ffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
ioctl$VHOST_GET_FEATURES(r2, 0x8008af00, &(0x7f0000000040))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:21 executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
mknod$loop(&(0x7f00000000c0)='./bus\x00', 0x4, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000100)=ANY=[], 0x0)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
setsockopt$TIPC_CONN_TIMEOUT(r1, 0x10f, 0x82, &(0x7f0000000000)=0x5, 0x4)

23:24:21 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0x8fc, 0x32800)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000000140))
readahead(r1, 0xfffffffffffffd4a, 0xfffffffffffffe20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1, 0x1, 0x0, 0xfffffffffffffffc})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000080)={'vcan0\x00', @remote})
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'bond_slave_0\x00', @random="001008000002"})

23:24:21 executing program 4:

23:24:21 executing program 2:

23:24:21 executing program 4:

23:24:22 executing program 2:

23:24:22 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x800, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0x1000})
ioctl$PPPIOCGL2TPSTATS(r1, 0x80487436, &(0x7f0000000200)="78a11d56be64b64abdc0e5904e83ba5aa01609f22b7da31088da068dee0d792afe6f1b705f7b7e4d0f709dd081ab2270fc21173f4ac8fc33d0e8a0f2c7b173ab04528680d37dfad26abab2a99f2cb2cad824e4c258e7b11869fbe28ee2e01823d1fc6c92aefd5333b8d83445830e545bdcc30b29b51ac2b62868983d251863c8b19bf096376417c1f47660a129ed36a4a884a23de1651d286ddfcdab4d68358777c9c3c1ce5023d8530f0a025bb238cd2ff9ce1b1e3c02e6c091c78b371bb7fce0757a79b2a46437630e1a6977e4c62e30")
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:22 executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x48000)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x105640, 0x0)

23:24:22 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{0xffffffffffffffff, 0x4800}, {0xffffffffffffffff, 0x9fca148690d47b1f}], 0x2, 0x7f1)

23:24:22 executing program 4:

23:24:22 executing program 2:

23:24:22 executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x20500)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:22 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x1000)
socketpair(0x10, 0x2, 0x7, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r2, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r2, 0x1)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000000c0)={r4}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={r4, @in6={{0xa, 0x4e20, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7d}}, 0x1, 0x5, 0xfffffffe, 0x401, 0x82}, 0x98)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'sy\x96kall\xc6O\xef\x9f\xbf\xc1\xb1\x139', @broadcast})

23:24:22 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendfile(r3, r6, &(0x7f0000000040)=0x81, 0x1)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r7, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x2000000008001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f00000001c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r8, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r8, r8, &(0x7f0000000240), 0x7fff)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DEST(r8, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)={0x44, r9, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5ce}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x3)
r10 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r10, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:22 executing program 2:

23:24:22 executing program 4:
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000840)=[{&(0x7f0000000680)="30dd96866c8619c7522155d10efb2cc5b0a761c91083a81d8483c1db9a56744d590452367251d70f3ce7bbb664fe975a105cadf789618f7a51abddc6ad6564ac6f08b316b1de15f1c2bb3f58722383a5a9c68233a39fba38b43f871fb52eabc279cf67bd8dc1cbc964fece03ffd57b8a789640692dbbb17fbe53bce58c461d9fae317cbf87901aed080b695e19f766bb1413ae000000000000002d1e15875ad5b244082fac18c28973c5677ba706d48f019a6973cc21278c6533c792f292e952ccbd96e0a9c5117a4d9b85f2ac4c72deaf542c3369a34dce3775f849be4a77095980f6eeb79a1798d8ca6e383267790219917c635f6d3db5000000000000009e47d7c7f5ee98e29287cfb1f09d4bfe4a6936fb96770f51d161ca774752e97b4cbba0cc84176c009586bfbea7fb1e7b9a995c6a175a694a30a64feed3730151503404777bc6b1bcea4755ab8aacc81ead62ebf576d13445d09fa510033c5a4971b48f0907477ceeaf717d4d429c70191b65a8e35197524bd11c988eff77ad06896a01c497c10034e2", 0xffffff32}], 0x1, 0x0)
close(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f00000000c0)=0x800000100000001, 0x4)
connect$inet6(r2, &(0x7f0000000140), 0x18)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x355)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000000)=@ccm_128={{0x303}, "fc547f51492bfd32", "fa0d3d36314b4eb5b48eef964dce4767", "efcb07aa", "6467c27acf750265"}, 0x28)
splice(r0, 0x0, r1, 0x0, 0x100000000, 0x0)

23:24:22 executing program 1:
syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x8c)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, '\x00\x01\x10\x00'})
ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x80045500, &(0x7f0000000080))
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f0000000000)={0x0, 0x4000, 0x10000044, [], 0x0})

23:24:22 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:22 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:22 executing program 4:
unshare(0x6c060000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={'lo\x00', {0x2, 0x0, @local}})
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000000)=0x16c, 0x4)
setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @local}}, 0x0, 0x5, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbb24fec2fba09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8)
bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000100)=0x7, 0x4)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x10000, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0xdc00}], 0x1, &(0x7f0000000200)=""/20, 0x14, 0x3e8}, 0x100)
write$binfmt_elf64(r2, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd)
r3 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r3, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")

[  476.231499] IPVS: ftp: loaded support on port[0] = 21
23:24:23 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{0xffffffffffffffff, 0x4800}, {r0}], 0x2, 0x7f1)

23:24:23 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = dup3(r2, 0xffffffffffffffff, 0x80000)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0x3, 0x4, 0x1, 0x2, 0x2, 0x3e, 0xe00000, 0x2fc, 0x38, 0xde, 0x20, 0x7, 0x20, 0x2, 0x6fd7, 0x8, 0x8}, [{0x0, 0x5f8, 0xdb08, 0xffffffff, 0x208c, 0xffff20e7, 0xdc9, 0x1f}, {0x6474e551, 0x0, 0x7e4, 0x80, 0x5, 0xff, 0x5, 0x800}], "0f6164755f137e4f7810c7d707f7bec88c141f51b42896823b71a7e3dd12d653a4144219c22cbaea7739a7f7e216cffe5ed9b7ef229c565230a2cc4fff8ab81f77d90b60710f0b4c813c322a5b833b0d0714ba80bc5e330e26d7cf9b15bb35a7b540be893fef6b2438e7ac1d09f0bddceddde1909b59c519788454cbd84de68e71fad129fa976fbf39b931b4519d25a2b4e368255527af173ee5b243ced72a81536f9744c4a95b69f1dad03aadbc01c5918de950a01c1fc8cccb99cd2fdc723951f43452ad078fc008a10731d21248231da802efc1c1e83f", [[]]}, 0x250)
ioctl$sock_inet6_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000000))
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x200000, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000001c0)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000004c0)=0x1c)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
write(r1, &(0x7f0000000140)="adfc97512cfe2fdd35577af079f2dc9b73d66f9d7330af934e560aec6b83a668b55be8e92da51ad436c14aa046274a6ababb1bddddcb2d078d1daeca3d37f9e7b63215c3b486cdfa49140f25c3b9cfcae6072d92aa18e5f4a6e718ca8643f6ed7734", 0x62)
r5 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r5)
setsockopt$inet_mreq(r5, 0x0, 0x20, &(0x7f0000000080)={@remote, @loopback}, 0x8)

23:24:23 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:23 executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x220080)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})

23:24:23 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl(r0, 0x81204101, 0x0)

23:24:23 executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
prctl$PR_SET_FPEXC(0xc, 0x0)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r2=>0x0}, &(0x7f0000000200)=0xc)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r4, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r6=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r6, 0x0, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x100a020, &(0x7f0000000240)={'trans=unix,', {[{@mmap='mmap'}, {@cachetag={'cachetag', 0x3d, '/dev/v4l-subdev#\x00'}}], [{@fsmagic={'fsmagic', 0x3d, 0x100000001}}, {@pcr={'pcr', 0x3d, 0xe}}, {@dont_measure='dont_measure'}, {@dont_hash='dont_hash'}, {@fowner_eq={'fowner', 0x3d, r2}}, {@appraise_type='appraise_type=imasig'}, {@fowner_lt={'fowner<', r4}}, {@appraise='appraise'}, {@uid_eq={'uid', 0x3d, r6}}]}})
ioctl$VIDIOC_SUBDEV_G_EDID(r1, 0xc0285628, &(0x7f00000000c0)={0x0, 0x1000, 0x1f, [], &(0x7f0000000000)=0x10})
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})

23:24:23 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000080))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xffd', @random="0100040c0b10"})

23:24:23 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000640)='/dev/dsp1\x00', 0x205580, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0xa, 0x0)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
recvfrom$inet6(r1, &(0x7f0000000400)=""/61, 0x3d, 0x1, &(0x7f00000004c0)={0xa, 0x4e22, 0x0, @mcast2, 0x8000}, 0x1c)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000500)={0x0, 0x1}, &(0x7f0000000540)=0x8)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r2, 0x9)
syz_open_dev$sg(&(0x7f0000000580)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
io_setup(0x0, &(0x7f0000000080)=<r4=>0x0)
io_submit(r4, 0x0, 0x0)
r5 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r5, 0x7, &(0x7f0000027000)={0x1})
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000700)={<r6=>0x0, @multicast2, @remote}, &(0x7f0000000740)=0xc)
setsockopt$inet6_mreq(r5, 0x29, 0x1, &(0x7f0000000780)={@mcast2, r6}, 0x14)
io_submit(r4, 0x1, &(0x7f00000001c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000340)="0a4e3df004e61a9affc1904894963a24d54a248ba42e8955cf2730d7e68c3aa1e51b14c7da0df4d5326cb612a992c5f4a95140392b057253b87b3d3da60a88150c8fd6b5e7dd76b7749d9118ba225cbee27d87332438de980e88e3efd3ea6295ecc17687d3af05144f473952dd4a0af375b28cd053dd7a534cb5649d63e6275381cd1f088004", 0x86, 0x4, 0x0, 0x3, r2}])
r7 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:23 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl(r0, 0x81204101, 0x0)

23:24:23 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl(r0, 0x81204101, 0x0)

23:24:23 executing program 4:
r0 = socket$inet(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r2, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
listen(r0, 0x0)
connect$netlink(r0, &(0x7f0000000680)=@unspec, 0xc)

23:24:24 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{0xffffffffffffffff, 0x4800}, {r0}], 0x2, 0x7f1)

23:24:24 executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
ioctl$VIDIOC_S_PARM(r1, 0xc0cc5616, &(0x7f00000000c0)={0xb, @capture={0x3000, 0x2, {0x80000000, 0xbee6}, 0x2, 0x800}})

23:24:24 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:24 executing program 4:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000280)=""/246)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
poll(&(0x7f0000000380)=[{r0}], 0x1, 0x7)

23:24:24 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x14, r5, 0x1, 0x0, 0x0, {0x11}}, 0x14}}, 0x0)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000240), 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xe8, r5, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x198}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x5c}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x8}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6a2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc0000}, @IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3f}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x45}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x57}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [], @rand_addr=0x7}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2c}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x810}, 0x58000)
sendmsg$IPVS_CMD_DEL_SERVICE(r3, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000200}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x24, r5, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0xedfc57cc77ad9c2e}, 0x20000)

23:24:24 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:24 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:24 executing program 1:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r1=>0x0, <r2=>0x0})
r3 = shmget(0x2, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
r6 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000580)='/proc/capi/capi20\x00', 0x1, 0x0)
ioctl$SIOCRSSCAUSE(r6, 0x89e1, &(0x7f00000005c0)=0x1)
setresuid(r5, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
fstat(r7, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@initdev}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000000340)=0xe8)
getresgid(&(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)=<r10=>0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000540)='TIPC\x00')
fcntl$getownex(r0, 0x10, &(0x7f0000000440)={0x0, <r11=>0x0})
r12 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r12, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r12, r12, &(0x7f0000000240), 0x7fff)
ioctl$sock_FIOGETOWN(r12, 0x8903, &(0x7f0000000480)=<r13=>0x0)
shmctl$IPC_SET(r3, 0x1, &(0x7f00000004c0)={{0x80, r5, r8, r9, r10, 0x1, 0x1}, 0x101, 0x5, 0xfff, 0x2, r11, r13, 0x800})
select(0x40, &(0x7f0000000000)={0x6, 0x6, 0x9, 0x39de, 0x41c19203, 0x80000000, 0x1, 0xea86}, &(0x7f00000000c0)={0x3ff, 0x3, 0x4, 0x0, 0x4, 0x100000001, 0x400, 0x8}, &(0x7f0000000100)={0x81, 0x7, 0x3, 0x81, 0x6, 0x7, 0x59, 0xffffffff}, &(0x7f0000000180)={r1, r2/1000+10000})
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})

23:24:24 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:24 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x20500)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:24 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x20500)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:24 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:24 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{0xffffffffffffffff, 0x4800}, {r0}], 0x2, 0x7f1)

23:24:24 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x20500)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:24 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x80000000, {{0xa, 0x4e24, 0x0, @remote}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
getsockopt$EBT_SO_GET_INIT_ENTRIES(r2, 0x0, 0x83, &(0x7f00000003c0)={'nat\x00', 0x0, 0x3, 0x28, [], 0x6, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000040)=""/40}, &(0x7f00000001c0)=0x78)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f00000004c0)={{0xa, 0x4e24, 0x8, @rand_addr="6d442984a42d8a87fd13be198c6528b8"}, {0xa, 0x4e20, 0x5, @loopback, 0x8}, 0x9a, [0x20, 0x10000, 0x5, 0xffffffff, 0x3f, 0x8, 0xf5a9]}, 0x5c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:25 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:25 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(0xffffffffffffffff, 0x81204101, 0x0)

23:24:25 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x20500)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:25 executing program 4:
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:25 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(0xffffffffffffffff, 0x81204101, 0x0)

23:24:25 executing program 1:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
getsockopt$ax25_int(r2, 0x101, 0x9, &(0x7f0000000200), &(0x7f0000000240)=0x4)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:25 executing program 4:
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:25 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(0xffffffffffffffff, 0x81204101, 0x0)

23:24:25 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KDSETMODE(r1, 0x4b3a, 0xfffffffffffff8a5)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
write$binfmt_script(r4, &(0x7f0000000640)={'#! ', './file0', [{0x20, 'security'}, {0x20, '/dev/sg#\x00'}, {0x20, '/dev/loop#\x00'}, {0x20, '/dev/sg#\x00'}, {0x20, '&selinuxGPLproc'}, {0x20, '/dev/sg#\x00'}], 0xa, "6273776b8b67f490522969151c9cb869fd294c5188674f9ed9f3a8b5496a612a9b00c9489f31a254fd6158a76969c93420e23c9ebd91b2ca366cd3772760fcbb3d99e6b5f67ae106ca7cc7bafe4bc388e4038396a3dda71dd4dae3f34b1b9111ea96c283c16726f0b157f11a5b2b113a063f1d7e0e830c7613e9b62ce5be819108f039939e598b2f86418abc02a769005d1301e33c79e14178fd39e11a1c7e8062dfa3dc4ed7f926ad848a8d4428f56a1abff90acb2159a3dec74604c3c0c5260182573e7d68689ba16f74df9ca293efc53a5cce7824d5bff99da4bd23bbf512e7c7f1aeb68ed2db596406"}, 0x139)

23:24:25 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{r0, 0x9fca148690d47b1f}], 0x1, 0x7f1)

23:24:25 executing program 2:
r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:25 executing program 4:
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:25 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000440))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
socket$vsock_dgram(0x28, 0x2, 0x0)

23:24:25 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r2, 0x9)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x20000, 0x0)
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r4 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})
setsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000340)=@hopopts={0x63, 0xd, [], [@pad1, @ra, @generic={0x3b, 0x59, "dbeb6a41e80ee6146273049a49a1ad6fe9a22270054d0f60794200a02e2dd856a9b375a9e6838f209fb218461976ea51f93227f18a67339b5d3553982d37c99edd751e4fcd258462b808d37293141633d954220110a611b8e2"}, @pad1, @pad1, @jumbo={0xc2, 0x4, 0x9}]}, 0x78)

23:24:25 executing program 4:
r0 = syz_open_dev$video4linux(0x0, 0x0, 0x20500)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:25 executing program 2:
r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:25 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000440))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
socket$vsock_dgram(0x28, 0x2, 0x0)

23:24:26 executing program 2:
r0 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:26 executing program 4:
r0 = syz_open_dev$video4linux(0x0, 0x0, 0x20500)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:26 executing program 4:
r0 = syz_open_dev$video4linux(0x0, 0x0, 0x20500)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:26 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:26 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{r0, 0x9fca148690d47b1f}], 0x1, 0x7f1)

23:24:26 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000040)=0x7, 0x4)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r2, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r3, 0x29, 0xd2, &(0x7f00000002c0)={{0xa, 0x4e22, 0x4, @loopback, 0x71b0}, {0xa, 0x4e22, 0xff, @dev={0xfe, 0x80, [], 0xf}, 0x7}, 0x6, [0x0, 0x59, 0x4, 0x100, 0x37, 0x3f, 0x885, 0x101]}, 0x5c)
setsockopt$inet6_MRT6_ADD_MFC(r3, 0x29, 0xcc, &(0x7f0000000180)={{0xa, 0x4e24, 0x3, @local, 0x3ff}, {0xa, 0x4e20, 0x4, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x5}, 0xfb0, [0x5, 0x2, 0x7, 0x4, 0x2d, 0x7, 0xfffffffffffff494, 0x945]}, 0x5c)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x4000, 0x0)
r4 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r4, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r4, 0x9)
socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x6, @mcast1, 0x6}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e23, 0xc2, @dev={0xfe, 0x80, [], 0x10}, 0x6}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e23, @broadcast}], 0x78)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreqsrc(r5, 0x0, 0x2f, &(0x7f0000000200)={@rand_addr=0x1f, @local, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xc)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, 0x0, 0x0)

23:24:26 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:26 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:26 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000440))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
socket$vsock_dgram(0x28, 0x2, 0x0)

23:24:26 executing program 4:
syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:26 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:26 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

[  480.131917] audit: type=1400 audit(1575674666.816:100): avc:  denied  { name_bind } for  pid=24583 comm="syz-executor.3" src=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1
23:24:26 executing program 4:
syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

[  480.220113] audit: type=1400 audit(1575674666.826:101): avc:  denied  { node_bind } for  pid=24583 comm="syz-executor.3" saddr=::1 src=20000 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1
23:24:27 executing program 4:
syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0x8, 0xfffffffa, @value=0x5})

23:24:27 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000440))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:27 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:27 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{r0, 0x9fca148690d47b1f}], 0x1, 0x7f1)

23:24:27 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x208000, 0x0)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000001c0)={0x9, <r4=>0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_ALLOC(r3, 0xc0206434, &(0x7f0000000080)={0x9, <r5=>r4, 0x1, 0x4})
ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000140)={0xfff, r5})

23:24:27 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, 0x0)

23:24:27 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
openat$userio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/userio\x00', 0x2000, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:27 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:27 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000440))

23:24:27 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, 0x0)

23:24:27 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:27 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, 0x0)

23:24:27 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)

23:24:27 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x560000, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:27 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:28 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{}, {r0, 0x9fca148690d47b1f}], 0x2, 0x7f1)

23:24:28 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x0, 0xfffffffa, @value=0x5})

23:24:28 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x5}}, 0x20)

23:24:28 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$KVM_SMI(r1, 0xaeb7)
ioctl$SNDRV_TIMER_IOCTL_STATUS(r1, 0x80605414, &(0x7f0000000080)=""/42)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000000)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @broadcast})

23:24:28 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl(r0, 0x81204101, 0x0)

23:24:28 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x50000a0}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000290022002abd7000fddbdf25021414400000000100060000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = creat(0x0, 0x0)
sched_yield()
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r3, 0x9)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000580)={0x0, 0x20, 0x7, {0x2}, {0x401, 0x853}, @period={0x5c, 0x7, 0x3, 0xa1a, 0x6, {0x1, 0x7, 0x4197, 0x9ea0}, 0x1, &(0x7f0000000540)=[0x6]}})
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
capget(&(0x7f00000003c0)={0x19980330}, &(0x7f0000000400)={0xfffff001, 0x10001, 0x4, 0xff, 0x6, 0x1})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
getsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f00000004c0), &(0x7f0000000500)=0x4)
r4 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:28 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x0, 0x0, @value=0x5})

23:24:28 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:28 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
ioctl(r0, 0x81204101, 0x0)

23:24:28 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x5}}, 0x20)

23:24:28 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x0, 0x0, @value})

23:24:28 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
ioctl(r0, 0x81204101, 0x0)

[  481.867637] capability: warning: `syz-executor.3' uses 32-bit capabilities (legacy support in use)
23:24:29 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{}, {r0, 0x9fca148690d47b1f}], 0x2, 0x7f1)

23:24:29 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
ioctl(r0, 0x81204101, 0x0)

23:24:29 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)

23:24:29 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:29 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x5}}, 0x20)

23:24:29 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x930cd41102ac3aa0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xe}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})
socket$inet6_tcp(0xa, 0x1, 0x0)

23:24:29 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:29 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x5}}, 0x20)

23:24:29 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)

23:24:29 executing program 2:
syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(0xffffffffffffffff, 0x81204101, 0x0)

23:24:29 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:29 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:30 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{}, {r0, 0x9fca148690d47b1f}], 0x2, 0x7f1)

23:24:30 executing program 2:
syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(0xffffffffffffffff, 0x81204101, 0x0)

23:24:30 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)

23:24:30 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000004c0)=<r1=>0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x2600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2001002}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x7c, 0x0, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x85c3a2f082e0c048}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x80000000}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r2, 0x9)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400))
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x0)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000000500)={0x1, 0x4})
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:30 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:30 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:30 executing program 2:
syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl(0xffffffffffffffff, 0x81204101, 0x0)

23:24:30 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:30 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:30 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x0, 0x0)

23:24:30 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x5}}, 0x20)

23:24:30 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:31 executing program 0:
syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0x0)
poll(&(0x7f0000000280)=[{0xffffffffffffffff, 0x4800}, {r0, 0x9fca148690d47b1f}], 0x2, 0x0)

23:24:31 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x0, 0x0)

23:24:31 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000040)={'bpq0\x00', 0xec})
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:31 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:31 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:31 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:31 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:31 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl(r0, 0x0, 0x0)

23:24:31 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:31 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:31 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:31 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:31 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)

23:24:31 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:31 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000001c0)={0x1, 0x7}, 0x5)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000340)='/dev/cachefiles\x00', 0x0, 0x0)
ioctl$VIDIOC_RESERVED(r1, 0x5601, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_pts(0xffffffffffffffff, 0x8000)
ioctl$KDDELIO(r3, 0x4b35, 0x2e)
listen(r2, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x9, 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r4 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:31 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)

23:24:31 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:31 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:31 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:31 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:31 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:31 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:31 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:31 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:32 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:32 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:32 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
r2 = syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(r2, 0x227f, &(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:32 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:32 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:32 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:32 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:32 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:32 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:32 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:32 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:32 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:32 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:32 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)

23:24:32 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)

23:24:32 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:32 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:32 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r2)
ioctl$sock_bt_cmtp_CMTPCONNDEL(r2, 0x400443c9, &(0x7f00000001c0)={{0x7, 0x0, 0x6, 0xdb, 0x40}, 0x8})
listen(r1, 0x9)
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
mkdirat(r3, &(0x7f0000000340)='./file0\x00', 0x3c36b0b27aedc935)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
r4 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r4)
ioctl$KDFONTOP_SET_DEF(r4, 0x4b72, &(0x7f0000000040)={0x2, 0x1, 0x6, 0x14, 0x189, &(0x7f0000000640)="6cb7d173ab51dfc770eb2a53ababfc4f0cc58eb86d20b0fd402bd5ce51c5a6529e042ae6b2c573abd1b99656e8de2d7ea60467b07fedeff9208595e661a85a30d0da72cb7e9f32a6bff1d79e624c0bcc92fde99ff0ae1a9ac602c114cad2c51833c8b00b97c2981dada603f9d26b000e2beeb120ce81ab04b4683d07946f264f26319232bd92cd26f1bbd337321cd752ad9eb1ad2130af71b82cdf966b28c4e81473559d28609517a8045b62bf7d3282ba96d2c798f57ca723d3dbf96f42b25214e7f40051b7d42e05f7af81b0777cfb1de9014b348fb3963ac38599837e8857e1af70efdbb10825f62df3f56a7d7e74a1d79546b6728d3ab23d2ea52676851dfaa98169df756b5d27cbe15cb02a577193b2979f92f060eb336df1628d74aa8f919fffa68c214223fdd9c75f10ea230853ca304cb3660a95297a18c67def4813c2d462f576bf7dc4d708f076e07b3853272e9d0776c02691be53d7d0b29d50ab3d1c21cbaffaf404e4a6ed94aaaaa96f7f7e157ce521bd750142b5fd7d0c1ee69b23067b51272c23523bb21b7910a76cc8e018e649c12a788b264f940a4ef6cff86f6b406cfcbed7f5fcb05318c458985d94b000ecaacc553f545e2fd6d40b43b556b73456f5190ac93890af3d8b03a25a14a533f60a04da6947693fa78cdb11980a64675de146bce076e0ffc1736f692f1e366f9bdcbf787dddf9bec8fd0a6a76e74872d0965fa774b68fd2ab795d45f965a99dfdebb94bb7c850c896643999ab55c6621739282e3f6edb15c596dfaa1a489644323b747352d7c2b2bca8c13fa4e9d878282a74a99c0406974379893408f23b57945770ddfb580bf5ad0859a50bf9a248595587977ce9a7837caeec5d70ccd58fec60f7352fba753f5a51fc4873a965c84159cc8f2f98999ddcaa8bc4ea03d3856841204da9e82214c4d34178463bac96867b68e96963c5b1e1151a88cde20e5bef869684d9b7117a26dedc8b600e9f48c384c779fc424d309ad7e33631677786b601f9ce73073f241e64da29d3ec4763c5c431f5953c7e9b5c7fdf88af49b886980c52fee9c00d4c27865b83dc85bc5ecf31f3687cd83fb83bfb80c40049afe0684c3e827b4fb0ff145ecc712dee65fa55d11abe43664a003f12605783ada0fbf2cbcf62f1c5085e944deec15a8b3771f63a606aa146cc2c303a1d6217392f8eebb66526e6caa92c0ec99784dd895b1bcdffb498a8dcb4bb20047aed57a2993438ba40bb046e4c35f8263e7dfc707261b12e83f50ef61985297d594f12a3f6182e4beff60a475e178d24be4d994df84945e505f756995e0290fc2768a6e4432256ac0d273d4033774f32c158a5eeaebe56e38a7b2bc74cbb24d04d5c0a758a856981fac9bcb140ca3db8bd7f5a38e2c8ade3254c092622b935c6d0a209ebd39024f03cbc1ce4d188ea524fd8"})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r5 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:32 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:32 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:32 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:32 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:33 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:33 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:33 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000040), &(0x7f00000001c0)=0x4)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:33 executing program 5:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:33 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:33 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:33 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 5:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:33 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 5:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:33 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
recvmmsg(r1, &(0x7f0000001400)=[{{&(0x7f0000000340)=@xdp, 0x80, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/242, 0xf2}, {&(0x7f0000000640)=""/129, 0x81}], 0x2, &(0x7f00000016c0)=""/157, 0x9d}, 0x66f6}, {{&(0x7f00000003c0)=@nfc, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000c00)=""/46, 0x2e}, {&(0x7f00000007c0)=""/198, 0xc6}, {&(0x7f0000000700)=""/100, 0x64}, {&(0x7f0000000940)=""/68, 0x44}, {&(0x7f00000009c0)=""/250, 0xfa}], 0x5, &(0x7f00000015c0)=""/219, 0xdb}, 0x80000001}, {{&(0x7f0000000c40)=@nfc_llcp, 0x80, &(0x7f00000010c0)=[{&(0x7f0000000cc0)=""/177, 0xb1}, {&(0x7f0000000d80)=""/26, 0x1a}, {&(0x7f0000000dc0)=""/124, 0x7c}, {&(0x7f0000000b40)=""/173, 0xad}, {&(0x7f0000000f00)=""/155, 0x9b}, {&(0x7f0000000fc0)=""/252, 0xfc}], 0x6, &(0x7f0000001140)=""/97, 0x61}, 0x77e1}, {{&(0x7f00000011c0)=@ipx, 0x80, &(0x7f0000001380)=[{&(0x7f0000001240)=""/12, 0xc}, {&(0x7f0000001280)=""/2, 0x2}, {&(0x7f00000012c0)}, {&(0x7f0000001780)=""/99, 0x63}], 0x4, &(0x7f00000013c0)=""/19, 0x13}, 0x3}], 0x4, 0xb4eb96921155b3a9, &(0x7f0000001500)={0x77359400})
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
r2 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r2)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000001800)=ANY=[@ANYBLOB="050000003683192a6baa48ca33a6d02a6abfbac197678d8edc6c209230144acea766edc5b6b2c90040383dc68f4fde424401f76c9dd8ea6dab2c778bda2aede25b5e9c36a2d842379a8dc9b9cbd4ed398ae60bdfeb37cc2f6c57ccfc17bbc628f7ebd84ac8f61607d690618ca6ff386824ddd7722e5c33d1945cafc2e90a1caa0848838752d3c327358f5e1c0ce4349e40d33000000000415eb0d822fb3fdd806e40e5b8cb837a95e95ac231523b53dfb3fbe7afce217cc8aa1a9527f4693789b3449d3aca911cab0d8e1ae8edb1d8dfb89e04d97e9b86e35819bbffb9993955297c8ab5a56915d697a852de8ac6dd690cc1c535", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000001540)=0x18)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000600)={[0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe1, 0x0, 0x100]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r5, 0x40106614, &(0x7f0000001580))
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x42, 0x8001, 0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}, 0x222, 0x9, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r6, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r7 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:33 executing program 1:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:34 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 5:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 1:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)

23:24:34 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:34 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 4:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 1:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:34 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:34 executing program 0:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 4:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:35 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:35 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:35 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f0000000040))
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:35 executing program 0:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:35 executing program 4:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:35 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:35 executing program 0:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:35 executing program 4:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:35 executing program 0:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')

23:24:35 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)

23:24:35 executing program 0:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000340), &(0x7f0000000380)=0x4)
fchdir(r1)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000040)={'HL\x00'}, &(0x7f00000001c0)=0x1e)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r3, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r4 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:35 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:35 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:35 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)

23:24:36 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:36 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:36 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:36 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:36 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:36 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:36 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)

23:24:36 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:36 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000640)={0x0, {{0xa, 0x4e23, 0x0, @mcast2}}, {{0xa, 0x0, 0xfffffffc, @loopback}}}, 0x108)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x280000, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f00000001c0)={0x80000, 0x0, [0x100, 0x1, 0x101, 0x0, 0x10001, 0x100000000, 0x7fff, 0x401]})
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0xfffffffffffffff5, 0x4a, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(0x0, 0x0)
listen(r2, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:36 executing program 2:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:36 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)

23:24:36 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:36 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:36 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:36 executing program 2:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:36 executing program 2:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:36 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:36 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:36 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)

23:24:36 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:36 executing program 2:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:36 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:36 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:36 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x5}}, 0x20)

23:24:36 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f7, 0x0, @perf_bp={0x0}, 0x0, 0x80000002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x0)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x220c1, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r4, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @rand_addr=0x4}, 0x10)
sendto$inet(r4, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r4, 0x1)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f00000000c0)={r6}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000003c0)={0x2, 0x2, 0x7, 0x5, r6}, &(0x7f0000000640)=0x10)
r7 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x1ff, 0x201)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r7, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYBLOB="3000000067be7a15bf23d47d1a91c60ff4db1b8cfa289789f56b4965bd4160e9bd41819c736b0b2dec620774adbc11dedc1d68c142b4f23f06ee6e9e137553a7afef8bd4cbe9aa32ab04edf65daa0ca3c9b3867be566a9eaef3173774e6db903d3cafab901b08a7461e8f699", @ANYRES16=r8, @ANYBLOB="100026bd7000ffdbdf2501000000000000000b0000000014001462726f6164636173742d6c696e6b0000"], 0x30}, 0x1, 0x0, 0x0, 0x110d2ab284738a9e}, 0x20000001)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:36 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()

23:24:36 executing program 2:
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:36 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)

23:24:36 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)

23:24:36 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000), 0x111, 0x5}}, 0x20)

23:24:37 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:37 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)

23:24:37 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:37 executing program 2:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x50000a0}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000290022002abd7000fddbdf25021414400000000100060000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = creat(0x0, 0x0)
sched_yield()
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r3, 0x9)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000580)={0x0, 0x20, 0x7, {0x2}, {0x401, 0x853}, @period={0x5c, 0x7, 0x3, 0xa1a, 0x6, {0x1, 0x7, 0x4197, 0x9ea0}, 0x1, &(0x7f0000000540)=[0x6]}})
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
capget(&(0x7f00000003c0)={0x19980330}, &(0x7f0000000400)={0xfffff001, 0x10001, 0x4, 0xff, 0x6, 0x1})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
getsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f00000004c0), &(0x7f0000000500)=0x4)
r4 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:37 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000440))

23:24:37 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})

23:24:37 executing program 3:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ubi_ctrl\x00', 0x4c0902, 0x0)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000380)=0xfffffffe, 0x4)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0xc008ae91, &(0x7f00000004c0)={"a01fe7de86d7d3e38150b5cfc32609fbf77007943b05f834fe0b107d483fc927bd6ba1b884a19a27c4a7ba7873444ca995372b5bebbb7de238d9c8cba4dde88bfdf3c8910a18ab567de55a8e4a5fff54785bc1d3c1fa5c1792d93d3abbccaf62ee5f0662b3f26e5812f573646609fd33c2acd78e185ecdceda0c26a93d16fa4bad8d2cdd172b660144fdb72ef7bdf3f7574260cc6e24e196a87137e33a9d3343176ebb997d541b4d583994b892ad3a414c35b0167aca88c277a391c1438a02e77b6c0ddb71c3c7687686a79e6338fff3c119875eae759ced19c5234fb1cdd77145f52f3eb7cf3f43e13760a2242be5613aa7f5b953727d801d49e249ebaeb91cecd0ef8607c6537339e792d6b1994d5fa02491f39ac43de2b88bbda5392455aaf42a691f02fdddc8bde9a9c1cefe59f7dac8e83651ba6b2edea2363164ed3587542933984d130e4c1f8d670229a15bca48e73d5d6301d7b95a3a2e7502518a6e80906adaf57dfdb82b6aab48c4d3a9c9b0e1b5dc1be0380f5d450ad3523426f68b79ddc88c6e9cf57d1eb71b9dfbd3eef41fa0ba8cdbc2c84963650c586c69c95531e3582069fb8e4b15cafb14624e09e711a354f92f102fb029942d526480fee1d3f79e86933786da88cf997da373226947df2c7d655060b1cf7ce5ee058cb6abc483c66db83a7135c1746c8b2a0650060c9de7a960d2f187cb7dffb79cb4ae1fe7a7342a92cc7c20db84631f2b59a4835a20552256cac69a288eeb80cd1051114a92c7aa3f4b5c6a9039e6b75548443fabd046ccffeb9508a14b5cd95fe70b15da18e3a733b3beb42f519a5ff9f292437db85be18f4b94288dd97a6ac6e1fbea2fc6c33436e559090f0af19c0b4c82df8824a6dfedb2fcc33be8f3878dfb6635519a3a7eb607fcb718bd7d189edebc2db6d4c9830950d4cf46e95cf98687d0e2bcb0aad337313fada4f1af6b57c0e2251705a4527d808e67895085c8c4c53c69ed73574667872325248efa364f9843aab96210fd5361119200320db077ee20b09624f658e467945e69fe73a2e2fde3f90b91f2eb4e4ee2e36ca4af09bf6d1dbec1a51a3cc4ad2b2b1c8310adf2de01e3cffd22feb2554320b19dc8ed2112d41191369218eabe414c41c6f1247fc0d26b99a8413c472c64218de0ebb38fc78e396ee987150b42cdcc69447087bec021b30b936b5524b3d10896783d481916df633304c0223502847bbb648a13b825811f7b22608772189ee4c7b44415f1b540ac48a726a3bdb66fe56cfcb7f2e185d62f1d88ebf5eae4e69eee4a216b4d2532e5614f22dd91567062374813fd5451cfb71f1913acabf08b7adc19f300f5c641738ff1fb215035acf912d11559718e751d1fca8f387e77e5682ff7e02f5d4523bc8781ee7e9949df304a1cd0088366e23f5051b1d21aacb0f8c37557e00cac52"})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10004, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r5, 0x9)
r6 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r6, 0x7, &(0x7f0000027000)={0x1})
getsockopt$inet_mreq(r6, 0x0, 0x24, &(0x7f0000000040)={@dev, @local}, &(0x7f00000001c0)=0x8)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r7 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:37 executing program 5:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f7, 0x0, @perf_bp={0x0}, 0x0, 0x80000002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x0)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x220c1, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r4, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @rand_addr=0x4}, 0x10)
sendto$inet(r4, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r4, 0x1)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f00000000c0)={r6}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000003c0)={0x2, 0x2, 0x7, 0x5, r6}, &(0x7f0000000640)=0x10)
r7 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x1ff, 0x201)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r7, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYBLOB="3000000067be7a15bf23d47d1a91c60ff4db1b8cfa289789f56b4965bd4160e9bd41819c736b0b2dec620774adbc11dedc1d68c142b4f23f06ee6e9e137553a7afef8bd4cbe9aa32ab04edf65daa0ca3c9b3867be566a9eaef3173774e6db903d3cafab901b08a7461e8f699", @ANYRES16=r8, @ANYBLOB="100026bd7000ffdbdf2501000000000000000b0000000014001462726f6164636173742d6c696e6b0000"], 0x30}, 0x1, 0x0, 0x0, 0x110d2ab284738a9e}, 0x20000001)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:37 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100000000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000580)='net/ipv6_route\x00')
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x40000000000c0182)
sendfile(r2, r1, 0x0, 0x0)
inotify_init()
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000340)={0x13, 0x10, 0xfa00, {&(0x7f0000000140), r5}}, 0x18)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000440))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:37 executing program 2:
r0 = socket(0x80000000000000a, 0x2, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="3f0200000003000000000100000000000000060000000014001462726f6164636173742d6c696e6b00004de853b9ff8d14411bc2"], 0x30}}, 0x0)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x18000020}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x30, r3, 0x20, 0x70bd26, 0x25dfdbfc, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x7, 0x8, 0x1000, 0x1}}}, ["", "", ""]}, 0x30}}, 0x10010)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @rand_addr="9f1a72f3735f3e83d4754a8cee4f8fbf"}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @local}, 0x7}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = creat(0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x29}}}, 0x1, 0x3}, 0x90)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r4, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
rt_sigprocmask(0x2, &(0x7f00000003c0)={0x2}, 0x0, 0x8)
r5 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:37 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
getsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000140), &(0x7f0000000280)=0x4)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x80800, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snapshot\x00', 0x40d000, 0x0)
setsockopt$bt_BT_RCVMTU(r4, 0x112, 0xd, &(0x7f00000003c0)=0x254, 0x2)
r5 = socket(0x10, 0x803, 0x0)
r6 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r6)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000340)={0x2, &(0x7f00000002c0)=[{0x7f, 0xff81}, {0xff, 0x893}]})
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r7, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044f5e31d652b0fc4ea62161b8c980000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="240000bdb462d9d900002e000702000000000000", @ANYRES32=r7, @ANYBLOB="00000000000000001ff24ec063ef7130fa406cec0000000000003e4ca97059c68d6359538e1f85ff41e76dd7c2d0c7f445faa37cff6bceb892df51f02679a0ac101072042a4e9a2942426b769cadd3b8bf42d4701515941a950beadc3007b47b8ea6926b2c68ea0c8a1bf12cfc73ce04de7aa4a9c370b936033a1015e0799f9e364a15a186f500ef48a61531ecdb61e6feae9fb8ce1b0157f4733757e02e557262fc611fda8ba21f88bfc7daf02a95226da3be320268fab19bdca499076b085466f4219c554a3a6967f09a60b420a3b730719daa1f"], 0x24}}, 0x0)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r8, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r8, r8, &(0x7f0000000240), 0x7fff)
ioctl$KDFONTOP_SET(r8, 0x4b72, &(0x7f0000000300)={0x0, 0x1, 0x8, 0x5, 0x1c6, &(0x7f0000000a00)="4fb9b53c681a1a085171f87a7b5d05feb975fa4e61a8a8eb2986317d03398822683fc0a92d64d1fd52102ac97a7cc4158370c222537493776bfd4db94088b1cb59def405833343428676692199e86aae9bef4cb8d6b202414d2d18edafe4bac73dcb8f0b7d802b9f8ce2640831864f457a8c8c4d40509b3699bd9420a077c536fa8a23e407e5e9b9e08d203159d087ac3f77f4137cb0e9ba1d3d7a8498e3b6a345ffc7dcf9735d34ef2c6bb415919334cbf239386b2883bd9dab9291cd44d5df97f9b1afcb942fe28fea691f98a4ae61269d6d422364f16c5fa5e749760af827d2c65e84f5cc1c4584992f83359954f0d24e0dcd54c4e00d73ba92d30a416d61026c4810a930eef1f00da77ca75ca6c7700709985de6fe8da8ccf2480356303f24a1de6d22cc809222409b4faa3c0cbb211da0101a3c6c8e41f746511900ba41f1ebc33d84fc8d510db9e4f4630f184b65b22ca7c0829514cf494b4dfaa7a7857a52f94a1d85bd71e6c9bd2d5e2210bfa3967ad16f1f696a302f550f481d692016facb15123c75d01130514235b00cace5b5733626c4bc3d4a5952a387bcfe1140d933353b037840eb87cf4f985708acc37a3f1e225e01e60bd55d3ba03620329776e6beb1dc98de3391cf698e548aa55fbbc817598c5b00346b25bd954d220c9240fe61f57811c3d67e1600e6ba137707c1cb4ccaac5e77197e160784029736d5ee5d4e363c6e694309ae8ac32842a42d1e228fc7186ebb7a0814653068e2ac6cea6d5a0358c45a9b12da273d1a2a11264242d2dfb4dfdc0453cbdddb295187f0d0539a6ca3fad9857ae1f0c0be51ac097da91c1bd2a5ee8e3cff518d04e067051aef94c2db8ae785c8c4c7ab00a660fa75a05af2c570e6f71846c066e64478fe6340a835411dbb7b5af9d08c0d33ec90d81c1f89a5b4e0ce5ee992cbe67c668bd9bbf76a690742b4b37aeb8cf26b99018c9209e83d45c66e04757e33521e46775285bc9e4efd8dc96fdd8fc2f07b9abf24c3260e4c13329cc7b26fe0538a853083a0cffc43463c8d549d7f8d1cfa618387537a12df332f015102aee39d5d5877cf9dc4c027e14ea485332b98183662280f26c876b9fa0b15d59b7bce9907da9ddeceee23f6fbfda5e427ac09dec90849da2c90bef4c52300835b51313542fcd784c7389ffbfa637634d700762f1924d6fd9ea75f4cb16d93174eeb312e1f5419528d524c0ac395fb36b8a6ad33cc516f0eb34c7bc06833b37811c71ddc3fca02d9e3c227735892279267f0fd72a166969f745ae4a2d05eb2c1ac13d1464f24d75416a11c16f7c19ab2524ca1e332e118b7807b79007dd78bff0175933377e6ecfad7af8ea5af2b8f2b31d3a14412c2dcf224f5dc07b82ebd1f7f26ac2b1092958a39d662841d2462ed0ae720ed006f3aa4b9c794b9809095e0f8243c8b2e3a"})
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000080)={@mcast2, 0xf, r7})

