do_sys_open+0x3cb/0x760
[  586.349950]  ? security_file_ioctl+0x94/0xc0
[  586.354347]  ksys_ioctl+0xa9/0xd0
[  586.357798]  __x64_sys_ioctl+0x73/0xb0
[  586.361697]  do_syscall_64+0x1b9/0x820
[  586.365614]  ? finish_task_switch+0x1d3/0x870
[  586.370129]  ? syscall_return_slowpath+0x5e0/0x5e0
[  586.375076]  ? syscall_return_slowpath+0x31d/0x5e0
[  586.380018]  ? __switch_to_asm+0x34/0x70
[  586.384083]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  586.389469]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  586.394318]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  586.399497] RIP: 0033:0x456ef7
[  586.402696] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  586.421611] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  586.429739] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  586.436997] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  586.444260] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
13:47:35 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f0000000240))

[  586.451538] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  586.458837] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000015
13:47:35 executing program 4 (fault-call:0 fault-nth:22):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:35 executing program 1:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="0001000000000000"])
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000400000000000000000000000000000000000000000000000007002e2f66696c6530"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000000))
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@noextend='noextend'}]}})

13:47:35 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:35 executing program 3:
r0 = socket(0x40000000002, 0x3, 0x2)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000000)=0x1, 0x4)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000240)={'bond_slave_0\x00', {0x2, 0x4e20}})
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(ctr-serpent-avx,sm4)\x00'}, 0x58)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000100)=0x5, 0x4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0xb674)
sendto$unix(r0, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000140)={'security\x00'}, &(0x7f00000001c0)=0x54)
readv(r0, &(0x7f0000000500)=[{&(0x7f0000000440)=""/175, 0xaf}], 0x1)
fcntl$setstatus(r0, 0x4, 0x40800)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000200)=0x7, 0x4)

13:47:35 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x1e000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  586.872380] attempt to access beyond end of device
[  586.877457] loop6: rw=12288, want=8200, limit=64
[  586.882056] FAULT_INJECTION: forcing a failure.
[  586.882056] name failslab, interval 1, probability 0, space 0, times 0
[  586.893551] CPU: 1 PID: 9567 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  586.900501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  586.909861] Call Trace:
[  586.912477]  dump_stack+0x1c9/0x2b4
[  586.916134]  ? dump_stack_print_info.cold.2+0x52/0x52
[  586.921360]  should_fail.cold.4+0xa/0x11
[  586.925438]  ? __kernel_text_address+0xd/0x40
[  586.929956]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  586.935093]  ? __save_stack_trace+0x8d/0xf0
[  586.939458]  ? graph_lock+0x170/0x170
[  586.943286]  ? save_stack+0x43/0xd0
[  586.946938]  ? kasan_kmalloc+0xc4/0xe0
[  586.950854]  ? find_held_lock+0x36/0x1c0
[  586.954947]  ? __lock_is_held+0xb5/0x140
[  586.959046]  ? check_same_owner+0x340/0x340
[  586.963401]  ? rcu_note_context_switch+0x730/0x730
[  586.968361]  __should_failslab+0x124/0x180
13:47:35 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x45260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:35 executing program 3:
r0 = socket(0x11, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bridge0\x00', <r1=>0x0})
ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0)
syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8, 0x88400)
sendto$packet(r0, &(0x7f0000000100), 0x3, 0x0, &(0x7f00000001c0)={0x11, 0x8035, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14)

[  586.972619]  should_failslab+0x9/0x14
[  586.974212] attempt to access beyond end of device
[  586.976446]  kmem_cache_alloc_node_trace+0x26f/0x770
[  586.976485]  __kmalloc_node_track_caller+0x33/0x70
[  586.976515]  __kmalloc_reserve.isra.41+0x3a/0xe0
[  586.976538]  __alloc_skb+0x155/0x770
[  586.976573]  ? skb_scrub_packet+0x490/0x490
[  586.976598]  ? kasan_check_read+0x11/0x20
[  586.976615]  ? rcu_is_watching+0x8c/0x150
[  586.976633]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  586.976666]  ? netlink_has_listeners+0x2cf/0x4a0
13:47:35 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f0000000240))

[  586.976686]  ? netlink_tap_init_net+0x3e0/0x3e0
[  586.976711]  alloc_uevent_skb+0x89/0x220
[  586.976733]  kobject_uevent_env+0x866/0x1110
[  586.976761]  kobject_uevent+0x1f/0x30
[  586.976784]  lo_ioctl+0x138e/0x1d90
[  586.976812]  ? lo_rw_aio_complete+0x450/0x450
[  586.976831]  blkdev_ioctl+0x9cd/0x2030
[  586.976853]  ? blkpg_ioctl+0xc40/0xc40
[  586.976879]  ? kasan_check_read+0x11/0x20
[  586.976907]  ? rcu_is_watching+0x8c/0x150
[  586.981870] loop6: rw=12288, want=12296, limit=64
[  586.986940]  ? rcu_cleanup_dead_rnp+0x200/0x200
13:47:35 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x7, 0x40000)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x1)
sendto$inet(r1, &(0x7f00000002c0), 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)

[  586.986966]  ? __fget+0x4d5/0x740
[  586.986987]  ? ksys_dup3+0x690/0x690
[  587.080604]  ? kasan_check_write+0x14/0x20
[  587.084856]  ? do_raw_spin_lock+0xc1/0x200
[  587.089124]  block_ioctl+0xee/0x130
[  587.092772]  ? blkdev_fallocate+0x400/0x400
[  587.097113]  do_vfs_ioctl+0x1de/0x1720
[  587.101020]  ? rcu_is_watching+0x8c/0x150
[  587.105198]  ? ioctl_preallocate+0x300/0x300
[  587.109626]  ? __fget_light+0x2f7/0x440
[  587.113624]  ? fget_raw+0x20/0x20
[  587.117092]  ? putname+0xf2/0x130
[  587.120580]  ? rcu_read_lock_sched_held+0x108/0x120
[  587.125610]  ? kmem_cache_free+0x25c/0x2d0
[  587.129851]  ? putname+0xf7/0x130
[  587.133310]  ? do_sys_open+0x3cb/0x760
[  587.137209]  ? security_file_ioctl+0x94/0xc0
[  587.141625]  ksys_ioctl+0xa9/0xd0
[  587.145098]  __x64_sys_ioctl+0x73/0xb0
[  587.148996]  do_syscall_64+0x1b9/0x820
[  587.152885]  ? finish_task_switch+0x1d3/0x870
[  587.157385]  ? syscall_return_slowpath+0x5e0/0x5e0
[  587.162322]  ? syscall_return_slowpath+0x31d/0x5e0
[  587.167256]  ? __switch_to_asm+0x34/0x70
[  587.171320]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  587.176696]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  587.181546]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  587.186747] RIP: 0033:0x456ef7
[  587.189947] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  587.208869] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  587.216586] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000456ef7
[  587.223853] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[  587.231119] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  587.238387] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  587.245654] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000016
[  587.254105] attempt to access beyond end of device
[  587.259222] loop6: rw=12288, want=8200, limit=64
13:47:35 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xf108, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  587.270075] attempt to access beyond end of device
[  587.275422] loop6: rw=12288, want=12296, limit=64
13:47:36 executing program 3:
r0 = socket(0x10, 0x2, 0x1)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/netstat\x00')
sendfile(r0, r1, &(0x7f0000000000), 0x80000002)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000410}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@gettaction={0x30, 0x32, 0x210, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x200}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x0, 0x1}}, @action_gd=@TCA_ACT_TAB={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x40804}, 0x4080)

13:47:36 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f", 0x47, 0x10000}], 0x0, &(0x7f0000000240))

13:47:36 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = getpgid(0x0)
r3 = syz_open_procfs(r2, &(0x7f0000000140)='fd/4\x00')
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r5 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
socket$can_bcm(0x1d, 0x2, 0x2)
lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KDGKBDIACR(r5, 0x4b4a, &(0x7f00000003c0)=""/195)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$BLKGETSIZE(r5, 0x1260, &(0x7f00000002c0))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:47:36 executing program 4 (fault-call:0 fault-nth:23):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  587.456938] attempt to access beyond end of device
[  587.462226] loop6: rw=12288, want=8200, limit=64
[  587.484098] attempt to access beyond end of device
[  587.489146] loop6: rw=12288, want=12296, limit=64
13:47:36 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xa00}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:36 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x4a5, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  587.505913] attempt to access beyond end of device
[  587.511012] loop6: rw=12288, want=8200, limit=64
[  587.516573] attempt to access beyond end of device
[  587.521902] loop6: rw=12288, want=12296, limit=64
13:47:36 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x7, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:36 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00005d6000)='/dev/sequencer\x00', 0x0, 0x0)
r1 = syz_open_dev$sndtimer(&(0x7f00000b5ff1)='/dev/snd/timer\x00', 0x0, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x9, 0x10002)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2, 0x0, 0xffefffffffffffff}})
dup3(r0, r1, 0x0)
write$UHID_DESTROY(r2, &(0x7f0000000080), 0x4)

[  587.741654] FAULT_INJECTION: forcing a failure.
[  587.741654] name failslab, interval 1, probability 0, space 0, times 0
[  587.753617] CPU: 0 PID: 9619 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  587.760588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  587.769958] Call Trace:
[  587.772590]  dump_stack+0x1c9/0x2b4
[  587.776252]  ? dump_stack_print_info.cold.2+0x52/0x52
[  587.781450]  ? trace_hardirqs_on+0x10/0x10
[  587.785712]  should_fail.cold.4+0xa/0x11
[  587.789805]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  587.794915]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  587.800451]  ? walk_component+0x3fe/0x2630
[  587.804711]  ? graph_lock+0x170/0x170
[  587.808503]  ? print_usage_bug+0xc0/0xc0
[  587.812571]  ? graph_lock+0x170/0x170
[  587.816385]  ? trace_hardirqs_on+0x10/0x10
[  587.820619]  ? find_held_lock+0x36/0x1c0
[  587.824685]  ? __lock_is_held+0xb5/0x140
[  587.828763]  ? check_same_owner+0x340/0x340
[  587.833104]  ? rcu_note_context_switch+0x730/0x730
[  587.838050]  __should_failslab+0x124/0x180
[  587.842298]  should_failslab+0x9/0x14
[  587.846123]  kmem_cache_alloc+0x2af/0x760
[  587.850271]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  587.854941]  __d_alloc+0xc8/0xd50
[  587.858415]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  587.863438]  ? d_alloc_parallel+0x1eb0/0x1eb0
[  587.867950]  ? lock_release+0xa30/0xa30
[  587.871939]  ? mark_held_locks+0xc9/0x160
[  587.876081]  ? filename_create+0x1b2/0x5b0
[  587.880326]  ? d_lookup+0x269/0x340
[  587.883957]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  587.888969]  d_alloc+0x96/0x380
[  587.892259]  ? __d_lookup+0x9e0/0x9e0
[  587.896094]  ? __d_alloc+0xd50/0xd50
[  587.899839]  __lookup_hash+0xd9/0x190
[  587.903648]  filename_create+0x1e5/0x5b0
[  587.907703]  ? kern_path_mountpoint+0x40/0x40
[  587.912194]  ? fget_raw+0x20/0x20
[  587.915644]  ? putname+0xf2/0x130
[  587.919135]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  587.924677]  ? getname_flags+0x26e/0x5a0
[  587.928741]  do_mkdirat+0xda/0x310
[  587.932272]  ? __ia32_sys_mknod+0xb0/0xb0
[  587.936411]  ? ksys_ioctl+0x81/0xd0
[  587.940029]  __x64_sys_mkdir+0x5c/0x80
[  587.943917]  do_syscall_64+0x1b9/0x820
[  587.947817]  ? finish_task_switch+0x1d3/0x870
[  587.952311]  ? syscall_return_slowpath+0x5e0/0x5e0
[  587.957229]  ? syscall_return_slowpath+0x31d/0x5e0
[  587.962160]  ? __switch_to_asm+0x34/0x70
[  587.966223]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  587.971591]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  587.976443]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  587.981630] RIP: 0033:0x4564c7
[  587.984822] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  588.003732] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  588.011445] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  588.018703] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  588.025974] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  588.033262] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
13:47:36 executing program 3:
r0 = semget(0xffffffffffffffff, 0x2, 0x0)
semtimedop(r0, &(0x7f0000000080)=[{0x0, 0x0, 0x1000}], 0x1, &(0x7f00000000c0))
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.swap.current\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000040)=0xdc3, 0x4)

[  588.040528] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000017
13:47:36 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309c0, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:36 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48}], 0x0, &(0x7f0000000240))

13:47:37 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x0)
read(r2, &(0x7f0000000280)=""/1, 0x1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000fd0ffc))
ioctl$TCSETAF(r2, 0x5401, &(0x7f0000000000)={0x0, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffc})
r3 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x12}, &(0x7f0000000340))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r3, 0x1000000000016)

13:47:37 executing program 4 (fault-call:0 fault-nth:24):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:37 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:37 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
pipe2$9p(&(0x7f0000000380), 0x4000)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f00000002c0)=ANY=[@ANYBLOB="03f9ff00", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000300)=0x10)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
syz_open_dev$vcsn(&(0x7f0000000340)='/dev/vcs#\x00', 0x9, 0x40000)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:37 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x40000, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x7fffffff, 0x80)
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000100)={0x3, r2})
perf_event_open(&(0x7f00004e7000)={0x2, 0x70, 0x20000000cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280))
r3 = socket(0xa, 0x2, 0x0)
ioctl$sock_ifreq(r3, 0x8924, &(0x7f0000000000)={'bridge0\x00', @ifru_settings={0x1, 0xff, @fr_pvc=&(0x7f0000000080)}})
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000480))

13:47:37 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xffffff9e}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  588.549981] FAULT_INJECTION: forcing a failure.
[  588.549981] name failslab, interval 1, probability 0, space 0, times 0
[  588.561347] CPU: 1 PID: 9682 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  588.568448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  588.577813] Call Trace:
[  588.580434]  dump_stack+0x1c9/0x2b4
[  588.584089]  ? dump_stack_print_info.cold.2+0x52/0x52
[  588.589289]  ? trace_hardirqs_on+0x10/0x10
[  588.593544]  should_fail.cold.4+0xa/0x11
[  588.597630]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  588.602745]  ? __lock_acquire+0x7fc/0x5020
[  588.607001]  ? graph_lock+0x170/0x170
[  588.610818]  ? trace_hardirqs_on+0x10/0x10
[  588.615068]  ? check_noncircular+0x20/0x20
[  588.619328]  ? __lock_is_held+0xb5/0x140
[  588.623413]  ? check_same_owner+0x340/0x340
[  588.627738]  ? print_usage_bug+0xc0/0xc0
[  588.631812]  ? rcu_note_context_switch+0x730/0x730
[  588.636761]  __should_failslab+0x124/0x180
[  588.641010]  should_failslab+0x9/0x14
[  588.644827]  kmem_cache_alloc+0x2af/0x760
[  588.648982]  ? print_usage_bug+0xc0/0xc0
[  588.653055]  ? kasan_check_write+0x14/0x20
[  588.657304]  ? __brelse+0x104/0x180
[  588.660951]  ext4_alloc_inode+0xc9/0x880
[  588.665026]  ? ratelimit_state_init+0xb0/0xb0
[  588.669532]  ? find_held_lock+0x36/0x1c0
[  588.673621]  ? lock_downgrade+0x8f0/0x8f0
[  588.677793]  ? kasan_check_read+0x11/0x20
[  588.681952]  ? rcu_is_watching+0x8c/0x150
[  588.686114]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  588.690799]  ? graph_lock+0x170/0x170
[  588.694623]  ? ratelimit_state_init+0xb0/0xb0
[  588.699132]  alloc_inode+0x63/0x190
[  588.702772]  new_inode_pseudo+0x71/0x1a0
[  588.706848]  ? prune_icache_sb+0x1b0/0x1b0
[  588.711108]  new_inode+0x1c/0x40
[  588.714487]  __ext4_new_inode+0x4af/0x6600
[  588.718750]  ? ext4_free_inode+0x1aa0/0x1aa0
[  588.723177]  ? find_held_lock+0x36/0x1c0
[  588.727257]  ? lock_downgrade+0x8f0/0x8f0
[  588.731420]  ? kasan_check_read+0x11/0x20
[  588.735586]  ? rcu_is_watching+0x8c/0x150
[  588.739744]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  588.744415]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  588.749101]  ? is_bpf_text_address+0xd7/0x170
[  588.753606]  ? kernel_text_address+0x79/0xf0
[  588.758021]  ? __kernel_text_address+0xd/0x40
[  588.762521]  ? unwind_get_return_address+0x61/0xa0
[  588.767463]  ? __save_stack_trace+0x8d/0xf0
[  588.771805]  ? save_stack+0xa9/0xd0
[  588.775438]  ? save_stack+0x43/0xd0
[  588.779065]  ? __kasan_slab_free+0x11a/0x170
[  588.783480]  ? kasan_slab_free+0xe/0x10
[  588.787452]  ? kmem_cache_free+0x86/0x2d0
[  588.791603]  ? putname+0xf2/0x130
[  588.795060]  ? filename_create+0x2b2/0x5b0
[  588.799299]  ? do_mkdirat+0xda/0x310
[  588.803017]  ? __x64_sys_mkdir+0x5c/0x80
[  588.807087]  ? do_syscall_64+0x1b9/0x820
[  588.811151]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  588.816528]  ? kasan_check_read+0x11/0x20
[  588.820689]  ? do_raw_spin_unlock+0xa7/0x2f0
[  588.825110]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  588.829701]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  588.835275]  ? __dquot_initialize+0x61d/0xde0
[  588.839790]  ? graph_lock+0x170/0x170
[  588.843605]  ? trace_hardirqs_off+0xd/0x10
[  588.847847]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  588.852951]  ? dquot_get_next_dqblk+0x180/0x180
[  588.857639]  ? debug_check_no_obj_freed+0x30b/0x595
[  588.862688]  ? kasan_check_write+0x14/0x20
[  588.866937]  ? __lock_is_held+0xb5/0x140
[  588.871009]  ext4_mkdir+0x2e1/0xe60
[  588.874655]  ? ext4_init_dot_dotdot+0x510/0x510
[  588.879349]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  588.884892]  ? security_inode_permission+0xd2/0x100
[  588.889919]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  588.895459]  ? security_inode_mkdir+0xe8/0x120
[  588.900058]  vfs_mkdir+0x42e/0x6b0
[  588.903614]  do_mkdirat+0x27b/0x310
[  588.907252]  ? __ia32_sys_mknod+0xb0/0xb0
[  588.911421]  ? syscall_slow_exit_work+0x500/0x500
[  588.916266]  ? ksys_ioctl+0x81/0xd0
[  588.919906]  __x64_sys_mkdir+0x5c/0x80
[  588.923802]  do_syscall_64+0x1b9/0x820
[  588.927700]  ? finish_task_switch+0x1d3/0x870
[  588.932201]  ? syscall_return_slowpath+0x5e0/0x5e0
[  588.937136]  ? syscall_return_slowpath+0x31d/0x5e0
[  588.942071]  ? __switch_to_asm+0x34/0x70
[  588.946141]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  588.951511]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  588.956366]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  588.961569] RIP: 0033:0x4564c7
[  588.964773] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  588.983676] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  588.991386] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
13:47:37 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x34, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  588.998660] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  589.005929] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  589.013198] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  589.020471] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000018
13:47:37 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48}], 0x0, &(0x7f0000000240))

13:47:37 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000040)=0xc)
ptrace$getenv(0x4201, r2, 0xfffffffffffffff9, &(0x7f0000000080))
pkey_free(0xffffffffffffffff)
close(r0)

13:47:37 executing program 7:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/dsp\x00', 0x62a400, 0x0)
ioctl(r0, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f00000002c0))
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:37 executing program 4 (fault-call:0 fault-nth:25):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:37 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xffffffffffff0700, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:37 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x5}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  589.371928] f2fs_msg: 45 callbacks suppressed
[  589.371943] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x7952010)
[  589.384218] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  589.459209] FAULT_INJECTION: forcing a failure.
[  589.459209] name failslab, interval 1, probability 0, space 0, times 0
[  589.470580] CPU: 1 PID: 9727 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  589.477525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  589.486901] Call Trace:
[  589.489521]  dump_stack+0x1c9/0x2b4
[  589.493196]  ? dump_stack_print_info.cold.2+0x52/0x52
[  589.498425]  should_fail.cold.4+0xa/0x11
[  589.502515]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  589.507662]  ? trace_hardirqs_on+0x10/0x10
[  589.511932]  ? __find_get_block+0xe60/0xe60
[  589.516289]  ? graph_lock+0x170/0x170
[  589.520123]  ? __lock_is_held+0xb5/0x140
[  589.524079] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  589.524210]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  589.531301] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  589.535898]  ? __lock_is_held+0xb5/0x140
[  589.535930]  ? check_same_owner+0x340/0x340
[  589.535949]  ? rcu_note_context_switch+0x730/0x730
13:47:38 executing program 1:
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x22})
prctl$setname(0xf, &(0x7f0000000040)="eb776c616e302b5e00")
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000911000)={{&(0x7f00003e3000/0x1000)=nil, 0x1000}, 0x1})
r1 = userfaultfd(0x0)
close(r1)
clone(0x0, &(0x7f0000001f37), &(0x7f0000001ffc), &(0x7f0000001000), &(0x7f0000001000))
read(r0, &(0x7f0000000400)=""/100, 0x64)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffc000/0x1000)=nil, 0x2302}, 0x1})

[  589.549849] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x7952010)
[  589.551817]  __should_failslab+0x124/0x180
[  589.551837]  should_failslab+0x9/0x14
[  589.551855]  kmem_cache_alloc+0x2af/0x760
[  589.551888]  jbd2__journal_start+0x1e7/0xa80
[  589.556849] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  589.564802]  ? jbd2_write_access_granted.part.9+0x430/0x430
[  589.564818]  ? rcu_note_context_switch+0x730/0x730
[  589.564845]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  589.564863]  __ext4_journal_start_sb+0x182/0x600
13:47:38 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$mice(&(0x7f00000002c0)='/dev/input/mice\x00', 0x0, 0x400)
setsockopt$inet6_buf(r1, 0x29, 0x3f, &(0x7f0000000300)="f383b91d3ea42bc23215026c8afb292638dbf5845d04fa2991b6bf338cf7b0d209f82bf8106b30916da0d5338de3a09b84cc3f18d4471a8dbd48aa21ac8bcf49755af4a22c69be1953a53c4b0fc1191fa73864079565eeee90c74e5a4da63e1c226d93fe6a54788911dbd62a9051e1b52eb471a7769a69b47069f6279130e8ddd69136c47fcd0213a4a5915fcabde612808fc2abbd1351a6d53f7ee6361048568c1d", 0xa2)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
accept(r1, &(0x7f00000003c0)=@pptp={0x18, 0x2, {0x0, @broadcast}}, &(0x7f0000000440)=0x80)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  589.564878]  ? __ext4_new_inode+0x386e/0x6600
[  589.564892]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[  589.564910]  ? find_next_zero_bit+0x111/0x140
[  589.564928]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  589.564942]  ? find_inode_bit.isra.17+0x36f/0x510
[  589.564968]  __ext4_new_inode+0x386e/0x6600
[  589.565001]  ? ext4_free_inode+0x1aa0/0x1aa0
[  589.621477] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  589.624582]  ? find_held_lock+0x36/0x1c0
[  589.624611]  ? lock_downgrade+0x8f0/0x8f0
[  589.624634]  ? kasan_check_read+0x11/0x20
[  589.624650]  ? rcu_is_watching+0x8c/0x150
[  589.624666]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  589.624681]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  589.624703]  ? is_bpf_text_address+0xd7/0x170
[  589.629858] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  589.634554]  ? kernel_text_address+0x79/0xf0
[  589.634579]  ? __kernel_text_address+0xd/0x40
[  589.634596]  ? unwind_get_return_address+0x61/0xa0
[  589.634619]  ? __save_stack_trace+0x8d/0xf0
[  589.706067]  ? save_stack+0xa9/0xd0
[  589.709704]  ? save_stack+0x43/0xd0
[  589.713324]  ? __kasan_slab_free+0x11a/0x170
[  589.717831]  ? kasan_slab_free+0xe/0x10
[  589.721813]  ? kmem_cache_free+0x86/0x2d0
[  589.725963]  ? putname+0xf2/0x130
[  589.729412]  ? filename_create+0x2b2/0x5b0
[  589.733637]  ? do_mkdirat+0xda/0x310
[  589.737344]  ? __x64_sys_mkdir+0x5c/0x80
[  589.741405]  ? do_syscall_64+0x1b9/0x820
[  589.745464]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  589.750849]  ? kasan_check_read+0x11/0x20
[  589.755010]  ? do_raw_spin_unlock+0xa7/0x2f0
[  589.759423]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  589.764011]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  589.769554]  ? __dquot_initialize+0x61d/0xde0
[  589.774088]  ? graph_lock+0x170/0x170
[  589.777893]  ? trace_hardirqs_off+0xd/0x10
[  589.782118]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  589.787212]  ? dquot_get_next_dqblk+0x180/0x180
[  589.791887]  ? debug_check_no_obj_freed+0x30b/0x595
[  589.796904]  ? kasan_check_write+0x14/0x20
[  589.801133]  ? __lock_is_held+0xb5/0x140
[  589.805186]  ext4_mkdir+0x2e1/0xe60
[  589.808832]  ? ext4_init_dot_dotdot+0x510/0x510
[  589.813508]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  589.819052]  ? security_inode_permission+0xd2/0x100
[  589.824072]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  589.829606]  ? security_inode_mkdir+0xe8/0x120
[  589.834190]  vfs_mkdir+0x42e/0x6b0
[  589.837740]  do_mkdirat+0x27b/0x310
[  589.841365]  ? __ia32_sys_mknod+0xb0/0xb0
[  589.845518]  ? ksys_ioctl+0x81/0xd0
[  589.849147]  __x64_sys_mkdir+0x5c/0x80
[  589.853042]  do_syscall_64+0x1b9/0x820
[  589.856938]  ? finish_task_switch+0x1d3/0x870
[  589.861450]  ? syscall_return_slowpath+0x5e0/0x5e0
[  589.866379]  ? syscall_return_slowpath+0x31d/0x5e0
[  589.871307]  ? __switch_to_asm+0x34/0x70
[  589.875377]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  589.880745]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  589.885602]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  589.890799] RIP: 0033:0x4564c7
[  589.893998] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  589.912894] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  589.920604] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  589.927872] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  589.935130] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  589.942386] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  589.949651] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000019
13:47:38 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48}], 0x0, &(0x7f0000000240))

13:47:38 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0xa, 0x3, 0x10)
setsockopt$netlink_NETLINK_RX_RING(r0, 0x29, 0x6, &(0x7f0000000ff0)={0x1c2, 0x0, 0x29, 0x2}, 0x1c2)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x8400, 0x0)
sendmsg$rds(r1, &(0x7f0000000840)={&(0x7f0000000040)={0x2, 0x4e22}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000080)=""/178, 0xb2}, {&(0x7f00000001c0)=""/77, 0x4d}, {&(0x7f0000000240)=""/238, 0xee}, {&(0x7f0000001000)=""/4096, 0x1000}, {&(0x7f0000000340)}, {&(0x7f0000000380)=""/28, 0x1c}, {&(0x7f00000003c0)=""/86, 0x56}], 0x7, &(0x7f00000008c0)=ANY=[@ANYBLOB="5800000000000000140100000800000000000100830d0000", @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYBLOB="8100000000000000"], @ANYPTR=&(0x7f0000000500)=ANY=[@ANYBLOB="0600000000000000"], @ANYBLOB="0104000000000000dd000000000000008000000000000000ff7f00000000000010000000000000000900000000000000580000000000000014010000080000000004000007000000", @ANYPTR=&(0x7f0000000540)=ANY=[@ANYBLOB="ff01000000000000"], @ANYPTR=&(0x7f0000000580)=ANY=[@ANYBLOB="0001000000000000"], @ANYBLOB="0600000000000000e9d30000000000000100010000000000f6010000000000000800000000000000030000000000000058000000000000001401000006000000ff267b71c0faffff", @ANYPTR=&(0x7f00000005c0)=ANY=[@ANYBLOB="8100000000000000"], @ANYPTR=&(0x7f0000000600)=ANY=[@ANYBLOB="7597006d00000000"], @ANYBLOB="00800000000000000600000000000000d808000000000000050000000000000039000000000000000900000000000000580000000000000014010000080000000000000001000000", @ANYPTR=&(0x7f0000000640)=ANY=[@ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00'], @ANYPTR=&(0x7f0000000680)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="ffff00230000000000fcffffffffffff09000000000000000300000000000000400000c10000000006000000000000001800000000000000140100000c000000070000000000000058ca4cacfd08d262191c97821d69fcf765cd7e8f2a2b0d4df621ef81a39b6f9ac8687a1c8573f2b7285c427b61f511cb53b7f38a58dedabceaf9d525c5870b7a42d8e1e715cade3b986b944a72a48c7b3351dbb438af0cd4559b26b4360bfe1a8216daa8190a"], 0x178, 0x10}, 0x20040000)
syz_open_dev$audion(&(0x7f0000000340)='/dev/audio#\x00', 0x4, 0x38000)
connect$rds(r1, &(0x7f00000006c0)={0x2, 0x4e20}, 0x10)

[  589.957173] EXT4-fs error (device sda1) in __ext4_new_inode:933: Out of memory
13:47:38 executing program 4 (fault-call:0 fault-nth:26):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  590.048910] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x7952010)
[  590.056638] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
13:47:38 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x3b9, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:38 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xf71e}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:38 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3e260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  590.429684] FAULT_INJECTION: forcing a failure.
[  590.429684] name failslab, interval 1, probability 0, space 0, times 0
[  590.441075] CPU: 1 PID: 9762 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  590.448027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  590.457391] Call Trace:
[  590.460014]  dump_stack+0x1c9/0x2b4
[  590.463672]  ? dump_stack_print_info.cold.2+0x52/0x52
[  590.468894]  ? rcu_note_context_switch+0x730/0x730
[  590.473864]  should_fail.cold.4+0xa/0x11
[  590.477968]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  590.483136]  ? trace_hardirqs_on+0x10/0x10
[  590.487393]  ? __find_get_block+0xe60/0xe60
[  590.491747]  ? graph_lock+0x170/0x170
[  590.495579]  ? __lock_is_held+0xb5/0x140
[  590.499678]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  590.504410]  ? __lock_is_held+0xb5/0x140
[  590.508532]  ? check_same_owner+0x340/0x340
[  590.512895]  ? rcu_note_context_switch+0x730/0x730
[  590.517855]  __should_failslab+0x124/0x180
[  590.522121]  should_failslab+0x9/0x14
[  590.525946]  kmem_cache_alloc+0x2af/0x760
[  590.530192]  jbd2__journal_start+0x1e7/0xa80
[  590.534643]  ? jbd2_write_access_granted.part.9+0x430/0x430
[  590.540408]  ? rcu_note_context_switch+0x730/0x730
[  590.545381]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  590.550950]  __ext4_journal_start_sb+0x182/0x600
[  590.555732]  ? __ext4_new_inode+0x386e/0x6600
[  590.560251]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[  590.566521]  ? find_next_zero_bit+0x111/0x140
[  590.571066]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  590.576133]  ? find_inode_bit.isra.17+0x36f/0x510
[  590.581026]  __ext4_new_inode+0x386e/0x6600
[  590.585403]  ? ext4_free_inode+0x1aa0/0x1aa0
[  590.589856]  ? find_held_lock+0x36/0x1c0
[  590.593966]  ? lock_downgrade+0x8f0/0x8f0
[  590.598129]  ? kasan_check_read+0x11/0x20
[  590.602288]  ? rcu_is_watching+0x8c/0x150
[  590.606434]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  590.611103]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  590.615772]  ? is_bpf_text_address+0xd7/0x170
[  590.620275]  ? kernel_text_address+0x79/0xf0
[  590.624682]  ? __kernel_text_address+0xd/0x40
[  590.629190]  ? unwind_get_return_address+0x61/0xa0
[  590.634122]  ? __save_stack_trace+0x8d/0xf0
[  590.638460]  ? save_stack+0xa9/0xd0
[  590.642103]  ? save_stack+0x43/0xd0
[  590.645730]  ? __kasan_slab_free+0x11a/0x170
[  590.650141]  ? kasan_slab_free+0xe/0x10
[  590.654118]  ? kmem_cache_free+0x86/0x2d0
[  590.658256]  ? putname+0xf2/0x130
[  590.661697]  ? filename_create+0x2b2/0x5b0
[  590.665933]  ? do_mkdirat+0xda/0x310
[  590.669663]  ? __x64_sys_mkdir+0x5c/0x80
[  590.673739]  ? do_syscall_64+0x1b9/0x820
[  590.677812]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  590.683183]  ? kasan_check_read+0x11/0x20
[  590.687325]  ? do_raw_spin_unlock+0xa7/0x2f0
[  590.691731]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  590.696318]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  590.701859]  ? __dquot_initialize+0x61d/0xde0
[  590.706371]  ? graph_lock+0x170/0x170
[  590.710181]  ? trace_hardirqs_off+0xd/0x10
[  590.714422]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  590.719530]  ? dquot_get_next_dqblk+0x180/0x180
[  590.724215]  ? debug_check_no_obj_freed+0x30b/0x595
[  590.729234]  ? kasan_check_write+0x14/0x20
[  590.733477]  ? __lock_is_held+0xb5/0x140
[  590.737564]  ? perf_get_regs_user+0x788/0xa30
[  590.742057]  ext4_mkdir+0x2e1/0xe60
[  590.745689]  ? ext4_init_dot_dotdot+0x510/0x510
[  590.750352]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  590.755882]  ? security_inode_permission+0xd2/0x100
[  590.760895]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  590.766448]  ? security_inode_mkdir+0xe8/0x120
[  590.771029]  vfs_mkdir+0x42e/0x6b0
[  590.774592]  do_mkdirat+0x27b/0x310
[  590.778215]  ? __ia32_sys_mknod+0xb0/0xb0
[  590.782366]  ? ksys_ioctl+0x81/0xd0
[  590.786001]  __x64_sys_mkdir+0x5c/0x80
[  590.789883]  do_syscall_64+0x1b9/0x820
[  590.793761]  ? finish_task_switch+0x1d3/0x870
[  590.798252]  ? syscall_return_slowpath+0x5e0/0x5e0
[  590.803170]  ? syscall_return_slowpath+0x31d/0x5e0
[  590.808103]  ? __switch_to_asm+0x34/0x70
[  590.812155]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  590.817527]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  590.822387]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  590.827594] RIP: 0033:0x4564c7
[  590.830795] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  590.849702] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  590.857401] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  590.864658] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  590.871923] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
13:47:39 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext={0x7fff, 0x798}, 0x0, 0x0, 0x8000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f2, &(0x7f0000000180)={'ip6_vti0\x00', @ifru_addrs=@xdp})

[  590.879199] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  590.886460] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000001a
[  590.894048] EXT4-fs error (device sda1) in __ext4_new_inode:933: Out of memory
13:47:39 executing program 3:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0)
getsockname$netlink(r0, &(0x7f0000000040), &(0x7f0000000100)=0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000200))
getsockopt$sock_timeval(r2, 0x1, 0x13, &(0x7f00000000c0), &(0x7f0000000080)=0x10)

13:47:39 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
getsockopt$bt_hci(r2, 0x0, 0x3, &(0x7f00000002c0)=""/223, &(0x7f00000003c0)=0xdf)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:39 executing program 4 (fault-call:0 fault-nth:27):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:39 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x44260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:39 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x2674, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:39 executing program 2 (fault-call:0 fault-nth:0):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:39 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x87ffffffff}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:39 executing program 1:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4)
getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, &(0x7f00000000c0), &(0x7f0000000040)=0x68)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x101001, 0x0)
statx(r3, &(0x7f0000000180)='./file0\x00', 0x4000, 0xfff, &(0x7f00000001c0))
unshare(0x0)
close(r1)
close(r0)

[  591.349482] FAULT_INJECTION: forcing a failure.
[  591.349482] name failslab, interval 1, probability 0, space 0, times 0
[  591.361099] CPU: 0 PID: 9799 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  591.368047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  591.377410] Call Trace:
[  591.380018]  dump_stack+0x1c9/0x2b4
[  591.383663]  ? dump_stack_print_info.cold.2+0x52/0x52
[  591.388867]  ? rcu_note_context_switch+0x730/0x730
[  591.393816]  should_fail.cold.4+0xa/0x11
[  591.397893]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  591.403008]  ? trace_hardirqs_on+0x10/0x10
[  591.407256]  ? __find_get_block+0xe60/0xe60
[  591.411605]  ? graph_lock+0x170/0x170
[  591.415416]  ? __lock_is_held+0xb5/0x140
[  591.419489]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  591.424180]  ? __lock_is_held+0xb5/0x140
[  591.428266]  ? check_same_owner+0x340/0x340
[  591.433021]  ? rcu_note_context_switch+0x730/0x730
[  591.437969]  __should_failslab+0x124/0x180
[  591.442219]  should_failslab+0x9/0x14
[  591.446058]  kmem_cache_alloc+0x2af/0x760
[  591.450244]  jbd2__journal_start+0x1e7/0xa80
[  591.454669]  ? jbd2_write_access_granted.part.9+0x430/0x430
[  591.460387]  ? rcu_note_context_switch+0x730/0x730
[  591.465342]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  591.470898]  __ext4_journal_start_sb+0x182/0x600
[  591.475671]  ? __ext4_new_inode+0x386e/0x6600
[  591.480181]  ? ext4_journal_abort_handle.isra.5+0x260/0x260
[  591.486131]  ? find_next_zero_bit+0x111/0x140
[  591.490639]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  591.495673]  ? find_inode_bit.isra.17+0x36f/0x510
[  591.500544]  __ext4_new_inode+0x386e/0x6600
[  591.504920]  ? ext4_free_inode+0x1aa0/0x1aa0
[  591.509352]  ? find_held_lock+0x36/0x1c0
[  591.513447]  ? lock_downgrade+0x8f0/0x8f0
[  591.517627]  ? kasan_check_read+0x11/0x20
[  591.521795]  ? rcu_is_watching+0x8c/0x150
[  591.525970]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  591.530666]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  591.535362]  ? is_bpf_text_address+0xd7/0x170
[  591.539872]  ? kernel_text_address+0x79/0xf0
[  591.544284]  ? __kernel_text_address+0xd/0x40
[  591.548786]  ? unwind_get_return_address+0x61/0xa0
[  591.553726]  ? __save_stack_trace+0x8d/0xf0
[  591.558064]  ? save_stack+0xa9/0xd0
[  591.561916]  ? save_stack+0x43/0xd0
[  591.565549]  ? __kasan_slab_free+0x11a/0x170
[  591.569975]  ? kasan_slab_free+0xe/0x10
[  591.573949]  ? kmem_cache_free+0x86/0x2d0
[  591.578096]  ? putname+0xf2/0x130
[  591.581563]  ? filename_create+0x2b2/0x5b0
[  591.585809]  ? do_mkdirat+0xda/0x310
[  591.589528]  ? __x64_sys_mkdir+0x5c/0x80
[  591.593605]  ? do_syscall_64+0x1b9/0x820
[  591.597673]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  591.603054]  ? kasan_check_read+0x11/0x20
[  591.607207]  ? do_raw_spin_unlock+0xa7/0x2f0
[  591.611622]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  591.616211]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  591.621754]  ? __dquot_initialize+0x61d/0xde0
[  591.626259]  ? graph_lock+0x170/0x170
[  591.630069]  ? trace_hardirqs_off+0xd/0x10
[  591.634309]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  591.639417]  ? dquot_get_next_dqblk+0x180/0x180
[  591.644105]  ? debug_check_no_obj_freed+0x30b/0x595
[  591.649125]  ? kasan_check_write+0x14/0x20
[  591.653371]  ? __lock_is_held+0xb5/0x140
[  591.657443]  ext4_mkdir+0x2e1/0xe60
[  591.661089]  ? ext4_init_dot_dotdot+0x510/0x510
[  591.665770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  591.671315]  ? security_inode_permission+0xd2/0x100
[  591.676350]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  591.681890]  ? security_inode_mkdir+0xe8/0x120
[  591.686481]  vfs_mkdir+0x42e/0x6b0
[  591.690035]  do_mkdirat+0x27b/0x310
[  591.693673]  ? __ia32_sys_mknod+0xb0/0xb0
[  591.697825]  ? ksys_ioctl+0x81/0xd0
[  591.701461]  __x64_sys_mkdir+0x5c/0x80
[  591.705358]  do_syscall_64+0x1b9/0x820
[  591.709249]  ? finish_task_switch+0x1d3/0x870
[  591.713751]  ? syscall_return_slowpath+0x5e0/0x5e0
[  591.718685]  ? syscall_return_slowpath+0x31d/0x5e0
[  591.723619]  ? __switch_to_asm+0x34/0x70
[  591.727687]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  591.733063]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  591.737918]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  591.743107] RIP: 0033:0x4564c7
[  591.746309] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  591.765222] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  591.772938] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  591.780223] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  591.787497] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  591.794771] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  591.802047] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000001b
[  591.809642] EXT4-fs error (device sda1) in __ext4_new_inode:933: Out of memory
13:47:40 executing program 3:
prctl$getreaper(0x0, &(0x7f0000000240))
close(0xffffffffffffffff)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x105000, 0x0)
ioctl$sock_netdev_private(r0, 0x89f7, &(0x7f0000000340)="36c0180ea7307d43bd90e7e8074ceb61a73632975619b15784c095a098859263c757ca986a84277534359a6170aba66330d312a5ef499b186154571420d9387a602c475f961d856b1a3367c877b83382d2df33274209fb42ce8c5106c4e0386d12363980ed4a66bd7afea0983f468306022b3c7389343b75d58ee0db2b1c3df15a21bf31dd340bbab067a2db7bdfc10ddf7c94609c")
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140)={<r1=>0x0}, &(0x7f00000001c0)=0xc)
fcntl$setownex(r0, 0xf, &(0x7f0000000200)={0x1, r1})
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
accept4(r2, &(0x7f0000000040)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xfffffffffffffd65, 0x800)
ioctl$TCGETA(r0, 0x5405, &(0x7f0000000100))
perf_event_open(&(0x7f00000002c0)={0x2, 0x70, 0x5e9, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xd, r0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)

[  591.893128] FAULT_INJECTION: forcing a failure.
[  591.893128] name failslab, interval 1, probability 0, space 0, times 0
[  591.904446] CPU: 0 PID: 9815 Comm: syz-executor2 Not tainted 4.18.0+ #195
[  591.911383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  591.920749] Call Trace:
[  591.923359]  dump_stack+0x1c9/0x2b4
[  591.927015]  ? dump_stack_print_info.cold.2+0x52/0x52
[  591.932248]  should_fail.cold.4+0xa/0x11
[  591.936336]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  591.941458]  ? save_stack+0xa9/0xd0
[  591.945100]  ? lock_downgrade+0x8f0/0x8f0
[  591.949258]  ? proc_fail_nth_write+0x9e/0x210
[  591.953760]  ? proc_cwd_link+0x1d0/0x1d0
[  591.957846]  ? find_held_lock+0x36/0x1c0
[  591.961945]  ? check_same_owner+0x340/0x340
[  591.966288]  ? rcu_note_context_switch+0x730/0x730
[  591.971235]  __should_failslab+0x124/0x180
[  591.975489]  should_failslab+0x9/0x14
[  591.979317]  __kmalloc+0x2c8/0x760
[  591.982890]  ? strncpy_from_user+0x510/0x510
[  591.987334]  ? fput+0x130/0x1a0
[  591.990648]  ? __x64_sys_memfd_create+0x142/0x4f0
[  591.995517]  __x64_sys_memfd_create+0x142/0x4f0
[  592.000287]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  592.005835]  ? memfd_fcntl+0x1580/0x1580
[  592.009911]  ? ksys_ioctl+0x81/0xd0
[  592.013553]  ? do_syscall_64+0x9a/0x820
[  592.017573]  do_syscall_64+0x1b9/0x820
[  592.021480]  ? finish_task_switch+0x1d3/0x870
[  592.025991]  ? syscall_return_slowpath+0x5e0/0x5e0
[  592.030936]  ? syscall_return_slowpath+0x31d/0x5e0
[  592.035883]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  592.041262]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  592.046129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  592.051326] RIP: 0033:0x457089
[  592.054530] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  592.073451] RSP: 002b:00007febdb483a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  592.081183] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
13:47:40 executing program 4 (fault-call:0 fault-nth:28):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  592.088469] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
[  592.095743] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  592.103016] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  592.110291] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000000
13:47:40 executing program 2 (fault-call:0 fault-nth:1):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:40 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x22646, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:40 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl(r2, 0x0, &(0x7f00000002c0)="955cdacfe2d90dd3d9cc7173b9447737a7")
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
ioctl$PPPOEIOCDFWD(r4, 0xb101, 0x0)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:40 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309af, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:41 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x23f7000000000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:41 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x8, 0x800)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x9)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000007c0)=@nat={'nat\x00', 0x19, 0x4, 0x550, [0x20000200, 0x0, 0x0, 0x20000230, 0x200003b0], 0x0, &(0x7f00000001c0), &(0x7f0000000840)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000086dd7465616d5f736c6176655f3100000000626f6e645f736c6176655f3100000000626f6e645f736c6176655f3000000000626f6e645f736c6176655f3000000000ffffffffffff0000000000000000000000000000000000000000e800000018010000500100006970360000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000001ff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000018080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000090000000000000000006e7230000000000000000000000000000000000000000000000000000000000076657468305f746f5f626f6e64000000766c616e300000000000000000000000000000000000000000000180c2000000000000000000000000010000380100c5d801000064657667726f7570000000018000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000000068656c7065720000000000000000000000000000000021000000000000000000280000000000000000000000482e32343500000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000ffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000900000000000000000067726574617030000000000000000000766c616e300000000000000000000000626f6e645f736c6176655f31000000006970365f767469300000000000000000ffffffffffff0000000000000180c20000000000000000000000b0000000b0000000e800000074696d65000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000800000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000000000000000000000000000000000000000000000000037e567376c4040c240000000000000000000000000000003000000fcffffff010000000300000000000000000000000000000000000000000000000000697036746e6c30000000000000000000697036746e6c30000000000000000000677265300000000000000000000000000180c2000000000000000000015948c39ee6000000000000000030000000b8000000f00000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a31000000000000000000000000000000000000000000000000000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c20000000000000000000000000000000000000000000038b1dd9fb78a1a85884c062b188c9f8c00adac64f376d45697add2737cd5e457978eaf967667521efcaecf"]}, 0x5f1)

[  592.402923] FAULT_INJECTION: forcing a failure.
[  592.402923] name failslab, interval 1, probability 0, space 0, times 0
[  592.415150] CPU: 0 PID: 9835 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  592.422115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  592.431982] Call Trace:
[  592.434618]  dump_stack+0x1c9/0x2b4
[  592.438280]  ? dump_stack_print_info.cold.2+0x52/0x52
[  592.443513]  should_fail.cold.4+0xa/0x11
[  592.447628]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  592.452763]  ? trace_hardirqs_on+0x10/0x10
[  592.457028]  ? find_held_lock+0x36/0x1c0
[  592.461130]  ? lock_downgrade+0x8f0/0x8f0
[  592.465309]  ? kasan_check_read+0x11/0x20
[  592.469484]  ? rcu_is_watching+0x8c/0x150
[  592.473656]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  592.478350]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  592.483051]  ? graph_lock+0x170/0x170
[  592.486881]  ? kernel_text_address+0x79/0xf0
[  592.491325]  __should_failslab+0x124/0x180
[  592.495605]  should_failslab+0x9/0x14
[  592.499438]  kmem_cache_alloc+0x47/0x760
[  592.503525]  ? find_held_lock+0x36/0x1c0
[  592.507619]  ? __es_tree_search.isra.13+0x1ba/0x220
[  592.512638]  __es_insert_extent+0x305/0x1140
[  592.517059]  ? ext4_es_insert_extent+0x21c/0x7e0
[  592.521830]  ? ext4_es_free_extent+0x820/0x820
[  592.526432]  ? lock_release+0xa30/0xa30
[  592.530411]  ? __lock_is_held+0xb5/0x140
[  592.534471]  ? kasan_check_write+0x14/0x20
[  592.538710]  ? do_raw_write_lock+0xbd/0x1b0
[  592.543048]  ext4_es_insert_extent+0x2ea/0x7e0
[  592.547631]  ? ext4_es_find_delayed_extent_range+0xd80/0xd80
[  592.553451]  ? __lock_is_held+0xb5/0x140
[  592.557520]  ? rcu_read_lock_sched_held+0x108/0x120
[  592.562537]  ? __kmalloc+0x5f9/0x760
[  592.566265]  ext4_ext_put_gap_in_cache+0x158/0x1f0
[  592.571207]  ? ext4_zeroout_es+0x160/0x160
[  592.575445]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  592.580982]  ext4_ext_map_blocks+0x2453/0x62e0
[  592.585577]  ? graph_lock+0x170/0x170
[  592.589379]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  592.594413]  ? block_commit_write+0x30/0x30
[  592.598750]  ? find_held_lock+0x36/0x1c0
[  592.602829]  ? graph_lock+0x170/0x170
[  592.606645]  ? graph_lock+0x170/0x170
[  592.610460]  ? lock_downgrade+0x8f0/0x8f0
[  592.614632]  ? lock_acquire+0x1e4/0x540
[  592.618603]  ? ext4_map_blocks+0x480/0x1b60
[  592.622914]  ? lock_release+0xa30/0xa30
[  592.626889]  ? check_same_owner+0x340/0x340
[  592.631217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  592.636748]  ? ext4_es_lookup_extent+0x465/0xde0
[  592.641504]  ? rcu_note_context_switch+0x730/0x730
[  592.646441]  ? down_read+0xb5/0x1d0
[  592.650062]  ? ext4_map_blocks+0x480/0x1b60
[  592.654377]  ? __down_interruptible+0x700/0x700
[  592.659047]  ? kernel_text_address+0x79/0xf0
[  592.663447]  ext4_map_blocks+0xe31/0x1b60
[  592.667606]  ? __save_stack_trace+0x8d/0xf0
[  592.671935]  ? ext4_issue_zeroout+0x190/0x190
[  592.676452]  ? save_stack+0x43/0xd0
[  592.680088]  ? __kasan_slab_free+0x11a/0x170
[  592.684494]  ? kasan_slab_free+0xe/0x10
[  592.688466]  ? kmem_cache_free+0x86/0x2d0
[  592.692619]  ext4_getblk+0x10e/0x630
[  592.696339]  ? ext4_iomap_begin+0x1350/0x1350
[  592.700852]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  592.706399]  ? __dquot_initialize+0x61d/0xde0
[  592.710911]  ext4_bread+0x95/0x2b0
[  592.714456]  ? ext4_getblk+0x630/0x630
[  592.718341]  ? dquot_get_next_dqblk+0x180/0x180
[  592.722999]  ? debug_check_no_obj_freed+0x30b/0x595
[  592.728013]  ? kasan_check_write+0x14/0x20
[  592.732252]  ext4_append+0x14e/0x370
[  592.735972]  ext4_mkdir+0x532/0xe60
[  592.739624]  ? ext4_init_dot_dotdot+0x510/0x510
[  592.744315]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  592.749870]  ? security_inode_permission+0xd2/0x100
[  592.754890]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  592.760426]  ? security_inode_mkdir+0xe8/0x120
[  592.764998]  vfs_mkdir+0x42e/0x6b0
[  592.768528]  do_mkdirat+0x27b/0x310
[  592.772185]  ? __ia32_sys_mknod+0xb0/0xb0
[  592.776338]  ? syscall_slow_exit_work+0x500/0x500
[  592.781203]  ? ksys_ioctl+0x81/0xd0
[  592.784848]  __x64_sys_mkdir+0x5c/0x80
[  592.788747]  do_syscall_64+0x1b9/0x820
[  592.792627]  ? finish_task_switch+0x1d3/0x870
[  592.797116]  ? syscall_return_slowpath+0x5e0/0x5e0
[  592.802034]  ? syscall_return_slowpath+0x31d/0x5e0
[  592.806963]  ? __switch_to_asm+0x34/0x70
[  592.811039]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  592.816407]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  592.821245]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  592.826436] RIP: 0033:0x4564c7
[  592.829643] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  592.848542] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  592.856260] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  592.863524] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  592.870814] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  592.878085] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  592.885353] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000001c
[  592.937642] FAULT_INJECTION: forcing a failure.
[  592.937642] name failslab, interval 1, probability 0, space 0, times 0
[  592.949063] CPU: 0 PID: 9849 Comm: syz-executor2 Not tainted 4.18.0+ #195
[  592.956001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  592.965364] Call Trace:
[  592.967974]  dump_stack+0x1c9/0x2b4
[  592.971634]  ? dump_stack_print_info.cold.2+0x52/0x52
[  592.976848]  should_fail.cold.4+0xa/0x11
[  592.980924]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  592.986043]  ? find_held_lock+0x36/0x1c0
[  592.990127]  ? graph_lock+0x170/0x170
[  592.993934]  ? __lock_acquire+0x7fc/0x5020
[  592.998172]  ? lock_downgrade+0x8f0/0x8f0
[  593.002338]  ? find_held_lock+0x36/0x1c0
[  593.006432]  ? check_same_owner+0x340/0x340
[  593.010770]  ? rcu_note_context_switch+0x730/0x730
[  593.015711]  ? find_held_lock+0x36/0x1c0
[  593.019793]  __should_failslab+0x124/0x180
[  593.024056]  should_failslab+0x9/0x14
[  593.027867]  kmem_cache_alloc+0x2af/0x760
[  593.032026]  ? lock_downgrade+0x8f0/0x8f0
[  593.036197]  ? shmem_destroy_callback+0xc0/0xc0
[  593.040880]  shmem_alloc_inode+0x1b/0x40
[  593.044950]  alloc_inode+0x63/0x190
[  593.048607]  new_inode_pseudo+0x71/0x1a0
[  593.052682]  ? prune_icache_sb+0x1b0/0x1b0
[  593.056932]  ? _raw_spin_unlock+0x22/0x30
[  593.061093]  new_inode+0x1c/0x40
[  593.064472]  shmem_get_inode+0xf1/0x910
[  593.068463]  ? shmem_encode_fh+0x340/0x340
[  593.072718]  ? lock_downgrade+0x8f0/0x8f0
[  593.076883]  ? lock_release+0xa30/0xa30
[  593.080870]  ? check_same_owner+0x340/0x340
[  593.085203]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  593.090227]  ? __check_object_size+0xa3/0x5d7
[  593.094745]  __shmem_file_setup.part.45+0x83/0x2a0
[  593.099693]  shmem_file_setup+0x65/0x90
[  593.103681]  __x64_sys_memfd_create+0x2af/0x4f0
[  593.108375]  ? memfd_fcntl+0x1580/0x1580
[  593.112447]  ? ksys_ioctl+0x81/0xd0
[  593.116084]  ? do_syscall_64+0x9a/0x820
[  593.120075]  do_syscall_64+0x1b9/0x820
[  593.123971]  ? finish_task_switch+0x1d3/0x870
[  593.128481]  ? syscall_return_slowpath+0x5e0/0x5e0
[  593.133423]  ? syscall_return_slowpath+0x31d/0x5e0
[  593.138362]  ? __switch_to_asm+0x34/0x70
[  593.142446]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  593.147841]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  593.152693]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  593.157887] RIP: 0033:0x457089
[  593.161086] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  593.179992] RSP: 002b:00007febdb483a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
13:47:41 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0)
r1 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x8, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000240)={<r2=>0xffffffffffffffff}}}, 0x20)
mlockall(0x2)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000040), &(0x7f0000000080)=0x4)
write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000100)={0x13, 0x10, 0xfa00, {&(0x7f00000002c0), r2}}, 0x18)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000140), 0x0)

13:47:41 executing program 4 (fault-call:0 fault-nth:29):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  593.187704] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
[  593.194972] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
[  593.202257] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  593.209527] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  593.216809] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000001
[  593.327573] kernel msg: ebtables bug: please report to author: Wrong len argument
13:47:42 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4326020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:42 executing program 2 (fault-call:0 fault-nth:2):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:42 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x268a, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:42 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, "4f019b55a1be58df7b55762023ad56d08f16133d2099807ad4d300"})
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000040)=0x3)

[  593.459896] kernel msg: ebtables bug: please report to author: Wrong len argument
[  593.528222] FAULT_INJECTION: forcing a failure.
[  593.528222] name failslab, interval 1, probability 0, space 0, times 0
[  593.540179] CPU: 0 PID: 9874 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  593.547114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  593.556476] Call Trace:
[  593.559090]  dump_stack+0x1c9/0x2b4
[  593.562938]  ? dump_stack_print_info.cold.2+0x52/0x52
[  593.568149]  ? rcu_is_watching+0x8c/0x150
[  593.572309]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  593.577000]  should_fail.cold.4+0xa/0x11
[  593.581079]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  593.586207]  ? kernel_text_address+0x79/0xf0
[  593.590630]  ? __kernel_text_address+0xd/0x40
[  593.595156]  ? unwind_get_return_address+0x61/0xa0
[  593.600105]  ? __save_stack_trace+0x8d/0xf0
[  593.604444]  ? graph_lock+0x170/0x170
[  593.608266]  ? save_stack+0xa9/0xd0
[  593.611913]  ? __lock_is_held+0xb5/0x140
[  593.615984]  ? ext4_bread+0x95/0x2b0
[  593.619714]  ? kasan_check_read+0x11/0x20
[  593.623877]  ? check_same_owner+0x340/0x340
[  593.628206]  ? kasan_check_write+0x14/0x20
[  593.632449]  ? rcu_note_context_switch+0x730/0x730
[  593.637392]  __should_failslab+0x124/0x180
[  593.641634]  should_failslab+0x9/0x14
[  593.645441]  __kmalloc+0x2c8/0x760
[  593.648993]  ? ext4_find_extent+0x775/0xa10
[  593.653323]  ext4_find_extent+0x775/0xa10
[  593.657487]  ext4_ext_map_blocks+0x293/0x62e0
[  593.662004]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  593.667030]  ? block_commit_write+0x30/0x30
[  593.671365]  ? find_held_lock+0x36/0x1c0
[  593.675432]  ? graph_lock+0x170/0x170
[  593.679240]  ? graph_lock+0x170/0x170
[  593.683048]  ? graph_lock+0x170/0x170
[  593.686847]  ? lock_downgrade+0x8f0/0x8f0
[  593.691005]  ? graph_lock+0x170/0x170
[  593.694824]  ? lock_acquire+0x1e4/0x540
[  593.698808]  ? ext4_map_blocks+0x88b/0x1b60
[  593.703140]  ? lock_release+0xa30/0xa30
[  593.707120]  ? check_same_owner+0x340/0x340
[  593.711452]  ? rcu_note_context_switch+0x730/0x730
[  593.716403]  ? down_write+0x8f/0x130
[  593.720122]  ? ext4_map_blocks+0x88b/0x1b60
[  593.724447]  ? down_read+0x1d0/0x1d0
[  593.728173]  ext4_map_blocks+0x8f3/0x1b60
[  593.732325]  ? __save_stack_trace+0x8d/0xf0
[  593.736666]  ? ext4_issue_zeroout+0x190/0x190
[  593.741168]  ? save_stack+0x43/0xd0
[  593.744800]  ? __kasan_slab_free+0x11a/0x170
[  593.749211]  ? kasan_slab_free+0xe/0x10
[  593.753187]  ? kmem_cache_free+0x86/0x2d0
[  593.757342]  ext4_getblk+0x10e/0x630
[  593.761062]  ? ext4_iomap_begin+0x1350/0x1350
[  593.765579]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  593.771129]  ? __dquot_initialize+0x61d/0xde0
[  593.775631]  ext4_bread+0x95/0x2b0
[  593.779174]  ? ext4_getblk+0x630/0x630
[  593.783063]  ? dquot_get_next_dqblk+0x180/0x180
[  593.787741]  ? debug_check_no_obj_freed+0x30b/0x595
[  593.792762]  ? kasan_check_write+0x14/0x20
[  593.797010]  ext4_append+0x14e/0x370
[  593.800736]  ext4_mkdir+0x532/0xe60
[  593.804380]  ? ext4_init_dot_dotdot+0x510/0x510
[  593.809059]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  593.814611]  ? security_inode_permission+0xd2/0x100
[  593.819634]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  593.825174]  ? security_inode_mkdir+0xe8/0x120
[  593.829766]  vfs_mkdir+0x42e/0x6b0
[  593.833316]  do_mkdirat+0x27b/0x310
[  593.836951]  ? __ia32_sys_mknod+0xb0/0xb0
[  593.841110]  ? ksys_ioctl+0x81/0xd0
[  593.844748]  __x64_sys_mkdir+0x5c/0x80
[  593.848644]  do_syscall_64+0x1b9/0x820
[  593.852536]  ? finish_task_switch+0x1d3/0x870
[  593.857048]  ? syscall_return_slowpath+0x5e0/0x5e0
[  593.861984]  ? syscall_return_slowpath+0x31d/0x5e0
[  593.866919]  ? __switch_to_asm+0x34/0x70
[  593.870989]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  593.876360]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  593.881212]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  593.886404] RIP: 0033:0x4564c7
[  593.889614] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  593.908516] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  593.916237] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  593.923522] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  593.930790] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  593.938063] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  593.945331] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000001d
13:47:42 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:42 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ftruncate(r1, 0xff)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:42 executing program 3:
r0 = memfd_create(&(0x7f0000033ff3)='\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x20005)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000037000)={0x0, 0x0, 0x0, "9ede7a8c5ae95e48000000000000007f4f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa0500000074dbcfa6dc4d"})
write$sndseq(r0, &(0x7f000000a000)=[{0x7, 0x3, 0x0, 0x0, @tick=0xfffffffffffffffd, {}, {}, @ext={0x0, &(0x7f0000038ffe)}}], 0x30)
write$P9_RFSYNC(r2, &(0x7f0000000000)={0x7, 0x33, 0x2}, 0x7)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x4a48b125e13656b})

13:47:42 executing program 4 (fault-call:0 fault-nth:30):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  594.115793] FAULT_INJECTION: forcing a failure.
[  594.115793] name failslab, interval 1, probability 0, space 0, times 0
[  594.127201] CPU: 0 PID: 9887 Comm: syz-executor2 Not tainted 4.18.0+ #195
[  594.134134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  594.143474] Call Trace:
[  594.146077]  dump_stack+0x1c9/0x2b4
[  594.149713]  ? dump_stack_print_info.cold.2+0x52/0x52
[  594.154925]  should_fail.cold.4+0xa/0x11
[  594.158998]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  594.164096]  ? trace_hardirqs_on+0x10/0x10
[  594.168322]  ? __kernel_text_address+0xd/0x40
[  594.172822]  ? unwind_get_return_address+0x61/0xa0
[  594.177775]  ? find_held_lock+0x36/0x1c0
[  594.181880]  ? check_same_owner+0x340/0x340
[  594.186214]  ? rcu_note_context_switch+0x730/0x730
[  594.191160]  __should_failslab+0x124/0x180
[  594.195392]  should_failslab+0x9/0x14
[  594.199191]  kmem_cache_alloc+0x2af/0x760
[  594.203334]  ? mpol_shared_policy_init+0x235/0x670
[  594.208263]  ? lock_downgrade+0x8f0/0x8f0
[  594.212437]  __d_alloc+0xc8/0xd50
[  594.215885]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  594.220894]  ? shrink_dcache_for_umount+0x2b0/0x2b0
[  594.225909]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  594.231095]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  594.236638]  ? timespec64_trunc+0xea/0x180
[  594.240863]  ? inode_init_owner+0x340/0x340
[  594.245180]  ? _raw_spin_unlock+0x22/0x30
[  594.249361]  ? current_time+0x131/0x1b0
[  594.253360]  ? timespec64_trunc+0x180/0x180
[  594.257692]  ? __lockdep_init_map+0x105/0x590
[  594.262189]  d_alloc_pseudo+0x1d/0x30
[  594.265988]  alloc_file_pseudo+0x158/0x3f0
[  594.270272]  ? alloc_file+0x430/0x430
[  594.274091]  ? check_same_owner+0x340/0x340
[  594.278440]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  594.283450]  ? __check_object_size+0xa3/0x5d7
[  594.287937]  ? kasan_check_write+0x14/0x20
[  594.292164]  __shmem_file_setup.part.45+0x110/0x2a0
[  594.297187]  shmem_file_setup+0x65/0x90
[  594.301163]  __x64_sys_memfd_create+0x2af/0x4f0
[  594.305827]  ? memfd_fcntl+0x1580/0x1580
[  594.309881]  ? ksys_ioctl+0x81/0xd0
[  594.313502]  ? do_syscall_64+0x9a/0x820
[  594.317487]  do_syscall_64+0x1b9/0x820
[  594.321383]  ? syscall_return_slowpath+0x5e0/0x5e0
[  594.326325]  ? syscall_return_slowpath+0x31d/0x5e0
[  594.331247]  ? __switch_to_asm+0x34/0x70
[  594.335297]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  594.340667]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  594.345511]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  594.350691] RIP: 0033:0x457089
[  594.353897] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  594.372810] RSP: 002b:00007febdb483a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  594.380523] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
[  594.387786] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
[  594.395053] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  594.402307] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  594.409592] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000002
13:47:43 executing program 2 (fault-call:0 fault-nth:3):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:43 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x6, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:43 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3f00000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:43 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x8000, 0x181)
clock_gettime(0x0, &(0x7f0000000040)={<r1=>0x0, <r2=>0x0})
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000280)={{0xa, 0x4e20, 0x1f, @remote, 0x55f}, {0xa, 0x4e20, 0x9, @loopback, 0x80000000}, 0x3f, [0xff, 0xfffffffffffffffb, 0x8, 0x20, 0xfffffffffffffffa, 0x8000, 0x9, 0x6]}, 0x5c)
clock_gettime(0x0, &(0x7f0000000080)={<r3=>0x0, <r4=>0x0})
clock_gettime(0x0, &(0x7f0000000100)={<r5=>0x0, <r6=>0x0})
write$sndseq(r0, &(0x7f00000001c0)=[{0x2c24, 0x8, 0xffffffff00000001, 0x5, @time={r1, r2+30000000}, {0x101, 0x3}, {0x2, 0x4}, @time=@time={0x77359400}}, {0x1, 0x6, 0x0, 0x7, @tick=0x101, {0x3, 0x100000000}, {0x0, 0x3ff}, @quote={{0x2, 0x80}, 0x100, &(0x7f00000000c0)={0xa0d1, 0x7, 0xab, 0x5, @time={r3, r4+10000000}, {0x9, 0x5}, {0xfff, 0xfff}, @control={0x81, 0xfffffffeffffffff, 0xffff}}}}, {0xfffffffffffffabe, 0x800, 0xfffffffffffffffc, 0x2, @time={r5, r6+10000000}, {0x6, 0x6}, {0x8, 0x663f11c}, @quote={{0x3, 0x5}, 0x100000, &(0x7f0000000180)={0xb7, 0x200, 0x3, 0x0, @tick=0x2, {0x4, 0x3f}, {0xffffffffffffbf01, 0x8e}, @ext={0x0, &(0x7f0000000140)}}}}], 0x90)