23:24:37 executing program 4:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r2, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r4, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r4, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r4, 0x1)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f00000000c0)=ANY=[@ANYRES32=r6, @ANYBLOB="00020000"], &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000040)={0xda3, 0x200, 0x8, 0x4, <r7=>r6}, &(0x7f00000001c0)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000340)={r7, @in={{0x2, 0x4e23, @remote}}, 0x1, 0x3}, &(0x7f0000000400)=0x90)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r8 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:37 executing program 5:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfa5cb289fbd0312f, @perf_bp={0x0}, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x1a, &(0x7f00000f5ffc)=0xfffffffeffffffff, 0x4)
bind$inet6(r3, &(0x7f0000710fe4)={0xa, 0x4e21}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="a585e8799cd5", @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$FICLONE(r2, 0x40049409, r4)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r5 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

[  491.154278] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'.
[  491.179379] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25268 sclass=netlink_route_socket pig=25650 comm=syz-executor.1
23:24:37 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
shmget$private(0x0, 0x2000, 0x40, &(0x7f0000ffd000/0x2000)=nil)
fsync(0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x138, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$P9_RGETATTR(0xffffffffffffffff, &(0x7f00000015c0)={0xa0, 0x19, 0x1, {0x0, {}, 0xc4, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0xa0)
r1 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="23000000420081aee405e9a4000000000000c6ff07d800400300"/35, 0x23}], 0x1}, 0x0)
recvmsg$kcm(r1, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x2}, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000019c0)='/dev/sequencer\x00', 0x1, 0x0)
write$sndseq(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x2, 0x0, @tick, {}, {}, @quote}], 0x30)
r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-control\x00', 0x2000, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f00000001c0)="874046cf7c7330a401bd0817b6a95beb", 0x10)
r4 = socket$bt_cmtp(0x1f, 0x3, 0x5)
fcntl$F_GET_FILE_RW_HINT(r4, 0x40d, &(0x7f0000000000))

23:24:37 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = gettid()
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r2, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:38 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
shmget$private(0x0, 0x2000, 0x40, &(0x7f0000ffd000/0x2000)=nil)
fsync(0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x138, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$P9_RGETATTR(0xffffffffffffffff, &(0x7f00000015c0)={0xa0, 0x19, 0x1, {0x0, {}, 0xc4, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0xa0)
r1 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="23000000420081aee405e9a4000000000000c6ff07d800400300"/35, 0x23}], 0x1}, 0x0)
recvmsg$kcm(r1, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000300)=""/4096, 0x1000}], 0x2}, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000019c0)='/dev/sequencer\x00', 0x1, 0x0)
write$sndseq(r2, &(0x7f0000000040)=[{0x0, 0x0, 0x2, 0x0, @tick, {}, {}, @quote}], 0x30)
r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-control\x00', 0x2000, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f00000001c0)="874046cf7c7330a401bd0817b6a95beb", 0x10)
r4 = socket$bt_cmtp(0x1f, 0x3, 0x5)
fcntl$F_GET_FILE_RW_HINT(r4, 0x40d, &(0x7f0000000000))

23:24:38 executing program 0:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000200)='/dev/swradio#\x00', 0x1, 0x2)
ioctl$VIDIOC_RESERVED(r1, 0x5601, 0x0)
r2 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r2)
setsockopt$sock_int(r2, 0x1, 0x1, &(0x7f0000000000)=0x8, 0x4)
syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0x100, 0x80)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x321300, 0x0)
r4 = syz_open_dev$radio(&(0x7f0000000240)='/dev/radio#\x00', 0x1, 0x2)
ioctl$VIDIOC_G_CTRL(r4, 0xc008561b, &(0x7f0000000280)={0x8, 0x8})
ioctl$ASHMEM_SET_NAME(r3, 0x41007701, &(0x7f00000001c0)='keyring\x00')
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f00000000c0))
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})

23:24:38 executing program 2:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
ioctl$TIOCSSERIAL(0xffffffffffffffff, 0x541f, &(0x7f0000000180)={0x4, 0xf3, 0x200, 0x1, 0x552, 0x7, 0x461, 0xffffffff, 0x0, 0x0, 0x7, 0x8, 0x401, 0x7, &(0x7f00000000c0)=""/163, 0x2, 0x9, 0x9})

23:24:38 executing program 4:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x400, 0x0)
ioctl$TIOCSIG(r0, 0x40045436, 0x3f)
r1 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
recvmmsg(r2, &(0x7f0000005940)=[{{&(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000200)=""/190, 0xbe}, {&(0x7f00000002c0)=""/131, 0x83}, {&(0x7f0000000380)=""/179, 0xb3}, {&(0x7f0000000440)=""/146, 0x92}], 0x4, &(0x7f0000000540)}}, {{&(0x7f0000000580)=@caif=@dbg, 0x80, &(0x7f0000000900)=[{&(0x7f0000000600)=""/204, 0xcc}, {&(0x7f0000000700)=""/218, 0xda}, {&(0x7f0000000800)=""/199, 0xc7}], 0x3, &(0x7f0000000940)=""/223, 0xdf}, 0x1}, {{&(0x7f0000000a40)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x80, &(0x7f0000001f80)=[{&(0x7f0000000ac0)=""/216, 0xd8}, {&(0x7f0000000bc0)=""/253, 0xfd}, {&(0x7f0000000cc0)=""/105, 0x69}, {&(0x7f0000000d40)=""/45, 0x2d}, {&(0x7f0000000d80)=""/120, 0x78}, {&(0x7f0000000e00)=""/12, 0xc}, {&(0x7f0000000e40)}, {&(0x7f0000000e80)=""/184, 0xb8}, {&(0x7f0000000f40)=""/4096, 0x1000}, {&(0x7f0000001f40)=""/56, 0x38}], 0xa, &(0x7f0000002040)}, 0x640}, {{0xffffffffffffffff, 0x0, &(0x7f0000002140)=[{&(0x7f0000002080)=""/191, 0xbf}], 0x1, &(0x7f0000002180)=""/141, 0x8d}, 0x1e}, {{&(0x7f0000002240)=@xdp, 0x80, &(0x7f0000002600)=[{&(0x7f00000022c0)=""/64, 0x40}, {&(0x7f0000002300)=""/130, 0x82}, {&(0x7f00000023c0)=""/182, 0xb6}, {&(0x7f0000002480)=""/83, 0x53}, {&(0x7f0000002500)=""/211, 0xd3}], 0x5, &(0x7f0000002680)=""/220, 0xdc}, 0x1387}, {{&(0x7f0000002780)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={[], [], @dev}}}}, 0x80, &(0x7f0000004900)=[{&(0x7f0000002800)=""/4096, 0x1000}, {&(0x7f0000003800)=""/4096, 0x1000}, {&(0x7f0000004800)=""/212, 0xd4}], 0x3, &(0x7f0000004940)=""/4096, 0x1000}, 0x80000000}], 0x6, 0x41, &(0x7f0000005ac0)={0x77359400})
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
r4 = socket$inet_sctp(0x2, 0x397adf6f18cabb0e, 0x84)
sendto$inet(r4, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
lseek(r6, 0x37dc79f4, 0x0)
sendto$inet(r4, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r4, 0x1)
r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r8=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f00000000c0)={r8}, &(0x7f0000000000)=0x8)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r9, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r9, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r9, 0x1)
r10 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r10, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r11=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r9, 0x84, 0x6d, &(0x7f0000005b00)=ANY=[@ANYRES32=r11, @ANYBLOB="00000000ee2edb63e7626215747664a4e8c8f0acb123dee28d676c50cd1b08cf530fe30c6019dae2cf066b97f007cf145575047010bb2c7018305a07000000000000008e0000000000"], &(0x7f0000000000)=0x8)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000000c0)={r11, 0x1, 0x1}, 0x8)
r12 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r12)
connect$caif(r12, &(0x7f0000000100)=@dbg={0x25, 0x20, 0xc6}, 0x18)

23:24:38 executing program 2:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000340)={0x2})
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_FPEXC(0xc, 0x40000)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x6, 0x0, 0x20000004, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
r2 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x55, 0x80)
ioctl$IMSETDEVNAME(r2, 0x80184947, &(0x7f00000001c0)={0x9, 'syz1\x00'})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
ioctl$TIOCCONS(r4, 0x541d)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:38 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:38 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)

23:24:38 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x1f}, 0x0)
sched_setattr(r1, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
write$binfmt_aout(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="cc000900a3020000a0020000050000007c0100003f0000000000000000000000553edaa0b7f09a1251c08183512c9000919fce7dedf9689b0f97b9a4200993262767b0dc97b5ab9f00be6d3809cc300d4f427e20fe1d307d09cfcb7f1bf10dc1ab305ca8ea27dd90716421e95e73715d0e3d1f17be54b78b176e5d2ddfd7d0ceb73a23e4a8508940237184910d4842726ee31788969433e26ab7eda589248c26a4d0966703d7c9a3f172d9e8e8aeda0698d9dd8a04c6cc6aa4eab0b28b2b7725af82952cc6e630b8813bc2cd933faa020abc8bdf7a19e783faf5037c2e95c1a22fea543cb917e279a1ddfdf9972fee313e188860b949f4af3a87de501820370d899cccada027cb0704fd63a3d3d7240000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008cc500"/2303], 0x90f)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x20000000000000, 0x20000000000000}, 0x0)
unshare(0x2040400)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r10 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r10, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_ax25_SIOCDELRT(r10, 0x890c, &(0x7f0000000180)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x8, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:38 executing program 3:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x4, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = gettid()
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x3}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r2, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:38 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000180)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x2, {0x2, 0x4e20, @local}, 'ip6gretap0\x00'})
write$P9_RCREATE(r1, &(0x7f0000000100)={0x18, 0x73, 0x1, {{0x0, 0x4, 0x8}, 0x1}}, 0x18)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(0xffffffffffffffff, &(0x7f00000001c0)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x6}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @null, @null, @default]}, 0x48)
getsockopt$netrom_NETROM_T4(r2, 0x103, 0x6, &(0x7f0000000000)=0xffffffff, &(0x7f00000000c0)=0x4)
creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
r3 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x2, 0xa080)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r7, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r7, r7, &(0x7f0000000240), 0x7fff)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r11}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r11, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
poll(&(0x7f0000000280)=[{r1, 0x4800}, {r3, 0x9fca148690d47b1f}, {r0, 0x2000}, {r4, 0x2000}, {r6, 0x8000}, {r1, 0x6402}, {0xffffffffffffffff, 0x200}], 0x7, 0x7f1)

23:24:38 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x1f}, 0x0)
sched_setattr(r1, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
write$binfmt_aout(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="cc000900a3020000a0020000050000007c0100003f0000000000000000000000553edaa0b7f09a1251c08183512c9000919fce7dedf9689b0f97b9a4200993262767b0dc97b5ab9f00be6d3809cc300d4f427e20fe1d307d09cfcb7f1bf10dc1ab305ca8ea27dd90716421e95e73715d0e3d1f17be54b78b176e5d2ddfd7d0ceb73a23e4a8508940237184910d4842726ee31788969433e26ab7eda589248c26a4d0966703d7c9a3f172d9e8e8aeda0698d9dd8a04c6cc6aa4eab0b28b2b7725af82952cc6e630b8813bc2cd933faa020abc8bdf7a19e783faf5037c2e95c1a22fea543cb917e279a1ddfdf9972fee313e188860b949f4af3a87de501820370d899cccada027cb0704fd63a3d3d7240000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008cc500"/2303], 0x90f)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x20000000000000, 0x20000000000000}, 0x0)
unshare(0x2040400)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r10 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r10, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_ax25_SIOCDELRT(r10, 0x890c, &(0x7f0000000180)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x8, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:38 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:38 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x1f}, 0x0)
sched_setattr(r1, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
write$binfmt_aout(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="cc000900a3020000a0020000050000007c0100003f0000000000000000000000553edaa0b7f09a1251c08183512c9000919fce7dedf9689b0f97b9a4200993262767b0dc97b5ab9f00be6d3809cc300d4f427e20fe1d307d09cfcb7f1bf10dc1ab305ca8ea27dd90716421e95e73715d0e3d1f17be54b78b176e5d2ddfd7d0ceb73a23e4a8508940237184910d4842726ee31788969433e26ab7eda589248c26a4d0966703d7c9a3f172d9e8e8aeda0698d9dd8a04c6cc6aa4eab0b28b2b7725af82952cc6e630b8813bc2cd933faa020abc8bdf7a19e783faf5037c2e95c1a22fea543cb917e279a1ddfdf9972fee313e188860b949f4af3a87de501820370d899cccada027cb0704fd63a3d3d7240000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008cc500"/2303], 0x90f)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x20000000000000, 0x20000000000000}, 0x0)
unshare(0x2040400)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r10 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r10, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_ax25_SIOCDELRT(r10, 0x890c, &(0x7f0000000180)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x8, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:38 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:39 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

23:24:39 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x1f}, 0x0)
sched_setattr(r1, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
write$binfmt_aout(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="cc000900a3020000a0020000050000007c0100003f0000000000000000000000553edaa0b7f09a1251c08183512c9000919fce7dedf9689b0f97b9a4200993262767b0dc97b5ab9f00be6d3809cc300d4f427e20fe1d307d09cfcb7f1bf10dc1ab305ca8ea27dd90716421e95e73715d0e3d1f17be54b78b176e5d2ddfd7d0ceb73a23e4a8508940237184910d4842726ee31788969433e26ab7eda589248c26a4d0966703d7c9a3f172d9e8e8aeda0698d9dd8a04c6cc6aa4eab0b28b2b7725af82952cc6e630b8813bc2cd933faa020abc8bdf7a19e783faf5037c2e95c1a22fea543cb917e279a1ddfdf9972fee313e188860b949f4af3a87de501820370d899cccada027cb0704fd63a3d3d7240000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008cc500"/2303], 0x90f)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x20000000000000, 0x20000000000000}, 0x0)
unshare(0x2040400)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
setsockopt$inet_mreqsrc(r8, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f000001b000)={@multicast2, @dev={0xac, 0x14, 0x14, 0x13}, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r10 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r10, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_ax25_SIOCDELRT(r10, 0x890c, &(0x7f0000000180)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x8, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
setsockopt$inet_mreqsrc(r9, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @loopback, @remote}, 0xc)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:39 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:39 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:39 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x2080, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = accept$ax25(0xffffffffffffffff, 0x0, &(0x7f0000000180))
r3 = dup2(r2, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
close(r4)
r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x40000, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r7, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r7, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FICLONERANGE(r10, 0x4020940d, &(0x7f00000001c0)={r12, 0x0, 0xffffffff, 0x3, 0x13c2})
shutdown(r7, 0x1)
r13 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r13, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB='wB\x00\x00', @ANYRES32=<r14=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f0000000240)={r14, 0x89, "d1429a153e009a1945b0760e64e7b67108b805f424051ff242efb2aee186d7dbe12272a704bc0bb6b4fcbc05fe9e61a54f5274500250f902d35e72aef49108fa95d4e13730dfa05f92345ef8d7d38661bbc2887fb896c9de5e8390ef4c886ff83e988dfe11df08fc4ca712a27cb9ce513f3d8b6d490f95b811aa8fe8bf8549a025210dddaaa8d212eb"}, &(0x7f0000000000)=0x91)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000080)={r14, 0xaf, 0x8}, 0x8)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x304)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})

23:24:39 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000000)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100040c0b10"})
syz_open_dev$tty20(0xc, 0x4, 0x1)

23:24:39 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
dup(0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080))
getsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, &(0x7f0000000200))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0xc502, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="280000002200290800000000000000000400000014001100ffffff7fffffffff79f195c65f49d0a3"], 0x28}, 0x1, 0xfdffffff00000000}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc))
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffea7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer\x00', 0x0, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x0, 0x0)
dup3(r2, r1, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000140)=[@mss={0x2, 0x9}, @mss={0x2, 0xab}, @window={0x3, 0x80, 0x6}, @timestamp, @sack_perm, @window={0x3, 0x0, 0xffff}, @sack_perm], 0x7)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
getpgid(0xffffffffffffffff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_KICK(r4, 0xc008af12, &(0x7f0000000000))
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})

23:24:39 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
r1 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88))
msgrcv(r1, &(0x7f0000000180)={0x0, ""/93}, 0x65, 0x0, 0x0)
msgsnd(r1, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000700)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
msgctl$MSG_INFO(r1, 0xc, &(0x7f0000000480)=""/4096)
msgctl$IPC_INFO(r1, 0x3, &(0x7f0000000200)=""/217)
close(r0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/devSzero\x00', 0x363c80, 0x0)
ioctl$SG_GET_SCSI_ID(r2, 0x2276, &(0x7f0000000080))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000180)={'sit0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})

23:24:39 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:39 executing program 1:
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x6, {{0xa, 0x4e24, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xff}}}, 0x108)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x400000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x0, 0x3f, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x222, 0xfffffffffffffffe, 0x4000000, 0x4edc516ff787aa77, 0x0, 0x20000004, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
listen(r1, 0x9)
syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x8001, 0x1c9200)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$SG_GET_SG_TABLESIZE(r2, 0x227f, &(0x7f0000000180))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280))
r3 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000005c0)={[], 0x6, 0x9, 0x200})

23:24:39 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:39 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
r1 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88))
msgrcv(r1, &(0x7f0000000180)={0x0, ""/93}, 0x65, 0x0, 0x0)
msgsnd(r1, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000700)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
msgctl$MSG_INFO(r1, 0xc, &(0x7f0000000480)=""/4096)
msgctl$IPC_INFO(r1, 0x3, &(0x7f0000000200)=""/217)
close(r0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/devSzero\x00', 0x363c80, 0x0)
ioctl$SG_GET_SCSI_ID(r2, 0x2276, &(0x7f0000000080))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000180)={'sit0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})

23:24:40 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:40 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100270cf271"})
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$USBDEVFS_GET_SPEED(r0, 0x551f)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
lsetxattr$security_smack_transmute(&(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000300)='TRUE', 0x4, 0x1)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000140)={<r3=>0x0, @in6={{0xa, 0x4e23, 0x0, @empty, 0x200}}, 0x1, 0x2, 0x7fff, 0x9, 0xffffffb8}, &(0x7f0000000000)=0x98)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={r3, 0x3}, &(0x7f0000000200)=0x8)

23:24:40 executing program 4:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
dup(0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080))
getsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, &(0x7f0000000200))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41be, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0xc502, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="280000002200290800000000000000000400000014001100ffffff7fffffffff79f195c65f49d0a3"], 0x28}, 0x1, 0xfdffffff00000000}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc))
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffea7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer\x00', 0x0, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x0, 0x0)
dup3(r2, r1, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000140)=[@mss={0x2, 0x9}, @mss={0x2, 0xab}, @window={0x3, 0x80, 0x6}, @timestamp, @sack_perm, @window={0x3, 0x0, 0xffff}, @sack_perm], 0x7)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
getpgid(0xffffffffffffffff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$int_in(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_KICK(r4, 0xc008af12, &(0x7f0000000000))
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, &(0x7f0000000080)={0x0, 0x0, 0x0, [], 0x0})

23:24:40 executing program 3:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r1 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000258f88))
msgrcv(r1, &(0x7f0000000180)={0x0, ""/93}, 0x65, 0x0, 0x0)
msgsnd(r1, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000700)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
msgctl$MSG_INFO(r1, 0xc, &(0x7f0000000480)=""/4096)
msgctl$IPC_RMID(r1, 0x0)
close(r0)

23:24:40 executing program 5:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x84000)
r1 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
close(r0)
utime(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0xc9, 0x31f})
bind$can_raw(r1, &(0x7f00000000c0), 0x10)

23:24:40 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:40 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
getsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000080), &(0x7f0000000140)=0x4)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000000)=0x8, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'batadv0\x00\x00 \xa0\xff\xff\xff\xff\x00', @random="0100270cf271"})

23:24:40 executing program 3:
r0 = syz_open_dev$video4linux(&(0x7f0000000040)='/dev/v4l-subdev#\x00', 0x0, 0x0)
close(r0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x220c06, 0x0)
ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
vmsplice(r4, &(0x7f0000001540)=[{&(0x7f0000000080)="c58c0f0b82641a83c71096f18fb758100d7ee2e27ac908fd244f8ea2100f12badf54e26f06f0c7dbc7b59dbbd771d1628797f25da34bc3571ee430b38981ebed2f3d25db9c1925dbdb3e30050ca875bcb439ca8c03537f083c0e27414302fa3705252f5e06772b466173e6b03e8b4695b9afc9d901a14555e374fe66dfcc2d15eb1e76e2b1391dac78c26e41784c1680f83310a15d8fe6a84c379019fb2cfa94ac9625cee267a5aa4c5df505bb224433995ec6800f3fa7d829e3160b129e6e4c", 0xc0}, {&(0x7f0000000140)="0df0f441ffd3f5fd79e5414fc52d31d7e3b5352e0e9dc618587fcbe4f9553cc85bb975117c9daec955a720bd976ef2cc3c20d4805225066a4f2af0353a077a10db0dcda2ee406156277871829de43305d47a1487625587ebf4fde37c2598b5aa7abd032fa599098614e838a1054dc2bcb71ce8dd1da247b24f3f87adba29d6aa65aa74d8f5929ad053b292f277c73467cf00c072620da203c647267e99d9e1f282b642004cca5c430b5a860434f8504669ab75389cecda855d1fa873d5c795a8f35a6560ee41c424da732c36ca15b0be4eb9feea7abd47cd808a4b8485cef45d3b4ac9e210c40e6e8dfdc42d0eea2b149129d4514fc4c594c18a9db85d", 0xfd}, {&(0x7f0000000240)="0c34602c34cb6deb31050863e101ba55426a4c7a4424a215de85f2b99db726c85900bdd865ec9d57cc1427858c9c87a8897efa937c821a76538c895374aa9af7db9497632c5e6f1ab15d0d5a2c361179a535c4d5de827700d1f1b7ccac01c8bb1ce41ee08267546deebd368a5f4f25f9e8c20f080bf2ba4d04efb1754d63a56249b2e11f3b3a1c4771dff3d13de1f3cd69da99df221c1f9717050c53b803d73fe9331b443a72a393927d9f368c18bcc36c4cbe3f249b59fe531b6c41e488dabf4d5a7351ff5189955dcff00afa6cb9f24c3e1ebd7fd37278ae5b5e1a66083b8c5a67dedac5b9ed", 0xe7}, {&(0x7f0000000340)="ff0838bf9981608ecad21f1feb50b290f7fc32341a891a09551ab3c3ab76d24cd132710da49ee9ad7a", 0x29}, {&(0x7f0000000380)="cad3cafd331d4f00789c067b88f9f30792e48e2a9c72b2d0c8c826e9e665249d7cb653f80fbc3122c2558af123a5e0d978203176d0bcecd3711b071b3b708c10757a2c50cb5abbfc341f6a9977c4a9d480f0e512407dfaded8ab7152122c7d497facecbaa22fdf9b1781b25ed38ca5b9bc0ff525ac49e3402fe2831d33334542a46c7162142dd9b7f1ceda367d88208473470f8987aa38ec09acbafebb7d99c25e989075fac4ce41c3", 0xa9}, {&(0x7f0000000440)="7b64d92e216ee68bbc728fa64591db363890f34604d9d5e47dab34d0161e9dc016134f1aa4c52a404dd5e29a6f0a8d1bda41e767bcb49400a799e11ab11c37a28e169d7c62f7aa38952bf4827b84359041f1068d4809967bbfa6fa07b697f84e0e69f7d5cda447f734fe3300bec655", 0x6f}, {&(0x7f00000004c0)="b63ad4", 0x3}, {&(0x7f0000000500)="af2240a62d0312f0cbf729330c0ab317251ea65d36547f5e43736aa56d3aaacf2e2e97b1bb7d4f6748703cfafba68034b3ac5c75527689b614bce94cea5e76d8ccdd3520a632ab2e2a78181ba04cc1143f2ecc6743a1ffadf1500ec0300f9c7e7821f47e370a761b815f92b45d56c97fbc4064ea3197049f0c5b0a97854538c75533ab00a72691d8de3de5ee2f4d55c7005a14f33aabfa91778656937c265d98010ad535088e43bd5573cb108e75b8c9b6bb8c279d80f936a039306fb1bbcb379406d9b9da593ea85f14b48bfb4f32343634b19ede1d68f5e2b3b2f67ab613177a79b3ce41c9dea9e141439023a5d98786b913b4fa02d5170b8d3c694d7b00a6119a076e8c192e34df2cbca487af3c6ee2e8e1da278e91ddc3eb161583be9baa135853c1e7515dd479f636151c40867b02a03c3b4fa42bc91d581907cec6a4b45202acd41258f111af07c37b307989134a7eadfde8cd1b92944e1695d1f445d1d071508fbcce922252d12987e162856d3b65f465993f26b28b0d6f072f89a694d9783d98099b317c64b5308b886a5779454f1184ab1978a3055c87659b1b08f8f7dff52b74ed0ace1d1d4013a3714c0ae2e54a04178bab77f19ab6707dffd8ccf68f727ef677b676bec0bda4b6c14453e1ccf2e3669457f925f9d612248cc52df9057575d55f8de35abbe1d4646142cf890a1ff9601dff163ad5884769f88a5632ba8a2ad297c3ec2a5ba7e02f78bc4e7cf334767919340875c79478591bafe408c40293f65e3020f36067780d2ef730d608dacf451ce29fc57f847f1fb2bb4622fca8f2d348f33a33142ee6ab15bed8b285026b9b685e58146642988e9f5338358b24db01fbbde789bd8222a0850b6bf077cf87e33c2dd596bd7797c18b31b49bd316b0e3e9a76e22c8086baeafbe594135ed900e935145384d011ae9fe4323567a6fb8b65747a31c1d7728b15d2f4726c34739cd739afb1e2cde70223ff0c52bd664810f8ea72cd7834f13c6477e940d5b7aa416fb17c2d2c95742e9ef899a878ccc990af76d36370be705607a53c5870df9b020cff0056ab04e5dfbc2fa43da5f3f2887a4db548a05e616bd21c24011bfe127aaccce63255bcb599cfaaf505456ad0ed0b7c1941c2a538fc78b4fe618ba62e1b15e5413d3a656e22f204672aa8ad61c9823c5c3e10910a725f839410035b0a3f4a85fffc76f7e7c62acbbcf72b9f48e85ca9c3d84d00ac947ca0e362017654c6992d880d29fd306e03b301fc34439b6d94010a6cbccd394d748073355d80e66550fb3c4c73ccfd6315263115cee0a00e900a4004dfbc8329472118ea204775885d1e9dcf232b3491cf72e00b9775204075f96edcd47b4bfd2a8ad2b2a203cfdc13540323a468b7e9c6cdc580d4bf4843f47777b770354dfad4068ceea991078b3839b7292be70822168724aa57c386e9d2b9d0e22aac3f2cf47ccdc29246457b3331bccef4075641695eeb8d0843ed89f60438c24e3ff811be14e901d463914a327b0e78df33d771b8db848ec8e2f37403e41aeceb57abb4471f0d07cc983363a973aff996a507aa0af4f6cfb8a5f833bb7958a5a6f50adf41efa37c3a7306da8bad21204184963e4f7ae16fa23aa5baa9ab3cbe03918e035d86c06279e137ed2bbe0d6264f4cf246938f2a30fdcae1ae4849e6d9f6227bebf02b16975e5aa5684759b9668f9456d1e7ab4719c6df785343b87399745553ce27621f7888ff354035342daa45df754b035d49ff41d11fe768a362fb43b2392e5bc61d8dfbdb0317908dafc8791d3edef064be485a51c7d0fb26b79009e622df51b0990eecb605e23726bb3a011ae631bf0cf8b38da673e55a60f2503e533cab952afb144a2854d3b62316557b25e870a47bd51deae0440b105de7f274f89df26f523f55e53e50073143ab5f1d12757d3fb5ca2fbcf10bda16ebc50580810e9b62ef602cddb20a4f091bbbe525c8eca8a46f4e8d71b60025694eef3c58a811ef34dec7d15c045bb9feae8672371c47007b4a1691febbaba2987fc2df37f771ea80d48f60e0a1be8a0e47115657728527a7c09dd08beddf6f0584dd8a7159dc20e01dcb5e7f12490b2bc38b126d7a368fff472563b13ed87650dc00f97dd9b6be5337b2210ea7262f9b2d6b9eca19e48c916c220c97fbc403bb91daab91abb1b1f07e06c3c0b2d798b9d718ea435202190e52691160f0be657824f403eec0ec8fdeeb3619ef8b67a9258d9b39dbbdf0a987ed374608ce689b4b329b19aa5bd328d872666e2e6293c7a682f0a663f71a0564baf7bc8e53db7ba53f6656230fe2bc4a1cdeee9413a53ef6e2db057ae497a48a1bbfe56ab6516a93953f9ee4a7e3cdf6358c94c7855928d551dce379cfc39ea87cca550094459afbad7c3becf260b8f14bc6e01435f542dc97192c2fb1972039ecd019c064dc762098a280a60467a421de834401f9969a421889f6d3d53ed3cff618ef08dbbde4bff7a4c42b4daf0efc066ec3772f119457260350456f20494d7d67b0ebf0566e79810661c14605d4b7a80381663d640b5c75f86a40e77d995c3798cda339051a512c718d3f97212a7b2ecaf1109630f399a6cf3ae2640cf0ec27ea78ea0f73d04d8889deeb15eb4b70a57b32220be5f928fbfb1437e93ac38d97bac0c0f5328eed5e13f98c85d76bb6fdc8e472943513a2617a67700941a1c943cf6c9407f8009fe8331959b78f2dce862f0a0ebe89088ea9ebbbc4cc188849cb5277750b906986bd4351db17c133f0e7d2af94509c77dea70c9a4e62709f6dbb7b82d21f100c2ea19c99ad3e4dfa109a18aecccab4e591db7ec84993ad0b13706cf5fa021fffe83255e19fe4c572b296c774f36495bc924669dce0724e2b5813976d7e22d1a91319053a47b75aa01edcde4851aa7a65b68ad85dd3476dac9455788f6f46ad698f3aff6ac41c085db7289518e0ec4531dedc3fde0876272071a1917c30e80d80cf9aa04c1399235f279f49f820113f0efdb82754f8d0a27cb892b1132ee60fa18a03a68cc0e99a2a42935a7a73978eec660648574c8e9fe5bd1f0e29d430f9ae38976568285d99208c005cbef7fcb11e8e3a210fd64a60171a06cd38d8765ad43b29c2951797f5f0fab03a80da08d237ec7663a648f61d26ede8a4600370cc41b644fd2faa301fbabb4ca90f96775e06ef09a7177e45e2d716d07f83641e35477ad07a626f2d61a341a005337b542af450c515cfb162826def7cecc80939fe91690f8256ce412b3f771ff3aca27465ae412c4535ebdfd7948deff69eac2d219bfd580b7f623beb8f8b189a7a8805e0ef821931d24002efd754cf189df39dd1042883a16a2cb8842327e06408ac417d64a7d2eae6bc34e370dd8e5035e87680b8900319e99afda45925bb14185092f16c16836ee6733d82f762da61fdb479b2e019d79488ee6db91a1388111fbf0524935407d148cd344d8648777847ce6bccfea717190d24c196d0bc9639ef44be6f83cf363ef97f515b8388b571fa760d97c0950070ef2c1f61d324b5cc16f439836ea330ac6e39ecd2e9fe8ab93e178f77fdee222301cf0e72b15e45da8d41ee26c3f0668b3f2f87b5ab6f93187a3e0bbeb1b29416f1e672967355c12c8019a5b0dc3875a9d0b93fe099fbf2a2c5ccb2809350dec6f37439dae82ea69dc2686013b2777b2054120f47ff00f70e957ca705c922d7fad0b60575a16e1b440c028959634a915f82dd7ae3dd37be4de32b7eea907dad0d329d16d5024dbbd6a1df63db36426861ed3008a939af9e4a845efdfc81a616ed32027c9a3a20f7f241eaf9aa91bc59b59cfe168e2abba5044108cd85f32df454e5e1f0947425916f98590d79c9b7ce6b11ddc73e4e636da967d5535ffa8676c2fee2197c9d17e330e49104f9fdc6dd57bc7ecb051ff333dea147eee7bc060899d5cbd20c5ee95b49b13ac8ad05380f31fa4c2f258db82b7eb3049cc361ecb3fca2d72578af5baa14f2831143aa28153b5ee70499835cf92230f0e5e7672135a45401d9f99be6a502383d2ab86f9df8f644385710f0b8ae2902e19da78e83f2de8f8274b388a0052a89e9a69c568f37a7ab333972641e5be44d45001ac272cce82ec309ba5afc2b6af058902c2cbdc2e3f81275aa62f1445a83cf01ffd98e4de7c4281c9835514918d3893fec7e9bd8e82e35f254ee093895e6debbfdd2145ec3e154823ab50a20aeb08385312dc618da1019c560720375c6580ed9c509cdd1b7060e8121640a7885f9fac7bf767df55d363b6511de7878e0e45e44e413d45a66452a38e619a704529ea66b813cc3d750660a185855d661a3181c06c7541c511d56bce200e123f21ac271731f93982bac7bf432a80064cda48aff1ad1d8aa9805677e49d7bd382910166974548a98cea4dd40d4c2f8269fe319c7b428a792c0fac552aa086f36933c6bf0086198f40f310d17371f231cb8806995a7584feaa5288d1ec9adc8254adbfdf3f5dd52381c9da16da3a2b64d9ef036a3d9237d0a84b55731ec5dd9098f07c2e3e3b37654afa2fad4701b982c5fdf947b8f090e5695a89f33aa94c30a4e44976f381e476474e0a15c376071745804d92f6e16aedad34b7727eec7ae2dd917a6bbea0f07722fbfe80eb8bad00255fce4f6f649668c6b2860b2d59f31d66ab9cbdd08d5a16c8af7645bb862a2beac465a6b2c5faf3018bd32569e8c7de645f9fc2595d07f238862fa1dfb31634fcc5af015d06da60a5a298f9570d0bfe395b1368ff91798b6015584338368caf017ca570451305a9331a36fb04c33ab5370501de275ba60b7c4ba46f57838c19ab4464007b46a4e4bf0b108338fe77bcd30aa037bd852816426031091b74c09c1477acce3da5cfe88dd709e7b673f885b4fd72e615c49c17601c9eeae42dd16873391e8608b713768333f246e88f8bb9e57e8c93b18e59846fd41dcd9a60fb31eee9b8a9889fb91144da2a4aa17925c9cdf495d6a5c9ad471bdcc5decd251b9f2885ce7a7bac39e555af3e804a7ed0c1a1b288624e374e43f74995d5307c4a96a6c509886dbdbea00306c4be7966e6dc36d5dc9e09d5925c70b28d6f7b7108ff3ad9d08d5eb9f9d50db8e707b3e5f3cdcd5c654b8d547eb9b679065f4a64f4837c4790f7a740cecf31c477fbc199c10cf43b671c3868df432e498ad8708a2090cf6886c24aacad7b1d41a7729f5595cb3b577b7b427470279f86ca63bdb904c4871bba91d4cb1fd196a8d825969758532d25ee4413865f5cc2cbbb0733d5f66273e699fe38903db8170c61b99b7b113a9c49f82f0c12365469a41565c8eab14741fc17e709367d03d6f8b60a5866e34fdfaec8e7f75dc34adb1ef10484dcde0fb8d16ec368ed9a5582715fe4a4aab5b48f94a40ca5b31184df754c7582040196cf9afa4152df2cb7ae714cd08e7cacef7ae04c0d1a5233f5fe1d1c8834707e3c6c7478c38f64b34f9138350c5bf653e690b5459f3e5f311cc0fc39d29360f6291d8b9bd4a013cd356c3c8433b94d826b3f190571850167976ea81a3381fbc5bbc159e219d2235be0cef16ef4c1486894e05f2ae02f429ee6014ce38725b59a9290da68d8821cd515ca28701170b9b74e1faa84ba235e568ff6fefc105c234659cfd2963357193f826709b6bfda6e8b2d6785c4c149deaba9f3cb6bb94d1784cc8ef05a7375a0f6f56f8a274e5430979451e223c56c314ccf6417f1d17f28f307c78c6cf69dc7464111d506a7787d5282fd2bb78487f4f4fa62115c3412860338edae1", 0x1000}, {&(0x7f0000001500)="93994b8c1cc35050dcde7155c2ebbdfbc639c8bbc3ed74179ae8bd93389c49cc37378d01857ce016a4a4c20f24b1e8d2cabdf2c6717022177858c6", 0x3b}], 0x9, 0x0)