[  594.667445] FAULT_INJECTION: forcing a failure.
[  594.667445] name failslab, interval 1, probability 0, space 0, times 0
[  594.678913] CPU: 0 PID: 9911 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  594.685885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  594.695254] Call Trace:
[  594.697854]  dump_stack+0x1c9/0x2b4
[  594.701498]  ? dump_stack_print_info.cold.2+0x52/0x52
[  594.706699]  ? graph_lock+0x170/0x170
[  594.710498]  should_fail.cold.4+0xa/0x11
[  594.714595]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  594.719728]  ? __lock_is_held+0xb5/0x140
[  594.723992]  ? graph_lock+0x170/0x170
[  594.727830]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  594.733392]  ? __mark_inode_dirty+0x495/0x1550
[  594.738003]  ? __inode_attach_wb+0x13d0/0x13d0
[  594.742645]  ? kasan_check_read+0x11/0x20
[  594.746810]  ? __lock_is_held+0xb5/0x140
[  594.750904]  ? check_same_owner+0x340/0x340
[  594.755254]  ? __dquot_alloc_space+0x4b6/0x8c0
[  594.759942]  ? rcu_note_context_switch+0x730/0x730
[  594.764886]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  594.769917]  __should_failslab+0x124/0x180
[  594.774167]  should_failslab+0x9/0x14
[  594.777989]  kmem_cache_alloc+0x2af/0x760
[  594.782164]  ? percpu_counter_add_batch+0xf2/0x150
[  594.787129]  ext4_mb_new_blocks+0x774/0x4740
[  594.791581]  ? find_held_lock+0x36/0x1c0
[  594.795683]  ? ext4_discard_preallocations+0x13d0/0x13d0
[  594.801147]  ? kasan_check_read+0x11/0x20
[  594.805308]  ? rcu_is_watching+0x8c/0x150
[  594.809465]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  594.814147]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  594.818834]  ? is_bpf_text_address+0xd7/0x170
[  594.823347]  ? kernel_text_address+0x79/0xf0
[  594.827767]  ? __kernel_text_address+0xd/0x40
[  594.832271]  ? unwind_get_return_address+0x61/0xa0
[  594.837216]  ? __save_stack_trace+0x8d/0xf0
[  594.841571]  ? save_stack+0xa9/0xd0
[  594.845214]  ? save_stack+0x43/0xd0
[  594.848851]  ? kasan_kmalloc+0xc4/0xe0
[  594.852750]  ? __kmalloc+0x14e/0x760
[  594.856472]  ? ext4_find_extent+0x775/0xa10
[  594.860798]  ? ext4_ext_map_blocks+0x293/0x62e0
[  594.865471]  ? ext4_map_blocks+0x8f3/0x1b60
[  594.869792]  ? ext4_getblk+0x10e/0x630
[  594.873684]  ? ext4_bread+0x95/0x2b0
[  594.877418]  ? ext4_append+0x14e/0x370
[  594.881305]  ? ext4_mkdir+0x532/0xe60
[  594.885138]  ? vfs_mkdir+0x42e/0x6b0
[  594.888855]  ? do_mkdirat+0x27b/0x310
[  594.892661]  ? __x64_sys_mkdir+0x5c/0x80
[  594.896728]  ? do_syscall_64+0x1b9/0x820
[  594.900797]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  594.906181]  ? save_stack+0xa9/0xd0
[  594.909817]  ? print_usage_bug+0xc0/0xc0
[  594.913892]  ? graph_lock+0x170/0x170
[  594.917695]  ? __lock_is_held+0xb5/0x140
[  594.921758]  ? ext4_bread+0x95/0x2b0
[  594.925480]  ? kasan_check_read+0x11/0x20
[  594.929645]  ? __lock_is_held+0xb5/0x140
[  594.933725]  ? rcu_read_lock_sched_held+0x108/0x120
[  594.938751]  ? __kmalloc+0x5f9/0x760
[  594.942475]  ? ext4_find_extent+0x775/0xa10
[  594.946805]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  594.952349]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  594.957889]  ? ext4_inode_to_goal_block+0x2e3/0x3f0
[  594.962922]  ext4_ext_map_blocks+0x2dc0/0x62e0
[  594.967524]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  594.972551]  ? block_commit_write+0x30/0x30
[  594.976899]  ? find_held_lock+0x36/0x1c0
[  594.980973]  ? graph_lock+0x170/0x170
[  594.984780]  ? graph_lock+0x170/0x170
[  594.988604]  ? graph_lock+0x170/0x170
[  594.992407]  ? lock_downgrade+0x8f0/0x8f0
[  594.996591]  ? lock_acquire+0x1e4/0x540
[  595.000589]  ? ext4_map_blocks+0x88b/0x1b60
[  595.004922]  ? lock_release+0xa30/0xa30
[  595.008935]  ? check_same_owner+0x340/0x340
[  595.013269]  ? rcu_note_context_switch+0x730/0x730
[  595.018214]  ? down_write+0x8f/0x130
[  595.021930]  ? ext4_map_blocks+0x88b/0x1b60
[  595.026258]  ? down_read+0x1d0/0x1d0
[  595.029983]  ext4_map_blocks+0x8f3/0x1b60
[  595.034141]  ? __save_stack_trace+0x8d/0xf0
[  595.038479]  ? ext4_issue_zeroout+0x190/0x190
[  595.042984]  ? save_stack+0x43/0xd0
[  595.046617]  ? __kasan_slab_free+0x11a/0x170
[  595.051051]  ? kasan_slab_free+0xe/0x10
[  595.055031]  ? kmem_cache_free+0x86/0x2d0
[  595.059194]  ext4_getblk+0x10e/0x630
[  595.062917]  ? ext4_iomap_begin+0x1350/0x1350
[  595.067423]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  595.072964]  ? __dquot_initialize+0x61d/0xde0
[  595.077466]  ext4_bread+0x95/0x2b0
[  595.081010]  ? ext4_getblk+0x630/0x630
[  595.084902]  ? dquot_get_next_dqblk+0x180/0x180
[  595.089590]  ? debug_check_no_obj_freed+0x30b/0x595
[  595.094617]  ? kasan_check_write+0x14/0x20
[  595.098873]  ext4_append+0x14e/0x370
[  595.102616]  ext4_mkdir+0x532/0xe60
[  595.106259]  ? ext4_init_dot_dotdot+0x510/0x510
[  595.110941]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  595.116488]  ? security_inode_permission+0xd2/0x100
[  595.121511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  595.127050]  ? security_inode_mkdir+0xe8/0x120
[  595.131643]  vfs_mkdir+0x42e/0x6b0
[  595.135197]  do_mkdirat+0x27b/0x310
[  595.138833]  ? __ia32_sys_mknod+0xb0/0xb0
[  595.142992]  ? syscall_slow_exit_work+0x500/0x500
[  595.147856]  ? ksys_ioctl+0x81/0xd0
[  595.151492]  __x64_sys_mkdir+0x5c/0x80
[  595.155386]  do_syscall_64+0x1b9/0x820
[  595.159279]  ? finish_task_switch+0x1d3/0x870
[  595.163786]  ? syscall_return_slowpath+0x5e0/0x5e0
[  595.168724]  ? syscall_return_slowpath+0x31d/0x5e0
[  595.173660]  ? __switch_to_asm+0x34/0x70
[  595.177727]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  595.183101]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  595.187955]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  595.193144] RIP: 0033:0x4564c7
[  595.196345] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
13:47:44 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x7fffffff)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  595.215248] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  595.222962] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  595.230233] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  595.237501] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  595.244770] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  595.252043] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000001e
13:47:44 executing program 3:
r0 = socket(0x8, 0x80a, 0x4)
getsockname$netlink(r0, &(0x7f0000000500), &(0x7f0000000540)=0xc)
getsockopt$sock_timeval(r0, 0x1, 0xdcccaf29e3c5ff17, &(0x7f0000000580), &(0x7f00000005c0)=0x10)
io_setup(0x4, &(0x7f0000000600)=<r1=>0x0)
io_pgetevents(r1, 0x100000000, 0x3, &(0x7f0000000640)=[{}, {}, {}], 0x0, &(0x7f0000000700)={&(0x7f00000006c0)={0xca}, 0x8})
writev(r0, &(0x7f0000000ac0)=[{&(0x7f0000000740)="b03b19c4b00080e97f32ab8f7c37ae1e52f538555f191e2bb254e7f83aa4ca403c1e13dfe8677dcac87e87a130e1fbadd18f03628f993665a5eecfe1f4d9e11b65b113956b4d3fda0db64c6d30e59a4374e035ba2d4db66832a528521fd0a67b8f165514e0020411d2b641351af2a999b5523941870aafe8b88f08ff4757eb6ef776c90ef274fe0702757ca898539689d1ae1e07a58854ee4f77e420c8b288290737ba62f0aab340b6536b4ae60aaa441c097d5cf2693034", 0xb8}, {&(0x7f0000000800)="ad47baf1537b5e1033db3a0b255914b923a62d8e863fb34176796015816e2edae477e498f8c36d0d0d3f8d9b3cff7bf680a98016f263b01897129efea5875ba78cb388413f5bc4634c00fa1886f25238dcf5e095201c3ce231de34e609d530df35e0ca959f7094b991cd8c1f322dd3e2d22ab5ca8bb247890974861e991420e12fde25f1779b455622672ae764cfd0291644162a73438c105777c53e5fe5ca", 0x9f}, {&(0x7f00000008c0)="64ce843cae644e18b01b599415fe4f2b946d52386ff3484ad8e6c0352c53dbb28304a743af5d958ba653bd432fd502f6c57945f884ad3efacf101db0719037b0f27e273471b4edec0f61c64886cb83829ed0", 0x52}, {&(0x7f0000000940)="63a4e6f8c8416c3e14dd7e0eab123c191633a6fd1315745511ca47d04b41f881e2afdef447fcb360ca71a8286c2cb5f6d7961bf8b3e6d2e3e1d006bc9665047ac887965edf9dd1377c2c4745c997fadca734fd76", 0x54}, {&(0x7f00000009c0)="3c8a49db52db547b1df9137f166f555221735aa20fe723c13124da37b635182447b780c540a8b3318b21faea337b70df24d55c07cdcb43f8cb394e5639cfcafbf2dbd726b9d3c21cbf7ceb777647481563e3bbe389e449b865e2247fa6d507784527df1775e6cf9c7ca38fa39ca477ca3985466ae64865383792748d0727323f638afeaada7ce2650055143f61f71a408a23e81ea4e3eb9f5b615d35c1d3651d50f7be27dca4e1d7186aa951eaa8195c172e7a2bf4d6a16f77aae47af9fad9ca467d10ca1eb4299ebbd5ce696de8841dc45d0da1d24617", 0xd7}], 0x5)
r2 = open(&(0x7f0000000b40)='./file0\x00', 0x200900, 0x10)
ioctl$PIO_UNIMAP(r2, 0x4b67, &(0x7f0000000bc0)={0x3, &(0x7f0000000b80)=[{0x4, 0x7fff}, {0x8000, 0x3}, {0x76d5, 0x100000001}]})
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000c00))
lstat(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setgid(r3)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000d00)={'vcan0\x00', 0x8000})
r4 = add_key$user(&(0x7f0000000d40)='user\x00', &(0x7f0000000d80)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000dc0)="4c59eb2fea67ee4b6ec9a07a377eb26c5c045c1b414fc47641619b5636f4c07ec5ded8821f06b18509ee811a58be4d55b0653bed3848356a3096fd6658293c11fe30c4e9dafd977bad51d878aae0d9b9a2d3dc9b9b6a61c82102a459f31234e9fa15129fee6e8c3899a37c35c1157a41736514c7cff86a", 0x77, 0xfffffffffffffffb)
r5 = add_key$user(&(0x7f0000000e40)='user\x00', &(0x7f0000000e80)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000ec0)="b9d1e16b3364f4143b4260f3330f9898c05d9cb114b75348fd036c6c4a9af1e0cfe8f434f3b571c4846584c18cb7da53f7b39c50d268f8093abbc765ef6cde44a468ee57729faec46fdd651a3ba7b9d5db8ec6b1473617faee5dc042ec313c33e2caa81f06f314611668118686eb173f1d90c6f1d62566d710db4397509898510e47369363e7dd9523aa53ea56895a06e879fd709a58be19c963d5f6f845dce440f603b2b9d53cc9a951a502df986700873b8636d86bc4a549556b596e26f57f0aca69124013cd6177a02daf9e63b49cd66250c81311b2aadd85e5603d7df67da15ff8361e954394b1decb5c4d36fc49ddf009a36a6c9ce265fdf837971413bcc17b861c74a553f7104424ff1dac685f07b926f6ab945c0f54c5664912d8f383371cbff9e6d58ab9654dfa2a93263fd2b7e7539d86dd5d8b219c94ffed818d7cc36f5e81cacb63d1d48139d82f0e2007e2603dbdc0df8733e2343b73bc0deed07808f43f0bc023fdb5e8172382da82fef3a5096fa5bb16b39d512944df3b129b880abe48f1181eb56160ed3166e82ac4254f852f44154146a52c1cb4d3df23f04cb71255934e49687a40de5e0abefbf1958967dbce6704d2f64f078b5d8950f34cb18a153ecfdecdb16579bcacf69d41d9f5fa54792e5f3b2b181b642d51d010a0327d9117d888f30c79db1b54fdfbbc5c79e1173dcf1a4c8232f9241b9a8cadae19dd41eb9fd6cd7962635060d42612ec856460190b210148e8bdcedff7650b33e454c1610d5c7d11f91f5a5b46c1ed9949bcad67720e235de283bc400e68b238cbae2295f17821fe12c9c2ca440ad1706b56fcad8f9d436bd4f40ac4acb0d9d8c4cc7121b5f3c37543286e8354a6af2d15ba09f65e092000225462be73ba51e6e7dafc24167f9b182113b6fbb98f0a4f255b90b0ea22597029c5dd9d442dcf2c13a7f7cff3dab1230b47575b8cb4ff7e12695a8caa4838c63b82cb8f47f1ddbb3da96ecfe3c81a3b07d68e7674c96e8413a3613ba4a7eea8f5fcca554447ac8810885d3c56c482e67e0271ee8758b88a9ea218ead6f25257e270d46030e13cb3602b9bec7a99c49d2734d9bd829b14e9354fb5adaf452023e5bcd276565430dd5697a574e66d98a175975c3293933b6d83ac68d313b83a03f6595cd752c4624d9180da43ab07bf02283ed0f33c5745a3416f198e32d3de1ef64a61d6dd00cc4cf688cba20086ad888fd412b62c0cb892ffba78057dc44789dc8c3a4777d8ddcbec0fa0df80176f6efb4ce889fd457239398461d982a1a037ac2100378935537aada6265c13bcf7daa901f5ecbe4c0f3069d068d65726bce55f7f03654a5c2d087352741aafa7fe20dd5f05a51245e483c4ad4e29e696666c644cb5ca89105178435b957a5959084f962662b380086dfc0e3fcc737d9c69af0232d5511277a4709cf43666343f6c9335407b925b2177c61a3cfa03f14d8f14a5b392630e75e7c6734b8d858b7df6859ca268c814982d26d7aa11d3d32298b1bddac5ad03a4336eea15c4415c07c5b4df11ad5ad30e20db2ea9beaa5ef789f2fc4d596b80e9065e80825bb965ff4d418246ab36fcf0ec51b157a1d7c302cf96465eb3091c383f9ce7c01c8662fbd541a836e88108647127879a7713eda47451f1b88df6f1b07d3ee85b1a5352a4a0b3016eeb44425aa6bfd0aa53b5f95727cccfb4c5a29c9825d3fddbf21dca1a9cff0ecd02580bf98a42c27c48d324d0a82075401d7860632ccc5ec1d265a881ae887f1a476f59945f76d3d30c7f9cb2ca311573c4a7e04f3581a3050fc04e2ec075f6598e620511f6b7d9f680e0ae6c05a81501d0c28439ddb56f890bddcc0c8897ea3329072c7cf9fa69d586322d7a25eb8266f7ad10c0203eae35e66798550817b32ec84d06bb2ed21102ff9b33ae5ea724b372de3c0fc18007ca9638432395b127d50adb0694d23cae362f0bfe852232fd54bd018a2dcd43e956cb88445ca4452ea291479d58a5c34950942f3e9dfecb9a050d3a456bb103a762de221aada69d90c2abc94e3653bfad02e94c2730c396fd6345c9450ea79d479c4c543ca7e0b7a0e26bf2ae552b258e75e06fe112a3788c48147a30e8c57752635bc9ea933ea46d5dc91bbed29d6551c09b550749b95ba98052d0a5ad0e0d1cf930203b938d74330b5f83f4ef809f520bdc66e60a141ff4f9bed8bf331a69094d113088ac8ce3071ba6e20868bda262bdb2f2743278ede3a0fdb3177ef43c56fe4fe08c35cabc12e51977b67dbc2f7e7ba8640402050a4a897fdbc4ab2bcac6486833daa04194e79f46ce00b4d5dcbc02cd8785d3373b64b9391951ee5a46873bbcbb88f50bbfd4661dd199b853a4eefa2a9faadd0d6120f35094ebd1c790d90d91f0360351dedd4860e0496646e0ac650c3c1aa4a0a2ebea2e2bb25595d44208bb4e4c747145dda89942b9326059f4e9730f560c3d261654ec872aeef212e6aafb436ab6534cae74c91ddea2104c12c976496d5fe5305cfa54bacb3c1086c16b13edf9a7fdbaca94c5942b4b6cdeb770af297862605d28f8adfc1b1ac37d7a4428a681820a22edf752cad24976dce55120350031cd01232593074634351c6335225b7422baf8072b10574777f5c810637dec925667e02fd78cf9c6ebff5f358d3bf693c477fb63d8eb85ecbb6205c1472817a0e0485795b862ca08dd694465c8e099930d6b226f8ec065954be9c41b0e6dea36aee08d26cb142d91baf602d9d462c2f5b2f5c090e940564f1aa3d992d9a8c49f95ab76914f269cf00ae74eab429e5060af55c778f5c634c08491430b7113bad46fa66f9a9aa9236f867549b0c072b86bfa516bc9a79b89e0d0b23b637ad93ae06981ed52bbaf0f8890a5b7aff1eb90f714fd75f307c3a3f01efbbe88abb83a1dbc3dfa1d0f5d0aa2d2e8b47b03c4ecd1591a003f94ea5c52473f51f25bb309b825fa976b027182b397c1c83f401b0bc83fd53a5fec4052d9e39a86dcfe8a29a52d7e637959fbb605558412c24183b98020cb9aeb8f5b81e9478a516b12f42201a8e46cf522b1aab906246c53d277b1c42cc350723c9a6a32c680cc0218bb54cc0cfa4fc36d42d8e48a8840c26beffa1f016af3723f43caab4ee9747e813966c5fabd3f4a10c405017be56a21fb0d8364e0299315d71e2650c6e7a45178ca232497ebba80b10e17231bcb197fc72d9cafe02e7bd5b76b43dbc32b6344db5f1c95785b715f193b875aa7608b48f46b103e32475e36b29cf875cf71511dbc2e053597b6e85f213376f886f23dc644f904ae8f021aa3b651173c022cdd9dee131bf80e8030542b1c154b445925fcee9e1dbf0c71a90c351f5025c3e4d491b689886bad703135b4a70b8eea6a5bf1f0ec84d1a2e848f83eee260171343b82716afc1be07df393998b769bacc4049693b875a40ccbd16447ec84f42fe309bd730878e3912ee7750643e09f67e2e30125742f778605027ad3c4894fd95298a34057825087e199cbff390ab6abae1e01b978cc2b3cf521183596b0c06481a6b14913ad63ad38bf4b78a12604ba0b4d6d31125d3190b95a484117a4620cdfe627edb1644a906e5447e9e5fdfdd1c50438a79e55cf8a39ec5aa0708ba1fe80f365f1b90aa5e9a8d9ae5c4e8c035c1e1c94bb0c8eb58a5e2fde2656f4fb89c9feafdafece7355fe9cb44ddac19db24cdc9e0fa67e15497a49d7f0b4fce5fd7fbd9fd5287f8741fac365bb44a7e1ca7b93c57d47809c69236339f857982a89a8f206aa2a0a410e9d0658554990f9ea26af3f475d3c5536e0bc887df5ddbddbfeb6604a9d719a9fa436d4d6ca9f1bb5f8234ad97fd1b7b8cc8ed4b5581dc439edbfe28c4e195df5ea7e5c7589c9dfd4ec14da26f9d8a21b22cc292681235141fd1930f5dc7a750fa9eb44cadf4fb7e5d0d47928fbd7da27fdabfbe5e3d4ec84860d652885df6a2cdf7cc78b19fb2eeb4ca25216e7d165b484e0948ab4904be7454386710d634f8dc983fc1ea572078768a1ef72741debcf7cbeb1cd839f52ea016f945edf3125a045dfe0ed3d790fc6a248c5dd76adaea2d1d4542090b584c81590b8fe2c3cf771bbda6313770fa44689c7b10be666b1cea0307501b3b977521c984ff3827c18535182856d6f501e1dc76f3600aed999432840bcaa6c869226c8c39e5263554bd56635e7a49341221700faa5fe685c7e0b49b06bf327ef63ff8a8ad9d461eb7e27ea01427bc1e6072e95dfafcf101fbb463ee2bd4a9c8b3b14106f86442215b81f0fb566b49d1dcf154593ade96b818640e10e33304ed37f9bee8e4882a0df69080f72b13ec6823ccf688832da58fc666f2e59508c1469d58183efe3aa983759474e4fe0cd946a3bfa0647fdfe3e39a045aee2b992cf66d6882e19eb0220d8cb248ec73653f488595d386ea0a7bc10c1dffb8e20f891a086efadca357741c03e1cf718be391d8e874acd4e375653fcc6315d167ad39e190e2539eeb96a158c505aa74f8dc48eb616956eb0545c813807768330a9db616adae71b764a34ce222f98e0dd8e976b0a38df0366d344d0799fc51e3e259ca0793fa1d4a0d0cd7eef9e78cfae6baf9b08bade924f072055fe54a18b24fa9a13eb70b0219c89d9d9522e594c963806da957561c44fb6e381774c99dc97335b925bf8cecca5dd4a5b05202a76b6e5fdd0698977be3967c85358973597e3280a5c8abc2a8e4b1581f3b6f250ee8bcfd956f43ec2955e16dd823b537b13777561f1e5ab3813363dda79b3494931f2ac98e1874ba75da742e7dafaffc8cf89ac1a27e00ce06b9e972686273da05cc2193af4c08bd391ffe11d49a775c2fd8ba272ca6975cc8e53bf45b9a38990b45a352046a5a076c628612d88015bcc19591c1064e1a11704030f348da7d84c56631de65571307d30e153c0e27dc4006c34fd1e4cf0d34e70bb64ff80c8eb5ba082519dac45bfc86986abb63430bd3ea845b01f69135bd677e2438a9c6d52a62410916aeb3209371f579c38b3729557990840a58d6dbc3d2562a21a39cc4db3cec43bc69db473f8c871a446a7d9116adbe2a90ced33681302980ec9b3d1808237da5fe9f163b9520a3d1a26a1affc3033abd56b6492084e311ba239f33b5a6331792c137ec0fbf1ccc020a85b00f32a586423fa6c60223a35a52ae3c643030e3a81c8739c64b075689d78ef22ec966cfaac4f2ea4ca410fc375a97a55a3eec312de5937dd06637b148c52fe7f59e837726eec04871d2ecf90b22b81055325e99350ac1099bd3ed985a5abcc454f87d4da775caf87dc60dd4866599581219abb192a6d1badd33ba09ca711b8fb47f948711b56f0b6ba6af8b722f1c143848a658d350a3ed680a8c987cc3ec4c2a3e4d5d6cdecf3d4c51924ae698c6b5ae20b7535289facb0c54cbfa4f8a67393d9916cf2f460dc3fdc554898993f22354552e01946924515a712fb6309b863c807730ca7327572d56114daee9417f378cf0848c66cb1b001daf3cc9ee8ff23b13fd537fb64d5be6e768fc797aa0b7cad7c2b6ae13d62f463f6d8e1749c6d7d3c5e799af2638b24fd598f3ec07d1e6ba6143d84f7ca86a522e38cd76dda522cb5a81f023b873f4a1d893f77b25166cbb2c8a3192a1f06cd8cd3c48b76d299057c051cf573406ad4f1a69ea9771ccc31f382f0e396f3b1507012b0f2dd2983a23cf7e39847bb9d378522a0caf35cedca5b84d7aea3a73c9c9657313021195079c29e51a4beaa466e207797adcd9600cc6c9bf03a39f4b4426405434a05", 0x1000, 0xfffffffffffffff8)
r6 = request_key(&(0x7f0000001ec0)='logon\x00', &(0x7f0000001f00)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000001f40)='vcan0\x00', 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000001f80)={r4, r5, r6}, &(0x7f0000001fc0)=""/131, 0x83, &(0x7f00000030c0)={&(0x7f0000002080)={'sha224-avx2\x00'}, &(0x7f00000020c0)="58707e89dda69355d11aad981c399c60a5de9933328bcccb660d26a25107113e1ebd18192f400239effef2a4fb372b7373e16f58393cf0b256bee6064c8a494f27cc0adb798266204fbce1b174514c7c88b7ab997cdba3bf1aa345712fcc36eb372b32bdf210134667100c507c679bbe0b187b0b38d3fac1cba6f3fb7d4d19732eae0df931a1b660497f1456763bb30738a11b0647ef0cee1e8aeeea90e521561ab122746786a3d8452bbbf576a0f37b3de89db456465a6c2443bc4a1c8fabc3b9c526c1e34c9b55cde887e4f46abadf2c5e511d537862451bf36fcab195a43b1ec4e28bb05e97ac9084dbfca2174ef4c0d823b0648bc1f36e35c7a64d443448c78bf75ce1bf0593f8dd5811302f083c7b013a05551b6b56f9b5f08466092c7126be03479dbef627ad71835bcaf1b4c1046a7cbc12d5b49512816ae5985b136b4fc92908f1785f25f7a89fff4dded05ef73ac76de431e52e28c3c888e4e9c421de9c929a2d94ce1b8f23eb0cdde17d38c62bf8d0a5f234c4853d4707b5522609359adf13b5434fa73df710d438e0417d6a078f82969e1ef2bec31a06b90160b160c7e0dc84665bb3035c0ee5b5178b4439a6888f4ebab25981642df67db6eb10047c605006bd110c35c75de669235d38967d509d947d52175be9ddfa255e3eac85ca08c83a1faa55c70bd706bd63e5144ecfb7c0b43401d4a3731c22b83f4fd31660a2170c52561c7846e36a4d89e1cba0f8bc19763139c831498116bb769d28b313ae079b55e7d7f1e9f02a781a4b917669090849c82de04790e82d8e11de51451827f7c60afdef1346b459292a68356af488f84c41ecb2187ba3c4c9b3da29cf75c3a4137887b649d65be5c2804a690077d0c425f95f3529b6c53d14ef209bf5de442711a82b24c378e1423ee0c599eba4f2184fa6f6a66624fd5d5f8230694974e20804fcbf6eaea0748f57067ee9690c605db72826765649cd3eb2eb02c26f6b647ba062001a6a8db5a95d1975f62880889823007eddb328c3db3483978ce6a477823f4add9b976f405336d965774da1d050b8470ec8e0b5f668ebdfb900c570431e46580c47ff5e6993c3abba8dbcb415f95d67bf7a60359100f9f94d9a90c7b99f66118707b0b92e76817556ca8704300280fe9a02ca60b3a2bf1d566a5659f4ba67e174bd64228d8a44dd069e2a68c88c8287fe6c24dbed029d5d7330c162516ab851d5e58f708cd3f4d1ef562b097b19c07ece806c395ac2eeeff1702703bf6e831b210da6ac12902fc8b12406729b57fdc53d3da62d5d7a9e524b156315ade391aecced4f05234a3c2fe127a311e2c73aea2be731772958791b285d85fba68ef18644b5994255aa202f23c8ed673c096ed4268657b1956afb8422aa9008933edc73a8bcd4c3fcfcbb7500019476260d215d3c9c5eb176fa55968ac63e2e7d55b613fa1224ef9bab7f7723f3a64e0091d9f9b28eac2c54e749aebbbf0a1d051bb66f74f442be1bfb235731e418e1654d1cb929e3f18db454d4c022dc9490cd6a212a54620ea2667105a531a4390d19a9ee69b51731814545ca93b11dfecd80d5dfd8a477b308453a8c7e2913287d7cc89cf219062f1187484a92faa369d911166ea856bf6a5d64d3dc3a8067da310c0836b0fc689e8fd9a0a20d1af63d2e696161fab551845a8787a40787b609ec0df9257e60e469f2caecfe1659b09d67b6f640c1a174be8d5cebd9c38429d556c0cb8851bb6e6b5f7f699a40ca19a7328f4eb199f9eaff39f4d44ac11e0e4f8320e2e4d2190fe0d2215b7eebdf4a76767e2b0ae0cceb3cd341cd01d480f4d39f8b357edc8a515bf22d4d978239935f0ac9a1f3da131c1c61d6b200bfa4e43f92b5281c354d271d05994f7ebae317898f63a498fa55c15332e1ea2d3a376f7d65e086b22ff23417040a5251bfa5f7157c2c5f02fbb0b4759a1409f085206ed113c7dd3d9e5205ac44083f33d919b9dbe21de2d923f9cac05e8709bea05c82a899db911509ab21201dff24f033a4d7c1cfeb74e9aa6e608b2b1a1e7ea8ab455e06baece96067d92c715d24e5173748195b56c64bfa64f055f6c5bebeee6d84ba188076750e420dae184f4bdaca34ac2c94c443e7a95f611a7df0af324b65d08c43898c14efd79f185db3932696d68123fc67b291b0c06815041c5e8b6013825b583eb91536c8fd62652bbae9293105f0792e7dbbc2922493b09c4e7cba4b27fb9b1438761a606bceb1cbd236236935ecd2d0919cc5f222eb190255c57fbc778eaf9d8402d497b373c92c3781b801769efbba969aac411723b2b08ac974b34c45160d0559b5895de1c9825eb7ac442a8bd72f7d4db19395c3c8402b9664bd319a402f3a9b0306ea5874b25cc9e07cf0127604fdbb696cb9c3868f05c921d7dde4da79d9dd9fc29fe1d070e4b22fc5aa12dedb9ac48ed71ae172ace9a30e2b60c69523f2b865019302dd3e0f51b891d65ecc2fef1ecbceac6a12ec2c855b320ede399dfbf4e312fdf1f41e92bc4c41a2fef6a4eb87c9405cfa9fe4579aad4de06e31f68c30f295295bdff01b75e511b1ea114e7e7bb6ab868bbe51057d6e52075cb045b6ce7630fd84131a368f47d4f35a8ae9c6d16f0460a4c28516935531b9b90db5b563b6d4d3f40d758140a5c932ee0ddba865cebfd387b4972d0b01acd4162930397324fd9c095100470d030712560fb701df6dd1a5beb77c821d5c9183bd40004cb39ad9b09a5d18bee67a7c46c1fee5c834f0c4591d395fdf970050fa55f2fcb62cae9e83beced8e0c46f18ed5a103a7bd48e53373af6d96169d29e97bed9bc18381793845eeab1dfc2bcc70642e377fd16b22fc1f289e6fcb0ad3a3a703a5d44f8c9eceeca6a36dc5f2932f3ddc9ad87a663449d290b139d3a68919fa8b9e28e4beea36dce58c3c96fd2f6663bc4f7428794e2eb1f219eae09e269cbca6a88c48dbdc4599fda092ccfb21b7f9b21f42d5f2dd84b7b74c24c82f4186036e416feb5a90f1cbd5755abad69d755b620bf4666241fead7116b01e15428258b2dc6f0de2ecc2139b36e81573d079c4e44a6ebfb0548914da6a07c02582b03ad6b472d1b40d89f568a8ab3a587927e568ed29c11a6bcc4ca9db2dd3ea2f10af65e83e79ccba437234971e0989977eef5108996636ec6c2366f58a25577bb5e03681693315deb3501bc54910eaefd296eed5709caccad574c9e15484480ee6247721d13011d9d8736a4e6afdd2c9e4db1753719ae6483b074596f00fe370717ce56a38b266802256d9af0c5cd0012a47e8453a71c230885df7a4167d79a32bcfb5fb7b0a78828e4c85e30ef679bb8c898f959a78f5b6a2e6c8b068f8802c0f9b9381ce811712bc9409a067e99c3971656dbd09ec7f6050abba2aff059fa494586adacf039fc4d7ac9c82ce0e6f2051237daab41a689b458e08bb8ecefaa44634d93fa75622c03cca467dd2fc4d64c868d9731199c20a07d62dca11d08d6414b8b0b443652e679b0d13f1ef38208d5e017d106e8b65b9f2cecba777de2456d8d172549fcbb610acf1337b765a65d8a126dba69f6000203aaed7d3f72ee9f31bb6a6e390ba4a37c48b4645dfcc2c1c7af612c3a5204c676bac195847eaf2d26f43fad2b64c84de8417e4d3934701624612808d27719799f3d1c47fb5a976b97d07e3b9d8cbfb0a8676f915a03249fa1749f735dcd62d64a1a6eae5be19ca2d62802f53e52717c4a3499a36766b8baf69ec266bfc34b550f55d5533841e62b6340d039691c8c6a64d3627f6b1ec2506185097eef34851be76d9b677735c250becf7cbf9e39ff6ae35432eab7889e0a29e08541c15aa33a777f4166b45f24dc37826aa495e7c2ac3c5ed4b8884e86df2cf86b4b52ab5a71d050c23c41ff47ab2d600ddec1e416837dd9df5a3bcfbaeae1bbd1be11450103f25876b3b4b9bed160387eb5e78536d9a25a347730e4fa801d87493d0a4bb1606747e567429c9eb3cbbd0de413d61ea9fd9a0332761d17261b1c04c9448fd28e0f1fb0d7f08fac2b7427ca3e9c03d505afa1fa70d90a08959405bdd54567596c07f40685d99e841202e8e7bd875feaff5e81bf555d380d3aef879d3a0fedb7f42cbf8e08a3659dc0d2c5f565f2e52b4e7b7defc6180541f9cfe2c424e1853f95f0444ea3e643b9f50c5ce5c02e96bdad00b0cccc56ded17a1956c9d6672d9469994fdf39793f8a5f03e219a22ad2ccce04b71947e54d22bbf38d5d3a425dddc7b6f80084a8e249d024b2a5183c8ba7a8eb9a18ee1d27f14dbd643bb820686ecbdb5e6497462b79ff4e2f4fcc34737104d097c053e378900a57edd0afce84a5d7560536d69439bb3bcba9938d735d322a113986035ac5a47493e38f14cdca32bdd5e9547baf596285b433424ec5fff0dd5e2256683d96ec363ee2e233359d06d9af9c1e39e3c7a93a50ff74f7e0e90ad6b4bc5964819b5f4bc26314210f8b2561b9201644d30d66342e2f34c99fd73aa036aa0dc73c137cc122facdc8dd0c5fcb8c97c4eb21b071d8c94d1d61b1a035e7fd5fd5a8a70ae25a6aacd0438e906d07c86f5e27adf381a7a31c4c0729d8aadf9e32f247a032fa81fdc649d8657627db23da0a5289cc7885fbc3c7c656cfc8419b18776ba26b32ab552e31944cc1a78f1587018f24df78b01d3a24d9f220d3511f0d481c20e535a3e0d3701027d7aee98311fe74b30754c78dc29165969030e1352bbdbe251b18e73337f4e538cece027ad376c702a270d2d5a1c251f9e34db096b544904a6a43444185f25394c703e335d4d60a21fb684c6ebd97cab86c76a933e4134f1edd47c6c29a3c7f43914a721d9a249c001f4f2b09d04728f82d3523fbbd538d61eb34815133f87959716549c0e782fd56e83ff1e9ec396acbb3110e6c86089ef5294505de872362c90a0d3ddc04e4af462b1de543516957a27890cc8887c4bc60bb2e702e41565bf4e1ccd69e2c3a96ad3df3cc46f32c3cbe90c4a35813a02357cac54867c0e8a84c9665b885e9bc5daf5c603e073bef5f2b096ea83fe153586ef55a9106e6118b0786896ca0ff47c15baa443986f9759ae2f3a6b2a19d59e3c2d5c34755eafdd4c37458e7d935af66a06feb3d9ad94f3071e076ba9c93c193eff4ef2e371059e2b967af280efb4d8bbbc46a9173905226c705ccd37af528ba83b206c0393e6c664e5e43cdae69bba889d91913705528b0dc75bc5baca39d7e62a494e30f98e414f32aeb0b0c4f3802e7c370e9b59382bd784a4ec36c174fbf94431f7ed4cc206e07d28cc1ab8bc0eb659e649605537f044cd4e0c2fa3668654aa677e048577279e3c7d949ec9fcb98cac6ef5c9f630bf5332f820281abf477aa29ff15c714bb0a481e5b513a1dfec1d3c9a38f9685219948817e62175b92646892b7cbebd87e7df0991136179d09004cf09cfdad53ee3b63b166289e9346e7f4562c4100cfd2da110acfca8dabefe2b03b5bbe0b1cb054a48bb6f40051a152d1d31a416bcb6d9cf2186f8c419e23e67367a50c685bea4b028cb8cf3656176d70f1674b65e3a179fe75ef4fe5786adbc1d7799382cba403f67f3f79f86c28e0c3a2c14c4b653b617eaa77372e226ba020d3776984d1e9ddf840db82c151e0836d2a07b26fa7e616847b2d8498432271bafc8f8d3b6c96d9da7d7bbfa6bedbdec8ad65263141d2c2959647fd5c1ed269859ad280b090806ba718ebd4063f2d2d84ff48419098dc6467987843e903a94b60e91be902007e86bd5a2dc8d842bcf3eb19cf8217b9", 0x1000})
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000003100)={{{@in6=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@remote}, 0x0, @in6=@ipv4={[], [], @dev}}}, &(0x7f0000003200)=0xe8)
sendmsg$kcm(r0, &(0x7f0000003880)={&(0x7f0000003240)=@ll={0x11, 0x1f, r7, 0x1, 0x7, 0x6, @random="fdeb09433cde"}, 0x80, &(0x7f0000003740)=[{&(0x7f00000032c0)="3211227c5a2b99a560c1ae6e94f792dbcdf9acf379e7f1d28cf959ce7e187318b42aed44da7e836da42890ed3f5c2db1841fce7d80a067784f6619afa8d2c94fafdf5b269a96ac41f56514caf0b65a941001ae79deb4a345a869e97d0edc9b47d8bc7a42c1ceae1c504fa87ac0fda523c1bcc9cca8d2e5371e4b2a29616664b7e2c1d67c59f1ae3752f1f3a1f99c350e197de21994a473969224f7243f4214f0f5e8fdd4135554aeb55ce45a38c23d", 0xaf}, {&(0x7f0000003380)="68efb5226f86584a1bd854982e229250afd4d696bd34bf8518b991cf61557f0766bf528fce12e9cfca52398a752530abd7002e4af9e2129f3209b14851d41d24fcea87ef3654afc727e846dcefa21051051948a08d0d7e696c5a97702017e266fefdfafbd81c32b797d84c7895438278cba6ffe1b44ba339b598ed15660cc9", 0x7f}, {&(0x7f0000003400)="2bbd16b58f8e3d6eb53cdd220c690d432bea2ed444f32e43676a50fba49c69f04b26943788c5b082a6b2eed629c2391c6a09632ab730fe77a040957b4c8cae23215ee33bcc230ba03521e49bbf7d9c543e9571acc9647797439652412a06792e0c3bb7ba7059af8920160d99bd08858202b403729db47115e54904c2b03ff8a757a5bb29dad0dc3af4287da97d391d0da45c4bfc4a03d409c2962f76f7cff876e115a85853cb068375d76338e7f05287164fd3fa752bd4a4d19167b7f92478ec67980aaf617a8ae21c0c5a93b1be390dffeb0676f4aedc8fff2b02cfdbbbe0d41dd3318b32633ec4d356a249b09e59601a51291dce9d", 0xf6}, {&(0x7f0000003500)="56b5a6e150bde3430aaaaec4d17b2b3e097117098bf3ecb72a57c9a720653b664ce30b25d083edd0c21faf2bc04e366a222319a1aad7ae8c6da6522ddce9865ff03baa80b2f7bbe50fe3f155fd44295746", 0x51}, {&(0x7f0000003580)="089400b79c67fcdd67a8704c9b8e747d124c439c6bd2bf35d92418cb9046ec691b91d9e6d455a7d164fb65bec35311cc682ecd0a33fce068a6b7461e5b93f325a00988fb72ea197369462b1f84b4b42522cd3ef5e7da4c2e", 0x58}, {&(0x7f0000003600)="684ffe3323fd942ed991cef33a075790a5bdfa256e749847006e34a1abf446900850ccc911d47ba8ef0d76c07aee5e5d17d76f", 0x33}, {&(0x7f0000003640)="cf9822312628c3225a8ccf3ecab4e3975925622b6bb4aab390664bb77cf755a3b8f7c8b70519b3aa203c069d68ea8be02acb12fc94e47155a490d771ae34ef52c3eb26b0f0d63f1a8e1d57e78d23ac28d3ad3621", 0x54}, {&(0x7f00000036c0)="1962adbcaa2abb", 0x7}, {&(0x7f0000003700)="9244", 0x2}], 0x9, &(0x7f0000003800)=[{0x78, 0x196, 0x5, "d0ed032ac262e5f1983cf936f9c1455b8465d1d8f6e2597eb16cf5e6df01d76c968a7b5987c75601947acc535c32fb97e70db8fbc931fbe9de5929ace8657642e7f62a68ea743d600b20d6b5bebe9b286f722cb8ab1dd1cd543f8c51cc54a59950e4a06a92347c4b"}], 0x78, 0x4800}, 0x4048040)
getxattr(&(0x7f00000038c0)='./file0\x00', &(0x7f0000003900)=@random={'os2.', 'vcan0\x00'}, &(0x7f0000003940)=""/8, 0x8)
gettid()
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000003980)={<r8=>0x0, 0x8, 0x5, 0x240000000000}, &(0x7f00000039c0)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000003a00)={r8, 0x76ed, 0x1}, 0x8)
r9 = syz_open_dev$midi(&(0x7f0000003a40)='/dev/midi#\x00', 0x4, 0x10000)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000003a80)={'veth1\x00', r7})
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000003ac0)=0x3, 0x4)
ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0x3)
utimes(&(0x7f0000003b00)='./file0\x00', &(0x7f0000003b40)={{0x0, 0x7530}})
getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000003b80)=0x1f, &(0x7f0000003bc0)=0x1)
getitimer(0x0, &(0x7f0000003c00))
setsockopt$bt_hci_HCI_TIME_STAMP(r9, 0x0, 0x3, &(0x7f0000003c40)=0x401, 0x4)

13:47:44 executing program 4 (fault-call:0 fault-nth:31):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  595.340752] FAULT_INJECTION: forcing a failure.
[  595.340752] name failslab, interval 1, probability 0, space 0, times 0
[  595.352116] CPU: 1 PID: 9921 Comm: syz-executor2 Not tainted 4.18.0+ #195
[  595.359060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  595.368435] Call Trace:
[  595.371051]  dump_stack+0x1c9/0x2b4
[  595.374709]  ? dump_stack_print_info.cold.2+0x52/0x52
[  595.379937]  should_fail.cold.4+0xa/0x11
[  595.384026]  ? save_stack+0x43/0xd0
13:47:44 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x2bf7}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  595.387682]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  595.392829]  ? lock_downgrade+0x8f0/0x8f0
[  595.397010]  ? graph_lock+0x170/0x170
[  595.400836]  ? kasan_check_read+0x11/0x20
[  595.405017]  ? find_held_lock+0x36/0x1c0
[  595.409134]  ? check_same_owner+0x340/0x340
[  595.413477]  ? graph_lock+0x170/0x170
[  595.417307]  ? rcu_note_context_switch+0x730/0x730
[  595.422260]  ? kasan_check_read+0x11/0x20
[  595.426442]  __should_failslab+0x124/0x180
[  595.430701]  should_failslab+0x9/0x14
[  595.434517]  kmem_cache_alloc+0x2af/0x760
[  595.438663]  ? find_held_lock+0x36/0x1c0
[  595.442749]  alloc_empty_file+0x11a/0x580
[  595.446923]  ? proc_nr_files+0x60/0x60
[  595.450837]  ? kasan_check_read+0x11/0x20
[  595.455013]  ? do_raw_spin_unlock+0xa7/0x2f0
[  595.459443]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  595.464054]  ? kasan_check_write+0x14/0x20
[  595.468323]  ? do_raw_spin_lock+0xc1/0x200
[  595.472602]  alloc_file+0x5c/0x430
[  595.476177]  alloc_file_pseudo+0x261/0x3f0
[  595.480442]  ? alloc_file+0x430/0x430
[  595.484254]  ? check_same_owner+0x340/0x340
[  595.488583]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  595.493613]  ? __check_object_size+0xa3/0x5d7
[  595.498139]  ? kasan_check_write+0x14/0x20
[  595.502411]  __shmem_file_setup.part.45+0x110/0x2a0
[  595.507784]  shmem_file_setup+0x65/0x90
[  595.511792]  __x64_sys_memfd_create+0x2af/0x4f0
[  595.516488]  ? memfd_fcntl+0x1580/0x1580
[  595.520589]  ? ksys_ioctl+0x81/0xd0
[  595.524250]  ? do_syscall_64+0x9a/0x820
[  595.528252]  do_syscall_64+0x1b9/0x820
[  595.532166]  ? finish_task_switch+0x1d3/0x870
[  595.536691]  ? syscall_return_slowpath+0x5e0/0x5e0
[  595.541639]  ? syscall_return_slowpath+0x31d/0x5e0
[  595.546602]  ? __switch_to_asm+0x34/0x70
[  595.550684]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  595.556076]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  595.561430]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  595.566643] RIP: 0033:0x457089
[  595.569854] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  595.588778] RSP: 002b:00007febdb483a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  595.596503] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000457089
[  595.603781] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c22d5
[  595.611062] RBP: 00000000009300a0 R08: 0000000020000218 R09: 00000000fbad8001
[  595.618351] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000003
[  595.625628] R13: 00000000004d6578 R14: 00000000004c9bbd R15: 0000000000000003
[  595.674791] FAULT_INJECTION: forcing a failure.
[  595.674791] name failslab, interval 1, probability 0, space 0, times 0
[  595.686242] CPU: 0 PID: 9940 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  595.693188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  595.702552] Call Trace:
[  595.705183]  dump_stack+0x1c9/0x2b4
[  595.708840]  ? dump_stack_print_info.cold.2+0x52/0x52
[  595.714055]  ? rcu_is_watching+0x8c/0x150
[  595.718224]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  595.722924]  should_fail.cold.4+0xa/0x11
[  595.727019]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  595.732151]  ? kernel_text_address+0x79/0xf0
[  595.736605]  ? __kernel_text_address+0xd/0x40
[  595.741129]  ? unwind_get_return_address+0x61/0xa0
[  595.746080]  ? __save_stack_trace+0x8d/0xf0
[  595.750421]  ? graph_lock+0x170/0x170
[  595.754242]  ? save_stack+0xa9/0xd0
[  595.757889]  ? __lock_is_held+0xb5/0x140
[  595.761954]  ? ext4_bread+0x95/0x2b0
[  595.765682]  ? kasan_check_read+0x11/0x20
[  595.769844]  ? check_same_owner+0x340/0x340
[  595.774176]  ? kasan_check_write+0x14/0x20
[  595.778416]  ? rcu_note_context_switch+0x730/0x730
[  595.783359]  __should_failslab+0x124/0x180
[  595.787613]  should_failslab+0x9/0x14
[  595.791426]  __kmalloc+0x2c8/0x760
[  595.794980]  ? ext4_find_extent+0x775/0xa10
[  595.799318]  ext4_find_extent+0x775/0xa10
[  595.803488]  ext4_ext_map_blocks+0x293/0x62e0
[  595.808004]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  595.813033]  ? block_commit_write+0x30/0x30
[  595.817372]  ? find_held_lock+0x36/0x1c0
[  595.821445]  ? graph_lock+0x170/0x170
[  595.825254]  ? graph_lock+0x170/0x170
[  595.829065]  ? graph_lock+0x170/0x170
[  595.832870]  ? lock_downgrade+0x8f0/0x8f0
[  595.837032]  ? graph_lock+0x170/0x170
[  595.840856]  ? lock_acquire+0x1e4/0x540
[  595.844836]  ? ext4_map_blocks+0x88b/0x1b60
[  595.849171]  ? lock_release+0xa30/0xa30
[  595.853158]  ? check_same_owner+0x340/0x340
[  595.857519]  ? rcu_note_context_switch+0x730/0x730
[  595.862513]  ? down_write+0x8f/0x130
[  595.866231]  ? ext4_map_blocks+0x88b/0x1b60
[  595.870557]  ? down_read+0x1d0/0x1d0
[  595.874298]  ext4_map_blocks+0x8f3/0x1b60
[  595.878451]  ? __save_stack_trace+0x8d/0xf0
[  595.882788]  ? ext4_issue_zeroout+0x190/0x190
[  595.887294]  ? save_stack+0x43/0xd0
[  595.890925]  ? __kasan_slab_free+0x11a/0x170
[  595.895332]  ? kasan_slab_free+0xe/0x10
[  595.899309]  ? kmem_cache_free+0x86/0x2d0
[  595.903464]  ext4_getblk+0x10e/0x630
[  595.907184]  ? ext4_iomap_begin+0x1350/0x1350
[  595.911693]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  595.917234]  ? __dquot_initialize+0x61d/0xde0
[  595.921740]  ext4_bread+0x95/0x2b0
[  595.925292]  ? ext4_getblk+0x630/0x630
[  595.929191]  ? dquot_get_next_dqblk+0x180/0x180
[  595.933866]  ? debug_check_no_obj_freed+0x30b/0x595
[  595.938886]  ? kasan_check_write+0x14/0x20
[  595.943138]  ext4_append+0x14e/0x370
[  595.946868]  ext4_mkdir+0x532/0xe60
[  595.950515]  ? ext4_init_dot_dotdot+0x510/0x510
[  595.955194]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  595.960737]  ? security_inode_permission+0xd2/0x100
[  595.965762]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  595.971303]  ? security_inode_mkdir+0xe8/0x120
[  595.975896]  vfs_mkdir+0x42e/0x6b0
[  595.979447]  do_mkdirat+0x27b/0x310
[  595.983084]  ? __ia32_sys_mknod+0xb0/0xb0
[  595.987241]  ? syscall_slow_exit_work+0x500/0x500
[  595.992091]  ? ksys_ioctl+0x81/0xd0
[  595.995727]  __x64_sys_mkdir+0x5c/0x80
[  595.999623]  do_syscall_64+0x1b9/0x820
[  596.003514]  ? finish_task_switch+0x1d3/0x870
[  596.008016]  ? syscall_return_slowpath+0x5e0/0x5e0
[  596.012953]  ? syscall_return_slowpath+0x31d/0x5e0
[  596.017893]  ? __switch_to_asm+0x34/0x70
[  596.021958]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  596.027332]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  596.032186]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  596.037376] RIP: 0033:0x4564c7
[  596.040589] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  596.059493] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  596.067208] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
13:47:44 executing program 1:
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
getegid()
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000005c0)={{{@in=@multicast2, @in=@dev}}, {{@in6=@remote}, 0x0, @in6}}, &(0x7f00000006c0)=0xe8)
r0 = semget(0x2, 0x3, 0x4)
semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x6)
syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x3, &(0x7f0000000340)=[{&(0x7f0000000240)="647ee29f8b05ab1edd48fb05c9297d60fa921391d1c84d813c0a407423df384cb56a03b3648a55c606c73681e88fd4097d8bfab271b23e471f6f7a6dcd7194ee370cc156f02dcb99edef3c6d1581086e639657b41f05bd79711ce3c3f9293725971d2efada58e2c40de1d095627db4c196ae537aeb542aba5a713663e1604304ef6c6c9c395c175f87dc4e479b90adf749527687d3b51e92affd5d01fe4324b9", 0xa0, 0x5973}, {&(0x7f0000000180)="2f57c370f4797f193b1789a7350fcda0c1a42b3af3b42717e0cfab3de1f10077891dc903ab6f4917b5e67cccd8031da002979bc3c1c06a60dafb8e073cb2d2343f69b81d129b95edfa7aa7b53d9b67572c5983ff14", 0x55, 0x1}, {&(0x7f0000000100)="f5f41bd8ac90aead0c2380a2e849e624354118f9c86134de3c4467f45467b9869a", 0x21, 0x5}], 0x2000000, &(0x7f0000000440)=ANY=[@ANYBLOB="6461782c7379737667726f7570732c6e6f6c61726765696f2c6e6f61747472322c6e6f6c617a7974696d652c00b80cf642068b0d697e4d980817274d78e11c05591f2b1a1d853c720d81959a8ef05e3c9fb8f9beb76ebc44819adbea9045e7d2968cbb840f8f3976173f0fdb28873e05"])
mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, &(0x7f00000003c0))

[  596.074475] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  596.081747] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  596.089014] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  596.096287] R13: 0000000000000001 R14: 00000000004c9bbd R15: 000000000000001f
[  596.112222] f2fs_msg: 6 callbacks suppressed
[  596.112242] F2FS-fs (loop6): Fix alignment : done, start(5120) end(19456) block(13312)
13:47:44 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1f000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  596.126713] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  596.133838] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
13:47:44 executing program 2 (fault-call:0 fault-nth:4):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  596.173385] attempt to access beyond end of device
[  596.178423] loop6: rw=12288, want=8200, limit=64
[  596.199178] F2FS-fs (loop6): invalid crc value
[  596.208208] attempt to access beyond end of device
[  596.213281] loop6: rw=12288, want=12296, limit=64
13:47:44 executing program 4 (fault-call:0 fault-nth:32):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:44 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='sessionid\x00')
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000300)={{0x5, 0xffff}, {0xb49}, 0x6, 0x1, 0x80})
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
syz_read_part_table(0xffffffffffffffff, 0x176, &(0x7f00000002c0)=[{&(0x7f0000000100)="01817b5d45da0ff1dd700382efdd9a36ffabff7f51504ad5d8195db0293b6edd0db612817e8fe5eaf44ebe0580bdddcb8ac7271917b340520ddfa27bb049a73b2a86299587d1aa9c89ee4c5f60445223a0554ee0c75dcd359eb7a70b4a506e4013fd01a9776bda621ce2d1911e10e208a6d08881121cd160c196e85b23a8d55adad3caa1596bb139969ce14432a19ca3add5f7249a1eec8dea74e270b73f1e5c1c3fcadf22b1248ddb66596455f6488bc04995cf3cc8407eb95f54f954b890c888977044ac94c2d77e8494c0109a46bda2ba120da056bc764fc30fb742700ec6c5af4933ebf16baf3f5fc15260615902dc69c5ad92cb1b", 0x0, 0xa9}, {&(0x7f0000000200)="27f6af042c66882cf0706d9337de660c59f2cbb376462334399ec6d579c4d7d3c59fe91f3ce05c71218b96d7f9d999ad9a95b8d4e34ed2cf723cc1a3649ed1a17d351dfca36510abd5fd0d723800167142e3322432407c495cdcb7cc5c926976f3ef23c63685e5efc838bcedbdd91ed529e1aa621c251b34099c6daf694b1d5cb448e69a0d9030c161040923336e31f9cab57c2095f4664fe28bd18eb0fd0e4084beedf160ab3fb453682cae5e63", 0x0, 0x2}])
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f00000000c0))

[  596.231427] F2FS-fs (loop6): invalid crc value
[  596.236165] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
[  596.282337] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  596.289475] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  596.297855] attempt to access beyond end of device
[  596.303037] loop6: rw=12288, want=8200, limit=64
[  596.308639] F2FS-fs (loop6): invalid crc value
13:47:45 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000002c0)={0x23b6, 0x3})
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
setsockopt$netlink_NETLINK_PKTINFO(r3, 0x10e, 0x3, &(0x7f0000000800)=0x3, 0x4)
sendmsg$kcm(r0, &(0x7f00000007c0)={&(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x2, 0x4, 0x2, 0x1, {0xa, 0x4e24, 0x1ef, @mcast2, 0x2}}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000380)="83634d7cb1b2f41816507cc4f402dd7b507ac69620f616e8fa804a71fbe950fc76cb85e16b13925147bab0da31b261911b4035d4c9b7ec59a2d646ec4df9b8", 0x3f}, {&(0x7f00000003c0)="5868ead5e1c363ead03abd7e75922610c61677aaf5df990a6109b20cf4b0da23e51958278acd326752cb5004035c9123ef16f0d5102fdfc4e67aca1bfc08620a39288a762cd762616b33d9096dd54ee660103c65d7450fe3c8a6ee5d81797052f5d53ea81fd505c476e6f75d276fd50d8e5c243491eeb2604478d6d6352e8c15c5e17c309884bbf0e100f91012cff5940d7672184f699edcc569bae422f21bccc408c4091ee082e97403", 0xaa}, {&(0x7f0000000480)="5b4c44b000187dcb99f30adb591c665bf22afa3fb3211e329b14352732c98f6b6f958a6a7c73b9ad431f94ed49de5f649086aabb684e0db0aeb45f931b2d", 0x3e}, {&(0x7f00000004c0)="455eabf018f8ee9f8467388e92ca71f450599af622d69ac3b847b3a8fc23ec2a6a1b25efa8c2bc635ff29e3a14618c9e33a34798b83cb0e05e66498f31f2399b", 0x40}, {&(0x7f0000000600)="4110e765e65a3b2e73c4c71c88371684eb54cfac29417be66e5eaa1c8b1372882509b966b720f7c31674a2fb074a1c7b13a4a4f080c2135bf65f8771dc42c83759c6434f71482ae9031448a277c76f380532e75d3efd4164c77ed1b7311a4d6dd6080707f526181d699c29b610d8c0e8077580bb4c4d48532cf98195157279551a13efdd6d84265558c0014b0d8642accb32994765415865ee4d529e6a83fdb6a1c0e2b30f780a137d7b45fdabec5fabe606ccbf64a587ee8fa86a8659d44861612df857908ba13f5f94", 0xca}, {&(0x7f0000000500)="e52e023c4285c9b8cfaf935d54caf9c59663139a88", 0x15}], 0x6, &(0x7f0000000700)=ANY=[@ANYBLOB="880000000000000016010000ff070000bca99e883c25746e577809efb7d9558e7caff3c25e4e5da7f64760c9b68a921fce82566995c9d0faed8c752e74a14e3a02a89f2c89a476e12ed58844a4966a84cbcdb27d710d3c99e35bade6ae607a7cdd438bd9ba1b9b76a1ad655768397dd0f3a25b3fdf9c77fb165c5156df99a67b23005cf448d8334f"], 0x88, 0x40000}, 0x80)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  596.332656] attempt to access beyond end of device
[  596.337694] loop6: rw=12288, want=12296, limit=64
[  596.356926] F2FS-fs (loop6): invalid crc value
[  596.417366] XFS (loop1): unknown mount option [nolazytime].
[  596.451616] cgroup: cgroup2: unknown option ""
13:47:45 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  596.464625] cgroup: cgroup2: unknown option ""
[  596.471789] XFS (loop1): unknown mount option [nolazytime].
[  596.493205] FAULT_INJECTION: forcing a failure.
[  596.493205] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  596.505125] CPU: 1 PID: 9976 Comm: syz-executor2 Not tainted 4.18.0+ #195
[  596.512067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  596.521439] Call Trace:
[  596.524056]  dump_stack+0x1c9/0x2b4
[  596.527728]  ? dump_stack_print_info.cold.2+0x52/0x52
[  596.532955]  should_fail.cold.4+0xa/0x11
[  596.537044]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  596.542174]  ? print_usage_bug+0xc0/0xc0
[  596.546263]  ? graph_lock+0x170/0x170
[  596.550101]  ? find_held_lock+0x36/0x1c0
[  596.554178]  ? graph_lock+0x170/0x170
[  596.558000]  ? find_held_lock+0x36/0x1c0
[  596.562553]  ? __lock_is_held+0xb5/0x140
[  596.566657]  ? check_same_owner+0x340/0x340
[  596.570987]  ? find_get_entry+0x2e4/0xc90
[  596.575154]  ? rcu_note_context_switch+0x730/0x730
[  596.580113]  __alloc_pages_nodemask+0x36e/0xdb0
[  596.584803]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  596.589856]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  596.594885]  ? percpu_counter_add_batch+0xf2/0x150
[  596.599839]  ? mpol_shared_policy_lookup+0xf7/0x150
[  596.604876]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  596.610424]  alloc_pages_vma+0xdd/0x540
[  596.614421]  shmem_alloc_page+0xa8/0x190
[  596.618493]  ? shmem_swapin+0x230/0x230
[  596.622508]  shmem_alloc_and_acct_page+0x1f1/0x820
[  596.627451]  ? shmem_alloc_hugepage+0x4e0/0x4e0
[  596.632132]  ? print_usage_bug+0xc0/0xc0
[  596.636213]  shmem_getpage_gfp+0x6ea/0x41e0
[  596.640576]  ? shmem_writepage+0x1380/0x1380
[  596.644997]  ? print_usage_bug+0xc0/0xc0
[  596.649064]  ? print_usage_bug+0xc0/0xc0
[  596.653138]  ? print_usage_bug+0xc0/0xc0
[  596.657209]  ? __lock_acquire+0x7fc/0x5020
[  596.661454]  ? print_usage_bug+0xc0/0xc0
[  596.665525]  ? print_usage_bug+0xc0/0xc0
[  596.669613]  ? check_noncircular+0x20/0x20
[  596.673856]  ? print_usage_bug+0xc0/0xc0
[  596.677931]  ? print_usage_bug+0xc0/0xc0
[  596.681999]  ? trace_hardirqs_on+0x10/0x10
[  596.686248]  ? check_noncircular+0x20/0x20
[  596.690497]  ? __lock_acquire+0x7fc/0x5020
[  596.694745]  ? __lock_acquire+0x7fc/0x5020
[  596.698997]  ? trace_hardirqs_on+0x10/0x10
[  596.703255]  ? print_usage_bug+0xc0/0xc0
[  596.707324]  ? graph_lock+0x170/0x170
[  596.711130]  ? print_usage_bug+0xc0/0xc0
[  596.715199]  ? print_usage_bug+0xc0/0xc0
[  596.719269]  ? __lock_acquire+0x7fc/0x5020
[  596.723514]  ? __lock_acquire+0x7fc/0x5020
[  596.727761]  ? __lock_acquire+0x7fc/0x5020
[  596.732006]  ? graph_lock+0x170/0x170
[  596.735821]  ? find_held_lock+0x36/0x1c0
[  596.739897]  ? print_usage_bug+0xc0/0xc0
[  596.743975]  ? lock_downgrade+0x8f0/0x8f0
[  596.748131]  ? kasan_check_read+0x11/0x20
[  596.752288]  ? lock_release+0xa30/0xa30
[  596.756271]  ? mark_held_locks+0xc9/0x160
[  596.760429]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  596.765976]  ? iov_iter_fault_in_readable+0x23d/0x460
[  596.771176]  ? copy_page_from_iter+0x890/0x890
[  596.775767]  ? __sanitizer_cov_trace_pc+0x4d/0x50
[  596.780619]  ? ktime_get_coarse_real_ts64+0x243/0x3a0
[  596.785822]  shmem_write_begin+0x110/0x1e0
[  596.790071]  generic_perform_write+0x3ae/0x6c0
[  596.794681]  ? add_page_wait_queue+0x2c0/0x2c0
[  596.799267]  ? file_update_time+0xe4/0x640
[  596.803506]  ? current_time+0x1b0/0x1b0
[  596.807501]  ? down_write+0x8f/0x130
[  596.811226]  __generic_file_write_iter+0x26e/0x630
[  596.816168]  generic_file_write_iter+0x438/0x870
[  596.820935]  ? __generic_file_write_iter+0x630/0x630
[  596.826051]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  596.831604]  ? iov_iter_init+0xc9/0x1f0
[  596.835600]  __vfs_write+0x6af/0x9d0
[  596.839329]  ? kernel_read+0x120/0x120
[  596.843228]  ? __lock_is_held+0xb5/0x140
[  596.847311]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  596.852857]  ? __sb_start_write+0x17f/0x300
[  596.857196]  vfs_write+0x1f8/0x560
[  596.860754]  ksys_pwrite64+0x181/0x1b0
[  596.864649]  ? __ia32_sys_pread64+0xf0/0xf0
[  596.868978]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  596.874522]  ? fput+0x130/0x1a0
[  596.877812]  ? do_sys_ftruncate+0x44e/0x560
[  596.882146]  __x64_sys_pwrite64+0x97/0xf0
[  596.886304]  do_syscall_64+0x1b9/0x820
[  596.890198]  ? finish_task_switch+0x1d3/0x870
[  596.894700]  ? syscall_return_slowpath+0x5e0/0x5e0
[  596.899635]  ? syscall_return_slowpath+0x31d/0x5e0
[  596.904585]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  596.909960]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  596.914817]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  596.920011] RIP: 0033:0x410e27
[  596.923215] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  596.942119] RSP: 002b:00007febdb483a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[  596.949837] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 0000000000410e27
[  596.957115] RDX: 0000000000000048 RSI: 0000000020000500 RDI: 0000000000000004
13:47:45 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x63, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  596.964386] RBP: 0000000000000000 R08: 0000000020000218 R09: 00000000fbad8001
[  596.971657] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000004
[  596.978929] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000004
[  597.030557] FAULT_INJECTION: forcing a failure.
[  597.030557] name failslab, interval 1, probability 0, space 0, times 0
[  597.042017] CPU: 0 PID: 9978 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  597.048988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  597.058353] Call Trace:
[  597.060971]  dump_stack+0x1c9/0x2b4
[  597.064638]  ? dump_stack_print_info.cold.2+0x52/0x52
[  597.069865]  ? graph_lock+0x170/0x170
[  597.073701]  should_fail.cold.4+0xa/0x11
[  597.077793]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  597.082925]  ? __lock_is_held+0xb5/0x140
[  597.087021]  ? graph_lock+0x170/0x170
[  597.090848]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  597.096492]  ? __mark_inode_dirty+0x495/0x1550
[  597.101106]  ? __inode_attach_wb+0x13d0/0x13d0
[  597.105717]  ? kasan_check_read+0x11/0x20
[  597.109895]  ? __lock_is_held+0xb5/0x140
[  597.113978]  ? md_seq_start+0x78/0x190
[  597.117909]  ? check_same_owner+0x340/0x340
[  597.122252]  ? __dquot_alloc_space+0x4b6/0x8c0
13:47:45 executing program 1:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x6, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:45 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x97ffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  597.126859]  ? rcu_note_context_switch+0x730/0x730
[  597.131821]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  597.136866]  __should_failslab+0x124/0x180
[  597.141126]  should_failslab+0x9/0x14
[  597.144955]  kmem_cache_alloc+0x2af/0x760
[  597.149125]  ? percpu_counter_add_batch+0xf2/0x150
[  597.154093]  ext4_mb_new_blocks+0x774/0x4740
[  597.158538]  ? find_held_lock+0x36/0x1c0
[  597.162659]  ? ext4_discard_preallocations+0x13d0/0x13d0
[  597.168138]  ? kasan_check_read+0x11/0x20
[  597.172300]  ? rcu_is_watching+0x8c/0x150
[  597.176443]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  597.181119]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  597.185824]  ? is_bpf_text_address+0xd7/0x170
[  597.190335]  ? kernel_text_address+0x79/0xf0
[  597.194747]  ? __kernel_text_address+0xd/0x40
[  597.199254]  ? unwind_get_return_address+0x61/0xa0
[  597.204187]  ? __save_stack_trace+0x8d/0xf0
[  597.208530]  ? save_stack+0xa9/0xd0
[  597.212192]  ? save_stack+0x43/0xd0
[  597.215834]  ? kasan_kmalloc+0xc4/0xe0
[  597.219729]  ? __kmalloc+0x14e/0x760
[  597.223444]  ? ext4_find_extent+0x775/0xa10
[  597.227762]  ? ext4_ext_map_blocks+0x293/0x62e0
[  597.232431]  ? ext4_map_blocks+0x8f3/0x1b60
[  597.236739]  ? ext4_getblk+0x10e/0x630
[  597.240616]  ? ext4_bread+0x95/0x2b0
[  597.244322]  ? ext4_append+0x14e/0x370
[  597.248206]  ? ext4_mkdir+0x532/0xe60
[  597.251997]  ? vfs_mkdir+0x42e/0x6b0
[  597.255714]  ? do_mkdirat+0x27b/0x310
[  597.259509]  ? __x64_sys_mkdir+0x5c/0x80
[  597.263569]  ? do_syscall_64+0x1b9/0x820
[  597.267714]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  597.273068]  ? save_stack+0xa9/0xd0
[  597.276685]  ? print_usage_bug+0xc0/0xc0
[  597.280759]  ? graph_lock+0x170/0x170
[  597.284570]  ? __lock_is_held+0xb5/0x140
[  597.288630]  ? ext4_bread+0x95/0x2b0
[  597.292351]  ? kasan_check_read+0x11/0x20
[  597.296524]  ? __lock_is_held+0xb5/0x140
[  597.300638]  ? rcu_read_lock_sched_held+0x108/0x120
[  597.305673]  ? __kmalloc+0x5f9/0x760
[  597.309401]  ? ext4_find_extent+0x775/0xa10
[  597.313734]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  597.319280]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  597.324821]  ? ext4_inode_to_goal_block+0x2e3/0x3f0
[  597.329852]  ext4_ext_map_blocks+0x2dc0/0x62e0
[  597.334454]  ? ext4_find_delalloc_cluster+0xc0/0xc0
[  597.339481]  ? block_commit_write+0x30/0x30
[  597.343820]  ? find_held_lock+0x36/0x1c0
[  597.347896]  ? graph_lock+0x170/0x170
[  597.351704]  ? graph_lock+0x170/0x170
[  597.355512]  ? graph_lock+0x170/0x170
[  597.359314]  ? lock_downgrade+0x8f0/0x8f0
[  597.363486]  ? lock_acquire+0x1e4/0x540
[  597.367463]  ? ext4_map_blocks+0x88b/0x1b60
[  597.371792]  ? lock_release+0xa30/0xa30
[  597.375776]  ? check_same_owner+0x340/0x340
[  597.380107]  ? rcu_note_context_switch+0x730/0x730
[  597.385053]  ? down_write+0x8f/0x130
[  597.388766]  ? ext4_map_blocks+0x88b/0x1b60
[  597.393095]  ? down_read+0x1d0/0x1d0
[  597.396821]  ext4_map_blocks+0x8f3/0x1b60
[  597.400979]  ? __save_stack_trace+0x8d/0xf0
[  597.405327]  ? ext4_issue_zeroout+0x190/0x190
[  597.409831]  ? save_stack+0x43/0xd0
[  597.413460]  ? __kasan_slab_free+0x11a/0x170
[  597.417869]  ? kasan_slab_free+0xe/0x10
[  597.421843]  ? kmem_cache_free+0x86/0x2d0
[  597.425999]  ext4_getblk+0x10e/0x630
[  597.430144]  ? ext4_iomap_begin+0x1350/0x1350
[  597.434648]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  597.440192]  ? __dquot_initialize+0x61d/0xde0
[  597.444693]  ext4_bread+0x95/0x2b0
[  597.448236]  ? ext4_getblk+0x630/0x630
[  597.452126]  ? dquot_get_next_dqblk+0x180/0x180
[  597.456800]  ? debug_check_no_obj_freed+0x30b/0x595
[  597.461820]  ? kasan_check_write+0x14/0x20
[  597.466066]  ext4_append+0x14e/0x370
[  597.469791]  ext4_mkdir+0x532/0xe60
[  597.473439]  ? ext4_init_dot_dotdot+0x510/0x510
[  597.478118]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  597.483661]  ? security_inode_permission+0xd2/0x100
[  597.488685]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  597.494226]  ? security_inode_mkdir+0xe8/0x120
[  597.498816]  vfs_mkdir+0x42e/0x6b0
[  597.502367]  do_mkdirat+0x27b/0x310
[  597.506003]  ? __ia32_sys_mknod+0xb0/0xb0
[  597.510162]  ? syscall_slow_exit_work+0x500/0x500
[  597.515006]  ? ksys_ioctl+0x81/0xd0
[  597.518645]  __x64_sys_mkdir+0x5c/0x80
[  597.522538]  do_syscall_64+0x1b9/0x820
[  597.526436]  ? finish_task_switch+0x1d3/0x870
[  597.530939]  ? syscall_return_slowpath+0x5e0/0x5e0
[  597.535873]  ? syscall_return_slowpath+0x31d/0x5e0
[  597.540809]  ? __switch_to_asm+0x34/0x70
[  597.544928]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  597.550305]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  597.555161]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  597.560351] RIP: 0033:0x4564c7
[  597.563709] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  597.582619] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  597.590330] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  597.597602] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  597.604873] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  597.612142] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  597.619415] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000020
13:47:46 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f00000002c0)=0x42, &(0x7f0000000300)=0x2)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:46 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:46 executing program 4 (fault-call:0 fault-nth:33):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:46 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000080)={0x10, 0xffffff9e}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="469121feeb4ce8c45ddfc122999ab4ed099c207de9cceeb284d0ff0000004be1ac0a062888496ecaba0b82f0558aff29e9e77c6f00b2c1d183cf40a785d47c166d2350de12a7669f02d8d1d731eef55032e1d90dceb8bd7875520b0f38f8afd191770ce8aeb2b23489d412c1c04faa914412c273ff4b74e62e0da4998b0f4b7ea741cca92096b640d40a7fa2b2451d01903deb9238452ea9b48e"], 0x14}}, 0x0)