23:24:40 executing program 5 (fault-call:0 fault-nth:0):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  494.008691] FAULT_INJECTION: forcing a failure.
[  494.008691] name failslab, interval 1, probability 0, space 0, times 0
[  494.065550] CPU: 1 PID: 25866 Comm: syz-executor.5 Not tainted 4.14.158-syzkaller #0
[  494.073486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  494.082848] Call Trace:
[  494.085436]  dump_stack+0x142/0x197
[  494.089056]  should_fail.cold+0x10f/0x159
[  494.093200]  should_failslab+0xdb/0x130
[  494.097174]  kmem_cache_alloc_node+0x287/0x780
[  494.101801]  ? get_pid_task+0x98/0x140
[  494.105769]  copy_process.part.0+0x17d5/0x6a70
[  494.110357]  ? save_trace+0x290/0x290
[  494.114208]  ? proc_fail_nth_write+0x7d/0x180
[  494.118699]  ? proc_cwd_link+0x1b0/0x1b0
[  494.122757]  ? __f_unlock_pos+0x19/0x20
[  494.126726]  ? find_held_lock+0x35/0x130
[  494.130776]  ? __cleanup_sighand+0x50/0x50
[  494.135005]  ? lock_downgrade+0x740/0x740
[  494.139166]  _do_fork+0x19e/0xce0
[  494.142609]  ? fork_idle+0x280/0x280
[  494.146370]  ? fput+0xd4/0x150
[  494.149548]  ? SyS_write+0x15e/0x230
[  494.153246]  SyS_clone+0x37/0x50
[  494.156595]  ? sys_vfork+0x30/0x30
[  494.160121]  do_syscall_64+0x1e8/0x640
[  494.164020]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  494.168854]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  494.174030] RIP: 0033:0x45a6f9
[  494.177211] RSP: 002b:00007f5d4120ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  494.184917] RAX: ffffffffffffffda RBX: 00007f5d4120ec90 RCX: 000000000045a6f9
[  494.192171] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  494.199425] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  494.206701] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5d4120f6d4
[  494.213971] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:40 executing program 1 (fault-call:0 fault-nth:0):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:40 executing program 4 (fault-call:0 fault-nth:0):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:40 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:40 executing program 3 (fault-call:0 fault-nth:0):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  494.281115] FAULT_INJECTION: forcing a failure.
[  494.281115] name failslab, interval 1, probability 0, space 0, times 0
[  494.304514] FAULT_INJECTION: forcing a failure.
[  494.304514] name failslab, interval 1, probability 0, space 0, times 0
[  494.324799] CPU: 1 PID: 25872 Comm: syz-executor.4 Not tainted 4.14.158-syzkaller #0
[  494.332761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  494.342130] Call Trace:
[  494.344731]  dump_stack+0x142/0x197
[  494.348383]  should_fail.cold+0x10f/0x159
[  494.352602]  should_failslab+0xdb/0x130
[  494.356599]  kmem_cache_alloc_node+0x287/0x780
[  494.361195]  ? finish_task_switch+0x14d/0x650
[  494.365691]  ? switch_mm_irqs_off+0x5e1/0xec0
[  494.370195]  copy_process.part.0+0x17d5/0x6a70
[  494.370208]  ? retint_kernel+0x2d/0x2d
23:24:41 executing program 2 (fault-call:0 fault-nth:0):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:41 executing program 5 (fault-call:0 fault-nth:1):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  494.370221]  ? trace_hardirqs_on_caller+0x400/0x590
[  494.370231]  ? save_trace+0x290/0x290
[  494.378710]  ? __f_unlock_pos+0x19/0x20
[  494.391499]  ? find_held_lock+0x35/0x130
[  494.395583]  ? __cleanup_sighand+0x50/0x50
[  494.399830]  ? lock_downgrade+0x740/0x740
[  494.403982]  _do_fork+0x19e/0xce0
[  494.407536]  ? fork_idle+0x280/0x280
[  494.411341]  ? fput+0xd4/0x150
[  494.413531] FAULT_INJECTION: forcing a failure.
[  494.413531] name failslab, interval 1, probability 0, space 0, times 0
[  494.414534]  ? SyS_write+0x15e/0x230
[  494.414550]  SyS_clone+0x37/0x50
[  494.414558]  ? sys_vfork+0x30/0x30
[  494.414577]  do_syscall_64+0x1e8/0x640
[  494.440229]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  494.445066]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  494.450240] RIP: 0033:0x45a6f9
[  494.453413] RSP: 002b:00007faa8cfa0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  494.461108] RAX: ffffffffffffffda RBX: 00007faa8cfa0c90 RCX: 000000000045a6f9
[  494.468362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  494.475708] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  494.482965] R10: 0000000000000000 R11: 0000000000000246 R12: 00007faa8cfa16d4
[  494.490218] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  494.497492] CPU: 0 PID: 25882 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  494.505384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  494.514801] Call Trace:
[  494.517414]  dump_stack+0x142/0x197
[  494.521134]  should_fail.cold+0x10f/0x159
[  494.525277]  should_failslab+0xdb/0x130
[  494.529239]  kmem_cache_alloc_node+0x287/0x780
[  494.533804]  ? get_pid_task+0x98/0x140
[  494.537681]  copy_process.part.0+0x17d5/0x6a70
[  494.542251]  ? save_trace+0x290/0x290
[  494.546035]  ? proc_fail_nth_write+0x7d/0x180
[  494.550512]  ? proc_cwd_link+0x1b0/0x1b0
[  494.554571]  ? __f_unlock_pos+0x19/0x20
[  494.558529]  ? find_held_lock+0x35/0x130
[  494.562578]  ? __cleanup_sighand+0x50/0x50
[  494.566796]  ? lock_downgrade+0x740/0x740
[  494.570932]  _do_fork+0x19e/0xce0
[  494.574372]  ? fork_idle+0x280/0x280
[  494.578073]  ? fput+0xd4/0x150
[  494.581255]  ? SyS_write+0x15e/0x230
[  494.584951]  SyS_clone+0x37/0x50
[  494.588297]  ? sys_vfork+0x30/0x30
[  494.591820]  do_syscall_64+0x1e8/0x640
[  494.595688]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  494.600533]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  494.605722] RIP: 0033:0x45a6f9
[  494.609078] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  494.616783] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  494.624051] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  494.631317] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  494.638616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  494.645886] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  494.654978] FAULT_INJECTION: forcing a failure.
[  494.654978] name failslab, interval 1, probability 0, space 0, times 0
[  494.666429] CPU: 1 PID: 25877 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  494.666853] FAULT_INJECTION: forcing a failure.
[  494.666853] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  494.674329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  494.674334] Call Trace:
[  494.674353]  dump_stack+0x142/0x197
[  494.674373]  should_fail.cold+0x10f/0x159
[  494.674391]  should_failslab+0xdb/0x130
[  494.674402]  kmem_cache_alloc_node+0x287/0x780
[  494.674413]  ? get_pid_task+0x98/0x140
[  494.674427]  copy_process.part.0+0x17d5/0x6a70
[  494.674442]  ? save_trace+0x290/0x290
[  494.674456]  ? proc_fail_nth_write+0x7d/0x180
[  494.674464]  ? proc_cwd_link+0x1b0/0x1b0
[  494.674477]  ? __f_unlock_pos+0x19/0x20
[  494.674489]  ? find_held_lock+0x35/0x130
[  494.674502]  ? __cleanup_sighand+0x50/0x50
[  494.674511]  ? lock_downgrade+0x740/0x740
[  494.674525]  _do_fork+0x19e/0xce0
[  494.674536]  ? fork_idle+0x280/0x280
[  494.674548]  ? fput+0xd4/0x150
[  494.674557]  ? SyS_write+0x15e/0x230
[  494.674569]  SyS_clone+0x37/0x50
[  494.674576]  ? sys_vfork+0x30/0x30
[  494.674588]  do_syscall_64+0x1e8/0x640
[  494.674596]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  494.674611]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  494.674618] RIP: 0033:0x45a6f9
[  494.674623] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  494.674634] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  494.674640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  494.674646] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  494.674652] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
23:24:41 executing program 2 (fault-call:0 fault-nth:1):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  494.674658] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  494.674923] CPU: 1 PID: 25885 Comm: syz-executor.1 Not tainted 4.14.158-syzkaller #0
[  494.841873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  494.851233] Call Trace:
[  494.853822]  dump_stack+0x142/0x197
[  494.857537]  should_fail.cold+0x10f/0x159
[  494.861696]  should_failslab+0xdb/0x130
[  494.865675]  kmem_cache_alloc_node+0x287/0x780
[  494.870252]  ? get_pid_task+0x98/0x140
[  494.870269]  copy_process.part.0+0x17d5/0x6a70
[  494.870286]  ? save_trace+0x290/0x290
[  494.870295]  ? proc_fail_nth_write+0x7d/0x180
[  494.870302]  ? proc_cwd_link+0x1b0/0x1b0
[  494.870313]  ? __f_unlock_pos+0x19/0x20
[  494.870322]  ? find_held_lock+0x35/0x130
[  494.870338]  ? __cleanup_sighand+0x50/0x50
[  494.903347]  ? lock_downgrade+0x740/0x740
[  494.907513]  _do_fork+0x19e/0xce0
[  494.909266] FAULT_INJECTION: forcing a failure.
[  494.909266] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  494.910972]  ? fork_idle+0x280/0x280
[  494.910987]  ? fput+0xd4/0x150
[  494.910997]  ? SyS_write+0x15e/0x230
[  494.911011]  SyS_clone+0x37/0x50
[  494.911018]  ? sys_vfork+0x30/0x30
[  494.911029]  do_syscall_64+0x1e8/0x640
[  494.911038]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  494.911057]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  494.954163] RIP: 0033:0x45a6f9
[  494.957338] RSP: 002b:00007fb735e70c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  494.965035] RAX: ffffffffffffffda RBX: 00007fb735e70c90 RCX: 000000000045a6f9
[  494.972291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  494.979551] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  494.986813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb735e716d4
[  494.994066] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  495.001335] CPU: 0 PID: 25886 Comm: syz-executor.5 Not tainted 4.14.158-syzkaller #0
[  495.009227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  495.018566] Call Trace:
[  495.021141]  dump_stack+0x142/0x197
[  495.024757]  should_fail.cold+0x10f/0x159
[  495.028886]  ? __might_sleep+0x93/0xb0
[  495.032821]  __alloc_pages_nodemask+0x1d6/0x7a0
[  495.037477]  ? __alloc_pages_slowpath+0x2930/0x2930
[  495.042506]  ? rcu_read_lock_sched_held+0x110/0x130
[  495.047511]  copy_process.part.0+0x26a/0x6a70
[  495.051996]  ? save_trace+0x290/0x290
[  495.055778]  ? proc_fail_nth_write+0x7d/0x180
[  495.060258]  ? proc_cwd_link+0x1b0/0x1b0
[  495.064303]  ? __f_unlock_pos+0x19/0x20
[  495.068257]  ? find_held_lock+0x35/0x130
[  495.072306]  ? __cleanup_sighand+0x50/0x50
[  495.076537]  ? lock_downgrade+0x740/0x740
[  495.080671]  _do_fork+0x19e/0xce0
[  495.084123]  ? fork_idle+0x280/0x280
[  495.087848]  ? fput+0xd4/0x150
[  495.091022]  ? SyS_write+0x15e/0x230
[  495.094721]  SyS_clone+0x37/0x50
[  495.098068]  ? sys_vfork+0x30/0x30
[  495.101613]  do_syscall_64+0x1e8/0x640
[  495.105499]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  495.110345]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  495.115540] RIP: 0033:0x45a6f9
[  495.118722] RSP: 002b:00007f5d4120ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  495.126423] RAX: ffffffffffffffda RBX: 00007f5d4120ec90 RCX: 000000000045a6f9
23:24:41 executing program 3 (fault-call:0 fault-nth:1):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:41 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_RESET_STATS(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x12c0004}, 0xc, &(0x7f0000000340)={&(0x7f0000000080)={0x2a8, r1, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0xbc, 0x4, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc95}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x12e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_BEARER={0xb4, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x1, @rand_addr="0e2c4b1477b8ec88cb14c8dcee8543fe"}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x1, @loopback, 0x6}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0xffff0000, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x81}}, {0x14, 0x2, @in={0x2, 0x4e22, @local}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}]}, @TIPC_NLA_LINK={0x50, 0x4, [@TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf80}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}]}, @TIPC_NLA_SOCK={0x30, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7ff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xc745}]}, @TIPC_NLA_NODE={0x38, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x10000000}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3ff}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fffffff}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xaa0}]}, @TIPC_NLA_NET={0x30, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7fff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}]}, @TIPC_NLA_MEDIA={0x3c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}]}]}, 0x2a8}, 0x1, 0x0, 0x0, 0x40080840}, 0x4000)

[  495.133682] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  495.140937] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  495.148288] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5d4120f6d4
[  495.155542] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  495.204747] CPU: 0 PID: 25889 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  495.212688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  495.215731] FAULT_INJECTION: forcing a failure.
[  495.215731] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  495.222065] Call Trace:
[  495.222082]  dump_stack+0x142/0x197
[  495.222097]  should_fail.cold+0x10f/0x159
[  495.222107]  ? __might_sleep+0x93/0xb0
[  495.222120]  __alloc_pages_nodemask+0x1d6/0x7a0
[  495.222131]  ? __alloc_pages_slowpath+0x2930/0x2930
[  495.222141]  ? rcu_read_lock_sched_held+0x110/0x130
[  495.222158]  copy_process.part.0+0x26a/0x6a70
[  495.222174]  ? save_trace+0x290/0x290
[  495.222182]  ? proc_fail_nth_write+0x7d/0x180
[  495.222189]  ? proc_cwd_link+0x1b0/0x1b0
[  495.222200]  ? __f_unlock_pos+0x19/0x20
[  495.222208]  ? find_held_lock+0x35/0x130
[  495.222222]  ? __cleanup_sighand+0x50/0x50
[  495.222231]  ? lock_downgrade+0x740/0x740
[  495.222243]  _do_fork+0x19e/0xce0
[  495.222269]  ? fork_idle+0x280/0x280
[  495.222281]  ? fput+0xd4/0x150
[  495.222288]  ? SyS_write+0x15e/0x230
[  495.222303]  SyS_clone+0x37/0x50
[  495.313439]  ? sys_vfork+0x30/0x30
[  495.316983]  do_syscall_64+0x1e8/0x640
[  495.320854]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  495.325686]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  495.330878] RIP: 0033:0x45a6f9
[  495.334050] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  495.341743] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  495.349001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  495.356260] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  495.363516] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  495.370959] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  495.378230] CPU: 1 PID: 25894 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  495.386126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  495.386131] Call Trace:
[  495.386146]  dump_stack+0x142/0x197
[  495.386164]  should_fail.cold+0x10f/0x159
[  495.405835]  ? __might_sleep+0x93/0xb0
[  495.405852]  __alloc_pages_nodemask+0x1d6/0x7a0
[  495.405867]  ? __alloc_pages_slowpath+0x2930/0x2930
[  495.405877]  ? rcu_read_lock_sched_held+0x110/0x130
[  495.405894]  copy_process.part.0+0x26a/0x6a70
[  495.429123]  ? save_trace+0x290/0x290
[  495.432938]  ? proc_fail_nth_write+0x7d/0x180
[  495.437445]  ? proc_cwd_link+0x1b0/0x1b0
[  495.441632]  ? __f_unlock_pos+0x19/0x20
[  495.445613]  ? find_held_lock+0x35/0x130
[  495.449680]  ? __cleanup_sighand+0x50/0x50
23:24:42 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x4103, 0x0)
ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000040))

23:24:42 executing program 5 (fault-call:0 fault-nth:2):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:42 executing program 2 (fault-call:0 fault-nth:2):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  495.454006]  ? lock_downgrade+0x740/0x740
[  495.458164]  _do_fork+0x19e/0xce0
[  495.458177]  ? fork_idle+0x280/0x280
[  495.458191]  ? fput+0xd4/0x150
[  495.458201]  ? SyS_write+0x15e/0x230
[  495.458215]  SyS_clone+0x37/0x50
[  495.475607]  ? sys_vfork+0x30/0x30
[  495.479160]  do_syscall_64+0x1e8/0x640
[  495.483061]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  495.487924]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  495.493109] RIP: 0033:0x45a6f9
[  495.496295] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:24:42 executing program 3 (fault-call:0 fault-nth:2):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:42 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x80, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
recvfrom$ax25(0xffffffffffffffff, &(0x7f0000000040)=""/246, 0xf6, 0x20, &(0x7f0000000140)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@default, @bcast, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @default]}, 0x48)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r3)

[  495.496306] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  495.496311] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  495.496317] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  495.496323] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  495.496328] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  495.571349] FAULT_INJECTION: forcing a failure.
[  495.571349] name failslab, interval 1, probability 0, space 0, times 0
[  495.584275] FAULT_INJECTION: forcing a failure.
[  495.584275] name failslab, interval 1, probability 0, space 0, times 0
[  495.590692] CPU: 0 PID: 25907 Comm: syz-executor.5 Not tainted 4.14.158-syzkaller #0
[  495.603396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  495.603402] Call Trace:
[  495.603417]  dump_stack+0x142/0x197
[  495.603435]  should_fail.cold+0x10f/0x159
[  495.624516]  should_failslab+0xdb/0x130
[  495.628503]  kmem_cache_alloc+0x2d7/0x780
[  495.632656]  ? creds_are_invalid+0x48/0x110
[  495.636984]  ? __validate_process_creds+0x14c/0x200
[  495.642036]  prepare_creds+0x3c/0x390
[  495.645845]  copy_creds+0x7b/0x4f0
[  495.649402]  ? lockdep_init_map+0x9/0x10
[  495.653479]  copy_process.part.0+0x868/0x6a70
[  495.653492]  ? save_trace+0x290/0x290
[  495.653500]  ? proc_fail_nth_write+0x7d/0x180
[  495.653507]  ? proc_cwd_link+0x1b0/0x1b0
[  495.653519]  ? __f_unlock_pos+0x19/0x20
[  495.653535]  ? __cleanup_sighand+0x50/0x50
[  495.653544]  ? lock_downgrade+0x740/0x740
[  495.653558]  _do_fork+0x19e/0xce0
[  495.653569]  ? fork_idle+0x280/0x280
[  495.653581]  ? fput+0xd4/0x150
[  495.653590]  ? SyS_write+0x15e/0x230
[  495.653601]  SyS_clone+0x37/0x50
[  495.653607]  ? sys_vfork+0x30/0x30
[  495.653618]  do_syscall_64+0x1e8/0x640
[  495.653628]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  495.678630]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  495.678637] RIP: 0033:0x45a6f9
[  495.678644] RSP: 002b:00007f5d4120ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  495.728774] RAX: ffffffffffffffda RBX: 00007f5d4120ec90 RCX: 000000000045a6f9
[  495.736136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  495.743402] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  495.750659] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5d4120f6d4
[  495.757928] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  495.766745] CPU: 1 PID: 25910 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  495.774668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  495.777116] FAULT_INJECTION: forcing a failure.
[  495.777116] name failslab, interval 1, probability 0, space 0, times 0
[  495.784044] Call Trace:
[  495.784060]  dump_stack+0x142/0x197
[  495.784077]  should_fail.cold+0x10f/0x159
[  495.784092]  should_failslab+0xdb/0x130
[  495.784102]  kmem_cache_alloc+0x2d7/0x780
[  495.784111]  ? creds_are_invalid+0x48/0x110
[  495.784120]  ? __validate_process_creds+0x14c/0x200
[  495.784130]  prepare_creds+0x3c/0x390
[  495.784139]  copy_creds+0x7b/0x4f0
[  495.784149]  ? lockdep_init_map+0x9/0x10
[  495.784160]  copy_process.part.0+0x868/0x6a70
[  495.784176]  ? save_trace+0x290/0x290
[  495.784184]  ? proc_fail_nth_write+0x7d/0x180
[  495.784192]  ? proc_cwd_link+0x1b0/0x1b0
[  495.784202]  ? __f_unlock_pos+0x19/0x20
[  495.784218]  ? __cleanup_sighand+0x50/0x50
[  495.784228]  ? lock_downgrade+0x740/0x740
[  495.784241]  _do_fork+0x19e/0xce0
[  495.784252]  ? fork_idle+0x280/0x280
23:24:42 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:42 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r1, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
ustat(0x3, &(0x7f0000000100))
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r3}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000000)={r3, 0xac, "d1cad4657eb7e74741cfa284ef1c1130b35f9799c0b8fc5c7615e8d6f1b52877a64e4b53a5a439cf65aa69c99cb4fa2785b58f35466ed3b18f9704102809706f289e8dafcbcdd2856717827a3cfc2fcca0cd9b76e93edb3a311a3ea8a37b302c055b63a2d145b23c3dae329db7576f8975887f0457d2b2f38dde0b737a352a22ea024d07c831cdf55cdfe8e76c0fe37d42f80d5a1b416aa7c4420cf19e9edd7e48ef3273aeb0d543085df616"}, &(0x7f00000000c0)=0xb4)

23:24:42 executing program 4:
clone(0x10000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x2, 0x30000)
ioctl$KVM_TRANSLATE(r0, 0xc018ae85, &(0x7f0000000080)={0x10004, 0x4, 0x5, 0xa, 0xfa})

23:24:42 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000040)={0x0, 0x2, 0x2, 0x20, &(0x7f0000ffc000/0x1000)=nil, 0x9})

23:24:42 executing program 2 (fault-call:0 fault-nth:3):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  495.784264]  ? fput+0xd4/0x150
[  495.784272]  ? SyS_write+0x15e/0x230
[  495.784284]  SyS_clone+0x37/0x50
[  495.784289]  ? sys_vfork+0x30/0x30
[  495.784307]  do_syscall_64+0x1e8/0x640
[  495.814119]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  495.827234]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  495.827244] RIP: 0033:0x45a6f9
[  495.827249] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  495.827260] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  495.827265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  495.827272] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  495.843107] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  495.843113] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  495.929130] CPU: 1 PID: 25912 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  495.946743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  495.946748] Call Trace:
[  495.946762]  dump_stack+0x142/0x197
[  495.946778]  should_fail.cold+0x10f/0x159
[  495.964010]  should_failslab+0xdb/0x130
[  495.964020]  kmem_cache_alloc+0x2d7/0x780
[  495.964032]  ? creds_are_invalid+0x48/0x110
[  495.964040]  ? __validate_process_creds+0x14c/0x200
[  495.964052]  prepare_creds+0x3c/0x390
[  495.970244]  copy_creds+0x7b/0x4f0
[  495.970253]  ? lockdep_init_map+0x9/0x10
[  495.970266]  copy_process.part.0+0x868/0x6a70
[  495.970280]  ? save_trace+0x290/0x290
[  495.983151]  ? proc_fail_nth_write+0x7d/0x180
[  495.983160]  ? proc_cwd_link+0x1b0/0x1b0
[  495.983171]  ? __f_unlock_pos+0x19/0x20
[  495.983188]  ? __cleanup_sighand+0x50/0x50
[  495.983201]  ? lock_downgrade+0x740/0x740
[  495.992566]  _do_fork+0x19e/0xce0
[  495.992580]  ? fork_idle+0x280/0x280
[  495.992592]  ? fput+0xd4/0x150
[  495.992601]  ? SyS_write+0x15e/0x230
[  495.992612]  SyS_clone+0x37/0x50
[  495.992622]  ? sys_vfork+0x30/0x30
[  496.000105]  do_syscall_64+0x1e8/0x640
[  496.000115]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  496.000132]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  496.000139] RIP: 0033:0x45a6f9
23:24:42 executing program 5 (fault-call:0 fault-nth:3):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:42 executing program 4:
clone(0x13380400, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000000)=0x800, &(0x7f0000000040)=0x2)

[  496.000145] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  496.000154] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  496.000159] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  496.000163] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  496.000171] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  496.008736] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  496.031687] Unknown ioctl -1071094763
[  496.126809] FAULT_INJECTION: forcing a failure.
[  496.126809] name failslab, interval 1, probability 0, space 0, times 0
[  496.138837] FAULT_INJECTION: forcing a failure.
[  496.138837] name failslab, interval 1, probability 0, space 0, times 0
[  496.139173] CPU: 1 PID: 25933 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  496.157949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  496.167319] Call Trace:
[  496.169932]  dump_stack+0x142/0x197
[  496.173614]  should_fail.cold+0x10f/0x159
[  496.177781]  should_failslab+0xdb/0x130
[  496.181790]  __kmalloc_track_caller+0x2ec/0x790
[  496.186550]  ? check_preemption_disabled+0x3c/0x250
[  496.186565]  ? prepare_creds+0x3c/0x390
[  496.195541]  ? selinux_cred_prepare+0x49/0xb0
[  496.200102]  kmemdup+0x27/0x60
[  496.203306]  selinux_cred_prepare+0x49/0xb0
[  496.203320]  security_prepare_creds+0x7d/0xb0
[  496.203336]  prepare_creds+0x2d1/0x390
[  496.203347]  copy_creds+0x7b/0x4f0
[  496.203358]  ? lockdep_init_map+0x9/0x10
[  496.203370]  copy_process.part.0+0x868/0x6a70
[  496.203385]  ? save_trace+0x290/0x290
[  496.231879]  ? proc_fail_nth_write+0x7d/0x180
[  496.236358]  ? proc_cwd_link+0x1b0/0x1b0
[  496.240443]  ? __f_unlock_pos+0x19/0x20
[  496.244426]  ? __cleanup_sighand+0x50/0x50
[  496.248646]  ? lock_downgrade+0x740/0x740
[  496.252782]  _do_fork+0x19e/0xce0
[  496.256222]  ? fork_idle+0x280/0x280
[  496.259934]  ? fput+0xd4/0x150
[  496.263110]  ? SyS_write+0x15e/0x230
[  496.266835]  SyS_clone+0x37/0x50
[  496.270194]  ? sys_vfork+0x30/0x30
[  496.273730]  do_syscall_64+0x1e8/0x640
[  496.277613]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  496.282548]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  496.287746] RIP: 0033:0x45a6f9
[  496.290925] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  496.298636] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  496.305924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  496.313179] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  496.320431] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
23:24:42 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:43 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f0000000000))

[  496.327683] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  496.335568] CPU: 0 PID: 25932 Comm: syz-executor.5 Not tainted 4.14.158-syzkaller #0
[  496.343479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  496.352840] Call Trace:
[  496.355439]  dump_stack+0x142/0x197
[  496.359085]  should_fail.cold+0x10f/0x159
[  496.363335]  should_failslab+0xdb/0x130
[  496.367310]  __kmalloc_track_caller+0x2ec/0x790
[  496.371987]  ? check_preemption_disabled+0x3c/0x250
23:24:43 executing program 1:
clone(0x10000200, 0x0, 0x0, 0x0, 0x0)

[  496.377018]  ? prepare_creds+0x3c/0x390
[  496.381004]  ? selinux_cred_prepare+0x49/0xb0
[  496.385512]  kmemdup+0x27/0x60
[  496.388719]  selinux_cred_prepare+0x49/0xb0
[  496.393051]  security_prepare_creds+0x7d/0xb0
[  496.397558]  prepare_creds+0x2d1/0x390
[  496.401458]  copy_creds+0x7b/0x4f0
[  496.405004]  ? lockdep_init_map+0x9/0x10
[  496.409071]  copy_process.part.0+0x868/0x6a70
[  496.414102]  ? save_trace+0x290/0x290
[  496.417916]  ? proc_fail_nth_write+0x7d/0x180
[  496.422414]  ? proc_cwd_link+0x1b0/0x1b0
[  496.426482]  ? __f_unlock_pos+0x19/0x20
[  496.430476]  ? __cleanup_sighand+0x50/0x50
[  496.434720]  ? lock_downgrade+0x740/0x740
[  496.438883]  _do_fork+0x19e/0xce0
[  496.442347]  ? fork_idle+0x280/0x280
[  496.446068]  ? fput+0xd4/0x150
[  496.449263]  ? SyS_write+0x15e/0x230
[  496.452965]  SyS_clone+0x37/0x50
[  496.456310]  ? sys_vfork+0x30/0x30
[  496.459855]  do_syscall_64+0x1e8/0x640
[  496.463742]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  496.469269]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  496.474444] RIP: 0033:0x45a6f9
23:24:43 executing program 3 (fault-call:0 fault-nth:3):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:43 executing program 1:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  496.477641] RSP: 002b:00007f5d4120ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  496.485337] RAX: ffffffffffffffda RBX: 00007f5d4120ec90 RCX: 000000000045a6f9
[  496.492593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  496.499852] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  496.508251] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5d4120f6d4
[  496.516839] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:43 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002e00)=[{{0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/25, 0x19}}, {{&(0x7f0000000780)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000800)=""/204, 0xcc}], 0x1}, 0x1ff}, {{&(0x7f0000000940)=@ipx, 0x80, &(0x7f0000001d40)=[{&(0x7f00000009c0)=""/110, 0x6e}, {&(0x7f0000000a40)=""/206, 0xce}, {&(0x7f0000000b40)=""/23, 0x17}, {&(0x7f0000000b80)=""/40, 0x28}, {&(0x7f0000000bc0)=""/235, 0xeb}, {&(0x7f0000000cc0)=""/107, 0x6b}, {&(0x7f0000000d40)=""/4096, 0x1000}], 0x7, &(0x7f0000001dc0)=""/141, 0x8d}, 0x7}, {{&(0x7f0000001e80)=@pppol2tp, 0x80, &(0x7f0000001f80)=[{&(0x7f0000001f00)}, {&(0x7f0000001f40)}], 0x2, &(0x7f0000001fc0)=""/138, 0x8a}, 0x4}, {{&(0x7f0000002080)=@tipc=@name, 0x80, &(0x7f0000002180)=[{&(0x7f0000002100)=""/72, 0x48}], 0x1, &(0x7f00000021c0)=""/190, 0xbe}, 0x3}, {{&(0x7f00000022c0)=@alg, 0x80, &(0x7f0000002440)=[{&(0x7f0000002340)=""/212, 0xd4}], 0x1, &(0x7f0000002480)=""/140, 0x8c}, 0x7}, {{&(0x7f0000002540)=@pppol2tp={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f0000002840)=[{&(0x7f00000025c0)=""/8, 0x8}, {&(0x7f0000002600)=""/59, 0x3b}, {&(0x7f0000002640)=""/197, 0xfffffffffffffec2}, {&(0x7f0000002740)=""/97, 0x61}, {&(0x7f00000027c0)=""/8, 0x8}, {&(0x7f0000002800)}], 0x6, &(0x7f00000028c0)=""/243, 0xf3}, 0x4}, {{&(0x7f00000029c0)=@alg, 0x80, &(0x7f0000002b40)=[{&(0x7f0000002a40)=""/219, 0xdb}], 0x1}, 0x7}, {{&(0x7f0000002b80)=@ax25={{0x3, @rose}, [@default, @bcast, @rose, @rose, @bcast, @bcast, @null, @rose]}, 0x80, &(0x7f0000002cc0)=[{&(0x7f0000002c00)=""/115, 0x73}, {&(0x7f0000002c80)=""/25, 0x19}], 0x2, &(0x7f0000002d00)=""/247, 0xf7}, 0x2}], 0x9, 0x40002101, 0x0)
setsockopt$inet6_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000003040)=@ccm_128={{0x303}, "e6b4e3b469825c67", "1578eb7a94b2e5c68613b57d59e2bace", "a5608b55", "d2f348f56be37ded"}, 0x28)

23:24:43 executing program 2 (fault-call:0 fault-nth:4):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:43 executing program 1:
clone(0x270b4300, 0x0, 0x0, 0x0, 0x0)

[  496.634657] FAULT_INJECTION: forcing a failure.
[  496.634657] name failslab, interval 1, probability 0, space 0, times 0
[  496.638671] FAULT_INJECTION: forcing a failure.
[  496.638671] name failslab, interval 1, probability 0, space 0, times 0
[  496.736509] CPU: 1 PID: 25964 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  496.744572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  496.753947] Call Trace:
[  496.756545]  dump_stack+0x142/0x197
[  496.760192]  should_fail.cold+0x10f/0x159
[  496.764353]  should_failslab+0xdb/0x130
[  496.768332]  __kmalloc_track_caller+0x2ec/0x790
[  496.773056]  ? check_preemption_disabled+0x3c/0x250
[  496.778069]  ? prepare_creds+0x3c/0x390
[  496.782035]  ? selinux_cred_prepare+0x49/0xb0
[  496.786524]  kmemdup+0x27/0x60
[  496.789702]  selinux_cred_prepare+0x49/0xb0
[  496.794019]  security_prepare_creds+0x7d/0xb0
[  496.798506]  prepare_creds+0x2d1/0x390
[  496.802394]  copy_creds+0x7b/0x4f0
[  496.805921]  ? lockdep_init_map+0x9/0x10
[  496.809979]  copy_process.part.0+0x868/0x6a70
[  496.814464]  ? save_trace+0x290/0x290
[  496.818263]  ? proc_fail_nth_write+0x7d/0x180
[  496.822758]  ? proc_cwd_link+0x1b0/0x1b0
[  496.826815]  ? __f_unlock_pos+0x19/0x20
[  496.832019]  ? __cleanup_sighand+0x50/0x50
[  496.836239]  ? lock_downgrade+0x740/0x740
[  496.840376]  _do_fork+0x19e/0xce0
[  496.843814]  ? fork_idle+0x280/0x280
[  496.847515]  ? fput+0xd4/0x150
[  496.850694]  ? SyS_write+0x15e/0x230
[  496.854410]  SyS_clone+0x37/0x50
[  496.857762]  ? sys_vfork+0x30/0x30
[  496.861290]  do_syscall_64+0x1e8/0x640
[  496.865184]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  496.870030]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  496.875223] RIP: 0033:0x45a6f9
[  496.878418] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:24:43 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x20000, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000080)={0x2, r1})
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x10003, 0x0)

[  496.886117] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  496.893373] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  496.900628] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  496.907882] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  496.915137] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  496.922407] CPU: 0 PID: 25963 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
23:24:43 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
lsetxattr$smack_xattr_label(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.SMACK64IPIN\x00', &(0x7f0000000180)={'@Oproc)!\x00'}, 0xa, 0x2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={<r1=>r0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000000)='@Oproc)!\x00'}, 0x30)
ptrace$setsig(0x4203, r1, 0x8, &(0x7f0000000080)={0x30, 0x2})
socket$bt_cmtp(0x1f, 0x3, 0x5)

[  496.930302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  496.939656] Call Trace:
[  496.942255]  dump_stack+0x142/0x197
[  496.945895]  should_fail.cold+0x10f/0x159
[  496.950052]  should_failslab+0xdb/0x130
[  496.954137]  __kmalloc_track_caller+0x2ec/0x790
[  496.958819]  ? check_preemption_disabled+0x3c/0x250
[  496.963878]  ? prepare_creds+0x3c/0x390
[  496.967861]  ? selinux_cred_prepare+0x49/0xb0
[  496.972352]  kmemdup+0x27/0x60
[  496.975536]  selinux_cred_prepare+0x49/0xb0
[  496.979872]  security_prepare_creds+0x7d/0xb0
[  496.984358]  prepare_creds+0x2d1/0x390
[  496.988318]  copy_creds+0x7b/0x4f0
[  496.991842]  ? lockdep_init_map+0x9/0x10
[  496.995899]  copy_process.part.0+0x868/0x6a70
[  497.000401]  ? save_trace+0x290/0x290
[  497.004184]  ? proc_fail_nth_write+0x7d/0x180
[  497.008666]  ? proc_cwd_link+0x1b0/0x1b0
[  497.012714]  ? __f_unlock_pos+0x19/0x20
[  497.016684]  ? __cleanup_sighand+0x50/0x50
[  497.020902]  ? lock_downgrade+0x740/0x740
[  497.025048]  _do_fork+0x19e/0xce0
[  497.028484]  ? fork_idle+0x280/0x280
[  497.032197]  ? fput+0xd4/0x150
[  497.035458]  ? SyS_write+0x15e/0x230
[  497.039156]  SyS_clone+0x37/0x50
[  497.042516]  ? sys_vfork+0x30/0x30
[  497.046043]  do_syscall_64+0x1e8/0x640
[  497.049912]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  497.054772]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  497.059970] RIP: 0033:0x45a6f9
[  497.063152] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  497.070862] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  497.078137] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  497.085416] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  497.092677] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  497.099950] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:43 executing program 5:
clone(0x2000, 0x0, 0x0, 0x0, 0x0)

23:24:43 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:43 executing program 2 (fault-call:0 fault-nth:5):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:43 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='wchan\x00')
mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x40010, r0, 0x5a2)
ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000000040)={0x5, 0x1ff, 0xffff})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$USBDEVFS_DISCARDURB(r1, 0x550b, &(0x7f0000000080)=0x9)

23:24:43 executing program 4:
r0 = socket(0xec5da36adb3d7be3, 0x3, 0x2)
getsockopt$netlink(r0, 0x10e, 0x9, &(0x7f0000000000)=""/180, &(0x7f00000000c0)=0xb4)

[  497.247467] FAULT_INJECTION: forcing a failure.
[  497.247467] name failslab, interval 1, probability 0, space 0, times 0
[  497.323332] CPU: 1 PID: 26002 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  497.331264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  497.340637] Call Trace:
[  497.343242]  dump_stack+0x142/0x197
[  497.346918]  should_fail.cold+0x10f/0x159
[  497.351098]  should_failslab+0xdb/0x130
[  497.355093]  __kmalloc_track_caller+0x2ec/0x790
[  497.359794]  ? __debug_object_init+0x171/0x8e0
[  497.364387]  ? setup_userns_sysctls+0x50/0x180
[  497.368987]  kmemdup+0x27/0x60
[  497.370177] FAULT_INJECTION: forcing a failure.
[  497.370177] name failslab, interval 1, probability 0, space 0, times 0
[  497.372191]  setup_userns_sysctls+0x50/0x180
[  497.372294]  create_user_ns+0x79c/0xcd0
[  497.372314]  copy_creds+0x3e9/0x4f0
[  497.395492]  ? lockdep_init_map+0x9/0x10
[  497.399564]  copy_process.part.0+0x868/0x6a70
[  497.404081]  ? save_trace+0x290/0x290
[  497.407885]  ? proc_fail_nth_write+0x7d/0x180
[  497.412379]  ? proc_cwd_link+0x1b0/0x1b0
[  497.416443]  ? __f_unlock_pos+0x19/0x20
[  497.420428]  ? __cleanup_sighand+0x50/0x50
[  497.424671]  ? lock_downgrade+0x740/0x740
[  497.428820]  _do_fork+0x19e/0xce0
[  497.432269]  ? fork_idle+0x280/0x280
[  497.435983]  ? fput+0xd4/0x150
[  497.439171]  ? SyS_write+0x15e/0x230
[  497.442890]  SyS_clone+0x37/0x50
[  497.446256]  ? sys_vfork+0x30/0x30
[  497.449802]  do_syscall_64+0x1e8/0x640
[  497.453695]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  497.458551]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  497.463748] RIP: 0033:0x45a6f9
[  497.466939] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  497.474648] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  497.481941] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  497.489219] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  497.496500] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  497.503782] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  497.511573] CPU: 0 PID: 26017 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
23:24:44 executing program 3 (fault-call:0 fault-nth:4):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:44 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:44 executing program 1:
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000040))
r1 = syz_open_dev$dri(&(0x7f00000003c0)='/dev/dri/card#\x00', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$bt_hci_HCI_FILTER(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)={0x80, 0x1, 0xfb}, 0x10)
ioctl(r1, 0xffffffffffffffb2, &(0x7f0000000000))
clone(0x1000000, 0x0, 0x0, 0x0, 0x0)

23:24:44 executing program 5:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:44 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='trusted.overlay.nlink\x00', &(0x7f0000000080)='$system*\x00', 0x9, 0x2)

23:24:44 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r2, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000140)=0x1)
shutdown(r2, 0x1)
r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r5, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r5, r5, &(0x7f0000000240), 0x7fff)
connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e24, 0x198, @loopback, 0x800}, 0x1c)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r6=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000000c0)={r6}, &(0x7f0000000000)=0x8)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r7, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r7, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r7, 0x1)
r8 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r9=>0x0]}, &(0x7f000095dffc)=0x8)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000200)={<r10=>r2})
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r10, 0x84, 0x1e, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f00000000c0)={r9}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000000)={<r11=>r6, 0x4, 0x5, 0x8, 0x1cbf, 0x409c, 0x7f, 0x3b0, {r9, @in6={{0xa, 0x4e21, 0x8, @ipv4={[], [], @multicast1}, 0x1ff}}, 0x6, 0x800, 0x4, 0x7, 0x3c5}}, &(0x7f00000000c0)=0xb0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000100)={r11, 0x24}, 0x8)

[  497.519570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  497.519578] Call Trace:
[  497.531530]  dump_stack+0x142/0x197
[  497.535170]  should_fail.cold+0x10f/0x159
[  497.539767]  should_failslab+0xdb/0x130
[  497.543753]  kmem_cache_alloc+0x2d7/0x780
[  497.547922]  ? retire_userns_sysctls+0x90/0x90
[  497.547933]  ? kmemdup+0x47/0x60
[  497.547946]  create_user_ns+0x3ce/0xcd0
[  497.559848]  copy_creds+0x3e9/0x4f0
[  497.563477]  ? lockdep_init_map+0x9/0x10
[  497.567547]  copy_process.part.0+0x868/0x6a70
[  497.572057]  ? save_trace+0x290/0x290
[  497.575873]  ? proc_fail_nth_write+0x7d/0x180
[  497.580400]  ? proc_cwd_link+0x1b0/0x1b0
[  497.584471]  ? __f_unlock_pos+0x19/0x20
[  497.588457]  ? __cleanup_sighand+0x50/0x50
[  497.592700]  ? lock_downgrade+0x740/0x740
[  497.596857]  _do_fork+0x19e/0xce0
[  497.600325]  ? fork_idle+0x280/0x280
[  497.604046]  ? fput+0xd4/0x150
[  497.607256]  ? SyS_write+0x15e/0x230
[  497.610984]  SyS_clone+0x37/0x50
[  497.614358]  ? sys_vfork+0x30/0x30
[  497.617999]  do_syscall_64+0x1e8/0x640
[  497.621890]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  497.626736]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  497.631913] RIP: 0033:0x45a6f9
[  497.635128] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  497.642824] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  497.650093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  497.657364] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  497.664623] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
23:24:44 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x0, 0x0)
ioctl$USBDEVFS_GETDRIVER(r0, 0x41045508, &(0x7f0000000040)={0x1ff, "8a9d1831d6698b6c671b57d6d4152734dcacf4a424cbbf21b47ee0dc8950a9e97955cddda05dafe71debcea5e53a29c078d6707830a5aeb004808896ed4c42855ff4940be0f8c906b983422ac0d5ee52b323eb5dde410489577739d79dfa331cebfe84344e41f1e08a5e28fbec9bec5f227c0e4c566ef191e33b4b904647f1a1689a6b399c8c834618c54a52e0d9dcc2b81d50dcb0f8ce88fa48eb64c1b0634127ce6c5d1839871eaba91fb8d3d31429654de87c4d29ce212836fb6b625f277e743e878c9aaa7929749ede6605cc763ecbf6bdd6fac5b521b63a4ffd32cd32cb8a3c3159f7bc1a0df5e6fc612ccf368b13d149d604dd98d3abbd00"})

23:24:44 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:44 executing program 2 (fault-call:0 fault-nth:6):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:44 executing program 1:
clone(0x40890c00, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
getsockopt$bt_hci(r0, 0x0, 0x1, &(0x7f0000000000)=""/43, &(0x7f0000000040)=0x2b)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
getsockname$inet(r1, &(0x7f0000000080)={0x2, 0x0, @dev}, &(0x7f00000000c0)=0x10)

[  497.671880] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:44 executing program 3 (fault-call:0 fault-nth:5):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:44 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x1)

[  497.731308] FAULT_INJECTION: forcing a failure.
[  497.731308] name failslab, interval 1, probability 0, space 0, times 0
23:24:44 executing program 4:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000040)=""/144)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r14, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r14, 0xae80, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0)
r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r17, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r17, 0xae80, 0x0)
ioctl$KVM_RUN(r17, 0xae80, 0x0)
write$P9_RREADLINK(r0, &(0x7f00000013c0)=ANY=[@ANYRES64=r2, @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES64=r1, @ANYRES64=r2, @ANYRES64, @ANYRESDEC=r1, @ANYRES16=r4, @ANYPTR, @ANYRESDEC=r6], @ANYRES16, @ANYRESHEX, @ANYBLOB="16daa8bf401ebc19c2bcdf1d0ea8cf8b1613baee57875730a21a99c48a06808690060138fb99eeb54214b04ec55c47d97fd94d40d1f50d4fe8ba60419edb5f143521eafa78066b211207c81df400951ab48cf619cb57dc055350b421a4bbd8acb12f26cc4811a3e0ce57acbbfb082c48ee5240b7fdf99d0ca5dd41236caf42afdaa8826c2d89343f8830a5e1a8e3490f92043bb8f72258be16ca528f8b3ca0facf48897498617839b553b65b2993225067515b0563c288c09a5a0cbfa5d39926e962455ccafc13bd271b6b9ee820fdaae7bcd7d51afc33555ba72c40f7432a6a0ea90e98c7e0e271", @ANYPTR64=&(0x7f0000001580)=ANY=[@ANYPTR=&(0x7f0000000180)=ANY=[@ANYRESHEX, @ANYRES16=r7, @ANYRES32, @ANYRES64=r8, @ANYRES16=r10, @ANYPTR64], @ANYRESOCT, @ANYRESOCT, @ANYRESOCT=r5, @ANYPTR64=&(0x7f0000000300)=ANY=[@ANYRES16, @ANYRES32, @ANYRES16=r14], @ANYRESOCT=r11], @ANYPTR=&(0x7f0000001600)=ANY=[@ANYPTR, @ANYPTR64, @ANYRESOCT=r17], @ANYPTR=&(0x7f0000000380)=ANY=[@ANYPTR64, @ANYBLOB="eaa0d372551341255ca44758059c4faf9171aec999bd7f4bf6269120f2c79821460fdf0888ecb93bb5e59464c18a6458032e1c3578b0e8bfa30cd06d155b291be99c0f404c0534d944ee230fe43c2e6ce35a4fb0931315f53e8fc502d6d3fb9d534f98d7c1a6d6b141109f258b4cc2420d28ea467bd5329f030f5d5841a305d2eae94d386b854e96470f8108e8d8a2ce1173a33b3b48a9e1b7f04447cf425f6e4779fcad481253eabc731c6c7c89fcdf269c9b1032654df1c882fc65b697f7c84704d68a3a666cd1de5bf69aeedf17f4c0beb007a092c298c1447f25746f77b1191697dd0134c39906f289be4b4e8643c7f542ec539556e1d752418cd459e2bbe470d8fd1b29ee7b12c43a1e2e0e9d7ecaa6f0ba0c064c5aad85e58856f40e56e386a464f76e5d8cb5f88ba96a48b46f763d7808bdd5a34c71c71876572a13a489d105e43c1acd3caf3ce198f5cc205b2f4a711d3ccdd7a39255746232e60ba4a79d28f4260c851bb32efeb12670aa8cd2bdb319a23c5568064c4694d6e6fe80e4a905d76066bd6dc445468149af9839bfc51245169d6017326b5b45a1ac2bcff825b3f7b92f2c2f445a79437175a2bc13514f129db8d0f3109adede8af54f3cef228ab62a16ca2de990c053fba45d9f21f0d690098f5dfacb28f20d32f7f8ba9c0b2ad3fa1d76f6f42609ad154e38663c9852fb13e4cabd85f9a8c2c9a1ee4e5e732747b8ad06562ba09a8142ff7b769615f8fb427e39297a09acda91d08f48917b128ff26c7d542bffa3a2e8228c0a9c8bbae0e0c0a27b6e3ed9582647001031c7503ea3715392b1fdb3e4eede88262c92a5e8fc8636d461de1f5f9c71380bfb03bcc7307ef33347daad79fe82959d165566c1b2a6577b42444ef179bf91f19bb2c63c065c780b4e9ab0071f3b3f02ae00de7e874826607a95b35cdc73ca82d5cf055e4a4a76a506567b3f82d0190f2947d6460acf246bbf095d4f166c12f50bab2911b9746a1203afbf6a2b4c385d65d969068c5db5ce3c46e902f6017647886e2941165825a50a4c30dae6d5c6092d4047651ba3ff2de6396dd8f075bc80e039459a0e66ce8630a166254cc58015ebfa8459ac069ecfd8280550193ac8c27b6c9f3362af50178570a39bb9a9c54f074182b322b5053e98ab25181160d4a6213369bb14a35aa96df7fc25a7ad8bc80573b3a4d4fa532be5f28a883dd1996c96048fc011eb0148999cfc4e6e3aef02b1ecbdc9cd7cd8a0b92d62036d0cd87923baba5e300f320c73cdeeb8392d2e082e13ba8311a9a9e9d26710083232dfc8d3b3e51b985484d59d5b2da828fdcefacc47ec422c21ed09fa7ab8ae258d75c0ac513cfc5290ead89abdbb84c0c0f8e5b2bec5cc4d0edd705f4a44965129cc1d066bb1c96d49cb7a1383c832b18f3a350c9ab33fde766f58116592d28711a4bf2fe037009548d34388607cdf4d9231cfd1304be352df5ade200e80f01b9b02703876b0ae6f77338860997b01f477dae9b351fda9c2bfa91b3f777ed593b263625b31147dd199acf965a2583a674ac7103e732f7c9fde60dfa216bac5c696fcea3c2cba6c51db507ecc8074cd87b94830818f00d23f4b157b5146768d1efd83807ec47bb0364ad004a05dcf4b26fa177404dd9a9a1fd28ba14a4d2614003a3d5fcf7e525ef5653c5ae6854bffe7ba580b5b799ce2a1cf29e6b3bdbbc91a6108c9fd890e1cc01f5535e3a7f3b630bb2b8c161313eea3aa0b2c1de9ae344351b1949778facb28c51a2b0a105163d1902b7b1de5e9391293a9450fc7dfa4a67c110f0512f9fd8a551c76af8ca514a3a121cd06052742cfbab3934de5af934b60873c7bfb410458bcf15e8ee078ab3c54f9684aa17c3c0c25456fcf499b72026bbe6257dc921301e865b367705264ab59bb91a2a3973020d0c69332d27a49b023caa84a840d3de36d649181093c068b47abe7e4c0866772f0ab29a7d2d18e084f7bc39d21c262818f629aecf5e13037e44d8ac101779e653b8969afc575e1acfaa038a86d99af3e797bf8984772cdc28c0243d3832327584891224d710e88d18026ee10eb3aadcea317c282b00b29040964b9b6bb52dc9998bf0e6246ab61c309344e46d07143fdd5b77ffa0ba1e761715ae0a851fc0c75d2aeec921b188395b158fe2f0300828d976846a13d7008a27476dd57f154251f775f16f0673bcba21861cd1f42017ad2b9934d5008696f5344463afb41c78e13352c50a8d376c9d5097100d3fb6be986d7a059f2977c4d013ca1cbfd0a1c718a71417618f943d9764f18eb71daa32d79f4144ff3afb2c8dbe1f39cd89567601c3d4c859f02f957a28eb7e35d956ff6dea5780bc223d3c605e2382f159bca84222aaba2126acb74e29b46a9bcd67e48371135ee0c0800dd2b730bdeacd8ea388d9f591e0f530d3963be773e708def7402a8c75da2c23e954219b1a87e11bd79f8e31f6908f93e2927878ae27e316b89276a9d606b3192d15bdb7e392ce16b9015897701cc2020a2219fd1295ffbb0f172b12c9572dd1bff3eedbdb477cbe6a251b77e1c035c078a69aa3e7366660e154475ad42bde31e6b86cda577e03231a524dee6b036ff3cadc105d9deb3f50cf0542d603760fa36485a00848fe5bc347e7c2f1db020d23c22c9124ca6def608a6c7a7e7f003be0ee67a971c1ff0991d73e82c876134a342fd29631e6f981a9abf1d0e9bda6618ae36ac9bf60184dad27b1b241448555e95d531c444900ba7afcb6d87de121364cf76ce9e2ce94d54079f19fea568c18651b000f61b5562ba16cda6f230da274b5999800fa55cfff6f46164add26e2f745146e5bedd4ec940743e095b7e0c5fea29750d74124ce4f5d0d1c4b0d44c25e1123eccfb1327a7c590a90a91820f493eeee22f24e3a4ac8222083a03d47a078066ec8064dcce9fb278b546697a01cc0e850b94ce64f42fb942a7ad04840f896945e175ba1ceb4852762f7adb5de0bcd8e79e1f1ce68130b00282c20319f253797eccf9b2ffb393e63fc215e576bfed90dade963ff0a497321c281e26bdd7573e89b0ffdc643b62f213ef2d7b7ad8699e139642709d19b05fa9aef54a5f43addde2833f1d9bc9fdefc35853bb7d07dfd1ab9712d290429b27193a3caefef70c573e45c5e7899ec3f08180932d4d9817734f2d92f492f4ebca1b330bf278d0dd21a3fc2738f203f16eecd306ddb99491033a57291dedf2ea93c59769b4fe90762a5f0c10541ecf23623e07e3fa9fe05526be3eb1d8d9c0ff91fe1e4963af9163567852a1a66353329cf725b10160773d4516a805310d5adf5c2b719965d283fa0a38ac931fb1e2269a4369124b64f0411b3ba0bcf4f349cdb3e38cb8f2dd2901dd7b093ef045457de0a17434ef988ccf6e79bcbab766777f7a88917994017a1bf41a4488d5b3570aa647609ecb697bbb75aa0f7ea454456e939738ce132cb1d7a64bd59c1c4e510ebd50fddb5581bf3de4253c84c4ac8186316d3f88716c9dda1cf474aa5f796e39a3cee0e1249e01b51a3db9dde2077937e06469ad1b8f823b5a717890b0632a0e868a3841a6cddee88b5750981e3a76ddc4ea08f71b250ef226d96b1b6eaef89a995f321f47c712f545a02eaa3d3d6b232a02570588626167a7d7bf34cd2e3c7b155fa510793ed7ddbceff9614702624a27fd5bd3836f90eb8e8cfb66e380d79b549b35cd1771316d24804621a56b95d8f66c081ae6988ad15359089cd01b9a0f5e5ded1d3a012668efc0ab2d2195f2c89fe8db77086a9f0c365af92197850629f82fcefaf395ce89a100af12ecc9e2104c4ef56522dbf2e500571fca9a909c98e4c212132bf4e98abe456bf1839e7e01113f1300f547d538bbb11fef83784067c6f48325ff30592eb4fa8ab49a0311a155ccec069ffbf53f3eca3d96411e696c4ad091e528f3f8204ff1b4e82ec9138ab7347f82a0ea7bbbcb0f976d34e83766a11c3ec4752305e09dbeeb3eacb04920b3d39ce01d3fd369348b661533db015ca5ab9684532079d4b6d469b3c7c11a0696486a9888491cf881b81731534af4d136fa04398c17009325e5b51953d56a6b60eb05eacba8e85ccd30919a40758ef816fe4f02b9c7edb090920be075911b2c0d7ca751cdcb657de14161519174c88ebfc59adcd87fa7e523de602b2ef265625569c834cc778fd9c14e94cec3cef07d53b66041c9121c0e20a11413bee35e507b707a04f155f5c606c8835c36c81b5ea385730299811743b1786cd656faf7baf0576e1726794c4e49f9836067f10db7e9b66ab7701ab76be94e48e2ea878cfd03839ea511dacb9f6c248ed0377fd8d1dbb40fd40460285fe008935b1ab56e69d4e1a5b03012fd21d412684bb71beaedef94b4c07e1ef4eda7ee68491cad12e1c10e59b113d55cd4462f651917f2d0a090ce8a11656632a750d151356cca28b8bc3ef2205f9b0a276d900123c74c7004ca920b4cb2dd9e2efdfbdaced7ac98b9fa6d04d7641b2e958850c6d80fb20c308bb38d2090a4a9216ddaa3a854f4beef8c1a981d4c686b36721e4543ac058db9fe8a36e0a6fee4b35908703a3958a7e7e95cd047d954e47067283de52f59f2bcae698eb50618bee486b1f6a5f12990bb477ffc7c6d398e4e9dab99035b5d24efe9bf5161adf503ee4ff80b702a4a025a06df1c8d9263ffb7c30919e373871f71c01697ca9afa658ae4d715116eb580e910eeb5051cd998e311fff816d45b1c355d5806a4e18941b21c5fc6034fc9bd40b9db9b53bb745e33b8e484aa6786195db252f481a50cf6abc5fa1893e32b7d87d40f512afbe121feb6e73f851ea331c9d5fb036744647ba8e559cfaed4116d23d76673288c8546d2b963110ea9d8083d6590f257f8ddefe469f1048e9a29b8a279f64b156aac9d2ada840bf6f349c6f5ea915424354cfc901c283899181771eea5037502898e5ab1e3eaa2b0afc851bde5395e8a0ec70575027309b3764a85003955ba5b816b959f26e803871abab84f80e15cd5fb151fb22cfed7c7f5c0bf7959b2f31ed83dcec53ce3c7cf3f1ac856106620e59faf712058d71cd7c7d1d89be23b1a881f8fc16c5268334cd98a14246f84f14e87341d4a5c7dd54f11cb150d8ccb702d1e2ed88aab9fbf2ef55d80a6f724930b6e72e0478201c76e32f4841de051f8065c70ac62d053cb4f12bbfc583ce4e4568b2341020749435a3a8d0d05aa7aab337a42864fba4da487cabefe5cb88c26f2478173eec122ac2ebcbcbaca4cbe42062d55b23613ce0b1b806ac949710307b17c9c54edfc2bba78c11c018234ddb1b3bf407369211e4c00e5891b3b81b05027df27bd58acbeb87a5c47824c2bea11c2a53c5c8dc5c94c1865837b11b3c6764b002a8d0279c991587cd9a9446a18ffa83d664b91d1724183cd837abe0490939a1dbdf027cdac1d0028e601b1b2e1aef939841fd94896bd4c30ba8d870470f020a0de74481e480e25756a455ca36c005e871682bbf6f58131ac35bbffccdd2d1d22211c2783b710e978f8b7868513b1256e6e2aa3509be43af652654433771c9200c2fb913ae564390493a50d47f1e9002f23075201ff6017b557c26b5db01e8dbdbcf4a2af8051f35087ffb83853e0e266a5b42bd245cc14b4d5196d1c4040e713230177312b61ee46fef29e59c32e03929e9a0bd53bb0d81bf2e6d67e3745f6173be858c2f0cc211153acf2a2f4d8dcad26fa76bbbdcd62536585e7dc1d420aa09521c57fc957e6421e25f408ffdbe0f79d55688785c085a142ce"]], 0x124)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  497.813590] FAULT_INJECTION: forcing a failure.
[  497.813590] name failslab, interval 1, probability 0, space 0, times 0
[  497.823238] CPU: 0 PID: 26041 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  497.832711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  497.842159] Call Trace:
[  497.844759]  dump_stack+0x142/0x197
[  497.848401]  should_fail.cold+0x10f/0x159
[  497.852562]  should_failslab+0xdb/0x130
[  497.856554]  __kmalloc+0x2f0/0x7a0
[  497.860107]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  497.865559]  ? rcu_read_lock_sched_held+0x110/0x130
[  497.870579]  ? __register_sysctl_table+0xc7/0xe50
[  497.875423]  __register_sysctl_table+0xc7/0xe50
[  497.875437]  ? memcpy+0x46/0x50
[  497.875451]  setup_userns_sysctls+0xbc/0x180
[  497.875464]  create_user_ns+0x79c/0xcd0
[  497.891762]  copy_creds+0x3e9/0x4f0
[  497.891774]  ? lockdep_init_map+0x9/0x10
[  497.891785]  copy_process.part.0+0x868/0x6a70
[  497.891800]  ? save_trace+0x290/0x290
[  497.891809]  ? proc_fail_nth_write+0x7d/0x180
[  497.891817]  ? proc_cwd_link+0x1b0/0x1b0
[  497.891827]  ? __f_unlock_pos+0x19/0x20
[  497.891843]  ? __cleanup_sighand+0x50/0x50
[  497.891853]  ? lock_downgrade+0x740/0x740
[  497.891867]  _do_fork+0x19e/0xce0
[  497.891879]  ? fork_idle+0x280/0x280
[  497.891890]  ? fput+0xd4/0x150
[  497.891898]  ? SyS_write+0x15e/0x230
[  497.891910]  SyS_clone+0x37/0x50
[  497.946203]  ? sys_vfork+0x30/0x30
[  497.949746]  do_syscall_64+0x1e8/0x640
[  497.953622]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  497.958463]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:24:44 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  497.963652] RIP: 0033:0x45a6f9
[  497.966828] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  497.974526] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  497.981782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  497.989037] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  497.996312] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  498.003592] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  498.017135] CPU: 1 PID: 26050 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  498.025056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  498.034417] Call Trace:
[  498.037041]  dump_stack+0x142/0x197
[  498.040687]  should_fail.cold+0x10f/0x159
[  498.044856]  should_failslab+0xdb/0x130
[  498.048842]  __kmalloc_track_caller+0x2ec/0x790
[  498.053521]  ? __debug_object_init+0x171/0x8e0
[  498.058111]  ? setup_userns_sysctls+0x50/0x180
[  498.062705]  kmemdup+0x27/0x60
23:24:44 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000640)={{0x1, 0x0, @descriptor="a7e318d30b6bfd99"}})
fchdir(r0)
sendmmsg$inet(r0, &(0x7f00000007c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000040)="2e18c02ab5e46a2a93a4319443095285e25b8ab738df11eb", 0x18}, {&(0x7f0000000080)="b433d1ef430fff2c98ff18a9be8ca288503157500b2a1849ef9c1c33c7883e73d8d22a4898659d83033b3939e255a0897e86eeff4f31e48c6a5911760fe5f4f9cca5b428c1c254678023cc01563e66859e4a6e1a05f2cec1f63bb45514210f519f666239e0b622e7b2860b2e09f6aa132e567786f1e112aa854208494394ab396bf013053461ecf790ffd3b0031b962bf60b25b72081ca18927f31b4cfc52f4def6e0b846f724a9305bf6b92687de656a9c180ca846cbe46e15a1cecee9c2c75392facc29f144c6c7c24de3c172975349e199c4c91fe64eb03d3904d5444ce4cc4519ccc886cf5d9addd4a4168", 0xed}, {&(0x7f0000000180)="92173fe16dcee3854e1bd160c199886e7ec0db67d04d532a947486200632f6b64d7fc57ab9ec9785", 0x28}, {&(0x7f00000001c0)="1b9d12912fa6463099248e7ba57170ff608609e434baa492c50655ebe96fc535200ebf5f491da2f25ea7ec162b86c2a0fab1bbb8a80dd3a407a2ae465ef2ec7633f2a04fec244e50cb82a129ec16d99a5938a7f52115a022473373b585431a81cc82b2734b40981991236667a8c3fd3d83a40ec893dfba2f355ce7af63965b7d77d09dc7d3b7f6d6e6d1d3eaf2205b631c70a1420c803a386bf0b31cd3e619d2f878d1334ece39e32103def7b0b17d52ca36219669201f0772818ea356e2600fc2e2f59bf187e38162c837c833cbc987", 0xd0}, {&(0x7f00000002c0)="9e9d429c6bfd154e3fbf7e7249ee46c9ba2ab7d73bb1096b9bb9e42647a701c836d552c8f2182bcb4ca272544b2b78c17cbcb7d7999e16e9fc6dbc23966e7cc73af70869f47590ec2c4f2156e893ab2238322a0bbeaaf41e15159e542f60b3b3f1f48d27f478400276cd6465d48bfc3ba96cdbdec3e817a1dbdf5d", 0x7b}, {&(0x7f0000000340)="bf9428a01d7b9f5bf59aea1989330c62e1771bcef33fe8baacd0f6b9c17d546321233cf2d22f9868c208f2d201d5734d6899079438", 0x35}], 0x6, &(0x7f0000000880)=ANY=[@ANYBLOB="b8000000000000000000000007000000440c22661e2511dcd99f94e0072704e0000002e0000002ac1e010100000000e0000002000000007f0000017f000001ac1414180717807f000001ac1e0101e000000100000000e00000024444ee21000000050001000000001000ac1414bbda800000e00000020000000500000001ac14142400000093000000db000000000000000100000000fffffffe89178100000000ac1414bbac1414aaffffffffe000000101000000000000b2dcf093b5474579a60524d03ae9f2ed7882dd2999f9997eb2bf619e471ff6e42fdef4a4bb9011abae66c42d5028c60b3a197d3a454439bd4991a48a9eae5be3f99f"], 0xb8}}, {{&(0x7f00000004c0)={0x2, 0x4e24, @broadcast}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000500)="d4af27b0782e26324751c3cfe64e14c3ea703f5b8a8894936bc6abd6738505ef0f98ba657ef79d6223816c5a94c48d3f54d9347895a2d0240821411568dd9b859f3f0e401cfd954e74052346b46ef0937e038babbac82de92034a00782962aa68cd899dee9dabec98f626e26fabfd7e43a6bbe4c7a303c6ba3267539", 0x7c}, {&(0x7f0000000580)="812283d11c8fd32de1b0a54dd788d3936c75cd8470b61619eef879de4ac844b9118f8c32c85e51e27c839f7bee9ece59a59e147762f965cb4957da965f8f0c710c20d1ce1a29d6147358f0e07cfd57b5eb6264aea1c9c8be136650e8569ab4a14bcc2145434b765ade1a", 0xffffff99}, {&(0x7f0000000600)="a384", 0x2}, {&(0x7f0000000640)}, {&(0x7f0000000680)="8b7817b5ba2f127338a781bb901236a05f8e16fe9c3aafa9ce853f6f66d11ce3d30e9ca3fa8148cc38dbc3a5af16bf60b2721c3fb5a4f8d5e13130f90e25ad59b9ad5751151475fa82893cce42cba698de692ecc60b18e1cf32bc5b3277a1e6b4bb13355e39da541c153cae52d681d15dfc72a0f603b0294476b50d77783915a5c3e3edfeccb544055", 0x89}], 0x5}}], 0x2, 0x80)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000840)='/dev/video35\x00', 0x2, 0x0)

[  498.065907]  setup_userns_sysctls+0x50/0x180
[  498.070339]  create_user_ns+0x79c/0xcd0
[  498.074332]  copy_creds+0x3e9/0x4f0
[  498.077971]  ? lockdep_init_map+0x9/0x10
[  498.082042]  copy_process.part.0+0x868/0x6a70
[  498.086546]  ? save_trace+0x290/0x290
[  498.090338]  ? proc_fail_nth_write+0x7d/0x180
[  498.090346]  ? proc_cwd_link+0x1b0/0x1b0
[  498.090357]  ? __f_unlock_pos+0x19/0x20
[  498.090373]  ? __cleanup_sighand+0x50/0x50
[  498.090383]  ? lock_downgrade+0x740/0x740
[  498.090395]  _do_fork+0x19e/0xce0
23:24:44 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r1, 0x0, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x105046, 0x72)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
r3 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x9, 0x701480)
ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000000000)=<r4=>0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r6=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r6, 0x0, 0x0)
setresuid(r1, r4, r6)

[  498.090407]  ? fork_idle+0x280/0x280
[  498.118452]  ? fput+0xd4/0x150
[  498.121653]  ? SyS_write+0x15e/0x230
[  498.125382]  SyS_clone+0x37/0x50
[  498.128790]  ? sys_vfork+0x30/0x30
[  498.132344]  do_syscall_64+0x1e8/0x640
[  498.136243]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  498.141102]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  498.146297] RIP: 0033:0x45a6f9
[  498.149493] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  498.157299] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
23:24:44 executing program 2 (fault-call:0 fault-nth:7):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:44 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  498.164581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  498.170974] audit: type=1800 audit(1575674684.706:102): pid=26070 uid=255 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.5" name="bus" dev="sda1" ino=16733 res=0
[  498.171917] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  498.171923] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  498.171935] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:44 executing program 3 (fault-call:0 fault-nth:6):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:45 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000000)={0x2, 0x7ff, 0x5})
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
ioctl$VT_WAITACTIVE(r1, 0x5607)

[  498.294643] FAULT_INJECTION: forcing a failure.
[  498.294643] name failslab, interval 1, probability 0, space 0, times 0
[  498.317627] FAULT_INJECTION: forcing a failure.
[  498.317627] name failslab, interval 1, probability 0, space 0, times 0
23:24:45 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  498.358507] audit: type=1800 audit(1575674684.946:103): pid=26070 uid=255 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.5" name="bus" dev="sda1" ino=16733 res=0
[  498.389427] CPU: 1 PID: 26081 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  498.397365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  498.406726] Call Trace:
[  498.409330]  dump_stack+0x142/0x197
[  498.412982]  should_fail.cold+0x10f/0x159
[  498.417154]  should_failslab+0xdb/0x130
[  498.421143]  __kmalloc+0x2f0/0x7a0
[  498.424713]  ? lock_downgrade+0x740/0x740
[  498.429395]  ? find_entry.isra.0+0x1e0/0x1e0
[  498.433837]  ? __register_sysctl_table+0x79b/0xe50
[  498.438794]  __register_sysctl_table+0x79b/0xe50
[  498.443928]  setup_userns_sysctls+0xbc/0x180
[  498.448363]  create_user_ns+0x79c/0xcd0
[  498.452360]  copy_creds+0x3e9/0x4f0
[  498.455994]  ? lockdep_init_map+0x9/0x10
[  498.460070]  copy_process.part.0+0x868/0x6a70
[  498.464574]  ? save_trace+0x290/0x290
[  498.468371]  ? proc_fail_nth_write+0x7d/0x180
[  498.472861]  ? proc_cwd_link+0x1b0/0x1b0
[  498.476920]  ? __f_unlock_pos+0x19/0x20
[  498.480901]  ? __cleanup_sighand+0x50/0x50
[  498.485143]  ? lock_downgrade+0x740/0x740
[  498.489296]  _do_fork+0x19e/0xce0
[  498.492751]  ? fork_idle+0x280/0x280
[  498.496468]  ? fput+0xd4/0x150
[  498.499661]  ? SyS_write+0x15e/0x230
[  498.503374]  SyS_clone+0x37/0x50
[  498.506733]  ? sys_vfork+0x30/0x30
[  498.510271]  do_syscall_64+0x1e8/0x640
[  498.514163]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  498.519015]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  498.524206] RIP: 0033:0x45a6f9
[  498.527396] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  498.535101] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  498.542374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  498.549655] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  498.556961] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  498.564246] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  498.571543] CPU: 0 PID: 26086 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  498.579453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  498.588809] Call Trace:
[  498.588825]  dump_stack+0x142/0x197
[  498.588842]  should_fail.cold+0x10f/0x159
[  498.588856]  should_failslab+0xdb/0x130
[  498.598153] sysctl could not get directory: 
[  498.599191]  __kmalloc+0x2f0/0x7a0
[  498.599205]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  498.599217]  ? rcu_read_lock_sched_held+0x110/0x130
[  498.599228]  ? __register_sysctl_table+0xc7/0xe50
[  498.599239]  __register_sysctl_table+0xc7/0xe50
[  498.599249]  ? memcpy+0x46/0x50
[  498.599262]  setup_userns_sysctls+0xbc/0x180
[  498.599275]  create_user_ns+0x79c/0xcd0
[  498.599294]  copy_creds+0x3e9/0x4f0
[  498.599304]  ? lockdep_init_map+0x9/0x10
[  498.599315]  copy_process.part.0+0x868/0x6a70
[  498.599329]  ? save_trace+0x290/0x290
[  498.599337]  ? proc_fail_nth_write+0x7d/0x180
[  498.599344]  ? proc_cwd_link+0x1b0/0x1b0
[  498.599354]  ? __f_unlock_pos+0x19/0x20
[  498.603549] /
[  498.607880]  ? __cleanup_sighand+0x50/0x50
[  498.611476] /user -12
[  498.616833]  ? lock_downgrade+0x740/0x740
[  498.634591]  _do_fork+0x19e/0xce0
[  498.642967]  ? fork_idle+0x280/0x280
[  498.642979]  ? fput+0xd4/0x150
[  498.642987]  ? SyS_write+0x15e/0x230
[  498.642997]  SyS_clone+0x37/0x50
[  498.643003]  ? sys_vfork+0x30/0x30
[  498.643015]  do_syscall_64+0x1e8/0x640
[  498.643022]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  498.643037]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  498.643045] RIP: 0033:0x45a6f9
[  498.643050] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  498.643060] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  498.643064] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  498.643069] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  498.643074] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
23:24:45 executing program 1:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = semget(0x1, 0x6, 0x100)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000000)=""/228)

23:24:45 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  498.643079] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  498.680377] CPU: 1 PID: 26081 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  498.680385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  498.680389] Call Trace:
[  498.680406]  dump_stack+0x142/0x197
[  498.709457]  ? trace_hardirqs_on+0xd/0x10
[  498.719479]  __register_sysctl_table+0x762/0xe50
[  498.719498]  setup_userns_sysctls+0xbc/0x180
[  498.719512]  create_user_ns+0x79c/0xcd0
23:24:45 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000000))

[  498.744958]  copy_creds+0x3e9/0x4f0
[  498.744968]  ? lockdep_init_map+0x9/0x10
[  498.744979]  copy_process.part.0+0x868/0x6a70
[  498.759525]  ? save_trace+0x290/0x290
[  498.759534]  ? proc_fail_nth_write+0x7d/0x180
[  498.759544]  ? proc_cwd_link+0x1b0/0x1b0
[  498.784047]  ? __f_unlock_pos+0x19/0x20
[  498.784066]  ? __cleanup_sighand+0x50/0x50
[  498.784077]  ? lock_downgrade+0x740/0x740
[  498.784094]  _do_fork+0x19e/0xce0
[  498.784105]  ? fork_idle+0x280/0x280
[  498.847829]  ? fput+0xd4/0x150
[  498.847840]  ? SyS_write+0x15e/0x230
[  498.854734]  SyS_clone+0x37/0x50
[  498.854744]  ? sys_vfork+0x30/0x30
[  498.854756]  do_syscall_64+0x1e8/0x640
[  498.854766]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  498.863447]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  498.870839] RIP: 0033:0x45a6f9
[  498.870844] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  498.870853] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  498.870857] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  498.870861] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  498.870866] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  498.870870] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:45 executing program 4:
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x4, 0x0)
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000040))
clone(0x20000000, 0x0, 0x0, 0x0, 0x0)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x5)

23:24:45 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000000)=""/213, 0xd5)

23:24:45 executing program 2 (fault-call:0 fault-nth:8):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:45 executing program 3 (fault-call:0 fault-nth:7):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:45 executing program 1:
clone(0x8000000, 0x0, 0x0, 0x0, 0x0)

23:24:45 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r4, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:45 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fcntl$setflags(r0, 0x2, 0x3)

[  499.098503] FAULT_INJECTION: forcing a failure.
[  499.098503] name failslab, interval 1, probability 0, space 0, times 0
[  499.101124] FAULT_INJECTION: forcing a failure.
[  499.101124] name failslab, interval 1, probability 0, space 0, times 0
23:24:45 executing program 1:
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0)=<r0=>0x0)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
r2 = perf_event_open$cgroup(&(0x7f0000000140)={0x3, 0x70, 0x1, 0xf9, 0x7, 0x80, 0x0, 0x8, 0x80000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb2a522a, 0x5, @perf_bp={&(0x7f0000000100)}, 0x2, 0x5, 0x3f, 0x7, 0x1000, 0x34db, 0x9}, 0xffffffffffffffff, 0x3, r1, 0xc)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xff, 0x8, 0xff, 0x8, 0x0, 0xffffffff, 0x8, 0x4, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x2, @perf_bp, 0x0, 0x4, 0x800, 0x5638728339e67af3, 0x2, 0x7fffffff, 0x7ff}, r0, 0xf, r2, 0x1)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  499.176577] CPU: 1 PID: 26140 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  499.184525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  499.193975] Call Trace:
[  499.193993]  dump_stack+0x142/0x197
[  499.194012]  should_fail.cold+0x10f/0x159
[  499.200247]  should_failslab+0xdb/0x130
[  499.200259]  __kmalloc+0x2f0/0x7a0
[  499.200273]  ? lock_downgrade+0x740/0x740
[  499.200285]  ? find_entry.isra.0+0x1e0/0x1e0
[  499.200297]  ? __register_sysctl_table+0x79b/0xe50
[  499.200310]  __register_sysctl_table+0x79b/0xe50
[  499.230185]  setup_userns_sysctls+0xbc/0x180
[  499.234612]  create_user_ns+0x79c/0xcd0
[  499.238611]  copy_creds+0x3e9/0x4f0
[  499.242456]  ? lockdep_init_map+0x9/0x10
[  499.246541]  copy_process.part.0+0x868/0x6a70
[  499.251061]  ? save_trace+0x290/0x290
[  499.254867]  ? proc_fail_nth_write+0x7d/0x180
[  499.259553]  ? proc_cwd_link+0x1b0/0x1b0
[  499.263625]  ? __f_unlock_pos+0x19/0x20
[  499.267614]  ? __cleanup_sighand+0x50/0x50
[  499.271846]  ? lock_downgrade+0x740/0x740
[  499.275988]  _do_fork+0x19e/0xce0
[  499.279431]  ? fork_idle+0x280/0x280
[  499.283143]  ? fput+0xd4/0x150
[  499.286345]  ? SyS_write+0x15e/0x230
[  499.290045]  SyS_clone+0x37/0x50
[  499.293397]  ? sys_vfork+0x30/0x30
[  499.296925]  do_syscall_64+0x1e8/0x640
[  499.300801]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  499.305681]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  499.310867] RIP: 0033:0x45a6f9
[  499.314046] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  499.322013] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  499.329391] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  499.336670] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  499.343939] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  499.351205] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  499.358481] CPU: 0 PID: 26139 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  499.366389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  499.375780] Call Trace:
[  499.378378]  dump_stack+0x142/0x197
[  499.382031]  should_fail.cold+0x10f/0x159
[  499.386184]  should_failslab+0xdb/0x130
[  499.386193]  kmem_cache_alloc+0x2d7/0x780
[  499.386205]  ? selinux_is_enabled+0x9/0x50
[  499.394306]  ? creds_are_invalid+0x48/0x110
[  499.402914]  __delayacct_tsk_init+0x20/0x80
[  499.404887] sysctl could not get directory: 
[  499.407263]  copy_process.part.0+0x1a6c/0x6a70
[  499.407283]  ? save_trace+0x290/0x290
[  499.411795] /
[  499.416249]  ? proc_fail_nth_write+0x7d/0x180
[  499.420078] /user -12
[  499.421742]  ? proc_cwd_link+0x1b0/0x1b0
[  499.432660]  ? __f_unlock_pos+0x19/0x20
[  499.436627]  ? __cleanup_sighand+0x50/0x50
[  499.440853]  ? lock_downgrade+0x740/0x740
[  499.444997]  _do_fork+0x19e/0xce0
[  499.448439]  ? fork_idle+0x280/0x280
[  499.452294]  ? fput+0xd4/0x150
[  499.455486]  ? SyS_write+0x15e/0x230
[  499.459201]  SyS_clone+0x37/0x50
[  499.462568]  ? sys_vfork+0x30/0x30
[  499.466111]  do_syscall_64+0x1e8/0x640
[  499.470008]  ? trace_hardirqs_off_thunk+0x1a/0x1c
23:24:46 executing program 1:

23:24:46 executing program 4:
clone(0x410100, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x220101, 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21}, {0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x0, {0x2, 0x4e21, @remote}, 'ip6erspan0\x00'})
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000080)={'team0\x00', {0x2, 0x4e23, @multicast2}})

23:24:46 executing program 5:
clone(0x787467f2cfa9d9c, 0x0, 0x0, 0x0, 0x0)
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff9)
keyctl$clear(0x7, r0)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
r2 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r2)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f00000000c0)={0x42d, <r3=>0x0, 0x2, 0x401})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0x1f, r3, 0x10000, 0x7})

23:24:46 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  499.474892]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  499.480101] RIP: 0033:0x45a6f9
[  499.483293] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  499.491022] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  499.498321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  499.505588] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  499.505593] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  499.505597] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  499.517395] CPU: 1 PID: 26140 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  499.535601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  499.544959] Call Trace:
[  499.544975]  dump_stack+0x142/0x197
[  499.544988]  ? trace_hardirqs_on+0xd/0x10
[  499.545006]  __register_sysctl_table+0x762/0xe50
[  499.545021]  setup_userns_sysctls+0xbc/0x180
[  499.564516]  create_user_ns+0x79c/0xcd0
[  499.568506]  copy_creds+0x3e9/0x4f0
[  499.572142]  ? lockdep_init_map+0x9/0x10
[  499.576214]  copy_process.part.0+0x868/0x6a70
[  499.580724]  ? save_trace+0x290/0x290
[  499.584538]  ? proc_fail_nth_write+0x7d/0x180
[  499.589038]  ? proc_cwd_link+0x1b0/0x1b0
[  499.593111]  ? __f_unlock_pos+0x19/0x20
[  499.597094]  ? __cleanup_sighand+0x50/0x50
[  499.601449]  ? lock_downgrade+0x740/0x740
[  499.605702]  _do_fork+0x19e/0xce0
[  499.609155]  ? fork_idle+0x280/0x280
[  499.612859]  ? fput+0xd4/0x150
[  499.616051]  ? SyS_write+0x15e/0x230
[  499.619753]  SyS_clone+0x37/0x50
[  499.623104]  ? sys_vfork+0x30/0x30
[  499.626636]  do_syscall_64+0x1e8/0x640
[  499.630597]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  499.635428]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  499.640601] RIP: 0033:0x45a6f9
[  499.643774] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  499.651478] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  499.658760] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  499.666028] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:24:46 executing program 2 (fault-call:0 fault-nth:9):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:46 executing program 4:
openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x0, 0x0)
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f00000000c0)=""/122)
pipe(&(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:46 executing program 1:
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='\x00', r0}, 0xa)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  499.673646] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  499.681028] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  499.735692] FAULT_INJECTION: forcing a failure.
[  499.735692] name failslab, interval 1, probability 0, space 0, times 0
[  499.823560] CPU: 0 PID: 26167 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  499.831498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  499.840862] Call Trace:
[  499.843466]  dump_stack+0x142/0x197
[  499.847116]  should_fail.cold+0x10f/0x159
[  499.851308]  should_failslab+0xdb/0x130
[  499.855313]  kmem_cache_alloc+0x2d7/0x780
[  499.859523]  copy_fs_struct+0x43/0x2d0
[  499.863593]  copy_process.part.0+0x3974/0x6a70
[  499.868170]  ? save_trace+0x290/0x290
[  499.871959]  ? proc_fail_nth_write+0x7d/0x180
[  499.876524]  ? proc_cwd_link+0x1b0/0x1b0
[  499.880587]  ? __cleanup_sighand+0x50/0x50
[  499.884808]  ? lock_downgrade+0x740/0x740
[  499.888942]  _do_fork+0x19e/0xce0
[  499.892394]  ? fork_idle+0x280/0x280
[  499.896098]  ? fput+0xd4/0x150
[  499.899276]  ? SyS_write+0x15e/0x230
[  499.902985]  SyS_clone+0x37/0x50
[  499.906331]  ? sys_vfork+0x30/0x30
[  499.909858]  do_syscall_64+0x1e8/0x640
[  499.913740]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  499.918573]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:24:46 executing program 3 (fault-call:0 fault-nth:8):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:46 executing program 5:
clone(0x4019000, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=<r0=>0x0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000040)={0x100000001, 0x1, 0x7}, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}])

[  499.923744] RIP: 0033:0x45a6f9
[  499.926926] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  499.934617] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  499.941873] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  499.949145] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  499.956407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  499.963665] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:46 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @local}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000000)={0x8e, @time={0x77359400}, 0x63, {0xba, 0x2e}, 0x2f, 0x2, 0x7})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:46 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:46 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x104000, 0x0)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080)='devlink\x00')
sendmsg$DEVLINK_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x715c0b6dd924d857}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r1, @ANYBLOB="860425bd7000fedbdf2501000000100001006e657464657673696d000000100002006e657464657673696d300000100001006e6574000000000000020000100002006e657464657673696d300000080001007063690014000200303030303a30303a31302e3000000000080001007063690014000200303030303a30303a31302e30000000000800010070630d0014000200303030303a30303a31302e3000000000"], 0xa8}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000200)='/dev/input/event#\x00', 0xffff, 0xadbc719bf9188c97)
ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000240)=0x2)

23:24:46 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000040)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'ean0\x00'})
getgid()
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000000))

[  500.036815] FAULT_INJECTION: forcing a failure.
[  500.036815] name failslab, interval 1, probability 0, space 0, times 0
[  500.092762] CPU: 0 PID: 26193 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  500.100707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  500.110072] Call Trace:
[  500.112664]  dump_stack+0x142/0x197
[  500.116317]  should_fail.cold+0x10f/0x159
[  500.120469]  should_failslab+0xdb/0x130
[  500.124435]  kmem_cache_alloc+0x2d7/0x780
[  500.128584]  ? __sanitizer_cov_trace_pc+0x31/0x60
[  500.133415]  ? selinux_is_enabled+0x9/0x50
[  500.137650]  ? creds_are_invalid+0x48/0x110
[  500.142066]  __delayacct_tsk_init+0x20/0x80
[  500.146732]  copy_process.part.0+0x1a6c/0x6a70
[  500.151305]  ? save_trace+0x290/0x290
[  500.155089]  ? proc_fail_nth_write+0x7d/0x180
[  500.159572]  ? proc_cwd_link+0x1b0/0x1b0
[  500.163623]  ? __f_unlock_pos+0x19/0x20
[  500.167600]  ? __cleanup_sighand+0x50/0x50
[  500.172078]  ? lock_downgrade+0x740/0x740
[  500.176212]  _do_fork+0x19e/0xce0
[  500.179652]  ? fork_idle+0x280/0x280
[  500.183367]  ? fput+0xd4/0x150
[  500.186561]  ? SyS_write+0x15e/0x230
[  500.190277]  SyS_clone+0x37/0x50
[  500.193625]  ? sys_vfork+0x30/0x30
[  500.197149]  do_syscall_64+0x1e8/0x640
[  500.201020]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  500.205850]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  500.211032] RIP: 0033:0x45a6f9
[  500.214215] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  500.221906] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  500.229162] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  500.236421] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:24:46 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'bridge_slave_1\x00'})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x20, <r1=>0x0, 0x9e7af396ef16e41b, 0xae09})
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x40000, 0x0)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f00000000c0), &(0x7f0000000180)=0x4)
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000040)={0x0, r1})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
close(r0)
r3 = syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x2, 0x2)
sendmsg$nl_route(r3, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@getneightbl={0x14, 0x42, 0x200, 0x70bd29, 0x25dfdbfc, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x24004800}, 0x1000)