13:47:46 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xf727}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:46 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  598.072750] attempt to access beyond end of device
[  598.078045] loop1: rw=12288, want=8200, limit=64
[  598.117376] attempt to access beyond end of device
[  598.122467] loop1: rw=12288, want=12296, limit=64
[  598.141596] FAULT_INJECTION: forcing a failure.
[  598.141596] name failslab, interval 1, probability 0, space 0, times 0
[  598.152939] CPU: 1 PID: 10036 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  598.159971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  598.169340] Call Trace:
[  598.171959]  dump_stack+0x1c9/0x2b4
[  598.175621]  ? dump_stack_print_info.cold.2+0x52/0x52
[  598.177644] attempt to access beyond end of device
[  598.180841]  ? ext4_getblk+0x10e/0x630
[  598.185898] loop1: rw=12288, want=8200, limit=64
[  598.189738]  ? ext4_bread+0x95/0x2b0
[  598.189753]  ? ext4_append+0x14e/0x370
[  598.189767]  ? ext4_mkdir+0x532/0xe60
[  598.189791]  should_fail.cold.4+0xa/0x11
[  598.189811]  ? fault_create_debugfs_attr+0x1f0/0x1f0
13:47:46 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xffff1f00, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  598.189830]  ? kasan_check_write+0x14/0x20
[  598.219366]  ? trace_hardirqs_on+0x10/0x10
[  598.223623]  ? debug_check_no_obj_freed+0x30b/0x595
[  598.228666]  ? __lock_is_held+0xb5/0x140
[  598.232766]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  598.238319]  ? ext4_ext_map_blocks+0xfb2/0x62e0
[  598.243022]  __should_failslab+0x124/0x180
[  598.247271]  should_failslab+0x9/0x14
[  598.251093]  kmem_cache_alloc+0x47/0x760
[  598.255177]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  598.260205]  ? ext4_es_can_be_merged+0x238/0x2a0
[  598.264983]  __es_insert_extent+0x305/0x1140
[  598.269413]  ? ext4_es_free_extent+0x820/0x820
[  598.269699] attempt to access beyond end of device
[  598.274003]  ? lock_release+0xa30/0xa30
[  598.274026]  ? __lock_is_held+0xb5/0x140
[  598.274044]  ? kasan_check_write+0x14/0x20
[  598.274060]  ? do_raw_write_lock+0xbd/0x1b0
[  598.274083]  ext4_es_insert_extent+0x2ea/0x7e0
[  598.274104]  ? lock_release+0xa30/0xa30
[  598.274127]  ? ext4_es_find_delayed_extent_range+0xd80/0xd80
[  598.279095] loop1: rw=12288, want=12296, limit=64
[  598.283023]  ? rcu_note_context_switch+0x730/0x730
[  598.283053]  ? down_write+0x8f/0x130
[  598.283065]  ? ext4_map_blocks+0x88b/0x1b60
[  598.283081]  ? down_read+0x1d0/0x1d0
[  598.283111]  ext4_map_blocks+0xb08/0x1b60
[  598.335742]  ? __save_stack_trace+0x8d/0xf0
[  598.340119]  ? ext4_issue_zeroout+0x190/0x190
[  598.344631]  ? save_stack+0x43/0xd0
[  598.348291]  ? __kasan_slab_free+0x11a/0x170
[  598.352711]  ? kasan_slab_free+0xe/0x10
[  598.356700]  ? kmem_cache_free+0x86/0x2d0
[  598.360867]  ext4_getblk+0x10e/0x630
[  598.364644]  ? ext4_iomap_begin+0x1350/0x1350
[  598.369161]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  598.374715]  ? __dquot_initialize+0x61d/0xde0
[  598.379227]  ext4_bread+0x95/0x2b0
[  598.382775]  ? ext4_getblk+0x630/0x630
[  598.386668]  ? dquot_get_next_dqblk+0x180/0x180
[  598.391360]  ? debug_check_no_obj_freed+0x30b/0x595
[  598.396392]  ? kasan_check_write+0x14/0x20
[  598.400640]  ext4_append+0x14e/0x370
[  598.404381]  ext4_mkdir+0x532/0xe60
[  598.408025]  ? ext4_init_dot_dotdot+0x510/0x510
[  598.412704]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  598.418251]  ? security_inode_permission+0xd2/0x100
[  598.423275]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  598.428822]  ? security_inode_mkdir+0xe8/0x120
[  598.433694]  vfs_mkdir+0x42e/0x6b0
[  598.437248]  do_mkdirat+0x27b/0x310
[  598.440885]  ? __ia32_sys_mknod+0xb0/0xb0
[  598.445045]  ? syscall_slow_exit_work+0x500/0x500
[  598.449890]  ? ksys_ioctl+0x81/0xd0
[  598.453528]  __x64_sys_mkdir+0x5c/0x80
[  598.457429]  do_syscall_64+0x1b9/0x820
[  598.461325]  ? finish_task_switch+0x1d3/0x870
[  598.465830]  ? syscall_return_slowpath+0x5e0/0x5e0
[  598.470767]  ? syscall_return_slowpath+0x31d/0x5e0
[  598.475705]  ? __switch_to_asm+0x34/0x70
[  598.479773]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  598.485152]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  598.490021]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  598.495222] RIP: 0033:0x4564c7
[  598.498447] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ad c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 8d c0 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  598.517354] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  598.525070] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 00000000004564c7
[  598.532347] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100
[  598.539616] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
[  598.546884] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[  598.554166] R13: 0000000000000001 R14: 00000000004c9bbd R15: 0000000000000021
13:47:47 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000002c0)={<r1=>0x0, 0x7, 0xfebc, 0x500ac2da}, &(0x7f0000000300)=0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000340)={r1, 0x5}, &(0x7f0000000380)=0x8)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x26, &(0x7f0000000140), 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
prctl$setmm(0x23, 0x4, &(0x7f0000014000/0x4000)=nil)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_DEASSIGN_DEV_IRQ(r3, 0x4040ae75, &(0x7f00000003c0)={0x2, 0x9, 0x7fff, 0x104})

13:47:47 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x200000, 0x0)
ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000080)="3b94e038482bfe14db8421bf2bd43f14ac1e7001c9aaa07a481f2b76b147084f624e4f9d404b0521972ef5ffb49c9839bf6b9423a5")
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000200)=""/230)
unshare(0x2060400)
clone(0x40000, &(0x7f00000003c0), &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000200))

[  598.621516] print_req_error: 4797 callbacks suppressed
[  598.621526] print_req_error: I/O error, dev loop2, sector 128
13:47:47 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btr.s\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:47 executing program 4 (fault-call:0 fault-nth:34):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:47 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = dup(r0)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000001280)=ANY=[]}}, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4000, 0x0)
read$FUSE(r1, &(0x7f0000000280), 0x1000)
lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='security.evm\x00', &(0x7f0000000140)=""/33, 0x21)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
write(r1, &(0x7f0000000080)="2400000058001f00ff07f4f9002304000a04f51108000100020100020800038001000000", 0x24)

13:47:47 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x1ef7}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  598.953298] attempt to access beyond end of device
[  598.958370] loop6: rw=12288, want=8200, limit=64
[  598.985677] attempt to access beyond end of device
[  598.990856] loop6: rw=12288, want=12296, limit=64
[  599.030535] FAULT_INJECTION: forcing a failure.
[  599.030535] name failslab, interval 1, probability 0, space 0, times 0
[  599.041875] CPU: 1 PID: 10082 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  599.048908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  599.058308] Call Trace:
[  599.060923]  dump_stack+0x1c9/0x2b4
[  599.064594]  ? dump_stack_print_info.cold.2+0x52/0x52
[  599.069598] attempt to access beyond end of device
[  599.069809]  ? __kernel_text_address+0xd/0x40
[  599.069837]  ? perf_trace_lock+0xde/0x920
[  599.069877]  should_fail.cold.4+0xa/0x11
[  599.074863] loop6: rw=12288, want=8200, limit=64
[  599.079297]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  599.079314]  ? zap_class+0x740/0x740
[  599.079331]  ? save_stack+0xa9/0xd0
[  599.079349]  ? kasan_kmalloc+0xc4/0xe0
[  599.108598]  ? __kmalloc_track_caller+0x14a/0x760
[  599.113446]  ? memdup_user+0x2c/0xa0
[  599.117161]  ? strndup_user+0x77/0xd0
[  599.120968]  ? graph_lock+0x170/0x170
[  599.124792]  ? find_held_lock+0x36/0x1c0
[  599.128885]  ? check_same_owner+0x340/0x340
[  599.133208]  ? lock_release+0xa30/0xa30
[  599.137196]  ? check_same_owner+0x340/0x340
[  599.141528]  ? rcu_note_context_switch+0x730/0x730
[  599.146469]  ? __check_object_size+0xa3/0x5d7
[  599.150974]  __should_failslab+0x124/0x180
[  599.155216]  should_failslab+0x9/0x14
[  599.159025]  kmem_cache_alloc_trace+0x2cb/0x780
[  599.163708]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  599.169249]  ? _copy_from_user+0xdf/0x150
[  599.173410]  copy_mount_options+0x5f/0x380
[  599.177653]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  599.183200]  ksys_mount+0xd0/0x140
[  599.186746]  __x64_sys_mount+0xbe/0x150
[  599.190723]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  599.195748]  do_syscall_64+0x1b9/0x820
[  599.199644]  ? syscall_return_slowpath+0x5e0/0x5e0
[  599.204669]  ? syscall_return_slowpath+0x31d/0x5e0
[  599.209610]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  599.214985]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  599.219838]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  599.225029] RIP: 0033:0x459aba
[  599.228227] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  599.247126] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  599.254842] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  599.262118] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  599.269392] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  599.276663] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[  599.283938] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000022
13:47:48 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2263f, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:48 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = dup(r0)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000001280)=ANY=[]}}, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4000, 0x0)
read$FUSE(r1, &(0x7f0000000280), 0x1000)
lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='security.evm\x00', &(0x7f0000000140)=""/33, 0x21)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
write(r1, &(0x7f0000000080)="2400000058001f00ff07f4f9002304000a04f51108000100020100020800038001000000", 0x24)

[  599.351166] attempt to access beyond end of device
[  599.356372] loop6: rw=12288, want=12296, limit=64
13:47:48 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/kvm\x00', 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  599.440951] attempt to access beyond end of device
[  599.446051] loop6: rw=12288, want=8200, limit=64
13:47:48 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btr/s\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  599.497978] attempt to access beyond end of device
[  599.503052] loop6: rw=12288, want=12296, limit=64
[  599.548719] attempt to access beyond end of device
[  599.553835] loop6: rw=12288, want=8200, limit=64
13:47:48 executing program 1:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0xffffffffffffffff, 0x48000)
ioctl$EVIOCSKEYCODE_V2(r0, 0x80284504, &(0x7f0000000080)={0x1, 0x0, 0x1000, 0x0, "4f019f55a13d2099807ad4d300be83908c00000000e100000000000000000006"})

[  599.608836] attempt to access beyond end of device
[  599.613943] loop6: rw=12288, want=12296, limit=64
13:47:48 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x8, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:48 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x93, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:48 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = dup(r0)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000001280)=ANY=[]}}, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4000, 0x0)
read$FUSE(r1, &(0x7f0000000280), 0x1000)
lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='security.evm\x00', &(0x7f0000000140)=""/33, 0x21)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
write(r1, &(0x7f0000000080)="2400000058001f00ff07f4f9002304000a04f51108000100020100020800038001000000", 0x24)

13:47:48 executing program 4 (fault-call:0 fault-nth:35):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:48 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x1500}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:48 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe2(&(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
write$UHID_CREATE2(r2, &(0x7f0000000380)={0xb, 'syz0\x00', 'syz0\x00', 'syz1\x00', 0xc1, 0x1, 0x0, 0x400, 0x3, 0x2000000000000000, "b373590680348088b6bd667cb2bbce45b0eb5f5a77b0765d4061701dc1176dfa4aa1b7cdbbbc5bf78997ebf743c20d8893d36e9785fcc565622d168c17cea6c2cac0afc98c1f073b1f4cea2798e4d1e1771e03a2418604c4e42a1fa57896ed4679868b0288ddce91eb8b4d51e21e3e2ecebbf08fa897f7b0f48c7564bc82daf44de0da609a5aa51e94d0d927eb8748765363b2a1f7a04abcebdc90dcdde570c31ba012d434fcb3b7ef14cd8e49a9391d92af1c4a42aa4e6ed1be3c280a7d7e3e79"}, 0x1d9)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r5 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r5, 0x84, 0x4, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000640)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={<r6=>0xffffffffffffffff}, 0x113, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r3, &(0x7f0000000680)={0x10, 0x30, 0xfa00, {&(0x7f0000000580), 0x1, {0xa, 0x4e21, 0xfffffffffffffff7, @remote, 0xffffffff}, r6}}, 0x38)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x4})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:47:48 executing program 1:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x1d000, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@textreal={0x8, &(0x7f0000000340)="ba610066edba4300ecbad004b000ee0f22a30f205666b9d00900000f3266b9800000c00f326635000800000f306765660f3832b92616000082e500f3a5", 0x3d}], 0x0, 0x0, &(0x7f00000002c0), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

13:47:48 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf*\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  599.959643] FAULT_INJECTION: forcing a failure.
[  599.959643] name failslab, interval 1, probability 0, space 0, times 0
[  599.970982] CPU: 1 PID: 10147 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  599.978004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  599.987361] Call Trace:
[  599.989973]  dump_stack+0x1c9/0x2b4
[  599.993627]  ? dump_stack_print_info.cold.2+0x52/0x52
[  599.998837]  ? __kernel_text_address+0xd/0x40
[  600.003353]  ? unwind_get_return_address+0x61/0xa0
[  600.008312]  should_fail.cold.4+0xa/0x11
[  600.012400]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  600.017534]  ? save_stack+0xa9/0xd0
[  600.021201]  ? kasan_kmalloc+0xc4/0xe0
[  600.025124]  ? __kmalloc_track_caller+0x14a/0x760
[  600.029990]  ? memdup_user+0x2c/0xa0
[  600.033719]  ? strndup_user+0x77/0xd0
[  600.037551]  ? graph_lock+0x170/0x170
[  600.041407]  ? find_held_lock+0x36/0x1c0
[  600.045517]  ? check_same_owner+0x340/0x340
[  600.049857]  ? lock_release+0xa30/0xa30
[  600.053853]  ? check_same_owner+0x340/0x340
[  600.058201]  ? rcu_note_context_switch+0x730/0x730
[  600.063157]  ? __check_object_size+0xa3/0x5d7
[  600.067682]  __should_failslab+0x124/0x180
[  600.071935]  should_failslab+0x9/0x14
[  600.075751]  kmem_cache_alloc_trace+0x2cb/0x780
[  600.080445]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  600.085991]  ? _copy_from_user+0xdf/0x150
[  600.090153]  copy_mount_options+0x5f/0x380
[  600.094397]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  600.099947]  ksys_mount+0xd0/0x140
[  600.103502]  __x64_sys_mount+0xbe/0x150
[  600.107480]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  600.112509]  do_syscall_64+0x1b9/0x820
[  600.116405]  ? finish_task_switch+0x1d3/0x870
[  600.120912]  ? syscall_return_slowpath+0x5e0/0x5e0
[  600.125853]  ? syscall_return_slowpath+0x31d/0x5e0
[  600.130802]  ? __switch_to_asm+0x34/0x70
[  600.134880]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  600.140260]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  600.145126]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  600.150321] RIP: 0033:0x459aba
[  600.153524] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  600.172431] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  600.180143] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  600.187418] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  600.194688] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  600.201958] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
13:47:48 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xfdffffff00000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:48 executing program 3:
r0 = socket(0x10, 0x3, 0x0)
r1 = dup(r0)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000001280)=ANY=[]}}, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4000, 0x0)
read$FUSE(r1, &(0x7f0000000280), 0x1000)
lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='security.evm\x00', &(0x7f0000000140)=""/33, 0x21)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
write(r1, &(0x7f0000000080)="2400000058001f00ff07f4f9002304000a04f51108000100020100020800038001000000", 0x24)

[  600.209225] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000023
13:47:49 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x9, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:49 executing program 1:
io_setup(0xba, &(0x7f00000000c0)=<r0=>0x0)
r1 = socket(0x2, 0x803, 0xff)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='sit0\x00', 0x10)
io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000080), 0x1300}])
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x84000)
write$UHID_GET_REPORT_REPLY(r2, &(0x7f0000000080)={0xa, 0x6, 0x40, 0xfc8}, 0xa)

[  600.540548] attempt to access beyond end of device
[  600.545875] loop6: rw=12288, want=8200, limit=64
13:47:49 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:49 executing program 3:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='uid_map\x00')
ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000180)=""/163)
listen(r0, 0x6)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10)
getsockopt$inet_int(r1, 0x10d, 0xe, &(0x7f0000000140), &(0x7f0000000100)=0x4)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f00000000c0)={0x3, [0x4545, 0x2, 0x1000]}, 0xa)

13:47:49 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
socketpair$inet(0x2, 0x0, 0xffff, &(0x7f0000000400))
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
socket$bt_bnep(0x1f, 0x3, 0x4)
getsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f00000002c0)={@broadcast, @local, <r4=>0x0}, &(0x7f0000000300)=0xc)
sendmsg$can_raw(r2, &(0x7f0000000440)={&(0x7f0000000340)={0x1d, r4}, 0x10, &(0x7f00000003c0)={&(0x7f0000000380)=@can={{0x3, 0xf74, 0x3c, 0x24}, 0x2, 0x2, 0x0, 0x0, "762a507ed0ed1e77"}, 0x10}, 0x1, 0x0, 0x0, 0x4100081}, 0x20000004)

13:47:49 executing program 1:
setfsgid(0x0)
capset(&(0x7f0000a31000)={0x19980330}, &(0x7f00009b3000))
r0 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000240), &(0x7f0000000280)="05", 0x1, 0xffffffffffffffff)
syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x80, 0x10000)
keyctl$chown(0x4, r0, 0x0, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000140), &(0x7f0000000040)=0xb)

13:47:49 executing program 4 (fault-call:0 fault-nth:36):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:49 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfo\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:49 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xf724}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  600.684192] attempt to access beyond end of device
[  600.689285] loop6: rw=12288, want=12296, limit=64
[  600.731907] attempt to access beyond end of device
[  600.736955] loop6: rw=12288, want=8200, limit=64
[  600.750314] attempt to access beyond end of device
[  600.755527] loop6: rw=12288, want=12296, limit=64
[  600.779309] attempt to access beyond end of device
[  600.784324] loop6: rw=12288, want=8200, limit=64
[  600.795367] attempt to access beyond end of device
[  600.800408] loop6: rw=12288, want=12296, limit=64
[  600.807499] attempt to access beyond end of device
[  600.812523] loop6: rw=12288, want=8200, limit=64
[  600.826376] attempt to access beyond end of device
[  600.831423] loop6: rw=12288, want=12296, limit=64
[  600.970924] FAULT_INJECTION: forcing a failure.
[  600.970924] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  600.982793] CPU: 0 PID: 10225 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  600.989822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  600.999183] Call Trace:
[  601.001811]  dump_stack+0x1c9/0x2b4
[  601.005466]  ? dump_stack_print_info.cold.2+0x52/0x52
[  601.010680]  ? graph_lock+0x170/0x170
[  601.014516]  should_fail.cold.4+0xa/0x11
[  601.018614]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  601.023737]  ? find_held_lock+0x36/0x1c0
[  601.027825]  ? lock_downgrade+0x8f0/0x8f0
[  601.031988]  ? finish_task_switch+0x18a/0x870
[  601.036501]  ? kasan_check_read+0x11/0x20
[  601.040666]  ? do_raw_spin_unlock+0xa7/0x2f0
[  601.045102]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  601.049718]  ? compat_start_thread+0x80/0x80
[  601.054147]  ? _raw_spin_unlock_irq+0x27/0x70
[  601.058680]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  601.063724]  ? trace_hardirqs_on+0xd/0x10
[  601.067892]  ? _raw_spin_unlock_irq+0x27/0x70
[  601.072415]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  601.077962]  ? should_fail+0x246/0xd86
[  601.081864]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  601.086973]  ? __switch_to_asm+0x40/0x70
[  601.091043]  ? __switch_to_asm+0x34/0x70
[  601.095113]  ? __switch_to_asm+0x40/0x70
[  601.099192]  __alloc_pages_nodemask+0x36e/0xdb0
[  601.103865]  ? __switch_to_asm+0x34/0x70
[  601.107930]  ? __switch_to_asm+0x40/0x70
[  601.112011]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  601.117049]  ? __sched_text_start+0x8/0x8
[  601.121205]  ? find_held_lock+0x36/0x1c0
[  601.125305]  ? check_same_owner+0x340/0x340
[  601.129644]  cache_grow_begin+0x91/0x710
[  601.133725]  kmem_cache_alloc+0x689/0x760
[  601.137898]  getname_flags+0xd0/0x5a0
[  601.141712]  user_path_at_empty+0x2d/0x50
[  601.145875]  do_mount+0x17a/0x30e0
[  601.149436]  ? copy_mount_string+0x40/0x40
[  601.153686]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  601.158459]  ? retint_kernel+0x10/0x10
[  601.162365]  ? copy_mount_options+0x213/0x380
[  601.166874]  ? __sanitizer_cov_trace_pc+0x11/0x50
[  601.171727]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  601.177274]  ? copy_mount_options+0x285/0x380
[  601.181781]  ksys_mount+0x12d/0x140
[  601.185417]  __x64_sys_mount+0xbe/0x150
[  601.189392]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  601.194421]  do_syscall_64+0x1b9/0x820
[  601.198315]  ? finish_task_switch+0x1d3/0x870
[  601.202816]  ? syscall_return_slowpath+0x5e0/0x5e0
[  601.207756]  ? syscall_return_slowpath+0x31d/0x5e0
[  601.212697]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  601.218070]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  601.222922]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  601.228118] RIP: 0033:0x459aba
[  601.231321] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  601.250223] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  601.257935] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  601.265204] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
13:47:49 executing program 1:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000af5000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000100)=<r1=>0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=<r2=>0x0)
kcmp(r1, r2, 0x7, r0, r0)
sendto$inet(r0, &(0x7f0000000440), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10)
sendto$inet(r0, &(0x7f0000000040)="c3401c344654f3c7d9fe1ba48c8e399aa4eedc3d6bd8ebd65c856a45d61154adc2b2a976fbffffffffffffff38e9dd18c58f6bd779650fc30f09000000ecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x81, &(0x7f0000e66000)={0x2, 0x0, @multicast2}, 0x88)
recvmmsg(r0, &(0x7f0000002940)=[{{&(0x7f0000002200)=@hci, 0x80, &(0x7f0000002440)=[{&(0x7f0000002380)=""/133, 0x85}], 0x1, &(0x7f0000002480)=""/112, 0x70}}, {{0x0, 0x0, &(0x7f0000002840)=[{&(0x7f00000027c0)=""/83, 0x211}], 0x1, &(0x7f00000028c0)=""/87, 0x57}}], 0x2, 0x0, &(0x7f0000002a80)={0x0, 0x989680})
timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
r3 = gettid()
tkill(r3, 0x16)

13:47:50 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3b26020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:50 executing program 3:
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_procfs(0x0, &(0x7f0000000040)="0001705f66696c657300")
getdents(r1, &(0x7f0000000240)=""/407, 0xfffffffffffffe63)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000000)={<r3=>0x0, 0x7}, &(0x7f0000000140)=0x8)
write$FUSE_INIT(r2, &(0x7f0000000400)={0x50, 0x0, 0x4, {0x7, 0x1b, 0x6b, 0x0, 0x101, 0x100, 0xffffffffffffffc1, 0x7}}, 0x50)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000180)=ANY=[@ANYRES32=r3, @ANYBLOB="0700f0003d"], &(0x7f00000001c0)=0x9)

13:47:50 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x8, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  601.272473] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  601.279741] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[  601.287011] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000024
13:47:50 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer\x00', 0x200000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'team0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@deltfilter={0x7c, 0x2d, 0x800, 0x70bd2d, 0x25dfdbfe, {0x0, r1, {0xfff3, 0x7}, {0xffff, 0x10}, {0xbcc6aa84049c520b, 0xfff2}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x2c, 0x2, [@TCA_TCINDEX_CLASSID={0x8, 0x5, {0x6, 0xb}}, @TCA_TCINDEX_SHIFT={0x8}, @TCA_TCINDEX_SHIFT={0x8, 0x3, 0x1}, @TCA_TCINDEX_FALL_THROUGH={0x8, 0x4, 0x1}, @TCA_TCINDEX_HASH={0x8, 0x1, 0x8e9f}]}}, @TCA_RATE={0x8, 0x5, {0x89c, 0x1}}, @TCA_CHAIN={0x8, 0xb, 0x956}, @TCA_RATE={0x8, 0x5, {0x100000000, 0x5}}, @TCA_RATE={0x8, 0x5, {0x7, 0x1}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
getsockopt$SO_COOKIE(r4, 0x1, 0x39, &(0x7f0000000340), &(0x7f00000004c0)=0x8)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

13:47:50 executing program 4 (fault-call:0 fault-nth:37):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:50 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf%\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:50 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x3f7000000000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  601.614454] f2fs_msg: 56 callbacks suppressed
[  601.614476] F2FS-fs (loop6): Fix alignment : done, start(5120) end(19456) block(13312)
13:47:50 executing program 3:
socket$inet6(0xa, 0x80b, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x3f, 0x151001)
ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000080)=""/17)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000900)=ANY=[], &(0x7f0000000a00))
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sndseq(&(0x7f00000006c0)='/dev/snd/seq\x00', 0x0, 0x0)
r3 = gettid()
ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f0000000700)=r3)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc0605345, &(0x7f0000000340)={0x0, 0x0, 0x0, 'queue0\x00'})
syz_mount_image$xfs(&(0x7f00000005c0)='xfs\x00', &(0x7f0000000600)='./file0\x00', 0x8, 0x1, &(0x7f00000008c0)=[{&(0x7f0000000680)="ced2c8c35e23529bee2aabd102ebdf7dde84829ecf437b09cc19c75720a5d92f4270d47013a958814710b0bcbcee7852a8110be7f058", 0x36, 0x1f}], 0x40, &(0x7f0000000940))
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f0000000440)={0x2, 0x0, 0x8, 0x0, 'syz0\x00'})
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0xccee}, 0x8)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000400)=0x7f)
perf_event_open(&(0x7f0000000000)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffff9}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket$inet(0x15, 0x5, 0x0)
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000640)={0x10001, 0x8008003, 0x8})
gettid()
setsockopt$sock_int(r4, 0x1, 0x0, &(0x7f0000000580)=0x80, 0x191)
r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
splice(r5, &(0x7f0000000280), r2, &(0x7f0000000540)=0x44, 0x2, 0x8)
recvmsg(r4, &(0x7f0000000340)={&(0x7f0000000000)=@rc, 0x2c3, &(0x7f0000000280), 0x0, &(0x7f00000002c0)=""/98, 0x62}, 0x0)
add_key(&(0x7f00000001c0)='.request_key_auth\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000240)="025d4fa6d1ea3219c9fd74cbf4b22148ae5422ac46af1a41a90f01f12891a532781221e592432e58bea36530521bdc0839fe", 0x32, 0xfffffffffffffff8)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1)
setrlimit(0x6, &(0x7f0000000740)={0x1, 0x7fff})
add_key(&(0x7f0000000480)='rxrpc\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0x0)
sendto$llc(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x10000304, 0x0, 0x3, 0xfffffffffffffffc, 0x0, @broadcast}, 0x10)
fcntl$setstatus(r0, 0x4, 0x800)
connect$llc(r0, &(0x7f0000000100)={0x1a, 0x323, 0x1, 0x8, 0x81, 0x1, @random="b11552fdb9b5"}, 0x10)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)

[  601.679928] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  601.687118] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  601.706873] FAULT_INJECTION: forcing a failure.
[  601.706873] name failslab, interval 1, probability 0, space 0, times 0
[  601.718435] CPU: 0 PID: 10268 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  601.725468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  601.734835] Call Trace:
[  601.737452]  dump_stack+0x1c9/0x2b4
[  601.741111]  ? dump_stack_print_info.cold.2+0x52/0x52
[  601.744097] attempt to access beyond end of device
[  601.746330]  should_fail.cold.4+0xa/0x11
[  601.746357]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  601.746378]  ? print_usage_bug+0xc0/0xc0
[  601.746404]  ? rcu_is_watching+0x8c/0x150
[  601.751346] loop6: rw=12288, want=8200, limit=64
[  601.755391]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  601.755421]  ? is_bpf_text_address+0xd7/0x170
[  601.755453]  ? find_held_lock+0x36/0x1c0
[  601.786719]  ? check_same_owner+0x340/0x340
[  601.791049]  ? kasan_slab_free+0xe/0x10
[  601.795028]  ? kmem_cache_free+0x86/0x2d0
[  601.799185]  ? putname+0xf2/0x130
[  601.802651]  ? rcu_note_context_switch+0x730/0x730
[  601.807594]  ? ksys_mount+0x12d/0x140
[  601.811399]  ? __x64_sys_mount+0xbe/0x150
[  601.815560]  __should_failslab+0x124/0x180
[  601.819818]  should_failslab+0x9/0x14
[  601.823631]  kmem_cache_alloc+0x2af/0x760
[  601.827786]  ? kasan_check_write+0x14/0x20
[  601.832031]  ? do_raw_spin_lock+0xc1/0x200
[  601.836281]  alloc_vfsmnt+0xe8/0x9f0
[  601.840003]  ? mnt_free_id.isra.27+0x60/0x60
[  601.844415]  ? kasan_check_read+0x11/0x20
[  601.848578]  ? graph_lock+0x170/0x170
[  601.852389]  ? rcu_pm_notify+0xc0/0xc0
[  601.856282]  ? putname+0xf2/0x130
[  601.859749]  ? find_held_lock+0x36/0x1c0
[  601.863822]  ? lock_downgrade+0x8f0/0x8f0
[  601.867981]  ? lock_release+0xa30/0xa30
[  601.871966]  ? mpi_free.cold.1+0x19/0x19
[  601.876036]  vfs_kern_mount.part.34+0x90/0x4e0
[  601.880630]  ? may_umount+0xb0/0xb0
[  601.884262]  ? _raw_read_unlock+0x22/0x30
[  601.888432]  ? __get_fs_type+0x97/0xc0
[  601.892331]  do_mount+0x581/0x30e0
[  601.895884]  ? copy_mount_string+0x40/0x40
[  601.900128]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  601.904893]  ? retint_kernel+0x10/0x10
[  601.908797]  ? copy_mount_options+0x1f0/0x380
[  601.913302]  ? __sanitizer_cov_trace_pc+0x44/0x50
[  601.918155]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  601.923698]  ? copy_mount_options+0x285/0x380
[  601.928199]  ksys_mount+0x12d/0x140
[  601.931841]  __x64_sys_mount+0xbe/0x150
[  601.935815]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  601.940844]  do_syscall_64+0x1b9/0x820
[  601.944744]  ? syscall_return_slowpath+0x5e0/0x5e0
[  601.949680]  ? syscall_return_slowpath+0x31d/0x5e0
[  601.954626]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  601.960002]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  601.964877]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  601.970068] RIP: 0033:0x459aba
[  601.973268] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  601.992170] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  601.999882] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  602.007151] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  602.014424] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  602.021693] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[  602.028960] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000025
[  602.036581] F2FS-fs (loop6): invalid crc value
[  602.067072] attempt to access beyond end of device
[  602.072192] loop6: rw=12288, want=12296, limit=64
13:47:50 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4726020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  602.091955] F2FS-fs (loop6): invalid crc value
[  602.096720] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
13:47:50 executing program 4 (fault-call:0 fault-nth:38):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  602.142873] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  602.150057] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
13:47:51 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfd\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  602.219398] attempt to access beyond end of device
[  602.224543] loop6: rw=12288, want=8200, limit=64
[  602.232902] F2FS-fs (loop6): invalid crc value
[  602.253405] attempt to access beyond end of device
[  602.258580] loop6: rw=12288, want=12296, limit=64
13:47:51 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
mmap(&(0x7f0000016000/0x1000)=nil, 0x1000, 0x9, 0x26110, r1, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  602.321875] F2FS-fs (loop6): invalid crc value
[  602.373502] attempt to access beyond end of device
[  602.378635] loop6: rw=12288, want=8200, limit=64
13:47:51 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xfeffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:51 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xd000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:51 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x8, 0xc00c3)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0xffffffff)
readahead(r0, 0x9, 0x2)
setsockopt$llc_int(r0, 0x10c, 0x4, &(0x7f0000000080)=0x1, 0x4)
mount$9p_unix(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000000, &(0x7f0000000180)={'trans=unix,', {[{@afid={'afid', 0x3d, 0x10000}}, {@uname={'uname'}}, {@afid={'afid', 0x3d, 0x4}}, {@nodevmap='nodevmap'}, {@nodevmap='nodevmap'}]}})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x240000, 0x0)
setsockopt$inet_dccp_int(r0, 0x21, 0x3, &(0x7f0000000240)=0x20, 0x4)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000280)={<r2=>0x0, @in6={{0xa, 0x4e20, 0x7, @empty, 0x300000000}}, [0x9, 0x8000, 0x80000000, 0x4, 0x6, 0x80, 0x7, 0x9, 0x3, 0x6ada, 0x7f, 0x8001, 0x4, 0x401, 0x9]}, &(0x7f0000000380)=0x100)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000003c0)={r2}, &(0x7f0000000400)=0x8)
ioctl$TIOCCONS(r0, 0x541d)
write$cgroup_subtree(r0, &(0x7f0000000440)={[{0x2b, 'pids'}, {0x2b, 'pids'}, {0x2b, 'pids'}]}, 0x12)
ioctl$IOC_PR_RELEASE(r1, 0x401070ca, &(0x7f0000000480)={0x6, 0x100, 0x1})
ioctl$FIONREAD(r0, 0x541b, &(0x7f00000004c0))
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000500)={&(0x7f0000ff9000/0x4000)=nil, 0x4000})
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x80045500, &(0x7f0000000540))
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f0000000580))
accept4$inet6(r0, &(0x7f00000005c0)={0xa, 0x0, 0x0, @local}, &(0x7f0000000600)=0x1c, 0x80000)
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000640)=""/48)
setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000680), 0x2)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x8)
r4 = getpid()
getpgrp(r4)
preadv(r3, &(0x7f0000001900)=[{&(0x7f00000006c0)=""/27, 0x1b}, {&(0x7f0000000700)=""/25, 0x19}, {&(0x7f0000000740)=""/87, 0x57}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/65, 0x41}, {&(0x7f0000001840)=""/169, 0xa9}], 0x6, 0x0)
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000001980)={<r5=>0xffffffffffffffff})
ioctl$TCSETSW(r0, 0x5403, &(0x7f00000019c0)={0xff, 0x1, 0x100000001, 0xd7c, 0x8000, 0x0, 0x5, 0x1, 0xfffffffeffffffff, 0x7, 0x0, 0xc176})
ioctl$UI_DEV_DESTROY(r0, 0x5502)
finit_module(r0, &(0x7f0000001a00)='9p\x00', 0x1)
getsockopt$nfc_llcp(r5, 0x118, 0x3, &(0x7f0000001a40)=""/152, 0x98)

[  602.413945] attempt to access beyond end of device
[  602.419116] loop6: rw=12288, want=12296, limit=64
[  602.441674] XFS (loop3): Invalid superblock magic number
[  602.444622] attempt to access beyond end of device
[  602.452230] loop6: rw=12288, want=8200, limit=64
[  602.464178] attempt to access beyond end of device
[  602.469247] loop6: rw=12288, want=12296, limit=64
13:47:51 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x3ba, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  602.519247] FAULT_INJECTION: forcing a failure.
[  602.519247] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  602.531088] CPU: 0 PID: 10318 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  602.538112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  602.547477] Call Trace:
[  602.550098]  dump_stack+0x1c9/0x2b4
[  602.553764]  ? dump_stack_print_info.cold.2+0x52/0x52
[  602.559006]  ? kernel_text_address+0x79/0xf0
[  602.563440]  should_fail.cold.4+0xa/0x11
[  602.567521]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  602.572649]  ? trace_hardirqs_on+0x10/0x10
[  602.576901]  ? graph_lock+0x170/0x170
[  602.580712]  ? kasan_check_read+0x11/0x20
[  602.584872]  ? do_raw_spin_unlock+0xa7/0x2f0
[  602.589287]  ? print_usage_bug+0xc0/0xc0
[  602.593369]  ? find_held_lock+0x36/0x1c0
[  602.597447]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  602.602990]  ? should_fail+0x246/0xd86
[  602.606890]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  602.612016]  __alloc_pages_nodemask+0x36e/0xdb0
[  602.616697]  ? kasan_check_read+0x11/0x20
[  602.620857]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  602.625901]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  602.630597]  ? find_held_lock+0x36/0x1c0
[  602.634695]  ? check_same_owner+0x340/0x340
[  602.639031]  cache_grow_begin+0x91/0x710
[  602.643114]  kmem_cache_alloc+0x689/0x760
[  602.647279]  getname_flags+0xd0/0x5a0
[  602.651093]  user_path_at_empty+0x2d/0x50
[  602.655252]  do_mount+0x17a/0x30e0
[  602.658816]  ? copy_mount_string+0x40/0x40
[  602.663064]  ? rcu_pm_notify+0xc0/0xc0
[  602.666974]  ? copy_mount_options+0x5f/0x380
[  602.671396]  ? rcu_read_lock_sched_held+0x108/0x120
[  602.676426]  ? kmem_cache_alloc_trace+0x616/0x780
[  602.681284]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  602.686857]  ? _copy_from_user+0xdf/0x150
[  602.691021]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  602.696580]  ? copy_mount_options+0x285/0x380
[  602.701104]  ksys_mount+0x12d/0x140
[  602.704745]  __x64_sys_mount+0xbe/0x150
[  602.708729]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  602.713758]  do_syscall_64+0x1b9/0x820
[  602.717651]  ? finish_task_switch+0x1d3/0x870
[  602.722184]  ? syscall_return_slowpath+0x5e0/0x5e0
[  602.727124]  ? syscall_return_slowpath+0x31d/0x5e0
[  602.732064]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  602.737441]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  602.742294]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  602.747499] RIP: 0033:0x459aba
[  602.750701] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  602.769610] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  602.777326] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  602.784604] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  602.791873] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  602.799142] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[  602.806414] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000026
13:47:51 executing program 1:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'vet\x00', 0x11})
r1 = socket$nl_route(0x10, 0x3, 0x0)
dup2(r1, r0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x4000, 0x0)

13:47:51 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2263b, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:51 executing program 4 (fault-call:0 fault-nth:39):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:51 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfc\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:51 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000300))
clock_gettime(0x0, &(0x7f0000000180)={<r4=>0x0, <r5=>0x0})
rt_sigtimedwait(&(0x7f0000000340)={0x6}, &(0x7f00000002c0), &(0x7f00000003c0)={r4, r5+30000000}, 0x19b)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:51 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x4aa, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:51 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x800}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_WKALM_RD(r0, 0x80287010, &(0x7f0000000040))

[  603.367994] FAULT_INJECTION: forcing a failure.
[  603.367994] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  603.379864] CPU: 1 PID: 10376 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  603.386892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  603.396261] Call Trace:
[  603.398877]  dump_stack+0x1c9/0x2b4
[  603.402581]  ? dump_stack_print_info.cold.2+0x52/0x52
[  603.407805]  ? kernel_text_address+0x79/0xf0
[  603.412266]  should_fail.cold.4+0xa/0x11
[  603.416360]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  603.421503]  ? trace_hardirqs_on+0x10/0x10
[  603.425761]  ? perf_trace_lock+0x920/0x920
[  603.430031]  ? graph_lock+0x170/0x170
[  603.433859]  ? update_stack_state+0x514/0x690
[  603.438383]  ? print_usage_bug+0xc0/0xc0
[  603.442485]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  603.447360]  ? find_held_lock+0x36/0x1c0
[  603.451456]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  603.457015]  ? should_fail+0x246/0xd86
[  603.460934]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  603.466066]  __alloc_pages_nodemask+0x36e/0xdb0
[  603.470752]  ? kasan_check_read+0x11/0x20
[  603.474919]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  603.479953]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  603.484639]  ? find_held_lock+0x36/0x1c0
[  603.488740]  ? check_same_owner+0x340/0x340
[  603.493082]  cache_grow_begin+0x91/0x710
[  603.497179]  kmem_cache_alloc+0x689/0x760
[  603.501347]  ? find_held_lock+0x36/0x1c0
[  603.505429]  getname_flags+0xd0/0x5a0
[  603.509244]  user_path_at_empty+0x2d/0x50
[  603.513405]  do_mount+0x17a/0x30e0
[  603.516959]  ? do_raw_spin_unlock+0xa7/0x2f0
[  603.521390]  ? copy_mount_string+0x40/0x40
[  603.525631]  ? rcu_pm_notify+0xc0/0xc0
[  603.529544]  ? copy_mount_options+0x5f/0x380
[  603.533977]  ? rcu_read_lock_sched_held+0x108/0x120
[  603.539005]  ? kmem_cache_alloc_trace+0x616/0x780
[  603.543868]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  603.549432]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  603.554982]  ? copy_mount_options+0x285/0x380
[  603.559501]  ksys_mount+0x12d/0x140
[  603.563611]  __x64_sys_mount+0xbe/0x150
[  603.567601]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  603.572637]  do_syscall_64+0x1b9/0x820
[  603.576531]  ? finish_task_switch+0x1d3/0x870
[  603.581045]  ? syscall_return_slowpath+0x5e0/0x5e0
[  603.585981]  ? syscall_return_slowpath+0x31d/0x5e0
[  603.590922]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  603.596466]  ? retint_user+0x18/0x18
[  603.600196]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  603.605056]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  603.610256] RIP: 0033:0x459aba
[  603.613465] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  603.632366] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  603.640079] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  603.647372] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  603.654646] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  603.661959] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
13:47:52 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:52 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x6, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:52 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
getsockopt$inet6_int(r1, 0x29, 0xc9, &(0x7f0000000300), &(0x7f0000000340)=0x4)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$BLKGETSIZE64(r1, 0x80081272, &(0x7f0000000380))
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000003c0)=<r2=>0x0)
sched_getparam(r2, &(0x7f0000000400))
ioctl$BLKDISCARD(r1, 0x1277, &(0x7f00000002c0)=0x90)

[  603.669266] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000027
13:47:52 executing program 1:
r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESTOP(r0, 0x1275, 0x0)
r1 = gettid()
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x3, 0x7, 0x1, 0x5, r1})

13:47:52 executing program 4 (fault-call:0 fault-nth:40):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:52 executing program 3:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x800, 0x0)
ioctl$sock_bt_hci(r0, 0x400448fe, &(0x7f0000000340)="23e44bace762692badc139237608a8241c29f7c9c153a1e8fd860ce53e75a68ba4a81e9c8b4b7f917c872bfb1dadeeae37405cbb4b6bae34406000079cff50166b1c8fe2f7531e6674a093947ed884392c7de9df05ee0b1435a0594721bd3309225eeec046f096fcc5cab549cf44f2f330679b722db731c783a3bad14896f62cd5ec56d01a789440d337756e79c07b3afa770c0c6cbf83a8252d8d14b09a7442a7829c214fc1d1126fd3823e2f3193c076c13511e3")
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000180)={'team0\x00', &(0x7f0000000000)=@ethtool_rxnfc={0x3b, 0x2, 0xd39, {0x0, @tcp_ip6_spec={@loopback, @ipv4={[], [], @broadcast}}, {"af48"}, @usr_ip4_spec={@dev, @loopback}, {"baef", @broadcast}}}})

13:47:52 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x7, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:52 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf.\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:52 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xfeffffff00000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:52 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$inet6_mreq(r2, 0x29, 0x0, &(0x7f00000002c0)={@remote, <r4=>0x0}, &(0x7f0000000300)=0x14)
bind$can_raw(r2, &(0x7f0000000340)={0x1d, r4}, 0x10)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  604.055869] FAULT_INJECTION: forcing a failure.
[  604.055869] name failslab, interval 1, probability 0, space 0, times 0
[  604.067200] CPU: 0 PID: 10425 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  604.074226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  604.083600] Call Trace:
[  604.086222]  dump_stack+0x1c9/0x2b4
[  604.089885]  ? dump_stack_print_info.cold.2+0x52/0x52
[  604.095119]  should_fail.cold.4+0xa/0x11
[  604.099215]  ? fault_create_debugfs_attr+0x1f0/0x1f0
13:47:52 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='/group.stat\x00', 0x2761, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x80087601, 0x1)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e23, 0x7fffffff, @loopback, 0x5}}, 0x4, 0x4, 0xfffffffffffffffd, "e461ba54fe2b3ce4040d963884a11179ed874cb73a5029cec9b35a3618c413b4e77986a84f4ac3288bfc273868f4c2c7db85ecc41115562c040000021492543eb10fe9e2917c88b3986dde78c30a9fd8"}, 0xd8)
write$binfmt_aout(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="cc0001fffe010000860000000001000018000000020b9f5c000000000000000098a419bb55afdfc6f28a1bdc1182e31c3248c49a11250fbfce29f763d37a9a131073d93eb4cf0845ec9b822be4f6302f7c35e35e44428b15a0879399ee14f25d68a0fbf2c74dff2c302b3badee77aadaaa5de4d7d26b19d23fd6cee6b1b9b255f392448777556dcbbdc277336940e882975a9a8b6d2505d7a43a2eebd09db8629e6a8c4282f9fc4cdbb4bd5bdd638e00c1a354ccf1cba7ebf3cbcd07d62685bb322f13d31daf7214e1a80d9f574bef828a91a2803bd60000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000349b48d9786155abc3346d2a5108220d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b7d3bea44ea5b296000000000000000000000000000000000000000000007311f2ec1a1fed9a24a7f4be35a90931968e1f767581854b6b5643eded62e82a2cb61103"], 0x3d6)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000080))

[  604.104357]  ? lock_downgrade+0x8f0/0x8f0
[  604.108533]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  604.113261]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  604.118317]  ? find_held_lock+0x36/0x1c0
[  604.122430]  ? check_same_owner+0x340/0x340
[  604.126777]  ? rcu_pm_notify+0xc0/0xc0
[  604.130696]  ? rcu_note_context_switch+0x730/0x730
[  604.135670]  __should_failslab+0x124/0x180
[  604.139959]  should_failslab+0x9/0x14
[  604.143839]  __kmalloc_track_caller+0x2c4/0x760
[  604.148556]  ? btrfs_mount+0x19f/0x215e
[  604.152581]  kstrdup+0x39/0x70
[  604.155803]  btrfs_mount+0x19f/0x215e
[  604.159649]  ? kasan_check_read+0x11/0x20
[  604.163818]  ? rcu_is_watching+0x8c/0x150
[  604.167990]  ? rcu_pm_notify+0xc0/0xc0
[  604.171901]  ? btrfs_remount+0x1710/0x1710
[  604.176155]  ? __lockdep_init_map+0x105/0x590
[  604.180668]  ? __lockdep_init_map+0x105/0x590
[  604.185185]  ? lockdep_init_map+0x9/0x10
[  604.189285]  ? __init_waitqueue_head+0x9e/0x150
[  604.193969]  ? init_wait_entry+0x1c0/0x1c0
[  604.198219]  ? memcpy+0x45/0x50
[  604.201536]  ? alloc_vfsmnt+0x779/0x9f0
[  604.205556]  ? mnt_free_id.isra.27+0x60/0x60
[  604.210003]  ? kasan_check_read+0x11/0x20
[  604.214183]  ? graph_lock+0x170/0x170
[  604.218001]  ? rcu_pm_notify+0xc0/0xc0
[  604.218040]  ? find_held_lock+0x36/0x1c0
[  604.218070]  ? lock_downgrade+0x8f0/0x8f0
[  604.218101]  mount_fs+0xae/0x328
[  604.233545]  ? btrfs_remount+0x1710/0x1710
[  604.237806]  ? mount_fs+0xae/0x328
[  604.241364]  vfs_kern_mount.part.34+0xdc/0x4e0
[  604.245958]  ? may_umount+0xb0/0xb0
[  604.249608]  ? _raw_read_unlock+0x22/0x30
13:47:52 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  604.253771]  ? __get_fs_type+0x97/0xc0
[  604.257677]  do_mount+0x581/0x30e0
[  604.261238]  ? copy_mount_string+0x40/0x40
[  604.265483]  ? copy_mount_options+0x5f/0x380
[  604.269888]  ? rcu_read_lock_sched_held+0x108/0x120
[  604.274909]  ? kmem_cache_alloc_trace+0x616/0x780
[  604.279767]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  604.285302]  ? copy_mount_options+0x285/0x380
[  604.289793]  ksys_mount+0x12d/0x140
[  604.293429]  __x64_sys_mount+0xbe/0x150
[  604.297471]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  604.302516]  do_syscall_64+0x1b9/0x820
[  604.306404]  ? syscall_return_slowpath+0x5e0/0x5e0
[  604.311336]  ? syscall_return_slowpath+0x31d/0x5e0
[  604.316300]  ? __switch_to_asm+0x34/0x70
[  604.320374]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  604.325753]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  604.330612]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  604.335798] RIP: 0033:0x459aba
13:47:53 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000580)="0a5cc80700315f85715070")
r1 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x101000, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0xffff, 0x8000, 0x44ae, 0x2, <r3=>0x0}, &(0x7f00000001c0)=0x10)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000200)=@sack_info={r3, 0x2e, 0x40}, 0xc)
ioctl$BLKBSZSET(r1, 0x40081271, &(0x7f0000000000)=0x800)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x880, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r4, 0x28, &(0x7f0000000080)}, 0x10)

[  604.338995] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  604.357884] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  604.365586] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  604.372860] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  604.380134] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  604.387406] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[  604.394674] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000028
13:47:53 executing program 4 (fault-call:0 fault-nth:41):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  604.424668] attempt to access beyond end of device
[  604.429933] loop6: rw=12288, want=8200, limit=64
[  604.447078] attempt to access beyond end of device
[  604.452253] loop6: rw=12288, want=12296, limit=64
[  604.478993] attempt to access beyond end of device
[  604.484111] loop6: rw=12288, want=8200, limit=64
[  604.490648] attempt to access beyond end of device
[  604.495681] loop6: rw=12288, want=12296, limit=64
[  604.528956] attempt to access beyond end of device
[  604.534327] loop6: rw=12288, want=8200, limit=64
[  604.546726] attempt to access beyond end of device
[  604.551832] loop6: rw=12288, want=12296, limit=64
13:47:53 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfX\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:53 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x400000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  604.584417] attempt to access beyond end of device
[  604.589483] loop6: rw=12288, want=8200, limit=64
[  604.604378] attempt to access beyond end of device
[  604.609407] loop6: rw=12288, want=12296, limit=64
13:47:53 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x25, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  604.811385] FAULT_INJECTION: forcing a failure.
[  604.811385] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  604.823734] CPU: 0 PID: 10469 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  604.830771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  604.830780] Call Trace:
[  604.830813]  dump_stack+0x1c9/0x2b4
[  604.830853]  ? dump_stack_print_info.cold.2+0x52/0x52
[  604.851611]  ? lock_downgrade+0x8f0/0x8f0
[  604.855785]  should_fail.cold.4+0xa/0x11
[  604.859862]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  604.864979]  ? graph_lock+0x170/0x170
[  604.868806]  ? kasan_check_write+0x14/0x20
[  604.873064]  ? find_held_lock+0x36/0x1c0
[  604.877161]  ? check_same_owner+0x340/0x340
[  604.881497]  ? rcu_note_context_switch+0x730/0x730
[  604.886452]  __alloc_pages_nodemask+0x36e/0xdb0
[  604.891140]  ? __alloc_pages_slowpath+0x2d60/0x2d60
[  604.896171]  ? rcu_is_watching+0x8c/0x150
[  604.900343]  ? rcu_pm_notify+0xc0/0xc0
[  604.904254]  ? __lockdep_init_map+0x105/0x590
[  604.908769]  ? __lockdep_init_map+0x105/0x590
[  604.913279]  ? lockdep_init_map+0x9/0x10
[  604.917356]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  604.922908]  alloc_pages_current+0x10c/0x210
[  604.927327]  get_zeroed_page+0x14/0x50
[  604.931229]  parse_security_options+0x1e/0xb0
[  604.935741]  btrfs_mount_root+0x177/0x1db0
[  604.940004]  ? btrfs_decode_error+0x70/0x70
[  604.944345]  ? save_stack+0x43/0xd0
[  604.947995]  ? __kasan_slab_free+0x11a/0x170
[  604.952412]  ? kasan_slab_free+0xe/0x10
[  604.956391]  ? kfree+0xd9/0x260
13:47:53 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x300}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:53 executing program 1:
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000180)=0x9)
connect$llc(r0, &(0x7f0000000000)={0x1a, 0x1, 0x0, 0x0, 0x0, 0xff, @dev}, 0x10)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x400000, 0x0)
ioctl$BLKTRACESTART(r1, 0x1274, 0x0)

[  604.959678]  ? mount_fs+0xae/0x328
[  604.963229]  ? vfs_kern_mount.part.34+0xdc/0x4e0
[  604.967984]  ? do_mount+0x581/0x30e0
[  604.971692]  ? ksys_mount+0x12d/0x140
[  604.975504]  ? __x64_sys_mount+0xbe/0x150
[  604.979692]  ? do_syscall_64+0x1b9/0x820
[  604.983759]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  604.989133]  ? kasan_check_read+0x11/0x20
[  604.993300]  ? do_raw_spin_unlock+0xa7/0x2f0
[  604.997713]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  605.002303]  ? do_raw_spin_lock+0xc1/0x200
[  605.006547]  mount_fs+0xae/0x328
[  605.009936]  ? debug_check_no_obj_freed+0x30b/0x595
[  605.014960]  vfs_kern_mount.part.34+0xdc/0x4e0
[  605.019552]  ? may_umount+0xb0/0xb0
[  605.023200]  ? kfree+0x111/0x260
[  605.026580]  ? btrfs_mount+0x84c/0x215e
[  605.030579]  vfs_kern_mount+0x40/0x60
[  605.034396]  btrfs_mount+0x4a9/0x215e
[  605.038201]  ? kasan_check_read+0x11/0x20
[  605.042364]  ? rcu_is_watching+0x8c/0x150
[  605.046521]  ? btrfs_remount+0x1710/0x1710
[  605.050763]  ? __lockdep_init_map+0x105/0x590
[  605.055268]  ? __lockdep_init_map+0x105/0x590
[  605.059771]  ? lockdep_init_map+0x9/0x10
[  605.063839]  ? __init_waitqueue_head+0x9e/0x150
[  605.068510]  ? init_wait_entry+0x1c0/0x1c0
[  605.072745]  ? memcpy+0x45/0x50
[  605.076037]  ? alloc_vfsmnt+0x779/0x9f0
[  605.080016]  ? mnt_free_id.isra.27+0x60/0x60
[  605.084429]  ? kasan_check_read+0x11/0x20
[  605.088596]  ? graph_lock+0x170/0x170
[  605.092405]  ? rcu_pm_notify+0xc0/0xc0
[  605.096310]  ? find_held_lock+0x36/0x1c0
[  605.100398]  ? lock_downgrade+0x8f0/0x8f0
[  605.104560]  mount_fs+0xae/0x328
[  605.107946]  ? btrfs_remount+0x1710/0x1710
[  605.112183]  ? mount_fs+0xae/0x328
[  605.115741]  ? mpi_free.cold.1+0x19/0x19
[  605.119811]  vfs_kern_mount.part.34+0xdc/0x4e0
[  605.124411]  ? may_umount+0xb0/0xb0
[  605.128042]  ? _raw_read_unlock+0x22/0x30
[  605.132197]  ? __get_fs_type+0x97/0xc0
[  605.136092]  do_mount+0x581/0x30e0
[  605.139651]  ? copy_mount_string+0x40/0x40
[  605.143903]  ? copy_mount_options+0x5f/0x380
[  605.148319]  ? rcu_read_lock_sched_held+0x108/0x120
[  605.153345]  ? kmem_cache_alloc_trace+0x616/0x780
[  605.158199]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  605.163741]  ? _copy_from_user+0xdf/0x150
[  605.167899]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  605.173457]  ? copy_mount_options+0x285/0x380
[  605.177959]  ksys_mount+0x12d/0x140
[  605.181604]  __x64_sys_mount+0xbe/0x150
[  605.185600]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  605.190629]  do_syscall_64+0x1b9/0x820
[  605.194520]  ? finish_task_switch+0x1d3/0x870
[  605.199023]  ? syscall_return_slowpath+0x5e0/0x5e0
[  605.203957]  ? syscall_return_slowpath+0x31d/0x5e0
[  605.208896]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  605.214270]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  605.219128]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  605.224322] RIP: 0033:0x459aba
[  605.227522] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  605.246424] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  605.254139] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
13:47:54 executing program 3:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r0, 0x48204)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000080)={'\x00', 0x1})
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
statfs(&(0x7f0000000040)='./bus\x00', &(0x7f0000001740)=""/4096)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
fcntl$setflags(r2, 0x2, 0x1)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000000c0)={0x7fff, 0x9}, 0x2)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  605.261410] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  605.268678] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  605.275944] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[  605.283215] R13: 0000000000000000 R14: 00000000004c9bbd R15: 0000000000000029
13:47:54 executing program 4 (fault-call:0 fault-nth:42):
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:54 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ppp\x00', 0x14d00, 0x0)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r2, 0x4008af23, &(0x7f0000000300)={0x0, 0x8})
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:54 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x22643, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:54 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfu\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:54 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x300, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:54 executing program 1:
socketpair$unix(0x1, 0xa, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x401)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
r1 = fanotify_init(0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000200))

[  605.739414] FAULT_INJECTION: forcing a failure.
[  605.739414] name failslab, interval 1, probability 0, space 0, times 0
[  605.750771] CPU: 1 PID: 10528 Comm: syz-executor4 Not tainted 4.18.0+ #195
[  605.757803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  605.767158] Call Trace:
[  605.769775]  dump_stack+0x1c9/0x2b4
[  605.773424]  ? dump_stack_print_info.cold.2+0x52/0x52
[  605.778622]  ? do_raw_spin_unlock+0xa7/0x2f0
[  605.783048]  should_fail.cold.4+0xa/0x11
[  605.787137]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  605.792257]  ? free_unref_page_commit.isra.87+0x1ac/0x610
[  605.797812]  ? drain_local_pages_wq+0x20/0x20
[  605.802326]  ? free_obj_work+0xbb0/0xbb0
[  605.806398]  ? free_unref_page+0x6e3/0x9a0
[  605.810654]  ? find_held_lock+0x36/0x1c0
[  605.814747]  ? check_same_owner+0x340/0x340
[  605.819077]  ? rcu_pm_notify+0xc0/0xc0
[  605.822996]  ? rcu_note_context_switch+0x730/0x730
[  605.827955]  __should_failslab+0x124/0x180
[  605.832205]  should_failslab+0x9/0x14
[  605.836018]  kmem_cache_alloc_node_trace+0x26f/0x770
[  605.841129]  ? __free_pages+0x10a/0x190
[  605.845117]  ? free_unref_page+0x9a0/0x9a0
[  605.849368]  __kmalloc_node+0x33/0x70
[  605.853199]  kvmalloc_node+0xb9/0xf0
[  605.856935]  btrfs_mount_root+0x1a3/0x1db0
[  605.861188]  ? btrfs_decode_error+0x70/0x70
[  605.865519]  ? save_stack+0x43/0xd0
[  605.869164]  ? __kasan_slab_free+0x11a/0x170
[  605.873586]  ? kasan_slab_free+0xe/0x10
[  605.877566]  ? kfree+0xd9/0x260
[  605.880869]  ? mount_fs+0xae/0x328
[  605.884418]  ? vfs_kern_mount.part.34+0xdc/0x4e0
[  605.889176]  ? do_mount+0x581/0x30e0
[  605.892898]  ? ksys_mount+0x12d/0x140
[  605.896703]  ? __x64_sys_mount+0xbe/0x150
[  605.900859]  ? do_syscall_64+0x1b9/0x820
[  605.904931]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  605.910307]  ? kasan_check_read+0x11/0x20
[  605.914465]  ? do_raw_spin_unlock+0xa7/0x2f0
[  605.918885]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  605.923479]  ? do_raw_spin_lock+0xc1/0x200
[  605.927724]  mount_fs+0xae/0x328
[  605.931105]  ? debug_check_no_obj_freed+0x30b/0x595
[  605.936134]  vfs_kern_mount.part.34+0xdc/0x4e0
[  605.940735]  ? may_umount+0xb0/0xb0
[  605.944364]  ? kfree+0x111/0x260
[  605.947736]  ? btrfs_mount+0x84c/0x215e
[  605.951723]  vfs_kern_mount+0x40/0x60
[  605.955534]  btrfs_mount+0x4a9/0x215e
[  605.959339]  ? kasan_check_read+0x11/0x20
[  605.963509]  ? rcu_is_watching+0x8c/0x150
[  605.967668]  ? btrfs_remount+0x1710/0x1710
[  605.971925]  ? __lockdep_init_map+0x105/0x590
[  605.976425]  ? __lockdep_init_map+0x105/0x590
[  605.980929]  ? lockdep_init_map+0x9/0x10
[  605.984992]  ? __init_waitqueue_head+0x9e/0x150
[  605.989664]  ? init_wait_entry+0x1c0/0x1c0
[  605.993900]  ? memcpy+0x45/0x50
[  605.997190]  ? alloc_vfsmnt+0x779/0x9f0
[  606.001172]  ? mnt_free_id.isra.27+0x60/0x60
[  606.005595]  ? kasan_check_read+0x11/0x20
[  606.009760]  ? graph_lock+0x170/0x170
[  606.013562]  ? rcu_pm_notify+0xc0/0xc0
[  606.017479]  ? find_held_lock+0x36/0x1c0
[  606.021550]  ? lock_downgrade+0x8f0/0x8f0
[  606.025718]  mount_fs+0xae/0x328
[  606.029086]  ? btrfs_remount+0x1710/0x1710
[  606.033327]  ? mount_fs+0xae/0x328
[  606.036873]  ? mpi_free.cold.1+0x19/0x19
[  606.040971]  vfs_kern_mount.part.34+0xdc/0x4e0
[  606.045583]  ? may_umount+0xb0/0xb0
[  606.049216]  ? _raw_read_unlock+0x22/0x30
[  606.053365]  ? __get_fs_type+0x97/0xc0
[  606.057271]  do_mount+0x581/0x30e0
[  606.060822]  ? copy_mount_string+0x40/0x40
[  606.065087]  ? copy_mount_options+0x5f/0x380
[  606.069524]  ? rcu_read_lock_sched_held+0x108/0x120
[  606.074547]  ? kmem_cache_alloc_trace+0x616/0x780
[  606.079408]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  606.084950]  ? _copy_from_user+0xdf/0x150
[  606.089116]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  606.094662]  ? copy_mount_options+0x285/0x380
[  606.099165]  ksys_mount+0x12d/0x140
[  606.102801]  __x64_sys_mount+0xbe/0x150
[  606.106778]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  606.111808]  do_syscall_64+0x1b9/0x820
[  606.115701]  ? finish_task_switch+0x1d3/0x870
[  606.120203]  ? syscall_return_slowpath+0x5e0/0x5e0
[  606.125138]  ? syscall_return_slowpath+0x31d/0x5e0
[  606.130076]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  606.135483]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  606.140336]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  606.145528] RIP: 0033:0x459aba
[  606.148728] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 bd 8a fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 9a 8a fb ff c3 66 0f 1f 84 00 00 00 00 00
[  606.167630] RSP: 002b:00007f935cfd3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  606.175340] RAX: ffffffffffffffda RBX: 00007f935cfd3b30 RCX: 0000000000459aba
[  606.182627] RDX: 00007f935cfd3ad0 RSI: 0000000020000100 RDI: 00007f935cfd3af0
[  606.189899] RBP: 0000000020000100 R08: 00007f935cfd3b30 R09: 00007f935cfd3ad0
[  606.197180] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[  606.204446] R13: 0000000000000000 R14: 00000000004c9bbd R15: 000000000000002a
13:47:55 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xedc000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:55 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x101000, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:47:55 executing program 1:
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @broadcast}, @icmp=@parameter_prob={0x21, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x8035, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}}}}}}, &(0x7f0000000080))
shmget(0x3, 0x2000, 0x7800080c, &(0x7f0000ffe000/0x2000)=nil)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x6800, 0x0)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f00000000c0)=""/4096)