[  500.243672] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  500.250945] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:47 executing program 2 (fault-call:0 fault-nth:10):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:47 executing program 3 (fault-call:0 fault-nth:9):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:47 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
gettid()

23:24:47 executing program 4:
memfd_create(&(0x7f0000000000)='nodeveth1\x00', 0x8)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:47 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x802, 0x200000)

23:24:47 executing program 1:
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000001440)=<r0=>0x0)
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0x2, 0x6, &(0x7f0000001380)=[{&(0x7f0000000080)="132fd82ea1d3616b2665cdf86957915e8c01ead0b0fa0c2ae4385ddbddf562c7ed4a0560042c4ef353e5e7bb1f7f6c86208f4563f67c892867800aaf4bcf6af2281b0e0f4943b231478afd29c40d4a139c3ecd3f4ee88750648ca569124924edbc4d8dfe68b3cb165803eb0df1b9464ff142f923fdf833c7d990556d207dbf63e4eebc8398010f7b70d81b56248bd31babc63021d96bd2b4506ed21b2c42c13423ad7db962c09666669b5149c85d89de6b65e2b70cb4271fec8d7967bb62a235a8827c782647d9fbb2ea5c0a0df1cec07e6437cb536228dda8089d0d3dba5c9cd81d11ae6fc545a08862c33c10e0d09c645cf287088deb4cb1d988477a15d7255eed260a3399f8f07c7016dfcd2d47355020db7f4811d62c62079c39a104848522befb41b7910cc31ae2d4f7327cad53a457af7cb61f7464871868282da87c9ef4b639d192f6d2f0129d14ec308cf1cdc7e392c2f98db7f1c00ae44381b8ae403df081cf53e37a27e27c14156bac0ea98d2fa59b84a30fa116a64107bf2501bfdaab136d777add968370fe3494288503859a683222ef78a8b5b40650702a2c5cdb7491fb54f33eef1e3646f35c7ce0be755e5f0f9d6b33a8d8df7b22f1e35011231dacb7ea6f18886ae8d15fc4b755f0423b78399a8d9390d4b02c4e4c350cfd344a7ee4da14c62459b226ffa9ebcb39e32c5393e21b44d067d9b9a1dbafa7430c1641301b59bddbdbf43f5df559623c93bafd52cc6dc116b04fca850399e523e7520c69ad3df258c8331aab38f63857c553a301a3ba1b50639c2b518b33dc35e531d45efaf4a9ce0ac42104837cbf10c4650bfffb3c4774c42a7cb1b05f5f05fca01134965af9dd578d034d9b13163a4127c031c95f0e5e5f3f57f20bce74fbf4928fa9c7d2976287fd6261862cab224f1f0e09ea00a345178d204904fe1bae1f93a9b275d521bf32b3decb5eba3ec89aa9b4e0e3db43a37cc4a0583d80699d0c035cc7c269828bacc3ec6cdb373242541d40aaaf1d37f119bf55f2dc841a3adefebf113ba9090368f00750d92050b7c4656b574facc816922ccd52416a1fefe660e6b6537881ab6cb92382fe658d13a8eecd4ee44379a969555cfbc0978e0abe10322499a56973000d5ad876d15963871e1d60cbd51a9b606540586695931175d60112c6e95aa4b227d93c315bcf4191d7b9ddebe5415aa7920b9b195ba11efdea6f3e99f32dc3e4da0a49dff895b025d82059456d865be5f3c6a5511f9838f93c6977c2d523294134368a6eb8221853a40f46c83c371e7bef268f0903cba0d888f1a100bcf1b6e22c7950d5f5cbe391b156a3402dc6e1ca16f660830cfb7bb91b7907c45d02262090d90c054b2af6ccb19ee06bd10a9932eecbac91ddf60ded678ab8258db4ba6117f4e91b62879fd44731e100b351beb86f41777b057c2c2c5660c04b8e9ce74dd91f29ce2128944d467083228721598ae7db14654f76b13155a6b7bdfccce3923bb420b21588d146374accb12c353e242d5ba60d83cf8eae0503f77492fa744d8665ea4331ce773ec86ae42d0bbac27d6cc9b4ecd99edc57d208d536a9c11c4fe7f001f57c9734d8fb3d3bab5a0add13ae600ee3c41b7c023241cd9738c54e8eff9fff9c8a765d8c9d3e0c32dd2687c56c86c1bd4bee074a2802093a720a41e29cf3aa0bc9138f05e487ecdd4730b6e15fdd2aaf34fac783a3e5edfd390b1d6fce6492739a473ca3794c4267d3bc62657883e5da79471e895c5b66b302349197954f52d93dff452dfc7174b9c8d2cb488260f8e83611a6337ef9a7b622728471963a9f32b9ce16d6e036439b8f3218abed315daa38be3598aa0e32eca513cd1d7654b74c9891cace720056d4f5eee5a3e72e91a4cd5066d006488576ba309e2e2b7e34c65e3b93f31a5d53a33da98ca01bd9a7546321b5d8247fbe5cafb6267ba1eec81979ec47cb2421ed18b0522b72abe3b099838756450b1fd6e015ce0bea6d86d7e03d28a29b1f930da3b2d426b4cf5705952f9cec348eb004f68d82d9af9ea9b81d8d8d7fdf0305eeef7bcdb2d4ee380d05ade7117a742221e00b0b1491eba9bd2245e420a0a3fd2b5a8494f0113673b5b10bd340790cf10f188afcfd979c02f29dfc929bc298a224a2eb20af81bd255855a4ddd8ce1e9d7130aa7fb5f7c1d235edb319a358892239d47d033d9a68f7beac2d3587324fe7fba19eb553a984f936a8d52e8be6368b7904f73e45bbe923e59443a57f31582a25e388af50fc97d149f32b6d24ad01e74938c779e80d70a3f93a438a67ea53daa8e14024f665c045a7c87df86efc48a8a1457e09400e57b55317902b1d9d72dcdfeae493e56626cc95c62155cd8d8fd7d0031653f2384614945aafcbd6a79e1708a09d2722ad1ab99b3764a6dab49f72de10b04f004578539691bc6ae452e8d83c97b0981c9ac4ef2d899ce2c00cb7b0ce7beae81ec3f1f98d823dc1e653e170946420d323f0b0360f4028695fddb71924ed3e12c26a1d5ec03e8c04dcc3c5a2dd97ad2d034c756731216933e2bc560b7bb961606014d5ec826ae87b9d463e762072df9b720bfefa6a58f36ad8017e914ece5d001acb2d69d4b0f0f3b8e7429c3f7c3989d5db0a3bfc239489d37ca2cde3eeb654f7d25c90b98004d2a0a3a7a89e6bab4bea7f4810d6b308596148209676371458cfe3971defdf87b290190a7b9446594b27b7630e02eca95af98f9ec8b0d4d8c936cd94b77063168825d4d6144d8b34b4821db67adbf29543bff104f1bb45492ac73d86c10efe58197eff335dce8dc6d6cba133416d107d04350973d5f1eceadc0ac87d7588b111f227cb2c8e91e34af6d38c4ac8d9caaae05d06e6ef1446394688f347b5cb3edd149ded8ebc0fb16f17c16014d57b4ecb0be4e0c8b39159645f01f184836dde097bad57de77eb86c475f14cbd920fc74f091b40436ad1a407d0ada87eb4ac762c34e3e5f38daad9cb5a97b7ce1f07d1428cb6518a673e2a9de80a93006391a0006c58f11a14fd8e6d6b4bb9a5927e6d99a82b29c5e07d1c6fe8e6537607bd03e8908bb1301c3714ed670154ddcec6c40e1399c6a4847f8c849f0710db48a34691298c52b9c4ac398328c5ce9edeab9cd03b3626bc204c15041cc2f2c1b0b51e7dfd2d12cbadd3fb693f8f88832e8a8cf6c715c6a7d4a34d9607e522568758fd3b9ba1a7e552bfd580cf423194133baa06df80b7a3fd91a7363c2e19a1de2289968188fb1dee8fb16d5bf4a3ade3ec2fe5b7c93d5f6cccbf006f5d3ab4aa6638b8b05eccb9044a41f181fac6e0b20c09c0ca886407adf3d66fe339e3454a154d89355cfdb1d8cff1782ac05ddf8ef5d4df8b129bfe177be8eb8dc5b4158e5e93d51f4f7cf367feeb58a03480fa3185fbd4e329aefc96cd5eeecd8021a628fc66e937ee69a0e6525cb8e2f3e54ee160b06ec1910a437eea951408322ebeb17eb7b8c7fadc63e400b8155a7a124cd76c38cf65a52f1f9db2628e7bfb225e585eb06f70deddcf5a8cf760ef9c0b039763bd78df454ea941e5e753382227a5720e123f87e020413c1bfd98bebf483159740258342a3f709626989eb69cd7e8057751322cb357cbf188c55cb85ae5947cd1b8cc56728cedd834d8db35997a64bbe2454964b6fc9a2ef99396cb10917b21bae43ceeb9d2a2aaf1341dfc4a783b69631efce896b4f299903dcd437083ab1f15bf2de63c43ecc51f0838011d0812aacdd2e97d79a0570ec8ea00adeed98a91dd299fbaff182f84c0634b5991b90368108e76813a0826e81d92d4e0193db3b5f04b6f047732d3718a592d658b7299fa578ce451a68598ed58b6f0acbf014ec582c1436f188443a20f9da120ed7a75de786ca42756c0441d2b20ced935a0b4dcc6f8589a9aa4bd4c77fbe047431312c09b4c4e0390756ae156d24f558d00f56c371d25d94e85a4c1c89f9c9fce9a91d49f062ce486e4041cd0aac064853bb694a1478c69526f7718068de21eab1b96499b4fb6fa683e3ac1d49d186bbd1ca8ee48d90c5e2a5ed13e7b909a7cee6718d41ff57fdd969e24627f7104602ddf8c76136afd7d9f3ab18440c77afb5d1162cea8ac41b5e25a327c768c632ca4cbebffd9b28ab2bad90c24cec95a5de8a283f1c996d9fe87b81d7ac6b1e44620716b1071d159ffe642b519bf8c750dc45f88c8027981cb01290aa2630384edc26a018fcf3718f7eca59c13d64443b561d590ac5958e092eb0cec418d673ed6a0e8acfad94c4fced65356127c1aee4efadbc8b043af2f47033b8a0fa930ddd32c91f47271090de00ed3f455766adb82844bb17423f0e420b5b169a47addf916b11b72fd0c6f6bd214a582b67f5e25bb86e393144410b86b4722ca0310677d7f2aafb2fa07132efb4811801fa928d63a92638fb7008760ec7e6c9aec3b144e59c41fc18cd7772aaa1d06354bfa1d28a03816e403c84696b0d46b2b3a4a9c80d4e1f18e33867502b442cf32665552c2fda60886ce44221641af550805b765956aee64c43ed5058493d029620eaee4ad2fbe5bdbcf2e6eb9efb3d9db46578cd0e6916f7f9e883060bd0feeef29ab9b04a1f6d514ce62b8b5919744b465fed6f1318eeb666dd6f913e0ab1b91aca5d9c0cf8fa450bc8950ce8ad6fc3c73a450fb088cae90b8fcb2b3a679d7ac1569d6956946c68b4cfe555bb465a6c04c0b66179b83d3113435675ffda5f95378421bfee69127f9ea6ab197c19258c3add74d385a5c3ac05a0c9daa5310046f41fef0aec0923c6f4d465517bf71b3f2d6f2f87d633a88cfc7d42661ae71232e628cd7b41df356f46093035cb08f212305f5ba82addbeeaa854b54afe91f4b8332c72cbb2bf0773a29833d706bf27c9006046dbd80194ff7cfa75081419f8194849651e183d20739e33455e31b32f48be27fb245db0e4ad2ee392ceb592a655d1c0ed1882df7f33d284bcae54217416b66b60fc7a86ce2d5ee81ec6a706ba368832e5834d9d412dc3003b0f79a98c895585e8a1fe141fbb4c18de24fb4cc8c16fb001a5ebf68157793327d7eb5d0837a0f19edc458d347555b83164c485a01ba96904f1c787013806a8d16fa4b0a913ae1e080f19fce3d21d336b9806d15e96a3fc8c69b333625eb03093be4ae8e9b141872dcc4db5187afe0575436259266096840cd7a02afecfdf3b7b946165fdbc8a84086ee6638655301d0fed5715611d8a2641b7608916f03ee9603c0f70bea4f939a44abe5dba271423db239b97c729c392edaa850e3a907f857073d00ae396ed099e5aba6a39394105b5eff0021674086ffa8537ef1f24e9a35cfdcbfc4559fa7b98ea56a1e8626c49e4d7e28114aa7c0b8780c6eb1f3b01a11982d1ac673a920e8c3c3223e9851b2358843c7c4fbd7443c0cb9de3c1ccae33047d2038da8d36d88d000ef2ee7b300c4923b8da4bfad25ab1e8fbb2ee816b71339a8e48c0f67b86d8280ab63d7815664a0f6a5669b3de0bba15081431ffaab2404445669515c0f90c3ce28e1c6dde7b6bde25d863bb17eef08450ba1ddd3ae36b2099bcc53b314cf5869fed6c021335b17b6eb0fb3530ac43e6c808d3250bdb267bf68c91abfb0f09c76d24352c90f8c4157d0fb7a2c4d8449053e224af0b8975471aa6c6f488e32ac3ee3d8b370db1eb8b5ae23dd9bfaa84d029ffc97f32714b80f8f22456d354082552f6c9b7899efe5b9fc0b478867d474ba96e159b0aa020eb870a4a251ab2e75f925bea9c3576b93dacc9b5af83f71ca47952a777c850718a375bc", 0x1000, 0x7ff}, {&(0x7f0000001080)="0a030f1ba0fc68eac4e13e10fdf8", 0xe, 0x401}, {&(0x7f00000010c0)="0f25633472c7fc9d03d697a47ea91487f5929511a15c55be400785065b3b8f6efbf39c6ada82917cf8e0878d74b910e37f4d5d29ef83363d595a10653473b3e1004bca6bb4611953f73857c583fa649d86ea4364ebd0d912562bae495563c17c4a94338bb6de3bbdaf05877732d4d551345988768ccfacf72e55d34b70efe56c10939e2a482456c5d12a480ccd7a041075d8895cadafedcfd6a7289464cf158aeb86db8096b43b055098c425e92965a1fae8d151b68ae79e708a0e9db0dcc4e65adb22ac805a9538539bed5c3bc7", 0xce, 0x3}, {&(0x7f00000011c0)="c6dccfc5a11a5fa8938905092a91251d71ea28be88d8e30719c5ddfcd6ddfe4a00d8ba77a940d3ebda645208927d6fe47a1c7f0931ae4c49d1e69e76d0dedc40e178f04e1de830d1986f8830157b59d4c49aee0ff23d0d4a23008a453f30a823b9bead46db10cf607746b9b6edd62e2adfb21ef05a1ea2a1c217728f26f6e9fb6f8f0169af4c906d678773043f57c6e59634b193ac8f4f40faca5cba2a4fd4db37215ab85a298bbc893e27ae44ea4b44b4b173d5160c902ece76211d8e82a67054c633997f61fa16694658c38aa7e1c6ab85aef00902", 0xd6, 0xfe}, {&(0x7f00000012c0)="ed16426d550e4b2be552f37f60aad86dc789ce39687f1650f480", 0x1a, 0x1}, {&(0x7f0000001300)="df290b3342cde533a42bd00f2dc4b99e903fa1bfd31457b766a104d3df27bc6e821ce69c90f2963b0a4a31175f54796d74321199258ce8e5acdb7066f22a7a5c762fb433bc05b97689ef21fe54d5669f22b3a5887b0a9e34c980708745a06aee126b94fa55b0bfdf51679c36b390ebe3cdb84aea2c6f5de0317d972be6", 0x7d, 0x200}], 0x20000, &(0x7f0000001480)={[{@nodots='nodots'}, {@nodots='nodots'}, {@dots='dots'}, {@nodots='nodots'}, {@dots='dots'}], [{@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@uid_eq={'uid', 0x3d, r0}}, {@defcontext={'defcontext', 0x3d, 'root'}}]})
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
recvmsg$kcm(r1, &(0x7f0000002c00)={&(0x7f0000001500)=@caif, 0x80, &(0x7f0000002a80)=[{&(0x7f0000001580)=""/210, 0xd2}, {&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f0000002680)}, {&(0x7f00000026c0)=""/246, 0xf6}, {&(0x7f00000027c0)=""/228, 0xe4}, {&(0x7f00000028c0)=""/2, 0x2}, {&(0x7f0000002900)=""/85, 0x55}, {&(0x7f0000002980)=""/247, 0xf7}], 0x8, &(0x7f0000002b00)=""/198, 0xc6}, 0x100)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  500.408054] FAULT_INJECTION: forcing a failure.
[  500.408054] name failslab, interval 1, probability 0, space 0, times 0
[  500.409654] FAULT_INJECTION: forcing a failure.
[  500.409654] name failslab, interval 1, probability 0, space 0, times 0
[  500.479695] CPU: 1 PID: 26231 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  500.487644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  500.497011] Call Trace:
[  500.499609]  dump_stack+0x142/0x197
[  500.503243]  should_fail.cold+0x10f/0x159
[  500.503259]  should_failslab+0xdb/0x130
[  500.503271]  kmem_cache_alloc+0x2d7/0x780
[  500.503288]  copy_fs_struct+0x43/0x2d0
[  500.503299]  copy_process.part.0+0x3974/0x6a70
[  500.511536]  ? save_trace+0x290/0x290
[  500.511548]  ? proc_fail_nth_write+0x7d/0x180
[  500.511555]  ? proc_cwd_link+0x1b0/0x1b0
[  500.511575]  ? __cleanup_sighand+0x50/0x50
[  500.511587]  ? lock_downgrade+0x740/0x740
[  500.511599]  _do_fork+0x19e/0xce0
[  500.511610]  ? fork_idle+0x280/0x280
[  500.511622]  ? fput+0xd4/0x150
[  500.511629]  ? SyS_write+0x15e/0x230
[  500.511640]  SyS_clone+0x37/0x50
[  500.511649]  ? sys_vfork+0x30/0x30
[  500.565845]  do_syscall_64+0x1e8/0x640
[  500.569729]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  500.574570]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  500.579832] RIP: 0033:0x45a6f9
[  500.583008] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  500.590715] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  500.597985] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  500.605245] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  500.612509] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  500.619766] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  500.627050] CPU: 0 PID: 26229 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  500.634959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  500.644325] Call Trace:
[  500.646927]  dump_stack+0x142/0x197
[  500.650574]  should_fail.cold+0x10f/0x159
[  500.654740]  should_failslab+0xdb/0x130
[  500.658748]  kmem_cache_alloc+0x2d7/0x780
[  500.662911]  copy_fs_struct+0x43/0x2d0
[  500.666813]  copy_process.part.0+0x3974/0x6a70
[  500.671436]  ? save_trace+0x290/0x290
[  500.675226]  ? proc_fail_nth_write+0x7d/0x180
[  500.679805]  ? proc_cwd_link+0x1b0/0x1b0
[  500.683860]  ? __cleanup_sighand+0x50/0x50
[  500.688195]  ? lock_downgrade+0x740/0x740
[  500.692335]  _do_fork+0x19e/0xce0
[  500.695778]  ? fork_idle+0x280/0x280
[  500.699479]  ? fput+0xd4/0x150
[  500.702654]  ? SyS_write+0x15e/0x230
[  500.706355]  SyS_clone+0x37/0x50
[  500.709702]  ? sys_vfork+0x30/0x30
[  500.713228]  do_syscall_64+0x1e8/0x640
[  500.717103]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  500.721934]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  500.727108] RIP: 0033:0x45a6f9
23:24:47 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'security\x00'}, &(0x7f0000000080)=0x54)
r1 = open(&(0x7f00000002c0)='./file0\x00', 0x141042, 0xe93079ef2092687e)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240)=0x1, 0x6)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_PPC_GET_SMMU_INFO(r3, 0x8250aea6, &(0x7f0000000100)=""/202)
write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000280)={0x2, 0x6}, 0x2)

23:24:47 executing program 5:
clone(0x3000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0x8, 0x2300)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r5=>0x0}, &(0x7f0000000080)=0xc)
setgroups(0x1, &(0x7f00000002c0)=[r5])
getgroups(0x3, &(0x7f0000000200)=[<r6=>r5, 0xee00, 0x0])
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='fuse\x00', 0x1008000, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id', 0x3d, r3}, 0x2c, {'group_id', 0x3d, r6}, 0x2c, {[{@allow_other='allow_other'}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@dont_hash='dont_hash'}]}})
sendfile(r0, r1, &(0x7f0000000040)=0x7fff, 0x0)

[  500.730283] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  500.738235] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  500.745516] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  500.752785] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  500.760054] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  500.767315] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:47 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:47 executing program 2 (fault-call:0 fault-nth:11):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:47 executing program 1:
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000040), &(0x7f00000000c0)=0x250)
clone(0x787467f39aa189c, 0x0, 0x0, 0x0, 0x0)

[  500.885469] FAULT_INJECTION: forcing a failure.
[  500.885469] name failslab, interval 1, probability 0, space 0, times 0
[  500.922524] CPU: 0 PID: 26264 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
23:24:47 executing program 4:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r0, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r0, 0x1)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r2=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000000c0)={r2}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000000)={<r3=>r2, 0x1ad}, &(0x7f0000000040)=0x8)
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r4, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000080)={<r5=>0x0, 0x3b}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000100)={r3, 0x8, 0x7ff, 0xf09f, 0xb0, 0xfffc, 0x2, 0xfffffff7, {r5, @in={{0x2, 0x4e24, @empty}}, 0x81, 0x8, 0x80, 0xbcb, 0x8000}}, &(0x7f00000001c0)=0xb0)
ioctl$SIOCGSTAMP(r1, 0x8906, &(0x7f0000000200))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  500.930486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  500.939853] Call Trace:
[  500.942464]  dump_stack+0x142/0x197
[  500.946111]  should_fail.cold+0x10f/0x159
[  500.950283]  should_failslab+0xdb/0x130
[  500.954268]  kmem_cache_alloc+0x2d7/0x780
[  500.958433]  ? selinux_capable+0x36/0x40
[  500.962546]  create_new_namespaces+0x34/0x720
[  500.967058]  ? ns_capable_common+0x12c/0x160
[  500.971487]  copy_namespaces+0x284/0x310
[  500.975565]  copy_process.part.0+0x2603/0x6a70
[  500.980161]  ? proc_fail_nth_write+0x7d/0x180
[  500.984660]  ? proc_cwd_link+0x1b0/0x1b0
[  500.988722]  ? __cleanup_sighand+0x50/0x50
[  500.992951]  ? lock_downgrade+0x740/0x740
[  500.997094]  _do_fork+0x19e/0xce0
[  501.000536]  ? fork_idle+0x280/0x280
[  501.004238]  ? fput+0xd4/0x150
[  501.007424]  ? SyS_write+0x15e/0x230
[  501.011123]  SyS_clone+0x37/0x50
[  501.014473]  ? sys_vfork+0x30/0x30
[  501.018000]  do_syscall_64+0x1e8/0x640
[  501.021875]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  501.026731]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  501.031904] RIP: 0033:0x45a6f9
[  501.035076] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  501.042769] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  501.050044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  501.057315] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  501.064570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  501.071833] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:47 executing program 3 (fault-call:0 fault-nth:10):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:47 executing program 2 (fault-call:0 fault-nth:12):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:47 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
close(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  501.137916] FAULT_INJECTION: forcing a failure.
[  501.137916] name failslab, interval 1, probability 0, space 0, times 0
23:24:47 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x10, 0x20080)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000040)={0x3, 0x5, 0x1c0000, 0x0, 0x0, [], [], [], 0x9, 0x8001})

23:24:47 executing program 4:
eventfd2(0x7, 0x80001)
r0 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000000))
clone(0x0, 0x0, 0x0, 0x0, 0x0)

23:24:47 executing program 5:
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2000, 0x0)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x101000, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x8000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  501.214957] FAULT_INJECTION: forcing a failure.
[  501.214957] name failslab, interval 1, probability 0, space 0, times 0
[  501.236490] CPU: 0 PID: 26284 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  501.244432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  501.253798] Call Trace:
[  501.256406]  dump_stack+0x142/0x197
[  501.260053]  should_fail.cold+0x10f/0x159
[  501.264203]  should_failslab+0xdb/0x130
[  501.268166]  kmem_cache_alloc+0x2d7/0x780
[  501.272328]  ? do_raw_spin_unlock+0x16b/0x260
[  501.276818]  ? _raw_spin_unlock+0x2d/0x50
[  501.280958]  copy_process.part.0+0x1cd5/0x6a70
[  501.285532]  ? save_trace+0x290/0x290
[  501.289313]  ? proc_fail_nth_write+0x7d/0x180
[  501.293790]  ? proc_cwd_link+0x1b0/0x1b0
[  501.297886]  ? __cleanup_sighand+0x50/0x50
[  501.302106]  ? lock_downgrade+0x740/0x740
[  501.306241]  _do_fork+0x19e/0xce0
[  501.309692]  ? fork_idle+0x280/0x280
[  501.313391]  ? fput+0xd4/0x150
[  501.316578]  ? SyS_write+0x15e/0x230
[  501.320289]  SyS_clone+0x37/0x50
[  501.323639]  ? sys_vfork+0x30/0x30
[  501.327171]  do_syscall_64+0x1e8/0x640
[  501.331042]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  501.335876]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  501.341059] RIP: 0033:0x45a6f9
[  501.344231] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  501.351935] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  501.359206] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  501.366464] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  501.373720] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  501.380972] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  501.406771] CPU: 1 PID: 26292 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  501.414714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  501.424079] Call Trace:
[  501.426680]  dump_stack+0x142/0x197
[  501.430323]  should_fail.cold+0x10f/0x159
[  501.434484]  should_failslab+0xdb/0x130
[  501.438474]  kmem_cache_alloc_trace+0x2e9/0x790
[  501.443160]  ? _raw_spin_unlock_irq+0x28/0x90
[  501.447845]  ? trace_hardirqs_on_caller+0x400/0x590
[  501.452873]  inc_ucount+0x3db/0x710
[  501.456516]  ? retire_userns_sysctls+0x90/0x90
[  501.461119]  alloc_mnt_ns+0x98/0x450
[  501.464840]  copy_mnt_ns+0x95/0x8c0
[  501.468472]  ? kmem_cache_alloc+0x611/0x780
[  501.472808]  ? selinux_capable+0x36/0x40
[  501.476882]  create_new_namespaces+0xc9/0x720
[  501.481390]  ? ns_capable_common+0x12c/0x160
[  501.485810]  copy_namespaces+0x284/0x310
[  501.489887]  copy_process.part.0+0x2603/0x6a70
[  501.494516]  ? proc_fail_nth_write+0x7d/0x180
[  501.499016]  ? proc_cwd_link+0x1b0/0x1b0
[  501.503089]  ? __cleanup_sighand+0x50/0x50
[  501.503101]  ? lock_downgrade+0x740/0x740
[  501.503113]  _do_fork+0x19e/0xce0
[  501.503125]  ? fork_idle+0x280/0x280
[  501.518649]  ? fput+0xd4/0x150
[  501.521847]  ? SyS_write+0x15e/0x230
[  501.525574]  SyS_clone+0x37/0x50
[  501.529151]  ? sys_vfork+0x30/0x30
[  501.532702]  do_syscall_64+0x1e8/0x640
[  501.536596]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  501.541447]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  501.546641] RIP: 0033:0x45a6f9
[  501.549831] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:24:48 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="3f0200000003000000000100000000000000060000000014001462726f6164636173742d6c696e6b00004de853b9ff8d14411bc2"], 0x30}}, 0x0)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x821008}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x8, 0x70bd2d, 0x25dfdbff, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000000}, 0x800)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x399000, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0xf000, &(0x7f0000000000), 0x2, r4, 0x4})

23:24:48 executing program 1:
clone(0x800, 0x0, 0x0, 0x0, 0x0)

23:24:48 executing program 1:
clone(0xcc042400, 0x0, 0x0, 0x0, 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x18000, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r2, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r2, 0x1)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000000c0)=ANY=[@ANYRES32=r4, @ANYBLOB="86030000"], &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000040)={<r5=>r4, 0x68, "3542af79d118965551e899bc47abbb8a51c1daa78e2fec527ec187cd969b43dfeac204a3258e4ae0905f59e1cd20ee041afaa51a9d7d3998de7d8a26468ccb3e5637f45c6dab54f8698d5b5e339eb9480397ad176614026055fa7191d8f9febdfdc31a8cdd5f98e8"}, &(0x7f00000000c0)=0x70)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r5, 0xffff3c9e}, 0x8)

23:24:48 executing program 3 (fault-call:0 fault-nth:11):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:48 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000640)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
readv(r0, &(0x7f0000000bc0)=[{&(0x7f0000000680)=""/89, 0x59}, {&(0x7f0000000700)=""/77, 0x4d}, {&(0x7f0000000780)=""/145, 0x91}, {&(0x7f0000000840)=""/211, 0xd3}, {&(0x7f0000000940)=""/69, 0x45}, {&(0x7f00000009c0)=""/101, 0x65}, {&(0x7f0000000a40)=""/17, 0x11}, {&(0x7f0000000a80)=""/103, 0x67}, {&(0x7f0000000b00)=""/158, 0x9e}], 0x9)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.nlink\x00', &(0x7f0000000080)={'U-', 0xc5}, 0x28, 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/sequencer2\x00', 0x40, 0x0)
get_thread_area(&(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1})
r1 = socket$isdn(0x22, 0x3, 0x22)
lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000002c0)={{{@in=@multicast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@initdev}, 0x0, @in=@remote}}, &(0x7f00000003c0)=0xe8)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@mcast1, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@local}, 0x0, @in6=@mcast1}}, &(0x7f0000000500)=0xe8)
mount$9p_virtio(&(0x7f0000000140)='syz\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x12002, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=virtio,aname=em1/vmnet1securitykeyringvboxnet0,dfltgid=', @ANYRESHEX=r2, @ANYBLOB="2c616e616d653d6c6f3d76657273696f6e3d3970323030f3264c2c736d61636b66737472616e736d7574653d552d2c7065726d69745f646972656374696f2c666f776e65723e", @ANYRESDEC=r3, @ANYBLOB=',dont_appraise,uid<', @ANYRESDEC=r5, @ANYBLOB=',dont_hash,mask=MAY_READ,\x00'])
accept(r1, 0x0, &(0x7f0000000100))

[  501.557549] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  501.564829] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  501.572108] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  501.579389] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  501.586697] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  501.657948] FAULT_INJECTION: forcing a failure.
[  501.657948] name failslab, interval 1, probability 0, space 0, times 0
[  501.675320] CPU: 0 PID: 26328 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  501.683255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  501.683261] Call Trace:
[  501.683278]  dump_stack+0x142/0x197
[  501.683294]  should_fail.cold+0x10f/0x159
[  501.683309]  should_failslab+0xdb/0x130
23:24:48 executing program 2 (fault-call:0 fault-nth:13):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:48 executing program 0:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  501.683319]  kmem_cache_alloc+0x2d7/0x780
[  501.683329]  ? do_raw_spin_unlock+0x16b/0x260
[  501.683340]  ? _raw_spin_unlock+0x2d/0x50
[  501.683354]  copy_process.part.0+0x1cd5/0x6a70
[  501.683369]  ? save_trace+0x290/0x290
[  501.683377]  ? proc_fail_nth_write+0x7d/0x180
[  501.683386]  ? proc_cwd_link+0x1b0/0x1b0
[  501.719408] FAULT_INJECTION: forcing a failure.
[  501.719408] name failslab, interval 1, probability 0, space 0, times 0
[  501.720032]  ? __cleanup_sighand+0x50/0x50
[  501.720046]  ? lock_downgrade+0x740/0x740
[  501.720058]  _do_fork+0x19e/0xce0
[  501.720069]  ? fork_idle+0x280/0x280
[  501.720081]  ? fput+0xd4/0x150
[  501.720088]  ? SyS_write+0x15e/0x230
[  501.720099]  SyS_clone+0x37/0x50
[  501.720106]  ? sys_vfork+0x30/0x30
[  501.720119]  do_syscall_64+0x1e8/0x640
[  501.720133]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  501.720154]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  501.737059] RIP: 0033:0x45a6f9
[  501.737066] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  501.737078] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  501.737084] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  501.737089] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  501.737095] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  501.737100] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  501.809051] CPU: 1 PID: 26333 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  501.817796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  501.817801] Call Trace:
[  501.817818]  dump_stack+0x142/0x197
[  501.817836]  should_fail.cold+0x10f/0x159
[  501.817853]  should_failslab+0xdb/0x130
[  501.817865]  kmem_cache_alloc_trace+0x2e9/0x790
[  501.817876]  ? retire_userns_sysctls+0x90/0x90
[  501.847569]  alloc_mnt_ns+0xde/0x450
[  501.847583]  copy_mnt_ns+0x95/0x8c0
[  501.847594]  ? kmem_cache_alloc+0x611/0x780
[  501.847605]  ? selinux_capable+0x36/0x40
[  501.847620]  create_new_namespaces+0xc9/0x720
[  501.860509]  ? ns_capable_common+0x12c/0x160
[  501.860523]  copy_namespaces+0x284/0x310
[  501.860536]  copy_process.part.0+0x2603/0x6a70
[  501.860553]  ? proc_fail_nth_write+0x7d/0x180
[  501.860561]  ? proc_cwd_link+0x1b0/0x1b0
[  501.860579]  ? __cleanup_sighand+0x50/0x50
[  501.927505]  ? lock_downgrade+0x740/0x740
[  501.931658]  _do_fork+0x19e/0xce0
[  501.935109]  ? fork_idle+0x280/0x280
[  501.938821]  ? fput+0xd4/0x150
[  501.942015]  ? SyS_write+0x15e/0x230
[  501.945717]  SyS_clone+0x37/0x50
[  501.949160]  ? sys_vfork+0x30/0x30
[  501.952685]  do_syscall_64+0x1e8/0x640
[  501.956731]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  501.961568]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  501.966742] RIP: 0033:0x45a6f9
[  501.969919] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  501.977613] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  501.984866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  501.992122] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  501.999375] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
23:24:48 executing program 3 (fault-call:0 fault-nth:12):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:48 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_GET_KEEP_ORPHAN(0xffffffffffffffff, 0x2288, &(0x7f0000000000))

23:24:48 executing program 0:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  502.006633] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:48 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x59, 0x4085c3)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f00000000c0)=0x1)
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000000000))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)=@x25={0x9, @null='               \x00'}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000180)="69db0bd91b374eb3b2a9948ad0fadaf4942c2146738005ccbc54af5041c7e5b4162e2c33d2b6b45ddf21ceb2f92d9ef393c3c3973f0aec0a79014d4c6740b24c7d", 0x41}, {&(0x7f0000000200)="5fd0d5be529d9b024aae0cf285ab36c6cf0fc599196bb169a0a12df5349edd2915ba89b281dc534b038fae56dd23b99db1d6e0784e31754a0700354ff3854d88ee69d060d513322031567341d00b0639261eb7e9cd884979c828ec7f5757177ee1ec40e706333ce301d4af", 0x6b}], 0x2, &(0x7f00000002c0)=[{0x10, 0x4042d8ead6b04ee7, 0x80000000}], 0x10}, 0x80)
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000040)={0x427, 0x8, 0xed53})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:48 executing program 5:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x183502, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000040)=""/175)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r1, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r3}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x9, 0x6, 0x8001, 0x2, 0x9, 0x60, 0x0, 0xff, r3}, 0x20)
clone(0x787467fbd6acd9c, 0x0, 0x0, 0x0, 0x0)

[  502.072183] FAULT_INJECTION: forcing a failure.
[  502.072183] name failslab, interval 1, probability 0, space 0, times 0
[  502.163456] Unknown ioctl -2141170668
[  502.170327] CPU: 0 PID: 26342 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  502.178246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  502.187594] Call Trace:
[  502.190208]  dump_stack+0x142/0x197
[  502.193828]  should_fail.cold+0x10f/0x159
[  502.197962]  should_failslab+0xdb/0x130
[  502.201920]  kmem_cache_alloc_trace+0x2e9/0x790
[  502.206585]  ? _raw_spin_unlock_irq+0x28/0x90
[  502.211077]  ? trace_hardirqs_on_caller+0x400/0x590
[  502.216075]  inc_ucount+0x3db/0x710
[  502.219696]  ? retire_userns_sysctls+0x90/0x90
[  502.224268]  alloc_mnt_ns+0x98/0x450
[  502.227964]  copy_mnt_ns+0x95/0x8c0
[  502.231584]  ? kmem_cache_alloc+0x611/0x780
[  502.235901]  ? selinux_capable+0x36/0x40
[  502.239948]  create_new_namespaces+0xc9/0x720
[  502.244432]  ? ns_capable_common+0x12c/0x160
[  502.248825]  copy_namespaces+0x284/0x310
[  502.252871]  copy_process.part.0+0x2603/0x6a70
[  502.257447]  ? proc_fail_nth_write+0x7d/0x180
[  502.261922]  ? proc_cwd_link+0x1b0/0x1b0
[  502.265971]  ? __cleanup_sighand+0x50/0x50
[  502.270192]  ? lock_downgrade+0x740/0x740
[  502.274325]  _do_fork+0x19e/0xce0
[  502.277764]  ? fork_idle+0x280/0x280
[  502.281464]  ? fput+0xd4/0x150
[  502.284638]  ? SyS_write+0x15e/0x230
[  502.290174]  SyS_clone+0x37/0x50
[  502.293521]  ? sys_vfork+0x30/0x30
[  502.297044]  do_syscall_64+0x1e8/0x640
[  502.300913]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  502.305757]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  502.310928] RIP: 0033:0x45a6f9
23:24:49 executing program 2 (fault-call:0 fault-nth:14):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  502.314097] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  502.321786] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  502.329038] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  502.336289] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  502.343539] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  502.351052] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:49 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000000)="aba1ef072365639599b7b732d5c84c93494c1f6ad6dee8856e20f8a969973a7519729bc4f6b4aba5d63db393b80f6cd9ac00fe2c396a740dcdb76e7fed45f4fcb7dd5f17ae23458bbf058846003fd1725a755c8ddbc8c068d2a35aa82f7e77d7a0a79e78cff14bd9be05d08bbf05af820d30ba47cee13df150de99e68f4d3fae5c6f47ad30882ced2e9cf44eda583097133c25226009c5eb1dd7")
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f00000000c0)={0x0, 0x1, {0x3c, 0x1a, 0xf, 0x15, 0x4, 0x2, 0x6, 0x118, 0x1}})
clone(0x800, 0x0, 0x0, 0x0, 0x0)

[  502.449342] FAULT_INJECTION: forcing a failure.
[  502.449342] name failslab, interval 1, probability 0, space 0, times 0
[  502.490008] CPU: 1 PID: 26371 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  502.497947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  502.507325] Call Trace:
[  502.509903]  dump_stack+0x142/0x197
[  502.513523]  should_fail.cold+0x10f/0x159
[  502.517659]  should_failslab+0xdb/0x130
[  502.521616]  kmem_cache_alloc+0x2d7/0x780
[  502.525751]  ? _raw_spin_unlock_irqrestore+0x6b/0xe0
[  502.530849]  alloc_vfsmnt+0x28/0x7d0
[  502.534543]  clone_mnt+0x70/0xee0
[  502.537979]  copy_tree+0xd0/0x8a0
[  502.541415]  copy_mnt_ns+0x11c/0x8c0
[  502.545117]  ? kmem_cache_alloc+0x611/0x780
[  502.549420]  ? selinux_capable+0x36/0x40
[  502.553465]  create_new_namespaces+0xc9/0x720
[  502.557952]  ? ns_capable_common+0x12c/0x160
[  502.562368]  copy_namespaces+0x284/0x310
[  502.566414]  copy_process.part.0+0x2603/0x6a70
[  502.570998]  ? proc_fail_nth_write+0x7d/0x180
[  502.575477]  ? proc_cwd_link+0x1b0/0x1b0
[  502.579525]  ? __cleanup_sighand+0x50/0x50
[  502.583764]  ? lock_downgrade+0x740/0x740
[  502.587904]  _do_fork+0x19e/0xce0
[  502.591341]  ? fork_idle+0x280/0x280
[  502.595047]  ? fput+0xd4/0x150
[  502.598222]  ? SyS_write+0x15e/0x230
[  502.601933]  SyS_clone+0x37/0x50
[  502.605361]  ? sys_vfork+0x30/0x30
[  502.608956]  do_syscall_64+0x1e8/0x640
[  502.612832]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  502.617687]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  502.622860] RIP: 0033:0x45a6f9
[  502.626038] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:24:49 executing program 3 (fault-call:0 fault-nth:13):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:49 executing program 5:
clone(0x400, 0x0, 0x0, 0x0, 0x0)

23:24:49 executing program 0:
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:49 executing program 4:
clone(0x40100400, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x4, 0x80000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
utimensat(r2, &(0x7f0000001600)='./file0\x00', &(0x7f0000001640)={{0x77359400}}, 0x200)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x14, r3, 0x1, 0x0, 0x0, {0x11}}, 0x14}}, 0x0)
r4 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$set_timeout(0xf, r4, 0x0)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000440)={r4, 0x1000, 0xd1}, &(0x7f0000001680)=ANY=[@ANYBLOB="656e633d6f61657020686173683d78786861736836342d67656e657269630000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005ed140697fa3e2d7adf29e8ca1f6fc69f76a2583b92b59c45f064a576292a272f9121c5b55c84d4067f24ab8d148f620970befce752794f7368fce04aa1f60a9b5d2d97916dd6780a414b0ded848f3a02e95fc80ae292a6a40350b5fb9898a8d1361fc6b879f080e7225f053987c604c879672d20faedb4d687287845a724a25dd70813e7997920d0bba424f513674e474506aa993f59f31ead32e0945352c8aa73233f0c0bf3735b87e4faeb315c658280fd2f0a7532343af0b8d7399b555970e5003d50e174255b74217658cc18b"], &(0x7f0000000500)="baa5395afd9489bc9eb4835c0cef21f58c1ac1cc9080a2c539cd69a8ee598b82644d4d2a4c0ebc0726420778a93551ac57141f186f44c0099af9ae32c6358ade36405c8e70c282f8b168ba9d4ead688e2742f17296261c8ef9522dcc19ebb3cdbb9796ff4aa02f494689b9c3396d55376b49e39879b48b604c2cac3ef42778b1a820f068c31be79ae6e6a8592494b3140789883ea8b9f655c53936b8074f5c2dde26ba2ce089738a6ab696475531b0efa506bbdd405645a3b7edc865e67047a1c33ac39a654a25ed2b1e59fb5cf8d9af0898a4727edd87f70ae496318616b6394a9ee4294129dee0c57ab047adb36d71b4c6639dc8c15f5bd5e55aaae05c1e5d3ac26f048fecfcffe3ea06a6dd57a940f04f66d7717515f49bb6ef771c8dbb33cfb85f9af1d8e30da4d52d767ef2689e674e6349ffa87a1fd95255b445c15034587a443613a3e6565793c1167976ff55c7480dd66a8586c4ed0fc093771a27c3ff60ee81fbacd0b2fb3e1e9fa62e1c25303b8882ddbf8f40524c1aa4ef9dd100cb4a8a3f910ed06bcdf92a25156a1c100f1b4aba862bb3cdce0ea067ae19a8b4353bf2527ad62aeb8f56c241470ba913db5160c258ea0a57b8a26e81d7077bd9118e99297201a95c30a1df302f3aa423077de82c568238aea4a4dac77c8c91bc6f3418f45f8124cc533c0934b1169d30ba4fe5a68a68a0199cff3eb1f07f61859f46e18ba33aeee2a8208fa74e6a210dedbdbc0fb7b989352406f9c47b656591dd6627d4a4b7fd792c08ad9c0091637b48ac923069948195d5a120a25ccadc08c9631c62b5a8191f36c277ba4b1b157b56e295d6694666bf53662eb1ba5750bafa01a20b6bf4422478716bcd82990fb3dec02d7f029d710a7f64e60cf932b080727d65d49199c6b6835ac5c3da404a2914ea62f98352176b657c2cf05aa04952516caabb7c0924653589acee1517a7cff726ae88799664243dbd22db2dfbd964ab7150ab63883451e17265a7ef2c3ee722f52713ddfe62f688dde0d458a8ec4c44f7e6ab473d1d1e954cfefe5c2fa19945f872c1ad55d7e90689f511840e447b56747cc52ffef30bcf334694e3a06e078b5b2321e2e9dea6cf71857517960be547b1582159dca6b4537e0256bc54156d2a82d9a6b22baf075ec23a34b3b6caae192cd5d45a4874460f86e9cd55ca3b91cf2d01e5231503ef04906c58176a784f3dc6e724c366464aa9590d0c086398410960d8148080e9dddb67e8875a3ecddf6c3d5a1e57e5ab16e0adda65ff62d017cfd5c7657d0bb99f09d80f0a852b75a2a45921769d69a96ffe2692a5675af5109b5f43154003cd1174f61c23083cdaa730e5a7aa344a4960625c5dc9094920099f34f32e6af2c9879dfb165445c12d0931ad34b921ae6930efb302f63e74b9fc678eb16dd7fa0aeb2d35b4ac1704e3d6d4374bed97d8416740c9cb3c1d2d221fcdb737d5b03955acad3db41e9c5e7a8096258496238c450e47aea2b5b0bbb9126230ddaea3918b4a582e457fe24e1185a243763827d7f8024368f7ec4a50e784fdfed3603dfb6111464e38d94cb74fdbd7b0b9a42012f7ac109438bbc23977660df9d59edd4c9b6b51a21d88726ef575a731357ccc7dfa15e68804e918bdb9158bfe6ec4b2d87a80b7004f372fdb6b9a7beb377d0d962aef6280935a259aa6cc8439308bbd0429fcd52dd84dfdb814f0123e6aae0983274682dfc39fbc18f0b9675e65a948a654c9c5496956fbbac99387050884c731a94ce162bef0958fea42f493a6b80b3919cfac1ca45d9787c70a6811492e76fb5f4074d924c9c4bfd4dbfd83c0c484fcfc7e2462a4f837f692cd911e629a5de58a361e12e5a44ada459d75bd3862948582ceeb2882fb5d9d07fe0948db25ebc1b02097572ca2ae84e7567e1504248effc1fe8c38797cfb8fcc3ef97ac4025e300631448ce31b7abbbeda36fbd19b8dfeb8c61d950a4f51ce1ebf17651b2e7a8300efea54f9dadd88dc1ff781d7e8a77b8459d821bcb7a0e36bd24261d2c80d271e8a07a0cda5016b6d3ac77cd15b9211852f80cfd8aac49eeae3936c5df3f2044fd355e339e1b095f91e51ea53ea2ff36103ae6b661ddd89f75cf6c27dbc8ff3bc3476a0ae68b9cbd198694f6a869081d1b225f06d431c0a328e9c160a4422b4a817f53ec10bb78d986369ab278a31440cd43691fc2d059f6605c1a42df50ecd5d5fdb812cae4158003201854ccd8d266c283235662a6578e4764aaa775a10feb57281ee1fc17016996f8dbbb5b320f5acdd554b0344a6925bbb8ec9029cfcd06601c7577596aa1dae9af5314f743bb4ddb46ff9ab7f7af43b5500bb91f427d20d0075c04bbb0a0be080eff513bfc006ce591d30d3db28ee0e7f626dbaffbf9f7ec7c1d00e0708876769d115c10fc36e3865d93f7a1a5d514644ea8121f16e8abe95c4b88a9ae33b04f7dd690a3b3f8d6fa176736bac4fa50aa150876720682909478cb2547fdb969f835a658730950a747435c6d8de4424654d84a1cd781dbb713332b84b92dec2d7b7c8cca2c7484bb17e45cd8cbfc4cc7daaa2d45a300d598a8fb3fa30b945f558cd63264d759b639622a844d827680aeb88370a0a14fe36734d8bf026fcb950bad90af162829429cd618e254bb64937210181d7e92cae803621b67914c8037b6d583e4e8e8799f94e8a646c50ad8d3ceb40b858ccac5ac6ebfbc6549df65ac092b112391d257aa9a1f828f7bba8581209eac9cb1aff80702665b04ad281600f458c94679149ff809e0b003b4c0996d4c661e395172040ca9f7df1bd5bf4d51c2b7d3fbb1caeef2650db2bcf08dc6801fb1c5cf99885bf407d59f56f4e48352cc50123286f0f9bec82e169486af5624769e1e42d2e9457b3957b14026bda4ab15e2dc955fd6089a2ebf2030a630f30c8a66a2325c094cb971e06617fae3c54beebcf95f5bf89246e5c39fb1a170d433d524f90e0e2dd6957970cc357ac91f23aa354d8a2909b95cfe9983ef8344206ebdf57ef143585373c41c2a050310343e19b8aada8611a70bb546cb2b3a61a6769802efc6c439d54f658290c901b91058e6fecc504255ad3c6ef1d312d7e036e3e36dc5b8a932d232f1b22e648b92bbff18197a57f7e3bf52d4d7cb0b48e7914bccbd35697048e196582666276d2f627456ebc92330a53d41d7e0f769d3dd6e911712c38d0b04481fc26c59c778a13e84982ea1170b8588b8d9a9b89c94b763743ab286fdd272eaf1ab444b27750727dcab03af6a63cf2038f186ebb8f1dc92b91f548aeeb466bea4738b0ab8da5474b35bf84d32d61ff223b38957acd2bfee25f603b57fc1627b32db6e8ec509af3a4e2c0acb4171077e7ddcccdd29b36f1b6588727f5a51aad5707031b508a8a1205dea3a72391db7dd0e8ba878f2c0ff6cfc18c3e5f08d96f74fb4a0867e36cec10bf37e4554ae2df00eb19006ee4b8849cf017a7f7cf19249146147a0e57293854291741cdbe0d2757f091aa4832fe0263e0f3036e8fab2cbb2b4f04f5c57d91f481140a22e41e9d8768f0e7d3b3236033128526145fe0641ac0194563149397967bc2846556f62aed23f54fbd5720e225f2334bb62c7039c9b1f24be55c4bab867ccf3f90012727af4d25b57ffe81e747432b94cf0ec67dbca20d0a2c1783f3e5570e3504ca9936913b23647fb36a0e4846511c7d6bb220409f942e04c816602aa8618364c60cb114360f20315745fc3a0dc4a4d9e2ac682b7c59e0cf3e7580a21485517df205a45043f90626b49abbdaab48c6cde326a715efef1c063e6963b5bb9121341e91fdded03546227ef1b029620ec7c538274b3798f7dc581b76abbe4045ef49876aaff37adf5373429a3024338007550344446499b231fa7a3541e3fe6ba1abd0aa1ce70f9802b79cdfe4fa75b0117665817393df92fd77ee4428efa3fe4b2b3ab9b32a09de4a72e21801d6cd571e0ef883195a0946dc977683dfd4a789d9cb34676566162ea30073d55f67514f25d7948f408d32b3882b52f5a82cb5ffbec7da619b9a3bb183a769ed6c0556834706b50e1b33b700c0dc09c65257cb31638d36c43eaedb3a1ef74f3f4da4d5d0d0618bf5bbccc87ac19782c9c2c7ea47bb4a16d4aff844eb1570ed07a111985d343cc45ef0ec89f3a494cbfbe5f19a301cf32ee348e24e8569e9313c4cc315f7e81e4a46452b95b92196bc719593e90ec3dfd6b00f290365ca778e0c2c0346673b946435c1b6f79530ddfe559f0ec7dba3993180142d1f20425e09710503703dcaa9853f1e183218ffe52488efa4315a055c5845825eade000e13072e119064af61a445e4afa3f84eca29c1a6c2aee0e25dd1b20db09ebb38e0e9579e6c0c8abf76976612391b61b24687d04c9e17c5c710af63117a87d19873b4fb229bbb2dc141ea83e7c5bb48015983b0083e7c7dae89dfce0fc3e2807be17fcecec448b17e88ffd6f8df0a026207a43fbc5c9731560d288b2a408f17dfac019691006f37f17c910939152054f172df3e1edf820ce61ffd6faef2b0fee7257fed9442c42b6ad87a64f24e7777c8932ff9267f424995bae2afb5a7b3ab5eb79dcb9aba2578de8a58b3edc8b83e43509ed0eaf408998e42e9a088604affebce477b92f4b578da887bfd896041c3b2681c76d26c0949171e93b821eef4d793a7ed6d4b251b3f9203d84a37c1b5689381b57db31215ff5937d85f452c4d992f82e3ccc3fa0abf56428215f8574bc1dae0943d75de52c6956c7139349332ab8d2c04862fe3f918dd2d78c69c5f63a7b90758077a1cdbafd074ed75b698639fff3f7b03cd6513fe5e8e121153a0684059e359adcc093ce65e21df763d6a41e44279350a263171999edf562c93fd7bc79a94db6c296c606b246f12bac2ecc0488f7801a60e6437c67d4170ef12da72ccfca7c1e51310f5ea644e34be4fdff229674d9714c363dc4f5fae7a3e5c822f6fc4c6d429f8096ea12d8fe7a3a372176995423118f1f489dbdd4a98c8bf410f8549387df5dabca7b7381d76b07bbe489862558be13303bb77cafbb2f80aeb3a96f0ff7f06b679b6076d8f6ee93cd7f802101c62884df78899a8af8b347aa495a0a6ff684dcdb077b4e8e96a9368da495ff7bb87a48dacd22f612dc0732ab7c4b2a9ef7493706309997ea2b1c0ec872d73b5cc0e86191a717b0184cac2156a80a26a18f121d67c46065c30402fd1f26ba131334ae819c883ec5ce597e1af58cbf42ada4971983df738aa3e3277972bdf043b5f8ffe07d48a21ad0ee30a707e24c192132819e47ad1e6405d0f70a3056aeebe7c7680a96bc2646364152d9d59e264211b7d43716aa5225c7839948eeb9a0f1bc66d653a5731501dce9920b8d3c708ec64704fe883f16ffbcaaa37bb604ff6bac9261238aee8128fa28268fef326113b824eb250755d4132bdab789fbe86894e8ecb09c0ebf29481c6435ca1f5063b62befd5d7c468106ec924003a4c5a4816eee7b0b327329523d64d6f3f3ba9dfbb804226a1096f5f93e04d5f2521f9f585a874cbfc89ba29b9d56ecf98291ffc0f56b49c1a83f09dab2e9e40fee6303a0255de5c52bd12bac48de4648771db43681d570b0c66c8f2958de1ecc84d1f449203f5069659156d46622f4dec70ac3880b93570a1ad3746aa69a74a9a2d41e23f11d16f58f08793074627e63211b45c4c2082a3299e642109632da5297df3e24dd6615a374e2f443f1b294cd91faa334a3e72286c1aac255cf30895c0d791c5680ee1a7eb4204a7ea17", &(0x7f0000001500)="23e3d4c9e7cae39233e994c50c460c248f12c8d6ec29712262cc4acffacfbf7facf2e5b5012b8b3133f8d20247969f6ceb95e9b7d93c7ef41f6226e41755b0f54b45aedb9ece445b7ea2a516fa41552a24c42f04143e5656ddc0eb0f4e0fce0dd8cb68057c99e03397e93102b0c3019c18aa41fdd67f387b920c8b27a3e2e6eb48403aaaf9d9ba37593861485b371af12b07dabe2198a0e6d989bf0472941498459849e2894d2d0dc7f2ac57717f3e155f47e89541a2970149c4e85ff715c8a143386883cf23eed61d50ec560b48240558")
syz_open_dev$midi(&(0x7f0000000400)='/dev/midi#\x00', 0x7, 0x84000)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000240), 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0xe8, r3, 0x100, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x198}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x5c}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x8}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6a2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc0000}, @IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3f}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x45}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x57}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [], @rand_addr=0x7}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2c}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x810}, 0x58000)
sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10800200}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1ec, r3, 0x800, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x54, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x3ff}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@initdev={0xfe, 0x88, [], 0x0, 0x0}}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x100}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8000}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'hsr0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}]}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x80000001}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x11}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x4}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_bond\x00'}]}, @IPVS_CMD_ATTR_DEST={0x28, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2f}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@loopback}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x3085ddada8bb1c51}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xb360}, @IPVS_CMD_ATTR_DEST={0x6c, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e21}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xfffffe00}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e21}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x5}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@loopback}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}]}, @IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x28, 0x10}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x89}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x22, 0x18}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x200}]}, 0x1ec}, 0x1, 0x0, 0x0, 0x40000}, 0x4080)

[  502.633739] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  502.641105] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  502.648375] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  502.655674] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  502.663016] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:49 executing program 2 (fault-call:0 fault-nth:15):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  502.767058] FAULT_INJECTION: forcing a failure.
[  502.767058] name failslab, interval 1, probability 0, space 0, times 0
[  502.770932] FAULT_INJECTION: forcing a failure.
[  502.770932] name failslab, interval 1, probability 0, space 0, times 0
23:24:49 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @random="9ea17d02e4f5"}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000180), &(0x7f00000001c0)=0xc)
r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x63, 0x80301)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x40000, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
ioctl$SNDRV_PCM_IOCTL_USER_PVERSION(r3, 0x40044104, &(0x7f0000000040)=0xc6)
r5 = getpid()
sched_setattr(r5, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r6, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r6, r6, &(0x7f0000000240), 0x7fff)
write$FUSE_WRITE(r6, &(0x7f0000000280)={0x18, 0x0, 0x6, {0xfffffffc}}, 0x18)
write$cgroup_pid(r4, &(0x7f00000000c0)=r5, 0x12)
ioctl$DRM_IOCTL_ADD_CTX(r4, 0xc0086420, &(0x7f0000000200)={<r7=>0x0})
ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f0000000380)={r7, 0x7, &(0x7f0000000240)=[0x1, 0x10, 0xc195, 0xffff, 0x2, 0x5, 0x5], &(0x7f00000002c0)=[0x800, 0x8], 0x20, 0x1, 0x9, &(0x7f0000000300)=[0xffff], &(0x7f0000000340)=[0x8]})
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f0000000080)={r7, 0x20})
perf_event_open(&(0x7f00000003c0)={0x3, 0x70, 0x2, 0xcd, 0x80, 0x3, 0x0, 0x7f, 0x80000, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x2, @perf_config_ext={0x8, 0x10000}, 0x1000, 0xf32e, 0x3ff, 0x9, 0xff, 0x1, 0x2}, r5, 0x6, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r2, 0x4010641c, &(0x7f0000000640)={r7, &(0x7f0000000580)=""/139})
ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000000)={r7, 0x1})
r8 = gettid()
ptrace$cont(0x15, r8, 0x3, 0x7d82)

[  502.821952] CPU: 1 PID: 26390 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  502.829895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  502.839271] Call Trace:
[  502.841886]  dump_stack+0x142/0x197
[  502.845537]  should_fail.cold+0x10f/0x159
[  502.849706]  should_failslab+0xdb/0x130
[  502.853687]  kmem_cache_alloc+0x2d7/0x780
[  502.857842]  ? lock_downgrade+0x740/0x740
[  502.861993]  alloc_vfsmnt+0x28/0x7d0
[  502.865699]  clone_mnt+0x70/0xee0
[  502.869216]  ? is_subdir+0x222/0x389
[  502.872936]  copy_tree+0x33b/0x8a0
[  502.876475]  copy_mnt_ns+0x11c/0x8c0
[  502.880194]  ? kmem_cache_alloc+0x611/0x780
[  502.884528]  ? selinux_capable+0x36/0x40
[  502.888581]  create_new_namespaces+0xc9/0x720
[  502.893074]  ? ns_capable_common+0x12c/0x160
[  502.897611]  copy_namespaces+0x284/0x310
[  502.901677]  copy_process.part.0+0x2603/0x6a70
[  502.906290]  ? proc_fail_nth_write+0x7d/0x180
[  502.910798]  ? proc_cwd_link+0x1b0/0x1b0
[  502.914872]  ? __cleanup_sighand+0x50/0x50
[  502.919122]  ? lock_downgrade+0x740/0x740
[  502.923285]  _do_fork+0x19e/0xce0
[  502.926770]  ? fork_idle+0x280/0x280
[  502.930496]  ? fput+0xd4/0x150
[  502.933703]  ? SyS_write+0x15e/0x230
[  502.937459]  SyS_clone+0x37/0x50
[  502.940829]  ? sys_vfork+0x30/0x30
[  502.944376]  do_syscall_64+0x1e8/0x640
[  502.948271]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  502.953131]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  502.958322] RIP: 0033:0x45a6f9
[  502.961512] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  502.969226] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  502.976503] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  502.983781] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  502.991880] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  502.999159] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  503.006454] CPU: 0 PID: 26387 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  503.014356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  503.014360] Call Trace:
[  503.014375]  dump_stack+0x142/0x197
[  503.014396]  should_fail.cold+0x10f/0x159
[  503.034336]  should_failslab+0xdb/0x130
[  503.034347]  kmem_cache_alloc_trace+0x2e9/0x790
[  503.034359]  ? retire_userns_sysctls+0x90/0x90
[  503.034379]  alloc_mnt_ns+0xde/0x450
[  503.034390]  copy_mnt_ns+0x95/0x8c0
[  503.034396]  ? kmem_cache_alloc+0x611/0x780
[  503.034410]  ? selinux_capable+0x36/0x40
[  503.054969]  create_new_namespaces+0xc9/0x720
[  503.054983]  ? ns_capable_common+0x12c/0x160
[  503.054994]  copy_namespaces+0x284/0x310
[  503.055006]  copy_process.part.0+0x2603/0x6a70
[  503.063375]  ? proc_fail_nth_write+0x7d/0x180
[  503.063382]  ? proc_cwd_link+0x1b0/0x1b0
[  503.063401]  ? __cleanup_sighand+0x50/0x50
[  503.063412]  ? lock_downgrade+0x740/0x740
[  503.063427]  _do_fork+0x19e/0xce0
[  503.063440]  ? fork_idle+0x280/0x280
[  503.063453]  ? fput+0xd4/0x150
[  503.063460]  ? SyS_write+0x15e/0x230
[  503.063473]  SyS_clone+0x37/0x50
[  503.063480]  ? sys_vfork+0x30/0x30
[  503.063491]  do_syscall_64+0x1e8/0x640
[  503.063500]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  503.063516]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  503.132895] RIP: 0033:0x45a6f9
[  503.136090] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  503.143803] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  503.151068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  503.158349] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  503.165618] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
23:24:49 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f00000001c0)='/deN\xfd\xcb\x06\x00', 0x588000, 0x0)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000000c0)={'mangle\x00'}, &(0x7f0000000140)=0x54)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000040)={0x2})

23:24:49 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  503.172889] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:49 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:49 executing program 1:
clone(0x825800, 0x0, 0x0, 0x0, 0x0)

23:24:49 executing program 5:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x20080, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r1, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r3}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000040)={r3, 0x1000, "dc15fbf296b880b8fe2857d793e436d530e0a683585e7f75b28fb2a82dd657abbc4b1438d0fab2d2a7d73e6663a7b3e2f45c870ceb5c94b9a14528178aaf67a739d36ea6a4130e4b6ee61d5f0c6a02aee988f39c25a04b53660b9dcd341d97523348d5769930726f02bb097d93ba4bddf5afb081426137d6a83546c50e5c6afdd6bfcbb3b219ad31d623b5267de395f1070ff8781f14c35becbfad57cb284154db2046da308b141181e4c56d1729ab2a08aec15e96008ebee99c257d534b3f9d2b59d2ab83d05cc79ac063f10837d97af72c4f95b7dfed26a16d361b19b64a70a74aaace9e57a36a6b1ddd1fe138ec8b2c22e95f63997aeabbc75bf82470272b81b437746b0f97a23099a1d316e6acad607d51b0950d110e1b9ee455ad909ecdb0144bf0c6494ebb2642b908c8609fa318a867bc245dc08d0529577c6f930c6ae881fbe8a4febf384f173b094854cad8987c85159f1df512696ecd3b9c80895ea334f07a5927d72582da0c0c5fa6be56eba49d149c4f96df7e587a735928ed664029a3ca8b50c43a019a0538a46e1917951b2ce1ec0e8d6b4d5617e8648b7bc8ce4a182fac689422019250c4a93d38cd287b9979e681ea91a5e777518b2c96c1cffad8d9ee311fdd38b30731949fb2223b0afaf936efad31ef7955ef731139a6beb24609b86cf77e071525f20baeffcf721db338e3c2a68213a47645ecd32ab737c11aa67c36a552d45ebd5461da05314e3d3c0cb4e0fc10a005b1ddadee26918b45a419e955489a4c0a1b004d881b999ba9caf474ea42b89c01e1f2d7f5116f9f54323cbcd594942f7939a92fe44a5578b38bd2e7021de50286dd8c44a372a6ed946f1bcd1fd6f33ac145611fd256ba3e49b849d8d89d89b434823ae3b7527aa200dd6d0e4f223eb7bdbede1b0d0be1c3c7358e271f0966802ab18fe80b1553eb03c2d0f4fa5afb526ab5235367396551c1e73dcff7bcfa2e9f5f85e140906b16fef233aa59f0ed4cae650b0bd7098b707f7c1a3b2508c7137e78158dfe9d89e207bdac13e3208455a5a0d2d3080240b5b62a661d7bc7e33eb46df11b4c02daf0b8f8e3c4f8d32866d8128d6f98fe3265f81fb0a60bf48eeffadb10a0a178318b21e8c0dc10a796d104f7b91487681ebedbdb5cf8d67ce908832634b797f8c2e44577694c1754aed67a21c22bc4803e9288b495d637bf505b8b715e19570fcc09af28f6e17fa54d7fa459f373f151d2243e440429df2ef1911f17f2f2bea006ce8a397f922794c3cb6d3d4a9a825a6a2209bd01cacfdd27680f3a2e712778f463beb0da8de758597dbb34fae4b2e3aed0701861eee90dc46a1fa651a4ddc5dd99423b4065a71c3ed53aabbf2ba0977b0fb3128f8341386f45c721be34f93e49b5144a076bff600a6218b61c84a71632a40ee8a9bba14f6dda6c8e045e4fd1d08bcee6d6ceb29dc8758f79162e531a2b568a32df65ae89780fde2a9db90559cd2d3ed20ee2c5e92c41f62b6fb052c4b33b861b1eaf8a42971026f46bca4d2d27d004e493c8ef5483fe2d7631e3b7676ae0977e5b2bf29a67524cbf0d96557cb8ffac2f31cb7b8a94ae19dfd3381e895d0945bbdcd7de904653318107e29982dd18c8582d59717a7bfbad20657a0d573bb0997eae69d5e030c5ad601440abf2fabf554679d65e630da0a2b86a12bc7cf0a8ee9198ddaacc5adf5b48799d5659d1423f8ce681c4dd4886af81c624fa970327518b14190330d17357748f767d1a397bec2020dfa57ff02d03a53ccc3fdb0111eaa271277466e13413a89e279afb013567dfdda4169da2d89090e26c98b42392720cb6ce8aadcb68d5145a56bebe312949bedc38569cd62774e93674c391ca4ca9590d33ea8dfcabba0cb96d4edca6bbf9332e02cf0e973db0f9c773cd8ee3defa6b020e8fd293386b1e917ee6915823d97b4253ff1a014065da2ea59488e2b11f5dd53cc00a798f892a7f74b04f157ff20598ec7f74614b4aea958e4bb840b8f3245003d55b82fe21e1d7fc73d03c802803cac5be83b6aae6708cd9c1e9848273eb1cb196aebe981100d2c12188859fd0e5731782f84cfe394fbb6aef287d108743b5c6afb66f679da27384c401668d60d01e3cadc7fc3fb0a20f11d0e83d4338edebefbccde8ff6732176444343ec0c1c430587fcee49c690e8c510b48cb724ec8cdc7b2db07c27fe234bf31754d66ceb3725debc8820614943ffaee3acde43cd9411d71c6e19e49331e2fb20d46de97b0c50d94f4ef1561d69061848081b4a4a3eed0523de904cbb55717459e19b1c4d139b5ac584722b1824de49911e8e255b9e1f1dd7829df6a029434ff62b620832d3f9b25ec4c70bbf9dad238648b9b9a11b4222f1685883fb5b5e3bb7288459d86ed3f585959b07553c58e64ddb0d4fe832fbc6026d6036af406e25579e931b1a4b7983b2a5cd777e538f14b7f92cb5bacbc51a7c94c7d80403155eccc414668b59d27402ab21c87021c81dcffb1000c0e39f31cdd8ca99fc5e2ba04cba79389b2c44952c96d8ab8d145d4e034dc2c5159a1db25daad3fe5e2abe3abdc8a0afe344a92a4fa61b74345062f57359c9ff2e3cc758dbc3cda7ba30abd1528b6ba055cb8e79d62f3e54486ff5d0ab41e318108d83973752903bd00fe2a5c86b6e8938148056df4167994ae22efcb69318bbd7a9fc36378c01c360bd90ca3ca3b32a032f2378db49f9dc9a07757c5caaf5f7a91612a292198067d746629afdf1f85cec9148430c7533681062983729f5083b0a0957c11eb91c5cf06d2ab20bc018a4f41d72ed661663bdd98999b6b372a098f87e077a2b4b9e601f759e84160ff85d0f3993bc60914976815cf7c0d2d85346bb8b97382c329d4fd5fff90511880d903d6d4f777d388731a2c9ea4a4894d1b7ea6635af811617f8a8b93675c66d4ac11c57024d471d9e78ea14c9b0b29ec124eb4fbf9481361fe59b7c9ca31bec3fd70101f7a3c8afbed7c8bb4dba5526beea8f14c75b486625b175bea43914974dff5b1615808581293114a520a7327f804b16148fae074b6955cc96d536519cfff3f30d78b8ce57fd4b17606c74671af770be25064fe6e52e9d1e7d02a640ba846103f9ff51f1837f9dd0ed5eba93093c328bd9966c219cb1fecd91e6f218b501555ea5641d5590d42471ceb6bbd099f56433032b4a60041d03e72cd99fd2157ae36cf230564ef2474dfdcc9924ccdfc99978515c8524b91534d1ef98bef967322ba58f712ccdb749e27c2ee636e01ec7f5d3392341e4dd6f267200ef41d8ebbffbf353e9f8555e9d964c37cdfe7ef312f58ce1618ee20ee5928bff739674d7055c7ebdb3b24fa2fe9017638a5cae3becf0ca9043c58c9339bb25f45b9a64de6f5a16c3a9f3f22101b2c5d2fcb786e76c639978c8632b597f776bd2dfee7fe32f739fbf3edf4422bfada63f8c58802b9c1e30ba56547c9bffb77bc331beffc2bb5d4c4c9edc6f254966fd045dbde833c294ee879126b491cf5fadb3832716019274471c3065bd8935fcd0ec9e9d852170e8ff5aeb9b99575444e21288e36f93c3f893568bf68469e0b71b5ca9263ac80d23f98f94c27fcf5a2e9460578716c52ca62ab09468fa681135a76a16b2a3f1a24c34fd408fe5da143a5fa6e0f1f6f8c3bc0356169958488b48b01bc792b48974a87a0ade1533f3bebd0beabbe3fe6750123f20adc2103b7576ff73c0567ec81db0d805e5dff4ecf2d48000689bd4abcc2a5e0a17b0fe03c4dc75103ea42f468649b05c733b0a0a19ba6c0c48c314c1a888baabc60f80c9c2599c2583927d41080ab34f53c00564185b1a32e29834bff29d20285e2ef42b63c862c98d96e5bebd4a6213a7e73284d6cf25914d724536332dbb041816b7ddc2e3f4ce6ac5a6965cb888d6ba37a126def283b622f03a852563e67803b9e396a27ba54e86f00e5704721d999662ebb2f6ff341e02e9e0cf39111de8e19655ff6d2b0bf31afa9052f7b87fb12cc5f5bc66eec79e6c2f77b546f0e1991aa610ca0e96091652b18bec5cf6cf2ea0869d755c626589bb99a83f6ce19aaa612d078b31ac79a51f88b3c7f0c8739bb5d28b257047569822b9bda0f3c3304932b3973edf7f03764748baac91af53815bfc9e5d3a46ed6452178fdf3279adaa44c88997a065e239fab7c637c7356a2c2ab81e666c4e590fcc0869729d86c86701a37303f42fbe949f80c411b0cd3d73fdeab23de689ccce63f2654508d40e1c079a084437ac922248c459b1a9cca68367337027552eb6d4acdaa8d619fc67c7a60e6a60c47532101ea31bc6a3562e4ccc7045e34e2e3ee70d86b2b9a450cebc6605882519e40391dbfb2db35427a8bf1f9628154f0aee8f2a210c22c74ec4a026da4f2ba947cb663bf150e8ae464bcd34b3fd750ee0a89209b2454fe4e05d5b1534f08e2c67cf0ebfe661b55366613f7ce0fc61a9d61cd13c364dd06e1b8917f4b03aac6b27b16d5ac6bb6ffd38b080d9189dbb693f15e4684e317e6894f57a1ab44519a5ea52a4f716a10487ac848bbf88bc3854bc50ae1df91f2659f65617ee3ae383dd5bc229564ac07723659cbe46f69065e884301730642c904c0ec75524ebee871a5ba9fb629338eb9ec920714711a411fea3a8daf56d86023a64687c92f80d3280e1544a772a1ba0d0cd4bcb87bb6272bbeeb814a843631e63c38e8c6bc0aba9bba0f7cc7df3357ff416646693a88a6ee44f854104113150d11f2bb0c5c763faf943d95954c0c758db50158ee7c8011e2e2cfdee566676765c84be5f77284aaff0a43f3f82081959c20289f3ce00e7e77d5085c1f890b59ac6714f42c5c2d0599ca5c927dbcc894598eddca5ddea6c918b32b61d9cc28c0250dec1db26f9d29c41724578a5f43a9e7527c395f0b829918c1b740e4eaf460de61256e5a8c713fde4ce517036c1b10ffecd821bea796063db23f3e4e313fbc43a63aecf61de256fd4ebfa876feb10ce4f9f801351c33928ce07b00c12e2727b654c737549c0b94487e0dda382cb954d37a4808324a15e6980e9f12042d09ca937a9344d7efabf56a27a8347a57c6513db91377c672e0e8233786f5bbed3484e4402226bf09bfcc20b7671de056dc2db2d879292f435eeb929b0188623fd96e1454317bb8d5238c593503d1c91723d19dc7ad18adfcd1b98ce3f9b4cb644c1cdba90beeff9562601db70e251cd264409b27f206ed8fde81f648b34e358d7ff50846d8df3801d1605e94698e20eedbb2a48acac068f247ed18cfa044f3afb441f8ec282d8dae13646095b2a23f4b05499645751c3c69528bdc3f1af8da684a22f2b77d576cc1515cb8b8c914ebb9e73e8fcfaf487d7ff899eaefad062c5a16979634509aac796dcef0310bcb712b3f6fa27e9c8230df6090df0d88efbaca1e1ef439dbc7ece18353bc54303476b1357c00ec4578b440f60a7eae281b3bbd21ca122a2e66c5855a528eddd73d1eef7ced7177483797d94bdeb65b451674b9b600d4f85f4358af1787faa8dfa8fb03fae77ae911eaf66efc4f4b45b74e550048090ed5b073d5b8b66c749c5fc093ffbb4b5e41ef7529883b50a4150c1f672fe772528de2fe6264cf8e1634dd489b42030caa0a9ec75cb813b3432e734ef58856407bf070c132ed9d46f85cc2986574445162208b640e9b2d8b3a69f2d22c4aa4b2b0ab3aa279696fec5639d297b5a3fca4b0d082da36128b690fe31aa2e013790d4b7cec62b71aa9bdb00e4638667004fdea126eb0a52f13868fa872efb5658c1dd1"}, &(0x7f0000001080)=0x1008)

23:24:49 executing program 2 (fault-call:0 fault-nth:16):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:50 executing program 3 (fault-call:0 fault-nth:14):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  503.344865] FAULT_INJECTION: forcing a failure.
[  503.344865] name failslab, interval 1, probability 0, space 0, times 0
[  503.361789] IPVS: ftp: loaded support on port[0] = 21
[  503.378722] CPU: 0 PID: 26423 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  503.386655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  503.386694] Call Trace:
[  503.398661]  dump_stack+0x142/0x197
[  503.402295]  should_fail.cold+0x10f/0x159
[  503.406444]  should_failslab+0xdb/0x130
[  503.406456]  __kmalloc_track_caller+0x2ec/0x790
[  503.406470]  ? kstrdup_const+0x48/0x60
[  503.406480]  kstrdup+0x3a/0x70
[  503.422181]  kstrdup_const+0x48/0x60
[  503.425908]  alloc_vfsmnt+0xe5/0x7d0
[  503.429628]  clone_mnt+0x70/0xee0
[  503.433087]  ? is_subdir+0x222/0x389
[  503.436808]  copy_tree+0x33b/0x8a0
[  503.440361]  copy_mnt_ns+0x11c/0x8c0
[  503.444079]  ? kmem_cache_alloc+0x611/0x780
[  503.448391]  ? selinux_capable+0x36/0x40
[  503.452444]  create_new_namespaces+0xc9/0x720
[  503.456954]  ? ns_capable_common+0x12c/0x160
[  503.461363]  copy_namespaces+0x284/0x310
[  503.465416]  copy_process.part.0+0x2603/0x6a70
[  503.469998]  ? proc_fail_nth_write+0x7d/0x180
[  503.474485]  ? proc_cwd_link+0x1b0/0x1b0
[  503.478538]  ? __cleanup_sighand+0x50/0x50
[  503.482762]  ? lock_downgrade+0x740/0x740
[  503.486899]  _do_fork+0x19e/0xce0
[  503.490355]  ? fork_idle+0x280/0x280
[  503.494055]  ? fput+0xd4/0x150
[  503.497242]  ? SyS_write+0x15e/0x230
[  503.500941]  SyS_clone+0x37/0x50
[  503.504313]  ? sys_vfork+0x30/0x30
[  503.507845]  do_syscall_64+0x1e8/0x640
[  503.511716]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  503.516729]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  503.521913] RIP: 0033:0x45a6f9
[  503.525092] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  503.532785] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
23:24:50 executing program 0:
creat(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:50 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000000000)={0x9, 0x6, 0xd52, 0x200})

[  503.540042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  503.547312] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  503.554582] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  503.561836] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  503.608109] FAULT_INJECTION: forcing a failure.
[  503.608109] name failslab, interval 1, probability 0, space 0, times 0
[  503.621471] CPU: 0 PID: 26425 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  503.629384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  503.638742] Call Trace:
[  503.641333]  dump_stack+0x142/0x197
[  503.644974]  should_fail.cold+0x10f/0x159
[  503.649130]  should_failslab+0xdb/0x130
[  503.649143]  kmem_cache_alloc+0x2d7/0x780
[  503.649167]  ? rwsem_down_read_failed+0x390/0x390
[  503.649181]  alloc_vfsmnt+0x28/0x7d0
[  503.649192]  clone_mnt+0x70/0xee0
[  503.657314]  copy_tree+0xd0/0x8a0
[  503.657328]  ? call_rwsem_down_write_failed+0x17/0x30
[  503.657345]  copy_mnt_ns+0x11c/0x8c0
[  503.657354]  ? kmem_cache_alloc+0x611/0x780
[  503.657366]  ? selinux_capable+0x36/0x40
[  503.657380]  create_new_namespaces+0xc9/0x720
[  503.694686]  ? ns_capable_common+0x12c/0x160
[  503.699082]  copy_namespaces+0x284/0x310
[  503.703138]  copy_process.part.0+0x2603/0x6a70
[  503.707723]  ? proc_fail_nth_write+0x7d/0x180
[  503.712210]  ? proc_cwd_link+0x1b0/0x1b0
[  503.716268]  ? __cleanup_sighand+0x50/0x50
[  503.720499]  ? lock_downgrade+0x740/0x740
[  503.724642]  _do_fork+0x19e/0xce0
[  503.728080]  ? fork_idle+0x280/0x280
[  503.731783]  ? fput+0xd4/0x150
[  503.734964]  ? SyS_write+0x15e/0x230
[  503.738681]  SyS_clone+0x37/0x50
[  503.742039]  ? sys_vfork+0x30/0x30
[  503.745587]  do_syscall_64+0x1e8/0x640
[  503.749455]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  503.754287]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  503.759462] RIP: 0033:0x45a6f9
[  503.762642] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  503.770365] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  503.777635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  503.785014] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  503.792279] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  503.799542] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:51 executing program 4:
uname(&(0x7f0000000000)=""/155)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:51 executing program 0:
creat(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:51 executing program 3 (fault-call:0 fault-nth:15):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:51 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000600), 0x80400001, 0x2)
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x80000, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0xd6)
execveat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)=[&(0x7f0000000080)='self-\x00', &(0x7f00000000c0)='GPL.\x97bdev&/em0wlan0.user^/user@\x00', &(0x7f0000000100)='\x9f#\'\x00', &(0x7f0000000140)='/\x00', &(0x7f0000000180)='&lo\x00', &(0x7f00000001c0)='user/$^procvmnet0/+@trusted%\\[posix_acl_accessselinux{keyringsystem.selinux\x00', &(0x7f0000000240)='ppp1*\x00', &(0x7f0000000280)='GPL#\x00', &(0x7f00000002c0)='/%#keyring#\x00'], &(0x7f0000000580)=[&(0x7f0000000380)='bdev\x00', &(0x7f00000003c0)='md5sumi\xdc$/\x00', &(0x7f0000000400)='vmnet0cgroup,^:\'ppp0cpusetmime_typesecurity}\x00', &(0x7f0000000440)='+wlan1^,\x00', &(0x7f0000000480)='posix_acl_access@[\x00', &(0x7f00000004c0)='ppp0).\x00', &(0x7f0000000500)='\x00', &(0x7f0000000540)='\x00'], 0x800)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000005c0)=[@in={0x2, 0x4e22, @multicast1}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}], 0x20)

23:24:51 executing program 2 (fault-call:0 fault-nth:17):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:51 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xf, 0x7, 0x0, 0x1, 0x9, 0x18, "505c966294c8118851e4b02c80d7f30c0c679ab8b93e053e1116ef2426632e60a618f7a397926b51a79ed8b1950b10e87b1e3c07417907fd7fb7ea4a43034e83", "16395ba706be8ca43b85afa2414ad8919e578fcbe9601c3a2954586229003c8db44ea7a14b4b015571af978d9a9167c0724ea990dcaa38a21b5659a296b1951f", "64a1f5c36c61835390839d7fb393fc27b8219b65d57e70219b55be05cef9b936", [0x3, 0x2]})
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
flock(r1, 0xc)