13:47:55 executing program 3:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r0, 0x48204)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000080)={'\x00', 0x1})
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
statfs(&(0x7f0000000040)='./bus\x00', &(0x7f0000001740)=""/4096)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
fcntl$setflags(r2, 0x2, 0x1)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000000c0)={0x7fff, 0x9}, 0x2)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

13:47:55 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfi\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:55 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x4a6, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:55 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xf725}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:55 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:55 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f00000005c0)="0a5cc80700315f85714070")
r1 = syz_open_dev$binder(&(0x7f0000005000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$binder(&(0x7f0000008ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x20000, 0x2)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000240)=0x8004, 0x4)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x1, 0x0)
ioctl$EVIOCGABS3F(r4, 0x8018457f, &(0x7f00000002c0)=""/19)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0})
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000300)=<r7=>0x0)
r8 = gettid()
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f00000020c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000002180)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x4400000}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)={0x1c, r9, 0x6d22bf00ed9db283, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4)
ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f0000000340)=<r10=>0x0)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000001f40)=<r11=>0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000001f80)=<r12=>0x0)
sendmsg$netlink(r4, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000000380)={0x154, 0x25, 0x20, 0x70bd2d, 0x25dfdbfb, "", [@typed={0x8, 0xd, @u32=0x1}, @nested={0x18, 0x14, [@typed={0x8, 0x17, @pid=r7}, @typed={0x8, 0x75, @pid=r8}, @typed={0x4, 0x92}]}, @nested={0xc, 0x6e, [@typed={0x8, 0x2, @ipv4=@loopback}]}, @generic="20c6336699fca2f33d4954738c6f04d15867fa857e8e4bdf92bd88479448c4499a2c15ffbd988f12da476de5288243f87ebbc2225f717914232c0b198257f5480c6b77eb7e7bc1a3fb60b89347d80ddb87ac78a66170b29f6e9ae0320b04f33968203cfd82576a3883e4ba3a43088775499dc019b5f8437749cc1e93d3898854f6f3030bb6c81f82828d5ae8e132282453e5511d00384957ba1126246b6076d1a9353002196c937ea37660a8bd573663dc7b3d45e8fdfdfaf0f9cfd609517ca60c8b3d5b5f067865ddfca47cbc2e56c1a68c3b70", @typed={0x8, 0x91, @pid=r10}, @generic="7498c124e995a10faac535c8a50fbf510b0bec59df161ed724eaad0a377695b7e5d7b04f5780ffdac2be54e33a31b0cdce99eb53743deedaeb3b"]}, 0x154}, {&(0x7f0000000500)={0x14, 0x3b, 0x100, 0x70bd29, 0x25dfdbfe, "", [@typed={0x4, 0x29}]}, 0x14}, {&(0x7f0000000600)={0x5e4, 0x14, 0x300, 0x70bd25, 0x25dfdbff, "", [@generic="2d99058664c10752e87f10495e335d66f90e280af596db02be4ecb6d24012e1647b496b1cb539b4f8aa673f6ab11fc1f8967abe41b5c683167068f736b09a7b78559bf9c3987ced0859eb617218b8852bcc456a8f1e169d0688afe0f78959a9dcbbd88191e3a6631eaf35ef1d51b4fb0ae99caebf8c678d3bb37d6bafeea994d605c0f85d7931fd2c6962ea9b7d6986a63c2", @typed={0x14, 0x6c, @ipv6=@mcast1}, @nested={0x230, 0x62, [@generic="aa", @generic="ec32c596b9525306305f3d5699de5c2fef9db66377e472f6ee6e4d8db616786fbea16774e55a4b6d07bf5e74e3ad8fb873de5c41a79f5c7a45919331e1bceb4c7c7c9a2fcbe8cb343e66bd425a6474d646e0126018609fac96120914ef1aa1e533c74fc5291760ac2fed7b6bc308c819f680c66a873c2d21a2f5851643147a8f781995c27639ac2c0b2f9663b34f7e578aa281fa1a4a53b63d9a3c6cfac8dc8b46", @typed={0xc, 0x42, @u64=0x8}, @generic="4ba107b407cef2be00fda3f21252066b99a55393dc0b9cab954f131c1b8344ba6c6cb1e6e222a60aed9c3e1caea764331a9b66ccf08e294ef3c78f1dcd92863213de5361c041c08c4f2ae0ef256547a2d4143fae086fdf9bea10d870576ce096dc5df2f346a6f59bed6d45ddd4ea09c01ff5f7da9b38f7e69acb3cc0c72baf3a94a73608848f208036acce1dc5eeb97b1253f47b19cc8a09847c0828e9c6949b9cd4fd9a0a8da61f1878986e0f28fd6029ba1e013b049bfd3b2ae06a5ff3", @generic="1412158e3949257d3fd86aaec68950ccfdd21b6620495e7d343a6de0c95d9090ab438a5162249f5ddd85297f229ad8eb5c6f020609581e2b09c60d73b3e7a31d733e3e6228ba27712b8824d78360be2545af2fbffd64cdc1bf4c6e5f37543482e05ae944a85e38fa20f58613c79541daf6d45dcbfe7f0e3b54a3cd8f19b10ceba0f426692a15f71f79654635ef1d0e84d0a3a90ab2232a5cb8b4dfff9efbe2409fd2c8c827a945ccd40437622c872f478af6bdde", @typed={0xc, 0x58, @u64=0x100000000}]}, @generic="cb17b960626b6a7e0148a4f86a7dd9170f7357d4558d58dc85725bbae2fe7db9121e25c77db263f36780ce616ab6ec5e94d67e55cf314d6b57edfddf1d95e5aefa8a6c88b79681d763e2ce1b89f870d9a651e4dbb3bb183d7ffc2e293f7abbc29b8ff011651b2acb15da0c2bdb0e721c976205", @nested={0x288, 0xc, [@typed={0x14, 0x3d, @str='/dev/binder#\x00'}, @generic="991b6b6c396756c3d4e915ec964c2da09d563eeb", @typed={0x14, 0x7b, @ipv6=@ipv4}, @typed={0x8, 0x41, @u32=0xb5}, @typed={0x14, 0x70, @ipv6=@mcast2}, @generic="78c19d966ba5f7b1247cb81f8948570033078b7296ae69b08c85aa77fc70232700aac632050a94889333afd464d23f94e0f120baa7e7f49cf971d9df84495b0aadc554c3fd06f03e744b42958ac1bfdf487e30fdf0b11526f85a2abf99a35f9d38c47bf2a07e59879b68eb6d5c54fc2ffe38d51e438a44dec154b15de2f98144c433a31b572b76e3f5bab9cedd949556a8487fc23012f88905230d88915addfeb2f979aad1b9914f23", @typed={0xc, 0x85, @u64=0x3}, @generic="0ac5e69c193cafdb9d8a2f088c54219bd7fff98cfda3f01a109f7daa4c424d307d82c7a0a0e85128ed564513b6f06a5411071658b64b9d3afdb4b559e069577891a2f43247913248edbb03cb706b0a7c535ef7f7003cdfc66f8534517e0fc36bef63dfe1d9b1b9828958df0fd254d3ae5fbc44a8dcc932e3746e09fd86398d74e27d7757339dcd5f896605e74fe8c2ea70563dd75e9385afae7b546e7509f190339bb56cab81e039448fb41f1afe", @generic="a164dce2c3ff175118c31aed82bff85964311217a221d134359a02a673d1cfd47e33f0cb51692aeae0cb76f0f939f534fd1b2c99f44df5b813b3fdc478b7f1f483fc249804b1b1533f52552f43154c322223125965f2e788ab9d424a40351318c1b24431efbb05aacfd79b5f795201b96de4a787881078d2a720550e2e1168b976f3a147f1cc2cdca96e8292b31f94948bc3d9f3453baea019df806fba7682549f1411c9aa974e68cc4af7c35124083adcc09dadef6d14e425ad49eb9a7a30a457b9a2b5c3c6a519d5"]}]}, 0x5e4}, {&(0x7f0000000540)={0x14, 0x33, 0xa20, 0x70bd2d, 0x25dfdbfd, "", [@typed={0x4, 0x17}]}, 0x14}, {&(0x7f0000000c00)={0x1268, 0x2b, 0x1, 0x70bd2d, 0x25dfdbff, "", [@typed={0x14, 0x80, @str='/dev/binder#\x00'}, @generic="e5563601c354f041e99a0fcb40ad5eb83a265b17ef3ea3c87de138ae417793a5ed59d39674e910a3afd99faf4b1f4396c8f7a2ea75cf32f2d488cbb1b41d9080675595f01f5dc9e1cd8f1ef768ca1e943eb2347f384eeb2ec7d65c47bc723bc23c1cdfb8c15169516707b8168cc7fe84fb24ef7f2555533f3c24024239edd20aa5135033e8effc9fe7216880483b3c2d4d798535d8", @generic="4be5edfb073369be419d0a7db361d0fa8b38caf8b26cf8598a06ecb4fb5ee83c70167ea4c775f0df7c651e8a2d6d5ed24d1ccc18470ce6e9fa5fe5f21be6fdac0211eb207cd256fe986ce2ab83a59d90cfd7d8aa79ebcd93ef6f850b6c21dfd49fa1320e7faf1df52a7fe95f6ecb16d002b1f6edd0a3616c33b3b5bf68c83c4029ac857f217e85bd4bc0d60a9244ad19d26f716c49f6e43e27ce92182529082ba1e5bf6850affc2659c80ef40238e91f7593812515e52fa7228927ca26b95f70559e5ef3759cbaeae5a7dd1e6004c5db2801cb9145d79fd5b6891297cc744f2dc91ff8ac9a89ec9689add643bf77aa8283517035645dff2b6f98fbd9df853246df1c358141fa7f6d1d097e3004af34344f9de6a669ecdbf0475116dc25d4b7de289ca1846ea60d3f4b5733c85d6ae17bef8fab12308a4ee425b813bfa40dedce8cc39f20b85c1db09391ad4ebf65ddc0fe261a26fc3d6f03ee0580c6d131ee882a4a077d01338e8257b5149fe1f1a18cfe326091a6a8e0e4d9b7f8a26460aedb248a570ea0720d8d09381298f1a45f43aff5cb60de1fd912d887bd4755a405c1868d857d5903359941a9e2d3e82773d6af50a72add6a0f492c45c8cf0c4c010ea17fe6ad2e4f7b14fe588bea1e16fb490a64699fa0d354f51041becd5d03cd42bd61af0d09d87d8d2e8a208780dd18fe0769ce43ccdd1fb48d2b974b12f16a7f0b4e022552f4dd678105881a37a967ffd6fe149d4b608ebe205289b77eefdefb0aace5a219a5ae170c260ad82d8f251fe5e1b32e4b6d2b09643ad7591eb0a91da0f2d2e5000395f4f876ebfbaea0acd4eff544e75bf58a6b2919c785e6943b29a5eb22225965fbb1a1f8833428a12b7ac1f542bae9f98d1989436a10fdca2e11a37cd7270697885d4af741260fc232fbf7f0a39e1a865b08edef2a2e7eef5162559b154833351e727eba3341edf335d4985f37fe6926972408c7b54ef4c8fc1277e15f26d9fa6039c916a5379a221d04bf976cb7518fbbafc7b318f3b25b5625f68fe48b1d2690a0b5e74b51120b1d9fb12ecdf804ed17a45bc1a246b08908bae3c6d11ff3c803797c9c1f9a84fb11df138d74180b829cfff0a8cfafd49619bc9e34f18939064b7466fe71e9bc44cb07fcd63e2a7ab97a65a01ebed64d7dbcef3ede8e4eb73803b5b73b7e96d1c9332d6f11273642002f048cf350cb81e1e78cf1247686e1db63a774a849cb351ac88bc78c928c0f34554202b8d5a809df8054166279b160f639d871bc0cc77adf451da14e8f08b2547bae155db6e533fd90bfbf96105cfb3836ef9a9a3de9945caf4f8870c11285a3390c77ff810472dc7b601f9fdc3832f8a9efda1d6697409655fb45d87205cfbadf39f1c1b8099749fd418f17a50d295f1dc5e7da4c0a98129e061ac1efc3abf7386928732ea1f617cca32c37ac27fc3986584e3e948b6d235fb70a8bf0af89031230be456c2ce6860ab25ff93ba36787969a587b93eec6cfe0232008d3925d8efb5bb625cbcfed89878869ace44703f746a9efc1a63fb3657bc4580c225a2cd7ed91e04f8690883b483f7c71367a2b1f67b00a150d8774e8e1bd8a05c2c2e7709984f9fe60c8ba1416d338ad2fab31be4c62680c9102372efe6535ca91c51e8c009e1348152a7824fde5107333900b4749742401596586e0d17fb4037e6c5185a460086120247dd085553bab921b778054db05fb34a9a69e563c556259c632bf113332442e64616ea8f9781c00789d5718293032e8c8cbca44f53132b6c09485670bb51108cbf9e974f4a1300923f9c969b7245bb41c952cec65036336154d935d8e20048c89546a36d7996ab2caa9ea3ddb47647c064f048bc949cbb08d3223365e4e706e46491df4d6b20593f1b9ee2fb1430276deda0a2938b637a4e8341a9ca26a910756c8bb1f5f8a2a2c15232f506a2e00e90b8c991b5bccf08a42fcc81f5859d9c4e11d8da47ff17c8ffcc932e500826be71c0c851c13a976d7aa64ac23ec8126e3de80f41d3c43c41848fd2241b7d991dfe6f3ac516cf638aa76913b4cd56774ccdb466d6dc3a42b8a5f48b52c1809512c563f465b4de2cd37a250cdc35694daa33d8826f26d9fcf13babc6b9782ef3f0ba843a78c49470824b3cd19052d86e6181cc55c8a038c428fb1f9cb7402a5f3fa9d27a938fd6462438ec632d6e1b6a56027f8108c0b05e09c680df78238ac869bcd1fa9657bb00b70818589232e9d006d144f4d461ae1efd9daec50e81d399b7a0658e7230f97a2c93fe8f157572472a46cf5a7ae556f625ea021bb73eae0ff1d747a28732aea7bd9b61835600faf9a2dd092964b7a550893f2c9926277d3edc78bb1feb0c588c50fec8bc58e9b254e3ad4a5930e85bf8ebedba1ab5512ad27669644fbb87649651e441feab42206602267223cebcdde2db2d695f9ec56eb75fb40c3282af8c966ee72d0e2392617691ae76b561994fa127869609c302c6325dddb6b878c283730943146bc0aabcb056a84cd418d9dbc7b9830fb168d2a2fe04b9efd97dc3e070aafe0369d2b7c63c617786dadfe74a9f67ebb0f1a0edcdceb4e07c54e4ce26d5ea6cf271f2ab57cdaebfd3bc8a2dd98b0840dd99db2536085c839df9442784d97b06d5f545b9e2e426674efcddbc440a1c5c20851a97cb3d88e3999e10cb1b9a678ac347f4a93ef6d8871dfb0000c949d4683a05510a8732ba07cd41d6095460695c61500f1b1e7423311a8a5d463cb1cb6c8daba76d19e9b2d14dfceccc4bc6476f3f63d4dbfa4b47d2e52645b43a0757b41747054e223ef6bae003d98b8be696fae9eb4514530b05719cd68a81c745963b8a4b5e2bc91ff85266d8769c30bd2bcdd158389b15346045dd089c3d0ed507992548874e33caaec5e301fae84d567f12a6b47ecf59ffbbb920c6a5b806a926af79663b634ce901d57bec8fbe141e199ce89d271a2b68028d72eb8bbecb28019623abfa21af588832fa4c811eae5bc645226dfcb393a79a18e956997cfbadc48a938d356019129df8e1d28cb402783308cf5df3260211400864926ec1191560e86a3b6b7f61a8a3aa81b452cb018041ecb0cc384ada8e03ff0c91a3741841fe08117fe1d2a4c62498cf8cbb56c05955b9fba32129b43420822bc8d243c271a0598ae69282ebec229f757c58e46bf7a2c9477d580047c50bffe454cb7edc0515b3940012c2433f83b08187e2e30e18445ee7d3351070bccd42bba7b0c2951c9ad5d886a9636d9b9dc485988ff0d360c95997c08aa7a435e110f9a1bec8db1873d8723579ed76a9a3c7fbb366224e759043adad089cd9ee97788add85df5f3ba4af96ab9ffd4c7945c945ebbe1f31c46b2601f446a6d205f0c50703165ce667eec5f68b409fa1a86189f2571a89fda6abd7e476350bac8a9a24c3c1c9c7437a53e3fa603bb0f4b701cc5d496085a70372536a5ce6c34d005887670be22c4619c12f869bf17e53371191f840c9285d9358c3fd5729c4c6cb2d73959d490f50dcb5763f063aec574d27ca103c83fdee2a0c73918f8fd179c473309a857d123e305feccea877df32f1dcd931ba5e1fdf35518703932b314666609e3aeece1f94c984c20a8f405efa338e0b3fa8740c98dc8bca39bd62a3aeb57e72eacb5cca082b14e0a09d1ebce69af0d124c32d3aaf62135dc3c749dcf88c1b40ae86353d77d4a11a9f0bc8d1bcc2410e40f169c68c7af97607cf36b521acbf22c1d228bce4495d807e89328a7170dbd3c6f1eb53a3557a858a655a9a8f6d519240980f21231446253e1fd981f4ae500611537fdde55d073c71218a5728f73484a7e9083badb899a60f548e961bc53342c3f82a90880c5ef38d735f9515ed5ffaf881cdb4d6121dfc4132c742d764b41f4612414b7783e574d4223c3d0da7458c5c7f0dad035f0266bf0cfee18a2d7ef4f4ed408e92801d10a906e3526d46f0d97ae53e7661cd4d62f6e565cff76aff202af6359e78ea7370652ba8f4932ab5b9d401fc367e493606a0dc304e8fc154f3ff43bfb8b1baf45c5e089d5671e29ad525f032093fc515a76de6899d0c7c3cacc881693355bc3398edc41c498e7a050ca601c40ee32750c20ca122a440bf7144cb51d2fc2dada2e5510930e6c05291c58575cab67c173dfccaf452d13433354d45b6ca5d96b357f3c246bcb3708c26dad3a722cf098a0c9de8111ec6d07eb07a7055f849f018deabaa560b50ac1c8a4a55ea5500f876d2457ece13013d87674242030bcb6b71f9f262864e63cd618987d10fe994c5db77efe51fe320e40f63a2d5cd04a4b085a26cc395c04be1e2a4d600e71986a863afa3bcaa7536998ee8e92a340d8c09ba913aca10aa3c9b24de84cd7405966b3e60b286a0180041bae4d5e657ffda508abcc78630bdba02f301ef797c65ede91197b304c5e7d0584ecbdc9f8410113e914c293a8917cff36d1a779b96a10e0cda8e4e183e13067d1c8544a51a0e5cdb6ef18a8f7f44d169bf326c00181beb27328e53826fb62781b123c688b2b07a288f7501b404d14b5d5f83d3c37ae4322247cdf6ff9b187985b18a77cc4d6dbf49f300045d2ec640738f91725c9912ec935d995d24ecd07cc177f0413c313e0866730c5cbad968a26e8f19b7ea51243edfa1a728123c1843021d679adb50dddee1cd17f9016f770c2828940b8bedf8b25d5a3ba1c1423bec01253578de2b77a192f7573d170c3f9b13e979d16af7f8d3ae27a6d27d816371915f3424a71ecf8d2a50b344e4c2dd15a787374144f405032962e16bd4851237d771f806dcba0af86e063230c9e8284517492836b1ce0a71ee7c04330ea0591f3af29d357dc12529f8805ae379c122a62122c6594691508ca61175a266bfbdd492ceb321afcfc0dd961b9edc5c2fc6381a1c9659b6cabbf04f3e36d2e83d91ddc799fc5c653cbe39fe65d0bbbb1bd496f38abe3079904c50e69ac51cb58fd316ffe4d45cd43f95308a3642fa5665c390cf634d75c706f7ba1fa46fc7511daa9ce5a3dc5f6ea4aecaf237a5796edeff88df28e84b41fe2fe758fe5af00a2036477ad8a304617427f8cb3bf5d607cc92e7f89b6f8b53233c6018654cd60b2a0d6d128b3bcbd476b35455982a1968cbe520e32ad7152490a385589230a854c7e3c1251b2a0d0e59a8b598dbdfb501a4c1042a7c57f8ede640a36c1da9eeeb3f1eb1c3f032527acf5a043c7fb6ce53b8ece43419875ab9735790586942e19381c1745115f8bcb1467ba10752d90bd31479c0c7a4ae2cae05ada9ff2dde93a233f01e76d5e925ddc6ebfa818b67615c000d954ad21187e3163abb147ca3f8e9de2241b388cf635a87ed27cfd825448c0a513cd62250d474e02acc731889d55a0c8d4551f329d6388771103994a623dc2268f7ec6977afda52e6d102c02ea5047748754a59a0b498afbd69da68f2a82ed060a9d71c5b0fad7460bb5664992ac2d839646ff8ecabcc912b92e324c207af63dc7bfc3c33161d08a593060cc03c45710ef73e5ac5a276026f8542609b4217cbd41bf9b926b5eb070c060fc48d91074d80d2295fe536246587d3aac34ac0fb1ada32ab4dd19d5a73a2f83be352345fb73a8e43783e3e7978f081e11bae27a4709778fb98574db0c659a513f8cebd90f55c4142cfbb8ae6a90e1bb0216e988bda791767af0caaf3d838ca7695ce7611a51f3897d8178f591830334b7f601dba1c84537479e21604ab048339458a8c0449def3fb8954009445cdb0e801f4e5f520349761e84cd090f477b05", @generic="e616e002091e8c5ecdc888ce536e37be9c0e91e4c00089a1a44d5009404af75b827f1e7609eab792f3f32b4eaf1995eef80967908c7ad7eb3b2c44b4b4752ec232549f0b21fd88ba1bacbc397dabb763f1b44f9de20269607a095e9c8839d60a5724e035ef49ccd883a12ffc74205aa856daa25896d98db486", @generic="048f7a945fb0887eccdd719b6141dc8088055fcbaf044e82da91a9d62cf1d0e591411b3f2ff9831cc8425a55597598be270e3bdc05251f976cdaab89961274c7a295a1059d79a9c4d179a01776a4dec753a3d54222efe9953522", @typed={0x8, 0x67, @u32=0x1}, @generic="6936c805c1be612415d908e1aa698a9a5f20641ffbceeb6a59719f53ebb7d5b1e2a978cef094bb5d1b39e6f034b02a370a9031743a151eadc65c7e32ad1c4df6be4a2320cc07c29f401b2892ebd92ff8fee1f6a0f28038b7eb8fc1ddbcb0be173a73b33d484dfed76c8558e41ed1b977865f4919cd65809608ab663ba4437c0eb2eb76dffc42176459f75d2f7ea6b5f9c6b0c9ade462bdb206d6da70e85824a44a7d98503b8c51b0f48a9c7747428f0ed36beb9b0de055092422c0f3c26787ecd03753ea240c9bf53cbbed3a43b85aaeb806ca"]}, 0x1268}, {&(0x7f0000000580)={0x1c, 0x25, 0x500, 0x70bd27, 0x25dfdbff, "", [@typed={0xc, 0x6e, @u64=0x1}]}, 0x1c}, {&(0x7f0000001e80)={0x18, 0x34, 0x8, 0x70bd2a, 0x25dfdbfc, "", [@typed={0x8, 0x2c, @fd=r0}]}, 0x18}], 0x7, &(0x7f0000001fc0)=[@cred={0x20, 0x1, 0x2, r11, r5, r6}, @rights={0x18, 0x1, 0x1, [r3, r4]}, @cred={0x20, 0x1, 0x2, r12, r5, r6}], 0x58, 0x4}, 0x1)
r13 = getgid()
write$FUSE_ENTRY(r4, &(0x7f0000000140)={0x90, 0x0, 0x8, {0x4, 0x1, 0x0, 0x400, 0xcfe, 0x3, {0x6, 0x34, 0x9, 0x7, 0xcea000000, 0xff, 0x2, 0xe65, 0x7, 0x7fff, 0x9, r5, r13, 0x7ff}}}, 0x90)
mmap(&(0x7f0000002000/0x7000)=nil, 0x7000, 0x4, 0x20011, r2, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000280)={'bond_slave_1\x00', {0x2, 0x4e23, @broadcast}})
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x4)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000007000)={0x14, 0x0, &(0x7f0000005fd4)=[@acquire_done={0x40486311}], 0x1, 0x0, &(0x7f0000000000)="e1"})

13:47:55 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x500000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:55 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:55 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x2672, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:55 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btr.s\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  606.957404] Unknown ioctl -2145892993
13:47:55 executing program 3:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r0, 0x48204)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000080)={'\x00', 0x1})
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
statfs(&(0x7f0000000040)='./bus\x00', &(0x7f0000001740)=""/4096)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
fcntl$setflags(r2, 0x2, 0x1)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000000c0)={0x7fff, 0x9}, 0x2)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

[  606.986215] binder: 10610:10612 ioctl 8904 20000300 returned -22
13:47:55 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x7000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:55 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000013000/0x18000)=nil, &(0x7f00000003c0)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaab91, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000002c0)={<r4=>0x0}, &(0x7f0000000300)=0xc)
ptrace$setregs(0xf, r4, 0x2, &(0x7f0000000340)="d321e654884cf37a8814f6b84e10ec271151466dad127b1941caf713588bc242f3e7a1d956f35f6fce5df682b50142f1c024484245f259fc06a9303f65f25a6781ca4a5a145f783b8d12f8f084c2e2285bfd4c73ba34c17803b529b33ead2899b5295c9f2f382b7418ebb6609bf6e91ed92c9d223487ede0")

[  607.055321] Unknown ioctl 35076
[  607.098271] binder: 10610:10612 ioctl c0306201 20007000 returned -14
[  607.184391] Unknown ioctl -2145892993
[  607.256209] binder: 10610:10640 ioctl 8904 20000300 returned -22
[  607.287770] binder_alloc: binder_alloc_mmap_handler: 10610 20002000-20009000 already mapped failed -16
[  607.302484] Unknown ioctl 35076
13:47:56 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btr/s\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:56 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfx\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:56 executing program 3:
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
ftruncate(r0, 0x48204)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000080)={'\x00', 0x1})
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r1, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
statfs(&(0x7f0000000040)='./bus\x00', &(0x7f0000001740)=""/4096)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
fcntl$setflags(r2, 0x2, 0x1)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000000c0)={0x7fff, 0x9}, 0x2)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

13:47:56 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x2260, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:56 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1a0, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  607.430886] binder: BINDER_SET_CONTEXT_MGR already set
[  607.466150] binder: 10610:10647 ioctl 40046207 0 returned -16
13:47:56 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x7a00000000000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:56 executing program 1:
r0 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x0, 0x50300)
getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000240)={@remote, r1}, 0xffffffffffffff88)
r2 = socket$bt_bnep(0x1f, 0x3, 0x4)
getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000040)=0x40)
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f00000000c0)={0x100000005, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2f, &(0x7f0000420000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
write$FUSE_OPEN(r0, &(0x7f0000000180)={0x20, 0x0, 0x5, {0x0, 0x2}}, 0x20)

13:47:56 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf%\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:56 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf+\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:56 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
sysfs$2(0x2, 0x6, &(0x7f0000000600)=""/4096)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:56 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x6000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:56 executing program 1:
r0 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r0, 0x114, 0x2721, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0x2e2)
accept$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, &(0x7f0000000040)=0x10)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x80800, 0x20)
openat$cgroup_procs(r1, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0)

13:47:56 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'nr0\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000), 0x2c)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000000)={'bridge_slave_1\x00'})
getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f00000000c0)={'raw\x00', 0x15, "64e968d6cc2b73e23e65d0b1e1c36ee49e4575d396"}, &(0x7f0000000100)=0x39)

13:47:56 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309c4, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:56 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfu\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:56 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xffffffff00000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:56 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000480), &(0x7f0000000440)=0xffffffffffffffc8)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x800, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={<r2=>0x0}, &(0x7f00000000c0)=0xc)
ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f0000000140)=r2)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f00000001c0)={0x7, 0x4, 0x8000, 0x7, 0x4})
r3 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000300)="071a2967cb1bee1a96dc8feec0049d4df418d7e6eee3f63dd8870b79bfbeb5e053a911b270087636134e7ff94a47c785b6b9916061f33ec8931d18943ada372f590716fa4e8778305686f2a4fe90bec9ecededbeb251a1bd899357b0d67d7ec6d9607ae1df4a725b47edeec9a18024538bd039001d38729ef369faf50d779a428164bd7502829a74355c3ae59f879841ac3c38866fcf1011e65be569c9ee37649d8d05b4a04ca63c7eed4b3ebba105bbab6d153aac73cbc074b3df22b7f29363427569e74d47ff47263da41bd763a068b50940371ccc21ce7741d650489bb33ec1f739ef7a45aafd961c86d76a02a0918b063229d981b7a0ab0fba", 0xfb, 0xffffffffffffffff)
keyctl$invalidate(0x15, r3)
accept$inet6(r1, 0x0, &(0x7f0000000200))
ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000400)={0x2, [0x0, 0x0]})
setsockopt$inet_udp_int(r1, 0x11, 0x6f, &(0x7f0000000240)=0x80, 0x4)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000040)={"6cb0c0b5c54286209300", 0x40000000008})
socket$can_raw(0x1d, 0x3, 0x1)

13:47:56 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf-\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:56 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
fstatfs(r3, &(0x7f0000000300)=""/100)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:47:57 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xc000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:57 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0xb)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x80000001, 0x4000)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@mcast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@dev}, 0x0, @in=@remote}}, &(0x7f00000001c0)=0xe8)
ioctl$TUNSETOWNER(r1, 0x400454cc, r2)
ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000080))
sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000020ff4), 0xc, &(0x7f000000d379)={&(0x7f0000020000)={0x3a1, 0x19, 0x401, 0x0, 0x0, {0x1d, 0x2, 0xf}}, 0x14}}, 0x0)

13:47:57 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309cb, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:57 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf#\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:57 executing program 1:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$kcm(r1, &(0x7f0000000240)={&(0x7f0000000000)=@sco, 0x80, &(0x7f0000000200), 0x0, &(0x7f0000000300)=[{0x10, 0x84}], 0x10}, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000004c0)={{{@in6=@mcast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@dev}}}, &(0x7f00000005c0)=0xe8)
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x88142101}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)=@deltclass={0xf4, 0x29, 0x200, 0x70bd29, 0x25dfdbfb, {0x0, r2, {0xfff3, 0x1}, {0xa, 0xfff2}, {0xa}}, [@tclass_kind_options=@c_qfq={{0x8, 0x1, 'qfq\x00'}, {0x24, 0x2, [@TCA_QFQ_LMAX={0x8, 0x2, 0x25e}, @TCA_QFQ_LMAX={0x8, 0x2, 0x9}, @TCA_QFQ_WEIGHT={0x8, 0x1, 0x5}, @TCA_QFQ_WEIGHT={0x8, 0x1, 0x20}]}}, @TCA_RATE={0x8, 0x5, {0x46b7}}, @TCA_RATE={0x8, 0x5, {0x8, 0xffffffff}}, @TCA_RATE={0x8, 0x5, {0x1, 0xdd}}, @TCA_RATE={0x8, 0x5, {0xff, 0xffffffffffffff00}}, @TCA_RATE={0x8, 0x5, {0xffffffffffffffff, 0x1}}, @TCA_RATE={0x8, 0x5, {0xbd, 0x9}}, @tclass_kind_options=@c_drr={{0x8, 0x1, 'drr\x00'}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0x1ff}}}, @tclass_kind_options=@c_hfsc={{0xc, 0x1, 'hfsc\x00'}, {0x54, 0x2, [@TCA_HFSC_RSC={0x10, 0x1, {0x2, 0x0, 0x5}}, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xf4, 0xffffffffffffff7f}}, @TCA_HFSC_RSC={0x10, 0x1, {0x5, 0x7f, 0x8}}, @TCA_HFSC_FSC={0x10, 0x2, {0x1, 0x5, 0xfffffffffffffff8}}, @TCA_HFSC_RSC={0x10, 0x1, {0x9, 0x4, 0x7fffffff}}]}}]}, 0xf4}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)

13:47:57 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xf6ffffff00000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:57 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfl\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:57 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000005, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x6, @empty, "626f6e6430000000000600000800"}}, 0x1e)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'lo\x00', <r3=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8937, &(0x7f0000000080)={'bond0\x00', r3})
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'ip6_vti0\x00'}}, 0x1e)

13:47:57 executing program 1:
r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x400000, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000200)={0x40000, 0xffffffffffffffff, 0x0, <r1=>0xffffffffffffffff})
r2 = dup3(r0, r1, 0x0)
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000080)={0x101024804, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0x10})

13:47:57 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfo\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:57 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x20000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:57 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r2, 0x12, 0x2, &(0x7f0000000300)=""/179, &(0x7f00000003c0)=0xb3)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
poll(&(0x7f00000002c0)=[{r4, 0x440}, {r1, 0x2}], 0x2, 0x2)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)

13:47:57 executing program 1:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r1 = socket$inet6_sctp(0xa, 0x40000002, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4)
getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f00000001c0), &(0x7f0000000200)=0x10)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f00000001c0)=[0x580])
close(r0)

13:47:57 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x8200, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:57 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0xfffffffffffff73a)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f0000000140)}}, &(0x7f0000044000)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000380)={{0x0, 0x8}}, &(0x7f0000040000))
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={<r3=>0x0, @in6={{0xa, 0x4e23, 0x27, @mcast1, 0x1f}}, 0x14f5, 0xffffffff, 0x3, 0xb8}, &(0x7f0000000040)=0x98)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180)={r3, 0x100, 0x2, [0xdcc, 0x7b]}, 0xc)
r4 = socket$inet(0x2, 0x1, 0x0)
mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, 0xffffffffffffffff, 0x0)
bind$inet(r4, &(0x7f0000134000)={0x2, 0x4e23, @broadcast}, 0x10)
connect$inet(r4, &(0x7f00000e5000)={0x2, 0x100000000004e23, @loopback}, 0x10)
connect$inet(r4, &(0x7f00009322c4)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000000)={r4, 0x0, 0x6, 0x0, 0x5})
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000200)}}, 0x20)
r5 = dup2(r0, r4)
ioctl$KVM_GET_SREGS(r5, 0x8138ae83, &(0x7f00000001c0))
tkill(r1, 0x1000000000016)

13:47:57 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf#\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:57 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x25f70000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:57 executing program 1:
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000006000))
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
listen(r1, 0x7)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f000000c000/0x3000)=nil, 0x3000}, 0x2})
ioctl$UFFDIO_REGISTER(r0, 0x8010aa02, &(0x7f0000006ffc)={{&(0x7f000000a000/0x3000)=nil, 0x3000}})

13:47:58 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfx\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:58 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:58 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfp\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:58 executing program 1:
r0 = socket(0x200000000000011, 0x3, 0x0)
setsockopt$packet_buf(r0, 0x107, 0x7, &(0x7f0000000300)="2f7edf4b", 0x4)
bind$packet(r0, &(0x7f0000000000)={0x11, 0x400000000000003}, 0x14)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000000c0)={r0})
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
syz_emit_ethernet(0x1e, &(0x7f0000000100)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [], {@can={0xc, {{}, 0x0, 0x0, 0x0, 0x0, "199ac0f1ca9a7443"}}}}, &(0x7f0000000140)={0x0, 0x0, [0x0, 0x0, 0x0, 0xfffffffffffffffd]})

13:47:58 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xffff8801aaa51658, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:58 executing program 1:
clone(0x200, &(0x7f00000000c0), &(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000080))
mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0)
execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000300), &(0x7f00006fcff0))
r0 = gettid()
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00')
write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file0'}, 0xb)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f000000d000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f)
recvfrom$unix(r3, &(0x7f0000bf5000), 0x0, 0x0, &(0x7f0000d93ff6)=@abs, 0x8)
fcntl$setown(r2, 0x8, r0)
fcntl$setsig(r2, 0xa, 0x12)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='yam0\x00', 0x10)
dup2(r2, r3)
ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000080)={r2, 0x0, 0xfff, 0x3f, 0xfffffffffffffff7})
tkill(r0, 0x16)

13:47:58 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x22645, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:47:58 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfc\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:58 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="62747266738c", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:47:58 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x76742bdf, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:47:58 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0xf0ffff}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:47:58 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xffffffffa0010000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:00 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfd\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:00 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="627472667302", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:00 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = syz_open_dev$dspn(&(0x7f0000000500)='/dev/dsp#\x00', 0xd7b7, 0x0)
getsockopt$packet_int(r0, 0x107, 0x9, &(0x7f0000000540), &(0x7f0000000580)=0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000002c0)={<r3=>0x0, 0xd6, "375d4b5a83d132dbfc5a288d6f3eba06164d3d1a56cf2f8293afd890a9aece402ba1da6bdf0fa8b09ad21fa3e61d53654593e2f2f73971ada3377af9e51966dedd1d4c2d769ac1fae5808f75333fc7356867284e32653030d5904c18c67d206f84f94596f49ed4afd2558141802d63e71565933cbe05e5e1b902ee16f790e282be01e5d51df5953a9eb3b04d33a1a476e6534e79b48166a45a2804affac48196c1f03a8717914c5e340c63a1167fcd7ab13637eabcc77b2511efafd18fe932fb58cd80f16e0aa28a6c8075c488e20a888f4db393a55a"}, &(0x7f00000003c0)=0xde)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000400)={r3, 0x94, "54c1a1611c7a5343f9c5492523fccad42b8841fb8ff6a86fa4526ed51f724f6077adbfd7760fffe331c12a4eaf7fef98bef58091bfae36197c50a5568a7a631a614d82f5f00804602aacb555e3e227721772bab804ac1bb3e5d59ce4e3c4d163d97f483c9c47af0574cc0e671025280d3f2e6318bf46030012a43a0d895b7a47db5c225d1d7175b624ee6a543e657d73c60d984d"}, &(0x7f00000004c0)=0x9c)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:48:00 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x28f7}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:00 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$seccomp(0x1a, 0x1, &(0x7f0000000240)={0x6, &(0x7f0000000040)=[{0x5, 0x6, 0xfffffffffffffff9, 0x6}, {0x1, 0x81, 0x4, 0x739c}, {0x1, 0xe0000000000, 0x0, 0x8}, {0x9, 0x80, 0xe4, 0x80}, {0x7, 0x8, 0x80000001, 0x6}, {0x7b, 0x8000, 0x49, 0x80}]})
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x2, 0x0)
setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x4e20, 0x2, @empty, 0x9}, {0xa, 0x4e22, 0x401, @remote, 0x7}, 0x800, [0x80, 0x2, 0x1ff, 0x9, 0xff, 0x69, 0xffffffff, 0x6]}, 0x5c)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1})

13:48:00 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x267f, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:00 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0xfffffffffffffffe)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x6, &(0x7f0000000080)={@loopback, 0x0, 0x0, 0x1, 0x40000000}, 0x20)
r1 = dup(r0)
r2 = fcntl$getown(r1, 0x9)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000140)={<r3=>0x0, @in={{0x2, 0x4e20, @remote}}, 0x8001, 0x7, 0x7, 0x4, 0x401}, &(0x7f0000000200)=0x98)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000240)={r3, @in6={{0xa, 0x4e23, 0x5ad, @mcast2, 0x1f}}}, 0x84)
perf_event_open(&(0x7f00000000c0)={0x5, 0x70, 0x20, 0x183a71b7, 0x793a, 0xfffffffffffffffe, 0x0, 0x5, 0x400, 0x5, 0xfff, 0x7fffffff, 0x7, 0x5, 0xdc08, 0x5, 0x400, 0x5, 0x7, 0x5, 0x5, 0x3, 0x200, 0x1000, 0x81, 0x1, 0x7, 0xe6, 0xfffffffffffffffe, 0x8, 0x27, 0x434, 0xfffffffffffffffa, 0x200, 0x2, 0xc9, 0xa39a283, 0x7, 0x0, 0x5, 0x5, @perf_config_ext={0x0, 0x9}, 0x10825, 0x1f, 0x216285cd, 0xaf4f7cde997c3142, 0x204, 0xffffffffffffffcd, 0x8001}, r2, 0x8, r1, 0x2)
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14)
pipe2(&(0x7f0000000340), 0x800)
socket$bt_rfcomm(0x1f, 0x1, 0x3)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x10000, 0x30)

13:48:00 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2263d, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:01 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x40000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200)={<r2=>0xffffffffffffffff}, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000280)={0x4, 0x8, 0xfa00, {r2, 0x2}}, 0x10)
r3 = getpgrp(0xffffffffffffffff)
perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x3, 0x100000000, 0x4, 0x10000, 0x0, 0x5, 0x10004, 0x2, 0xfffffffffffffff7, 0x31, 0x3ff, 0xcbe2, 0x0, 0x20, 0x7, 0x2, 0x0, 0x7f, 0x80000001, 0x800, 0x5, 0x3, 0x239d, 0xff, 0x0, 0x2, 0xf7c, 0x19bc, 0xfffffffffffffffe, 0x9, 0xd2a0, 0x8, 0x5, 0x3, 0x1, 0x29a, 0x0, 0x7, 0x4, @perf_config_ext={0xfffffffffffffffb, 0x5}, 0x8010, 0x6, 0x3, 0x7, 0x8, 0x761f, 0x9}, r3, 0x2, r1, 0x3)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)={0xffffffffffffffff, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xfffffffffffffff9)

13:48:01 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:01 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x9, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:01 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf*\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:01 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$getown(r1, 0x9)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYPTR64=&(0x7f0000000140)=ANY=[@ANYBLOB="b684b668a454e6d695a1a56345af6b249b48719278c1a0122449ef27f80df0758b8b264bb4f2e6e030db1889515fa41ee5e07250858eb5d4c398ccde709b49c0dfc53cdc0d94179421300bcef4d7d7f7ddd85ab0d278d61efe8d251bd47b3e24ab784ccd75bc4b55c1fbff5ddc66cef97f1cfb141ed219c7adbf7c7fa397566ea9505a612065409a243931e86501000b32525915f3683b0e2d8d", @ANYBLOB="ecadeeddc9c2b84d7ec9093648c48a66526dd8d8e02dea24ec1e3b1aeeb15911f3e7a480c7f84ea696e69e8a5766daa8e4bbf13aeebdee3e357e40175fabe4827132b332f773a86611d47c648e4f50b10a3fcbb4b50b0a11383d76824d6f163ae4b682b2ed2a09babb99e98e412f4a655fd44a9e16d2a60e2e20ee8d58aa5770b59a0e0aec083229330cc693f141848a97918c34289316930d0e1bd497d8f2984def875f36d8c206f79b7931011e59c9c54ac892ea067dc69733949e142eedf18c1e51402e72901d89734f", @ANYBLOB="3f13025af68a3a9c22683f8be57270523d94beb559c987893ff249243eb526a1bc2343e4b92c3fc1ba764d35b6413307ef73ea16f53b779a990d6588877c3c1fcf96873d6b16fdb23e1a7ab7", @ANYRES32, @ANYRES16=r0, @ANYBLOB="57a12dab29abda2f432b99faa41b7a2866e758b3907e2f2a8c65d5d2a0da9fe435f233", @ANYRES32=r2, @ANYRESHEX=r0, @ANYRES16=r2], @ANYRESHEX=r2, @ANYRESDEC=r3, @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[@ANYRES16=r1], @ANYPTR=&(0x7f00000003c0)=ANY=[@ANYRES16=r0, @ANYPTR, @ANYRESOCT=r2], @ANYRESDEC=r3, @ANYPTR64=&(0x7f0000000400)=ANY=[@ANYPTR, @ANYPTR, @ANYBLOB], @ANYRESHEX=r0, @ANYRESDEC=r3, @ANYPTR=&(0x7f0000000440)=ANY=[@ANYRESHEX=0x0, @ANYPTR, @ANYPTR64, @ANYRESHEX=r2, @ANYRES32=r1, @ANYRES16, @ANYRES64=r3], @ANYRESHEX=r2, @ANYRES64=r0], @ANYRESHEX=0x0, @ANYRESHEX=r0], 0x9}}, 0x4)

13:48:01 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x35, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:01 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
fchmod(r3, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
r5 = add_key(&(0x7f00000002c0)='big_key\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000340)="51553576a014a3968d6845803caf49e8ac8f8835b5e5cd0356df0f67e658c02b54731e6447190202c45155e19d9f1e47e20e5d355ae95a2f1a2e708d927fba399e78b577d5042b4d61aa5dfcd17cbe381ead79b6dd1fc16e71f4fa222c9b23d223162292fef32d6f50e8299aa5c848a9", 0x70, 0x0)
r6 = add_key$keyring(&(0x7f00000003c0)='keyring\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffff9)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000440)={<r7=>0x0, 0x7, 0x0, 0xfff, 0x1f}, &(0x7f0000000480)=0x18)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f00000004c0)={r7, 0x8}, 0x8)
keyctl$reject(0x13, r5, 0x5, 0x1ff, r6)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200), 0x8)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:01 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:01 executing program 3:
r0 = socket$inet6(0xa, 0x3, 0x8000000000002b)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @dev, 0x7}, 0x1c)
sendmsg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000005c0)="3c92a890325a0e772585edd0636ff9c6af78f08e4bb0de45b0fd1dc6674c6fe162826904c38f0af58be7cc2949f739cbf566b699af5ac46589f43b4130246c3d3fa318dfcaf20fe64f32f606b2a88108b354c03f795f6f762c97a72d50b19191b2490dffd0aa6ecf1e2ab88794afab566ba12ea4506fd5f03be44d92baf3413a889c61bcbdfac681a8494b5c9bca9bfaa0244c70c17190823fd367079926c9dd8d5e63bc65693f725b4d0b39798b6d0fda859e1abc6b26d0ae97e11f327eb709951a7c87fbe7a6d63d98fccb3dea972a23157b1a97f9b6ced28f161d1f2dddc0bf60884dfc5cae270b77e8cf19b2abbb42aafaa3bf29b88c8a7e23f6fc50346a3da5bffcdc7a25c898f5f574e7569ab2c09644709e3723e99f46d3c5e29447413f09211114cef7d311b94cba0a63f162994a36a4972e96347bde4ff1c5e8e333a9fcab9057ecefc9e961b712207a2017e07d3c4c3f04701e851ea1d077d8223394ab4e2946c07d14a0d38cdd5909e710294cd4f8b7953224265b93fdae2202c42ab076c0aecac311926925753f408a27f247dc463027ea7aa3fb7378024cee52c657019a88cdf762b00a7dc63153215c82f2914233707aea15c744aa2a531a4839112c3ddab8c0e224d050a048bf6266656de2efef83b37fce55ea9d7a6a558f6dce35c46ecc9aa139d526fdc6d1e5b4fbd083816027aaa8bf450e4b0777ccda08c5c63406d38e4cc08d8e0bcda20dad6f7be3713002811f25d568c8eca502c364727f2965114326a92b8333b8d29c1741e69742fba96a75ddc98cff7f0b61449fa1b468ec1620aac455025408047f0284a13f164bf223e635a8be678310fb1d92657919edfd561b5b3cb4db24dea937bee502027137fbd71fb96001b79884d6fd463041ecc3df6c9008002d2e7306ca55abdebbb31caf0a35f0dd8bf7370a95b0deb5e52c98e53f8c926ba522f3aa6e1c2958b7bc25483906751dc16bf0b1a176ba20c274042a956b33e5d9cfa4891d2a4d108a6c72b4235e59ed01057c5c2de7162b3a4b1e7d1bc8f60ee9eb2cc620f00e082c7566c06a1763846183364ff36d2cd18d99a03515cf2093ea22343701d9745e1525060d04c922a888549df55346b97b6dfb406cb750f87d43063cfb7933450e408330700469ebe4bb06cef9c568f10f2bcac31c21990b37fa22ca8afd2c2b328ce21270df2e92a81304e0f9284c39340cbfda7a81e8693bacf4ae32407c04c0ecb3e0eb639d7bbefd35f2782e91f7bc4e2b345fc88252ab375b2fb36d31c20e91dd88c850c32f82166e19d8373b7ab436fd56b5a3710872203ebacf68b32783bcfce494152f304a2fc2f1ba2285e3c69d15b4bf23272d5a96e35c997d6f4d2fbcb63600acb33e4b50a1c94835a346a78a129fb34e6b6c6e8f4e0f8473f9bd82a11986f2a6b9e1c7feffffffffffffff7719410883b5fd597a4ae7046a6d492d164e17d5082ade546a6b68eabb03633635a8ff207b0ec2a2ed73e89996aacaaff8b3dadb246a462a66b1b5a1bbc9c949ea5236d57383622fe513afc6fdd350c46032061a2ed2fd6d3a5f4a21b24f740bbd6a378edf004fe9b055e1aeb713a5c0a541700c1e52c2e186fbdb940af4426ad130da8917e7d03490994d335ec6d3f266b8a111285582d2b699a0ce54219aae24b1874c1d53180000000000000000000000000000eaa80cee1c6b3f1f1d37759027f79e5ca9f87886e49c83837023ebd8773dd2987d5779e1caaa4b2633b983657cb3c6a3e26899dd9db964feb27e3c50766a8e69dfcdca0342a1596025afbd99ba75ab8710cf77612b8805b308fed58d50bf69361859afca7da8568914c0a056e39c6557729888af50", 0x52d}], 0x1, &(0x7f0000000100)}, 0x0)

13:48:01 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66, 0x0, 0x20f7}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:01 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xa00000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:01 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x20000, 0x0)
syncfs(r1)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)=')*-\\)\x00')
setrlimit(0x7, &(0x7f00008ec000))
fanotify_init(0x0, 0x0)

13:48:01 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf-\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  612.923789] f2fs_msg: 50 callbacks suppressed
[  612.928567] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x7952010)
[  612.936364] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  612.978018] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  612.985142] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  613.041764] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x7952010)
[  613.049445] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  613.057784] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  613.065227] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
13:48:01 executing program 3:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x98, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1}, 0xb)
sendto$inet(r0, &(0x7f0000000380)="f2", 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070")
recvfrom$inet(r0, &(0x7f0000000100), 0xffffffffffffffe8, 0x0, &(0x7f0000000180)={0x2, 0x0, @rand_addr}, 0x709000)

[  613.098521] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x7952010)
[  613.106162] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
13:48:01 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x7ffffff9, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:01 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:02 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = syz_open_dev$vcsa(&(0x7f00000002c0)='/dev/vcsa#\x00', 0x20, 0x82101)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000003c0)={{{@in6, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f00000004c0)=0xe8)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000006c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff}, 0x111, 0x100b}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000700)={0x10, 0x30, 0xfa00, {&(0x7f0000000640), 0x1, {0xa, 0x4e20, 0x6, @mcast2, 0x5d2c}, r2}}, 0x38)
sendto$packet(r0, &(0x7f0000000300)="901c6c4935d40a86664b743f4d0434482db012c247ce07622a9aa38d2705f9bcfecf76e0b283e55543a7ad8e29937dc251c97749d893106a1c5fbd0ea34128a451d42e982c849b6ff1bbf566cf9e32b4737dbae5e44f50c0558db3ff7c39038397ab7259602122412ec4d1110926718fd714649888985497235f265f099a949cc4635649c7f7369cb96e7a26d29555a834b530e70b20633cef2849af14477e0567c5104cc50b85960c88e66e", 0xac, 0x404c8c0, &(0x7f0000000500)={0x11, 0xff, r1, 0x1, 0x3, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f0000000740)=0x9)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000780)={0x6, 0x0, [{0xc0000002, 0x2, 0x2, 0x9, 0x200, 0x4, 0x8b6}, {0xc0000007, 0x80000000000000, 0x6, 0x6, 0xffff, 0xed1, 0x8}, {0xb, 0xa4, 0x1, 0x3, 0x6, 0x4, 0x100000000}, {0xa, 0x0, 0x4, 0xc928, 0x0, 0x8, 0x6}, {0x80000007, 0xffffffff, 0x4, 0x9, 0xa780, 0x4, 0xba5e}, {0xc0000001, 0xffffffffffffffff, 0x0, 0x31d9, 0x8, 0xfffffffffffffff8, 0x1}]})
syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r7 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f00000008c0), &(0x7f0000000040), &(0x7f0000000900)={0x77359400}, 0x8)
ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000940)=""/4096)
ioctl$sock_FIOGETOWN(r7, 0x8903, &(0x7f0000000540)=<r8=>0x0)
migrate_pages(r8, 0xe20000, &(0x7f0000000580)=0x2, &(0x7f0000000600)=0x3)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

13:48:02 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000580)="0a5cc80700315f85715070")
socket$pppoe(0x18, 0x1, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f0000009000), 0x16b)
r2 = semget(0x3, 0x3, 0x80)
semctl$SETVAL(r2, 0x0, 0x10, &(0x7f0000000080)=0x8)

13:48:02 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4000000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:02 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x6, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:02 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:02 executing program 3:
r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
r1 = memfd_create(&(0x7f00000006c0)='\x00', 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$P9_RREADDIR(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='*\x00\x00\x00)\x00\x00'], 0x7)
getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000140)={'raw\x00'}, &(0x7f0000000040)=0x54)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x7, 0xbe11, 0x0, 0x0, 0x0, 0x0, "804e2486cff9d9266b6504d1017e922724e09b8a6d2cec6c5249be3594ed7f102204bb458c81a116e92825862da340dec9ee4a6bb74e77d3dd1a52f33cc1748d", "9b9565fd6c7860bd47638a0e3a6899a829b38528694cb064080000bdf5c1d14998d5bbac6c4deae26bc26c30acd5983cc9a8453e000873477ebc926e83d8fccc", "1afce8d40c23003f15ffffca5100f900"})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

13:48:02 executing program 1:
r0 = perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r1, 0x6)
setsockopt(r2, 0x10d, 0x800000000a, &(0x7f0000000300)="03", 0x1)
connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
r3 = accept(r1, 0x0, &(0x7f0000000080))
getsockopt$IP_VS_SO_GET_DAEMON(r3, 0x0, 0x487, &(0x7f0000000040), &(0x7f0000000180)=0x30)
sendmsg$key(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="00ffffceecefce8fada72d0e8bdc24ffd103749d1bb554700400f26d1267477f281db961a02b66e500000000000000000000008ae39237e11a5560008785ae"], 0x3f}}, 0x0)
ioctl$PPPOEIOCDFWD(0xffffffffffffffff, 0xb101, 0x0)
socket$inet6(0xa, 0x1000000000003, 0x100000003)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025c090000000000000070")
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000200)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000340)='tls\x00', 0x4)
sendto$inet6(r4, &(0x7f00000005c0), 0xfffffdef, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c)
setsockopt$sock_timeval(r4, 0x1, 0x15, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
write(r4, &(0x7f0000000900)="1102ea373406b21d9bc444ba83f952d57b52f57f53bbf7bdedb5d362ddbb8481de598149d6a8d515d6baa6a4f2fe29511d6f0c4a0d4977f4aa1b9a1488d387afb5c54099f65395e38ca84b3c1fe8896530ab7f6d1ac6415e9dffea1e2db57fac4a61ddf40a739ada2c12a7fdaf14d340039c61", 0x73)
ppoll(&(0x7f00000001c0)=[{r0, 0x2008}, {r3, 0x801d}, {r4, 0x80}, {r1, 0x28}, {r2, 0x2}, {0xffffffffffffffff, 0x80d4}, {r3}], 0x7, &(0x7f0000003740)={0x0, 0x989680}, &(0x7f0000003780), 0x8)
sendmmsg(r2, &(0x7f0000005700)=[{{&(0x7f0000003900)=@pptp={0x18, 0x2, {0x0, @rand_addr}}, 0x80, &(0x7f0000003b80), 0x3a5, &(0x7f0000003bc0)}}], 0x3a6, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x0)
ioctl$GIO_UNIMAP(r5, 0x4b66, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{}, {}, {}]})
r6 = socket$inet6(0xa, 0x1000000200002, 0xfffffffffffffffe)
r7 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x6, 0x0)
ioctl$KDSIGACCEPT(r7, 0x4b4e, 0x14)
ioctl(r5, 0x0, &(0x7f0000000240)="025cc85c20000000000000")
syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
dup3(r0, r6, 0x80000)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005fc10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000f00018010000000000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000010000000000000028005345540000000000000000000000000000000000000000000000000000010900010255ea9f04000000ade0fa943c7dd98f88000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e36682238000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200188010000000000000000000000000000000000000000000000003000616800000000000000000000000000000000000000000000000000000000000004d2000004d414f9ffff030300002800727066696c7465720000000000000000000000000000000000000000000004000000000000006800435400000000000000000000000000000000000000000000000000000002040040006d41000000000000736e6d705f747261700000000000000073797a3100000000000000000000000000000000000000000000000000000000ab0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002800000012000000000000000000000000000000000000000000000000000000feffffff000000003f27f77c0be0c56641d087eb585bb2201486ac84472f7e8a314559961e236168960e6fe60b28e19abb0f6dd98ed370bcba06a3e39cc55941b5d112f31c65754f9d81557fe481a9bd78e8881e0908a3dcf0205e11036b1aac9cf388d94f0488491b5f300f098f39fe9793475dbfb99d521f7f1764677fa887de00c67240c681b6943fa77700437dab84cf5c100448d35320775a4ed1554edcf3480d1f30414ef9f2c003252f4679700fc8961089cb5901b04124fa781b20c62d20938da3d035cdf9480516d5d619030bde8030f40bd39fb7a9cc"], 0x1)

13:48:02 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:02 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x40260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:02 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x2228, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:02 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x3, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:02 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfX\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:02 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = gettid()
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r1, &(0x7f0000000040), 0xe)
listen(r1, 0x0)
accept4(r1, &(0x7f00000015c0)=@can, &(0x7f0000001640)=0x80, 0x0)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000))
setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000000)=0x2, 0x2)
tkill(r0, 0x1000000000015)
msgget(0xffffffffffffffff, 0x0)

13:48:02 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:02 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070")
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(&(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f00000006c0)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000300)='cgroup.threads\x00', 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={<r3=>0x0, 0x7}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f00000000c0)={r3, 0x80000000}, 0x8)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
syz_mount_image$gfs2(&(0x7f0000000640)='gfs2\x00', &(0x7f0000000680)='./file0\x00', 0x80000001, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000740)={[{@quota_quantum={'quota_quantum', 0x3d, 0xcdf3}}, {@norecovery='norecovery'}, {@barrier='barrier'}, {@localflocks='localflocks'}, {@discard='discard'}]})
ioctl$int_in(r1, 0x5452, &(0x7f0000000700)=0x6)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40100042}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="01000000", @ANYRES16=r4, @ANYBLOB="040129bd7000fddbdf250e00000008000500000000000800040080000000080005000400000008000500faffffff90000300140002006272696467653000000000000000000008000100030000001400060000000000000000000000ffffac1414aa14000600ff010000000000000000000000000001080008007f0000000800010003000000140002007465616d5f736c6176655f3000000000080007004e240000140002006970365f76746930000000000000000008000500ac1414aa5c000100080008000100010014000300fe8000000000000000000000000000aa0800060072720000080008000200000008000900450000000c0006006c626c630000000008000b007369700008000800cd000000080002003600000008000600ff03000008000400080000000800050000000000"], 0x138}, 0x1, 0x0, 0x0, 0x1}, 0x1)
preadv(r2, &(0x7f0000000100)=[{&(0x7f0000000500)=""/208, 0xd0}], 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f00000004c0)={0x2, 0x6, 0x8000, 0x1, 0x6, 0x8, 0xfff, 0x3, r3}, &(0x7f0000000600)=0x20)
dup2(r1, r2)

13:48:02 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2263a, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  614.049337] dccp_close: ABORT with 1061 bytes unread
[  614.348912] gfs2: not a GFS2 filesystem
13:48:03 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = syz_open_dev$sndpcmc(&(0x7f00000002c0)='/dev/snd/pcmC#D#c\x00', 0x1, 0x40000)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:48:03 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x36, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:03 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x2000048c, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:03 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x100000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:03 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf+\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:03 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:03 executing program 1:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x1f)
r3 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r3})
setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r2, 0x111, 0x5, 0x9c8, 0x4)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r3, 0x0, 0x3})
r4 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x9, 0x2100c0)
ioctl$sock_bt(r4, 0x8907, &(0x7f00000000c0)="9acc2640cb53954fed2469f9ba1340d0dc622e5565cc42f557e3136d11f0d17ab1cbd6fb99b58007ca964fa4e0e2")

13:48:03 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3c260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:03 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xef00, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:03 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x9, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:03 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x5, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:03 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:03 executing program 3:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0)
epoll_create1(0x80000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x101400, 0x0)
fcntl$dupfd(r1, 0x0, r0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000000)={<r4=>0x0, 0x6, 0x0, 0x40, 0x40}, &(0x7f0000000140)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={r4, @in6={{0xa, 0x4e24, 0x1ff, @ipv4={[], [], @remote}, 0x5}}, 0x5ad, 0x7, 0x8, 0x4, 0x48}, 0x98)
getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000240)={'filter\x00'}, &(0x7f00000002c0)=0x78)
socket$bt_bnep(0x1f, 0x3, 0x4)
syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000040)="827d0200b95b0b00000f3266b832018ee0b8010000000f01d9b9980b00000f320f06f30f011e66b8c4008ec82e0fc75d2b66baf80cb8274d2585ef66bafc0cec", 0x40}], 0x1, 0x0, &(0x7f0000000080), 0x0)

13:48:03 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrf.\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:03 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f00000001c0)="0a5cc80700315f85715070")
pipe2$9p(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r2, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/userio\x00', 0x20400, 0x0)
ioctl$RTC_UIE_ON(r3, 0x7003)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend='noextend'}]}})
write$P9_RREADDIR(r2, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
write$P9_RGETATTR(r2, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
write$P9_RWALK(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="160000006f0100010000000000000000000000000000"], 0x16)
write$P9_RGETATTR(r2, &(0x7f0000000540)={0xa0, 0x19, 0x1}, 0xa0)
write$P9_RWRITE(r2, &(0x7f0000000400)={0xb, 0x77, 0x1}, 0xb)
write$P9_RGETATTR(r2, &(0x7f0000000640)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache='cache=fscache'}]}})
mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x0)
unlink(&(0x7f0000000300)='./file0/file0\x00')

13:48:03 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000340)={0x4}, &(0x7f0000000380), &(0x7f00000003c0)={0x77359400}, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:48:03 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xe, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:04 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xff000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:04 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x3, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  615.377958] Unknown ioctl 1075883590
[  615.396114] Unknown ioctl 1075883590
[  615.400106] Unknown ioctl 1075883590
[  615.405380] Unknown ioctl 1075883590
[  615.414024] Unknown ioctl 1075883590
[  615.439978] Unknown ioctl 1075883590
[  615.465444] Unknown ioctl 1075883590
[  615.492706] Unknown ioctl 1075883590
[  615.513597] Unknown ioctl 1075883590
[  615.538659] Unknown ioctl 1075883590
13:48:04 executing program 1:
r0 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x88, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000737461746973746963f7ffffffffffffff0000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff00000000"]}, 0x3c0)

13:48:04 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfst', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  615.585652] Unknown ioctl 1075883590
[  615.592683] attempt to access beyond end of device
[  615.597844] loop6: rw=12288, want=8200, limit=64
13:48:04 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfl\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  615.668983] Unknown ioctl 1075883590
[  615.680523] Unknown ioctl 1075883590
[  615.697096] attempt to access beyond end of device
[  615.702208] loop6: rw=12288, want=12296, limit=64
[  615.702281] Unknown ioctl 1075883590
[  615.737567] Unknown ioctl 1075883590
[  615.750881] Unknown ioctl 1075883590
[  615.763787] Unknown ioctl 1075883590
[  615.780047] Unknown ioctl 1075883590
[  615.797394] Unknown ioctl 1075883590
[  615.806558] attempt to access beyond end of device
[  615.811722] loop6: rw=12288, want=8200, limit=64
[  615.814738] Unknown ioctl 1075883590
[  615.837952] Unknown ioctl 1075883590
[  615.848958] attempt to access beyond end of device
[  615.853980] loop6: rw=12288, want=12296, limit=64
[  615.868842] Unknown ioctl 1075883590
13:48:04 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x43260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  615.888636] Unknown ioctl 1075883590
[  615.902633] Unknown ioctl 1075883590
13:48:04 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mixer\x00', 0x2802, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  615.947686] Unknown ioctl 1075883590
[  615.965672] attempt to access beyond end of device
[  615.970750] loop6: rw=12288, want=8200, limit=64
[  616.026053] attempt to access beyond end of device
[  616.031142] loop6: rw=12288, want=12296, limit=64
[  616.063997] Unknown ioctl 1075883590
[  616.080320] Unknown ioctl 1075883590
13:48:04 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfi\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  616.129407] attempt to access beyond end of device
[  616.134490] loop6: rw=12288, want=8200, limit=64
13:48:04 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x200, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000100))
bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x6, 0xfffffffffffffff7, 0x800, 0x7, 0x2, r1, 0x8000}, 0x2c)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r2 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000094000)=[@in={0x2, 0x0, @loopback}], 0x10)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip_vti0\x00', 0x10)
sendto$inet(r2, &(0x7f00000000c0)="cf", 0x1, 0xfeffffff, &(0x7f0000a04000)={0x2, 0x0, @loopback}, 0x10)

13:48:04 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  616.237000] attempt to access beyond end of device
[  616.242071] loop6: rw=12288, want=12296, limit=64
13:48:05 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.procs\x00', 0x2, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000280)=<r1=>0x0)
write$cgroup_pid(r0, &(0x7f0000000300)=r1, 0x22)
syz_mount_image$ntfs(&(0x7f0000000140)='ntfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1, &(0x7f00000005c0)=[{&(0x7f0000000280)}], 0x1022, &(0x7f0000000640))
ioctl$TCSETAF(0xffffffffffffffff, 0x541b, &(0x7f0000000000))
ioctl$KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000000340)={0x0, 0x0, 0x7fff, &(0x7f0000000100)=0x1ff})
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000040)={0x1000, 0x0, 0x4, 0x31c, 0xffffffffffffde26, 0x40, 0x8000}, 0xc)

13:48:05 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x46260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:05 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x4a9, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:05 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x10, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:05 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = socket$packet(0x11, 0x2000000000000003, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6)
r2 = socket(0x11, 0x3, 0x0)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000788000)=0x2, 0x4)
bind$packet(r2, &(0x7f00000000c0)={0x11, 0x6, 0x0, 0x1, 0x100000000, 0x6, @local}, 0x14)
setsockopt(r2, 0x107, 0x401, &(0x7f0000001000), 0x0)
sendto$inet6(r1, &(0x7f0000000300)="040105000500000000000000ffb25bc202938207d903378c398d5375c5f73f2e55067d2780e19e33e3c2e77205000000402810fadc5712f29508c008186575efe5eb8f5972eaecff8b30ac32030e80fa87d0d03d18c1f5fcb8c96da56c6fa39f106b", 0x62, 0x0, &(0x7f00000002c0)={0xa, 0x100200000800, 0x800000000000d, @mcast2}, 0x1c)

13:48:05 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/autofs\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f0000000300)={0x800, 0x3, 0x400, 0x7ff}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:05 executing program 3:
r0 = syz_open_dev$vcsa(&(0x7f00000005c0)='/dev/vcsa#\x00', 0x8000, 0x4400)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000600)={0x0, 0x9, 0x5f14, 0x9}, 0x10)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x800, 0x0)
pread64(r1, &(0x7f0000000640)=""/39, 0x27, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x20002, 0x0)