[  504.438198] FAULT_INJECTION: forcing a failure.
[  504.438198] name failslab, interval 1, probability 0, space 0, times 0
[  504.465086] CPU: 1 PID: 26456 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  504.473026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  504.482382] Call Trace:
[  504.484982]  dump_stack+0x142/0x197
[  504.488616]  should_fail.cold+0x10f/0x159
[  504.492777]  should_failslab+0xdb/0x130
[  504.496763]  kmem_cache_alloc+0x2d7/0x780
[  504.500915]  ? find_held_lock+0x35/0x130
[  504.504991]  ? copy_tree+0x4a2/0x8a0
[  504.508712]  alloc_vfsmnt+0x28/0x7d0
[  504.512417]  clone_mnt+0x70/0xee0
[  504.515853]  ? lock_downgrade+0x740/0x740
[  504.520140]  ? do_raw_spin_unlock+0x16b/0x260
[  504.524636]  copy_tree+0x33b/0x8a0
[  504.528171]  copy_mnt_ns+0x11c/0x8c0
[  504.531879]  ? kmem_cache_alloc+0x611/0x780
[  504.536189]  ? selinux_capable+0x36/0x40
[  504.540238]  create_new_namespaces+0xc9/0x720
[  504.544757]  ? ns_capable_common+0x12c/0x160
[  504.549380]  copy_namespaces+0x284/0x310
[  504.553429]  copy_process.part.0+0x2603/0x6a70
[  504.558007]  ? proc_fail_nth_write+0x7d/0x180
[  504.562491]  ? proc_cwd_link+0x1b0/0x1b0
[  504.566548]  ? __cleanup_sighand+0x50/0x50
[  504.570769]  ? lock_downgrade+0x740/0x740
[  504.574917]  _do_fork+0x19e/0xce0
[  504.578356]  ? fork_idle+0x280/0x280
[  504.582054]  ? fput+0xd4/0x150
[  504.585230]  ? SyS_write+0x15e/0x230
[  504.588937]  SyS_clone+0x37/0x50
[  504.592292]  ? sys_vfork+0x30/0x30
[  504.595820]  do_syscall_64+0x1e8/0x640
[  504.599690]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  504.604530]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  504.609706] RIP: 0033:0x45a6f9
[  504.612881] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  504.620591] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  504.627846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  504.635103] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  504.642469] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  504.649742] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  504.662868] FAULT_INJECTION: forcing a failure.
[  504.662868] name failslab, interval 1, probability 0, space 0, times 0
[  504.677477] CPU: 1 PID: 26458 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  504.685425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  504.685431] Call Trace:
[  504.685450]  dump_stack+0x142/0x197
[  504.685470]  should_fail.cold+0x10f/0x159
[  504.685488]  should_failslab+0xdb/0x130
[  504.685498]  kmem_cache_alloc+0x2d7/0x780
[  504.685511]  ? lock_downgrade+0x740/0x740
[  504.685522]  alloc_vfsmnt+0x28/0x7d0
[  504.685532]  clone_mnt+0x70/0xee0
[  504.685540]  ? is_subdir+0x222/0x389
[  504.685552]  copy_tree+0x33b/0x8a0
[  504.685567]  copy_mnt_ns+0x11c/0x8c0
[  504.685575]  ? kmem_cache_alloc+0x611/0x780
[  504.685587]  ? selinux_capable+0x36/0x40
[  504.685601]  create_new_namespaces+0xc9/0x720
[  504.685611]  ? ns_capable_common+0x12c/0x160
[  504.685624]  copy_namespaces+0x284/0x310
[  504.685636]  copy_process.part.0+0x2603/0x6a70
[  504.685653]  ? proc_fail_nth_write+0x7d/0x180
[  504.685664]  ? proc_cwd_link+0x1b0/0x1b0
[  504.697654]  ? __cleanup_sighand+0x50/0x50
[  504.697669]  ? lock_downgrade+0x740/0x740
[  504.697684]  _do_fork+0x19e/0xce0
[  504.697697]  ? fork_idle+0x280/0x280
[  504.697710]  ? fput+0xd4/0x150
[  504.788684]  ? SyS_write+0x15e/0x230
[  504.792557]  SyS_clone+0x37/0x50
[  504.795905]  ? sys_vfork+0x30/0x30
[  504.799454]  do_syscall_64+0x1e8/0x640
[  504.803350]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  504.808196]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  504.813388] RIP: 0033:0x45a6f9
[  504.816562] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  504.824275] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  504.832662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:24:51 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
accept4$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000040)=0x1c, 0x80800)
clone(0x1000000, 0x0, 0x0, 0x0, 0x0)

[  504.839922] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  504.847233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  504.854509] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:51 executing program 2 (fault-call:0 fault-nth:18):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:51 executing program 1:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
wait4(r0, &(0x7f0000000000), 0x81000010, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:51 executing program 3 (fault-call:0 fault-nth:16):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:51 executing program 5:
clone(0x1000000, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x18}}}, 0x24)

23:24:51 executing program 0:
creat(0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f00000005c0)='/selinux/status\x00', 0x0, 0x0)
getsockname$unix(r2, &(0x7f0000000600)=@abs, &(0x7f0000000680)=0x6e)
getpid()
perf_event_open(&(0x7f000001d000)={0x1, 0xfffffe70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r3 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg(r3, &(0x7f0000004e80), 0x4000000000003e5, 0x0)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
r5 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r5)
r6 = openat$cgroup_ro(r5, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$TUNSETVNETHDRSZ(r6, 0x400454d8, &(0x7f0000000b80)=0xdd69)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/cachefiles\x00', 0xb04a2e29588d2101, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r9, 0x4040aea4, &(0x7f0000000b00)={0x608, 0x1, 0x1, 0x1, 0x7})
ioctl$VHOST_GET_FEATURES(0xffffffffffffffff, 0x8008af00, &(0x7f0000000ac0))
r10 = open(&(0x7f0000000080)='./file0/bus\x00', 0x0, 0x0)
r11 = accept4$tipc(r10, &(0x7f00000006c0)=@name, &(0x7f0000000700)=0x10, 0x80000)
sendmsg$tipc(r11, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a00), 0x0, 0x0, 0x0, 0x84}, 0x40050)
fchdir(r10)
openat$cgroup_ro(r4, &(0x7f0000000bc0)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r10, 0x0, 0x40, &(0x7f0000000cc0)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000000000000000001f00000006000000d00400004003000078020000b8010000f8000000b8010000380400003804000038040000380400003804000006000000", @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/96], @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800f80000000000000000000000000000000000000000000000f32630c21c3200006000534554000000000000000000000000000000000000000000000000000000050000000500000000040000010400005c60000080000000ffff0000020000000100000004000000d6eb000001000000ffff000003000000080000003fc90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800c00000000000000000000000000000000000000000000000000028004453435000000000000000000000000000000000000000000000000000001400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800c000000000000000000000000000000000000000000000000000280045434e00000000000000000000000000000000000000000000000000000030020000000000000000000800000000ff0000000000000073797a5f74756e000000000000000000626f6e64300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000c00027000000000000000000000000000009800c80000000000000000000000000000000000000000000000000030005450524f5859000000000000000000000000000000000000000000000000ffffffff04000000ac14141e4e20000000000003e000000200000000ffffffff697036746e6c3000000000000000000062637366300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002e0003020000000000000000000000000000c800f80000000000000000000000000000000000000000000000000030006168000000000000000000000000000000000000000000000000000000006e04000002000000000000000000000030005450524f58590000000000774ae11b7ebe4bf8bab1d78d0000000000000000000000000000000000000006290000000000c0ac1414bb00ab0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800"/1238], 0x530)
r12 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000c00)='/dev/dlm-monitor\x00', 0x822000, 0x0)
ioctl$KVM_REINJECT_CONTROL(r12, 0xae71, &(0x7f0000000c40)={0xfa})

[  505.008102] FAULT_INJECTION: forcing a failure.
[  505.008102] name failslab, interval 1, probability 0, space 0, times 0
[  505.065900] CPU: 0 PID: 26481 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  505.074200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  505.083573] Call Trace:
[  505.086169]  dump_stack+0x142/0x197
[  505.089875]  should_fail.cold+0x10f/0x159
[  505.094019]  should_failslab+0xdb/0x130
[  505.097986]  __kmalloc_track_caller+0x2ec/0x790
[  505.102653]  ? kstrdup_const+0x48/0x60
[  505.106530]  kstrdup+0x3a/0x70
[  505.109718]  kstrdup_const+0x48/0x60
[  505.113419]  alloc_vfsmnt+0xe5/0x7d0
[  505.117115]  clone_mnt+0x70/0xee0
[  505.120568]  ? lock_downgrade+0x740/0x740
[  505.124983]  ? do_raw_spin_unlock+0x16b/0x260
[  505.129462]  copy_tree+0x33b/0x8a0
[  505.133017]  copy_mnt_ns+0x11c/0x8c0
[  505.136734]  ? kmem_cache_alloc+0x611/0x780
[  505.143066]  ? selinux_capable+0x36/0x40
[  505.147158]  create_new_namespaces+0xc9/0x720
[  505.151650]  ? ns_capable_common+0x12c/0x160
[  505.156073]  copy_namespaces+0x284/0x310
[  505.160131]  copy_process.part.0+0x2603/0x6a70
[  505.164725]  ? proc_fail_nth_write+0x7d/0x180
[  505.169208]  ? proc_cwd_link+0x1b0/0x1b0
[  505.173264]  ? __cleanup_sighand+0x50/0x50
[  505.177496]  ? lock_downgrade+0x740/0x740
[  505.181636]  _do_fork+0x19e/0xce0
[  505.185077]  ? fork_idle+0x280/0x280
[  505.188780]  ? fput+0xd4/0x150
[  505.191957]  ? SyS_write+0x15e/0x230
[  505.195654]  SyS_clone+0x37/0x50
[  505.199004]  ? sys_vfork+0x30/0x30
[  505.202530]  do_syscall_64+0x1e8/0x640
[  505.206397]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  505.211402]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  505.216574] RIP: 0033:0x45a6f9
[  505.219745] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  505.227445] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  505.234707] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  505.241964] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  505.249228] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  505.256486] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:51 executing program 5:
clone(0x30000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$mice(&(0x7f00000006c0)='/dev/input/mice\x00', 0x0, 0x8000)
setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000700)=0x8, 0x4)
r1 = getpgrp(0x0)
process_vm_writev(r1, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/148, 0x94}, {&(0x7f00000000c0)=""/91, 0x5b}, {&(0x7f0000000140)=""/121, 0x79}, {&(0x7f00000001c0)=""/199, 0xc7}, {&(0x7f00000002c0)=""/242, 0xf2}, {&(0x7f00000003c0)=""/202, 0xca}], 0x6, &(0x7f0000000680)=[{&(0x7f0000000540)=""/56, 0x38}, {&(0x7f0000000580)=""/225, 0xe1}], 0x2, 0x0)

23:24:52 executing program 4:
prctl$PR_SVE_SET_VL(0x32, 0x3e271)

[  505.335472] FAULT_INJECTION: forcing a failure.
[  505.335472] name failslab, interval 1, probability 0, space 0, times 0
[  505.360803] CPU: 0 PID: 26487 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  505.368764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  505.378118] Call Trace:
[  505.380705]  dump_stack+0x142/0x197
23:24:52 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x24003, 0x0)
timerfd_settime(r0, 0x789afd79e52fa6f4, &(0x7f00000000c0)={{0x77359400}}, &(0x7f0000000100))
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000040)={0x5, 0x1f, 0x2, 0x200})

[  505.380724]  should_fail.cold+0x10f/0x159
[  505.380740]  should_failslab+0xdb/0x130
[  505.380752]  __kmalloc_track_caller+0x2ec/0x790
[  505.380769]  ? kstrdup_const+0x48/0x60
[  505.380781]  kstrdup+0x3a/0x70
[  505.380792]  kstrdup_const+0x48/0x60
[  505.380803]  alloc_vfsmnt+0xe5/0x7d0
[  505.380817]  clone_mnt+0x70/0xee0
[  505.415099]  ? is_subdir+0x222/0x389
[  505.418823]  copy_tree+0x33b/0x8a0
[  505.422380]  copy_mnt_ns+0x11c/0x8c0
[  505.426095]  ? kmem_cache_alloc+0x611/0x780
[  505.430438]  ? selinux_capable+0x36/0x40
[  505.434606]  create_new_namespaces+0xc9/0x720
[  505.439106]  ? ns_capable_common+0x12c/0x160
[  505.443522]  copy_namespaces+0x284/0x310
[  505.447577]  copy_process.part.0+0x2603/0x6a70
[  505.452157]  ? proc_fail_nth_write+0x7d/0x180
[  505.456643]  ? proc_cwd_link+0x1b0/0x1b0
[  505.460712]  ? __cleanup_sighand+0x50/0x50
[  505.464958]  ? lock_downgrade+0x740/0x740
[  505.469431]  _do_fork+0x19e/0xce0
[  505.469444]  ? fork_idle+0x280/0x280
[  505.476621]  ? fput+0xd4/0x150
[  505.479807]  ? SyS_write+0x15e/0x230
[  505.483540]  SyS_clone+0x37/0x50
[  505.486900]  ? sys_vfork+0x30/0x30
[  505.490546]  do_syscall_64+0x1e8/0x640
[  505.494486]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  505.499325]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  505.504506] RIP: 0033:0x45a6f9
[  505.507677] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  505.515375] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  505.522742] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:24:52 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  505.530153] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  505.537440] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  505.544709] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:52 executing program 2 (fault-call:0 fault-nth:19):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:52 executing program 4:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$SOUND_MIXER_WRITE_RECSRC(r0, 0xc0044dff, &(0x7f0000000080)=0x400)
clone(0x20000000, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x1)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$SOUND_MIXER_INFO(r1, 0x805c4d65, &(0x7f0000000000))

23:24:52 executing program 3 (fault-call:0 fault-nth:17):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:52 executing program 5:
clone(0x40805000, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000380)={0x6, 0x1, 0x8, 0x5800, r0})
sendmsg$sock(r0, &(0x7f00000001c0)={&(0x7f0000000040)=@in6={0xa, 0x4e21, 0x21f, @ipv4={[], [], @loopback}, 0x8813}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="c8e427005c568c4e932f1d899a0579112962fe1483b2c4ef4f6333ac357b0f6735476bd1b80bb32bece928da888e86314c666f246dc2ae212df9a0e3b33c3857892ccc58e500b33f2fc43d80a0cb2cc11cf9f622093124b3b52e8989792901ad00df5fd7f073ca4f7a562941eecfff219f05a549eca87612ca75713bf9a1918ebe40fd5920e14f8fbbd802d6de14abc0f16910b870d0fd192a544ba533721cba52d1da44afbb", 0xa6}], 0x1, &(0x7f0000000280)=[@mark={{0x14, 0x1, 0x24, 0x9}}, @mark={{0x14, 0x1, 0x24, 0xfff}}, @timestamping={{0x14, 0x1, 0x25, 0xffffffff}}, @txtime={{0x18, 0x1, 0x3d, 0x6}}, @txtime={{0x18, 0x1, 0x3d, 0x10000}}, @timestamping={{0x14}}], 0x90}, 0x6000000)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$SNDCTL_DSP_NONBLOCK(r0, 0x500e, 0x0)
write$P9_RLCREATE(r0, &(0x7f0000000200)={0x18, 0xf, 0x1, {{0x40, 0x3, 0x2}, 0x80000001}}, 0x18)

23:24:52 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:52 executing program 1:
r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x10001, 0x10302)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x9)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_inet_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  505.663252] FAULT_INJECTION: forcing a failure.
[  505.663252] name failslab, interval 1, probability 0, space 0, times 0
[  505.744571] CPU: 1 PID: 26530 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  505.752620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  505.761984] Call Trace:
[  505.764583]  dump_stack+0x142/0x197
[  505.768228]  should_fail.cold+0x10f/0x159
[  505.772391]  should_failslab+0xdb/0x130
[  505.776380]  kmem_cache_alloc+0x2d7/0x780
[  505.780585]  ? find_held_lock+0x35/0x130
[  505.784651]  ? copy_tree+0x4a2/0x8a0
[  505.788373]  alloc_vfsmnt+0x28/0x7d0
[  505.792095]  clone_mnt+0x70/0xee0
[  505.795558]  ? lock_downgrade+0x740/0x740
[  505.799718]  ? do_raw_spin_unlock+0x16b/0x260
[  505.804398]  copy_tree+0x33b/0x8a0
[  505.808121]  copy_mnt_ns+0x11c/0x8c0
[  505.811843]  ? kmem_cache_alloc+0x611/0x780
[  505.816197]  ? selinux_capable+0x36/0x40
[  505.820269]  create_new_namespaces+0xc9/0x720
[  505.824760]  ? ns_capable_common+0x12c/0x160
[  505.829172]  copy_namespaces+0x284/0x310
[  505.833451]  copy_process.part.0+0x2603/0x6a70
[  505.838100]  ? proc_fail_nth_write+0x7d/0x180
[  505.842601]  ? proc_cwd_link+0x1b0/0x1b0
[  505.846682]  ? __cleanup_sighand+0x50/0x50
[  505.850923]  ? lock_downgrade+0x740/0x740
[  505.855082]  _do_fork+0x19e/0xce0
[  505.858586]  ? fork_idle+0x280/0x280
[  505.862306]  ? fput+0xd4/0x150
[  505.865578]  ? SyS_write+0x15e/0x230
[  505.869557]  SyS_clone+0x37/0x50
[  505.873069]  ? sys_vfork+0x30/0x30
[  505.876621]  do_syscall_64+0x1e8/0x640
[  505.880507]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  505.885367]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  505.890563] RIP: 0033:0x45a6f9
[  505.893741] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  505.901450] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  505.908728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  505.916144] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  505.923505] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  505.930785] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:52 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  505.944095] FAULT_INJECTION: forcing a failure.
[  505.944095] name failslab, interval 1, probability 0, space 0, times 0
[  505.956096] CPU: 1 PID: 26534 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  505.964003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  505.964008] Call Trace:
[  505.964026]  dump_stack+0x142/0x197
[  505.964045]  should_fail.cold+0x10f/0x159
[  505.964061]  should_failslab+0xdb/0x130
[  505.964072]  kmem_cache_alloc+0x2d7/0x780
[  505.964083]  ? find_held_lock+0x35/0x130
[  505.964093]  ? copy_tree+0x4a2/0x8a0
[  505.964105]  alloc_vfsmnt+0x28/0x7d0
[  505.964117]  clone_mnt+0x70/0xee0
[  505.983945]  ? lock_downgrade+0x740/0x740
[  505.983958]  ? do_raw_spin_unlock+0x16b/0x260
[  505.983972]  copy_tree+0x33b/0x8a0
[  505.983990]  copy_mnt_ns+0x11c/0x8c0
[  505.983998]  ? kmem_cache_alloc+0x611/0x780
[  505.984010]  ? selinux_capable+0x36/0x40
[  505.984024]  create_new_namespaces+0xc9/0x720
[  505.984033]  ? ns_capable_common+0x12c/0x160
23:24:52 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  505.984044]  copy_namespaces+0x284/0x310
[  505.984057]  copy_process.part.0+0x2603/0x6a70
[  505.984074]  ? proc_fail_nth_write+0x7d/0x180
[  505.984082]  ? proc_cwd_link+0x1b0/0x1b0
[  505.984100]  ? __cleanup_sighand+0x50/0x50
[  505.984110]  ? lock_downgrade+0x740/0x740
[  505.984124]  _do_fork+0x19e/0xce0
[  505.984136]  ? fork_idle+0x280/0x280
[  505.984149]  ? fput+0xd4/0x150
[  505.984159]  ? SyS_write+0x15e/0x230
[  505.996337]  SyS_clone+0x37/0x50
[  505.996347]  ? sys_vfork+0x30/0x30
[  505.996366]  do_syscall_64+0x1e8/0x640
[  505.996377]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  505.996391]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  505.996399] RIP: 0033:0x45a6f9
[  505.996404] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  505.996414] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  505.996420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  505.996425] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  505.996431] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
23:24:52 executing program 2 (fault-call:0 fault-nth:20):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:52 executing program 1:
clone(0x1800000, 0x0, 0x0, 0x0, 0x0)

23:24:52 executing program 3 (fault-call:0 fault-nth:18):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  505.996436] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  506.174692] FAULT_INJECTION: forcing a failure.
[  506.174692] name failslab, interval 1, probability 0, space 0, times 0
[  506.201153] CPU: 1 PID: 26553 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  506.209101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  506.218468] Call Trace:
[  506.221248]  dump_stack+0x142/0x197
[  506.224916]  should_fail.cold+0x10f/0x159
[  506.229214]  should_failslab+0xdb/0x130
[  506.233218]  __kmalloc_track_caller+0x2ec/0x790
[  506.237907]  ? kstrdup_const+0x48/0x60
[  506.241814]  kstrdup+0x3a/0x70
[  506.245024]  kstrdup_const+0x48/0x60
[  506.248758]  alloc_vfsmnt+0xe5/0x7d0
[  506.252484]  clone_mnt+0x70/0xee0
[  506.255951]  ? lock_downgrade+0x740/0x740
[  506.260106]  ? do_raw_spin_unlock+0x16b/0x260
[  506.264614]  copy_tree+0x33b/0x8a0
[  506.268178]  copy_mnt_ns+0x11c/0x8c0
[  506.271900]  ? kmem_cache_alloc+0x611/0x780
[  506.276239]  ? selinux_capable+0x36/0x40
[  506.280336]  create_new_namespaces+0xc9/0x720
[  506.284842]  ? ns_capable_common+0x12c/0x160
[  506.289260]  copy_namespaces+0x284/0x310
[  506.293342]  copy_process.part.0+0x2603/0x6a70
[  506.297955]  ? proc_fail_nth_write+0x7d/0x180
[  506.302459]  ? proc_cwd_link+0x1b0/0x1b0
[  506.306544]  ? __cleanup_sighand+0x50/0x50
[  506.310800]  ? lock_downgrade+0x740/0x740
[  506.315052]  _do_fork+0x19e/0xce0
[  506.318515]  ? fork_idle+0x280/0x280
[  506.322252]  ? fput+0xd4/0x150
[  506.325448]  ? SyS_write+0x15e/0x230
[  506.329174]  SyS_clone+0x37/0x50
[  506.332542]  ? sys_vfork+0x30/0x30
[  506.336099]  do_syscall_64+0x1e8/0x640
[  506.340003]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  506.344871]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:24:53 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  506.350064] RIP: 0033:0x45a6f9
[  506.353251] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  506.360970] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  506.368362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  506.375643] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  506.386576] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  506.393865] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:53 executing program 1:
clone(0x200000, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
accept4$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000040)=0x1c, 0xc0800)

[  506.579578] FAULT_INJECTION: forcing a failure.
[  506.579578] name failslab, interval 1, probability 0, space 0, times 0
[  506.596204] CPU: 1 PID: 26558 Comm: syz-executor.3 Not tainted 4.14.158-syzkaller #0
[  506.604126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  506.613494] Call Trace:
[  506.616095]  dump_stack+0x142/0x197
[  506.619747]  should_fail.cold+0x10f/0x159
[  506.623914]  should_failslab+0xdb/0x130
[  506.627904]  __kmalloc_track_caller+0x2ec/0x790
[  506.632706]  ? kstrdup_const+0x48/0x60
[  506.636610]  kstrdup+0x3a/0x70
[  506.639817]  kstrdup_const+0x48/0x60
[  506.643542]  alloc_vfsmnt+0xe5/0x7d0
[  506.647265]  clone_mnt+0x70/0xee0
[  506.651597]  ? lock_downgrade+0x740/0x740
[  506.655771]  ? do_raw_spin_unlock+0x16b/0x260
[  506.660282]  copy_tree+0x33b/0x8a0
[  506.663867]  copy_mnt_ns+0x11c/0x8c0
[  506.667623]  ? kmem_cache_alloc+0x611/0x780
[  506.671964]  ? selinux_capable+0x36/0x40
[  506.676045]  create_new_namespaces+0xc9/0x720
[  506.680559]  ? ns_capable_common+0x12c/0x160
[  506.684988]  copy_namespaces+0x284/0x310
[  506.689067]  copy_process.part.0+0x2603/0x6a70
[  506.693675]  ? proc_fail_nth_write+0x7d/0x180
[  506.698186]  ? proc_cwd_link+0x1b0/0x1b0
[  506.702271]  ? __cleanup_sighand+0x50/0x50
[  506.706509]  ? lock_downgrade+0x740/0x740
[  506.710669]  _do_fork+0x19e/0xce0
[  506.714132]  ? fork_idle+0x280/0x280
[  506.717856]  ? fput+0xd4/0x150
[  506.721057]  ? SyS_write+0x15e/0x230
[  506.724782]  SyS_clone+0x37/0x50
[  506.728178]  ? sys_vfork+0x30/0x30
[  506.731728]  do_syscall_64+0x1e8/0x640
[  506.735624]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  506.740482]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  506.745677] RIP: 0033:0x45a6f9
[  506.748872] RSP: 002b:00007f0850ae1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  506.756587] RAX: ffffffffffffffda RBX: 00007f0850ae1c90 RCX: 000000000045a6f9
[  506.763861] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  506.771226] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:24:53 executing program 4:
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  506.778620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0850ae26d4
[  506.785897] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:53 executing program 2 (fault-call:0 fault-nth:21):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:53 executing program 5:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80000, 0x0)
write$P9_RWALK(r0, &(0x7f0000000040)={0x64, 0x6f, 0x2, {0x7, [{0x10, 0x3, 0x5}, {0xd360e0f51f290d8a, 0x3, 0x3}, {0x8, 0x4, 0x8}, {0x13, 0x4, 0x3}, {0x8, 0x2, 0x7}, {0x80, 0x4, 0x1}, {0x0, 0x0, 0x7}]}}, 0x64)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x12)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x201001}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, r2, 0x4, 0x70bd26, 0x25dfdbfe, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x1, @link='syz1\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0xc12aef7f8cb35f00)

23:24:53 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:53 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000080)={0x3ff})

[  506.966235] audit: type=1400 audit(1575674693.656:104): avc:  denied  { create } for  pid=26587 comm="syz-executor.5" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_scsitransport_socket permissive=1
23:24:53 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:53 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:53 executing program 4:
socket$inet(0x10, 0x0, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2081001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
syz_open_dev$vcsa(&(0x7f00000002c0)='/dev/vcsa\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @local}, 0x14)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000d0400"/20, @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r6, 0x0, r6)
perf_event_open(&(0x7f0000000380)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
munmap(&(0x7f00000c6000/0x3000)=nil, 0x3000)
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, &(0x7f0000000000)="17ad26722ed4c63d8024b2b0135075688d9a5f96a9c854fdd192f1d5e15d31268ea245f0acd709833183d0f3aeacf450e07a1d89a2822cfe8facc0c971fc17217137d5c446c670255bc38d59f3", 0x4d)
bind$inet(r7, &(0x7f0000000100)={0x2, 0x4e20, @multicast2}, 0x10)
r8 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
sendto$inet(r7, 0x0, 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  507.098063] FAULT_INJECTION: forcing a failure.
[  507.098063] name failslab, interval 1, probability 0, space 0, times 0
[  507.147592] CPU: 1 PID: 26590 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  507.155637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  507.165003] Call Trace:
[  507.167610]  dump_stack+0x142/0x197
[  507.171256]  should_fail.cold+0x10f/0x159
[  507.175419]  should_failslab+0xdb/0x130
[  507.179388]  kmem_cache_alloc+0x2d7/0x780
[  507.183531]  ? find_held_lock+0x35/0x130
[  507.187586]  ? copy_tree+0x4a2/0x8a0
[  507.191301]  alloc_vfsmnt+0x28/0x7d0
[  507.197344]  clone_mnt+0x70/0xee0
[  507.200784]  ? lock_downgrade+0x740/0x740
[  507.204939]  ? do_raw_spin_unlock+0x16b/0x260
[  507.209419]  copy_tree+0x33b/0x8a0
[  507.212948]  copy_mnt_ns+0x11c/0x8c0
[  507.216646]  ? kmem_cache_alloc+0x611/0x780
[  507.220955]  ? selinux_capable+0x36/0x40
[  507.225003]  create_new_namespaces+0xc9/0x720
[  507.229501]  ? ns_capable_common+0x12c/0x160
[  507.233899]  copy_namespaces+0x284/0x310
[  507.237947]  copy_process.part.0+0x2603/0x6a70
[  507.242522]  ? proc_fail_nth_write+0x7d/0x180
[  507.247000]  ? proc_cwd_link+0x1b0/0x1b0
[  507.251049]  ? __cleanup_sighand+0x50/0x50
[  507.255268]  ? lock_downgrade+0x740/0x740
[  507.259401]  _do_fork+0x19e/0xce0
[  507.262847]  ? fork_idle+0x280/0x280
[  507.266545]  ? fput+0xd4/0x150
[  507.269808]  ? SyS_write+0x15e/0x230
[  507.273509]  SyS_clone+0x37/0x50
[  507.276860]  ? sys_vfork+0x30/0x30
[  507.280384]  do_syscall_64+0x1e8/0x640
[  507.284267]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  507.289116]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  507.294301] RIP: 0033:0x45a6f9
[  507.297475] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  507.305169] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  507.312439] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  507.319711] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  507.326989] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  507.334272] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:54 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = dup3(r0, 0xffffffffffffffff, 0x180000)
ioctl$KDENABIO(r1, 0x4b36)

23:24:54 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
ioctl$NS_GET_USERNS(r3, 0xb701, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f00009fe000/0x600000)=nil, 0x600000, 0x0, 0x44010, r2, 0x631ac000)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
r4 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r4, 0x7, &(0x7f0000027000)={0x1})
r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cachefiles\x00', 0x0, 0x0)
close(r5)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r5, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r7, 0xffff}}, 0x10)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r4, &(0x7f0000000140)={0x5, 0x10, 0xfa00, {&(0x7f0000000380), r7, 0x2}}, 0x18)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000280)={{0x2, 0x4e20, @loopback}, {0x6, @local}, 0x0, {0x2, 0x4e20, @remote}, 'erspa\v\xc21\x19\x00\x00\x7f\x02\x00'})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000300)={0x8, <r8=>0x0, 0x0, 0x7})
ioctl$DRM_IOCTL_SG_FREE(r4, 0x40106439, &(0x7f0000000580)={0xfffffffffffffffb, r8})
open(&(0x7f0000000180)='./bus\x00', 0x80001, 0x0)
write$FUSE_WRITE(r0, &(0x7f0000000100)={0x18, 0x0, 0x4, {0x3b46}}, 0x18)
statfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/142)

23:24:54 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000000)={'vlan0\x00', {0x2, 0x4e24, @multicast2}})
clone(0x41c00, 0x0, 0x0, 0x0, 0x0)

23:24:54 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4220240c}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040}, 0x4000)

23:24:54 executing program 2 (fault-call:0 fault-nth:22):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:54 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:54 executing program 1:
clone(0xac5fe43412598935, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCAX25DELFWD(0xffffffffffffffff, 0x89eb, &(0x7f0000000000)={@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})
r0 = semget(0x1, 0x2, 0x10)
semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000040)=""/58)

[  507.596655] FAULT_INJECTION: forcing a failure.
[  507.596655] name failslab, interval 1, probability 0, space 0, times 0
[  507.666683] CPU: 1 PID: 26636 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  507.674632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  507.684018] Call Trace:
[  507.686609]  dump_stack+0x142/0x197
[  507.686627]  should_fail.cold+0x10f/0x159
[  507.686643]  should_failslab+0xdb/0x130
[  507.698377]  __kmalloc_track_caller+0x2ec/0x790
[  507.698394]  ? kstrdup_const+0x48/0x60
[  507.698405]  kstrdup+0x3a/0x70
[  507.710125]  kstrdup_const+0x48/0x60
[  507.713840]  alloc_vfsmnt+0xe5/0x7d0
[  507.717557]  clone_mnt+0x70/0xee0
[  507.721005]  ? lock_downgrade+0x740/0x740
[  507.725148]  ? do_raw_spin_unlock+0x16b/0x260
[  507.729636]  copy_tree+0x33b/0x8a0
[  507.733172]  copy_mnt_ns+0x11c/0x8c0
[  507.736868]  ? kmem_cache_alloc+0x611/0x780
[  507.741183]  ? selinux_capable+0x36/0x40
[  507.745235]  create_new_namespaces+0xc9/0x720
[  507.749715]  ? ns_capable_common+0x12c/0x160
[  507.756826]  copy_namespaces+0x284/0x310
[  507.760872]  copy_process.part.0+0x2603/0x6a70
[  507.765454]  ? proc_fail_nth_write+0x7d/0x180
[  507.769932]  ? proc_cwd_link+0x1b0/0x1b0
[  507.773982]  ? __cleanup_sighand+0x50/0x50
[  507.778202]  ? lock_downgrade+0x740/0x740
[  507.782337]  _do_fork+0x19e/0xce0
[  507.785772]  ? fork_idle+0x280/0x280
[  507.789471]  ? fput+0xd4/0x150
[  507.792649]  ? SyS_write+0x15e/0x230
[  507.796346]  SyS_clone+0x37/0x50
[  507.799708]  ? sys_vfork+0x30/0x30
[  507.804278]  do_syscall_64+0x1e8/0x640
[  507.808149]  ? trace_hardirqs_off_thunk+0x1a/0x1c
23:24:54 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:54 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000080), 0x1, 0x0)
syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x7ff, 0x200)

23:24:54 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x440000, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={<r1=>0x0, 0x5, 0xff, 0x7}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={r1, 0x7b, "ee221a45c0247c5561cd5dcd277722daa6e140a64082244ccdb9d5cc0dbd9939164238ff7036aa955902f531afb9bf46fef9cce1921a6c0a866295f76ee05f3c85dbb2b7291f6e99fc923c2bf43564c99baeae121b963df555cb56d86ed3157a9071bea21979dc151702d4fefa98bed8b6f9d08adf2ca75e786492"}, &(0x7f0000000240)=0x83)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000000c0)={r1, 0x6, 0xaa, "4f0982d5749f0f1f1bc78da66ed135d58eec71f1570c59e8daa28132fa6e646b1558876fe85e11c5e18875222676181757fa29353e53098fdf9b7afd4fbe4842c9eeee64a1c343e6d0ab0061d35e028402c27b4072c35e48efafd7f5e384f380886c806726c85055a3acadc8fd1e49028792898fbe364422bc20e6a80030a9bfc1c1f2ae9943fd76f78d3f3a73d12550c93f67480da50c5eee2e5afa97d6e3c95e426b2b1e6b97c66f03"}, 0xb2)

[  507.812981]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  507.818153] RIP: 0033:0x45a6f9
[  507.821327] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  507.829038] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  507.836292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  507.843546] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  507.850797] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  507.858049] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:54 executing program 5:
creat(&(0x7f0000000300)='./file0\x00', 0x0)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00')
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001ac0)={<r0=>0x0}, 0x0)
waitid(0x0, r0, &(0x7f0000001b40), 0x0, &(0x7f0000001bc0))
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x4, 0x5, 0x0, 0x5}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
getpid()
recvmmsg(r2, &(0x7f0000008880), 0x400000000000059, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0), 0x10)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000ac0), 0x4)
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, 0x0, 0x0)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf31bd4753be30e8c, @perf_config_ext, 0xd02901c74d49813e, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
clone(0x4101000, 0x0, 0x0, 0x0, 0x0)
r6 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0)
sendmsg$kcm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000600)="2c8adad7242f5ced37cd386eb3606d6ffccd638ff933c145ed0b2def87537a3dcc2165696bc57a349771b387ee2886ab857184296cffc2384a109c02612e4f21230d378e2cfdf165d751adb72bb78533e03d84f91cd3d43d2a34f513b966597742bb58a4c080bf82eae40b8021554c2fac661a2836ddf4d1671e60922e8ba1cfd6de4831be70c628c89906092caef232884c39a2926af8f2b5eb8791a91785a8de28f217e98a4d3cf7c3351d38fce4fed8cdbd114b99", 0xb6}, {&(0x7f0000000100)="2cd021947bd63235df71c817a984110bed167837a872c27358417b2207d15a2c05c6d6f752d565ccd9a077e439a439c32f4c8de6a4e73a0fdd22924d5e51b9151af55c758e94e37b074fb2484b7be910bb484164a3ccdc56cb1fd8419b46f9aa3520b1", 0x63}, {&(0x7f0000000180)="3448c356510c14fe19d8821c01f4d3355c1ee7a368f3c2df7329386fd32dc1", 0x1f}, {&(0x7f00000001c0)="138f37bbb881ee238bae20ee417cc4503a40fcda61c5eea02bd9b9d9f581e079b5e4e5e01c10247034665fa8ea329d230e7ea082ed647645acaa08ac02b5e9e631be907dd548ecc6eb51e887cbe65c0c0ad2a7e5fbd010d8ba98c2cd6b2d6222b7dcc3c9ec35c3841cdebf56292fa4c01bedee97242c3f08128022645db0e554189677536383271e36f4c77691c9004309b3a2d185dd6780dabc66013570b4b995b1f28de2702f0784da0d2e714a3a808ce2875cc0ba32a148cebaa710982bd41723b81ce1a9cfbf0907394f7748d73746eb20d8c4af4013e8432e12b30c356edc96222cd2cfa23566c88ae728586f6157242238e020e906bbe3", 0xfa}, {&(0x7f00000002c0)="61040cff24c46f2263e51393ec386844d04aaddb306b2c4b5d24fc5e5c077dddf7a94e", 0x23}, {&(0x7f0000000300)="2c374efdbcd99a8d1947657daedd45dd18a162fe309d24eeb32327febf8878e966fd22fce8f934993032ad3b5b6a5b2b8f3f0e93fc63eeb317d6ed09694398fea4d761a7618672c479539f0e9fa6b0f9969e2960f77a309725afa0725f19c0ae6e57a71723", 0x65}, {&(0x7f0000000380)="78b18c5d4b6f41cd554834ea467ec9235318609fdf8b3a711297aea60087e3e815f367f801f337445c86d5261b8e158325b31a286272a4cb11aafdb2f5d76606b68c0f71f99129677a71dd2335d75ae3f31e0a6d255de8ef6e34521ed65aa74a5c7ff8e134d79e4edaa0fc616c8f60df7b2dd42e31c59a1d19c422c9eb30c34c4a145d71e12e917223c1dc78ff09f061c6fc284c52fd8e78b6a7346ddf44a0c1ab49", 0xa2}, {&(0x7f0000000440)="6e0453017231f832dc8a45d3397cae41042e52f217ba3a814c9f19c2e87f46e662f06cac45704b3458cd615bed7ba84eeaa217e3112e311faa83ddf4939b3e44a940735f6ac502d33a3f4cbafb3419c3848c9016a7c299955dd9d882574dc380deb9429cd3ceedc3ce1b3ea52d9a738f0affbea29d", 0x75}], 0x8}, 0x40)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)

23:24:54 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
openat$cgroup_type(r0, &(0x7f0000000000)='cgroup.type\x00', 0x2, 0x0)

23:24:54 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000000)={0x0, <r0=>0x0})
prlimit64(r0, 0x0, &(0x7f0000000080)={0x0, 0x400}, &(0x7f00000000c0))
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/enforce\x00', 0x840, 0x0)
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000180)={&(0x7f0000ff9000/0x4000)=nil, 0x4000})
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff})
r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3)

[  507.968115] devpts: called with bogus options
23:24:54 executing program 2 (fault-call:0 fault-nth:23):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:54 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x81)

[  508.102511] FAULT_INJECTION: forcing a failure.
[  508.102511] name failslab, interval 1, probability 0, space 0, times 0
[  508.128362] CPU: 0 PID: 26686 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  508.136405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  508.145794] Call Trace:
[  508.148393]  dump_stack+0x142/0x197
23:24:54 executing program 4:
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000000)="6966b923a873931817907970e041a6b274f34e6eda87349c2e23a5e6a3572ce9dc5e6db1e925612a2ef4d63db7978ffb180d09627ce2b7b1c71e42c123973441e2d53a4452c7c88d9d3eb006e301ea17421b301e238e21890308c5fc1f40a70b1e10057cd9039b239df8cf88697c497b5fc8917ff463f8e6d986acef930d662c60e3010d0354473bf9633507b90a214a")
ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000580))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$KDFONTOP_COPY(r1, 0x4b72, &(0x7f0000000540)={0x3, 0x0, 0xb, 0x20, 0xe3, &(0x7f0000000140)})
r2 = getpid()
getsockopt$inet6_dccp_int(r0, 0x21, 0x1, &(0x7f00000005c0), &(0x7f0000000600)=0x4)
sched_setattr(r2, &(0x7f0000000040)={0xfffffffffffffec3, 0x2, 0x1, 0x80000, 0x5, 0x0, 0x800}, 0x0)
timer_create(0x1, &(0x7f00000000c0)={0x0, 0xf, 0x5, @tid=r2}, &(0x7f0000000100))

[  508.152043]  should_fail.cold+0x10f/0x159
[  508.156210]  should_failslab+0xdb/0x130
[  508.160231]  kmem_cache_alloc+0x2d7/0x780
[  508.164393]  ? find_held_lock+0x35/0x130
[  508.164406]  ? copy_tree+0x4a2/0x8a0
[  508.164417]  alloc_vfsmnt+0x28/0x7d0
[  508.172186]  clone_mnt+0x70/0xee0
[  508.172197]  ? lock_downgrade+0x740/0x740
[  508.172205]  ? do_raw_spin_unlock+0x16b/0x260
[  508.172215]  copy_tree+0x33b/0x8a0
[  508.172230]  copy_mnt_ns+0x11c/0x8c0
[  508.172238]  ? kmem_cache_alloc+0x611/0x780
[  508.172250]  ? selinux_capable+0x36/0x40
[  508.172262]  create_new_namespaces+0xc9/0x720
[  508.172273]  ? ns_capable_common+0x12c/0x160
[  508.212450]  copy_namespaces+0x284/0x310
[  508.216499]  copy_process.part.0+0x2603/0x6a70
[  508.221070]  ? proc_fail_nth_write+0x7d/0x180
[  508.226603]  ? proc_cwd_link+0x1b0/0x1b0
[  508.230668]  ? __cleanup_sighand+0x50/0x50
[  508.234890]  ? lock_downgrade+0x740/0x740
[  508.239023]  _do_fork+0x19e/0xce0
[  508.242467]  ? fork_idle+0x280/0x280
[  508.246168]  ? fput+0xd4/0x150
[  508.249342]  ? SyS_write+0x15e/0x230
[  508.253044]  SyS_clone+0x37/0x50
[  508.256401]  ? sys_vfork+0x30/0x30
[  508.259931]  do_syscall_64+0x1e8/0x640
[  508.263819]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  508.268652]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  508.273826] RIP: 0033:0x45a6f9
[  508.276999] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  508.284708] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  508.291965] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:24:55 executing program 3:
clone(0x787467f9cf81d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, &(0x7f0000000000)=0x7)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x40, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f00000000c0)={<r2=>0x0, 0x1, 0x0, 0x3f}, &(0x7f0000000100)=0x10)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hwrng\x00', 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f00000003c0), &(0x7f0000000400)=0x4)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000140)={r2, 0x85}, &(0x7f0000000340)=0x8)
r4 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r4)
sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x13c, 0x0, 0x202, 0x1, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wlc\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_FWMARK={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_DEST={0x54, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7ff}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@initdev={0xfe, 0x88, [], 0x0, 0x0}}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xff}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5ab5ae9}]}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xff}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x26}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xff}]}, 0x13c}, 0x1, 0x0, 0x0, 0x20004000}, 0x4000004)