13:48:05 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfp\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:05 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:05 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xf1080000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:05 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309ba, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:05 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xfffffff6, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:05 executing program 1:
unshare(0x2000400)
get_thread_area(&(0x7f0000000100)={0x5, 0xffffffffffffffff, 0x0, 0x5, 0xdb, 0x1, 0x9, 0x6a, 0x7f, 0x3})
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x0, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(r0, 0x400442c9, &(0x7f00000000c0)={0x18, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='projid_map\x00')
readahead(r1, 0x0, 0x2)
creat(&(0x7f0000001380)='./file0\x00', 0x3)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000140)={0x3, [0x0, 0x0, 0x0]})
r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
readahead(r2, 0x0, 0x0)

13:48:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000040)="0a5cc80700315f85715070")
r3 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r3, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000000407031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$l2tp(0x18, 0x1, 0x1)
ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="05000000000000000d0000400500000005000000000100030000004000000000010000000000000025000000ffffffff00040000000005000a00000006da"])
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x187, 0x0, 0x3}]})
r5 = getpid()
r6 = fcntl$getown(r4, 0x9)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200000, 0x0)
kcmp$KCMP_EPOLL_TFD(r5, r6, 0x7, r4, &(0x7f00000000c0)={r7, r4, 0x9})
recvmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/210, 0xd2}, {&(0x7f0000001280)=""/69, 0x45}], 0x3, 0x0, 0x0, 0x4}, 0x3}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001300)=""/138, 0x8a}, {&(0x7f00000013c0)=""/45, 0x2d}, {&(0x7f0000001400)=""/226, 0xe2}, {&(0x7f0000001500)=""/160, 0xa0}, {&(0x7f00000015c0)=""/253, 0xfd}], 0x5, &(0x7f0000001740)=""/126, 0x7e, 0x7f}, 0x80000000}, {{&(0x7f00000017c0)=@can={0x1d, <r8=>0x0}, 0x80, &(0x7f0000001980)=[{&(0x7f0000001840)=""/250, 0xfa}, {&(0x7f0000001940)=""/47, 0x2f}], 0x2, &(0x7f00000019c0)=""/97, 0x61}, 0x200}, {{0x0, 0x0, &(0x7f0000002b40)=[{&(0x7f0000001a40)=""/1, 0x1}, {&(0x7f0000001a80)=""/4096, 0x1000}, {&(0x7f0000002a80)=""/136, 0x88}], 0x3, &(0x7f0000002b80)=""/107, 0x6b, 0x8}, 0x5}, {{&(0x7f0000002c00)=@l2, 0x80, &(0x7f0000003c80)=[{&(0x7f0000002c80)=""/4096, 0x1000}], 0x1, &(0x7f0000003cc0)=""/69, 0x45, 0x4}, 0xffffffff}], 0x5, 0x2060, &(0x7f0000003e80))
ioctl$sock_inet6_SIOCADDRT(r7, 0x890b, &(0x7f0000003ec0)={@empty, @local, @dev={0xfe, 0x80, [], 0xd}, 0x3, 0x4, 0x6, 0x100, 0x6, 0x40000100, r8})
fchdir(r2)

13:48:05 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:05 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:06 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xf, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  617.397733] netlink: 20 bytes leftover after parsing attributes in process `syz-executor3'.
13:48:06 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000340)="78be57d83c8420e1b1fbc57202e311bdef37e04063ac141d593420d22dc3cf44f63407dd11b8dd236023ef69e9d816f6bf2e57bbcb6a83c5ad6d3de78a5767d3e50affffff7fef3d468238c10e0414e50a651e1d6520f73413e0b35ae0586ea72850d23a2f1c3f2fa21aee1be62aa94c4720384bd8924933a085bad89e49fca39123fb11cc5525cf42f68e9b17fcd876c78d06a2a026340d56c8fb0fc9f6244289591d26a054486a899213626b73d8c35d176f7d097fd65aca9029d16a22bbf1901f3124d82aa1571f5b39ec63de105f20161d80c085044517ef01760c044b863947f86f354d8ee923eb48567c97e91d9c7ecb2b825a313428672788f677ec466b1e6778")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2240, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000480)=<r2=>0x0)
getresuid(&(0x7f0000000580)=<r3=>0x0, &(0x7f0000000700), &(0x7f0000000740))
getresgid(&(0x7f0000000780), &(0x7f00000007c0), &(0x7f0000000800)=<r4=>0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000002d80)=<r5=>0x0)
getresuid(&(0x7f0000002dc0)=<r6=>0x0, &(0x7f0000002e00), &(0x7f0000002e40))
getgroups(0x8, &(0x7f0000002e80)=[0xee01, 0x0, <r7=>0x0, 0x0, 0xee01, 0xee00, 0xffffffffffffffff, 0xee01])
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000002ec0)=<r8=>0x0)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000002f00)={0x0, <r9=>0x0}, &(0x7f0000002f40)=0xc)
getgroups(0x7, &(0x7f0000002f80)=[0x0, 0xee01, 0xee01, 0xee00, <r10=>0xee01, 0xee00, 0xee00])
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000002fc0)=<r11=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000003000)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@local}, 0x0, @in=@local}}, &(0x7f0000003100)=0xe8)
fstat(r0, &(0x7f0000003140)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0})
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000031c0)={<r14=>0x0}, &(0x7f0000003200)=0xc)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000003240)={{{@in6=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in=@remote}}}, &(0x7f0000003340)=0xe8)
lstat(&(0x7f0000003380)='./file0\x00', &(0x7f00000033c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0})
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000004c00)=<r17=>0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000004c40)={{{@in=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in6=@dev}}, &(0x7f0000004d40)=0xe8)
lstat(&(0x7f0000004d80)='./file0\x00', &(0x7f0000004dc0)={0x0, 0x0, 0x0, 0x0, 0x0, <r19=>0x0})
r20 = getpid()
r21 = getuid()
stat(&(0x7f0000004e40)='./file0\x00', &(0x7f0000004e80)={0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0})
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000004f00)=<r23=>0x0)
getresuid(&(0x7f0000004f40), &(0x7f0000004f80), &(0x7f0000004fc0)=<r24=>0x0)
r25 = getegid()
r26 = getpid()
r27 = geteuid()
stat(&(0x7f0000005000)='./file0\x00', &(0x7f0000005040)={0x0, 0x0, 0x0, 0x0, 0x0, <r28=>0x0})
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000005400)=<r29=>0x0)
getresuid(&(0x7f0000005440), &(0x7f0000005480)=<r30=>0x0, &(0x7f00000054c0))
lstat(&(0x7f0000005500)='./file0\x00', &(0x7f0000005540)={0x0, 0x0, 0x0, 0x0, 0x0, <r31=>0x0})
r32 = getpid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000055c0)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r33=>0x0}}, {{@in=@multicast2}, 0x0, @in=@rand_addr}}, &(0x7f00000056c0)=0xe8)
r34 = getegid()
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000005700)=<r35=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000005740)={{{@in6=@ipv4={[], [], @dev}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r36=>0x0}}, {{@in=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000005840)=0x30)
r37 = getegid()
r38 = getpgid(0xffffffffffffffff)
r39 = geteuid()
getgroups(0x7, &(0x7f0000005880)=[<r40=>0x0, 0x0, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff, 0xee01, 0x0])
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000005ac0)=<r41=>0x0)
r42 = geteuid()
stat(&(0x7f0000005b00)='./file0\x00', &(0x7f0000005b40)={0x0, 0x0, 0x0, 0x0, 0x0, <r43=>0x0})
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000005bc0)={<r44=>0x0}, &(0x7f0000005c00)=0xc)
getresuid(&(0x7f0000005c40)=<r45=>0x0, &(0x7f0000005c80), &(0x7f0000005cc0))
lstat(&(0x7f0000005d00)='./file0\x00', &(0x7f0000005d40)={0x0, 0x0, 0x0, 0x0, 0x0, <r46=>0x0})
r47 = gettid()
r48 = getuid()
stat(&(0x7f0000005dc0)='./file0\x00', &(0x7f0000005e00)={0x0, 0x0, 0x0, 0x0, 0x0, <r49=>0x0})
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000005e80)=<r50=>0x0)
lstat(&(0x7f0000005ec0)='./file0\x00', &(0x7f0000005f00)={0x0, 0x0, 0x0, 0x0, <r51=>0x0})
r52 = getegid()
r53 = gettid()
lstat(&(0x7f0000007740)='./file0\x00', &(0x7f0000007780)={0x0, 0x0, 0x0, 0x0, <r54=>0x0})
lstat(&(0x7f0000007800)='./file0\x00', &(0x7f0000007840)={0x0, 0x0, 0x0, 0x0, 0x0, <r55=>0x0})
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000078c0)=<r56=>0x0)
r57 = geteuid()
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000007900)={0x0, 0x0, <r58=>0x0}, &(0x7f0000007940)=0xc)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000007980)={0x0, <r59=>0x0}, &(0x7f00000079c0)=0xc)
getgroups(0x6, &(0x7f0000007a00)=[0xee01, 0xffffffffffffffff, 0xee00, 0x0, 0xee01, <r60=>0xee00])
r61 = getpid()
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000007a40)={{{@in6=@mcast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r62=>0x0}}, {{@in=@rand_addr}, 0x0, @in6=@dev}}, &(0x7f0000007b40)=0xe8)
getgroups(0x2, &(0x7f0000007b80)=[0xffffffffffffffff, <r63=>0xee01])
sendmmsg$unix(r1, &(0x7f0000007c80)=[{&(0x7f0000000500)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000600)="ed9bf943ee31b1a4b5185cc866e7b9a22da332fa36554540ac28aa50fadf1d179c36b6661db28308135be8dc9587d8edf075f764ff83f308cf980255cf9625f3fb67b25c56917bdefb3053f3468a27fabc93d2a80dc321d7146ac2febb383d112e3386c325bf469bf7d19f20046fba7878db461ac97ef7f9d0e281d081dbdc0cefd821f095213f41bd21a73577bf574d914df748060459f1078252bc47525d2ddb1a2f994f3081fb7ddd9f2858d0482ad59addc9582ba612e6fd6cc22dca5c63a79ce4e575359b0fe93129bf07", 0xcd}], 0x1, &(0x7f0000000840)=[@cred={0x20, 0x1, 0x2, r2, r3, r4}], 0x20}, {&(0x7f0000000880)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002d00)=[{&(0x7f0000000900)="9d873a2926daf50b8092c10f55825e290d8f13de047e1763321e0d5edd15ff73eb47d01a161cf581e9ab4d64a5779f96c58dc622631f2d5c366c57010cc549a0dd49a4f34da809ebdcf865392f79a7c72b36f72f250e8808eedafd217235b61c270e4866b636e9ea862380252e75a766295faec1c4f3eeca245c8afa4a93ca8644cfb9409cc4081ce3ee2c9b31d0c5e047bbd1d4b5e17acf6f987087722101101a46a11d005f186484467bc45c18149fb81bdf0baa717832b56599c13951d13387a6aa586aba523ced0efdd04d31fbe981f5f617b6bc09b67107138a569b94ef9a8d31a0cb37ce1dbeccb1e9570a9fc55fa675479243ac9ea9e4dd5b85f0fd40deed3d46f335c6004d6a4b55528b86f0e369b2bd83570e1d72a71bb78641c9c9487507dd328e378e16a6ef77ffba44e755f0e100f7c880b386293920b77df2bc2a254e7b8285b25d7d3350f71ec8ff7e6bd4bfd536ed0123ed9474ac1339a485de44c773637683b8de6c78af74d202a4b82152379767db9f03e3ebe70de718d4095c59e4160a339bf2cead84d967ab66bdfb35d6f220cc1b77cccbc12209beb5553e1fd158a9e94a6772ed401d9715fd78cca2f8ae7c3e1394d73ac14f8313d0338ac3eccfcb498c9c776455fa766200670d6ad018b155490d8d2e014007a974c4c70fc095adb6da99f3d7956533a884c8bc7ec7c20a798b3f650229a8ae58311257ee7c4bec35b421fca025aee31dd95a0d868c77743143dded93a4259ab55b8bc1320be8296af41bdf6a4882e3a571662c5a7d13ce9e20c04065f6be96e76ff00efd20677e83631ad5abdd96be14e78a3bcbf5575ee7d35256eef160722c9d05a6fee5af2cf882b5afa3ca2f7163b214f222cbf27bdab5d6ebcb56c47445edeb883c68538ce8c54b5047915ead7edd62d07fbc04446669074ad0ba4a230888b061ef837efc0ba914dd05fa3bcad1eaeb4d6e44dfe1b1d82564946076d4b33c0cc132582e9867c43715fd6836f6ea3d2fe14b88e0bd956de92772aee9c4fda7d0204e079421cd39383a285fd206e7f02f969cc5a1107d25720a7a4ab66743c2ca69d97f26da6efed2ba2a5f42bc4e104cf26298edc31eeb19bbbed9767f16a57f0566f146c9b11e51dabee0d52084365182d8e9c8f2e0dcfc2f69c0e416d23ffe98cd25b5e1eb5ced7229bd015d5b461566569064131c2d47f73131ce94fef2d5c782bf2b1d5e353e9eab407ce6631006b863813dbd4a6b29d0672a0bf93bab271ccf555a2a0af15bc563cb10085b9addcc883331d33f6fef8470fe0f5169a902b14c0142b6a1e39d5742ef824aa1735d703626708020f93d88891934df4fb02eb3c1d1bb62998f459e14083278786b5e5ef8cac00a376aa722fc0a504fcbf49a88c662921358883b97ac4b15942bbba205f74028613d440503fc4b6991bb3d2f4f68f56e8b5be498604b98e1cb64bc8f6c6187fb64ee02d60d7b79e2558d819a10df31633650bb627d10b850d9807db2ead57fa39b13beab80dbffe77f9449fe61426e967ecc7acfd3c4cff38d9b9afb7d5f8f302e6d2ac2f09bd16b598f6e9d04e2a17c99c83e29e81ddf14eb6d59005b54f9335c613b22d142d0db3142efd139c44baaa7b2654a9419e90db16aa2d78199e223f84aca31c1bc2161f7774ca9dbedefb2b4365a449a6207bc2339f4e5cea7a460298af3398b48a262afe7a7195b56e6526903d5a8e152b98b979264a2517fb44d95186f7a10f4d87d786663f49bc74c57a9d082baeeb45bb7ce2c2ec51945caa6f87d60d20c51f76e1d1ddc1d9188763d340a51220bfe37163b7ba78b9d9447d6206380492cc1c16c9508707ec1c5901f62292517d375b270cd93bc62e698bfeff9a43ae2d52bf97d4e81509e00f169a070d44bf9d4e0ae05cf70c4e09b27e37e13a43e844a1e7b37374f6504d5fc85699e2d40e4ec4fde8eba69db60009cd0659b85e1f9e7c2945e2a90ed5e674d9ac3e57bb316e1b218f160689471aa228c3e8b83ae94b454fe00e0f1693aa5a74fc40f55383c5a7ebe7fbc3e8db3ff6b5103cee17e5175cb309bbb160ebb678dd2c2bf5ec991e5cbc589c5bfed5f7ddc93a39cd42ca60f0b5eb2c742b98072a6d9de57867435dedb04e0d91344307dcef81f9718bf072bedc3ac21782fe0111b888148dc1bb714fbd34110917b4c54b7f9f75d2d47daac24321765ebaa5a4d6f4faa6fafa91e5d35f43ae40167cf778b859b57cdd04814dec5013cc22d4528492ad34782dfd18f20418ea80a235595411acadeb5da4ff520493fc00d9f134891956fd9f83c9fcfe2ff479cf4ded2665cf8ea58a1034d5f6632331b3b04ec40320007b656e85e09a0136ddfa743d733e6f036d6a42633f1e09a9886a967f6b418b90a0a0553825884488b9b7aece69934d77e32391828d82bea170e2adc9296a1e7ebcb0d0a676f55df1c0915176a0f60c12f23fb819bd4b5a7f7ccb5912723c9873b56011ec1c0f9190f1c691a3b1955cad22922b835f2ff3cfc5826bd1f1d6c81ac56f15d596932aae6e5155dfe87b67cb10c3b16a600b75d8328b7abd7a23a0a62fa33d6292d65afc9a9c98dfbd901bce5c2df2ab91336b36ca048f60297c3e22e6bda87bffc6f95942e6a87478bf3ef2351a855eb22868f5fac8427b5de0b7f4ed530d7e54d2c3685ba68993ca79068b6d35a426860914f954f0d72a097f67c5b137db9d6c212d6ffc6d89eeb840021faabf039bd8a031d62ee2f4644c99d87600b229dfb139fe569084b8a031d9796cdae498a9ea0d3bb7fda017fc2e31f9e76ab721e0477b6baa481ea8bdc2f66068270ad06f22a03b40aadf6737eb7aa23a6aad711624deda7075f61263b49b00712bf0495d315bef9f90085a4bfe36819d928615e12b4b07ef93ae6d9bd8a6f704f8dd543d3259ace65fdf4d1c48c5a783b10d5cdfb72c5412343161728b436dea63727d9e6348c17770c6349ffa2b3e0136c3715089518168c80e47873d18fe379462ae1b3adbf1bb70d5e4b9962137538006c5f69e7f6c7a0f127d17c6dd803dd7b1d0a830980439c7064c2e6abf73ad8667c79a09d54cb3397b7dde92c1c91d428e4c5cdb4881312c1f41dc734afd3697c8bc1c8decc91c56c1285db86e3686616e571921b5ddfa677a75ed394b2076fc6eae85a80a01a5873b9d3e51fdb09f618aebf7e6aaaead5e085d6cb0f2f6ebdd9590b0f923d7193b2f1cea765a7e1fa4ad10b0343e7852eb1c757da5303ba12181287ee575d499473ed6c3ef4bbe64c13408a373e9ec88d241778705e715b3c5c983cb22805b7d77a145ee1254d8a9c379270a2b119bd0ed8d43d3bf13c7134a756e89adf4d9c34e1279f63556c860935246d0808d2156fb33d0496e0523c396ba3844be557a601cc6a5cd24fdec58174161360214479f0589cff73b6773bfd10524638e8b94aed65fe609ce867ddfdb790368cd650c16b7c8dba74ad0f4afdaeb0a4c13d4a1d417d493ba9ba24d22511d177e44f6d2b3e4a94c864e705323e96eecbbfbf51e2990e11e30663fc69daca085349ebd0366a65e6596bdb9b361c74d284829041a9b1ad7f705acb302a1aad12169612b0a05fc2f8359845ed08ed1ce8cd1ea328518d793bca7472ead1695ba2b028c112dd2496f2af4f5d923291be314402edf8434977aff3a7d765f4cce9638b66b5dc0f65ceee92158c49f4347348f4bd8f58201c6fff1087ebf94e30393d29fe58d8469db985e682cc6e46ae6b943721b887cb50558dfa8e0650a2ca0fae76a9e5b4bca3f59e2fe82dc71ad657411185266367bc0670c5b3a9941d7225ea387ac400315650affd0250c97b4a34cd99cba5ecdd4250f5008c04908891278f63518158012a9fc8e29dbc305cd391713b5eda160e1d661b10353ceae2ad5ba071d43f03ed53fed1f88ffe9ed4cf5643a8f09db604cd2142cf85886d705e0139a0390ba4536ba5cb46a40a9f9aa6a56fdbf462a4750c7248d3bb7cae531fd38e7be87c82cfc835d80f5f277a5a975444fc31c9dc6b51dd6ad8ce2a66894a3f7eafafacd7ce24cf4d7b03d74522cd25f5721da42670c1569d96f8bd6d433f067e4c37a41486d1e4c6da638aa60b6643c12b805ca16dba8a25c3db3eb3ba5aeef6cb75c08114f067cdfd5900618dff624c609fae9d8b37b7537f5436b7635168c7e4c29ee371409144acb7ef1bc9c5c90d8417c86034127def13536fd6d3b16fa2d5a29dba5b9080548be0de40caf434abda49a8275ace95fc9a317c82b2d0e9a4d15da2540666b9658fc7ac77e8f300a1d95a8e89f053515e6de0f7db9c8c608dcf7e415f22805adcb67d94d36b1e0ea5fbdd8328e5d0b4e17401c9ddc5ab771c532a628ee3c0a13aacbbc1aeece90d9e4d3a395f1cded918de725b905424a0a78de701ff46d03737d5b46a6183fd1dc40040f056887ca340a84733015fcfe03b8c85ce448632ba8b35dce5c65b6027d39def60f5a2000dae3a4c4e5c0f6608f4e9ed933ac603ad3a75206d7044798b33f8b96e04cb8ba05b75d4bef42d7762edb3167bbd025a264a690b9e2bebd79a5d85731bbf00e13fa1cb97b03e4b0203f20cdcf00ffded976472dfc1b6843f45a6c38e29690ab11e7be29231810ad9a2ab55c0fd65ca4f6cc4e5c8f897590912fb2af8c00a100dd77e18395bcaea0ddd381c9d5abfe041034f61bdaa7226d15af958746b1ea172755b68ba0d1d6492ae72f67c3685538598977f313125b0561cb37a2e4070ab49dcb16fe8a5a35c478a7f738c3d27b21aafd2a8dc11305fab6748982b9e05cd681207bd5e22dbc08437bdfe0ce443c22e48e9e5b2e7cda7053fbb30ef2a4451f87b8e47b28a39e52eefa3bb1a7130bed7d81c0d62c6a8f364ab0525b2c9fe8ba36d8509a087f7bb84f73be2a4903c289bd91b5e4c1ae0c2536cd50b573deb7f58f7bc432678e26af256e6952a88a291e4a71905563ebba58ec32f73687e5dca88135b3fb0927c107235111c840f3d59717f1bd4e3f3be816d25024a035e899c82a3eb191c7f5ce8c1d1f6bec9db324aa251833508542590b41b6150e5fd8fd15e3116a2d0947d239573309bf62fc7af21c7013c47fbd711993e89bb9ea39053e88233c8fbb4e3f599fbee101d8247d765ae6c781c608e965ce963d901162d7a04791db29fb8adbdbf3837c7d98bc0862844c98452318df9ce29329a8135ca14770fbdebae8fac791f2192e5927d0d04f233274908617623f2cd3cddf5798d0f98f0b68f69f21bcc930b38ec27b210cfc3db433a74010bf4d849f87cd3fa19b9cbdb8263914e7ab0a28ff85bd99cc31e39e42d9829ecd44292c6f3d5f6202ba29f93e26653b24e21ae82ad1d06a2456178c3887cad20d7f59ca52dca8a89dbc9f9ccf4f092d72136e35bd818c6c061e3c3cd0cf6b7476b34831f576ad988dc138a431d1ae646a02794a6273e40f4fb7d69c2a3f6648718bc693c37bec55f3978cd9caa936dc806b1b344934ab8036edfc0ac67fbc1920ded089526e6d0289355aee4c7a6d4e74b9b7495060134c1f66f7e53dbdb5c11de7f18b990ac33f82c33fb83ad84926f9520a8401faed1078850ad0e8eee1cd4400396d29cc026032957e1a4a210efacbdbeae7140c91b1d2ba8be6a9893a09a52c734dca3648a2c7f79e2cb98a15c50c18f2b9547046016bc4701b5c0354a5ff67fef5dbfe8851eedbc99c72cdf2362d1023136810d4727df027bbba1452dfca6b2cdb3a85fe7052de8cffecd2903a5db5cedd888d25ac7b176a3152b41", 0x1000}, {&(0x7f0000001900)="9a75a2b9673055b240b9da7f10326f99b25d8a69b581f37c1ac1bba4497459a1eb2febc3198fbd9ebf8391c4025489e0978bf17a58bcce03b8abf8e9718d872c4973d6b68f97a841a0f183acc6837b1d7bcfbefe53efc2037335a7311acffbf977ffb6d6e5ecffc49254a094f5ac6fda3573f2", 0x73}, {&(0x7f0000001980)="86dbfaa74efafdbff4806a812e5f32fcbe52615b71d3e0d68aa300cadaff84e3ba436edb8f054d1cbf707d431aa8124b42df49982f22dc1d374c4e5812ff6ba47def4bb2a7beab4fead2e94990b95e30c9392b2b34", 0x55}, {&(0x7f0000001a00)="a06fc5f6d815a1824352669322e0efc11134409a86c4d06e137787d53678f3324b0a3749c839bd069fcf12f7d4f1c41338422a0f99b4a6e5545bcc74807d512678bd9084243c049b1441cc19d07a9e0718391f43db45237d3faba21e1fb9549e0a9d26a7c399b299e12032020037471a41b07561d633311e44e245a9cdb277ecd90465a9622dceafcf5557092463be8fa27dcbe651feee15692c789e16fd79c54c00169b210ca6dd1526e0fa41fc17438b5a3388969eb02a071ae6147375", 0xbe}, {&(0x7f0000001ac0)="902dbc861b3573f27cb4c1c1411b1e3adc971cb0edd26f256bb4e2d6c38973ccf3f1a6bc18b7afaf138003d6b81683fdb87a492ace70cb9017d7751c7eae2b6b30e25a6809f2d1d90c01d1c27bd842e5adbd4305f96ee83e4369558fea038492d100e1fe58353511372e95b37df5e28bc5eca58a10fc15616a2afc9170b6bc5db59492ec9fc549eeeab57289bc8133125bc21c8603149ac3839a5fbad56a41cae73c9cf0460d7ba58b87d281209a75f5e33899cc5a904d5af8c82660ebcf351443455551bec40bb9f09faaf72070c7a32ee477ff1e05e636e0250798c3ffe3cfc112167d43dc68a4975ca99260d1a2c239a6a101cb0dcfc06dd2c5a07ed2c11a98143bca13881808e6d51e9fbf6b5e5c32185a06f9f2ec028925f662b3c4c7e4be57b59880abd1c2142eb7550c6bbb8d9ceeea1ebccf8e959b1244962a58ab79a928547e9ec1b92017f2d21d6b79abea5fb04cdc966824cd975f632c334eb9186f50bd0ddff8f3ccf886d7301ff051a151427d24180147815317782de39fd100c3113bfd9c0f68b9df5a75af382f620c47887ddc7c58237ab823e09ebd133fd38220b9f59ca596dd15e92d829ac52b53ff28d622b5177b8f1d125c08fa13ccc0001a8161061896ec2a0abffa51b0e36d566d54ef0564a96015bd142a7571974060be689c3b22a1fb77ad3ed8126207fc09e056f2c3675aa84f397ac84cb46fad5f604d649b7da6b1e19fd5c6d7c5ec02cb0d7511fe44a65ceb2c7feb513758386097c1bd34c8a2bb57e12f1ac572536a618a3d07976ec13aef8ccdcd538530088db28a0c2a62ada3bc7c0d8592429c36d3dcb0eb1d4eebc03bfd074693561e3c181c3667110a5ba0815921a448528996b08c01abe04e1e5f80db5c9bba92bc4592f8fe96dcc8b05b0157ed3044669c8a7b0d3c096d67a07f915477f45d639a92eea2f087ce4d31307c89e65c7600f9ec90c525b36484e3d9466b7918861f57fc53e0262f58ea28b3bdb2c6d9fedd9f92aca5a5915e1c790117279c30b00d0d9801e859f3b54f5394158847d0aba884f2037c446cb0d5e52495d6681443542dee38a5d19d003e0de52f22bb9b62c1aa52e5f92da7f5e8d89f7907ffc1960cda2f47215e34d50afe97fc95239f5c19da871cd896dfc21bfe82e05f7af31aa841157d780881e3ff125897981f2d9ff54869ae2fb45519fa231b76811c8b57545c344a0ea6c4733557d296599dc6b2f1b350547223305afe0ce5c677bbd568103648ed66258157b110328e37306806762058347d16bb656a5d4b6e45ed1788efdf45b3d08cdaca2688b7726372e26d094efa433a7e87eff31bc990dfb61aab3018693d4ed305ac5751db5f1e9c9808d7c0a93ed0043f309f6c7bca36e0a979cfdd63a4e7a241a1c7d6595b8cd6d55f131954207fc4d64cd8c90bb7f62605e4eb7b0613bd72e01246b2fb0ec35802da6ea72c160ec886b47ccd2bf88b2bb5af2f81aa6d675b33c08cd503aa39015171797a309d9b1063987f6a145510c09811f35a3a458574d201631676301f378c5521a54af5d36acbe93da7629211606be20ea2a8cafb944fd3c0ab04ba4c47f35144562841c020a5091a9242fe1544effe0a2a13e8152f57f9fcb964c7f5928147bb7a98d32b6ebcf018ec00bf5b0583ee367ead0bbe89401d130e1ac77bca805a2426b32264bba929b5e6c4b579aa05398c4566177aa290914b949d22b283fe6c35c6c9f63ef9b353cab7d1b7bcb9562bc41c53a13d67e108e0fa6dd3b766250f165a5970e0f110a9414667aed2803438faa508f7110693237d0946949e529c05ded80ccc3970d665f520f96688dbde22326bfa0c3d3e2071dc2f8bdebe6529924fc12e5012f9b950398ded2a4669b25e7e117b19f68ec5b3ec13809c9de16b4196e65db78af225a8e788ac4c98337ae18310ddf0c7706b0af623d7854eadc32c8c6187a1f7a38a38ab5f240bba0ddd002b749d49a0f4f6af08b28fd822b5a109d99247ec7ff5f272f77f9ac341e8ac2a89d1f710dbad52bc02718398df89a47936a02cddbf14a33a412e849be40722d4b75871c1c9282fdf80887c1d52405cf7ecdc99d93aabfc8f9e305a14de87ec0ea37eb42f1cc0506464fd4509e725bfcc4b1d51d0b7f8cc4c652c69b2c0cfee14ef5c0d29fdbbbb3631f9b9cb20b5ee3d87f4e9437698f5863f4799254bb8fecd1e48155a9f3e1d2eb6d180170220e3b6e2dbaacb117d6ec0dd58fac1be67def970b26516f3549a802693e97a001bc9c578d332faddcdda9e7cf7cb76c2a3c557bc9df91a296b046c5be3976fa59b0ee988af27ecb94e25e7d7221c62b0035cf2ae37cfeffc2b63160eae095d0d0b7e577a5c11395a038d761a1c089f98bbc7946313d8cc6151f656886eafb9fbce3ececfd3c6cb7ba7978f64650395f94a6bb31bdf6a28710fe763e545e9d0e3d859672bdf9a31e26e324971c3869262413f672100c5af0991a4f94802f74fa760cea8893b51e09ed9b0695165bda10e6b14f64bf8290f5af816e05a80f4e47d4129133aa27e71e5a6e5711df5ae337526ee7a83ee0b64e60729401adc6a4ba949253393e83e54545292e8e588883cd0594ba8d3357de833f3854fba4b2bb128e377f454c923460703fddcc78e41bcfb3554c46b81ca430071f158a7c28c6ac85fa9a42fc969338b00d1fa8c54491f4a84bd405583bc642ad9bf01176300dbc7da96abb3dd87e2e8b67b9da3fbd850c7bf6afd68f67508c820b679899ab8a58004fc5e7ac1cb62bf86f9dede35bb47ed76afc2deadc48e3be6b18eb33bea5142bc77f714a38061ccfb4793c30a51a3dec1d885dbc8293a26d81e3afc009ba948034b18f968ed44a4fb049c78e3c63838548a5779814c2d8ef095b3dad4fd9c2ab2e54a9777d6e824fd33570edf1bd8ec9f16e06cab64479a148565f99a130173d21ddb571dc8460fe296c77174f149d29558c8b148185b14a5b7f7e52b917062902696c6240635e0003feb7c24fdec8117f8665061f32002c33a2ed5805a6171e973dbb855c441dbf6f730a041e8d723c72cc8ec45240971a82e87cb0c6b4c402e3a9f1bff4fcee1999a9d5a1125be43a6d4075e19f37a368236a1318c76d96c9185e3d09bf053d5a3bf337155107a49465bb9fb74dcf5cec3f254c176a460e2fc60377105997ddc61ce89b0d09e9b559fae262fe3927c8c30125641cc675eaf5c1852e1ed02833eb44e385704a034641098ae2cd1354e959b518d0a279dc20777235a2b404dc8d42580fa18de6af6e79565002901a048f70b61189df7b0ffb0460741bf06dd46b6cc5ef729802d7643b3393fdb1ccdd1d7b4dcdeca68c498a9a13de2040328b634c40f085ca3cc9fdc7687718fef34602df7e09a6b70097a2eaa2a3309cfd3d8c7e734582484b4d0886064f6cac4b9aa480536120c0a8c912148fabfb02a9a795b0490141054493ca58cd60ed599e882c267e855e885c34da2ba9b28d18160fb7e335ffe307248710fc055f1649bdef1c4c6fc66f6febfd9d9f2ea8b8365a767f59fbd7fa90b95efe59f3cb5bb2e6ac4579c62e5ecb0ab6676ec4b6203b6c57a3208ceb5521a1d2e1e1a59814856f5caa4f42dd8d30faa2038616f136ff734f4d48f7a30c2c56f8b39b6390107f0ce89ae85b333360330adb25f8d7aa3aa636c443f9e2422ee9b8ec189cbe20ae940041fd4075af8c52976798ecb33a8c86071cddb5054c291a1fded33f8b6645030b7a6c978e9dd5a3ff652c1c11ee966d7585e604fef798749f51a458a96df6d176ded4c4d2df2388528a2a53bbb13920ac98ddecda787fd535f267a11ac08c886af1e13fb7640a1c4abcdcb239c32dbcec98201526479e67244649b21ec89c4a262bfb862347f8ad3ba5a829c0d4628dcbae7bcf69ca7dfd5e2a006bad6d1a76e19102427898b1557d61d1f3f57b50bfd4c5df139bdf6116fee0c4af3a97bf731fcfd69aaff42c8f489c0a4fd2a1d39aaca6d63289f2ee38af367941b6b884bed03b8c7e43ba66626518799eeab07a06dabea7d0e6403d49f854c6185bc5e3626f09d5696e0f18a4d4bebdadbaccf0d6d7eb86e0d5e5f98f98e87123df705de17f60d1e685b7c5f53a875108d24f6b11805dc26c490c84751278cb8c2eb2089aecf64c079ece72986fa3c21874a9dbdb4cd3a4b4476ae20aec9dbdbe516d8e063e27d69bd98104b96fd00645c15b0317fba742d1c58190d41a122543db38c673bfcc0639bbdd58261a0ee8ecf2abb5d9c6949f31087b9335a5b1abe7867d200d324c01ece03a73470f72b9bc66b016c20ca1ea13937ddd551fc62f32e14f09e8ebfb345462242b95e11a9a872c42bdbf3b02f5c68da718a39034a159562c5fb2a6e9169ca1f9deebd64e551209ed02fb3e3a276468e473c550bf1c34fa9da7164c5474c62fb14af3a157297c3887224b159f86b0be8fb0eb96c66455c2403c4d71173e646e06e09b932eff625acef39d2eb86874f2b20ebea8c5eaf129514c43ac78b905afa94f8f404861932669584f6f20e02e49cdb82b7488307049133dec1d3a242a63c3bd7962858a60f8edf395230becdbe7f29b1498431f91ac066e1e82583ec17f9b259049362e373261964bf9a5c0f5215441e787be57925ae98d2ca89b6962103bf3f5bfc01557a8cf9dcc960038dc65500fb9397713c47ce33871b3fdd19187ad9a2811ec8859060f0bf6710c105aabf08b5fdc2adcb94fc88cd3eb2699191e76545459485e623dc8ba2b6122b880572fe73d15e6aa028f2453e49c407caffd2a39e12722b311b05b5d7bdc1b78109590c839e475f65413f80a420aec3a36b4db1ef987910636f795ead8f44759c8575c4f9fc20c70a61adf8dc3c8bb36bc3f591463d71264c5a1a358270244499f45ece337e41650cd5919cbc759348a4e3d62629cea3225fb3d39ea05d7942afa005d435651e3a959e146cf630604f26283ade7c5abe95bf1d10727fe6c44c477cdf410381904b24cf94b0c733235ad6fc393ecb18b49d6cc3c36c4ca005d5fb0dcf246d0837d8e76c526d5dbf46cac025d7a197f894fbcd52f8ffb241906cf97232871a43a37306391dc72cbb28735cc27f426956ec517cf55059253787a679194b1bbfa15f52fe4df5dc5ec77630fa8baca66f6afcf9300b295f660967654101dda7f49b746659460ba343977007fea34c136b9548f0d22a6c1a7355500b2b7ddcd8ebf3e28ea6c53574891c21ad40bb2363825ee272e8a831ddacbfdf01faf90a32e7522f3576f6358c9a47b771a795080e0948f0d9289548b64d156eff548ddee5df9534e87e84b79876b2d15f88900f0e8d68541460428e4e3fe2b6e89e524925c909b96ea75431d5ac477155a64210d8360807a97e8a6418a7ba42263f72d8bcf6139cbba1fef7a12d2042477b3748a7bb9660dee7754b8bc08e7d1388404f89eb1b298d168eb9d9e7d8c57c84f3258b8bada687e62d528187c61838c672079ebae53b65772b8e2324afee1ec77dd88a77bca3b4cd8b47d2a5bfca03f74f8ca73a06db3941ff3fb17ba5e6817ebbda7f281364faf7ba36cb0b545876b2beac02102d421384ceb33a5926bee29d13e2221d7f79c9b18250d82b9b47a9b3b2ba9634e0c8829adbee702770c7a901cc9ca9445a7d60507cab0c495cff387b00a18cac51a8561a6715edd6fcd9116aa23fce7d59a69857f8e26428ba286de5fe55090bae305f760e3b6a8aca9621ab94e38f633b2f06c8c289b446d08c0b4905104456776d137e1027208e3b", 0x1000}, {&(0x7f0000002ac0)="0a1599018a9936fb6f759d98fea762f2e8810b7e0cd9d0f67cfce242bb20dda43cc21fcbe3a9b0e8aa270139bfab240df96434290c1bf9ca567bdd1ab5ab20ee34ffb1d3b76e83a8293a97dac32a84e92b97a14593ae958a211ff8a491eb8a8b29cef123a0ce02a98c39fef1f20b12e0f3b042f5c3cc866a331482628633c8b53932001658fc7fbf09d428d872e0cc37fbe82ea2c37dd27717a75eaf9fa1cc41356059290031daf98dc43a54798ed609abde739044b9c0d6a65c20efa3ba63fddcc8130c21f5417a80878289422708048e477b2ac160e74d5e8d6d6b81496868290861d767ed20", 0xe7}, {&(0x7f0000002bc0)="a8ece72a6acb901b", 0x8}, {&(0x7f0000002c00)="cbe29270a6fcfd4e23fbfd4233a052131a8c475096a8c7c67536fc3a5775e8fb7997bf81b57f260d134acf07eb82f89099e761ed31380b4a212572087cf685e8e8d59c17583cdcfdad803101cb4f0a3c6a3114c57755ba9484d4f8d15f610dbba7e6532a25a720dcc5fb05710020743e5cdbf48c7d006dabb9330efe12cb7857dc3fc95b18384613e5cab88796d3183bcda269536d97869609289e6b8e2740d0bafc9462f6ea97f74d8860fe93b5d373a65e66319f035f79036e6aa4c391c108942fdb6a1cf8", 0xc6}], 0x8, &(0x7f0000003440)=[@cred={0x20, 0x1, 0x2, r5, r6, r7}, @cred={0x20, 0x1, 0x2, r8, r9, r10}, @cred={0x20, 0x1, 0x2, r11, r12, r13}, @cred={0x20, 0x1, 0x2, r14, r15, r16}, @rights={0x18, 0x1, 0x1, [r0, r0]}], 0x98, 0x40}, {&(0x7f0000003500)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000004780)=[{&(0x7f0000003580)="6c5df85a812cf24a35acea0979e2af66d911b23bd5eb443a86f0b20640397fd291efc581fb074248e99b34a9e975a04bb4498ca08dd81388297f3d8b318272bb770c4a2a2b57190654f4f152bffc030beef8f6ce9282e5a8623285f756f6bf68c00c400405077a21682a13e7cc133fad5e0bb16a48bc9f2221ba24119a710d34bc7b38058f46142c157cb341402e5d0539d30a297d740c9fc69229fd7f2e4a92a22ffbbeabd048a4c4e5369a1d4298ae52e3f81285484f01b5acae1ef28147f6c47a149ceb75df79d9b98ab6671acd0c8037db66f54aaf688869", 0xda}, {&(0x7f0000003680)="0b2c5ba03fb74baf6ad8a4f7de95ab9fde68e98c40c040dd9de47adbda3234d10b4ef2121efa2f55c47073a505c3d3cec0a85803aa73497b5211c6daac23de2314c304d4d8e28da8c0bed319d79e49eee23de7ff0492bb158c3771735dae138a647dfa754486a8eead4880fadb53a5e4ab0d476dc1e90c6b9e69b3f5fae171f1c06ab53719ed0bc247e95f2572be4bbd3d69dc892048a2131d41d41d8bbb98ab6d621c684bca99d9aa19769cb783b10fa892be9595bb0fedd802ed7293471bb6a0ba31cc70de979cea", 0xc9}, {&(0x7f0000003780)="3c7a31af21caf5e444f3b284bf44096cec4d789dc777456ddbaa83f9b49b4f6d8a65bd72f852b45df7f6ce212c0d550e89b403525a64ccb3d4d57453f54a94e06797f72524bf2440b3935384a766cae3c956d156cd48e9006987777e75207ca4e50f779d3290bfeb63222c9f290a7ce945e35e9d81304bdf2776e860325353ac0ff16d871e968a98f08f6c979f82d50af81e7a7f64b47380650c41dd8c75daca531186f29b07409fba4d24621ee8bc8fc1182aec3f2964e8b4cbb9438e9891b4e9a2e5ebead46fd18f48cc29e1ad8b24e51524c48bf7bc3c6e79e6ca9e1b5f8abeb9c06581200eadd1b1d86a26b1bea1a01cf40ee3911b4d36a2dfe63b44f2094267849adab2a4c520c566ac291fd02e6a6e00280518895da55033b789c6bf2bd517615f69dab7f2cce65ced42703b728e448acf0c695fe819732ed3b0732181240567459388c2d2eca7e09dd06a5633a7fac1f5a4530ab7e3e38e122f77ae6fa8af8d6b740fe097534d7f8903bd6f7d5991be958fb4d8b5afde37c88b9fe9f5c3ff6e14049cfd585f5e514e567d02bb34782236934bf22bd7a7da1c027827cce98dc9195dcc9effc1264d1f7a70efb5a4854658fee9f952beb47d79278e5c629485ebf8ade882689328143495a05e6b600d8008ffaed944aa72d675e99f81a5fc835f13a7c8debc400034fc56d58dd2e76ccd4ac9fe1b83f1575ac7186f31b87df3c1d8baf0d9880f1faf4b84a4f8e70423d8765a4567dbde0ed129f3137ef5a129b9be666ff5137eedf347d4ca9bddb791af0ccdcbf7203e968035985be7d72912f699789f28f57ed5831cacb36094146b211de64dba8f42ca3f7c88567293aed9a9e3c09a374eaa96674e5639e49bbd204c54e3b97dbb42d7473425532af9e31603b6e84311cfac7dff63d5e0ad73aac752c979d14fd12dd3b24798ea5e6a532c9d47f6b88ca6be2b2c8282cc5cf123bae4976147cd088638a4c23ff615d5c51c2379e8bdd45d75ea54a784a378a246f3226c29f8c7a9de7b884787e94d6e5cce959f9f8a46c9d4170975f7bfaa79c37602c3c81a4844c982dec07130a0e0e36e5f6851099ed5d116ba79afd4fef3d0a8e000021fd98d54c8623de31559e28ae90ec34bca16f724ab37b2d67f38630bc6ee45b522ab638c65b8916233545a9777f6312ddb79c9d11701a7e656fc87f31e21d92b93ed5f975ebbbe619ebca2fb9906fcd08b12db55a977689c5885dd02ae01aefb4af8dc9ede4df0151665bab21e80b62f9aac49a29ec589a461c6b93e6de61020482c2b43db51b0d6f761d178120de5513ca33b790e7083b1ef1e05641422429a00706f894c3d5cfa313c04a0b02658a742de215506c2a87faf746e6683b2b22dc073843bacb2df466e993ca1b40726082650260830cadfc58aa482e77f0428ea91b51e71ae330bee1e8b93078d906090671a0a6a16a1583161e644662ac65d524b5c5d8a4e90e1080c369379bca18de884876cb668fdf8de4280baf00af10e71240ec069fa202152582434e76ad9950d93deec63c0620e66ef053cc764c2c030485f6b202cde1a16180f7a7ab5f6dbca041bfc7e46a940635986c1c6d41061413866f1ea26d26a7c1a4e2606bb6c671df05d77ca922621bbb1f41c4b622b4d8127baebe022d35de48b39f0cb34065eb0493eaa00c7f7fd63368c763d9a30f3330ccbe606b88af8d92382ccde0df7e3dcd24e1a05f09b9496deccf924ed05091224fe20f89d3ae8fcaaa957856a3a9af63e9020023b0f88bff3e14403f47e80f758f87efaba7763ca23f4f8af84c6fbe1763773499d31b5d84a10af4eec25f2a75d6fa1420fd8e14f4737ab6189a3af1b26a8d147def5148581ae7d869b28ca86b02d66e83fb085e12bb0dd8885aa9098b8ede2d7727018e0fcd2e8abe92ea2b056d8a76e4181d43f07d0e9ab26cd14cace1e3181dba68eef150cdf225bb5f9fba3926fc5e1848d55bc3c10aad5975b2b582f8a9c21d8a9eab47e59ecf400228ac953eadc83238954100b8b9442935829fbf08c02e2c9bab4e1122d0eec0e32f19da8d508bc85589b20d988104496007e45e7218f7d2127515f01847ae0bcf32dd5afedf953e1b0aafb997e18a4a334a4bf6ea0bfbd26df4ac263e7c46b7b5be32269d4fb53ebe68021c5595610dad0bc9b93718c6b3d2952e829580dd1c760fb51e6c0c086f92be6144eb05f7545cc34857ec5a805b85790c3b69e2f133cd1708eabe47efabe3c821ebd50328dc231f0d7d63596b21e750f86ad975c8dad94214dd65e910a7e5e376c90d9763b4abe09cb6042be109ab335254c371372841f5f272ca87f11bcae9a26a9859cc4e89e7d821048d8c2d962cfd6772c1b9ce3097f3a189985bd432b020ee965c4c68a0eb569b5b7ab3e918a785a4dd2ef5603c4a1896611b9e1fde0d2c35b8de205c8d8370d9a271cb1fde9b222e19f5c20a5d838e537d14762e89e429f860740e748d9e48b4c7a7f1f749d619f18e4e143f2255c5eaa4fc3921b0a6a83b32e1ccbca2ba521cc6a9bf2504f1d0c9802f386040ddc88819a2a1764174dd5b4086605b4a4334a6cecb15c1b8f0ab30e739e657f57f132a67762e2edb401391b3b086aae320f01aead208d827e2f6363c045b00eba89e955d1f00e15e899047f5c1c23888f0b59c120fcc3c056a8471bdfc69c2df11c786ca35296f1eafb6cd1adc1b7219f4608f873877526412f49a32f21c48e6f4eabe9f8888947ba8d80b4ffb1c52c7cc16d1df00cf5d52328d4f7944ff2683b648e1124f92d12d0914943f8f9bc6bce93bfbae8ec5f6fecf5dfa37ee898fec37cc97d5f08a03e52a6ee328c75f47bd1306870d3f3200cd253c0f973fc4109d2a2387528fda3a8c9ad6d2aac27759c1c204cebac328c4ccfeb7db1c21b2afdbbc94ef7d427214aec70f695a8468a878353c4a910174c3eb5774e5a2fe822f9e279e237653f920cc58ba33126184299231660d3663488c237776421e0a784c6925479d5a9010c74029ff5bdb9d11f80ca551d5ae23c2e3868d0c25d8c2de48384e0f21982a7f5eea76bf7f87b540b6962779b3e14a80aee81aeb10a01c1fd88922ef1ec776d46b1a860ec9ad5bde4f67f4625e180aba6ff57413a18118d5f5a4ec997ccaffb8a530c8fb8ae6dd099b17206c5d0cf3494e048f6dd81566a7ddbcaf5bf683af9a80e0a129e653f42d1367b468c125521e1020e291d1a4e2858fdfb0c4801f590374b0ee13c26bd39874fbf3b58ef20678e2d2123fa401a032a393da5875da48e2f6c1f93470a93c7e30334c863751386240afc0e5196f1c9ec62bf688a96f07300eb8054fd569b1630fbdd6dc55db785b32f6e65a388136a0b68f582c1b096f850932dbb2a933dab71b06bb421e4719c515b910f38f7b040d62d5d53d6b785f9a046853e85cac392e288b7ce4cdecadec285f95a796b96e0d3625a941e12a1f796bff0bbc9ec136c6f309893dd9f0d04f0c4e10cc3addf85cc9e80689cf6d18ec18f985bc096353416ee66a78bb8c872bbe0fc53ab97740afd8bcdeb72682365257edbb5c78b420d8c1d22d3ee32f0af1fea3e53b5ce8604d14085272f859ade699c8f8fde1dcc1454d4bf6929380dea665a73e3d9d176b0a2c2b44d4d7ce94e7a5fbf6b67f339d66ef8ccfd606f4a04fd1b62ff36c6f32bc6a77ffe46c27db3c577b1eb41dd0be645bd9227d95e89117fd33e414e7052dc20039e15e3ee5a5a2e7ddddb8f50af88062789426d6ee32345207faa6cecae68a92d79b9abf50c92e63dcb88a4e13e3ac8598021fce7cfd23856bdd398b4b3e58bc4029906b21d5deb88109d8ca084d97af679bb6784472ab9ce3655dca99498320284116887a01978f364d6c97d7ffe0597f49ec37e33ffc7295f5bb94dc419b89ace58c10e5fbe61624cf44c26eb7f735f02692987112e53a72c8dc0c94c3f951e4b13c065a03661c84b2bed8a8c6afb5087ab08af3041ddc1decaa7f0aa2b6fa39e5735d833973e72ea2c9247a1106114c9791e1cb07d2fc3559decbd5db7b239ee8b669a69f313082d01647609c46242ed0b119be45fb6d3a1ce058f0564e440cada29ceefc05c8eb47a680baada2cdf3ff6050456e98850a1d71ba954dac144cd10a012fc139065b3c6b500b4926bdef6dc2fbe7c309de34b1d1f96aa2b9c87c20bb7ed5ad0bdb9abba2934cbe4e16832c8f6bd37d18c59edb4259f0a8f416f783a6cfe7d98bde68961e81a5506489db6a5f6d923f1740a029cce7abe562c62eaca564978d3464c67e4267cdfa7a26f681b368cec21435abdc55fe206bfe2cdf4217ccb7ea7ed4463f67ad435bc702eb129b3cd6a90fa42d40ed8cd0f58097bb823a2d93ef1d0761c9e61dc24c01ad64b2a0ffd4bef783ac695c307519f9b2f003ce24282d6fc0b781d282ecbead5d40ddcbd574a89dd515ce3d0eb7ada05e8691d91ac7a4efc456380ebd1a35a39a3aaf31336b9551bd0728e4bdebb4d9de12d8c73ee52d04847bc08cb5580c3d38d422d80ea17fa2ef265ea8da92c7a39ebdd3c9fac7141a84ece8cfb2a7cefe92faf9b6941fedaa3fbfaf92b7c11ebe77f7e15b65118664e69357c05d52710b7cab2e6a84f21c3b83c91f64e9782ff33c157619b026c0a2f4092a77e0db586afac84e6b2251bb02903200099d9616a6ca4096ecd53e9d8a954f74965e4bc80b55c895ca5c3f5377624993f9f0e6c67bef43f1ab053e6e3835f189d8c58cc15effd197ba1d5d9051b30d1d5eb25f6dd5be82e0d386ebcac52c42f12bbaf86c4fe9e9829c3f470d67e299839e6756e610820e8cd415d8dab51287c4a6d5c56752b8c9471ccc2ee580fdb100a7096fd13fed8fadfcc47cef7c805fc04d5edee1d61665b4ba8246c81939ee4a8c6280c33fdc118a9c8e9dd2a025cf4c961966e8fbd27f7efd8830c2715491cd41c018f6130b309d86959025b6958766204d5563dca2676831a0d3aa0b7f041512659b0e95584db52f9a462b1296c0347f60229eede2a9d861f183309ed7b5eb13e2838520e71b83bd30df6d96ad5be493464be43d29e6cff2c0525763296091de86f74fdf02e96f65a235cb21e0086815af515b505749a36f4d3455bed86fbe7174aaef878d9c870c41aa91f518314f852cbcc984cc30465992590ff060f8a8ef5c26e6992f3bf15f5419c5e1ae21f120d1c31de8fba499c9aabee88ed253755177db55ff1e3af364b0ab4becf2c7971e7955617e94a0209dd173746328e9bc00b268c8a4d62a23e8d2afb698c0cbb0dd79113e1080a9ed6001272bb7b5e40c4b5dc7173772644889b52d1096d78ca08a6c05cc904daa71d0f23af1d2cdbe6c241c022f31ff8b2ea726cdd83e873f80ca6a71d837697b25b3c109f91a48e5790f0237d63d9bb663d33915adc57bc085adcbb182181be0c227cd2e899d564ceeac6454fa5c351b42351446b74e067130ef210802bc8a3153f457ce614efb0f6d418dcf548765dd5363960dd749b7f2e79f4cdd15ea4fdc07a96e0cbd3237183add2b335383d5632d1b982fd3954fe58f073b14324c51b4f65d9ea791283b321bf207a83efd3cfd4faef808e72e806c3c4aee393a55c0b5f510c2410cfeea1026596dd72b20018573b7899c4890b61a1577092ea8b29e68b6632fe0179922445a28246f31c02f1d7df348ebdc3e4f7a8ad200b529cff0c98104a8aabe0e47e833a9ea3d35aa1feb97365dd1a772328e0bbaf30de845a7a435b0edfee7121cc1bbe35b3da1a458f407a451a3aa1ee9858b8275eb2", 0x1000}], 0x3}, {&(0x7f00000047c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000004b80)=[{&(0x7f0000004840)="1c48d58b97767b7e2d51f14bc7d2bf1c831acc3ad4ce308be4236421b83a68a3fad5b0a4f50ee4a82d0f80f2f7edd742cbd37314e3f54e6d69cbf0fa316ca22d1fdfd05c3894888cb935a8e2bbb81290f708d7aa565ed7def82fd05e1c4160e7af34535c12aa88359d981209", 0x6c}, {&(0x7f00000048c0)="b5352f89646e06c8cd35db7cf8e3eedb0e5ddb0c7f257b246bb5446152039954306376bf76047df0600899cb9896f09719defb7c7ee8fb81a7ce5c1b5bb13653beb32482d64c8d718b2217abe91c4dc02bd56b4380af42e31bfe487a0c5eef6acff5babda5a307978b9c244d06bee9ebe13bba2be6fcb9d1860948", 0x7b}, {&(0x7f0000004940)="dddaf3504994e224e366418cb7d6b6002e5c0d9499d12a61ce594791924927e8f07c36e5b83520227ca8a6992a9c592dd70d0893e210a3127e24473b0e0ecc965c2e5fe18527706d62ff321e833ad29ed783e81055a5a48fd9511787a849c188f9540e28ba4fa09ddd7fb56670258e9976cc81fd6135ba598ccda7a34352", 0x7e}, {&(0x7f00000049c0)="e46c0f52e01378d7689b58276f498c4809de4e58aa7ea6e63aa43f29abaa77fc275de3a8dfbb80093f9f1104378868d3d6b16b08669cb315a8d636735e42edc9f08663485d03c198ce4ed46b21e1dfcf7d7157cd42a3f852ab467cf11a94ffb2ade0fba3bf7bc84fe0004f082bce371c0fc3864842a7bbd5fcde8030502530aea715597eccc7e4117263ebcf8783da9fc37f5c39436597", 0x97}, {&(0x7f0000004a80)="c39acf4a7bbbaea9dc7d19e635d136f9dfa3d13d732da56b2a1adab913d61fdcf00d84b4a2bf820d93bd3872666a1e56da322629803099b21a6412bb9f6d00addd444c5925286af690ab46c39030753a18125741186f35181eb07a4402242b3454fa3493c117da61498c9e817b02f42d5bfe338766b6fa501fd5b24cb6c31ccc767f00547fca7f40f6b590247ef2baca2ff3ac92769a712d940010c7bf8cdd42d3279dbe6c314b8f8ec3fcff6e735d6b07ad156c8e134be632e64bf891561daa79d60908b9f3e904f9268dfccb0766587414b1cc978de3a088ef587fcbfaedca046c044c8d203ab563f4e9be021dbf52ec3f88ca1bbdc69f3e2f38", 0xfb}], 0x5, &(0x7f00000050c0)=[@cred={0x20, 0x1, 0x2, r17, r18, r19}, @cred={0x20, 0x1, 0x2, r20, r21, r22}, @rights={0x20, 0x1, 0x1, [r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r23, r24, r25}, @rights={0x20, 0x1, 0x1, [r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r26, r27, r28}, @rights={0x20, 0x1, 0x1, [r0, r0, r0]}], 0xe0, 0x4000000}, {&(0x7f00000051c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f00000053c0)=[{&(0x7f0000005240)="54fc1329af005ad9bc23261cfe95033b261da20228070b36c90dcb0ce1b79cf654fe93c63bbcbb5f685c695cf83a98c34d05a717108b2432b9c7002b13aaf06845", 0x41}, {&(0x7f00000052c0)="b8f584c75e7168beb902a045539502fdc75252d10ca2b2420b989dbf5b4493b4418330cf14ffd5398ddc09a38db561f6eb216b5a867218c69589609ecbb7e5ae4d03878c3b3be1141ae15f2c9b0c725dfd2de480b45618e82bdd5e6a52e6a711b8f60cc7ce4c799681c8e5277050d48e4f1b1f3cb7504bb459a7a4cbcfd9b15093c57741c0d7afc0cac2f7e8c04843c28dd0deae123f71bf1501beb477debdce34431c0b7aea23ebde7253e617ce0e6d8acc29bc7b85840191e25fa2c7906ffc82a4a24fd51842e35b4b9abf8d72eeae2d8dc1bcfa46bdd003614bee2864911332ae6fca9b663e48e31e39f8b5658917b176b501bd8493", 0xf7}], 0x2, &(0x7f00000058c0)=[@rights={0x18, 0x1, 0x1, [r0]}, @rights={0x10}, @cred={0x20, 0x1, 0x2, r29, r30, r31}, @cred={0x20, 0x1, 0x2, r32, r33, r34}, @cred={0x20, 0x1, 0x2, r35, r36, r37}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r38, r39, r40}, @rights={0x20, 0x1, 0x1, [r0, r0, r0]}], 0xf8, 0x80}, {&(0x7f00000059c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000005a80)=[{&(0x7f0000005a40)="64bea4aadcb6b9373c96a135306b9dc9da146d9e975aa44484dcbe333400ab750c8c08a56f0edbf6f79e96ec", 0x2c}], 0x1, &(0x7f0000005f80)=[@cred={0x20, 0x1, 0x2, r41, r42, r43}, @cred={0x20, 0x1, 0x2, r44, r45, r46}, @cred={0x20, 0x1, 0x2, r47, r48, r49}, @cred={0x20, 0x1, 0x2, r50, r51, r52}, @rights={0x18, 0x1, 0x1, [r0]}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}], 0xf0, 0x20000000}, {&(0x7f0000006080)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000006340)=[{&(0x7f0000006100)="977933061252d6bcc065fbadf18650138f2e373efde98cbcc9a9f5c884fefec809fbfeeb6f94940acbcb76638b6801c720a4925ae7168877ab5e9f8b50579ba5280236fb26cc3cec53164e3a2d6b1abf9e1302182ffdfcd347be4b95938d374eb08bcf118b52ee6eb0440365eeafc7ed65ae0184be7226aac063c1940f7fe8595219d85be156bfa1a16e395e6e9ce34adc02a44851a74f0c3232474ea8cc7eac257d22d44dbb1cef9b33626c71db79437f1e74daa970244f0891725bebebe5b64acc4e438d2a454cb4741de8767312101105b1c4fa75015ff7e7d3e3c74b714d0b7fb865a3adf5f2c5dac5237f7ea5ae87972150a00e4c3bf3b206", 0xfb}, {&(0x7f0000006200)="f47dc78f3c15a7183d7d57bbb01e7484d2865524ddac8a2552c8ec4a673679d07fbc864c9223fb5c122c7f39ac2045c6e17a70c74e2b35e12555dd4c5fc4040368800f7c9a6da218e7060d26c9c9688620db6ae9c6ce63d92a971d20a2976ccc87f7a8b0897be8a7257453f7029f985150ff948e3fb7d0f1", 0x78}, {&(0x7f0000006280)="8815ffd0962d28f362db32e0b61649fc18efc54100691f1e8af28388c0e981a74e639f60c3651358972058262fe727c028d8136fbb9dcc9fab11e422ccb10374542b32d5989ddd78421e938c1271041468d4e54fa58feb965ac3d6d4f3b39b063c44520a0a0bf68d1dcc990e15507ad755f833512ea25f6f31bb68eeb6b35f050c49b8627db0e58b703b4a718307664ab3f0d2176c9d9d5ce972", 0x9a}], 0x3}, {&(0x7f0000006380)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000076c0)=[{&(0x7f0000006400)="6633dd57bcee0433e8c41a1929f05089d23fdd1c2a977bc1c560a2914bd898628ab06a6ca152e3495325ef0da19057cad882b97eff081dfa19eef8801c73e31dcde0b5afe657831c5088f31d9a86d6e8c879d233e13dfcedca2396", 0x5b}, {&(0x7f0000006480)="098f8c2a2665865f66548b625bff2ff014076e8cc8cc9ec0", 0x18}, {&(0x7f00000064c0)}, {&(0x7f0000006500)="915705c5468c297eae8c256efb65b2da8e2e7fd2f6aa2270562de3fa07e624a90249d51a4f36e0f5ad1e9f7124982f97c34865cadef01f184a8597afd5cb95795f257745e9749c32b64a723ca7aa7db179", 0x51}, {&(0x7f0000006580)="41692070e160bc9f870a874081f9fb200c94afdd3c3c71cf4fa140ac25d4582a290b8faf241bf32bb55244632d03578353a7b6c14fc6fb362f01c243b684c3b449a9f5f91f60a9dfb7b4d6d716b00f8b66347008ee75edd30ef07140e445de483fd370bab22abeb6a79405e903cb196cd431cd6d71f0c036d6bbb83b6f9dc07fd6415190a7f3337e9c31bfb9952008afa3e619fae4248bfeb31ae91c32910511c0df58bbc10c4cbb64abc5188f66c3803e6daf7411a5b0d3abe77140f7d8b2336fae0c5b8c57d823438e9dfd1fa71526288380260b187ba237f20a86bcfb524969a88eedb1e702b928862469c5c5", 0xee}, {&(0x7f0000006680)="c8a510d1d52e9381b09e9a0c95e27e4302376cfd5c1b37f1c1a0470a40168cff8661c246a0c9877dc85f1ef7fc1fc59acc1e78d2a9ee3fe6237bd41545c3b1d16c479f1bc2961f089389389408bdeeeede167d8bb4026201727354cd4ec17a51d21642040e70db8134b0e72706b9107ebd219c5fbea1d4f3df58a8d4be952a6ab87a1de13dba91096a98671d56a1687656473d073e61d30d85fb89c58b12d6586f1e9cb7c3844bf06da065a87eaf39319ff470ec3ac240b5952edcaf7cd42250e95942e26b2b78ed0d47f4183d7f736510963788f7ca23b0dbc9e28a2ef058cea653cbda3c4207bf7bc7abed8612c5b0adff6b489fdd4b5cdf33dfd5a9524b6b52f935b914176d611f7c1287c4c5f4dd51cf149d99a2cd5429272dec9eede843898e61ebabe841a5ec275221986f965ff63184339dcdac8184af83c8f945f4e0ea02ff6e80c88db10bbbaa6cd98e287baf5d66b766472ecedd5e1fb2f32e3533d852b3af41ff759ea91cf10546f5b0bcbaf2862464cb0f628bbcf0692101d91d126dffd99b307024941f05cda816bf5375482a42fc31e5475caffb9520ad25bc1d0d088ccd3a98020f473f40494fc720016517bc186d6302a443787c598d3ba06610fc5e6127954fa5076fc1f45b1c61235913f50d2ae220821330f8e457ec4896de03a979b801fa6b93055127ee6f2f0ff7e372cd6fc1a3f03b81400d8ec16997c7f94f6c2bdcfe77c9501267ae630b4babb4f7c660d2d10ce494a2ed8845334a004426424a76783c9a6824c4502157f196e9ed42840c8434892472c9ae95bee27657904b1870e3748f353fc34c8f5d8978f0b0558281b5372f247031c5caf021c02f3ce6fac9de6c786bb5957271376b45500fca78f0373ff027321bd2f4371e7c3927edec48d8c1aab3ec88e79ca53c8b3fa9c7db16949f69354b9159e82c9b1464ecd91c3978d0944404520e9c03d39b98bd8f303c0a7663158d02c4a099364469262cf3ee98b38c6b7e356a0bf9c2026fbbff361b74a84edb2d571fc5d5dc413b51af9e334db9ea30869a4ccd438fd3e5420b4cc586f5f5599064fe47de4dabafa7f718602e4356e3fff047bf615d07b33311ade1712d5478cde78aff4d658d8d20233f4ee01901fdd12161ed55c982883cf066fa52411e2496141d1ec8aabd7125304944884bdf77aa848e5e43bd4ebef76e96754f175465df920fb8e157be3205c8c2e4a03249b6e93526a21bc0355ec9dfb34ef2069a6509a37db5fbc5cc30fcf70b1edc5f9212bfa1b131eb68a2afd6f49a6ecd884472ad327cc886a83bfac071558c215049d50ed9b9d4988a01ccca3407ea17d7f046383387427556864ad9bc05cee52767685b83b2805a8cbd69cef13c557a54a3f68d800e871e66c1dc0aeb705ab094ae1c844417733b1e0784388294e590fcb57f5034bf08eb509760b37ca34ed4cd3536a3df2b1f49436468c7145b1b0472bbd23c8c2be726715a65145ba6fc86799c156d2904eb22a778829b4b0560d1f349fae1280ea98334cd2c01f4f16065e646704c85834c2ec08e303e95f1ed35c3cd20853946f8f60ab69d2b224a95ed196866cc8ef51b038c0cb6f9669a94f185c6eba3727a59ed1c055ba113552c8b8d6ebe2a59c4d4a791afba7280049052668404db6e37701461c033faef657ee25cbe8435f9c1da51ff99ec4f43f20bc35175b907d3a4aaf659b93eb3c4fee5578f42a5dbaaa5beadbaa6951552ac3c0ed54e9a842e77ea9fd7c5e457ba3915162408907e751db4c3aaa66aa4e60204f919c9faadde2c430e5082f45d54bb0db62441bad25fd1c2db86e955efe3b8aec538e2c338687fc5558ead8a94ba03f4cf91dd3a07a79824aa28e116654b761ba5d555c96c8defdac864e3c9323a7f5219bb24d0942ef65238571910374eba77565b3fd6d54acc6299d96f352757f51f308ba7cc10cdf9a755fdbeeaafd803bcc24192364e568d4380911a2cd938b47aadf282980d0560d02370a5414c070da76daab104d248788d7f6402d4eabcc48ddc32de2f886acc7b2e6220b7a19165b49636c19d1645b1a33110329fb41227933d0d075fef2d76c06b2bb7821d6713f0ebf1f54c48595fa08479eaa28d2170899ca0e80e3b3660625242879cd9f129079d5b96b5c3fb3da45dffa466dcf972245543efd7d467b3c5cd101c4c28643ed2e5a66b79ed59a2461862d0c311f5b29ed52da13e46ebe9da5213f77c7cd1107d4872886bbb152eb78a6b05ec02d6a526b054f1d90d84002af8cfe81b4cc71f0f4fcf3b75055337e2a3d0b7cc8cda9d8e458c91e3b6016916a6fe41364a8373fa92ec5de4583cb41f19b063d34656d58a355f57ff5f5242b0eaf914b677df99866ef7ec64c11caee404f19ca6363e68738db31bfe8a5694a64d0d944169dca9fa50a9526368ce63c285e4004bdaec2652cefe9d8e2c0c60b5303dc62b054ea7181804f9abd1698764dc7187589572939e7e59af1fa50d2d063233335d2291b1c3ef20a4c47c73a775c41275828c3e700b635be0ccae84d58ea3f7ebf4a9cf053675cafdf7ab7812a91e874ed011264a9662284c472492185000bef7e515be32c07424c7256cbed588b218f74e36b6e626a1500306e0d9caf26131d6a9d204db9f407a4e9eb73ac70f7a7bc3457007d4d63490890dd5d61513688c25a7b0458962c7284fc94c36c6bfa45389d6f04d77428c6f27648bf1605f48fac6c91ebc727a5f8b28c48c4e2c0b14cdc246f0f732b34293c78193b76ee73b1e01d3f5f0b5bfcecd8af04957b82e80bc43bc995ffcda85f87563306176b8c043cfaf23dea8e9946035ebe4ba4fe0464a6a9f64bac9540b9b9d07b03239aad481b2d460a31a0148305e82671e9bad6b35081e1ae71f8ef5ce4f2d2e49eed5d7e4ca1713f1f3064225f9f6116027079ed6969f06d16242447d29ec2421397dd5d6096c3824173587577495a084339dc9eb6084078647ce605c32035ccd2027ca39b4d0405fbd83823806c6011e7d28f10697b2a3442930e32f5122066a00952097c8ecaaafdaba7d9f0a7767771c2e75394f379c62e45e8f686695b5351119d29ccf05a700cac0b514dbe37abaa8ebca4de6c89fc4e322cf506436488d7925dafde90f0d100681827d08ccd4ca9a12b7f3eb8dae927efb4b60b141f1b26d5f2dc2f28d3f0d598ec7e2dcce9fe5818f6923161506f868dd48eb5f943d276a39d95a00e27efd40384cf8005e245f163e9c7028e812c916a8b4632ee9d9fcc4e8bbff7672fac4e26f384831b8fb910b74bad82fa4033a43c105dfb325027116584465029ceeadea7b473d29fa56ac8615ef5c2e9fdfcbc2958f36761aa3ce8b65d1fd498316b84937ef0420ae760342e53a40bc400fb06b21de6204b44bd7ad211fdcfa4181a87a9ffae026fd9b18131e1c6f67d913f4453de2cae62e0a80c71ded6c1f64f6ce225882578dd3538abec331caea06bb8d276c11b91abcbc44ac0a1ca1f7b8cd7b64239c1def1c71109df3a09e425916e2e63a120c8bdda3eadd029edd9a9bd337f546239a29fd77b87211b3b698e3dbb750e5fdef4767c00044c98a2fec35d27873c86871b0ece36a327f079ca0f1d9b0b183cb147993169346525c9d441dd8c888e5753f547740922b45a4ffbb10d1f69e6767aeab621a724accb889875283ab23d8213aca98df51525ca2ae046656b802f616e445da2d8f575a97a1308f43f9cd0bc5eeb9de383e7cf69ad91c636b35473e053f314ff765d81ac90457cf3102b7ad47d759161572de4cf7b57c0113e3ebbe1c24cd4b1fd496e8f426dba0fe2b2acc94565f87b23d1d91084df126eb3e9c82b4b55aeaa074b289fde69b2b667911aaa4177f1cda3a6d9e11b4539bfdf6ab4753ee3ff58771a5bd8b698bec08f19c64d91d83f355bf18533ced1537fdb79684ae8a30de3389d145ad82bc40e4a67806f9d9d2c12169eb0f1771f88cf9b59a4219cda7f87a5c8f0d7cf0abae01df323300d3e14e5db0a5fe45472bf2b057c3d3452780452aadf15807978dfb1e2b84664a447d4a489b02b4efcf9f8e4bec896bc481cf08bf4a8b2bb7a391836497f04eee1742693943cef3cbbf8a425859a1816ff4d792dafd2637f5114b16274ea57f8637f72de003d992f2f9a95b0a75c4bc8cfbfd5b872bca22b1fa516baefd5f32fc451f23f8a5e9854523c6ba6bc1c1ba030b7002553ea2ee8f52d108df34758c87d463d1ede35aecc9b926aadcd19aef0da9cccaf3875b8c7b0bf6d5447895a62879ecda0e9b90c22cf3429ee04d2e7e2ec04b8e731ddd05bf5b520b05200f19dc3b5d8469f14c030f988977ce0c1289bf14958f06ce7408b00f29c5075dd9375f08e91908175030abbe49c290e71a453f8cb184383bb343dbe0e3fe2aa59de76e6f24f8fe9cbfa40fa07b68b36e10825591ab3d4a8d648ce3dc047106bfb4f2dc746eb272f2c992c858946a33161abc6268aa59fc80962a900fdd630be03f17c1c36b18240542cb36b1221d0dc6b50d2e329a11a02bcf921c7a4c2d062d4de5f75793dcadd9886dd1b561a823b0f4751642204cb34fff812776b309b339cc87a8bce9a940d1343dc8abb53d3d26737bcbb9235b36c6fd23f1218958ad937fe1c766bfe13dd2d35342f70d09b92f37b2cbf5c50bafa48485e9089340ca0b1ac3d58e48fecb91aee653b1823d49a2a2c4ce3626fef81b7a4ae9aac4f0f1dfb7b7a03f306fc9736c85bd04aa27bbb3a52c269ffe718aaed5db9937ab51b42d4cf462c37f0743518eef31f017e1b6c02a4b719f4e5781cfe16d27cbe1600e2b74095b2853cda7369d7cfddb68fe27a102cdbf846ce80f02ff45827306954a66491b9043b60809a27edb72bb028dbbceb4853e410996c5155e4a63c3ad4048912d0051ab7ce3ada2dfbf61bb0897198f991166c65f5327390540116238c64014ffe28d59ac59908142cb40b1b90b6355bb3c7b804fc4a667092a4e14c1dd8be3a6f9b3c2e7045f1059ef1d9b7c93ce714f0bdcc4c2470d08f5844d9362bb07186233f8ea19bdb09829c9a8afc2ff018bc51dce45919d3d6e803d3825b96172bf2e2a98320714e1520843041054a0c28bcfc4616c0924f625ffe791b3d9ee9f5159cda6127a0c0c1a7102cedcd68c9fe3ac7bb5ae51f32421564e4a84fb1c01c6d90687ce23b749cdd2f006b143af6c20b4331ef1b7599b1b3f4e8b27a16f5c00d962d6a99d75005f32aa04cb36977d64ab89a741c8ee44bce55abc56ba2c3259b523f46339073285ba6deadf2c60ae59148291fde9c770112fc39b662d0e57cd827585d579d245f0cbcd98a6cd6cdc5bd0624b37b2a9da26acd3da1e15c4eca26c7cffe79873c9e93340db7031cea441f0d42c4dd487302ea2756a69c882c11c56476370a170219676c639af3c866cfc8e78761836cc0cb01a51405cb87638ce126dd9b8efd26f71ab49e9ed62f788e53af9e3bc8d3edade76f9658d680233416d962b204e47f6ca7941df9ebd921ed60325c36b1e29b1909f5a0a611da097b9a6810afdad1d85d207aaffccc245bfa38aa73caecc1cd3c318bc9bcaa1348e24d855724e6081cc08a0fc52354f5d23012cff01d51a2824d63acce1b01deac4ca580e4d26490c3fd3ac174bd33771ed5ca527c243bbbad714f2e138cb3f3a8c236270aae4ca90fe0e8e2c9f046454b0599b41faf2bd88d444364e419f3c17d2257660a60140bc4b58021f8fddabd093a128abbe097d5e892833960488b07a60d1414280a931812910ed0331", 0x1000}, {&(0x7f0000007680)="e1", 0x1}], 0x7, &(0x7f0000007bc0)=[@cred={0x20, 0x1, 0x2, r53, r54, r55}, @cred={0x20, 0x1, 0x2, r56, r57, r58}, @cred={0x20, 0x1, 0x2, 0x0, r59, r60}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0, r0]}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @cred={0x20, 0x1, 0x2, r61, r62, r63}], 0xc0, 0x10}], 0x8, 0x10)
r64 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r65 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r66 = ioctl$KVM_CREATE_VCPU(r64, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r64, r66, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
ioctl$BLKIOOPT(r65, 0x1279, &(0x7f00000002c0))
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r64, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f00000004c0)={0x4}, &(0x7f0000000040), &(0x7f0000000300)={0x77359400}, 0x7)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r66, 0xae80, 0x0)

13:48:06 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xe4ffffff00000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:06 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x4, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:06 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$intptr(0x2a, 0x0)

[  617.469493] netlink: 20 bytes leftover after parsing attributes in process `syz-executor3'.
13:48:06 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:06 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:06 executing program 3:
r0 = dup(0xffffffffffffff9c)
mq_notify(r0, &(0x7f00000001c0)={0x0, 0x8, 0x4, @thr={&(0x7f0000000000)="156b3e43563623551a585fbbb342fd758c63cf79a4b35385bc92f4fcbc807a26c64f94842dbac95f56c79705f092cd92c040d34d629c90e3063d38c99e4e699561fd7bf9f26407eba350fc4ae5c6", &(0x7f00000000c0)="7a35a8a6c8f081fe781d6a65f8cbb1821a587514f553fdb4e10f47f195ef5831da3aa91ce8d7467ec5b6fa78c3c1e7fee312b3a6463f5b6ee582c293fb9c4b7b061aba1b93c439c786a407aaf9fb54ba7aec5aa49b4f403801edf318f41221a3f985e9dd3b0a9c9f80684968efd600de8d70121ab75c65a4adf6ce8fae3d469d3d9451122578a7e73c1b2f218831ed5646bf764802051bf9dcb2be6326ee1c4ceb0a2adc4ad94f805a8532cd3c57dae9a8b8479b944f08f6f0846db36402ba2ac3776f0e43eb49f37cdba9e002254797261c4f00c050a69a6bc01006113243e012feaca16c220c589b8cc058ad491951"}})
socketpair(0x1d784139b38d1a1b, 0x5, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000080)}, 0x20)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f0, &(0x7f0000000300)='gre0\x00')
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f0000000080)=ANY=[@ANYBLOB="5e56ccba8949561ee89aee55e96de72028a4d2a33b"])
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000300)='gre0\x00')

[  617.744256] attempt to access beyond end of device
[  617.749347] loop6: rw=12288, want=8200, limit=64
[  617.754785] attempt to access beyond end of device
[  617.760174] loop6: rw=12288, want=12296, limit=64
[  617.765744] attempt to access beyond end of device
[  617.770849] loop6: rw=12288, want=8200, limit=64
[  617.786009] attempt to access beyond end of device
[  617.791042] loop6: rw=12288, want=12296, limit=64
[  617.831032] attempt to access beyond end of device
[  617.836089] loop6: rw=12288, want=8200, limit=64
[  617.875267] attempt to access beyond end of device
[  617.880382] loop6: rw=12288, want=12296, limit=64
13:48:06 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xa, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:06 executing program 1:
r0 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000000c0)='{+vmnet0GPL\'selfvmnet0self\x00', 0xfffffffffffffffa)
r1 = add_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000002c0)="b924be4ca90a59e91a3d8b9c7a5fe28e4c8b8055c7b261ff155c040a8f863b4694975a497b9631ce1c2e950890e8011bf4808c3c96f11369e30312836b184b0a3631515960f83cfa886f6007528165e063843815a2ad226f3e8699653549248b83ab0e06ebcc3eecbc8f42d162f2358bde42529173f162176af913e5ecfac5411d7a09f9f8a9664ed2e43705b0fbdcc4bef8c57947753d8b22c67806e43ba2f88e2f0f0b919eb2abc7d27a36ef940c458e32011ea673e7a08f33b6ad", 0xbc, 0xfffffffffffffffa)
keyctl$negate(0xd, r0, 0x5588, r1)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket(0x40000000015, 0x5, 0x0)
r2 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x6, 0x101000)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil})
request_key(&(0x7f0000000280)='asymmetric\x00', &(0x7f0000000440), &(0x7f0000000480)='/dev/null\x00', 0x0)
ioctl$KDADDIO(r2, 0x4b34, 0x25b)

13:48:06 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xf5ffffff00000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  617.941386] f2fs_msg: 59 callbacks suppressed
[  617.941416] F2FS-fs (loop6): invalid crc value
[  617.950893] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
[  617.976194] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  617.983474] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
13:48:06 executing program 3:
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000002c0)=@getlink={0x28, 0x12, 0x11, 0x0, 0x0, {}, [@IFLA_IF_NETNSID={0x8}]}, 0x28}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0)
prctl$seccomp(0x16, 0x2, &(0x7f0000000100)={0x9, &(0x7f0000000080)=[{0x20, 0x8001, 0x3, 0x2}, {0x2, 0x4, 0x80000001, 0x7}, {0x4, 0x1, 0x400, 0x75b6}, {0x93e00000000000, 0x1, 0xc7}, {0xffffffffffffff00, 0x400, 0xa0, 0x4b0}, {0x22, 0x1000, 0xffffffffffffffe5, 0x9}, {0x4, 0x7, 0x10000, 0x3}, {0x8, 0x7, 0x3, 0x101}, {0xfff, 0xfffffffffffffff7, 0x4, 0x8}]})

[  617.999433] attempt to access beyond end of device
[  618.004479] loop6: rw=12288, want=8200, limit=64
[  618.009538] F2FS-fs (loop6): invalid crc value
[  618.014552] attempt to access beyond end of device
[  618.019605] loop6: rw=12288, want=12296, limit=64
[  618.025037] F2FS-fs (loop6): invalid crc value
[  618.029746] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
13:48:06 executing program 7:
ioctl(0xffffffffffffffff, 0x4, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = fcntl$getown(r1, 0x9)
r3 = syz_open_procfs(r2, &(0x7f0000000280)='fd/4\x00')
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2000040000000)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060", 0x3f}], 0x1, 0x0, &(0x7f0000000340)=[@vmwrite={0x8, 0x0, 0x6, 0x0, 0x4, 0x0, 0x3ff, 0x0, 0xe6}, @cstype0={0x4, 0xb}], 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000480)={0xfffffffffffffffc}, &(0x7f0000000040), &(0x7f00000004c0)={0x77359400}, 0x8)
mount$9p_rdma(&(0x7f0000000100)='127.0.0.1\x00', &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='9p\x00', 0x0, &(0x7f0000000400)={'trans=rdma,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@timeout={'timeout'}}, {@common=@access_any='access=any'}]}})
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:48:06 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xc04, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:06 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:06 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\t', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:07 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x5, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:07 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x8000a0ffffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:07 executing program 1:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:07 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:07 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="627472667303", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:07 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x76742bd9, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:07 executing program 1:
r0 = socket$kcm(0xa, 0x6, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10d, 0xa, &(0x7f00000000c0), 0x69b)
socketpair(0x4, 0x800, 0x3, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000140)={r0, r1})

13:48:07 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3c26020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:07 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x8, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:07 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047", 0x3b}], 0x1, 0x0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"])
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4080aea2, &(0x7f0000000300))

13:48:07 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:07 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:07 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a4cc80700315f85715070")
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000280)=""/4096)
clock_adjtime(0x0, &(0x7f0000000180)={0x8f2})

13:48:07 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xa, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:07 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x8cffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:07 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673f6", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:07 executing program 3:
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000080)}, 0x20)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000080), &(0x7f0000000280)=0x8)
ioctl$SG_GET_NUM_WAITING(r1, 0x227d, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000300)='gre0\x00')
ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f0000000000))

13:48:07 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000300)={[0x6, 0x2, 0x8001, 0x0, 0x401, 0x6, 0x1, 0x8000, 0xffffffff, 0x7, 0x4, 0x4, 0x315, 0xffffffff, 0x5, 0x9], 0x0, 0x1})
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
syz_open_dev$dmmidi(&(0x7f00000003c0)='/dev/dmmidi#\x00', 0xfff, 0x400000)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:48:07 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x7, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:07 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:08 executing program 1:
r0 = socket$rds(0x15, 0x5, 0x0)
socketpair$inet(0x2, 0x0, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000040)={r2, 0x0, 0x3, 0x335d, 0x7})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c832, 0xffffffffffffffff, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000180)={<r3=>0x0, @rand_addr, @local}, &(0x7f00000001c0)=0xc)
sendmsg$can_bcm(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x1d, r3}, 0x10, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0700000054027ff40400800c00000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0400000001000000010000e025030000a255a5c0bd71c28547b824755ccf5b9a97b5d3d3110ecf53b980a45a59fdafaed98e0382268aa33b5ebdfa86617d33103571c61f16599acfdb76c68405778d12"], 0x80}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
ioctl(r2, 0x2, &(0x7f0000000340)="17a4d5d2c4a6ad0ae27ef5bddf58dfafb6617996db2ea820d9a5858a1cd1111a47fbb125e99ba966e59fa2c46e1662f29241e8909331bc44bcbd2610159a7166a031e46488eaf37075c2cc094bcf1c5ae3394fd41ab3a81d13c23da4bedd43f4db8e7a62222cf7d80e02bcbdca15851c6990ec0ecaf184d3acf15be422b5f8a4885f3706879148b94ba0d190d956d72024a2d5d18649df189f40d1725ff48cfae831665c")
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000080), 0x4)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000000), 0x4)
syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x1, 0x60081)

[  619.346417] F2FS-fs (loop6): Fix alignment : done, start(5120) end(19456) block(13312)
[  619.382207] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
13:48:08 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x87, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  619.389660] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  619.405522] attempt to access beyond end of device
[  619.410760] loop6: rw=12288, want=8200, limit=64
[  619.420520] attempt to access beyond end of device
[  619.425691] loop6: rw=12288, want=12296, limit=64
[  619.431754] attempt to access beyond end of device
[  619.436908] loop6: rw=12288, want=8200, limit=64
[  619.442516] attempt to access beyond end of device
[  619.447762] loop6: rw=12288, want=12296, limit=64
[  619.469887] attempt to access beyond end of device
[  619.475013] loop6: rw=12288, want=8200, limit=64
[  619.499091] attempt to access beyond end of device
[  619.504287] loop6: rw=12288, want=12296, limit=64
[  619.527056] attempt to access beyond end of device
[  619.532119] loop6: rw=12288, want=8200, limit=64
13:48:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070")
r4 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x7fffffff, 0x20000)
write$P9_RAUTH(r4, &(0x7f00000000c0)={0x14, 0x67, 0x2, {0x1, 0x3}}, 0x14)
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28})
bind$inet(r4, &(0x7f0000000100)={0x2, 0x4e23, @rand_addr=0x5}, 0x10)

[  619.579958] attempt to access beyond end of device
[  619.585177] loop6: rw=12288, want=12296, limit=64
13:48:08 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:08 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x19, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:08 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xd, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:08 executing program 1:
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x87b6, 0x2)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000040)={{0x400, 0x1ff}, {0x2, 0x9ee1}, 0x3, 0x3, 0x981b})
socket$inet6(0xa, 0x3, 0x3c)

13:48:08 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:08 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:08 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f00000002c0)={0xd7, 0x7, 0x40, 0x2, 0xa3b6})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:08 executing program 3:
r0 = socket$inet(0x2, 0x800000000003, 0x2)
getsockopt(r0, 0x86bc, 0x5, &(0x7f0000000140)=""/166, &(0x7f0000000000)=0x87)

13:48:08 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:08 executing program 1:
open(&(0x7f00000001c0)='./file0\x00', 0x2000000000008040, 0x0)
epoll_create(0x9)
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080))
perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000a7dfff)}, 0x10000a00000400, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000))

[  620.082921] attempt to access beyond end of device
[  620.088039] loop6: rw=12288, want=8200, limit=64
[  620.113951] attempt to access beyond end of device
[  620.119025] loop6: rw=12288, want=12296, limit=64
[  620.124724] attempt to access beyond end of device
[  620.129792] loop6: rw=12288, want=8200, limit=64
[  620.144122] attempt to access beyond end of device
[  620.149467] loop6: rw=12288, want=12296, limit=64
[  620.209567] attempt to access beyond end of device
[  620.214732] loop6: rw=12288, want=8200, limit=64
[  620.261669] attempt to access beyond end of device
[  620.266847] loop6: rw=12288, want=12296, limit=64
13:48:09 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:09 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3e26020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:09 executing program 3:
add_key(&(0x7f0000000100)="6173796d6d65747269630000f623c165dbdd5da4e516feae1218931b7f62f1989e779cb3e199015e6f224dc786b78b696462c7dec58cd05fa42773a0af0a703d63e19620fd165b5d862cf735059c401152746037a51f9d035dcf4197d265f6f5d246b14212db69e767574420fb11a7308eb293967dbd5a729bb8c6833a854e2036d4e9270fef4cef270638e56c144263ecf6903800009d38f68668c21513e19c1311eea8ee94c59609987d033ca3c8ad624dbc5c8958aaa4e9158c5850c6228a22d0adaabe8bb566c069d5baa64e30af6d878c", &(0x7f0000000000), &(0x7f0000000240)="30808dd9", 0x4, 0x0)

[  620.313937] attempt to access beyond end of device
[  620.319101] loop6: rw=12288, want=8200, limit=64
13:48:09 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x25, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:09 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fafff7)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000280), 0x4)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000a5e000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="0f21e066baf80cb89ce89b85ef66bafc0cb8329c0000efb9800000c00f3235000400000f300f0766baf80cb88014c580ef66bafc0cb8f7ff0000ef66baf80cb8ff57098cef66bafc0cb076eef30f07f2f3670f01390faf6fb6660f388224a3", 0x5f}], 0x1, 0x0, &(0x7f0000000100), 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
acct(&(0x7f0000000100)='./file0\x00')
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0101"])
mmap(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0xe, 0x11, r2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:48:09 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309c3, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  620.403643] attempt to access beyond end of device
[  620.408781] loop6: rw=12288, want=12296, limit=64
13:48:09 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:09 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
fcntl$addseals(r0, 0x409, 0x2)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:09 executing program 3:
r0 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f0000000440), 0x0, 0x0, 0xffffffffffffffff)
add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000005c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000009c0)="8a07581ef836f12279ec27f910cf7bc96e35d61f000000000000005f07671ffb844380bd0352b8db3c4db25789c1f9067a11c462ac67da88209e54d47f962bb4ad94000a32a40d271be1adf1dbcb448f293ab2689229dcf8a7174b279b5d4e39925b97c837e44f10960bbbf61ab3b3d326ec1929eddb0d9d49d0e7d3501608a9e6538fe60000000000000000f5aebb65a9d7b8749ae674eb43fafd34503281cf830625a4205246096b06c3ffd2b0d84a1b940a1762b7b2bc9c75ed6dad882f83ed04f464034affc9e593647ea17bb8eb0bab8a35a02b182653c14e5b990d5b64c909fd5bb7a90c53742cf48473dbee5357d8da5e2ddcc68e84bbf93560fa2a377e55454710a17a877b4cb044296bf643044bbacf323ee05618aa76f77868a8d872", 0x121, r0)
r1 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r0)
request_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000140)='user\x00', r0)
r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100), 0x0, 0x0, r1)
r3 = add_key$user(&(0x7f0000ef5000)='user\x00', &(0x7f0000000180), &(0x7f0000000300)='u', 0x1, r1)
r4 = add_key$user(&(0x7f0000688000)='user\x00', &(0x7f0000000240), &(0x7f00000007c0)="b33ab76079ebe0d14f729cd653e520d29ad7ef0000000100000044c249b544230b9387fb8bd6ed266ccf59ee70995bf2e8e2ecd3fff32853747eda22d29be9b36119ec53dc60e2c80b3e9ffa1b81a808ca27e0ec82a1256a8e9a4febf85f2d925493f62113e3575f8c7eba67fc19a9497f5b07e5849d2e875b0687d6401d36616fe0f3c3002801b4621de1632a89525e8e81f750a86eb580fb46c1523b8a25e71690ea52246bd3d32b1a91f944edb74b1f50ae08c5387ed8fd0598b600579f3af3f864e1c324f6928f6672f98f7e149bd61bd78b506e8bd71824cec9a8db26823cdd5259e688752d5491bd542b2ca7d08bdb777695db99f0401294aca81ab60da1a3ba871c128146ac85f3ea40b4ee1122d161c0634b4a20fca2ef693e419a22f96d44442ac0cd4b848bb0c4e66c080de7a02e0b8cd03280c21603b18c0df78b7eb08224c047d41095c8908dfe7f402de625f2cad098eb1fa856b96848378c92a6278e00a3ecebc05a987395f961d1980f0636883c3310a82c3af765570fbc100c61e0fecb39e9357818e3e8430a6471b41cd72941d9bd126457b2ee7b72c49bafc8efa8f72fda778d", 0x1a9, r2)
r5 = request_key(&(0x7f0000a98ffb)='user\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000002c0)="2f6465612f7675746f66730719", 0x0)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000001c0)=<r6=>0x0)
rt_sigqueueinfo(r6, 0x10, &(0x7f0000000200)={0x3e, 0x5bef, 0xffffffff})
keyctl$dh_compute(0x17, &(0x7f00004c8ff4)={r3, r4, r5}, &(0x7f00005cd000), 0x0, &(0x7f000010c000)={&(0x7f0000bf4ff3)={'ghash-generic\x00'}, &(0x7f0000000000)})

13:48:09 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:09 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x40000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:09 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="627472667304", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:09 executing program 1:
r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x4000, 0x105082)
ioctl$BLKRAGET(r0, 0x1263, &(0x7f0000000040))
pwritev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="ba48b857f5ba9cb937676704d64c38da0ae9268fb72c68503d7184967c1f98cd1761481da36e413b937d0cfdc17fdb66287910d9e2c31f57a5f2d09b642e4abdc1a76349331916a4ef87b2d8d56b835f774d01d46e477d812d275a9644187e5f04b28abe523c6521616567988e4e54ea0870db415958b90d02b85822d494c6942e100fa8642df37cae3b9a75d92e31a5544425dbe97ba67654598728fd23e48997c8dcf3455c83a2d225b3856ca9eacabdb116b25082c2ebfb1f223d917a064400f3764237048443f206ad6e3140c86942429e43cff8d20140d46df8d63b4ffef4d1846d1ea3c36e83a8d70dbafa1fa03a3f424745928b8153270da46a75dc0ac8b37ba57c19af121e7f1119f749b3504ab0297b393b5fb35d0d3a2caa83561a5900a705e897db1eb2b60860c5253f72739dec65eeb589883744a3f5996ae6c006cb3e7eef44b6b1998d8264cc2073077ae8b778e3a57fb6d6d4ec3ac2c8dcf82144574da38aa160ba7dfc7449ec3691214257489b963140b0dcc889c4862662ecc52da557df75239deec62314586872858af5315e5dd17cdbe541220622e87d4625d5ff32c19bcb182a2a0d72dd3c83c9693a3ce7d2576cd339816be9ceff97d393eca2d4b2d07128284ca8162d12aa79699c8ad01bf3bf3b113a1be364d287466506a48d75f291f1b3ffbecb5102c42167728697c2c73a497a11fed1fa1495582f953ea7b25a9a6e1ef2689355dbffa59524fb23487fa4ea10838ffdca21e32849d5c9a2bd72f6df94a1b851397352bc3fbfe8bea35a69ad360a8188aa1853c759565ace215b18b352a4acf90f9214c95355009977e629b58ace7e41675e2d50323fad33805eb71e3dd8c286faa3e7e248d30e790cdadfd13f147893e1ba4ef2695ffbb7ddd1c5bebcd98909a0ec4fdbfd9e106977361a156e8a2b515f152919e9d3284b7502c0048dbe168e89815fcb47fa4346af42c9f272c06e26f03c413554278d784cf3b9d23ad110b93eb80808afd546fb8ebfd22a804b203cdcc141ba891201b7c498a1fad687144a150a26cb6c40f01f34eb46ea78dcfce2afda9a8cfd5bb8e21b649a5ffd007ea8bbc4d2476fe1e5c16a9d55ba905c83e29999dbf21cd85bffa78c71aa977fb4cfc5336325c78ca5c274beb2cb4c8c78f3a037672341acde8c8111de128543c57ba74b52920aa09bec5aa2ae3fc1f60e21d5195bc744f9d11a498a04a8c6a3c5c8f4b8a8de79ae79e89234bbc458698345dd15fce78a4ebba5542a8c96da9fd99dd3532debdece4db04166080961b172f4ef60f21a1a7c8e551f28d0a897d2574cc4668f12d162b7cdcb2bd894f0c880df6a82a3a422949dcee810fd47eee6095a5d825d838d9dc323aa8da3959ac49696dfa0a5cd36542d2570b15cc1f0a46079a44e47cbafbb705e884073873bf88d363292504ca16b73b1bbff047014864eda1e32a404c639428a398738d3e168ea4ca85398663411b59791dbc67e073872b0f54412448ea7a877f367c783e5b36218a24c7ac82c6b1a1bb406b066ca0a58caf66458cf96c744a153bc5b58248314bf903da3812749484e46f410cd31298a63fcd5bff0eb401d1999ed74152b56a18fe9d8e0f2b34350375a89134f6610bbbcb92fd13ca7720c5f00bed8c3a15b2784b5261b8642399d6f0b591a5aad0dab82860329466f1a15053b48de5a761614bfaaf2b7c2517e95372c824a166cb24f7b835165ec77300ea9a8c7e23d5b677aeb14ab74c7e28854a1f46f4b606e23cd36822f7ca26c46bda45c8bc6cb4c1cf5bf8ece68319fd806e56049440145518617b8925d9746e4b123f485f2763083ad3f176068f82b54b28f7ef35973a5f1212804b05b473b7b0c4357640647ca28754e7236ff9c56905f6c0f94619d0af9fd7722c918e6091d8b4f07fbf12842c7ed07a490f1562a4eaa5f05ed1b5859a22bd084638513630d0ab2ec9cafa12ab50c24fcd7c7dcc9473fc5a50b980c94df2567c34cfea77f5906c5f60d545fdcdf035cf3215313e885fe8e70ded15d0666d7cfcf08b92626de26f712ba99db51bb2f819be1ca6e3f40355e8f40f0a5fe3cde087753d03170cb67286ce747a280f0f72d907f39ef3a33d663d4355ebcdc34044d3f4196539630389607fd79ad11e017bd977549961ffa9cddcd2d345e9ea368ba261de03a9356a6d11139de34cac631f09a5c367f2ce4b29933f2cce05c3add0ac174e3f596ef775c1d2288f3373c8701c9a97e929c68a07df5b425f6eb2aa1199dba01af57c7eee8ad831c9d96983030097316b9517ccf474f0b6c05ae91a10c394995b78f6dd9e4e73ec1fdc044eed3231cc9b92519a59c8eb21bb6d99c6501680f1c568371be322c6d8f7dc0f6f8c8b43d152b139a74bbcba6731f6a34a9f9c14bf0e9db2d26524acc37f5e01b26680d7389e16f6f2c6cec2288cb05db1f2b565bd2b6ae5c5acf4c04561bfb9fcbc7e057468474c103c2b17f37adb33cacb05c62bce0614692d721acf8ff1804b9ba735bc8d98d34a044ef225726babd629ec0c0bcb9b13400d825ab87aa75b26213acdddf32b9298ed2545b504ae61941b442ff48aeb03a8e5b61162f2748d625f2b5363cc67eeb906ccc6882f61705730a30454cebd95a0cfd08bc7f7112e1ea2fe806eba0875ead4f31f28562ee1cafe8c2670b5c9e03a0c3cc41819d885bd0b96ca241c00c42fd57d740b166eee26cf3847f630534315dfc0194f9e6de4eead83768ab73e6e3decec78d0b9977be6e1b91cc231f489fe97bb7bcceb6e6573b4d8ab2a11b37868c2c3f662491980cebaacb9286edee7a2219099bc3b28012ff1b031e379bfdee2100dae411eafa21078e14deffc6dd7b86f9cf06de148cb7989fd1b075a46660d503b6f309ff66efd488c22d81efb7b32bb2ff88fea8e2ea3efe808b2ffbf9e7939018155086e653bada667d0e50fe2051faba9bfed13bde46d2347bee82e1879d6291bfd30c5c4c2465344c8ad2f7b7819869451593d72ec20a7f7adc6be57537da2a3c1b1d157b9b104dc9407ff72e2fbe890f264f28200d4a44f8e63741509dd4b59922ded76665912e4f98d8b0839f1a7a5f34e8a375e3369c0311ff6dd5af52b0268be410806888923917033ad5cb8c51e42aa132a7ee788ea786759c17e6398623c27d47886375971f6a3188116a736a0163e5d586e00fc6944cac069317b0cb25519d4fe613682b2075ba0dbb214e6e6961d2e1f3e9bbcc2a0913605236529f4326494835b159ebc29951d28cb21fcfede8ea1a8c57e1fc4c0ef15ee42018d488540384011695595242de5854b6df956f304b26b21a9b32ad01831101e20379f248b20de78ea334f05c50c9745ebf0e89bfeb11150797c0fd26170797fc70bac16cd0513acd83cb3b338ea0e64d5c85b2e790cf788e48ee2dfcf9a88600831ad95a0d6969d44f498ca69672cfacfeeae5c16ab5fd591bc86a1516c341f06b83fc564bee1680147ce9eeea597ad3b80e2f989ec6fbaf518e7dda9e61e724fc7ed74619bee28fb1df990425783cdbb27a08c04bd91841cf18d8e07674866842b41c6851c74279658e299a81dd63901845c50b30eb3abe4bd0d6935c9dec89e9db7903d8904f0e7b87ef4952b24aceee0f6ef90ca184833b0b8dddd1d75fb9f285f47e80f6063723748339fc6b80fd29b3983bd415841d19b490ee3fcd7a5590c4a7592b6c2d412f7a3173dfff97fab20a5806d569a5866054aa95c2b19e7814b2188925dbe59ecac441ecddca3249fbf9b86a4ebb90384d0efa372d7534776671d538cee38952f5c6fd7dfa1afa81bb1e19ab95ebb03c09cb380f881e10313dbebdf11db7d9628e68523d0dce44d95ab099902d7ab020ff8e5854d4609055fdf5294cae19610bfd1acffdd2cc90a6ae0ca5276e3acb2cd4aac5d145751610914c9de698b23faa6f1fb0b191fa13a0e3a2e8040bc7ab781668a02908578db5403fd0aa1cb054c25184e7d9ce316978dbcd061b35807fc89c230e65e56a98835411d2ec419504fa1a5b75bf66e242d223f3e9d95407d615fdb8c12f40908231c94e05358abb29ed483a294bfbfbeec8c3fa25793b1e56e80d598444d43136ea9af530a24e0b1aff7222edfb674e64bd48029b02a3b232c79b16d2324bc2ea4a1e844dbcef50d125929f50d990812b130dd5a2215e81fe2584a2c7808ffbfdfdfbad67cbb87c7a5470f92788d8fd7cd03fc77ea80233be71238b8e6944a4cab5941c1c6ae1684733eb3bc2e7f5baadecdaafdcb91c26a7aaf92a16c9a558cd14c08867b290d80e1b7561505c44142214fb760d079b960c5a72da35c774d2ea7e23dff833f22147c0f4ff568b82822a45c470d86e701760a551cf5f863ab65666f7b21320d9171031a7362733de22454bfe5cd21dc559d6d412f33ceb33ec4b84873f5b3aa196813ba42752420da3219b768e5a3621c47a74bd1ecd85e9e785d7a43dfdfe0a8b2cd170fda2d6f71eff24f909ee3d43d38e560affffbed3c60756433c811cf8aae9563c1e50cf9eccbf14feb7bf22d1736debd9238d90a60bd7bcd7b42fcd8e8bc22d9fb616a68027f6af0854b43c355e03dba81a8fe93a767591835850a384e7d2883565786c3477edc6ae4c866b2571a19442e673ef5c2932135eb0e7ab9da5799c70f7a811e39fda8933d933fd9e411418e6ad70d97a55455fd3b8672bbf74f89ac3c4174295b8ab452fbc6f26aea342474f4d542aeb13d7273aedbd8688d2225ec021cc3153cb5c04729cd9815aa444e4db6d086da9f433d7979c436ad0040346f4c3a4cde5468c2e276f4467024d0f98a444515a9a9a5962da473876e77687cbf9a5f89bb7526060a4ab58337e8a53c9f57e6288418fa25435cbf52fd248cda9b180be65a115992b4a2c16d524cfbfe70efd4d906021fd886303ed49ddfb60b625036f898b95d49ab6fd2e6aece573d08624fbead8b61191a438f60347505d75fd9616f6389e33bd941e5af456b6af6d9f0898c32e1fc20c4afc0976bbf697333492c00371883d3fe900d2452c9bcbfe3e3878370de09dd5369aa5eb79199685110e3648d6f72585265161695e7de61c26512d5ce65f6d3f614c27518ef5d62e8211344ae59900b2d717a7d9ad2f7c1c88d7ea728a20df1d8cda4f6a5a69c0b9462cc94d82cb092e4da4a3de00dc5f7520298a189fd0c4b00d1fa337884a0d0398fad0d3ddc4e01dd2b2b6a98d481cd89a592c33510eb95813b8cc314b8fbbfa001db240aa87dba1b107e9ba89a91ce09ded6cf151ec9a206ba667b76ca50b640e60405a3481bc7417bd3a0e0e576f1ed5f2895971116d79d7b4fc38f519b7e3ce29faf208d7da0b9a927539d6d6a66875fd55eabd40f477fa153b529e3f0deb8bf0d83690ed33c0c3091fdbe929e17157c223660f484515f318ce60d0efc96bb454dff85e038fa629ebd7db4a7df43e9fa1f870be4c89a8dd77f5e55131061b819ebd61d3d4251c8ce8b74cc3308a1814f601907318ad5e62bec3457f27cbed1430e9ce1264a912f7c0d7eeac6f81a767b60544a2c82bdce6b5cf6353f9772239386c20d14b15f46d7d4651dacb915c50ec25bce7b5ec1b0b8f393e7bb0a6dcf9678a7ffeae132bf4ed3a26d68f739668098a5c34dd5e723df472babf8cf011a342bb5238de1bc190b00d69057b3eafa95fbbdaf58de396bc50332185952369c4cd8e41acd271112430e87bc249e2ac6230b23c82ab2c10d68fc24882a48058e93463f600576c3ea411eb5f215e261be9d98139", 0x1000}], 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)

13:48:09 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309ab, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:09 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = gettid()
sched_rr_get_interval(r3, &(0x7f00000002c0))
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0x800, 0x40000)

13:48:09 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x500, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:09 executing program 3:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x101000, 0x0)
ioctl$RTC_IRQP_READ(r0, 0x8008700b, &(0x7f0000000080))
r1 = socket$inet6(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet6_buf(r1, 0x29, 0x3d, &(0x7f0000000200)=""/169, &(0x7f0000000100)=0xa9)

13:48:09 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs#', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:09 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0x2, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:09 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:10 executing program 1:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@allow_other='allow_other'}]}})
read$FUSE(r0, &(0x7f0000003000), 0x4ea)
read$FUSE(r0, &(0x7f0000005000), 0xe83)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50)
read$FUSE(r0, &(0x7f0000008000), 0x139f)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
lstat(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340))
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write$FUSE_OPEN(r0, &(0x7f0000000640)={0x20, 0x0, 0x3}, 0x20)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r2, 0x4008af23, &(0x7f00000000c0)={0x3, 0x9})

13:48:10 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r0, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f000020d000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r4 = accept$alg(r2, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f00002f8fc8)={0x0, 0x0, &(0x7f0000002000)}, 0x8001)
recvmsg(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/1, 0x1}], 0x1, &(0x7f0000000100)}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000000c0)={0x0, 0xffffffffffffff7c, 0xfa00, {0x0, &(0x7f0000000080)}}, 0x2fa)

13:48:10 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x10, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:10 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x309b8, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:10 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673f6", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:10 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:10 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f00000002c0)={<r5=>0x0, @in={{0x2, 0x4e23, @remote}}, [0x7, 0x40, 0xffffffffffffffff, 0x5, 0x8, 0x1, 0x3f, 0x9, 0x8, 0x31a3, 0x4, 0x4, 0x5, 0x2514, 0x1]}, &(0x7f00000003c0)=0x100)
setsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000480)={r5, 0x4, 0x2, 0x1}, 0x10)
getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000400)=@assoc_id=r5, &(0x7f0000000440)=0x4)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:10 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xb, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:10 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00007e5000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000bc000)=@abs, 0x8)
fcntl$setstatus(r1, 0x4, 0x800042c05)
socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x8, 0x6, 0x2000}, 0x4)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0)
poll(&(0x7f0000000bc0)=[{r1, 0x8100}], 0x1, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20000, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r3, 0x111, 0x3, 0x1, 0x4)

13:48:10 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4026020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:10 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:10 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:10 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x3141, 0x80)
ioctl$EVIOCSABS0(r0, 0x401845c0, &(0x7f0000000300)={0x3, 0x10001, 0x3f, 0x8, 0xc9f, 0x3f})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x1, &(0x7f0000000380)=0xfffdffffffffffff, 0x4f7)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:10 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:10 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xa0010000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:10 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$inet(0x2, 0xe, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000700)=ANY=[@ANYPTR], &(0x7f0000000840)=0x1)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000003a80)={<r4=>r0})
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000003ac0)="a7685cb722d515ce2dd36136bddfd74f", 0x10)
setsockopt$inet_mreqsrc(r0, 0x0, 0x26, &(0x7f0000000200)={@empty, @remote, @multicast2}, 0xc)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000180)={<r5=>0x0, 0x80}, &(0x7f00000001c0)=0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000400)='/dev/audio\x00', 0x10000, 0x0)
r6 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r6, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r7, 0x6, 0x21, &(0x7f0000000040)="eb280a1a75511eb82753cf3edb473d6a", 0x10)
close(r7)
setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000080)={@multicast2, @multicast2, @local}, 0xc)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000680)=ANY=[@ANYRES64=r7, @ANYRESHEX=r3, @ANYPTR64=&(0x7f0000000500)=ANY=[@ANYBLOB="2755703efedf5f6c04d57b905a2cccc2fbedd9adb51267fef8f1afcfab9903d545a6e8e732c5e37686f18b977c5b4c484722ceae6309bffdbbb85d1360cc50d8ee64c1b620724abbea636b7a9a350746f63ec8f6fe8bb307c5807a5d60af649a15630cdc6571566b6d852982a05ae013355d9e659d09eae29e32dd86a15a8212e8b1966c"], @ANYRESOCT=r3, @ANYPTR=&(0x7f0000000600)=ANY=[@ANYRESDEC=r5, @ANYRESOCT=r1, @ANYRES16=r3, @ANYRES64, @ANYPTR, @ANYPTR64=&(0x7f00000005c0)=ANY=[]]], &(0x7f00000004c0)=0x5)
setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000280)=0x3c07f944825fb10b, 0x4)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e20, @rand_addr}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="870000002f0000c90d038814255f07bf001c010000000000"], &(0x7f0000003ff6)='GPL\x00', 0x0, 0x1c4, &(0x7f0000000000)=""/195}, 0x48)
connect$pppoe(r4, &(0x7f0000000240)={0x18, 0x0, {0x4, @empty, 'bond_slave_1\x00'}}, 0x1e)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000002c0), &(0x7f0000000380)=0x4)
setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000380), 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'veth1_to_bridge\x00', {0x2, 0x4e22, @broadcast}})
recvfrom$unix(r4, &(0x7f0000000300)=""/60, 0x3c, 0x2, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000440)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
sendto$inet(r0, &(0x7f000099bf26), 0x0, 0x20000000, &(0x7f0000000340)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, &(0x7f00000000c0)="9a", 0x1, 0x4008010, 0x0, 0x0)
close(r0)

13:48:11 executing program 1:
socket$inet6(0xa, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='rdma.current\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={<r1=>0x0}, &(0x7f0000000180)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={r1, @in6={{0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, [], 0xe}}}, 0x1, 0xff, 0x80, 0x2, 0x20}, &(0x7f00000002c0)=0x98)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r3=>0x0})
connect$can_bcm(r2, &(0x7f0000000080)={0x1d, r3}, 0x10)
sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000003f24)="050000003778d9f1ef73ada4753dd58b4d4b6e689d30d71c32fc0b98143e037dc1250278424e1b0368a82cc15eb4037dc12502000000b5e8", 0x38}], 0x1}, 0x0)
close(r2)

13:48:11 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:11 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x41260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:11 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x14, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:11 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfst', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:11 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:11 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f00000000c0)=0x7f, 0x4)
getsockname$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000040)=0x10)
bind$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x9}}, 0x1e)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, &(0x7f0000001580)="0f20d835200000000f22d82ef08254faef60b9800000c00f3235001000000f30db5ce90539a906000000f2f30f234466b809010f00d0c4e2e0f35200b8000000000f23c00f21f835030002000f23f80f001b", 0x52}], 0x1, 0x0, &(0x7f0000000100), 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000100)={0x6, 0x10000, 0xa, 0x9, 0x8, 0x0, 0x2, 0x7, <r3=>0x0}, &(0x7f0000000140)=0x20)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000180)={r3, 0x7, 0x0, 0x5, 0x8000}, &(0x7f00000001c0)=0x18)
ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000000500))

13:48:11 executing program 7:
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000002c0)={<r0=>0x0}, &(0x7f0000000300)=0xc)
ioprio_set$pid(0x2, r0, 0x8)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
socket$pppoe(0x18, 0x1, 0x0)

[  622.587903] attempt to access beyond end of device
[  622.592983] loop6: rw=12288, want=8200, limit=64
13:48:11 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3f000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  622.663656] attempt to access beyond end of device
[  622.668727] loop6: rw=12288, want=12296, limit=64
13:48:11 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="627472667306", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:11 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000011c0)={0x1, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x6b}}, &(0x7f0000000100)="47504c030000", 0xfb, 0x1000, &(0x7f00000001c0)=""/4096}, 0x22)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7ff, 0x4000)
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000040)={0x3ff}, 0x4)
dup3(r0, r0, 0x80000)

[  622.777720] attempt to access beyond end of device
[  622.783135] loop6: rw=12288, want=8200, limit=64
13:48:11 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  622.831020] attempt to access beyond end of device
[  622.836232] loop6: rw=12288, want=12296, limit=64
13:48:11 executing program 1:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000140)="1020f5f20100070009000000030000000c0000000900000001000000020000000000000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f00000002c0)={[{@resuid={'resuid'}}]})
keyctl$set_reqkey_keyring(0xe, 0x7)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x280802, 0x0)
stat(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getresgid(&(0x7f00000000c0), &(0x7f0000000440), &(0x7f0000000400)=<r2=>0x0)
write$FUSE_ENTRY(r0, &(0x7f0000000340)={0x90, 0x0, 0x3, {0x0, 0x3, 0x3f71, 0x6, 0x2, 0x100000000, {0x1, 0x0, 0x3925, 0x5, 0x69, 0x1f, 0x6, 0x5, 0xffffffffffffcead, 0x2f89, 0x2, r1, r2, 0x3, 0x9}}}, 0x90)

[  622.934876] attempt to access beyond end of device
[  622.940011] loop6: rw=12288, want=8200, limit=64
[  622.946438] f2fs_msg: 55 callbacks suppressed
[  622.946447] F2FS-fs (loop6): invalid crc value
[  622.956213] attempt to access beyond end of device
[  622.961564] loop6: rw=12288, want=12296, limit=64
[  622.966978] F2FS-fs (loop6): invalid crc value
[  622.971862] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
[  622.986519] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  622.993773] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  623.033004] attempt to access beyond end of device
[  623.038239] loop6: rw=12288, want=8200, limit=64
[  623.050930] F2FS-fs (loop6): invalid crc value
[  623.062743] attempt to access beyond end of device
[  623.067952] loop6: rw=12288, want=12296, limit=64
[  623.073247] F2FS-fs (loop6): invalid crc value
13:48:11 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  623.078219] F2FS-fs (loop6): Failed to get valid F2FS checkpoint
13:48:11 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0xffff8801aaa512d8, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:11 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000180)=0x400, 0x4)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000002c0))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:11 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:11 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f000000cfe4), 0x1c)
sendmmsg(r0, &(0x7f0000000080)=[{{&(0x7f0000000000)=@in6={0xa, 0x4e22, 0x0, @mcast2}, 0xfffffffffffffe36, &(0x7f0000000040), 0x0, &(0x7f00000002c0)=ANY=[@ANYRESHEX=r0], 0x35a}}], 0x1, 0x8044)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0xaed}, 0x1c)

13:48:11 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  623.286776] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  623.294076] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
13:48:12 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  623.393681] attempt to access beyond end of device
[  623.398870] loop1: rw=12288, want=8200, limit=20
13:48:12 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
getuid()
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r1, &(0x7f00000002c0), 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
sendto$inet(r1, &(0x7f0000001640)="0f", 0x1, 0x0, 0x0, 0x0)

[  623.475141] attempt to access beyond end of device
[  623.480224] loop1: rw=12288, want=12296, limit=20
13:48:12 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$midi(&(0x7f00000002c0)='/dev/midi#\x00', 0x3f, 0x113480)
ioctl$UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f0000000300)={0x5, 0x100000000, 0x3})
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/pfkey\x00', 0x288980, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  623.546569] attempt to access beyond end of device
[  623.551868] loop1: rw=12288, want=8200, limit=20
13:48:12 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x4a8, &(0x7f00000000c0)=[{&(0x7f0000000400)="1020f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  623.625139] attempt to access beyond end of device
[  623.630222] loop1: rw=12288, want=12296, limit=20
13:48:12 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x800000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:12 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  623.686746] attempt to access beyond end of device
[  623.691863] loop1: rw=12288, want=8200, limit=20
[  623.769014] attempt to access beyond end of device
[  623.774087] loop1: rw=12288, want=12296, limit=20
13:48:12 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="62747266731c", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:12 executing program 3:
setgroups(0x2, &(0x7f0000000340)=[0x0, 0x0])
getgroups(0x1, &(0x7f00000003c0)=[0x0])
r0 = socket(0x3, 0x806, 0x401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={<r1=>0x0, 0xa9, "fcf6c948857255827eacd1d0faadbefaab8972d79df8010e36cf3a31cb9e14393b2dc823b544e2c52142008526e293f9e9eef93097255d93080dec549e7d72c7e297aa3fd15a1bb2a812a779e5a814e45b42ad26bf0cb555e25609aed5fb5d177ea40feaec26071a5ac30b5d6f97f827bae03fa3b98c11c75507c8e3189ba89f76d85475586a2e356e8f4e9ed3fd973222fcdf5aec85928520c2abf6ae3a9670008aa44625e408907e"}, &(0x7f00000000c0)=0xb1)
setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={r1}, 0x8)

[  623.830143] attempt to access beyond end of device
[  623.835192] loop1: rw=12288, want=8200, limit=20
[  623.883372] attempt to access beyond end of device
[  623.888509] loop1: rw=12288, want=12296, limit=20
13:48:12 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000000000)=ANY=[@ANYRES16], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r0, 0x0, 0xe, 0x2e, &(0x7f0000000440)="ca5597c1fe2e08ae8bae672986dd", &(0x7f0000000540)=""/46}, 0x28)

13:48:12 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0320f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:12 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:12 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4226020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:12 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="62747266731c", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:12 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\b', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:12 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x3, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000040))
r2 = syz_open_dev$dspn(&(0x7f0000000240)='/dev/dsp#\x00', 0x0, 0x20000)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000280)=0x10000, 0x4)
r3 = syz_open_pts(r1, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_int(r4, 0x1, 0xb, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
read(r3, &(0x7f00000000c0)=""/1, 0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140))
ioctl$TIOCSLCKTRMIOS(r3, 0x5457, &(0x7f0000000000))
r5 = gettid()
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)=<r6=>0x0)
clock_gettime(0x0, &(0x7f00000001c0)={<r7=>0x0, <r8=>0x0})
timer_settime(r6, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {r7, r8+10000000}}, &(0x7f0000000200))
tkill(r5, 0x1000000000016)

13:48:13 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1420f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:13 executing program 3:
r0 = socket$inet(0x10, 0x200000003, 0x0)
write$binfmt_elf32(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="7f454c46043f09d60200000000000000000006000100000001000000380000008a0300000900000001042000020006000000acec0000000051e574640b040000480d000003000000ff0f00008d5100000100000007000000060000007f000000ff7f000000000100050000000400000007000000010000003c229e4b38603af1ef054a17c80627ea8bee0d31adb18601bbb168629bea8068d3ed7b4f6e0b4557e712202da9f8f3831f8b1e78ef76170b4b5d6638b5756d55253672d1ffb68145dc1663df1ea50a931d7566e2184ef190f9c3d8d547abcb6ee3bb181aa5dbcd1e745757285034872a939ff335ab27f49a699f6c3f7da7dfaab63d8b1987fb97be821da01bec10ebcf6ccdef9408e900147e1274d6b3d44fe78c9672ae5d549ce8aa27590dfb06f1e26f75a34e34777cb6717f73fefdfac279a368459379255e89a54bd76cefdb80cd23a0ae1a99a3cb88e444c41c53d345d127aec58e9c6e21ff0ce45d3a3661916479be528449fd4265000000000000000168be6bb97f2b4436ec3c735f4a315471b13abad16e354095dd7497cf388bb21e99c5857d313855cd269fbaf8e1d0ca58afc1224694ba9f8427b6bcc3d1d3436ffbdbdfe50ab3f7cdc7c573a581e5130081f4bbf95002477d3b9e14c829a5ad707830b4b05aa11b3f894b290cba6085b7ee4ac826eca16ac98f5ca560efce7dfec485a50c33f7c8e8eee6ad0c8a9bc920769e705d7688e597e57ee333a4adc8788579327f9ecfcf91b838b6d2f19dd8fd8a1495963d9686c934ddaf6c6ed532937879976fde9ff1c4a5def299094d2c70c013f34a62ee2208d33eba3c85ee4ea0febdfd0da8d584e5fbacc1c93109943e2f9ccfec626263047653be212b93aa2474ce0adb08cfd79d7cfe2fa3110327b6e33555fa6dc8fe36f2a6823c389e6f4c0be6791befd05978a5a3e6150b5bdd658611e3508f46571323467b587ee8daf0b20c503f4a57954c299b40d8c6fd24663215e432d5ca47ca11f1a115ab53c45023203ff4598bf3378386b6ddce5190385f85616261e1a3d6f1f2adc5f73bc859a4699a373231f852dbaf8a4e59e3529d8ae2fe95824a031346551f6382f7f1ef57e86f7013f8cdc1ae485e01d8ae41e5eeec5b4bcd8f5fc855900efe7dbc0bbbb9a22e3a720bb4fa218b06ffa0f500c6336baf4396d3395a63111d7041e8f8e2ad4b2c7a45faada5267459a74d70bdba6ded5205f6a8e903f77082749d81f021d4a14a2c41fe4a0d2bcf60ba271d761a99181d3e528585491ceffc2d9ed37ccb1f29c9ce1fcb52a382c9127218b86c92edb90012beba583ebd6abf3ae9512c05144ba07fbeb04663f78080b1b90f4c54af04919a3d8dbd2985e0d71ffb910e8c259ecf645d1a0034068550eb46ffc4758bddf2ae299a21d0ac1a56ee68806f2afde503939ab6aec976abeb8f95c193771ac7b02ff1d1b61f0997725b219c524d7969c808487a17cbd9b9faa04996f873e312e1c0725b760960c31087a7851fb916a29cb5ede8cfe9147e9dc85e0373fa0681c91adcdcd44357c6ecf5ce1ef3c44bd877e23b5fbc2841111da70b0a086e811ea9a3022b92922309a7fe5415e94334a06cf0d5c639a23bae427312757e7a356a3888c3c7c77febda3bce905ab0ee943188fbde43492a270f89067acb433dde12732bbd42d426e13c05976066586a50ebc7a9e8439f53ea7e33f0447e8f5ba1e33802e122b4bcb6b5a1ac456434c122b9df996a142a3928b484e8222348f1c27a983c2d5c50f2da89c2888ab64ccf5c04f8e17e8312c6749230614a46e6f63ce03593daf1cad110f104697770b245846b07fb86861ee0bb496f3859450285635d9b9dd3904429bc7acea5f40de61b9423073b4c6692f98f16a1dfd937be7f3f7704fe9690bfc0dcc2439403265d1864a0b8fb4cd52eb0f3e21445d921bc7da74a6efa2d3e73027d61759f9ffcfa6057f18ebc9cd0ec41db810a80ad96fbd72f8fec3a80358f8f3249acc0301e31381d63a5aa9377c2e80bf1dadcc49020e45943741ecf189ead3b447fcaee73adf1880b8cb9266ae7fa9a3be353081d21c658a2f1be51d24697c46cf3d072349f63fdeb107a012c2fe08c1770c8c9bb7ecdd93ff8321eef5e472925e122bb9fef671a8b48b8087fffd3bcecfbda40f74939895d17b79bd6c2d03033cd19b2774cfa41dc60f4442055c15191a3be79c4c4624a1606448943b0a3c092686bca67d2272332c2f8b8d3c44baf0c6615a5b88371f886d131d56d373e14e50509604962bb65430b9fb5455a356cc751d956979e77e015d0aacd03f53747653d36e22c6e35e76f53b77445094cbb7801bf359770de7339b1011712da4c04eb09b106cd4f117acb45d9234f1ea30dcf120ac4a41837b9e67e818668bb1aaff7e7a9fab8556cbdd125af7e8b41dfbf58ec8bd5f7e12e0f31ae8fe4b8fd0b03423a3868f1605566c592c6848b74824507e00645f0afd4ce3573d441c8ab1abbc7e600227aaa12ff613bd67568198556b22b5cedffdccd7a8eb706fbdca5e10fc2845b41996299255106fffb3b2aac4f6324119841d3edde79df4216f8dc0c77f33de922ad85e71b2ab07059b37dd958457b8b8f135995a2bc6eef5509c69ed47195f0cbf188e076f06750b5e833abd144474f50463f9e9c9ad6e5907f166a277031c94a08dd23e3e7105631ebe3b080b79d977ce4b1d193820d2647b96fc6c68a1df5cd1cb304017a75fd68aa0b6963a5cbe2e9c44c8e897fc9dc69e30ffb655164163121bc7dd872e2cb56b519aefcc33dc0cab636fdb62bcb52eef18ebe4035f88c88cf57391f9dee4b60d1fad88d0ec2e7ce64c890e5520012fb141aa7ccf1c810257729cc3873df074b04b1b60c96a4aa91425e045574800aee131655cad67d1acf9bf164d80647dd71e2d73f1df3158c79625fba3b160f58d241d2ee194234964637a5d0d9eff4e06f45d96823e7bc07a5a17b5e26145cce60b7faa6fe3a67372a7e7b7320ea75766e54dc838bd04cd5e8142b123e8da8032677b864df9f5efac79c40807afd8e1a06e64068fccb2eab8e0e6b2739e92b999ae18fa443e92368ff4f0cd504557bc5fa0c041ed22d9fc3ae508eab8ad3ac4b6a9fe91f4f68af2b2c4b80b1d2941e7f21c3197cc2b72abaadcf999c92a91cafce4cec60133afa1fec39ec1d6c09e24097f83e493742f42e23f8aeca72d19e065d3a1efec496b7c9b41d75425b2b2c23621ab72877defc8cb43dafe2b3b7f56670071e60aef43f9e63e7af1bd57b24fe962ff3d5aeb6625311b1ca009687962c966eeddb82572b7e7ddab7c680cedc93e347c418f6fa497a87f50c74064dc335a91b6095300ae7df814fb37bc061ebd1377a3c51592a965536074cf501d7f170531336ec45102b8d6f4aad5063458da33e502408c704b0f63b9a8a1ffa5a3fa413e2f2b75c3ab5515913f58651e95a854d17bbe8e9be75b37b58e4ae917244d0cec0aad990671d6ab53731049cf22361339e4bba6496b800726be91d4ca87aaffe382e40ecf48074c38af37d84a3ff4d9bb2fc6d18b1d176049e0b7f9f7a3029fa07be04d45438c14ad6fcaf45e7ce07b069a482a49079a88e01acffc12507950771151d79dbf42dae71bb885595824c1b89b61a24ecb40a5599e46547a1ce12f024ee330aa642ea2268eaea9e85d2f6fd90477ae9453efae2466a9d1980e1d8a8feee900abe0b6ef1b0c245e7e5550e3a5bd26c2bd4b57822e05409ef406cdae54dcf0728d74465f1286c24fc49b562522b5353df5b9ca4efce05e967729d5fe5113f3d4afc9bf72ee16b630eee3aafeaed4b169f18415af2d5721c9badb8ba3c48beba2251f59f32f7cc049907e9b325ab4436a9dc3d057e0efcf3e0496f9244f54ad8ec022b59c3917f9cb3eb641bdbc280953ea02b0c1b9f0f832eb22c67b03d9a2f2b5740563c1ad0c510730fd41b3f2a35fe2591327318e612d8828783f13339a69989f3ea54bba5f30eb37e94e0a4295920eed8d4a496a1fd480e4d317145519807eaca541e0ca14441b6506f29e1660a2e6e2576ffd466e3d1335dbb3d8b2f311c8f0c11a90ef3185889c6c845a443f35f26656e064ac0aca09375fcdd4bc51658bb80606b73185fd1fc2984133f020ad8227dbd8a2a5617bb2802ac92754cd14007d6aa0bd91a7fa79485b7440681a6a9293538947622ec3b5571b1d124e4ca4a827c2086f7c3aaa550337e867fef34799a17e4b9a72ca67eeccddc8a773dc75b978946d569ac502c31adb51fe8349afcf4ca2f0ab9cc1a26d2e6bf5b80d66387f6fc65c16df92279b50316c1358bb2ea1341fecbef9629a9bf058219eb0eebe0d8b6f84fddcd1e44dd1e79a75267d7f254ed8aa3542d10dd2c00270f8fa3618861dbcd55185a2cf0c593f131bee1039575037c2694104050c056ca9f53db6dc933427aaec11f3de08078448a443b99d59e349c8b519cf5c4574bebcfdbacb5087d9f416334f9316728e80b7f29674ecc73e06d1576c9b2433743ca52253027f80c2d2400754dbf01a6c6877e8973dd19bbf01be905bb60e944ae06981cae7f953933f3430267d3af803d5706e05e3f9cb7ae51d6ff19a4feaf3f74ea60653d0480c2ee291e985412a3e81792edca681aaf77e5e37a597b5516991f527ecd45da3a3fc6ca01e8ae858ae0d4fa0a6ac3af9e9615a71c5fce959551b1cf7c72d370a43692f46b218df5ae580c6ccc11ba2f17829236555cae67b46f636ff12a53d91daeb01b22f1e0fc4247dbea9024e102b46df66d659c89de1d2c432ecbee0c5bd5cc3f96f75a21b45f95710aca89da935a65b59295d4f7bf67046978c4ead522c88989573145aba943eb2b90f934cca3e15243d804314140b5595950d0c26e3996c8fe79b7ba0a6994a66dacb9305e951e832df967591ef25e620413aeba906c25cd992adc1d13e9af0df3abdc0f0ea6fba83a3e03af0866247c1ba3ccf6b7fb1d1819c5ef5feaa0283452b3ed6a3e60823e4d197f35547d154f7b8cdebf0b6ff15982befdf90110dacddd26d325766f0f72d43cedee2304f63cb1f9ded4b5452cbf1d0c6bc6051ec914d731bfb1eb6e8889ef3a2012a079c38be384a9936c51b95d57fce3a589e014698e4ba38c2748a34db96ae83d18b3e201a25bc0f3abd8fe192f636688153fe234ed78ba7dd81f9cd3972f2c2003e0b9e2ae5d19b56ab34952b59360b318d5dee0abbbdf9cdd2a0f532cde854223d8a96bfbba335abd2d7eafa85c33312206d3a78a1831d457e33c12ee938af70acbbf5f46c08826f99249912b578ce8192266c2df15d79931ee18a4399f6ba3ec484f478f2ea1c159ebc6d2e26b359bddce5791188b463d0b6e373516304f30fc440a1ac32adb8a2e908ea1a321e4f38778e414634b8da73ec3663e37fa449dce0400bcd8c6600c43877a5ee245bee166f9d453bab0a303b6d7a4c09da4424d4291571d716df37d951c250fc5b45d3dff3896fcb56b3177b30ed274254362da1dd04e12ae1cc89e41d1565efb9f7934bb0d19e96661886a18ba5397c2a393b7fbacc683a34a6f13c14bc3341dab9094036aea8eee7d562fc70351ba15b239c64e7a6ed3e48135dc890bf00e1acc44424f9de63275fbd8c06f4fcf663f651f84558bde155d719b751c0df9bd10403216d556063e2f2caf7ca9e5edacab6a60306a114a62b953f88c2cc7c21064a0a3d41bb133246a58b82b188a30727b2657602bd6032434fade8a1610a07976cc8aa981cc07785459f3d904e54a990a38c851a040a843a982cebaa0a51d8431955c48b07dbe9029fd93fa361fa58d489252b18d4309e3f9b658de41b986ac27c2215df00e880e198e850d42847b10b0eee8b0f1eca3d45c37a97f90334426f23b92dd67fc9059819f764a5c3eca576fd66d565a8f328f5975d45ca606a9779bb9df44b0d9817bc9cf098c202c12c852e6bf680000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1578)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="240000002d0007031dfffd946fa28300cee60a0009000000001d85680c1ba3a2ff030000", 0x24}], 0x10000000000002b6, 0x0, 0x6c, 0x4}, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x38, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x6, @mcast1, 0x3f}, @in6={0xa, 0x4e22, 0x80000000, @empty, 0x1}]}, &(0x7f0000000140)=0x10)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cuse\x00', 0x1, 0x0)
ioctl$EVIOCSCLOCKID(r2, 0x400445a0, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000180)={r1, 0x1}, &(0x7f00000001c0)=0x8)
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045301, &(0x7f0000001800))

13:48:13 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
accept4$vsock_stream(r2, &(0x7f0000000480)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10, 0x80000)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f00000003c0)={'nat\x00', 0x0, 0x3, 0x96, [], 0x3, &(0x7f00000002c0)=[{}, {}, {}], &(0x7f0000000300)=""/150}, &(0x7f0000000440)=0x78)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:13 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x47260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:13 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:13 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0b20f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:13 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
unshare(0x2000400)
connect(r0, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x4, 0x0, 0x0, 0x2, {0xa, 0x4e21, 0x2, @mcast2, 0x5}}}, 0x80)
flistxattr(r0, &(0x7f0000000000), 0x0)

13:48:13 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="627472667306", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:13 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xf4ffffff, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:13 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0xffffffffffffffff, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r3, 0x111, 0x5, 0x101, 0x4)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
modify_ldt$read_default(0x2, &(0x7f0000000300)=""/188, 0xbc)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:48:13 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@noextend='noextend'}]}})
write$P9_RREADDIR(r1, &(0x7f0000000700)={0x24c, 0x29, 0x1, {0x0, [{{0x8}, 0x6, 0x1, 0x0, './file0/file0'}, {{0x8, 0x0, 0x6}, 0x7ff, 0xf, 0x0, './file0'}, {{0x30, 0x3, 0x1}, 0x5, 0xffff, 0x0, './file0'}, {{0x84, 0x1, 0x4}, 0x450a, 0x1, 0x0, './file0/file0'}, {{0x14, 0x3, 0x4}, 0x6, 0x180000000000, 0x0, './file0/file0'}, {{0x5a, 0x0, 0x5}, 0xffffffffffff8000, 0xfffffffffffffffe, 0x0, './file0/file0'}, {{0x6, 0x2, 0x1}, 0x3, 0xfffffffffffff3c4, 0x0, './file0'}, {{0xa2, 0x1, 0x5}, 0xd, 0x0, 0x0, './file0/file0'}, {{0x0, 0x2, 0x6}, 0x47023b11, 0x7ff, 0x0, './file1'}]}}, 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
write$P9_RWALK(r1, &(0x7f0000000080)={0x16, 0x6f, 0x1, {0x1, [{}]}}, 0x16)
write$P9_RGETATTR(r1, &(0x7f0000000540)={0xa0, 0x19, 0x1}, 0xa0)
write$P9_RGETATTR(r1, &(0x7f0000000640)={0xa0, 0x19, 0x1}, 0xa0)
write$P9_RLERROR(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1e0000000701001500"], 0x9)
write$binfmt_script(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="6c65302f666cf47c9b6a2800"], 0xc)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
utimes(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)={{0x0, 0x7530}, {0x0, 0x7530}})

13:48:13 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:13 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673e0", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:13 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="3520f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:13 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:16 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:16 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x300, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:16 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x102, 0x0)
prctl$getname(0x10, &(0x7f0000000280)=""/83)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000040))

13:48:16 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0d20f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:16 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:48:16 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:16 executing program 1:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x111040)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x3, @mcast1, 0x8001}, @in6={0xa, 0x4e21, 0x9, @remote, 0x80000000}, @in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e22, 0xfff, @mcast1, 0x400}, @in6={0xa, 0x4e21, 0x3, @mcast1, 0xfff}, @in={0x2, 0x4e21, @broadcast}, @in6={0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x16}, 0xcf}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e24, @loopback}], 0xcc)
r1 = socket$inet6(0xa, 0x2, 0x2000000000000)
ioctl(r1, 0x8912, &(0x7f0000000200)="0a5cc80700315f85715070")
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f0000000140)={0x0, 'syz_tun\x00'}, 0xfffffd83)

13:48:16 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

[  627.502832] print_req_error: I/O error, dev loop2, sector 128
13:48:16 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="3420f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:16 executing program 3:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000080))
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x138, [0x20000140, 0x0, 0x0, 0x200002d0, 0x20000300], 0x0, &(0x7f0000000000), &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000000000000000000000007f3b0000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff010000000b000000000000000000696662300000000000000000000000006970365f767469300000000000000000697036677265746170300000000000007465616d300000000000000000000000de0000000000000000000000569538bc13daaf267852048700007000000070000000a80000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c200000000000000000000000000083c3bf8315e1710816fca90232456edc6666015ab45301a08ebac7eed97624f77c7731a577df38b5b6d38985f28863a8286bebe821237360542602a67f5f68a086bf18a3bf02162f2dde990792965099a79f64c3ba6501a3864f964b061eec3f3e0e2769297d77c4916d7b79c698a89c5defd14c51684a9dd55b86672c1c11e2e1f2c88fd5c8463eabdb8014829ee034578d3f0d93fa74f9d8b08d08c54b8ebcd4cc7ef0cd48986e612a1229c7b2ed54247b0f17917024f48d573a9535cff76446aba9140a3f8b837435abbc5d4b152b6"]}, 0x281)

13:48:16 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:16 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3f00, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:16 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:16 executing program 1:
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000c85000))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000018000)={&(0x7f0000000000), 0xc, &(0x7f0000013ff1)={&(0x7f0000000080)={0x20, 0x18, 0x301, 0x0, 0x0, {0x1}, [@typed={0xc, 0x3, @u64}]}, 0x20}}, 0x0)
r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xffffffff, 0xc0100)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000000c0)={0x80000000, {{0x2, 0x4e21, @multicast2}}}, 0x88)

13:48:16 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f00000002c0)={{0x3c, @local, 0x4e20, 0x3, 'lc\x00', 0x38, 0x7, 0x1a}, {@multicast2, 0x4e20, 0x2002, 0xc4, 0x3, 0x9}}, 0x44)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[  627.819282] kernel msg: ebtables bug: please report to author: Wrong len argument
[  627.844570] kernel msg: ebtables bug: please report to author: Wrong len argument
13:48:16 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001dc0)={0xb, 0x200000000004, 0x8, 0xb0e3, 0x0, 0xffffffffffffffff, 0xfffffffffffffffb}, 0xffffffffffffff66)

13:48:16 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0920f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:16 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:16 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:16 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x8000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:16 executing program 3:
r0 = memfd_create(&(0x7f000000e000)='\x00 ', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x101801)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"})
flistxattr(r1, &(0x7f0000000000)=""/221, 0xdd)
clock_adjtime(0x4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5118, 0x1891})
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB="7f454c4608f90800060000000000000002000600810000007102000040000000400000000000000049ff07000000000084c0"], 0x32)
write$sndseq(r0, &(0x7f0000000080), 0xffffff17)

[  628.224483] f2fs_msg: 98 callbacks suppressed
[  628.224500] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0xf2f52009)
[  628.236901] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
13:48:17 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000340))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:17 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  628.324636] netlink: 'syz-executor1': attribute type 3 has an invalid length.
[  628.348234] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  628.355648] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  628.383351] netlink: 'syz-executor1': attribute type 3 has an invalid length.
[  628.442421] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0xf2f52009)
[  628.450204] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  628.460522] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  628.467665] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
13:48:17 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:17 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:17 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:17 executing program 1:
socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
getsockname$inet(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x3, &(0x7f0000000000)=0x1000000, 0x4)

13:48:17 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151)
connect$inet6(r0, &(0x7f0000000140), 0x1c)
munmap(&(0x7f0000005000/0x1000)=nil, 0x1000)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000002c0), 0x1ffffffffffffff5)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x200800, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000100)={0x73, @multicast2, 0x4e21, 0x2, 'none\x00', 0x1, 0x5, 0x66}, 0x2c)
r2 = gettid()
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000080)=0x40, 0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000180)={{0x3, 0x3, 0x80, 0xe972, '\x00', 0x7ff}, 0x5, 0x2000000b, 0xcd, r2, 0x3, 0x0, 'syz1\x00', &(0x7f0000000040)=['((em1!md5sum$#@\x00', '\\\x00', '{]#GPLppp0\x00'], 0x1d, [], [0x100000001, 0x1, 0x6]})

[  628.543148] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0xf2f52009)
[  628.550973] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
13:48:17 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="3620f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:17 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x14f4bc15, &(0x7f0000000000)="0207a28a3ea14800bbd9412d74cecd407000000000000000000000")
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'tunl0\x00', <r2=>0x0})
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sh\x00', r1}, 0x10)
getsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000440)=""/183, &(0x7f0000000500)=0xb7)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f00000001c0)={0x9, 0x1d4, 0xdcb, 0x8, 0x800, 0xd9a})
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x200000, 0x0)
ioctl$BLKBSZSET(r4, 0x40081271, &(0x7f0000000380)=0x1)
r5 = openat$cgroup_ro(r0, &(0x7f0000000040)='memory.current\x00', 0x0, 0x0)
ioctl$TIOCMSET(r3, 0x5418, &(0x7f00000005c0))
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000540)=ANY=[@ANYBLOB="040000000000010000000000"], &(0x7f0000000580)=0xc)
getsockopt$bt_BT_VOICE(r5, 0x112, 0xb, &(0x7f0000000280)=0x20, &(0x7f00000002c0)=0x2)
ioctl$KDGKBMETA(r5, 0x4b62, &(0x7f0000000080))
bind$packet(r1, &(0x7f00000000c0)={0x11, 0x0, r2}, 0x14)
close(r0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={r5, 0x6, 0x1, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20)
setsockopt$IP_VS_SO_SET_DEL(r5, 0x0, 0x484, &(0x7f0000000200)={0x8, @rand_addr=0x4, 0x4e20, 0x0, 'sh\x00', 0x12, 0x1000, 0x4e}, 0x2c)
setsockopt$inet6_mreq(r5, 0x29, 0x1d, &(0x7f0000000180)={@remote, r2}, 0x14)
setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r3, 0x111, 0x1, 0x4, 0x4)
r6 = mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000007, 0x40010, r5, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f0000000300)={r6})
socket$inet(0x2, 0xf, 0x2)

13:48:17 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$fiemap(r0, 0xc020660b, &(0x7f00000002c0)={0xff, 0x3, 0xc89811c95e77a14d, 0x7c9, 0x9, [{0x1, 0x52b, 0x5}, {0x3f, 0x0, 0x8, 0x0, 0x0, 0x200}, {0x2, 0x1, 0x9682, 0x0, 0x0, 0x2}, {0x9, 0x215, 0x9}, {0x6, 0x259f, 0x2, 0x0, 0x0, 0x4}, {0xc136, 0x2, 0x2000000, 0x0, 0x0, 0x1}, {0xffff, 0x89ed, 0x7ff, 0x0, 0x0, 0x2000}, {0x3, 0x9, 0x1f, 0x0, 0x0, 0xc02}, {0x82a5, 0x52, 0x6}]})
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000580)={<r5=>0x0}, &(0x7f0000000600)=0xc)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000640)={0x0, <r6=>0x0}, &(0x7f0000000680)=0xc)
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000001b00)={{{@in6=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{}, 0x0, @in6=@remote}}, &(0x7f0000001c00)=0xe8)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000001c40)=<r8=>0x0)
r9 = gettid()
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000032c0)=<r10=>0x0)
r11 = geteuid()
fstat(r0, &(0x7f0000003a80)={0x0, 0x0, 0x0, 0x0, <r12=>0x0})
sendmsg$netlink(r4, &(0x7f0000003d80)={&(0x7f0000000500)=@kern={0x10, 0x0, 0x0, 0x200040a}, 0xc, &(0x7f0000003cc0)=[{&(0x7f0000000540)={0x30, 0x33, 0x300, 0x70bd29, 0x25dfdbfc, "", [@generic="916dcbf236f876d3241e3494e6a266a7b6", @typed={0xc, 0x7c, @str='fd/4\x00'}]}, 0x30}, {&(0x7f00000006c0)={0x1288, 0x15, 0xf2c, 0x70bd26, 0x25dfdbff, "", [@typed={0xc, 0x7, @u64=0x6}, @nested={0x158, 0x90, [@typed={0x8, 0x8, @pid=r5}, @generic="50a402937e89be0433b93011f8785e76c16cbf2c31b0699d630a6ea845e8dc0ad461de007a3b74e3088d2eb815104be21b84dab86cf5e25d", @typed={0x8, 0xfffffffffffffffe, @fd=r0}, @generic="7f528335f6a97d2b898db250b90e7f5ba3f96d5c8820852521b13499ccb4ca79fbd362b85dc02b6123dad70dfa1424464eebd7274a398d98360dc042b92f377ccd06094472a7b979b52b3d7fcad52a19cf523f948f0904277eae8f985a38a0a39c55d6", @generic="eb0d245101413491be7214e7fd1bea11062d6b87ff2306a97bd1e85f3fa7f291edaddc2fbdb368cdd6d29ee7ef0f98d46726ed9836455292149aba6eb365bdb4c2088ce4bd68f4b4c3b1dd8b64425f775ecd39238cc4180a232f7da0c929c0b9f209383036686877ed16e089bbea197a0a068ba93bb734279149cb9f65728d12d31be3613f25de682b6f1f92c1bf", @typed={0x10, 0x5d, @str='/dev/null\x00'}, @typed={0x8, 0x42, @ipv4=@rand_addr=0x446800000}]}, @generic="02d1e8edff2189c3ef66f35b39082664814831cde4b9f03dd977270b7fb9e415be70a926d7be9df8b5eeee02b7fbaa613bea69fae0512f5163cf0802f6bffad2d1b575bdadb24cf875e34c20be093ebbfd711ba046073a9b031612c2abf66627b6bb5c85a87a16d88371a0468e6325d109f37556bf55e130474ee58382453c269712fdf9bf6d9c89a69fc54ca6c20523a37f77cdcea466bc315bb8733792d3cc65be7e8e359d76faa23c9f927dd3d817c974e8751717308d7c8683ca97dc48c59eba3ee251e76e18fd8250be57dab993241584aff44cbfa837d95a0bb62c4df9ba19d577fcaf54041d0492e013a6f10575d44c692594fd270cff181458bbc1d8cb340b2d8d58144575819c6ab31b649505789254ad2b53392c8cc9fec9e24e0e408c1c93ace5332bb2bc80b53937cff561a18c2e01902a92db120f05b7501793832b8304f71466c1157d3288557af5f17c4ee1fe4a60030506f53fef192c66c6db82963d517aa10750cd8f0d960dafc4e8e11c805f7f8710eca8b7ee31658b700b978bab647f989a5f7ecab2898b8aaece508bb324fded675ed1b8959fe657952da8a6f57b5e3cc0f5d2ff54c80dfcbe5a51cca2df36deaa8c60aeb37a7beec328cfa254fc163a3737f7576c29d6833b578b681b120e9ad7e6d354eea547ea52678c3c72482b92123b4c7314796a910aae7d22625bba1848b8e0b66f6b78e8507cd3a1868cb15816312f2f96b521e58291be3e445dc3c17cbc62977df36f057d10107f1dfee8e38761bed6959e2f55db2114a8fff5ec0a1294dd2ca048faf685a996d4c229ae1df856280aa63de184144e0cb64899b2cae32ac6013cf37221f7c2643ce020d423f26cfa5079f83f90e80f0d507bf742b87a7e78d80fc77b236d359108f43efc783dffdaaa6feadcc7c65a75916cfd93d1fb6a6880c172845e5b64430d396670f6634babf1769fdda154064848edfdb5f940d70795ab4b2f34b27ab7d6741df60e621b2ca63d179f4df7b69e2661a9de4781851c7ad9b265fd1a4d54842888af984176ab1ffab1ab6b8dd1df590a17aee8c46df3bfaba74d36f7c92c0b5700d2b5ba8557733443438fb1c56549b89dbd3fd49cb5f9c672fde6833cd0a18f2bccdcbefe0c21ef57ac032a9294c0746abe911a61bbc98cc2eb2910f4f68ca5af49f0281726bd3f4639ff6c59f600f95626d629f86f3d6361ffb950495a3a43a1aef73f64c730b5585808277054b9e90b740e507e36f81a5b464ed1742ca1fc612b6e6a36ff2d12469770840ec2bf0a84688f53500edf62c0026f4bf1de7988806455e7799df0d53c6775daaa454258996976fd588a9a0aa205a47dd79d869a679ebd490e67152bb9fbf41d94963735f4a406fa0bd31bd8a2a20f588f424a8ae14278a7ff50cf04653d14cb6bd907a9257617f6122f40bfe10840983678d4d469536fdd966d4888b8a30b914896cfeb8ddf7c411b340bedaf3107b88167b946cfd8f576ccf322229df5383d0fa4ebb39ec6a4c29153fbc63642ff6bb6ce0708a0fdd0cc67d5d043f753f6d78d1759e85fc792a908ce9629b72e8a7c40fa7c8daaaf3d07582705f28447814a0e879e9707632ab3a2fc4424245dd51838f072b7d2eefc6f0e55cc964ab1216fe61c2b96e86b3e0348629f750d3d1c191be384e9b9a161e67c5bb51d434417bd57a827133b4a4780ad7adae4485d5e373ee625622cbd5be3f7a803934932edb38b27197ddd1f183bc2e776dda6dc682aae9d8b76326ce205d5b64206b56a686acd20af481eb23de31080114188c398780e78126d1a1cd962a103a5df9d825c47e17f65d18a629446e42b1893b8ed5686491f0aece19b42986dc171228dfc29be57a7c86324165a7a9346cdd4889b10859293cc746236071b6db14eac72a1cfd04a0fd91eb688c13ec0278078902d4bc004986e5aba148117017c02d96d47e04fe189b31a4be983d9bd51ee78f06bcabd1baf17ca64e32129c0c3eb9cd1288868adf865dd7564095d2bd8e18e8274c1166672c1dbe0d994562a06a2e6ae0da9750f1bdcdb108fca5955b9be171cfc94611791ebc9c1338aac47de2f323c5085ce8cf8cf31d73a0dda19f0c35fd9980462df2c247aa84b8a4f3beff9bd74166077ec6ea80fdfc1c03314b418020825b55a4947a92fac739ab68001554da8fd9d42be50d0acd7911931ed3c0e47e5410034e46719cd6f47aca2adfa56d18eac0aeb1d8054ff91e7964d6b899a13c49c55b801a132aaa59dbe5aca634b33119d667b5e9a3df1ea7a2d1a4aae712fb4b23906491ee34372256658ab08af381b9cbf9456d384fc3937559c4b0c69b20b74ff61b79bd082f340604fcddf748c6e28a9d9610663b69108a5b37dbb8a21ded0933e37b40005da45307132fc1bd8e2794b4e2ebf5a21a272829d24c02f5a143989e96f8ca8868a4d9723815bac435e9e47a3e8b629f22cebe62ca88c0354901269bdbfffafa220d3aa1c2fe5870e10fb07ea7e0bc30ce6e74ed3b1db6406fa90307c5a715861b140a83c8ec9d25b4720e20d02705ae47af4f348305ae59eab0735dc29e3b3fd69327411daf1cf587ad2f58b5cfde5f6ed88836e8a23d7fdaef7d6b988a8f7876b73ed6b03ae8f4f7e2d0723d9b0e9505ce280cedadca4d3f6aa1675f47108570dc3dccf1def8e0eb211f91b85aeef6da5066c4b83c49c6826722208b361bf65987ccfc35ebc2ef6af3433570980fef4994dbaf4969ab4fd277ead3c6d2d7bc6ed98241365cb67fcc3aea1dd4e11d2b78e9b84f098b374ac062e3950e79d1a1536238a8319279a9ca1f4896b7323a7f3700e27547570d49caf285b625300818ed64e15a7f09329d47c187a17b624dc25062a30d5f411740982d2126d5d40e6a4e57a3d78d953c11313a3054097374c68f17c9afef64ce0ef57db81fa9fed391b1705a03b265f8c22ef31d6c2d4f8158a37770c8d019d51a9f07f34d5b880788d4277d7be5e83e04b140f6fc32830b8d6492ca601201bb198753387506a82e096c3f69900cf30294dd194edd4c6c41ddfe827f4ca0b2c377350b245de829f7b5fb552a91945da962b14315d3f880860514d2eca3b4cf9d0f39305ec34f83b2aa49258a78557e1cdc69b8efa0cd7aa1f65401ab26ec2d6fb1caffdb4eafb325444ddf4f32ff948ec9048c5c290246b99534c8cc0d58f82daa511a156400643a69a34d15ef434eafd42c55802bc69b6b712977c0193627ab507a50f57b1cbb62ab76b379b63d210e95683ce21402db86289176817613909add64c9d8d75cd40bed6b6889f1c5aa38f3e8d9f7f6ab1c8e06607fe3249c829b31c3458ee95c1849b355de1933c7388ac62a5f769b3e17b8d5e75914a8999c28adbdb448bca3480926a16f16834cbf377f9b858408ac1c5675b8ab73ec95ab5ced554077116b87ac186125d38cfbbdb84b145463ea2dc679668e838c1333d1cd84423ebeae6e8808fccc43a9acdeadc494e219a28c5e5e28c878612268261fbb5c470b103ee7ddf012d291de9d05e50e4ad2da9183a98eba0fa4b493f77f395b012036bcd76f2e4d131d01c4f1f92be7989d945f85fc1053840e8eec5f48fe8e725c173956feae47da4abbb8f675eca7778b646eca6c29e6eb853ef28331646bcf084bd1e09de47cd98ada1eb3189d4a64fcbd608009874342ee4dedd158c2e403e67e901d26a3257b6b41da522ddf1fe2f34af70a4b99ea9a15f8eb7884de7922e34b865c7f3c82073d9b20a24dc5bd69d7ee184220281e983e6b1ef5f81abe2cfd43a52df78fbe07f602bf36529e7d7bd062ac9450fcd05f9fd1fea3a6d0c8474307a1bf62254f5d8e0bff61fb71d68ec5393ae1217a156d9f86b3bbbe99c74be82a9eb9348c5784f7e2013f5b28b4986585d86cab39bbfea541ee7f5fc95c3346073879ad9144b554cf56285528ac0c44360ab567e52351e609a579c1863b20c8fc67af19beca9ca9890741dd65dae83b3bb7f6c190a4abdbf5e29523d5ae626766b30e8d816e34bad471f217b02d705b5474d4374779b1a246d777bb3637ab8f021170f443e0f680042d212ff8a70059769a56a892244ee33b6b0089d92f9a33f8c603b5be35514d8faf18999373e15fc55f9927f555137dbf014442d8a31233b0c565263c0589f0c86cd490210ea706e54a404a85861e87d9274bb8fdd030c16f5c08bc9aa0263db915b5ec3196e2a6c9a2dfd72b0b36a6a2b4890e241f84330de5de393a90b6dca61a007ae61952d16c233ac59af200207bde96eab81619d8dc9743e447421d1478deda3d08147097a9f1564026f7d338d0e289fa12acee4b02e4793d60e1ffa58fb68417861b2d4a7b78c5fd3277330ddbe12d6198c211f34b7a9fd4c1b3774dba92e87a2210714d08ea5c9d479102e95edbe12b72b15da7083bd402745a96b36738d0a3a2ced54fde981d8157c7ff857c53762fae7af31782dd9904f06c6efa9c21d0fd2140bafe92b3223daca9ca804002d08d05628c2d31b5ed7da4deefed9c7219d18d4dafcf9440defc797ef3d7dea9b5a78424f52596f260f36ff0f160523b451ad8e0d38bb869a7a29734b62f1921aa9465548a3e2d16221c592238c1c744f25ecb8df7724b50160657c2df11ebac021b29130696769a2aba7392f812dfb231355823f67c8570f830c4a6e1ff032c85ab055f57783969537b9f8475ef3842ddfbd091621775f415e342de8186594b651dded1f347d924bd4254c77f250f0b4c56162127a7dbb815c990c068c92c29f2b1d6656688758297edd1fce5d23f772119c77f0583b1bd93c925d6409058e10a56dec397c1a77da1cc5be461788cbe30ebfa96a62edf899f39a99c4864dd3155b69b93b821b1a140a3abd1549ef2322a90aa85bdd0a205fd34e7567126b5042d500928cca1e1054512ed6ffef7f50fc9ae4e847e6bbffdab0317bee42ccb62c52e4a6314cc51cc2f65e7f88235ce31cb3e1846b45f8db64e17716caff7d30b87db01edb1a837b076420bd1c3978ec04c3329d019ebe0b6d4a040922ad13a2b6b2f0598f555d88e2d92d0fad49b14c908b741e7f6112b19308e86c63b1893b151021b64d4700d542d4083f9ab379069b65b3731a35f7b03fa484464e7eaf3a5e5f47c3ffa044f1fac6d1bbdd4e1a80666fac6470d1079cbc2ced5b525c6c4c97143b6b5ba08782afb04bb257bc056dd089061fc0e034a7d7ad4339ef23d69ba1fc9ae1c99f1997f6e60ed20d9f2f7c5bb77d71ce0b10c0e3e8834becaa37ae36d9d51f82cb61c7608719f7e19e86f85a7c02eee689b49fe969cdadce57b5b7b2f781931ac013949029b6f86a9805eac5ff66f0561b78f73f9dc0fa288c248aebed0909473e6157b23e2f6514a3c69fced0518a1bd55f906acefc0ffa9a2313467c0581ef5b0ee41ba44a141f28d0c8f46341fe924bdcf8020c4d79719fdccbf5d7e0bcc1613375d2589b0bf98026d96101c8002d72fc0135a8513631b96d3a274ef6e3dc819f995ce7deb4c77c7ad24eb4e2862bc8f85374061040dace80e2da16c4a2dcf3689dd4752435b945e19a2c551d528cd3ffc8e1e4dd33cabd51bbbfad7626543e73807cfcf9ba2b40148a61035ead5b465a9bf48ff2155fa061cea8781ed3d955633a3fc10752a810a2a9bfd350c578bee73a04f3e47d01e72c969ec8693b6b01018ebbae2814c4572298c572a0ebf608b8ad872ac37a7eb86c1a452eb8a17271358c02795ad64417af4633f69564e6515fc02b00b3977780f30975cf63dd5539e5b3e299", @typed={0x8, 0x10, @uid=r6}, @nested={0x1c, 0x5, [@typed={0x14, 0x2c, @ipv6=@loopback}, @typed={0x4, 0x74}]}, @generic="046555656d70a9a672fd59ecf8829b8d0ce460f10061db1f30853f0e72dc8850da2da215bd8a8c1b116d4e354404eea5fba6bce287e74281f6aa4e0b6b998da8429cea2378e644c3ed217220905b4beeb32400434839da7a73eaa8c75e4ea0375462c64ad0637920c83e55dc8ea5e1f21f662c1c5aaf155d3abdfb3eac65ff4097eb4fa63c3a0655fc1fa4e82a1c9fa8d83cffe717389af3c4946053698b109fae9496fdd119ae35c7d2c39f86ac8331197486c447817bc6e61f081517304718c04744f89535fd794e8677bd4a6709d8ce1caf467453b3319e172fbe800d7b3fea134b448ad15cd6a3fb81c960"]}, 0x1288}, {&(0x7f0000001980)={0x160, 0x12, 0x2, 0x70bd26, 0x25dfdbff, "", [@typed={0xc, 0x82, @binary="93bdecef02dadb54"}, @typed={0xa8, 0x68, @binary="1394c63da0bdb98053e77a1b865c675811e84e0af7a53763775441c8db070d1ce3f8734e39dd968eddeaee205532547feb3b1856fd11fbe44b9b03b40bc5b4adc927cd2ff22646f4ab5b7206259ee45cfbde03f7b9820d7ec6958a62d69f90af898fdb4dcb7f65c7227bc98370f98cc214aa96ca3c68902024d536ba12574c2554c8f30dafb0e5ab933d86ac5d727b7dde40f19779dc0fbd70db7bd96d57242586b970ce"}, @typed={0x8, 0x70, @u32=0x7f}, @generic="44c40bcb764cf710b81bb588c529c715d7c5c3433d771cd2b4223cd1c44f522097859fcb12088c647ceec6f4ea223df0891d2604fcdb8b4e1386f2745f2e24f2785e63d9f3b46b17544f4286af7a14f4cf67ccfc072ebfec9e3988f824586fb47250b854df60d7e8449a0cb1e2cfbac1c4a6d352b8ec72f519176aebcb", @typed={0x14, 0x61, @ipv6=@mcast2}]}, 0x160}, {&(0x7f0000001c80)={0x1610, 0x28, 0x100, 0x70bd28, 0x25dfdbfd, "", [@generic, @nested={0x1200, 0x1b, [@generic="59d79a46e75828a8640d9f416ab5bd79e387cb26268757444425187ef4edd2bf10fd8f515b50e73a0d5988560fd69243bc331d7f3c5ace2f239df7d58882b45ee281f71d348e16af6e6c5a68fc00d15eb4bcff1bd0c8f340d493645cfca6be3be0576422a6c52774bd5e13a8df7278044adf723bcec003dec3d8e5de071b92f8279579941e0e0d", @generic="e81e53247e4a62030b5dedfc4d2d4ad438ecb1170b91cb9ad6d45dbec6998d5f395a3829d2ab2a40b6fec84b48cc941e0f26b279ac4d4760c8e6256ec4d1a4417048afa568389c1b925491e52e246d5698af6424bcc4b67f1f0365691847b8f7219c2d488bf779f945d7fdc5fbca089c69f78df709cbdd18550aec330b9f5e664b531a57350480cc26d4247de70592532ef473be34a8b5fbdec938216ba2df48da2444a89a9ce7dd2d8277a24492958060adf5f3338e22bf2bd6024ad994c4aeffce7518313eedbecfc39d9955392a37efca6188c3e6094a873b8360e818150a4e77b449cc1304d36514d28c71bbb2440a701b5bef57453b76eb17de7e73b93fb253362b4118b19863086a37912a5e9644e39bb5b8966252b634a95594e1aa8f9944b8276403a283b68b5c22e78eaf6425fd9d76a0ef7ddf62f3d08c9a9aed2ba4aff2c48138b1c34e8fda0f9001c22e5e964cab81f486b0a185c8f0135316e6b4fc8958d828dc0acf628a14e42d3b885eed9935764be41732cdcf221d6a7e7bec214b6d58e1b322b361bccf02c660220c1fa5d244a8fa99e390bff018db38e2afbff44b86b1eddc0db662d729344f6b4cf00b288dcca41e1d39fdefc366e006b0f05eafe9fdd83506277e2953fe173cc049e797a08b168805b61bc541ba46c9795a801f02a66ed570aec3dba42d3d2e8942648709dc119425c164b9c67e153a9a1a47ae9eac8a62bbb346e60da111b1153ad6ea8a2499a9b5979680e70096b8fe40e36c146d52616d87fc9c9669750fec95ea7763455b06a55c518496a5edc30d056f167bebceef1a31b3d36a5e73d20aabcb84bda9cd2b576d9ee7bafb83ab4db2bbcbf6e3f7920e8f82151d5e274fd2661495e9a4c2b3df2c2051ae718d75e297166be0a18b9a16fb1918eeb2898ea29f9bf8ba9f417c08d8cf80a1a707d06abcc50d0ae1c38ded7575ed148632d19113e3b0103c300de072207b1ee12b70087a38972006c6e9f51afef8b9cb024afe3ee8687bc7152d40f35a8ac9b164638fdaa11c9c20573c5c293402cad40d75beed18b4c8b7a24c9ea9d02e7e84751753cdeafe23f1ba3e169d63a94c5cff75e7900e7a3cc16bb539bdfd1f7ad250117f8b53082978e2686c5231ecba1137868360c9a6521eb7da9df1e7e4b5ab73c386a0dfb78b6719c01b77e8c23f48e9f83328605f6dc02645db32103147249e252640d70c9d6f413134c1a42f111991c78ee86773615835aec6b7e417f7c8eec1938b8e78988b27793f3b4f08df5dd6b3737f0eb75b5d80ee8ee788b3b2dbde2d3d94631d306c63900be3e8608263d66667b767460291926513b66589402b6ce7cd1b6bbcd9ed4700706a8604a95a698a5ea1afafe3051ef8b7c53c1b633847ef6b4aab41492fe9c88efcc35d5129d4708334ade6c496b93bcd1b1a4cde03b6bc34b3399f65b694af020180f963cdf0c2085ef677cbc70fd777138c260f2d62b0664640f77815f672ddb7e6511d920e115a6622f3933f00e71f881772a701dbb1e0037fcc4dc1f3288860cc8c11f2dafd06ea28e8939cfb3e817f30af41558283127bd6ff0bf723e1f821181dd358d5b35ffd2b62303718f6c8ca428c2fa8d18f0872547ce1b3baa335c2547a806dd8da567e02f1bdf392ccd690c0e5adcc21e4b8e29689a22a4c9b2041baf21226aee8d9091921c7fe98bbfda9cba35b050e231922825e2af923a0f495cc83e7687a3f4de1b055609ca1262c91bb347636d04c22750d8f506e9f35f4d0dd2bcdedc7e98e074266e18aabf2a15e7c640559fa3e2d4842b8c78724a7b043092ed310d448d0176449db96c37422237c9edb8e3ef93d40f6177e91b104f2760c46f2127761ee4eaebbbf8e4236653842b00381f69eecfc82bf14eb7b5d11538be247b4769a9ef9b84783f00d91d1588f4b11870a2dcbf1e94bd94dda11dbe4287c0b40ca6a1421f613c076ad5c9ef64093f02369543fb30554da129f8549f9b6fd9e672f55efd219a79a988d57941da70926f4305e7b35358d58d6b4ad44be53002e96c4550d19420349c96f27cd30730117b04bd429b115b690082fcc7da2d9ddbceccc9d0c8096e3b660a8e957d8adc34cd6290ecadb5a49e18815e0627b999b924cea43cc302d69edd15d2d1c7c849006ac1b057ef22573d2451ab6d58abffec8dbbf62f6948f44495aec385d16cc495940f7a2643cd43d37229633dfa82725f945199c9aecefd91c9c8a69c92e91707e3901e2ab9990f8eba856d133289593d9d7f279d299e24656ce2748782ba06ae6fd71aa4dd7991efe17a00f935251f218014a128cc268b413e8255225680b38a96ef030b055196e28b7e98b1485475e26ff34c4ba62a79993dbfabf0e616c5dfe7a1810596f9e66688ec116b761aab9fb01f23749a31ec92a5315362d746e9455b01ad7d0e4184dfb6caa6849e64e475aec64abd2541345eda9fff897bf2e08868e7cd50f61fd77977003ddacab532d3124b07f8ccdcc183d7354eb7122614767b330a22562b9cf933a6c7d6fd66f96b6b494f40e9713ec716b001860a12d1a04d6ffd88478f2ba3e6dfae0ce2999b4b1d4804583149135d9d849c3c49add9d5cc9913b12a87c4048bcd17e39a7595f5d462290eaedff7183969af830af8d9becd4161fc21552aace7a75d88b815a747abb4642c2b12174b4c18bc2330ff12d8057fa875383d9e746c4ed17c831aefd4a21cfdf7f5f11d8fc6bee4ec356354ae01c9d21c03d21bb850f380c129944b3127514b70a12b721577520936e46adbb40052fbd2832eff7160565f11a56f179d41f1b2ff8c6f7d9c4a9c9495f8a7a3e6bc441a45ed7a8ed588d2e49f14dbdcc70b6e36ca72808981025c798fb53b47a2261822cb5c25b25eef22199aac4238fde2c093ebc6865039903623aade3d886470189bda5234ea4f4a1377dbb397ee907d1740b591b5ca91ae65651b97bede58adae24b21dd5e72bdeeb9ab3f5e3670ea460c5d6c3f116912a5eaedfabe37600b784ba1830f60d2b69d4d7082efae5577ac360cb452599c04bab2d3ee58cbb4b4725daa7f97ee58974bf56a6b5a35ea729af39574435df684d12db6465aa12d374c047a780f57fc80533d217759ea0f22d39670baa3837789ac57b137b3032ab18420628ea330b539f885b3e5c038c5bc8a18bb7f91e702e03c578a59268e9be7c550cc8411352090ad34decea7e8a03ea088fc0605713cc9534d3caa5eabbc4688c63ddb468f7126d23b7ffaa50cb07b1498ccd0d38b857904284e0e18597840f904d922d4b66070436bab21fc2b3272acac5b12b9693c4df499ce3de942047784a6836c5793f31a1ec403fd0da91e0a3b5a6e18eef59ce612d92acea0a59e241be932c0260fa4a47e235ac46a55ed14a06d593897fbd23db7b6ad11af0ab32c7685bb85a70c9809fe9b81fd880c7c8834b8e0bf10ccc831e00eba0549f892b303d6063df083a5b3554f675d9fbaff735addee677881da921b4c6dd104f4d6e338f258850d4e51f2ff84e33392277ee6f7c7e214b018e577c4bab9c3d6edb91db7116b3f59782ec7cd5320bc0724d9bdb7a4cf2c95ea328b7efcf73404f1c9bddbc1493927c1f64b015f60d6ef12be315b40d14f9267e6e74665aac5a7604db6abd2c0febfcba28adff543a500922d985b28fda019ae7a0a398ccb359b3a96f6b4500b33baa7c1ca7b3d8b1cfab6b2ba5bf04eab75f0a319e2b6bf56b287cb808d6710307313e48e07ab84eff12f84ca2d59a69a2629a8a806b9d13e9df09cee9e5d137c873bf073753471e68f991284a082dfd6e151267e5f5055fceb6d96576a7fd9be1d838ab6ea8b4d193cb9e3d9c06142454f5a954b9d434a259400c577befb60fdc84b3878e08bce5d7f5a6b831944a7aadfa9520ca5d2723bfe46dcf143a1467a0308af306c2f2613f9c16053104c85ae9c50fcfff584997b5e345b26c1311ddf83916b86c89f74511f13149c544b7cedbd9e4ba3a3b29713d91ac34351bece748048a0de6dfa4b6bfe6d1dd7ce675251e6c2abdee1694f69349b7af3e827ad0ed5393e283e185b721e3c78367fb05611a4f7701417b8e8e9c8b6fd3b8199cc943ae716765561b165636303e0195938e3bcf88de9b656b99d486a6f7dcf067b7b508699ec14b1dbcd69d063499bfa70cce5c488e50c43725b289411972a24ef3669d56b4543634e63a60a78d2b2d998c7b4b96a9d90145aedbfdaddfec3f2226854f4fe146ff708b47a821565e51734f8f99a88ef2f8d9d7e673286e208d4ca4fb677b251a826d0fa487bcf11a924615747cb39903f27356f0c8b746329178a76324203524f5ce239355da8b504af9996605e2486d236707945f6f74c8eacd1893b0e914a2786e5293b5800ba0a34d37e8d65bf659926bd2259b78ad4e93aa6abca148978320226568d0d593197b85342f908c5bd25364c6064e7fa54f7c9e97ed29b427173778ed8fb87e8597b52e85ffb21cf5ddcff2658c5b019afb2da58f7af5e826cdff9fbba2f7603cba6cca79529cb91d378dfe77608ffc71799a72d2a73a78e042398606d11db4f6c8778cf65260dee4dfc03ba01eb728a0539c20a0bdb9947724814034b1d43a50b58698d4892fd9c04ce4035a5a51771b3c3f894bb33ea0efd24a1742c177ab72765e8ababa0ddf612a2fd23bb68dfd2399183e27edad182231c8c407128ef6535c56c5cd9d1c78da0969a827739fad566b165ad61e199d70412a093f0d3b17911913657b0328e1b361d9ac2e4701849435c51aed6873c962c95bf3ab6e3b90b9b206fe843fcc6147efccb7d848be9341a62b597d7d4648e8e5d99876c7478834ea073b6a61d1d3ee5240b8b68f2bfca39174ac769a79c003c57276b25c5e388e816042c3eba5a3d64d62e632f55a969ebf353db7dcf68f4cfebd45105b3813646c7f0b8d222e4bba6bd0b8129230f16d005540c0a4c3d8343aead681d64ee52a45e71a6c6046883fec902b14cb68dc07411d4e4decf2ce9b0b6a90e9e7508610dad33c4797fbccf1b4196fc9dc12811e14b541e14810b223975f061c9c5e0b18413294a9738456e1238767aff4b06ee2927e7d5b1cdd0dcfd989e4ffdf94e60ba7de55da7fc69880792af1ffb235a9482e65b850e27e4dfc35cee950a5f3f29f367bda8f6a2c1ccd553cb2e4742581d35b2abe51a85ff1863dbde05b2e2339f38c9fb4bf836f8eb60c4ce12cd626bc412fa71fdf1b5ae68666c0a34c7c1f279d56eebc954cf67029963154ac4dd50b77122bcb0f65344d26f67fc85f03dafda00a44795d485942519053835b6edadd52d0fb16f8a6e64562f1e4ce37db00c689123eeb3082c1b9b5f43d5052ece7d9e057eb669552587d462f7c4bce1c2b9586640b9690eaa6000628f9d1f169e3c20fbb4db5e38210ec0f2b3a2040e781095995a1bb945216f591e3c2ff14c3b50e6eb461d35263180b7b7273cc19843f0114693b53067ae6ad4aa3dce44f4156a0224b212a090910a67ada806dc3776db82f96a910626ec1df682c17fa9fdea3278ba764a3c82c724e5e862943d5736a88de3a20e84b7e213a0affd5d553eadb899509e775d2c920efdfd0158bfe67fdb7d564952212f7fd0e486012eefa4df0b36d6261dc15091659398599ecc2e7de8ebd8e00b00acbd67c3cf3be48110da72c93db63c1e6938132383b38da4a92e70fb75a1c6578ca8ad4a7a3aa9b5d63c7b4680dbeb585ba52c58f387aefbcb115666b40aabf524af62ecaa905bf4128a2ba44cb91b36", @generic="2fec37e1a3d397d483e8eb6cad811ddcb47efe35cc281d8ee19bed67260683a5b308cca44d563a8df4445dede43a8eb47e80bad98878260365231a7893ff93971a8b534b6dbafd7677af58778c204c6125a944a4a39d6088bcce4e89a588320f576c7322486ede9bb78be4c1e275c736361e5fdd93895e25d1b5cb77bf5287bf10394d4c5a4f8d0e721735fb1e59961b158fac2054e340135e63b1ce6149", @typed={0xd4, 0x65, @binary="1364125e3be76388e50e879a1e9d83c62685acd6cb9eae4097634479ab9338013555622374e851c55a0715f383f6e69eb70d3b1013b6856f7176c8b651b46ba44027c2a8c6bb08d172d81bc9c88971baa2496882d153a7164b32c1642c49934fefbbcd9cb835246c9790806d0293995bf71be5730cd3cae2b27c348620058aa17053211e04f6ded2d31bd3d99373fbc74209c16317764577ba4b317e6aa5dc84863d5f93f9aa2873620bf71d712b8ab7b0ad2e0d53d94c48b31baef52117e907cec7f78b2e939b656e83bfc486fe"}]}, @generic="13f57fee5e5a2176d67a6f6b646afbde6ebc5c694e0792416fb98f32252ad68cb064fec8bd958858cbbec30dc8f4b8f44d670ae156c01d9423815cc475e8d051db88f7479e7ba1e01bb7147ec0ac087e09984c85c9fc047f441bdec9490a962dc7635f21764110acd9e39349cc4808ce37de1f9714e474145181ff8c78d22df5d18d55402059d400f0c106a1a99471675fb12c520c38282626a48ba2e285b2b928cff11f6bc2c916c6017be2a459f1e89fc830ee477c7fb8eff87a07fcf0e2fc167f7a128ca5d99de4723a8d9d1ef1ebf26bad0da8d23a8a4476d6cb24c012bdfcdc8f80308bcc", @nested={0x194, 0x40, [@generic="1870d0aa8f910f7f100d526cab94", @generic="bba911b309e4eb8d5376c874ffa937e3999cdadf9386ddfdfa7205d7e7bd9a754c3ee6313f8b9cb6f7d91189a80c623926b8537a915b519a40265cbe765579098c73be38e8a837ca461912bf16a67b0f2a3e4189ca49376c5a05c8a885d21557530c538ef6ff4429efc3e278eecd9795f3eded41f6fb9aa951e19672600bab1ec3f75a809c2146e5910830c93ca4a83fe3878bdfa42570bbf613357cca014dcf8b6a9f501edae3bb071b4c44d971311dd12cb98471c94211fe23b0dce673b6eef681a54a2f72a0310abebe46351a5d18b2b9ae3ac3fe57c03a54743d01b4be1d6c4ca9a31f5e74b0", @generic="94c4a49d225cc767e20e9fb88f531e4096b65634c195a457cb951bb0ef632f7171a272cc0b048f82a42705ab2d9615d9e0eb4420f12eca1a4584700b633b5a06ff811030fc81435c575dca424c6326e66563f4551555d4ae74927b63206138b28a5211bae88d4b37453791c21ede3c98001d70c7f1e6a4aeacee344416da176232f78d6557c60d9c86b320d6d0da54c2ab368456ef60b1b0fa"]}, @nested={0x184, 0x80, [@typed={0xc, 0x46, @u64=0xc6ac}, @typed={0x8, 0x83, @uid=r7}, @generic="bf0350bad21048dc4347f1cbe7cb3f788032c201a096039814ff668fef5e0873bf50e45870bf20ec80c74a39dce44411d74b86a5102dd99e7cb900876eb3e95d424a866790a02f1c4e2edd33d6edb08e1f5ec786feac06e3a983fd474c6af076c9104145f6972002c3e788bd7eaa36a5a0e66a4582c86017e9862f0cdc77f661be62b4f6027b1aec0973b7710dc5e500643f83118b7173cee346858afa75929eff412a221f1695a7b198a95453618dc1834133cb", @generic="e0ee4aef9102b195ac3fdb1150d6cda9ebdd6ab798be7ca7b42c41565b85f5b6547762cd432ab5b2007d3cc82d4f38b1d4d9161ee3c770c79c236652d7bd88f48d38e68d5b1d59d867353f68de5261d565e36a3b51b075cbe4f5b5ffeb6424f2df4fa4529ce9abc39af81d5409e7329e336151a40fcfd3e594526475541366d255694bc89709684f", @typed={0x8, 0x8e, @pid=r8}, @typed={0x8, 0x4d, @pid=r9}, @typed={0xc, 0x8c, @u64=0x6}, @typed={0x14, 0xb, @ipv6}]}]}, 0x1610}, {&(0x7f0000003300)={0x410, 0x39, 0x20, 0x70bd2a, 0x25dfdbfd, "", [@nested={0x140, 0x40, [@generic="15432646d5", @generic="6e879cdcca46812ba80608b13e2e6d998edf6f5a208d83f4f2049da6549d39f39051415e0cad13505528bfbc", @typed={0x14, 0x66, @ipv6=@mcast2}, @typed={0x8, 0x6d, @pid=r10}, @generic="98a056c02f73f2b2e46774ede95f3eae2cb5971019ef924011277bdfffa0b37b5cddde5719c57bdc2af017b9eea346a1a94c9eabc809ea982a6e819df2b5a342d8f63310ae12ce631d0f984cfb1e987be282c5949c6fac109cf49ea6326fe6dac16b0727e9ff89606144ef899a5072febba17fc4916f8db96872e3ee94e57f59261e6c5c8afe782b1ffdcd2bce64550bcfefd0b3ac369980189781a8ca33910db572e78861f4a0d9e331899c92805ae007d24a673dcd06bb8674cf25856b3d6c70b8ef55105a5b757c26cb8f704e34078e8482150f7c379884e5b254b893a9cfb726fd0309b26cd29313b595ac"]}, @generic="efb511b064546efdbd56ff2c70d7eda1e1d625e27e4cda47636e98b77cddcdd576788ea0b0c076a44891", @generic="39350b58189302c8b1ad0ee8c554bd355b25a832b05540255cf0318f2a6d53821bf37f537d26b4caacd05a60c692e7f0ca732c37662e199e0a2f283b8545d7b4d970f95047652fcfee1f22db80e954a51ed40acca0baab7a86e93523fc3d0ddda337a49cef02d069a03e609efcc44763e9f9e62b7c87b7242107e07b035fc35238c46c55f5d225dddedbd95fbb7936bc93ac1fd1956b1c2af6166d493a09d86efa38634bccfc2a05992c04de24255c351f726e5805f8b4f15636476b5d6f8bd34e44865b88303140dcab71d6e2287e552519ff6911a9becdf6e50e3cd0deaff1e0d237cbd4f59669b6ea6d02d39a26724527a3cd4f5dc2bf49925c730c75a1", @generic="3a6e0558fefbd14efa993b", @typed={0x14, 0x51, @ipv6=@local}, @typed={0x8, 0x38, @u32=0x2}, @nested={0x170, 0x1f, [@typed={0x8, 0x89, @str='-\x00'}, @typed={0x8, 0x53, @uid=r11}, @generic="1e622e314a575fe9f4589930e8aaf8d370f66213253ab62bb02445e0f03b9acbd9533969ce209ab7fd072cd2dc5f8d36c9f28425f0144f5be1eab4a7ef1a896e958aee77cdfe61aba5a26d6d8bd8bd551cb45678b138c4a428e0f8f305ca918d9a92529576c212ba42b478998cc56182b26982564539883ef0285a13762b3b", @generic="5cc408588af3b2e733cf72519a0ab26ed0c93fc66c702f4bc0d90a163b33646f7270e2d1f92092b0b2985cbca56e1d1bbe0f833e9be5ef9dc29abff11a687a3369d3df4b8f4ed89f238e94fded7387cda7f2d414d39ae4c219c8c2e74bf47323aa46ff32a5e0fa0fae48f71980d06915f8e5ed088c8c814f5c2f845a2ed61e033606a6370072676bffe1b542ea2031cc7017f69f1495451a00cbe03eeb1d306127f13e938e3847a3a3985d16ef6577aaae993060078a82703363380b782c40f91ac0ab35eb043451e305ef554a595db5adcaf7b75206ca79ad3a", @generic]}]}, 0x410}, {&(0x7f0000003740)={0x324, 0x2f, 0x410, 0x70bd2c, 0x25dfdbff, "", [@nested={0x17c, 0x3b, [@generic="af09485019ba42b4bc7f818e47865e070565dd6dc500c9db1903499fda6b67af0ba6064140cc90745195072e2e3f041e0b9e547196c453632a6cf2ca6f3434231e23ef235b4525a440b508cae574f29f8ca03dbbbb696cdce4c2b2c4c47bb6f9e49cb87eb5ab5e91ad199958182621b37c9855db401afc716cf162aaf5488c8acb34dd5829a76dfecf413c7cf7c63edafeca1f164c", @generic="d055e4b28e841d26d666705da0cbb80a596bafb6b045aec59636af332a16f9291e6f40048a113b7c00f15f6905befe0eaa701e6322f7bdee92ed47d469bb8be6f72157a1475e63aa96e40619f42e3e190fb32a1af7c58d4075d07dd3744f6842c2112cf3067dcf0d7703a44a467828df3b11a8ffdec52b5c84ca92b7e6a4a9b982bbe02d34e9f3cc92dd2233", @generic="418d52c8edc7bb635ab4d63894dbd31e25eb13a7c270e3b89eabd0ffd6230047a9a864f530ba988e4899495ecc8a36a2eaad9840fb7dcca8c211dd3b486d2939361caa2f23f3103c9003fbd7ebe2241dcf737f12b9ea"]}, @nested={0xe4, 0x2d, [@typed={0x8, 0x91, @ipv4=@remote}, @typed={0x8, 0x28, @ipv4=@rand_addr=0x55b}, @typed={0x8, 0x38, @u32=0x7}, @typed={0x8, 0x3c, @ipv4=@loopback}, @generic="f3f7bdb0b7809d400fdf1627fccc86d96e6a015a1f368709f404b5e17191cb8ef79ea3d5d86705352ca2dc9735ede6615f2e8ad4d0244a56563058a24162629b69269e8bbfe24a1ffd02722218b77677b13346837cd18b4093e88b70fdad342fa9304bd914ec149b5174b1390de7f8ae972ddad7615b0e8f64d0b57c986936273ff83dbc7133c3b4c710b7271d1d66ac7e5cb4c04d857ade4a45034d60d0a76f2d3e51e19a7887cdea5e692f278782dbd3ad27ef4b00493604523a654a0a8e5a"]}, @nested={0x4, 0x6c}, @generic="40f9efe7e45864aad4884cbe0378e775fc7cceb5294a39e0ab8bf80151f5e6e5b7004736766cacb772fc0af5804514a9edfa4e4a8282a13b67102f552317a3e429b7d2737090138cf79a99b17bd078d1f21412633a9fdeb349def407c446f15e68580968f668c2eb245c96c2fcf8c14ac47103883695fb3171ef0260b09b0858f2a71061ff5d4dbfeaf944481c72b227a3c8b1f4b124a6ec828f894f3e58aad420a5f21d3c1e93ae7da7a0814995"]}, 0x324}, {&(0x7f0000003b00)={0x184, 0x37, 0x200, 0x70bd29, 0x25dfdbfe, "", [@nested={0x88, 0xb, [@generic="590a94fea2be8656ac4d3e96d2ccb208e498801c31876c1a4a5c5b7175a7658b4a22d57ba07891a5025312c5f2b5741e6f9f17ecd69885820c3d1e24b18d93b5583bced4d0f666676e182f950b164f72a8066be12de3aeea36e26383a9094854", @generic="9b3640112b75379cfe36df4d7d5a8c1e8c2effc8a32a5dcef2908c83a9ced7855273a5a6"]}, @generic="6b841f39adf7ef2486a6ef34e5df177db30042d6d7f12055893ef81823e22140e1140ee971f44760023565016a3cad9808b29b081eb014ce5d2a08235f436e7fae7c371cf50c43dc748b848e0420c93b9fae9c90c111f6fbb4b2d3435ee0cbf6c0b6a58ae202e3053caddf7d0216c542f92b98ea0640889cda06802e6aac3a9a919b4c680079dc2a95d5918a49f65459816e4002188c1dd0ad1c6da538a62831540908a3823deda53165df702d0e3d6b893905eaf23090a262ccb3e750aca02a", @typed={0x8, 0x93, @uid=r12}, @nested={0x24, 0x5a, [@typed={0x20, 0x3e, @str="9f7472757374656429706f7369785f61636c5f61636365737300"}]}]}, 0x184}], 0x7, &(0x7f0000003d40)=[@rights={0x30, 0x1, 0x1, [r0, r2, r1, r3, r4, r2, r0]}], 0x30, 0x40}, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
connect$bt_sco(r4, &(0x7f0000003dc0)={0x1f, {0x7, 0x6, 0x3, 0x6, 0xcd78, 0x1ff}}, 0x8)

13:48:17 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @rand_addr}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @loopback}, 0xfffffffffffffe3c)
getpeername$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback}, &(0x7f0000000040)=0x10)

13:48:17 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:17 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:17 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3a260200, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:17 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0520f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:17 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x101000, 0x0)
sendmsg$nl_crypto(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000003c0)=@alg={0x128, 0x10, 0x400, 0x70bd29, 0x25dfdbfc, {{'crc32-generic\x00'}, [], [], 0x2400, 0x2000}, [{0x8, 0x1, 0x1}, {0x8, 0x1, 0x100}, {0x8, 0x1, 0x8}, {0x8, 0x1, 0x100000000}, {0x8, 0x1, 0x1}, {0x8, 0x1, 0x40}, {0x8, 0x1, 0x5}, {0x8, 0x1, 0x3}, {0x8, 0x1, 0x8}]}, 0x128}, 0x1, 0x0, 0x0, 0x4040041}, 0x80)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000100)="0f0103f26d67f2f7320fc79b000000000f01cbc4c23dab8b0a000000f2a3381dd45266baf80cb8bcbd3f80ef66bafc0cb803000000ef0f239df20f5a5b00", 0x3e}], 0xaaaacd8, 0x0, &(0x7f0000000140), 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:17 executing program 3:
r0 = socket$inet6(0xa, 0x1080000000005, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000000)="0a5cc80700315f85714070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000002c0)=[@text64={0x40, &(0x7f00000001c0)="650fc75c276766b882000f00d0c4423d3c56eef22ede9a002000000f01cf0f3042802100660f38802afb0f23d4", 0x2d}], 0x1, 0x40, &(0x7f0000000300), 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vga_arbiter\x00', 0x202, 0x0)
setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000000300)=0x2000, 0x4)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000140)='memory.current\x00', 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000200)={r5, &(0x7f0000000180)="a680fb1ad0fb49019d5132eaf9b4256f1fa3be8f2a281a6750e5196cf786e364142342a2321796b663ae8e9234900ad184bdd6b8ef6a0d2a03a3004e35ed5429", &(0x7f0000000580)=""/4096}, 0x18)
pwrite64(r1, &(0x7f0000000040)="eb84f80309772288192d04bb123a69fdfd0602a43fdcd070923af65c5bdb5fc4b9699ec9f99dcdd88b0f19fd26e836534ae151999a804351c324dc7690b03300e5d4927f5d4d2df70000285267f92132d413a4e2aff10a697f781167d659063768c3f800b477277eb4ef09a9217ce98ca1735e4309caee51387e5d268db05da399f226c697489eba6895cd8f38e8608d0e66358e9b76888b61d39dcef1837c2cf7a038078f436fc81463", 0xaa, 0x0)
ioctl$RTC_RD_TIME(r4, 0x80247009, &(0x7f0000000340))

13:48:18 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:18 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:18 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:18 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xffffffff87000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:18 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0220f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:18 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000002c0)={<r4=>0x0, @in6={{0xa, 0x4e21, 0x1, @mcast2, 0x2}}, 0xbec7, 0x5, 0x5, 0x3, 0x5}, &(0x7f0000000380)=0x98)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f00000003c0)={r4, 0x98, "47540073951e4e9ca01dd4dd634290fe8da7665fb91f24d0e3f3cb74fe738c7c21ab3b9a784d9eb63a41807d77b06136b6632f442e7e0f53f40da5ce9b4da2bab3adbf76258ec43c0833c7c4c5d984986e9b5e97dc586aa56ca60007d5926b75524cc98d3dbebf38a6973a6d2fdae6bde27b5a7524ded3322e7dca8746b9ad329d85f7d15f1b29aa207081708f084a6d293d22227630c877"}, &(0x7f0000000480)=0xa0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:18 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673f1", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:18 executing program 1:
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f00000000c0), 0x10000098)

13:48:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

13:48:18 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2263c, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:18 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1220f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:18 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:18 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x1)
ioctl(r0, 0x8912, &(0x7f0000000000)="0a5cc80700315f85715070")
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r1, &(0x7f0000000200), 0xfffffffffffffeb4, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000040)={{0x8, @multicast2, 0x4e24, 0x0, 'lblcr\x00', 0x28, 0x4, 0x7e}, {@multicast2, 0x4e20, 0x2007, 0x1, 0x1}}, 0x44)
socket$packet(0x11, 0x3, 0x300)
shutdown(r1, 0x2)
recvfrom$inet(r1, &(0x7f0000000200)=""/179, 0xb3, 0x40000003, &(0x7f00000002c0)={0x2, 0x0, @dev}, 0x930000)

13:48:18 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfsH', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:18 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000300)="6601000100")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:48:18 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:18 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0420f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

[  630.173598] IPVS: set_ctl: invalid protocol: 8 224.0.0.2:20004
13:48:18 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:18 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000007000)={0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="edf2bb5bcf510b3dcf83d36f28ef1a1f566bf82a576b9277d2898f8dd13d0db2c80456a3b0c35bd26ba734cfef90ee72822d6d158abc60581d79efaf662e0515d22aac239cd594e90b2a4c2f7bbc58c6a313ad2a2415038763a44e378c2f6d79b6b708d438adbd6ae2b0a5beb6f6f50f89e8117e7d623f6e82e5180531e18249598ada517c5049d97d4c"], 0x0, 0x0, &(0x7f0000002000)})

13:48:18 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xffffff97, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  630.274667] IPVS: set_ctl: invalid protocol: 8 224.0.0.2:20004
13:48:19 executing program 1:
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000040)="0a5cc80700315f85715070")
io_setup(0x3, &(0x7f00000000c0)=<r2=>0x0)
io_cancel(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000340)="ff1e312691c07af4ecc923e4094ba39942265fed9686f1acd1a85f2021a6d0dbf5ac2b730df53bc9192fc9d5e415c572b47032bd6e43b5b98371150cdf9554e195e6cf827f92911203213c78580ed62f176d90fcb4313e4e96fd011e89a33e3d947fe3f9cdfb556f2348010ae07bc97b6f2851a63b21bec16e0b0f1974ea77852c2a3be050863fa5b80d119d402c59cd14612df8f9e01de32115da945dac8e1305d07e12ce3612dea7e07852709140b842d45e9af995ab807aab5b1ad0ab2ea4ac04fc6da9dbc773c98e7ba0e9c771a4d6144b5a610e6bebfeba2d02ba56efbc04958cca55bc398ce90379488c3ea0bd86d0f10d3d76c5430d395866aacbb15c9a2b34386eee926e1c5cf2bbe9448ef9699a6bb8b65aea25b0f7415d1a178943d6c88b775c4555b4288ed3358ace488969947068f3523ee42b16142449788989b140a9e203a557c2595798774973055e620af2c7ec9dbbafe31dc0488ddea58c63ed10a3f63f68e41588e18d60b74d41b36d115f2f3405f4d3b66fed95f90a366f04e2e8de868bbfb9b0a401fa7012ecd0e3bd2ddc13b059892ee95e4db65cb8bc664d2f95bca8ed8018504a36ff9563bcc8703eb9974b129441bc95398567e196f067a095630a7aa89aebcad8e361f3615fbd40de28cfb8724034f7333c3a13adb13685f8c9537e6b296432b699f84b9fe59b3ed67b1eec79017e3cf1af8c08ed6b7d1e8823f1f7783b8baa9416ad09baa746a99c823291644eca4a8abc060de6c6f161df9a5d4bbe6b3ce96601ef31037e642c2272db2779f26bcd72b8add4b1475710fb907aa5bc7db695f5a259b9e654973d53d56062c0bb04e923108b047c943084876791a8790602c9943077e8b3c3dba629e8eb398d74a80233309242eedee11f546afd1e249c8b53025a6bbfa6a1c2502b943f0f31cfbc84974f51a8d39f663cc06d25b37ac5a6416c23e674264d620161d40a3eeb8137daed753d2ae39fc13d3a0f076e5a964c9c110200d60ae897a2c253257985b7b360b550698e1e9c3f0ec61ece87c584de75248c094e74daaa306616ad759345bdc1df45acfd1b1ef76a75e859c5ccf154eece3268cfdc4b0676b334a46ca2d4555b55c2ba5a0eb715ef8464f6fc20e0eeb311fb61dd223221536f4a865b06eb6df64056bdf3c78f49b9e85bffc42bf23af70c137634a4a2549586c1d488df15e36161a6fff4e41a8c052ce5437dbeb277ed2db10af59fe74ce7de728d429fba631de01d734eb03e3a37eb7f9c14c861aa33d07bbafcd65e46d471934e293538c1d5cc8be31dff4f84c5f683569966c94706f79cadb4b2c66753d97b1d08d13b0e331f12b0496136f05940cab920c7cc0e97923bb6f098f5fef0723f04da25c983e2951b3970dbecd076284d13df292ab8aed0c73d3972dbca1c21767757b6aee22b2b8045c6b5c20a40ec0e042d8ee48ff4c175a869c58c5db101c0fbee0688878d733514fec044ec9bdabeaf4c068e9f2e3fb7b61cb9cbf8f318531c683d55d722ef4b0e0e8f58b7191dc2c8f1846a1d248f38a15dd962cd1f35064878c6a92f2ca7981b639f22c0ddb978b84dc36abf77770eb0ba9c2ac429885f77a8cb88fc01a934bff0bb90492b813bbe4baddba3ca1ed04e76cc146a5caac6a61606332f1ceb7e506c442e6f4264eb390ba6ebceb6782544c971968dd79a57e516556bb26a1782a12948e34aefbb6b23960fd405a26397fa630d3cdc19412c03479570cf42c8247ea5cf7914535b705e2876b11d863c01dadf129d3cfc0a685c45aee6ae4ffd216f10d9d8188a8a462af21d5cf04e4f12f56b1317c36c14f74df0aec5be7d69ff9f8b0886c997c0082f558553249890740b1ee757e7aeefff373504baee547ea845d5b8f9d9be11e7dbe2ec1bcafcaef99a83e939891d30ca385c37422cfd693c35bd7cd1cc43088ecb146a1a97fd5e0f68f8afa69874125ee45b2119c5153a3269be72b11a488d7e5c9788b93c0efd0b12e122dce3b8750896c4361ad2e320dcc4150615cd53b8a98bd209412b3b3062b2f50f99c4f50438731820894c2f5d771929e4fd9bb9bdded4a4c9cd58e01c2177401195ca286148adc35172f1e6bfd7e6aaa24774c899de41cca83fa39fbe83215504154e86e6a99993603887e912201fd92f9663337f6101c30ef5eca5ecabd622d6412cf206a74ffc2d2c901061ff5c56a204710437ce1814bcbd5d50b920f0388107773bd7c5e2551f0835bab4c9e4e70bb8ce0ffc03df605fbd68be1cbbe2b8b08216fb35893f9291cf47f67cf3bf4f45f479762c35f7c640c736ee7211a5fa49d983ce03037dd29cf2a80b32720e283d9b427333c1aaebe9c14705ccf04e228a6aa4339caae799ec60dc2c5a0c1aa13adaf6007b3efa1b2f543f621bc13a9e78d43502590022527b386dd2d44cc55217cf777d6ebd863783df01c43e0e32b554a827241835869f2cc6ce0215dc1233d15ac14b6320945a9ff53d10b60e4eb2bf0ca41e8f40f547ffd75c8f1e0eef65837358b37220b43f7e2feeff0f57ea9070bc6efe8a6577572ec16003288ed51e052130e75e293e5ed133cef4a85b6269937e1eb3303b15ad848cff257537c5bfb2965ad2ac35ed59063c8f72bc8ea9f68547b4d87859488d460e0c66e08cccbc90c90da041607c5cee811d9608715fd36709618e6e7925a68bfe44a0ed129dae81127044d732590226c18b38803e91f580244a31736af6afa5d816c6ae12c5071c6429b61a788cd4b5b75c8a25f49003dbc4f827cab39a315d5c51a89f517eb67045173d9125158d6c1336cbe13c4574f8b0448adb5218a75149f43cf6a7cda4666ef1b4a274cc0f5969d4cc0d28bd3510b4133754fae4cb7571d85eed7b2454c88d605dc81a12fe892a138df1d003fefe47695cece638d5c9cb5e4c772880cf8e0b762cdc5e09402487a27d24a0cfe6b4cf4992300bed8fd1c2198ecb8e0604b10847b7917107beed282bbea8968cc9d5001c417c45c84e928e26a193db68d88de87b34397a1c578333b4f911b6aea3fdbdbc1348905caa887e927f9564c801d7d80d985c868ee264e94ffec0dd4a1eb5f94e4709ba88780b5b7c3f0265269cad4e34463552cb566c0e96328190ca768a325f5e40590a1ea3fcadd97ee543d6f8543a255cc27adaf9944ac3b9444bc78ff3131b410ff8b17f151f683ef06482103a23784b863d0268984ec12c45ca570e0ba28e5f8a0eb96f35952ed927c9f80f06b48f754e15141fb4d4f41f27199d28fd90ba5dea6c8d37f6fde8d9b6231bce75c5d719721ebcb5cb8f9d5aa9ded477b52f8e6162fe3506f389b85937d3a041751badb2c5668c850ed3cf9d1940c5115526d6f786b906964ab74acc98fc103c2db38f613185477d808d35f87d6cd895fce60599b1d14b19e336dc88e6d5b4c42da41a3d86ef2edd57723adaf8cd5c80f68b3dd37234136e640ec435869dfcb40fcbfa7cf6148eb59bce38ceab5cabe46227ac9f7de01264797577bf4d4c5b4097d2a1bfbcb6f9a0c192b54bddb8abdf5ae3a89f826905d93e3438d557f2cdda0037eb4e9a111e730a4e9fa7cfe5e4a65a6c97e34235e3da7e5efcd3f24ce6bb38c2bc07ec5fc370cbc0ba22692ba4bc082e7f43107f7370705c73459edd89e2403b21df7277d9a16dc2de241e2b1ccb13ffa129321a6f05a9078644274e4543696ad2032e71579edbc097e0176ce35555ac6fa79690dcfe5d6cc04bc16d095372b2eef009854231a9d8a81ad096fa58a68aa0759a064f12dccc055e794dfae40b29c263a2f2f5d3bb605b7c58cd89830dbfd5262a16c0f1f6e63ec8e1fd7e65c7ad1dafda31223b9a22b75bc24f72fdd15048404544a61ddc3c61133684e9935f976126bcd463461973862d6df04918fcaa1b321c663f783240281a14de9084ecf3402f2d64ceee293cf5162076a8c6294741a5d6121d7aef495004cd6b9333daa0a1e9af99a2f271b1e08d9e69d6191b960216120a03c01ea43e9f663f24f9f72d8b42bdeb7807bb3416b891656d7df65b7c30d824f6eec0d600cf89a03b56ef8b4b2867348307536b34cb0e7e5c51e5f8ca5d12e8e18d340999bfa90f7cea0ae422bdbdabaf90d2528ce8645e9606e32c10d95d97bc392e92b15f3eeb65701e7da3129456bb1aa27926ae3d4dc5b0149a8a2561d8f9e95d73ba9250f90fff9fba719a8cb69bcfc4c6835708a60fd48c9da5a468e1c76df3e4ef5057d28c9fb160b279c58cc226aa1135df7f0f19e67a643012f808ed477cf5fb6d0221b577bd17e7a2214a4397eb6c1b21e7705e860f2ac6b26341d332fded717bb31d2bb89223c437b965c8b8492818fc607850f65a86401fc9c1fe1b68e8702dd9f9aa6eebbc56becc0babc553d4ef1c58121f7fdca0cd0dacc3c5b63cf30a6eab5e406db5e1a91642f798013c5f7dd0b56e4796c3866e8e5d4b0f0266503e2717f53a9413a1ffb6bdd559ac4def2c03eb4ecc84188a28323d301c20ed46982ac5ee41d642040b835137382afb0db6d08b5ab77870bfa7d62c035b652228be4efc82902e1be79db997b977d4a9f554d1fe334e64ab0f62082a68b5f93b851145c512fa81867b8eaf2aab1271459cffbfe6522b322951d64c80149f9ef3b070ae2c7af4240f3dc8d305eedba9a7d772533a8ca5c236923d12b8e13b3a7d2934fc1e66d625342dd9a1e3867d6d55b54933cb251afc09da640a7c5f82a4f5aa3b4f814a0caf8dbbadfcf42d08178eef16de1e2311a71807ee72250c84dd067bee03fae8960b721ccffa727ab1eef3320a2ae4532469b5f68780296071874b8d644b3c49a1223665701d27003e80b346dddc91ee0e562b15b812c1c09677518c8f93431047c4b2a4cce51db638d75404fe2a90326b3832be35e4a74726f800fbdc4071c6b1a603bce70f0baf0bafd056f3cccc59d47627e545afa17846acde42b4fee17b1e5849cecd1fb4daf9874cc86d76a45b19ddad9754ec46e7e44003f7fc3dab4cc249b0cd636aa23c2e41181a5eaefbf12b09bf9a6229acfed7381d626ac24d498b457da82dcac954b1ff0100803da32d3a62c2d9d14283abf370524405a00657c5cb5dbb5429973e862db62a8abb5e9b318614becea504e274840d895c1900d39acebe00a910bc68a36f49229cd674596ea63639cf333c46acafdc64adbd480f0bb68d7a2d40e5f118baaf638ac5c48c3ffba976853adf261ba6682474b7d63b5cfa1281d4851e6c85e94b41a8e7a5628f24647fb178a8e26d75cb5f73a989d1a02019dcd478db3f4963587ecb91aeb95c742d724a455b1ab171ff0f7e0ac207eee718269c0285fb25949b0b45a04cae0037e271000a4fd0fae7cee5f33365e5325be1b91aa5237e11df4ebac7879863c4320957a4906dfda25169d6685b318c2046f05c53fae324d3802d713369f69bae3754dfb157337e4eed851246454f9dafc1dd5188fced951c390d5104ecf2318aef1d3307d43d36dc79dd27d8b73653c040c3dc92d393df8c1c5c7fdd97a5a696d160fc1362f2f7a321987e1ebb3c4b7fa2d30fdab3b9b9b40264259878e3620c1591f184a9a067950e65ebb20b0fd03bccb756737967e73da9957f0293dae7e3740101f3f991a2498c643a45a3cf3b6e0140337a24f35ad160a7d58958fdae3a5517a05cfdd94cc794f1bdc907db50db93da9e8f7245999a65b8ddec0ff9d05d1afcd0385dc21b7376202a9e89b09472b3dbaf561ec188a74feccc0f8366d11d6519179dc1ed4a7711db2afb394e490a", 0x1000, 0x200, 0x0, 0x1, r0}, &(0x7f0000000140))
r3 = semget$private(0x0, 0x2, 0x0)
semctl$SETVAL(r3, 0x2, 0x10, &(0x7f0000000000))
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x40000, 0x0)
fcntl$setsig(r1, 0xa, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x3, 0x4a8, [0x20001340, 0x0, 0x0, 0x20001370, 0x200013a0], 0x0, &(0x7f00000001c0), &(0x7f0000001340)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x2, [{{{0x19, 0x40, 0x19, 'ifb0\x00', '\x00', 'bcsf0\x00', 'veth1_to_team\x00', @local, [0xff, 0xff, 0xff, 0xff, 0xff], @empty, [0xff, 0x0, 0x0, 0xff], 0xc0, 0xf8, 0x140, [@nfacct={'nfacct\x00', 0x28, {{'syz0\x00', 0x100}}}]}, [@snat={'snat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0xfffffffffffffffc}}}]}, @common=@ERROR={'ERROR\x00', 0x20, {"adc55493d2670964c8cf44e142eff10776f87b828e941a4c840a5fd86f98"}}}, {{{0x7, 0x8, 0x892f, 'teql0\x00', 'ip6tnl0\x00', 'syzkaller1\x00', 'ip6gretap0\x00', @empty, [0xff, 0x0, 0xff, 0xff], @empty, [0xff, 0x0, 0xff, 0x0, 0x0, 0xff], 0x110, 0x110, 0x148, [@stp={'stp\x00', 0x48, {{0x4, {0x5, 0xf9, 0x98c, @random="15d480a826ee", [0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x6, 0x9, 0x800, 0x2, @dev={[], 0x18}, [0xff, 0xff], 0x4e23, 0x4e23, 0x2, 0x1, 0x0, 0x6, 0x101, 0x8, 0x0, 0x2}, 0x1, 0x50}}}, @cpu={'cpu\x00', 0x8, {{0x8}}}]}}, @common=@mark={'mark\x00', 0x10, {{0x0, 0xfffffffffffffffc}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x9, 0x40, 0xdeff, 'bpq0\x00', 'bond_slave_0\x00', 'sit0\x00', 'bcsh0\x00', @remote, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], @remote, [0x0, 0xff, 0x0, 0xff, 0xff], 0xc0, 0x128, 0x160, [@nfacct={'nfacct\x00', 0x28, {{'syz1\x00', 0x2}}}]}, [@common=@STANDARD={'\x00', 0x8, {0xffffffffffffffff}}, @arpreply={'arpreply\x00', 0x10, {{@dev={[], 0xf}, 0xfffffffffffffffc}}}]}, @snat={'snat\x00', 0x10, {{@random="2c8cbfed39dd", 0xfffffffffffffffd}}}}]}]}, 0x520)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000300)='/dev/mixer\x00', 0x0, 0x0)

13:48:19 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673fb", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:19 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f00000000c0))
ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000000180))
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000100)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000140)=0x1c)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000000)={0x9, 0x3ff, 0x63, 0x0, 0xfffffffffffffffe})
ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f00000001c0)={0x0, 0x0, {0x2f, 0x31, 0x4, 0x11, 0x1, 0x0, 0x6, 0x123}})
sendfile(r0, r2, &(0x7f0000000040), 0x80000005)

13:48:19 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0a20f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:19 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:19 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x3d26020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:19 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
io_setup(0x23, &(0x7f00000002c0)=<r5=>0x0)
io_submit(r5, 0x3, &(0x7f0000000580)=[&(0x7f00000003c0)={0x0, 0x0, 0x0, 0xf, 0x3f45, r2, &(0x7f0000000300)="5c600ba476aeb0d0673e368a5a3f77cbc6a3776a8613ac485b235d9e9e42aedf0f9d825a9b5e860ad083daea3ead28f0ad2e6b239a044e8e17a6ef4d4c90fc96063741341d3a44389a686bf10efc116ab9509ffa3438a8fa3c49997da5bd2ee843ce5860124285124bc5f36c6ee3b39cc000827516958302701d77a9ab63f8decec98f76377e69fbcf208bda044e01406ce954c14ba3a0622d285a9d12027956c09a253b31168dc12c1ad8ce9546c22ba6cc", 0xb2, 0xfffffffffffffffa, 0x0, 0x1, r2}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000400)="1a543520cbf02504c839e4df603d96977eaec1aca3544c9109096a936e54bb1045aed6b920fd7e754144a9c6daecc845edbbf12c698ec3722dad2c1a8dc9c1cf3e6b9c3b02071ac30016b06915e35985ec9ef3529192acde85668c547a223785f47031433a0d1a5aca5e3f437e87821e6edfc2143a2dfdd28b33fe3ac21ccc1cc0969f0673f95a236cee5daafe9e161bd9723aaa87cd7ffdfbafdfb8cc415d4cbd20329bf010cf2c78aa7f12903ec6a66734fff60292b62f3d0a96c4", 0xbc, 0x80000000, 0x0, 0x1, r4}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x54, r3, &(0x7f0000000500)="a44de9624f0bad1e855ffec0ca85281fc3f731383bb2692cada1f8d629e50584568b", 0x22, 0x4, 0x0, 0x1, r2}])
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000600)={r2, 0x6, 0x6, r2})

13:48:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x2, 0x100)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
bind$inet(r0, &(0x7f0000eed000)={0x2, 0x1}, 0x10)
syz_emit_ethernet(0x423, &(0x7f0000000cc0)={@link_local, @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x415, 0x0, 0x0, 0x0, 0x200000000000011, 0x0, @rand_addr, @multicast1}, @dccp={{0x0, 0x1, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "d70502", 0x0, "f53475"}, "b441d632cdbbcb211363807aec73d3883762a61dc02d349bfa3ac974b987aa7fb97eb324d594fbbb77bab759418aa8d451d921e8f5d2cf2b08292111701192e97cac366dd3eb2e0fb039e58314ef4709c5f3556db6a1ab6b4fb2bdd83cdc26e8395ec4984ec3faf71a611d1569545d654cded93be827a85188b803c19c1b56aab522862a718b81e512b49690994d3425e33bd93f0e744c66a083c1f9f1bd7bb8f9e123c08f3f041ed3fdc058136cf0071a47cc0e38720a12e11e842a7b5b26dff07f578fdb9a7b14662a625c1ee76c41ccb2b1fc6376aa718e1067b9e4af511ef5b360dbfad326108bb033db193dab27974eb8c462739eaee51d87f31c516e7e391073770da3202e02c41a7277c847df24bd5b0a7ab6e252f3c8ebf00688cc55311d887e8bfd95a7f4c6a126af3fe26714ddb869c66d18f870631bbd497e8a06881b754ecdcdd0dcffc51cd52a6b560f8d64b63a1674745edc5f53b18a8ffcc5c2fbc4d2bbcc2faf3c189d9b36c0655d1394f5c127ec86b8a764a87b546c2b6ac37d0a8ec3edd7cda6f930570763dbdc0640d219749bd57c7c89eaadfdae41d654a46b17be069a32a7d94d29b612fbe61b8bd11a2d10ba5d4ac7014fc0465c3f144598bd1f913343e7293711040eee0ae8df1e49f04ed1037d4b742aed0e932116060aaf6b985238d2e10fb5b11d19d7801befed4833287d96a85a7cdd9e211a672760335655576fc0fa0336621c2b2b1018ef71bb5077c67ee5fa8d479d6776013363e98b1f1213712be7e47549b6035459008c509f0f983130a451531381ee3c1ab9e1cbb8e558b56ca1a70939389addc5f9632b37ff3f634abb504bb0be0a51649683f6e29588c15cda40255e173328681884ffef6729e9058c5623e1401fdcc7b8cb5623a8fd725fbeea05fc417c44e46500619218dff7c70aa068994c58883cada505a2aa85b6620dfe9c45b707c9aa1222b86972eae564b28a05ddfa3545df231fde2707d4bf67dc6ba41daba91dee8081e5c7e2bcfbebebd42d5ab8a32d6e098fd57233e3b813dc0d772134775def451823b7fef2bc93da01722cd613b9a3db7e2d4c51fb7b56006ee9cea53b62343599a56167388d45247f9289fb1cab67a7cb0c3665ddf1e1411875b4de3428b32fc6603691a023d8e4cb93c667acb7b535fb5f77af9a49640cbe8ffe3a193cf4df1b556a67cb753c60bdf978b871aa513c07074c6602037ebc32199290e3c7ac6f103ad9358951ad4de0c8f1b34951b0e6a48295975cf08b2c3c95064855fc95317e386f1c18608d1d08699003c998b93332cd316f17a5139d350cbfa9dabc3f77c4197a0186e50913978e980a7a028e7ccdeee718af028200e94a6b3a0ec93ba14b0c64dfaf3967e230d8cf876f26287d436ebc9588b52b43f2380836bfe3"}}}}}, 0x0)
syz_emit_ethernet(0x423, &(0x7f0000000280)=ANY=[@ANYBLOB="0180c2000000000014000000080045000415000000000011907800000000e0000001000000010401907800d7050200f53475b441d632cdbbcb211363807aec73d3883762a61dc02d349bfa3ac974b987aa7fb97eb324d594fbbb77bab759418aa8d451d921e8f5d2cf2b08292111701192e97cac366dd3eb2e0fb039e58314ef4709c5f3556db6a1ab6b4fb2bdd83cdc26e8395ec4984ec3faf71a611d1569545d654cded93be827a85188b803c19c1b56aab522862a718b81e512b49690994d3425e33bd93f0e744c66a083c1f9f1bd7bb8f9e123c08f3f041ed3fdc058136cf0071a47cc0e38720a12e11e842a7b5b26dff07f578fdb9a7b14662a625c1ee76c41ccb2b1fc6376aa718e1067b9e4af511ef5b360dbfad326108bb033db193dab27974eb8c462739eaee51d87f31c516e7e391073770da3202e02c41a7277c847df24bd5b0a7ab6e252f3c8ebf00688cc55311d887e8bfd95a7f4c6a126af3fe26714ddb869c66d18f870631bbd497e8a06881b754ecdcdd0dcffc51cd52a6b560f8d64b63a1674745edc5f53b18a8ffcc5c2fbc4d2bbcc2faf3c189d9b36c0655d1394f5c127ec86b8a764a87b546c2b6ac37d0a8ec3edd7cda6f930570763dbdc0640d219749bd57c7c89eaadfdae41d654a46b17be069a32a7d94d29b612fbe61b8bd11a2d10ba5d4ac7014fc0465c3f144598bd1f913343e7293711040eee0ae8df1e49f04ed1037d4b742aed0e932116060aaf6b985238d2e10fb5b11d19d7801befed4833287d96a85a7cdd9e211a672760335655576fc0fa0336621c2b2b1018ef71bb5077c67ee5fa8d479d6776013363e98b1f1213712be7e47549b6035459008c509f0f983100000000000000001ab9e1cbb8e558b56ca1a70939389addc5f9632b37ff3f634abb504bb0be0a51649683f6e29588c15cda40255e173328681884ffef6729e9058c5623e1401fdcc7b8cb5623a8fd725fbeea05fc417c44e46500619218dff7c70aa068994c58883cada505a2aa85b6620dfe9c45b707c9aa1222b86972eae564b28a05ddfa3545df231fde2707d4bf67dc6ba41daba91dee8081e5c7e2bcfbebebd42d5ab8a32d6e098fd57233e3b813dc0d772134775def451823b7fef2bc93da01722cd613b9a3db7e2d4c51fb7b56006ee9cea53b62343599a56167388d45247f9289fb1cab67a7cb0c3665ddf1e1411875b4de3428b32fc6603691a023d8e4cb93c667acb7b535fb5f77af9a49640cbe8ffe3a193cf4df1b556a67cb753c60bdf978b871aa513c07074c6602037ebc32199290e3c7ac6f103ad9358951ad4de0c8f1b34951b0e6a48295975cf08b2c3c95064855fc95317e386f1c18608d1d08699003c998b93332cd316f17a5139d350cbfa9dabc3f77c4197a0186e50913978e980a7a028e7ccdeee718af028200e94a6b3a0ec93ba14b0c64dfaf3967e230d8cf876f26287d436ebc9588b52b43f2380836bfe31cbece"], 0x0)
poll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0)
timer_create(0x3, &(0x7f0000000180)={0x0, 0x3b, 0x7, @thr={&(0x7f0000000040)="91bdd0d48411ca9a1640e8fb8f6d4c9556cc3b82cbc5c9b934af48e5503fc1e55d42325b29fa6f92778f0d3c6b6e9411c2a46565c3a79faa78c3ce90a5c4b2bd5c5a057321cd9a25e8d998fd9d2163ddeedbd56fd6a83fd0385d09bc2dd3b61f7288d6f5351cc2213ec81a8f28e560d03f7684402c1c0aa7826b09b6681f62fe7d0970651bbb628055f8dc0a1f7cab572b4eb9e0db5bcd3fc31a0fe743b2465148f8ae3945de9c67e1d01f3281b6000a5aba41feef43b323c6a6a89f7e740a0ccbb4afbd271dd450296116288092b2257acc042b35fc589595340c7f248930550011acbbda437002a98ba5d46df1f77e809dbb7b", &(0x7f0000000140)="d19e12b9ab488af99b93ef748e41c8433d3520ee952f22d439380a0495312278c3ef750fd1100e8d55d128b7de"}}, &(0x7f0000000200)=<r2=>0x0)
fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f00000006c0))
timer_gettime(r2, &(0x7f0000000240))

13:48:19 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0//ile0\x00', 0xfffffffffffffffc, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000380), 0x12)
write$P9_RSETATTR(r1, &(0x7f0000000040)={0x7, 0x1b, 0x1}, 0x7)

13:48:19 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:19 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:19 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:19 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0820f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:19 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:19 executing program 1:
io_setup(0x4, &(0x7f0000000000)=<r0=>0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={<r1=>0x0}, &(0x7f0000000100)=0xc)
get_robust_list(r1, &(0x7f0000000280)=&(0x7f0000000240)={&(0x7f0000000180)={&(0x7f0000000140)}, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)}}, &(0x7f00000002c0)=0x18)
io_setup(0xef, &(0x7f0000000040))
r2 = gettid()
ptrace$peek(0x2, r2, &(0x7f0000000080))
io_destroy(r0)
io_setup(0xf5, &(0x7f0000000400))

13:48:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000280)="5b1b6847af68dc7bd1f9efb76f6cbbf50a708edf0ea5fe910dd29997c90ac5bff6bd7fb5bd1a612995583b364962f1486acfa1891150ce62aaa1ea2550f7d76ba91bee5cbe0d5ad1908f4fd53505e574da4d3d96c3000c18d38ee67fccdb86f2e1bbb1df066bcf6fc8bcc94a9578a77317046028e7756b15a9f390a99adae4b2477e53705ecbd38036e77637152f83d2a688a9a6a4069f6237002cfa69ca8091149d469b92ccf7b2a480d893c7f37f89b42b291a33ce6a277243b03c58e5a643d33d9d764e2f4a6f32d542d06d117d5ba52720b6f93e7741c703337bd6ed5711a9c172d0ff0d2ca5db819a7f26e2998fb1d341b5cadee2cf022aaad1304c79e9")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000000)="0f20e06635000020000f22e0360fc75b00baf80c66b8beda048e66efbafc0cb000eedcdcba400066ed0f01b20000d9ed660f06d970000fc75c3a", 0x3a}], 0x1, 0x0, &(0x7f0000000080), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080), 0x10)
syz_kvm_setup_cpu$x86(r0, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, &(0x7f00000001c0)="66baf80cb85c6ac782ef66bafc0cb8fc0f0000ef40f40f01cb0f01df0f01cb0f01df66baf80cb850aa9985ef66bafc0c66edc441f8116e380f2015671af1", 0x3e}], 0x1, 0x64, &(0x7f0000000240)=[@efer={0x2, 0x8000}], 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f00000000c0)="0fc71bb802008ec026660f011f0f20849af8ff320066b80500000066b9309500000f01c1f20f01a200080f070f01c80f09", 0x31}], 0x1, 0x44, &(0x7f0000000140)=[@cstype3={0x5, 0x9}, @cr4={0x1, 0xf3a481cb937f0e55}], 0x2)

13:48:20 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:20 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r4 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
ioctl$TIOCEXCL(r4, 0x540c)
accept4$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14, 0x800)
rt_sigtimedwait(&(0x7f0000000400)={0x5}, &(0x7f0000000040), &(0x7f0000000440), 0xfffffffffffffe56)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
getsockopt$bt_l2cap_L2CAP_CONNINFO(r4, 0x6, 0x2, &(0x7f0000000340), &(0x7f0000000380)=0x6)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:20 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4626020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:20 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0xfffffffffffffed4)
mq_unlink(&(0x7f00000000c0)='digest_null\x00')
r1 = accept4(r0, 0x0, &(0x7f0000000200), 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
accept4(r1, 0x0, &(0x7f0000000000), 0x0)

13:48:20 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="2f20f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:20 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:20 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673fc", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:20 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x3)
ioctl(r0, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x3, 0x0)
ioctl$KDGKBLED(r1, 0x80045113, &(0x7f0000a07fff))

13:48:20 executing program 3:
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f00000000c0)={'filter\x00', 0x12, "cb1665ecca5b7ee7453aef90f8fefae9d535"}, &(0x7f0000000100)=0x36)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xc, 0x2, @dev}]}, 0x28}}, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f0000000040)={@remote, 0x64, r3})
r4 = msgget(0x3, 0x3e)
msgctl$MSG_INFO(r4, 0xc, &(0x7f0000000140)=""/109)

13:48:20 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
clock_gettime(0x0, &(0x7f0000000300)={<r3=>0x0, <r4=>0x0})
rt_sigtimedwait(&(0x7f00000002c0), &(0x7f0000000040), &(0x7f0000000200)={r3, r4+10000000}, 0x4)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:48:20 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:20 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0c20f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:20 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x40000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:20 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:20 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_create1(0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x0, 0x99, 0xe2, &(0x7f0000000100)="6d75e543e4425140acfba10607a9f1dde6343aa8629d8970aab18c5d07646dae81172cf01c4ec6b35c274c819b9a8333364c3b1fa8bcd5a3b8a8c126ce0038faaea733052de663b660ff04e7a219c9656588b303f3a809c99710f0b7bd14f3040ed5de2899e425b34c1947e0b0e801eeb0c35209365eeae8e009f75744725cb68c38a758b2bcf86a936461fd278f0866f65aa05b5d6cd0f017", &(0x7f0000000340)=""/226, 0x100000001}, 0x28)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0))
syz_open_pts(0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x300, r0, &(0x7f0000000040))
r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$inet_group_source_req(r3, 0x0, 0x2e, &(0x7f0000000200)={0x8, {{0x2, 0x4e20, @broadcast}}, {{0x2, 0x4e22, @local}}}, 0x108)

13:48:20 executing program 1:
r0 = getpid()
sched_setattr(r0, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x3, 0xf000, 0x1000, &(0x7f0000ffe000/0x1000)=nil})
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = creat(&(0x7f000009aff8)='./file0\x00', 0x0)
write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"410f44be5f55ea719cbb6635"}}], 0xe)
pwrite64(r3, &(0x7f0000000440), 0x0, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
dup2(r1, r2)

13:48:20 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xfffffffd, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:20 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1120f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:20 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="62747266737f", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:21 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:21 executing program 3:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000005c0)={{{@in=@rand_addr, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@remote}}}, &(0x7f0000000380)=0xe8)
stat(&(0x7f00000003c0)='./file0/file0/file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)='fuse\x00', 0x0, &(0x7f00000006c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r3}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}, {@allow_other='allow_other'}]}})
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c08aea9279cc527d0aa", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r0, &(0x7f00000030c0), 0x1000)
lsetxattr(&(0x7f0000000180)='./file0/file0/file0\x00', &(0x7f00000001c0)=@random={'user.', '\x00'}, &(0x7f0000000240)='user_id', 0x7, 0x0)
read$FUSE(r0, &(0x7f0000001000), 0x1000)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='./file0\x00')
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50)
umount2(&(0x7f0000000040)='./file0\x00', 0xa)
r4 = syz_open_dev$adsp(&(0x7f00000009c0)='/dev/adsp#\x00', 0x1, 0x20001)
r5 = syz_open_dev$mouse(&(0x7f0000000a40)='/dev/input/mouse#\x00', 0x20, 0x1)
renameat(r4, &(0x7f0000000a00)='./file0\x00', r5, &(0x7f0000000a80)='./file0\x00')
write$FUSE_DIRENT(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="90000000000000000200000000000000010000000045c694ff760000000000000b000000000066ce656d316e6f246576656d310000000000000000000000000000002c000000000000000000000000001c000000000000002b7379737465746a48be1b31486dcc6370757365746367726f7570246367726f000000000000000000000000000000000000000000000000"], 0x90)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000000ac0)={<r6=>0x0}, &(0x7f0000000b00)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r5, 0x84, 0x78, &(0x7f0000000b40)=r6, 0x4)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000780)='/dev/rtc0\x00', 0x0, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000880)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)=@getneightbl={0x14, 0x42, 0x110, 0x70bd2d, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2000c0d5}, 0x2000c000)
r8 = request_key(&(0x7f00000008c0)='dns_resolver\x00', &(0x7f0000000900)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000940)='allow_other', 0xfffffffffffffffc)
keyctl$describe(0x6, r8, &(0x7f0000000980)=""/63, 0x3f)

13:48:21 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
r4 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000600)="009396bb21f2a691384e7c76e5724045dcd1ed12306514ecd77269af23b78e5a2b5523fb00369d335ddd10fc21856bb76330d19bfcbde2ff42acb5db63e5926d60bbd35637ab0282621ea03e2a70e184d2aaa48cfa15e11e12d8141d7c51b1c26582f9dd0007efd9635548077cb796669e4743a125acc73f8f88ea748743ff70b4de19462eb38c31008e4bb2870b2706cd511c52da32bead0e1239f42d76e2bc3eb809fcd86cd6aa3d9c2984cc7b26579cdec5da2c1a185f290e9419083d1ccfe6cad9120c8e9b43fc567bb2a36e5369119b42acadc89f320016de1b82b5db14d1e6feef96144542d89d5498e893c7f823ac01d3681aff2261b93b11a7f357d54013be934104fd1c179b6e9b30bb865a09fc437674ed3404ddf56eae12d6831072557c6d25c1a3db933fa768a5254a45896960b9c048983c6ebc29513cf9f3a0838e4421a5e615250f29e63a7ec6ebeaba826020409afa0d3080a4003cea3a67acf16e9bbe325093883e86b616537a96c8e9d884173b86fe20d0ff95f5ca1ff617ae69fc3623ae070c1629846355418d1bb078b24637beea38197d8a7c7e1ca58f817d9ced3619f0f5c523d71337219b67a13dc983029cefd431b1379cfd63c10688daa18f1cec86f567760d2753ec32b049192b61a7f7abe0ec31e2855da99b7df9e206169fc56cbd1e8a3400c07d52d925f88fda790cf4b16a3d66317cbd7810d0be8e210574cf4bde8676265c162198a2b6374b2c7a67f9d6ec4b5cedef9c362a5590f46f685672c734e97c0c4c9eb023a8122be67ad24f6912ff02a0766b135f97b89b168d90e1e05da9afb6179b6fb925497face1d8216faf1bf359d3ec7e513e8113e62b335cadf789737d3017389a049f00d21e2806f2edaa6ea4aea6ebebe5d9bbb56fe4db30cd201a60818227e84a65ba1922f0b4c1f28d6af5c2a249ef07b05d48ba2109d957a8fa5d03ef50330e77b2ce552bc90ae2a029c4fa861d617f3dd072db00441c392def336302094929ff4d575b7c0fdfdbfd5127c4a010ca8f48deeed9f73a2c9eb8eead6476ed994cbc38d44cd47ef613b8abe37cbc0ae222d1fbb1244990dbef0ae257d45a57d5abeba93a659ddedff88eb3432bfdec71b4c2c5e67076be748990b9b057013778d6035894a2686c50e2b79e57211e84ae123f267028536fa301fa92ca9999181532ffd29b38ee4a1df1049c068c58ae2d4c674d7cc8f873900adfd779b4dce9c1c8b36f47eb0828cb5b095ff68da26cb5082a60a4aeb167ad5b93d0b9e937104ba4a62253f1dda00581091a0e0104116b09f04bd03e321a9bfc705356e07d25a90f474a5856eba1aed9949235c4b0e1becfccaa0362dd6950c0f8f4a45ac270f6e596795770fcd044b22ef80f2a7ab072465f22fb5f679239643e5392b5e051897cd5809dd91111b8b61a370b52f3f86b363af251c54299a2ce26efcc7fe45d48aba5d398a0f87b41128b074619dbe231763b0896c15b0454ec20e2a075dc46069d166abd925063ef570eed634cd4fa197eeda21e005f86f684e3771ca9fa437d3dedb83264d9bead0a32775042a96ad6a45405476a83cdd0931860b22724fa64659793c8e4c2cf5fdc66ccc616ea063e51bc22d79d5dd05db4d816ac943dc514c73310db77fd1a79ad5d334624fd96a70440bcafe3d3bdfeae30bf32aa71be37b5899c2ca860a1c9b6f0c926435ecf642b222e758bb29899374c11c24cfd4be55ed09fc82c68cf57fa2f9da24b46ad56d0a04be83b4c2d9d64cd8f79925163fbd7007945ec132984c6ce341535fecf5839da1d3bbee3ea6860b0783bfaa32706e2e909477d8e4c7c42f7ebe9529c45dc857c17af98e415b46f02bf6b4823240b30c4926312d03bdf513e47a74186a6d54e7c0543b4cc7c01a845bb51da396d47d6b7c2eff27f569aae30c7f4d8b4dd654e399edc7cf4b4adb7ec8a4baa9a7e16c24e8e6ae44863c55f475b8cb01396af272b7d033fa23758f0951723c74e63dd41aa51c54009adb315532f38cb19ebd854eea3392ee7a11c744028cde03d13c9a7d6dbf59e2df0af024a374c8a589f0a9e030665251bf1aca88e697e032c1f97179b6a197eb47df4a397429e64b9b2530fbe754d7a93162beacae887da5b9251fcf2f33dc6dc51afa77fdc907ea3bd6deb23d0b77706ae26f5192414935aa8dea0843374266091c4fcf2e53debdb62f6d38ced6b25e6de0d74379c46abc3932b73fed387ab6928c7e26711e9e6f8956b6b53c0f1cba4099f1ea4d0fc87920f23abcf19df55c584321ce0510e45d3a4a481c80987318b2124c19efc46d836fc880a21d23ed4f736c739bf32a4268ccbf551cae44fc6e99c50e541e7d168f61934c691e80f54a2928e66ddf963f7c268e2cbe4c85125c70031968c6fd9320e9629c50c210812ed94ab4feb906a764b13b81dac1d45796bfe84c762fd5f7084bd04a132cbea27f47bcd13755480690a6a70533a7308764f1232ccb944d7dc2ace7a86209aec4b950dc3891e100c8471039692b9a2d71083daffdf67b186013cda72f6874f781819d06516bf40677262bed301cefabf26bffac9110db5323a36c1c0c6725519d4f53ed83c12d9e78c591963cbbfe70fd4d8078d9471e0a33a4af46d6be499ad05f529cf6d52ba06fa56eb49fdc90ad8c2402ee5e2951b4bb16cda878d8a1086157e08641cac884fe31e12820521d16a23e9aba5c9f82a7ac74b98fcb9e32ef61f01c9ee8e2ce829570ecc68b0cbd59ddcd0a43ad4222fd49d650a3e9a8dd3bad07c61af625d80488e0f73e46364e89dfcc79a4b98da363a05f461d606ac17028edc305dcb23eead730634e52f1f360a8d5e4c6b632a991ccecce8ac1ba5ffb31123022785fcf20ff0c80322682a59c9d3edb28104b1ebf149983aab6d6dae41050033dd4a17b33bdea0467975fdec749409c579f3803d449392f9d56f6be77874a4b49d6154ac1aebed89d17e3bc0d0acea2028a22599b4431fab1556bffcadec2587ae0d70025f47f8b7df903c9c11b4b31b1ee892664e60a3348ccd313d313954052bd7c8d206271362ad147bf6356df38c7c9bb9f3331277498681d9a97cd44cb18e0cdbe111735db704507ad5f99b29a0e7935f296fbb67327737caaa2b636103c01a253175a7420a8b06a4140546f1a0234d5ea4597e8a987e0635a2bc95338fd30aca7f5dc6d0eab2a0eafcdeeb2a2d159fb3f457a48d3afa76182f8aad1fedb3495c8d91df36afb390e3f6257a125598b4f4d5241e87f2c82e8a326cb66898026c941c623c5d5058578bb327ac0385fa3f477623c09ca5e7ac41e8146910d6d9ee4800a64efe034d10e2735dc786d68057a52c8944ba6810f119270b66baaea947b3321e2647b53dcef9970d31c7256715bef6049b226bae66e0b4b42a841931dd29fad9b01e77365ac7f064f0331d17398cfb0d3de9d429206a94ca2babccc98f75a1808d2cdb154568e97d55dbda4500ed7f1c5b67cb22e9e927daeec4f80e394e6523c6a7b1304042a36d6c9246e6563671e2e181c99815172b29844e56bdcfd5ae8777900d9ea0d7a0c6a640d859cc354547a95ecda496cee11cdfb418bb4287dc4b6671f6ebc54cb60b5b515ac1d579312af6e9744940649ec7a1dbc1b7f6353c6334916b562c16272f3450b331dca3ce21579e3457056f8d4104dd60501d2ef5ea2af581d507e24b7573b57c39038865ce7336aa1ef210968580caae5b7d49b51c5147dcd13a4be2fbf8183bb25a33a47cb661f222aa7d3b9d0e64a46f7fc8fad5a5e19be0ab535549bef0fd0db11b6d8e6baaf4e6a241406408a5d07e6be5a6e7fbc6ba5364e03b41b54bd46fee282ae49f384131d54216d5a3dd8ae7b6034cc61513465b5e85fadb8e09e2e1a1a09cc5c7fa337e617e73dcc171bd1dae293d98f6442fde130c4c981d10cbf177c309c0fec1168e774a54751358cfe534ae47b9a460621d1e6bc87c45809cac1b6bf798b398e82db67078196c5e1275e607eed86c00747bed5469e4b942fe0e159a8fbbeecd10728ccfd3bc62c324befc5b0195f14150d441014d796b31f3ff0311859a7765eff8ee366df8946069c6969119440522ea3a01e9351098d6626350526ed3a443100b5b6db79863911aa8477695e1d907b94aae5da5e8a0935fe4b7f6ecba724ac948229467be5994c9ec55b1c1bc8c6ef805c9169f08ebdf252824976eeba163d7ac6c8ceca1fb64f51c222046502c5475102b6c4f479cc9459fa5ad07e8e880c1ad3c133a2460a73bc00a9c7a4de43e318d4651e2640fdf89f6aaa9377a81ca6e5049a8d67844ead95a67184396edd9d65cf760c7aa50ed9ed0d2b3cba2206f834b064645b7403d8fd6fa808fbd3f64c8297059dde4abb24568ab57e9d05a36998a92197eed330fffcee4c422074bfb6bb04a2c967afd3b1df1f441a2aaf4bee5e7a3231e2d2e84ed3587e05deb0b6d50b545a441c94aee213f3fc7bc102e796c2a9e9fb1d6ec598d59998db6a26510993d22839dece917c2f74b1697ec7f0d5fbfba3b9faac501e47d12ade016aff420d12a6d09da74d6cecd74bb8035f3378deb155f9c20d29a3ba271d9b4c0337e3512f74e88e5ba3717504fc79cfdb11e77208e66095eac4139c468a083acc984616d00915df8155eb5ecdb782ae6f8d924d3cf87b6eb09e05df4db519032413c1ed23184e98bc31859c88291fde2cf2e0bab9f0d356b87dad555d31f7ae0b667cbe2d10021d4c1231e3076974656b872e229a8e4359e5669d0f391e8f0e0158a15ac96dfb19bfefe017692ee8521c8628ae2fa9ea1a9d3cd20519f3bfa470b57dc03526b9f63adca3108a17f781084f39b0625bdbeae285c6308462ea02911a3f55a7f08846a18eb68a3f42848a4707582250cf64000af0ed6bf534dab892ed0e2a0c108b50adcb901e78f9847587b9fec0e0798669d3add9c645f8e008558dd728ed54a7034f635fd8bf5e0ad580443899080afe7ec77d5df5ec6e5a976056b69257d334eaaf10b25f0ba545af6f793cc8301684fb78ddf4a0b9e9d34b755f0deeeea6f8fa1ca2f09828c4a3d329618e88a5f1d25e5f0b9347ce8c9e12937443f3718ee55d234cc7a7b02db076260771407f50c25827cfce329ccf1e42b94ea00297b8a49457ddf5f7b9dc86272ab83da5e546d57f686d858688fd58572fb9ebf8243c248f297719df3056ade1bb78fa3e2499822dfa13ca02b89303db7744d1d0c5f02a26a616dc40f6030fffb60aa2d8873fdf6b77a18ba4c67172f94a0db26cc52a3703e3cccffca00f5f7a04813b785c4df35e38fc9ef88c8ec8452c5cc5431b24962b08c5c1cdc2c1c9e2effc508112e86215c8d848e9619ab8312699e80ac131d9bd0043acc2a745ed22884642a23611cdd14abd588389e9b6a0aea1864f7f10b42c38d5cadbfc61ed227efe2dcf34d868f613b05d27b5c410b70b0cb2ae0d9e703e01c0709844384c69247ae64cd9e224d01146d91e21b8687d1e7c1e5159953043be031e9bea1f7d7dc04b9bdd0b031755326dbd43acd2efba4aec9560ce23ef91b0edfa0dbf98cb754a0074a5e8f792ecfcd6cc67113804b9482837174e36b6ce403c06d17c2cf87f62a5776c5f095a1f9d3316156f7511014867556c4672599f5b57c8f4c3bec38f7f72bbe206bf44d430b5d1e9f05fb3d03f7251709f16343e3aec0d2900840fd094661d37aef71f78a0df065620acc45afd1f51f8819b3f13948f52783bf6150f388ebc48da2541e4bdedaf91f7720e800f966", 0x1000, 0xfffffffffffffff9)
r5 = add_key(&(0x7f0000000400)='cifs.idmap\x00', &(0x7f0000000440)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000480)="056171b13ebeba86973991c85b099a0fb33a5baa8fc0d47ab5fb65d06aecfbcbfdb0d4e200eccc3e0d395e", 0x2b, 0xffffffffffffffff)
keyctl$reject(0x13, r4, 0x1, 0x10000, r5)
ioctl$EVIOCGABS0(r3, 0x80184540, &(0x7f00000004c0)=""/167)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000002c0)={0x10001, 0x206, 0xbe, 0x6, <r6=>0x0}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000340)={r6, 0x5, 0x10}, 0xc)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000380)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13:48:21 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x600000000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:21 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x4002, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x1000000000004e24, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000040)={'NETMAP\x00'}, &(0x7f0000000080)=0x1e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmmsg(r0, &(0x7f00000002c0), 0x500, 0x20007ffc)
r2 = syz_open_dev$sndseq(&(0x7f00000002c0)='/dev/snd/seq\x00', 0x0, 0x400)
llistxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)=""/97, 0x61)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000180)={0x16, @tick=0x5, 0x2, {0x6, 0x7fffffff}, 0x6, 0x2, 0x11b})

13:48:21 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0720f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:21 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:21 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:21 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:21 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000180))
write$cgroup_int(r0, &(0x7f00000000c0), 0x12)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000100)={0xffffffff000, 0x80000001})
ioctl(r1, 0x8912, &(0x7f0000000040)="0a5cc80700315f85715070")
flock(r0, 0x7)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64031, 0xffffffffffffffff, 0x0)

13:48:21 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x2000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:21 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0e20f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:21 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfsz', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:21 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:21 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, &(0x7f0000000440)={@in={0x2, 0x4e23, @loopback}, {&(0x7f0000000340)=""/156, 0x9c}, &(0x7f0000000400)}, 0xa0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
getsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
sync()
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13:48:21 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
read$FUSE(r0, &(0x7f00000030c0), 0x1000)
read$FUSE(r0, &(0x7f0000001000), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)
chown(&(0x7f0000000600)='./file0\x00', 0x0, 0x0)
r1 = geteuid()
lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='fuse\x00', 0x8000, &(0x7f0000000640)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xb000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x1}}, {@max_read={'max_read'}}, {@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0x4}}, {@blksize={'blksize', 0x3d, 0x200}}, {@max_read={'max_read', 0x3d, 0x5}}, {@max_read={'max_read', 0x3d, 0x1}}, {@default_permissions='default_permissions'}]}})
r3 = dup2(r0, r0)
ioctl$sock_netdev_private(r3, 0x89ff, &(0x7f0000000240)="d6340d86df8285797a0171766c38061a671909b6f993c9bd3d8c1133d62655c04311c2d9040407b4a47ce4ac4c43bc0a120a9bab25b3fadd9e0255dd0cc954a4cc5d77c96cc199edf6e8a0ecd99bb4a13588e3b2e86e57357e14844bca653ab280533ef4dea2733c814f748ec8ce865128ac5b4e25c8250090374e8a817ace3151")
write$FUSE_DIRENT(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="9000000000000000020000000000000001000000000000000000000b00001ea90066ce656d316e6f246576656d310000000000000000000000000000002c000000000000619fcd3823b7c94f5a3276ce8c9441000000000000617bec4fd25b21307379737465746a48be1b31486dcc638d4e7361746367726f7570246367726f00040000000000000000000000000000"], 0x22f)

13:48:21 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="0620f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:21 executing program 3:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r0, 0x0)
ioctl$sock_SIOCOUTQ(r0, 0x894b, &(0x7f0000000000))

13:48:21 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x1f00, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:22 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  633.469194] f2fs_msg: 198 callbacks suppressed
[  633.469213] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0xf2f52006)
[  633.481701] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  633.493602] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  633.500844] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  633.510606] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0xf2f52006)
13:48:22 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x3, @local}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000280))
getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xfffffffffffffff9)

13:48:22 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)="627472667310", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  633.518660] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  633.554232] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  633.561841] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
13:48:22 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create(0x7)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00003b5000)='/dev/rfkill\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000480)={0x10, 0x23de4e66}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x14, 0x22, 0x1, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

13:48:22 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xa00, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

[  633.658661] F2FS-fs (loop6): Magic Mismatch, valid(0xf2f52010) - read(0xf2f52006)
[  633.666416] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
13:48:22 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:22 executing program 3:
r0 = getpgid(0x0)
sched_setattr(r0, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001fe8))
r2 = epoll_create1(0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000019fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1})
close(r2)
r3 = memfd_create(&(0x7f0000000200)=':md5sum\x00', 0x0)
pwritev(r3, &(0x7f0000000100)=[{&(0x7f0000012000)="ca", 0x1}], 0x1, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4})
close(r1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0)

13:48:22 executing program 6:
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000680)='./file0\x00', 0x8000, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000400)="1034f5f20100070009000000030000000c0000000900000002000000010000000000000000480000000000000d00000024000000020000000200000002000000020000001a000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x400}], 0x0, &(0x7f0000000100)=ANY=[])

13:48:22 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

13:48:22 executing program 7:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="0a5cc80700315f8571")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='fd/4\x00')
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000003c0)={<r3=>0x0, 0xd8, &(0x7f00000002c0)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x17}}, @in6={0xa, 0x4e24, 0x7, @mcast1, 0x7}, @in={0x2, 0x4e22, @multicast1}, @in6={0xa, 0x4e23, 0x3, @remote, 0x3}, @in6={0xa, 0x4e20, 0x2, @mcast1, 0x800}, @in6={0xa, 0x4e22, 0x7fffffff, @dev={0xfe, 0x80, [], 0xa}, 0x6}, @in6={0xa, 0x4e22, 0x641, @empty, 0x6}, @in={0x2, 0x4e24, @broadcast}, @in6={0xa, 0x4e20, 0xeda, @mcast1, 0x10001}]}, &(0x7f0000000400)=0x10)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000440)=@assoc_value={r3, 0x7ff}, 0x8)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000200)={0x77359400}, 0xfffffffffffffe9c)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000000c0)={0x3, 0x8, 0x1000, 0x0, 0x9})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13:48:22 executing program 0:
pipe2$9p(&(0x7f0000000880)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070")
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x4526020000000000, &(0x7f0000000940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@posixacl='posixacl'}]}})

13:48:22 executing program 2:
syz_mount_image$btrfs(&(0x7f0000000080)="6274726673ff", &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000500)="8da4363a00000000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a00000100000000007835dbce0188ffff5f42485266535f4d", 0x48, 0x10000}], 0x0, &(0x7f0000000240))

[  862.579050] INFO: task syz-executor1:12976 blocked for more than 140 seconds.
[  862.586526]       Not tainted 4.18.0+ #195
[  862.590949] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  862.598959] syz-executor1   D23320 12976   4476 0x00000004
[  862.604645] Call Trace:
[  862.607277]  __schedule+0x87c/0x1ec0
[  862.611146]  ? __sched_text_start+0x8/0x8
[  862.615331]  ? graph_lock+0x170/0x170
[  862.619168]  ? graph_lock+0x170/0x170
[  862.622986]  ? graph_lock+0x170/0x170
[  862.626842]  ? rcu_note_context_switch+0x730/0x730
[  862.631819]  ? lock_acquire+0x1e4/0x540
[  862.635838]  schedule+0xfb/0x450
[  862.639221]  ? lock_downgrade+0x8f0/0x8f0
[  862.643459]  ? __schedule+0x1ec0/0x1ec0
[  862.647481]  ? mark_held_locks+0xc9/0x160
[  862.651660]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  862.656266]  ? _raw_spin_unlock_irq+0x27/0x70
[  862.660807]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  862.665846]  __rwsem_down_write_failed_common+0x98b/0x1650
[  862.671504]  ? rwsem_spin_on_owner+0xa40/0xa40
[  862.676106]  ? lock_downgrade+0x8f0/0x8f0
[  862.680290]  ? trace_hardirqs_on+0x10/0x10
[  862.684543]  ? is_bpf_text_address+0xd7/0x170
[  862.689065]  ? __lock_acquire+0x7fc/0x5020
[  862.693315]  ? __save_stack_trace+0x8d/0xf0
[  862.697663]  ? trace_hardirqs_on+0x10/0x10
[  862.701911]  ? save_stack+0xa9/0xd0
[  862.705559]  ? save_stack+0x43/0xd0
[  862.709214]  ? __kasan_slab_free+0x11a/0x170
[  862.713646]  ? kasan_slab_free+0xe/0x10
[  862.717667]  ? kmem_cache_free+0x86/0x2d0
[  862.721851]  ? putname+0xf2/0x130
[  862.725315]  ? filename_lookup+0x397/0x510
[  862.729583]  ? graph_lock+0x170/0x170
[  862.733404]  ? do_syscall_64+0x1b9/0x820
[  862.737488]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  862.742870]  ? kasan_check_read+0x11/0x20
[  862.747041]  ? do_raw_spin_unlock+0xa7/0x2f0
[  862.751486]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  862.756114]  ? lock_acquire+0x1e4/0x540
[  862.760106]  ? chown_common+0x3a9/0x730
[  862.764111]  ? lock_release+0xa30/0xa30
[  862.768111]  ? check_same_owner+0x340/0x340
[  862.772465]  rwsem_down_write_failed+0xe/0x10
[  862.776983]  ? rwsem_down_write_failed+0xe/0x10
[  862.781680]  call_rwsem_down_write_failed+0x17/0x30
[  862.786723]  down_write+0xaa/0x130
[  862.790300]  ? chown_common+0x3a9/0x730
[  862.794297]  ? down_read+0x1d0/0x1d0
[  862.798058]  ? graph_lock+0x170/0x170
[  862.801881]  chown_common+0x3a9/0x730
[  862.805727]  ? chmod_common+0x590/0x590
[  862.809748]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  862.815335]  ? __mnt_want_write+0x2f9/0x3e0
[  862.819701]  ? rcu_read_lock_sched_held+0x108/0x120
[  862.824770]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  862.830332]  ? __sb_start_write+0x17f/0x300
[  862.834681]  do_fchownat+0x16e/0x250
[  862.838419]  ? __ia32_sys_chmod+0x80/0x80
[  862.842588]  ? ksys_mount+0xa8/0x140
[  862.846324]  __x64_sys_chown+0x7b/0xc0
[  862.850234]  do_syscall_64+0x1b9/0x820
[  862.854147]  ? finish_task_switch+0x1d3/0x870
[  862.858662]  ? syscall_return_slowpath+0x5e0/0x5e0
[  862.863658]  ? syscall_return_slowpath+0x31d/0x5e0
[  862.868707]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  862.874100]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  862.878973]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  862.884183] RIP: 0033:0x457089
[  862.887406] Code: 08 e8 3b a9 fb ff 48 8b 44 24 20 48 8b 4c 24 18 48 8b 54 24 38 48 8b 7c 24 48 eb 8d 48 8b 6c 24 50 48 83 c4 58 c3 48 89 04 24 <48> 89 5c 24 08 e8 0d a9 fb ff 48 8b 44 24 40 48 8b 4c 24 48 48 8b
[  862.906345] RSP: 002b:00007f81951a4c78 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
[  862.914090] RAX: ffffffffffffffda RBX: 00007f81951a56d4 RCX: 0000000000457089
[  862.921381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000600
[  862.928677] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  862.935981] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  862.943295] R13: 00000000004cb3a0 R14: 00000000004c78eb R15: 0000000000000000
[  862.950605] INFO: task syz-executor1:12981 blocked for more than 140 seconds.
[  862.957904]       Not tainted 4.18.0+ #195
[  862.962149] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  862.970142] syz-executor1   D24480 12981   4476 0x00000004
[  862.975810] Call Trace:
[  862.978431]  __schedule+0x87c/0x1ec0
[  862.982177]  ? __sched_text_start+0x8/0x8
[  862.986354]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  862.990957]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  862.996229]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  863.001275]  ? trace_hardirqs_on+0xd/0x10
[  863.005450]  ? prepare_to_wait_event+0x3ad/0xa40
[  863.010240]  ? prepare_to_wait_exclusive+0x480/0x480
[  863.015508]  schedule+0xfb/0x450
[  863.018906]  ? __schedule+0x1ec0/0x1ec0
[  863.022932]  ? check_same_owner+0x340/0x340
[  863.027280]  ? do_raw_spin_unlock+0xa7/0x2f0
[  863.031719]  ? replenish_dl_entity.cold.54+0x37/0x37
[  863.036851]  request_wait_answer+0x4c8/0x920
[  863.041290]  ? fuse_read_forget.isra.22+0xdc0/0xdc0
[  863.046327]  ? finish_wait+0x430/0x430
[  863.050247]  ? finish_wait+0x430/0x430
[  863.054165]  ? finish_wait+0x430/0x430
[  863.058094]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  863.062690]  ? fuse_dev_ioctl+0x430/0x430
[  863.066870]  ? kasan_check_write+0x14/0x20
[  863.071127]  ? do_raw_spin_lock+0xc1/0x200
[  863.075393]  __fuse_request_send+0x12a/0x1d0
[  863.079825]  fuse_request_send+0x62/0xa0
[  863.083945]  fuse_simple_request+0x33d/0x730
[  863.088384]  fuse_lookup_name+0x3ee/0x830
[  863.092625]  ? fuse_valid_type+0xb0/0xb0
[  863.096716]  ? mutex_lock_nested+0x16/0x20
[  863.100992]  fuse_lookup+0xf9/0x4c0
[  863.104643]  ? fuse_lookup_name+0x830/0x830
[  863.109008]  ? lock_release+0xa30/0xa30
[  863.113013]  ? mark_held_locks+0xc9/0x160
[  863.117197]  ? d_lookup+0x221/0x340
[  863.120857]  fuse_atomic_open+0x223/0x350
[  863.125038]  ? fuse_lookup+0x4c0/0x4c0
[  863.128936]  lookup_open+0xdbb/0x1b90
[  863.132772]  ? vfs_link+0xb70/0xb70
[  863.136420]  ? down_read+0xb5/0x1d0
[  863.140070]  ? path_openat+0x2387/0x4c90
[  863.144164]  ? __down_interruptible+0x700/0x700
[  863.148883]  ? graph_lock+0x170/0x170
[  863.152702]  path_openat+0x23a7/0x4c90
[  863.156619]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  863.161313]  ? path_lookupat.isra.45+0xc00/0xc00
[  863.166115]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  863.171145]  ? expand_files.part.8+0x571/0x9c0
[  863.175768]  ? find_held_lock+0x36/0x1c0
[  863.179869]  ? lock_downgrade+0x8f0/0x8f0
[  863.184046]  ? do_sys_open+0x3a2/0x760
[  863.187949]  ? kasan_check_read+0x11/0x20
[  863.192125]  ? do_raw_spin_unlock+0xa7/0x2f0
[  863.196630]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  863.201303]  ? __lock_is_held+0xb5/0x140
[  863.205405]  ? _raw_spin_unlock+0x22/0x30
[  863.209578]  ? __alloc_fd+0x34e/0x710
[  863.213387]  ? usercopy_warn+0x120/0x120
[  863.217482]  do_filp_open+0x255/0x380
[  863.221351]  ? may_open_dev+0x100/0x100
[  863.225384]  ? get_unused_fd_flags+0x122/0x1a0
[  863.229978]  ? __alloc_fd+0x710/0x710
[  863.233831]  do_sys_open+0x584/0x760
[  863.237570]  ? filp_open+0x80/0x80
[  863.241138]  ? __ia32_sys_read+0xb0/0xb0
[  863.245224]  __x64_sys_openat+0x9d/0x100
[  863.249316]  do_syscall_64+0x1b9/0x820
[  863.253213]  ? finish_task_switch+0x1d3/0x870
[  863.257737]  ? syscall_return_slowpath+0x5e0/0x5e0
[  863.262699]  ? syscall_return_slowpath+0x31d/0x5e0
[  863.267656]  ? __switch_to_asm+0x34/0x70
[  863.271734]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  863.277134]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  863.282001]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  863.287233] RIP: 0033:0x457089
[  863.290448] Code: 08 e8 3b a9 fb ff 48 8b 44 24 20 48 8b 4c 24 18 48 8b 54 24 38 48 8b 7c 24 48 eb 8d 48 8b 6c 24 50 48 83 c4 58 c3 48 89 04 24 <48> 89 5c 24 08 e8 0d a9 fb ff 48 8b 44 24 40 48 8b 4c 24 48 48 8b
[  863.309375] RSP: 002b:00007f8195183c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  863.317098] RAX: ffffffffffffffda RBX: 00007f81951846d4 RCX: 0000000000457089
[  863.324408] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  863.331689] RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
[  863.338987] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  863.346274] R13: 00000000004d2c18 R14: 00000000004c7e4e R15: 0000000000000001
[  863.353586] INFO: task syz-executor1:12999 blocked for more than 140 seconds.
[  863.360874]       Not tainted 4.18.0+ #195
[  863.365260] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  863.373366] syz-executor1   D23552 12999   4476 0x00000004
[  863.379037] Call Trace:
[  863.381650]  __schedule+0x87c/0x1ec0
[  863.385390]  ? __follow_mount_rcu.isra.35.part.36+0x175/0x890
[  863.391771]  ? kasan_check_read+0x11/0x20
[  863.395968]  ? __sched_text_start+0x8/0x8
[  863.400135]  ? trace_hardirqs_on+0x10/0x10
[  863.404669]  ? graph_lock+0x170/0x170
[  863.408498]  ? trace_hardirqs_on+0x10/0x10
[  863.412814]  schedule+0xfb/0x450
[  863.416203]  ? lock_downgrade+0x8f0/0x8f0
[  863.420380]  ? __schedule+0x1ec0/0x1ec0
[  863.424373]  ? mark_held_locks+0xc9/0x160
[  863.428545]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  863.433152]  ? _raw_spin_unlock_irq+0x27/0x70
[  863.437692]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  863.442765]  rwsem_down_read_failed+0x362/0x610
[  863.447487]  ? rt_mutex_futex_unlock+0x130/0x130
[  863.452265]  ? lock_acquire+0x1e4/0x540
[  863.456260]  ? path_openat+0x2387/0x4c90
[  863.460335]  ? kasan_check_read+0x11/0x20
[  863.464514]  ? lock_release+0xa30/0xa30
[  863.468521]  ? check_same_owner+0x340/0x340
[  863.473042]  ? lockref_get_not_dead+0x70/0x90
[  863.477572]  call_rwsem_down_read_failed+0x18/0x30
[  863.482535]  down_read+0xc3/0x1d0
[  863.486316]  ? path_openat+0x2387/0x4c90
[  863.490414]  ? __down_interruptible+0x700/0x700
[  863.495095]  ? __follow_mount_rcu.isra.35.part.36+0x890/0x890
[  863.501015]  ? graph_lock+0x170/0x170
[  863.504864]  path_openat+0x2387/0x4c90
[  863.508789]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  863.513505]  ? path_lookupat.isra.45+0xc00/0xc00
[  863.518297]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  863.523451]  ? expand_files.part.8+0x571/0x9c0
[  863.528081]  ? find_held_lock+0x36/0x1c0
[  863.532160]  ? lock_downgrade+0x8f0/0x8f0
[  863.536345]  ? do_sys_open+0x3a2/0x760
[  863.540262]  ? kasan_check_read+0x11/0x20
[  863.544436]  ? do_raw_spin_unlock+0xa7/0x2f0
[  863.548881]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  863.553493]  ? __lock_is_held+0xb5/0x140
[  863.557580]  ? _raw_spin_unlock+0x22/0x30
[  863.561759]  ? __alloc_fd+0x34e/0x710
[  863.565582]  ? usercopy_warn+0x120/0x120
[  863.569705]  do_filp_open+0x255/0x380
[  863.573525]  ? may_open_dev+0x100/0x100
[  863.577528]  ? get_unused_fd_flags+0x122/0x1a0
[  863.582131]  ? __alloc_fd+0x710/0x710
[  863.585964]  do_sys_open+0x584/0x760
[  863.589696]  ? filp_open+0x80/0x80
[  863.593368]  ? __ia32_sys_read+0xb0/0xb0
[  863.597460]  ? ksys_mount+0xa8/0x140
[  863.601208]  __x64_sys_openat+0x9d/0x100
[  863.605293]  do_syscall_64+0x1b9/0x820
[  863.609211]  ? finish_task_switch+0x1d3/0x870
[  863.613722]  ? syscall_return_slowpath+0x5e0/0x5e0
[  863.618686]  ? syscall_return_slowpath+0x31d/0x5e0
[  863.623641]  ? __switch_to_asm+0x34/0x70
[  863.627742]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  863.633133]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  863.638031]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  863.643254] RIP: 0033:0x457089
[  863.646482] Code: 08 e8 3b a9 fb ff 48 8b 44 24 20 48 8b 4c 24 18 48 8b 54 24 38 48 8b 7c 24 48 eb 8d 48 8b 6c 24 50 48 83 c4 58 c3 48 89 04 24 <48> 89 5c 24 08 e8 0d a9 fb ff 48 8b 44 24 40 48 8b 4c 24 48 48 8b
[  863.665435] RSP: 002b:00007f8195141c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  863.673190] RAX: ffffffffffffffda RBX: 00007f81951426d4 RCX: 0000000000457089
[  863.680482] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  863.687807] RBP: 0000000000930280 R08: 0000000000000000 R09: 0000000000000000
[  863.695219] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  863.702780] R13: 00000000004d2c18 R14: 00000000004c7e4e R15: 0000000000000003
[  863.710144] INFO: task syz-executor1:13065 blocked for more than 140 seconds.
[  863.717481]       Not tainted 4.18.0+ #195
[  863.721742] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  863.729801] syz-executor1   D25768 13065   4476 0x00000004
[  863.735462] Call Trace:
[  863.738094]  __schedule+0x87c/0x1ec0
[  863.741850]  ? __sched_text_start+0x8/0x8
[  863.746079]  ? graph_lock+0x170/0x170
[  863.749915]  ? graph_lock+0x170/0x170
[  863.753762]  ? graph_lock+0x170/0x170
[  863.757602]  ? trace_hardirqs_on+0x10/0x10
[  863.761889]  schedule+0xfb/0x450
[  863.765268]  ? lock_downgrade+0x8f0/0x8f0
[  863.769444]  ? __schedule+0x1ec0/0x1ec0
[  863.773437]  ? mark_held_locks+0xc9/0x160
[  863.777612]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  863.782221]  ? _raw_spin_unlock_irq+0x27/0x70
[  863.786749]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  863.791818]  __rwsem_down_write_failed_common+0x98b/0x1650
[  863.797476]  ? rwsem_spin_on_owner+0xa40/0xa40
[  863.802077]  ? lock_downgrade+0x8f0/0x8f0
[  863.806259]  ? trace_hardirqs_on+0x10/0x10
[  863.810629]  ? is_bpf_text_address+0xd7/0x170
[  863.815162]  ? __lock_acquire+0x7fc/0x5020
[  863.819418]  ? __save_stack_trace+0x8d/0xf0
[  863.823780]  ? trace_hardirqs_on+0x10/0x10
[  863.828038]  ? save_stack+0xa9/0xd0
[  863.831686]  ? save_stack+0x43/0xd0
[  863.835318]  ? __kasan_slab_free+0x11a/0x170
[  863.839757]  ? kasan_slab_free+0xe/0x10
[  863.843746]  ? kmem_cache_free+0x86/0x2d0
[  863.847937]  ? putname+0xf2/0x130
[  863.851408]  ? filename_lookup+0x397/0x510
[  863.855674]  ? graph_lock+0x170/0x170
[  863.859490]  ? do_syscall_64+0x1b9/0x820
[  863.863582]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  863.868990]  ? kasan_check_read+0x11/0x20
[  863.873182]  ? do_raw_spin_unlock+0xa7/0x2f0
[  863.877619]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  863.882236]  ? lock_acquire+0x1e4/0x540
[  863.886229]  ? chown_common+0x3a9/0x730
[  863.890237]  ? lock_release+0xa30/0xa30
[  863.894225]  ? check_same_owner+0x340/0x340
[  863.898593]  rwsem_down_write_failed+0xe/0x10
[  863.903120]  ? rwsem_down_write_failed+0xe/0x10
[  863.907827]  call_rwsem_down_write_failed+0x17/0x30
[  863.912917]  down_write+0xaa/0x130
[  863.916493]  ? chown_common+0x3a9/0x730
[  863.920513]  ? down_read+0x1d0/0x1d0
[  863.924290]  ? graph_lock+0x170/0x170
[  863.928110]  chown_common+0x3a9/0x730
[  863.931944]  ? chmod_common+0x590/0x590
[  863.935941]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  863.941528]  ? __mnt_want_write+0x2f9/0x3e0
[  863.945887]  ? rcu_read_lock_sched_held+0x108/0x120
[  863.950952]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  863.956508]  ? __sb_start_write+0x17f/0x300
[  863.960886]  do_fchownat+0x16e/0x250
[  863.964678]  ? __ia32_sys_chmod+0x80/0x80
[  863.968861]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  863.974506]  ? ksys_ioctl+0x81/0xd0
[  863.978178]  __x64_sys_chown+0x7b/0xc0
[  863.982096]  do_syscall_64+0x1b9/0x820
[  863.986032]  ? finish_task_switch+0x1d3/0x870
[  863.990563]  ? syscall_return_slowpath+0x5e0/0x5e0
[  863.995518]  ? syscall_return_slowpath+0x31d/0x5e0
[  864.000625]  ? __switch_to_asm+0x34/0x70
[  864.004720]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  864.010134]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  864.015016]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  864.020228] RIP: 0033:0x457089
[  864.023464] Code: 08 e8 3b a9 fb ff 48 8b 44 24 20 48 8b 4c 24 18 48 8b 54 24 38 48 8b 7c 24 48 eb 8d 48 8b 6c 24 50 48 83 c4 58 c3 48 89 04 24 <48> 89 5c 24 08 e8 0d a9 fb ff 48 8b 44 24 40 48 8b 4c 24 48 48 8b
[  864.042401] RSP: 002b:00007f8195120c78 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
[  864.050148] RAX: ffffffffffffffda RBX: 00007f81951216d4 RCX: 0000000000457089
[  864.057449] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000600
[  864.064763] RBP: 0000000000930320 R08: 0000000000000000 R09: 0000000000000000
[  864.072165] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  864.079514] R13: 00000000004cb3a0 R14: 00000000004c78eb R15: 0000000000000004
[  864.086953] 
[  864.086953] Showing all locks held in the system:
[  864.093480] 1 lock held by khungtaskd/771:
[  864.097823]  #0: 000000002f428db9 (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x428
[  864.106492] 2 locks held by rs:main Q:Reg/4331:
[  864.111172] 1 lock held by rsyslogd/4333:
[  864.115340] 2 locks held by getty/4424:
[  864.119328]  #0: 0000000029549663 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  864.127612]  #1: 000000000b4de706 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  864.136624] 2 locks held by getty/4425:
[  864.140614]  #0: 00000000d176c6ea (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  864.148889]  #1: 0000000035bc12c5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  864.157895] 2 locks held by getty/4426:
[  864.161897]  #0: 000000002c2aacc9 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  864.170176]  #1: 00000000b2c5d83d (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  864.179057] 2 locks held by getty/4427:
[  864.183045]  #0: 00000000b6047647 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  864.191315]  #1: 00000000d3d37de5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  864.200186] 2 locks held by getty/4428:
[  864.204193]  #0: 00000000ac05d74d (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  864.212442]  #1: 0000000062532e35 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  864.221456] 2 locks held by getty/4429:
[  864.225448]  #0: 00000000e9b74883 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  864.233730]  #1: 0000000042102df9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  864.242625] 2 locks held by getty/4430:
[  864.246623]  #0: 00000000fef16c29 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40
[  864.254896]  #1: 0000000031b6c737 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0
[  864.263868] 2 locks held by syz-executor1/12976:
[  864.268663]  #0: 000000005d40b241 (sb_writers#20){.+.+}, at: mnt_want_write+0x3f/0xc0
[  864.276712]  #1: 000000006aa5898f (&type->i_mutex_dir_key#5){++++}, at: chown_common+0x3a9/0x730
[  864.285723] 2 locks held by syz-executor1/12981:
[  864.290518]  #0: 000000006aa5898f (&type->i_mutex_dir_key#5){++++}, at: path_openat+0x2387/0x4c90
[  864.299702]  #1: 000000003aea1cc8 (&fi->mutex){+.+.}, at: fuse_lock_inode+0xaf/0xe0
[  864.307557] 1 lock held by syz-executor1/12999:
[  864.312230]  #0: 000000006aa5898f (&type->i_mutex_dir_key#5){++++}, at: path_openat+0x2387/0x4c90
[  864.321288] 2 locks held by syz-executor1/13065:
[  864.326063]  #0: 000000005d40b241 (sb_writers#20){.+.+}, at: mnt_want_write+0x3f/0xc0
[  864.334079]  #1: 000000006aa5898f (&type->i_mutex_dir_key#5){++++}, at: chown_common+0x3a9/0x730
[  864.343069] 
[  864.344736] =============================================
[  864.344736] 
[  864.351781] NMI backtrace for cpu 1
[  864.355509] CPU: 1 PID: 771 Comm: khungtaskd Not tainted 4.18.0+ #195
[  864.362081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  864.371420] Call Trace:
[  864.374012]  dump_stack+0x1c9/0x2b4
[  864.377628]  ? dump_stack_print_info.cold.2+0x52/0x52
[  864.382908]  ? vprintk_default+0x28/0x30
[  864.387083]  ? lapic_can_unplug_cpu.cold.29+0x3f/0x3f
[  864.392261]  nmi_cpu_backtrace.cold.3+0x48/0x88
[  864.396976]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  864.401641]  ? lapic_can_unplug_cpu.cold.29+0x3f/0x3f
[  864.406817]  nmi_trigger_cpumask_backtrace+0x151/0x192
[  864.412337]  arch_trigger_cpumask_backtrace+0x14/0x20
[  864.417515]  watchdog+0x9c4/0xf80
[  864.420959]  ? reset_hung_task_detector+0xd0/0xd0
[  864.425797]  ? kasan_check_read+0x11/0x20
[  864.429934]  ? do_raw_spin_unlock+0xa7/0x2f0
[  864.434330]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  864.439418]  ? __kthread_parkme+0x58/0x1b0
[  864.443645]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  864.448643]  ? trace_hardirqs_on+0xd/0x10
[  864.452787]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  864.458314]  ? __kthread_parkme+0x106/0x1b0
[  864.462625]  kthread+0x35a/0x420
[  864.465975]  ? reset_hung_task_detector+0xd0/0xd0
[  864.470798]  ? kthread_bind+0x40/0x40
[  864.474603]  ret_from_fork+0x3a/0x50
[  864.478422] Sending NMI from CPU 1 to CPUs 0:
[  864.482984] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x6/0x10
[  864.483944] Kernel panic - not syncing: hung_task: blocked tasks
[  864.496689] CPU: 1 PID: 771 Comm: khungtaskd Not tainted 4.18.0+ #195
[  864.503250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  864.512721] Call Trace:
[  864.515305]  dump_stack+0x1c9/0x2b4
[  864.518921]  ? dump_stack_print_info.cold.2+0x52/0x52
[  864.524210]  ? printk_safe_log_store+0x2f0/0x2f0
[  864.528958]  panic+0x238/0x4e7
[  864.532135]  ? add_taint.cold.5+0x16/0x16
[  864.536273]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  864.541804]  ? nmi_trigger_cpumask_backtrace+0x13a/0x192
[  864.547238]  ? printk_safe_flush+0xd7/0x130
[  864.551553]  watchdog+0x9d5/0xf80
[  864.555002]  ? reset_hung_task_detector+0xd0/0xd0
[  864.559843]  ? kasan_check_read+0x11/0x20
[  864.563991]  ? do_raw_spin_unlock+0xa7/0x2f0
[  864.568492]  ? _raw_spin_unlock_irqrestore+0x74/0xc0
[  864.573583]  ? __kthread_parkme+0x58/0x1b0
[  864.577803]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  864.582810]  ? trace_hardirqs_on+0xd/0x10
[  864.586948]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  864.592469]  ? __kthread_parkme+0x106/0x1b0
[  864.596790]  kthread+0x35a/0x420
[  864.600146]  ? reset_hung_task_detector+0xd0/0xd0
[  864.604975]  ? kthread_bind+0x40/0x40
[  864.608876]  ret_from_fork+0x3a/0x50
[  864.612924] Dumping ftrace buffer:
[  864.616458] ---------------------------------
[  864.621003] syz-exec-20501   1...2 329642118us : 0: }D
[  864.621009] ---------------------------------
[  864.630736] Kernel Offset: disabled
[  864.634362] Rebooting in 86400 seconds..