[  508.299219] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  508.306474] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  508.313730] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:55 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0xc)
writev(0xffffffffffffffff, 0x0, 0x0)
syz_read_part_table(0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000080)="0300050000000100001400000000000000000f0000000000000000000500000000004200"/62, 0x3e, 0x1c0}])
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x2, 0x0)
syz_mount_image$minix(0x0, &(0x7f0000000100)='./file0\x00', 0x3, 0x7, &(0x7f0000000940)=[{&(0x7f0000000440)="7641aecd07932adfafabef02818e898051c41407e712cd06b353bbfc2475f3dfed5f174f90070e012e68e77e2513f2184e769043316d07be50ced60645e3d2fce10163395bdfc26944a926d2d666f5c82502f2f6626844f478203e931662300636676f52fabd01ce2162950b514bd1cb13a024b7004ed0d23a1d755553ebb7e5dfba90b667f05f306c15f9760fe950c999056f5792d4d2d2a899facf66ddd883a6d12654fc490166d10987e6411a41efd9f2e1e010ef50268c135df79c827102e10a714d95f2b95f87e9b6da6d2cf789f3dd60c588e9e671d282b366503b2173b82a7b70", 0xe4, 0xcd4}, {&(0x7f0000000540)="5072e2133f5904a28201b951e0f4b4cb7ba83a0f2dfefa5f9d8e9eee04d9775af0a5a0ba5ae20ec96efb7448c320bce5d1acb8c0ebe7ebec9969422ac87fd39df2c58c789df910ee1ccae481e125903d82e91bae38a04124e82b60952e802f0bd8747a606a5c35b29794dda141ff1ff711826910b23099fc1ce225a03256f06f8511b7a4d14da78ffe89f4edccd34b07abd4426d5822259ebc444f29f6e6a498931a30441e357ac1185e7ff38ef9efcbab05", 0xb2, 0xb9}, {&(0x7f0000000640)="9e00699f8d5ad2f4f06641c965799a0dceba016390bf24ea286dcc55e302721590d5b02da050159a767c6e4198038435557377986dffa98bb97829f13a894b8a661263f4323c9b4c85a0f8cf5c3d60221a6f6bb5bfb92a4ac73508eabde3f778fb0a08c8a2f09c476e9ce725dc70c00ce98f2a95c582047848", 0x79, 0x6}, {&(0x7f0000000740)="9d8aaaf901c47e92bc41b21774d0f4c0e023a69f4c419faaa99e4e3971c877484a4451f8ae44332ac435ab6194fdd51e6038571d1f7d07e26d23a983ff48ea106adc5a", 0x43, 0xe34}, {0x0, 0x0, 0x1}, {&(0x7f0000000840)="e512df8951603ef6c4c014f1631850030223c17365620bc12e7692515e5834d8e75ee8a91c9f9ff86c0a2913da8c3f7cc16965051a2cd4168f0eedb4405f86ea88e36c4b168d7114f2e43a31cb4ef18a4401e7c6502ceeb194405010e9cd1d01700c1ecaf0aff42b473b1f401be1753826a3a6b91439439ad7940b045eb54aca27c19dfda880cb73c800bf0a9a74101a871fd208041a1304de4ff74efea0d68685cf163d0cc290994c5ed4bd421f2959415891608d109e744ff8b5d1f4d20990cfe70c9b6c2d1cf7d05c92eb5ab0f29537f2a13804f7e012bef312d5a3", 0xdd, 0xcc3}, {&(0x7f00000001c0)="eebfd4fb983b9cf3", 0x8, 0x90}], 0x988040, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f00000000c0))
r1 = socket(0x11, 0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, 0x0)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
ioctl$VHOST_GET_VRING_ENDIAN(r3, 0x4008af14, &(0x7f0000000240)={0x5, 0x5})
setuid(r2)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000400)='system_u:object_r:ldconfig_exec_t:s0\x00', 0x25)
dup(r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r6, 0xc028ae92, &(0x7f0000000000)={0x3})

23:24:55 executing program 1:
r0 = semget(0x2, 0x1, 0x0)
semctl$GETNCNT(r0, 0x4, 0xe, &(0x7f0000000000)=""/4096)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
setsockopt$inet_opts(r1, 0x0, 0x1, &(0x7f0000001000)="da2bfb1ac2191eb679dbfcdfc1b76db647a7bf7a094b8a9c7d905c398559e5ecf8dade038950382fdb1bd231065a8f4b9037a416f582fb4415a2d57fa10ab2208b003a340eb665840dab104f308c28265c64f2e17b40bba9a646cf43b585bd1ffb09", 0x62)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:55 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f0000000080)={0x3ff})

23:24:55 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x6857b21ff1155d90)
creat(&(0x7f0000000080)='./file0\x00', 0x104)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
write$selinux_attr(r1, &(0x7f0000000000)='system_u:object_r:load_policy_exec_t:s0\x00', 0x28)

23:24:55 executing program 2 (fault-call:0 fault-nth:24):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  508.557535] FAULT_INJECTION: forcing a failure.
[  508.557535] name failslab, interval 1, probability 0, space 0, times 0
[  508.605888] Dev loop3: unable to read RDB block 1
[  508.620536]  loop3: unable to read partition table
[  508.626844] CPU: 0 PID: 26723 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  508.634763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  508.637853] loop3: partition table beyond EOD, 
[  508.644237] Call Trace:
[  508.644258]  dump_stack+0x142/0x197
[  508.644277]  should_fail.cold+0x10f/0x159
[  508.644293]  should_failslab+0xdb/0x130
[  508.644302]  kmem_cache_alloc+0x2d7/0x780
[  508.644313]  ? find_held_lock+0x35/0x130
[  508.644323]  ? copy_tree+0x4a2/0x8a0
[  508.644337]  alloc_vfsmnt+0x28/0x7d0
[  508.644349]  clone_mnt+0x70/0xee0
[  508.644360]  ? lock_downgrade+0x740/0x740
[  508.644374]  ? do_raw_spin_unlock+0x16b/0x260
[  508.644387]  copy_tree+0x33b/0x8a0
[  508.644407]  copy_mnt_ns+0x11c/0x8c0
[  508.644417]  ? kmem_cache_alloc+0x611/0x780
[  508.644431]  ? selinux_capable+0x36/0x40
[  508.644444]  create_new_namespaces+0xc9/0x720
[  508.644453]  ? ns_capable_common+0x12c/0x160
[  508.644465]  copy_namespaces+0x284/0x310
[  508.644478]  copy_process.part.0+0x2603/0x6a70
[  508.644495]  ? proc_fail_nth_write+0x7d/0x180
[  508.644503]  ? proc_cwd_link+0x1b0/0x1b0
[  508.644523]  ? __cleanup_sighand+0x50/0x50
[  508.644533]  ? lock_downgrade+0x740/0x740
[  508.644548]  _do_fork+0x19e/0xce0
[  508.644561]  ? fork_idle+0x280/0x280
[  508.644574]  ? fput+0xd4/0x150
[  508.644583]  ? SyS_write+0x15e/0x230
[  508.644605]  SyS_clone+0x37/0x50
[  508.644614]  ? sys_vfork+0x30/0x30
[  508.644629]  do_syscall_64+0x1e8/0x640
[  508.644640]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  508.644657]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  508.644672] RIP: 0033:0x45a6f9
[  508.655719] truncated
[  508.659675] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  508.659687] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  508.659692] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  508.659697] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  508.659703] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  508.659708] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  508.836366] devpts: called with bogus options
[  508.864821] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
23:24:55 executing program 5:
accept4(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, <r0=>0xffffffffffffffff}}, &(0x7f0000000080)=0x80, 0xc0400)
getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f00000000c0)={'filter\x00'}, &(0x7f0000000140)=0x54)
clone(0x10a028000, 0x0, 0x0, 0x0, 0x0)

23:24:55 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
write$P9_RREADDIR(r0, &(0x7f0000000000)={0xa6, 0x29, 0x1, {0x1000, [{{0x1, 0x4, 0x2}, 0x4, 0x2, 0x7, './file0'}, {{0x40, 0x0, 0x7}, 0x2, 0x1, 0x7, './file0'}, {{0x2, 0x1}, 0x10001, 0x7, 0x7, './file0'}, {{0x18, 0x3, 0x1}, 0x7ff, 0x92, 0x7, './file0'}, {{0x0, 0x4, 0x5}, 0x70, 0x9, 0x7, './file0'}]}}, 0xa6)

23:24:55 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, 0x0)

23:24:55 executing program 2 (fault-call:0 fault-nth:25):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:55 executing program 4:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2)
ioctl$CAPI_NCCI_GETUNIT(r0, 0x80044327, &(0x7f0000000040))
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@int=0x1, 0x4)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:55 executing program 1:
clone(0x80000, 0x0, 0x0, 0x0, 0x0)

[  509.046838] FAULT_INJECTION: forcing a failure.
[  509.046838] name failslab, interval 1, probability 0, space 0, times 0
[  509.135055] CPU: 0 PID: 26751 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  509.143001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  509.152368] Call Trace:
[  509.154970]  dump_stack+0x142/0x197
[  509.158620]  should_fail.cold+0x10f/0x159
[  509.162789]  should_failslab+0xdb/0x130
[  509.166775]  __kmalloc_track_caller+0x2ec/0x790
[  509.171654]  ? kstrdup_const+0x48/0x60
[  509.175566]  kstrdup+0x3a/0x70
[  509.178773]  kstrdup_const+0x48/0x60
[  509.182500]  alloc_vfsmnt+0xe5/0x7d0
[  509.186226]  clone_mnt+0x70/0xee0
[  509.189691]  ? lock_downgrade+0x740/0x740
[  509.193876]  ? do_raw_spin_unlock+0x16b/0x260
[  509.198382]  copy_tree+0x33b/0x8a0
[  509.201934]  copy_mnt_ns+0x11c/0x8c0
[  509.205649]  ? kmem_cache_alloc+0x611/0x780
[  509.209981]  ? selinux_capable+0x36/0x40
[  509.214185]  create_new_namespaces+0xc9/0x720
[  509.218795]  ? ns_capable_common+0x12c/0x160
[  509.223217]  copy_namespaces+0x284/0x310
[  509.227275]  copy_process.part.0+0x2603/0x6a70
[  509.231862]  ? proc_fail_nth_write+0x7d/0x180
[  509.236354]  ? proc_cwd_link+0x1b0/0x1b0
[  509.240410]  ? __cleanup_sighand+0x50/0x50
[  509.244653]  ? lock_downgrade+0x740/0x740
[  509.248787]  _do_fork+0x19e/0xce0
[  509.252227]  ? fork_idle+0x280/0x280
[  509.255944]  ? fput+0xd4/0x150
[  509.259120]  ? SyS_write+0x15e/0x230
[  509.262827]  SyS_clone+0x37/0x50
[  509.266197]  ? sys_vfork+0x30/0x30
[  509.269722]  do_syscall_64+0x1e8/0x640
[  509.273598]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  509.278443]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:24:56 executing program 1:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000100)={r0, &(0x7f0000000040)="1786c223215bd4025dc622d167263184d94a9b1b4871ca72a11b52a8339829a02a3e17608c4812907845", &(0x7f0000000080)=""/128, 0x4}, 0x20)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x542c808}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@ipmr_getroute={0x1c, 0x1a, 0x100, 0x70bd25, 0x25dfdbfb, {0x80, 0x20, 0x80, 0x3, 0xfc, 0x0, 0xff, 0x6a97f9ee4b01f6a8, 0x400}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000)

23:24:56 executing program 3:
clone(0x787467ffcfa159c, 0x0, 0x0, 0x0, 0x0)

23:24:56 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, 0x0)

[  509.283630] RIP: 0033:0x45a6f9
[  509.286817] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  509.294511] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  509.301796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  509.309052] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  509.316310] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  509.323564] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:56 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x80, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:56 executing program 2 (fault-call:0 fault-nth:26):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:56 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, 0x0)

23:24:56 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TIOCSSERIAL(r0, 0x541f, &(0x7f0000000080)={0x3, 0x1ff, 0x4, 0x746b, 0xff, 0x6, 0x6, 0x7f9cbd8, 0x7fff, 0x3, 0x81, 0x3f, 0x3, 0x0, &(0x7f0000000000)=""/100, 0x400, 0x1, 0x8})

[  509.514582] FAULT_INJECTION: forcing a failure.
[  509.514582] name failslab, interval 1, probability 0, space 0, times 0
[  509.604392] CPU: 0 PID: 26780 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  509.612339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  509.621795] Call Trace:
[  509.624400]  dump_stack+0x142/0x197
[  509.628049]  should_fail.cold+0x10f/0x159
[  509.632206]  should_failslab+0xdb/0x130
[  509.636287]  kmem_cache_alloc+0x2d7/0x780
[  509.646182]  ? find_held_lock+0x35/0x130
[  509.650246]  ? copy_tree+0x4a2/0x8a0
23:24:56 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ocfs2_control\x00', 0x200000, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(0x0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="24647ec1f9657ec9083514a13a6869137db10c8ecdc02af615eef53c16b248a40fee50ba491a659f14a6864e285cfb0c6a5b38c41d02afc17c5333211d387931a755af5d0ea42fe74bc117f1c5340900000000000000387d82277d991dd0b6729a62eb8dd6bed3a80af3059cff204440ffd39b8fede9d0a4da4289dc86d100dfbdaa2cd7cee800a448501080d5b838a86b240c3f6eaf8f17ed10bc5f17f06132c72d21d592a7e1d31bc15aa0f03b91796ff6f8eb3f2371f2078705af3df7e4bd2325c8654c3fc42f71b8983b970cdc68263738ebea14652cbda8974c379426f8525fafaf4a6b744e5046ff352200ce67bce399f797dd558b68c0dffba8d3750be5fd5f5a74bf206414bbcad334f32da2d4a362fc57", @ANYRES16=r1], 0x2}}, 0x0)
sendmsg$TIPC_NL_SOCK_GET(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x408c204}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0xf4, r1, 0xb, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x24, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x542}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_BEARER={0xb0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @loopback}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x0, @empty, 0x2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'eth', 0x3a, 'ip6_vti0\x00'}}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x3, 0x2, 0xe321}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x81}, 0x20000000)

23:24:56 executing program 5:
clone(0x4000000, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000340)={0x0, 0x40000, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x2)
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0xe98300, "14929936c1971b4dfa3f97e58f1d6e9b8f08b69fc87772037bf068c2f7b20428", 0x0, 0x1})
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
setsockopt$inet_icmp_ICMP_FILTER(r3, 0x1, 0x1, &(0x7f0000000180)={0x3}, 0x4)
r4 = semget$private(0x0, 0x8, 0x0)
semctl$GETZCNT(r4, 0x0, 0xf, &(0x7f0000000600)=""/4096)
semctl$IPC_INFO(r4, 0x2, 0x3, &(0x7f0000000240)=""/203)
ioctl$TIOCLINUX3(0xffffffffffffffff, 0x541c, &(0x7f00000000c0))
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000080)=0xfffffffd, 0x4)
r5 = open(&(0x7f0000021000)='./bus\x00', 0x0, 0x0)
fchdir(r5)
ioctl$VHOST_SET_LOG_BASE(r5, 0x4008af04, &(0x7f0000000200)=&(0x7f00000001c0))

[  509.653981]  alloc_vfsmnt+0x28/0x7d0
[  509.657705]  clone_mnt+0x70/0xee0
[  509.661165]  ? lock_downgrade+0x740/0x740
[  509.665324]  ? do_raw_spin_unlock+0x16b/0x260
[  509.669837]  copy_tree+0x33b/0x8a0
[  509.673397]  copy_mnt_ns+0x11c/0x8c0
[  509.677141]  ? kmem_cache_alloc+0x611/0x780
[  509.681626]  ? selinux_capable+0x36/0x40
[  509.685714]  create_new_namespaces+0xc9/0x720
[  509.690226]  ? ns_capable_common+0x12c/0x160
[  509.694667]  copy_namespaces+0x284/0x310
[  509.698742]  copy_process.part.0+0x2603/0x6a70
[  509.702174] audit: type=1804 audit(1575674696.396:105): pid=26794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir290644921/syzkaller.3X6sTI/234/bus" dev="sda1" ino=17817 res=1
[  509.703347]  ? proc_fail_nth_write+0x7d/0x180
[  509.703355]  ? proc_cwd_link+0x1b0/0x1b0
[  509.703373]  ? __cleanup_sighand+0x50/0x50
[  509.743245]  ? lock_downgrade+0x740/0x740
[  509.747418]  _do_fork+0x19e/0xce0
[  509.750894]  ? fork_idle+0x280/0x280
23:24:56 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000))

[  509.754617]  ? fput+0xd4/0x150
[  509.757826]  ? SyS_write+0x15e/0x230
[  509.761546]  SyS_clone+0x37/0x50
[  509.764923]  ? sys_vfork+0x30/0x30
[  509.768474]  do_syscall_64+0x1e8/0x640
[  509.772368]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  509.777232]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  509.782434] RIP: 0033:0x45a6f9
[  509.782439] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  509.782449] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
23:24:56 executing program 0:
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080))

23:24:56 executing program 4:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000000)={0x8, 0x6, 0x6, 0x3, '\x00', 0x1000})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:56 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r1, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r3, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x258, 0x1, &(0x7f0000000180)=[{&(0x7f0000000080)="27eccf762b34343dae60f58f74d5259ce40df4209fa41c1a19c5efe42a5d8acd4a88a330575b7938ccb4eb6cd0a64fc3d5ab8ff75e1ff5a34bcd9e6d7b773788e8b77b3b3866d36fd1daf010f6f620978a002f0b5a53b3fea90674c886795b15bced27b6cac9fb45efef7198e6cbb9d6cdd111d952f6ff734661abf5bf4ef42119d1e69dc0b9d447bb33fca230a2885e215f1611e5768608ac54f411805eeeb81e09be4fb2308281d9c8aa51eba1c4b89d243145032e7ed9d1db9d703445fd840762c3e6ccad2b45369aca5896f174455b8a81faa9", 0xd5, 0x3}], 0x932804de7a17600c, &(0x7f00000001c0)={[{@nonumtail='nnonumtail=1'}, {@utf8no='utf8=0'}, {@fat=@sys_immutable='sys_immutable'}], [{@fsuuid={'fsuuid', 0x3d, {[0x6a, 0x30, 0xca, 0x31, 0x37, 0x9, 0x39, 0x66], 0x2d, [0x63, 0x32, 0x64, 0x80b2a3b88692b378], 0x2d, [0x30, 0x61, 0x35, 0x32], 0x2d, [0x64, 0x36, 0x61, 0x62], 0x2d, [0x53, 0x63, 0x61, 0x34, 0x37, 0x61, 0x36, 0x64]}}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@uid_eq={'uid', 0x3d, r1}}, {@fowner_lt={'fowner<'}}, {@fsmagic={'fsmagic', 0x3d, 0x665dd1e1}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@fowner_eq={'fowner', 0x3d, r3}}]})
clone(0x787467fbcfe1d9c, 0x0, 0x0, 0x0, 0x0)

[  509.782454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  509.782458] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  509.782463] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  509.782468] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  510.201033] IPVS: ftp: loaded support on port[0] = 21
23:24:57 executing program 3:
set_tid_address(&(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:57 executing program 2 (fault-call:0 fault-nth:27):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:57 executing program 0:
clone(0x400, 0x0, 0x0, 0x0, 0x0)

23:24:57 executing program 5:
clone(0x4000000, 0x0, 0x0, 0x0, 0x0)

23:24:57 executing program 4:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x20100, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000040)={0x7fff, 0x38415261, 0x2, @stepwise={0x8, 0x5, 0x81, 0x2, 0x6, 0xfc}})
r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$set_timeout(0xf, r1, 0x0)
keyctl$clear(0x7, r1)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:57 executing program 1:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x80000, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f00000000c0))
clone(0x40000000, 0x0, 0x0, 0x0, 0x0)
r1 = dup(0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[  511.258542] FAULT_INJECTION: forcing a failure.
[  511.258542] name failslab, interval 1, probability 0, space 0, times 0
[  511.284880] CPU: 1 PID: 26841 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  511.292819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  511.302203] Call Trace:
[  511.304809]  dump_stack+0x142/0x197
[  511.308460]  should_fail.cold+0x10f/0x159
[  511.312629]  should_failslab+0xdb/0x130
[  511.316621]  __kmalloc_track_caller+0x2ec/0x790
[  511.321304]  ? kstrdup_const+0x48/0x60
[  511.325205]  kstrdup+0x3a/0x70
[  511.328543]  kstrdup_const+0x48/0x60
[  511.332269]  alloc_vfsmnt+0xe5/0x7d0
[  511.335995]  clone_mnt+0x70/0xee0
[  511.339463]  ? lock_downgrade+0x740/0x740
[  511.343620]  ? do_raw_spin_unlock+0x16b/0x260
[  511.348133]  copy_tree+0x33b/0x8a0
[  511.351688]  copy_mnt_ns+0x11c/0x8c0
[  511.355423]  ? kmem_cache_alloc+0x611/0x780
[  511.359748]  ? selinux_capable+0x36/0x40
[  511.363807]  create_new_namespaces+0xc9/0x720
[  511.363818]  ? ns_capable_common+0x12c/0x160
[  511.363829]  copy_namespaces+0x284/0x310
[  511.363841]  copy_process.part.0+0x2603/0x6a70
[  511.363856]  ? proc_fail_nth_write+0x7d/0x180
[  511.363864]  ? proc_cwd_link+0x1b0/0x1b0
[  511.363881]  ? __cleanup_sighand+0x50/0x50
[  511.363891]  ? lock_downgrade+0x740/0x740
[  511.363903]  _do_fork+0x19e/0xce0
[  511.401784]  ? fork_idle+0x280/0x280
[  511.405496]  ? fput+0xd4/0x150
[  511.408672]  ? SyS_write+0x15e/0x230
[  511.412376]  SyS_clone+0x37/0x50
[  511.415727]  ? sys_vfork+0x30/0x30
[  511.419254]  do_syscall_64+0x1e8/0x640
[  511.423126]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  511.427962]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  511.433153] RIP: 0033:0x45a6f9
[  511.436335] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  511.444123] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  511.451393] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:24:58 executing program 0:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, &(0x7f0000000640)={{0x1, 0x0, @descriptor="a7e318d30b6bfd99"}})
fchdir(r0)
sendmmsg$inet(r0, &(0x7f00000007c0)=[{{&(0x7f0000000000)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000040)="2e18c02ab5e46a2a93a4319443095285e25b8ab738df11eb", 0x18}, {&(0x7f0000000080)="b433d1ef430fff2c98ff18a9be8ca288503157500b2a1849ef9c1c33c7883e73d8d22a4898659d83033b3939e255a0897e86eeff4f31e48c6a5911760fe5f4f9cca5b428c1c254678023cc01563e66859e4a6e1a05f2cec1f63bb45514210f519f666239e0b622e7b2860b2e09f6aa132e567786f1e112aa854208494394ab396bf013053461ecf790ffd3b0031b962bf60b25b72081ca18927f31b4cfc52f4def6e0b846f724a9305bf6b92687de656a9c180ca846cbe46e15a1cecee9c2c75392facc29f144c6c7c24de3c172975349e199c4c91fe64eb03d3904d5444ce4cc4519ccc886cf5d9addd4a4168", 0xed}, {&(0x7f0000000180)="92173fe16dcee3854e1bd160c199886e7ec0db67d04d532a947486200632f6b64d7fc57ab9ec9785", 0x28}, {&(0x7f00000001c0)="1b9d12912fa6463099248e7ba57170ff608609e434baa492c50655ebe96fc535200ebf5f491da2f25ea7ec162b86c2a0fab1bbb8a80dd3a407a2ae465ef2ec7633f2a04fec244e50cb82a129ec16d99a5938a7f52115a022473373b585431a81cc82b2734b40981991236667a8c3fd3d83a40ec893dfba2f355ce7af63965b7d77d09dc7d3b7f6d6e6d1d3eaf2205b631c70a1420c803a386bf0b31cd3e619d2f878d1334ece39e32103def7b0b17d52ca36219669201f0772818ea356e2600fc2e2f59bf187e38162c837c833cbc987", 0xd0}, {&(0x7f00000002c0)="9e9d429c6bfd154e3fbf7e7249ee46c9ba2ab7d73bb1096b9bb9e42647a701c836d552c8f2182bcb4ca272544b2b78c17cbcb7d7999e16e9fc6dbc23966e7cc73af70869f47590ec2c4f2156e893ab2238322a0bbeaaf41e15159e542f60b3b3f1f48d27f478400276cd6465d48bfc3ba96cdbdec3e817a1dbdf5d", 0x7b}, {&(0x7f0000000340)="bf9428a01d7b9f5bf59aea1989330c62e1771bcef33fe8baacd0f6b9c17d546321233cf2d22f9868c208f2d201d5734d6899079438", 0x35}], 0x6, &(0x7f0000000880)=ANY=[@ANYBLOB="b8000000000000000000000007000000440c22661e2511dcd99f94e0072704e0000002e0000002ac1e010100000000e0000002000000007f0000017f000001ac1414180717807f000001ac1e0101e000000100000000e00000024444ee21000000050001000000001000ac1414bbda800000e00000020000000500000001ac14142400000093000000db000000000000000100000000fffffffe89178100000000ac1414bbac1414aaffffffffe000000101000000000000b2dcf093b5474579a60524d03ae9f2ed7882dd2999f9997eb2bf619e471ff6e42fdef4a4bb9011abae66c42d5028c60b3a197d3a454439bd4991a48a9eae5be3f99f"], 0xb8}}, {{&(0x7f00000004c0)={0x2, 0x4e24, @broadcast}, 0x10, &(0x7f0000000740)=[{&(0x7f0000000500)="d4af27b0782e26324751c3cfe64e14c3ea703f5b8a8894936bc6abd6738505ef0f98ba657ef79d6223816c5a94c48d3f54d9347895a2d0240821411568dd9b859f3f0e401cfd954e74052346b46ef0937e038babbac82de92034a00782962aa68cd899dee9dabec98f626e26fabfd7e43a6bbe4c7a303c6ba3267539", 0x7c}, {&(0x7f0000000580)="812283d11c8fd32de1b0a54dd788d3936c75cd8470b61619eef879de4ac844b9118f8c32c85e51e27c839f7bee9ece59a59e147762f965cb4957da965f8f0c710c20d1ce1a29d6147358f0e07cfd57b5eb6264aea1c9c8be136650e8569ab4a14bcc2145434b765ade1a", 0xffffff99}, {&(0x7f0000000600)="a384", 0x2}, {&(0x7f0000000640)}, {&(0x7f0000000680)="8b7817b5ba2f127338a781bb901236a05f8e16fe9c3aafa9ce853f6f66d11ce3d30e9ca3fa8148cc38dbc3a5af16bf60b2721c3fb5a4f8d5e13130f90e25ad59b9ad5751151475fa82893cce42cba698de692ecc60b18e1cf32bc5b3277a1e6b4bb13355e39da541c153cae52d681d15dfc72a0f603b0294476b50d77783915a5c3e3edfeccb544055", 0x89}], 0x5}}], 0x2, 0x80)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000840)='/dev/video35\x00', 0x2, 0x0)

23:24:58 executing program 5:
clone(0x111000, 0x0, 0x0, 0x0, 0x0)

23:24:58 executing program 3:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x28100, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
r1 = accept4(r0, 0x0, &(0x7f0000000000), 0x41800)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$SIOCX25SENDCALLACCPT(r0, 0x89e9)
write$binfmt_elf32(r1, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x3, 0x20, 0x5, 0x6, 0x57d4, 0x2, 0x6, 0x1, 0x17a, 0x38, 0x3d7, 0x7fff, 0x46, 0x20, 0x2, 0x80, 0x1d, 0x1}, [{0x60000000, 0x7fffffff, 0x5, 0x3, 0x0, 0x9, 0x8, 0x9}, {0x1, 0x5, 0x4, 0x1, 0x3, 0x2, 0x3, 0x1f}], "b240091ed7c3c1efd5798119a6e6cbf15544513ba642a82a27bc373904c942eaea8f6f1cb45db940b5fe57406b889d942fe05e82f40993a043180ec2c8ef7c5c8acb466e523527819d67fcba167125cac4ce5a408d735f112b787a251dfc0eef19f7e9f642dfe820a7e590311395bbdede8a1563e05278802c6a8e729a83cdf26524115fedf903cf7f1ad5a66352bf4edce3be2c4bc237c3838707333153995012d10a76b90f945c89c8bcb7cae56373997421279af52b62da63e526b3aa24fa86cf0a57b438fe0c190f6a241704ce08e6bda6f0d0ce56efe6b9caadbba06a8f283ab30eb19e225d06debd5c1f3965d3cc4eb5256976757fedf1a3c5de8d", [[], [], [], []]}, 0x576)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
getsockopt$inet6_dccp_buf(r0, 0x21, 0xd, &(0x7f0000000040)=""/227, &(0x7f0000000140)=0xe3)
lchown(&(0x7f00000001c0)='./bus\x00', 0xee01, 0xee00)

[  511.458648] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  511.465902] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  511.473329] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:58 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
inotify_init()

23:24:58 executing program 0:

23:24:58 executing program 2 (fault-call:0 fault-nth:28):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:58 executing program 4:
clone(0x1000, 0x0, 0x0, 0x0, 0x0)

23:24:58 executing program 0:

[  511.628171] FAULT_INJECTION: forcing a failure.
[  511.628171] name failslab, interval 1, probability 0, space 0, times 0
23:24:58 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x140, 0x0, 0x800, 0x70bd2b, 0x400, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_NODE={0x30, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x200}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4f20}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x40}]}, @TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}, @TIPC_NLA_LINK={0xbc, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1621}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xd74}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9a7c}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7b}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x280}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xbf9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}]}, 0x140}, 0x1, 0x0, 0x0, 0xc000080}, 0x4048010)

23:24:58 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
sendmsg$inet(r3, &(0x7f00000005c0)={&(0x7f00000002c0)={0x2, 0x4e20, @rand_addr=0x28e2}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000380)="29f67ec5fe2ce904b07b195acc6cb1661ded66817aea1054d4dbeb2d21073f07d8ac950521339e19f78572d62ed1e9be1adea1d8b3cf8fa639308e0d22cb2e7faf3b6a4d27608bf17777088c281fb5ca2b6774858bf189da59c6308615ca191957f9e7f3ff44bba10bfb162fc08db39b26fe6f7acec9e2b9de1572b62ba793789b63698d1f1b5a9be8823b6913f484934f2c0b", 0x93}, {&(0x7f0000000440)="83e19c347ccf136dc778cfb4322e2c00eca0160f4b3c21fd47671e46752d83f3dc07d5cdf13f853c1dcd42afaa13b95eb396cb62945c8d7feca2ff577554420cae40a7e681c4b443591ac5a347c26de5bb791aada6a69466b512d584af267ba82be782c9be210348ccf334c33de54a23146d506724e2d8eee074b675826e4f847d24642dd962f64ce494c1092b8798b028c4fa8f639abf373d30e1a583a2f9206018fb59e9128e8160ae05e602c447c597dec50852f664eff7d3ea51863c23b1866a690fdf4c38af0229f27d9502de9fc1a624f5e805568a25980d58ecded9dd9fb9dd030cb6ec004adb9f28c2d24a", 0xef}], 0x2, &(0x7f0000000540)=[@ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_tos_u8={{0x11}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x5}}], 0x60}, 0x72081010)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="3f0200000003000000000100000000000000060000000014001462726f6164636173742d6c696e6b00004de853b9ff8d14411bc2"], 0x30}}, 0x0)
sendmsg$TIPC_CMD_DISABLE_BEARER(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200002}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, r4, 0x4, 0x70bd29, 0x25dfdbfb, {{}, 0x0, 0x4102, 0x0, {0x18, 0x13, @l2={'ib', 0x3a, 'veth1_to_bond\x00'}}}, ["", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
sendto$llc(r0, &(0x7f0000000080)="693f7a1ff2d7488f1a840a79d3d15f83826ae17a3674c210200cc52a7c82a566c7e2ca0a2466dfbfe0772638fcf329f70c7633389eea13e26fba54a3d1e4ae6656cc73b6e2fa4e454b6dc2d02243404ad1613b8aa1a92b992467fe0808bd9e2ae503c11d55f776a0d06e3ece7c6676332901491670f5cd5039486e05a0668d301d6b48eeeb5de4f303122d6b7b565bf6258d3dfc26828d5fd54800cb7a56ff5b872208aa6162d39ddd7490e226ea1677a1", 0xb1, 0x1, &(0x7f0000000140)={0x1a, 0x10f, 0x1b, 0xe0, 0x6, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)
r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0)
ioctl$PIO_SCRNMAP(r5, 0x4b41, &(0x7f0000000040)="0e2616cfaa87dd53aea77732bac91a")

[  511.711393] CPU: 1 PID: 26873 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  511.719362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  511.728727] Call Trace:
[  511.731352]  dump_stack+0x142/0x197
[  511.735000]  should_fail.cold+0x10f/0x159
[  511.739174]  should_failslab+0xdb/0x130
[  511.743196]  __kmalloc_track_caller+0x2ec/0x790
[  511.748052]  ? kstrdup_const+0x48/0x60
[  511.751949]  kstrdup+0x3a/0x70
[  511.755148]  kstrdup_const+0x48/0x60
[  511.758868]  alloc_vfsmnt+0xe5/0x7d0
[  511.762589]  clone_mnt+0x70/0xee0
[  511.766048]  ? lock_downgrade+0x740/0x740
[  511.770205]  ? do_raw_spin_unlock+0x16b/0x260
[  511.774718]  copy_tree+0x33b/0x8a0
[  511.778269]  copy_mnt_ns+0x11c/0x8c0
[  511.781973]  ? kmem_cache_alloc+0x611/0x780
[  511.781985]  ? selinux_capable+0x36/0x40
[  511.781999]  create_new_namespaces+0xc9/0x720
[  511.782009]  ? ns_capable_common+0x12c/0x160
[  511.782020]  copy_namespaces+0x284/0x310
[  511.782032]  copy_process.part.0+0x2603/0x6a70
23:24:58 executing program 0:

[  511.782047]  ? proc_fail_nth_write+0x7d/0x180
[  511.782055]  ? proc_cwd_link+0x1b0/0x1b0
[  511.782073]  ? __cleanup_sighand+0x50/0x50
[  511.782086]  ? lock_downgrade+0x740/0x740
[  511.812479]  _do_fork+0x19e/0xce0
[  511.812492]  ? fork_idle+0x280/0x280
[  511.812504]  ? fput+0xd4/0x150
[  511.812512]  ? SyS_write+0x15e/0x230
[  511.812524]  SyS_clone+0x37/0x50
[  511.812530]  ? sys_vfork+0x30/0x30
[  511.812544]  do_syscall_64+0x1e8/0x640
[  511.812553]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  511.812571]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  511.812579] RIP: 0033:0x45a6f9
[  511.812586] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246
[  511.820880]  ORIG_RAX: 0000000000000038
[  511.820891] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  511.820897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  511.820903] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  511.820907] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  511.820912] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:58 executing program 1:
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000000)={0x5, 0x0, 0x1000})
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000040)={'ah\x00'}, &(0x7f0000000080)=0x1e)

23:24:58 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dll\x00', 0x630181, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f00000000c0))
openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x4000, 0x0)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/status\x00', 0x0, 0x0)
ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:58 executing program 5:
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x92, "f6dbf1034d95b60a259ca17f719d8f926fb0949b6c6313112d0fad895dd1aee75f6618af294eb30a49df0d956b9ed0112e2e612d708bebeb6d8d7505aa3c2a1b15215226d4cec5fe21f5c32ac6b3af0a43d524f7eb249f6d7073d262827737d538c715dc9a0a33020b179387317742a76cb96f476be1ca029ce536f2c203fbfbd52b25de4301c85e4f2de59044343a507346"}, &(0x7f0000000100)=0xb6)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
ioctl$SNDRV_PCM_IOCTL_DRAIN(r1, 0x4144, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
fsetxattr$security_selinux(r0, &(0x7f0000000140)='security.selinux\x00', &(0x7f0000000200)='system_u:object_r:systemd_systemctl_exec_t:s0\x00', 0x22, 0x0)

23:24:58 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000140))
setxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.evm\x00', &(0x7f0000000080)=@md5={0x1, "76367cf6f0ec5a23d077ebe58ed09c0e"}, 0x11, 0x1)

23:24:58 executing program 0:

23:24:58 executing program 2 (fault-call:0 fault-nth:29):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:58 executing program 0:

[  512.147460] FAULT_INJECTION: forcing a failure.
[  512.147460] name failslab, interval 1, probability 0, space 0, times 0
[  512.166972] CPU: 0 PID: 26907 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  512.174903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  512.174909] Call Trace:
[  512.174927]  dump_stack+0x142/0x197
[  512.174944]  should_fail.cold+0x10f/0x159
23:24:58 executing program 0:

23:24:58 executing program 0:

[  512.194780]  should_failslab+0xdb/0x130
[  512.194791]  kmem_cache_alloc+0x2d7/0x780
[  512.194804]  ? find_held_lock+0x35/0x130
[  512.207003]  ? copy_tree+0x4a2/0x8a0
[  512.210735]  alloc_vfsmnt+0x28/0x7d0
[  512.214463]  clone_mnt+0x70/0xee0
[  512.217959]  ? lock_downgrade+0x740/0x740
[  512.222119]  ? do_raw_spin_unlock+0x16b/0x260
[  512.226622]  copy_tree+0x33b/0x8a0
[  512.230176]  copy_mnt_ns+0x11c/0x8c0
[  512.233891]  ? kmem_cache_alloc+0x611/0x780
[  512.238222]  ? selinux_capable+0x36/0x40
[  512.242294]  create_new_namespaces+0xc9/0x720
23:24:58 executing program 0:
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000015000/0x1000)=nil)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)

[  512.246805]  ? ns_capable_common+0x12c/0x160
[  512.251227]  copy_namespaces+0x284/0x310
[  512.255296]  copy_process.part.0+0x2603/0x6a70
[  512.259909]  ? proc_fail_nth_write+0x7d/0x180
[  512.264409]  ? proc_cwd_link+0x1b0/0x1b0
[  512.268486]  ? __cleanup_sighand+0x50/0x50
[  512.272727]  ? lock_downgrade+0x740/0x740
[  512.272745]  _do_fork+0x19e/0xce0
[  512.272761]  ? fork_idle+0x280/0x280
[  512.280371]  ? fput+0xd4/0x150
[  512.280382]  ? SyS_write+0x15e/0x230
[  512.280396]  SyS_clone+0x37/0x50
[  512.280404]  ? sys_vfork+0x30/0x30
[  512.280415]  do_syscall_64+0x1e8/0x640
[  512.280425]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  512.280440]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  512.291706] SELinux:  Context system_u:object_r:systemd_systemct is not valid (left unmapped).
[  512.294414] RIP: 0033:0x45a6f9
[  512.294419] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  512.294429] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  512.294438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:24:59 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
write$cgroup_type(r0, &(0x7f0000000000)='threaded\x00', 0x9)
clone(0x88800000, 0x0, 0x0, 0x0, 0x0)

23:24:59 executing program 1:
syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x100000000, 0x200)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x84c00, 0x0)
getpeername$unix(r0, &(0x7f0000000040)=@abs, &(0x7f0000000100)=0xff28)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  512.294443] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  512.294448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  512.294453] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  512.304652] audit: type=1400 audit(1575674698.856:106): avc:  denied  { associate } for  pid=26901 comm="syz-executor.5" name="cachefiles" dev="devtmpfs" ino=6 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1
23:24:59 executing program 2 (fault-call:0 fault-nth:30):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:59 executing program 5:
clone(0x222000, 0x0, 0x0, 0x0, 0x0)

[  512.499338] FAULT_INJECTION: forcing a failure.
[  512.499338] name failslab, interval 1, probability 0, space 0, times 0
23:24:59 executing program 4:
clone(0x5ea00b00, 0x0, 0x0, 0x0, 0x0)

[  512.576335] CPU: 0 PID: 26937 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  512.584279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  512.593637] Call Trace:
[  512.593656]  dump_stack+0x142/0x197
[  512.593673]  should_fail.cold+0x10f/0x159
[  512.593688]  should_failslab+0xdb/0x130
[  512.593700]  __kmalloc_track_caller+0x2ec/0x790
[  512.599917]  ? kstrdup_const+0x48/0x60
[  512.599931]  kstrdup+0x3a/0x70
[  512.599943]  kstrdup_const+0x48/0x60
[  512.599955]  alloc_vfsmnt+0xe5/0x7d0
[  512.599967]  clone_mnt+0x70/0xee0
[  512.599979]  ? lock_downgrade+0x740/0x740
[  512.635393]  ? do_raw_spin_unlock+0x16b/0x260
[  512.639898]  copy_tree+0x33b/0x8a0
[  512.643455]  copy_mnt_ns+0x11c/0x8c0
[  512.647175]  ? kmem_cache_alloc+0x611/0x780
[  512.651508]  ? selinux_capable+0x36/0x40
[  512.655574]  create_new_namespaces+0xc9/0x720
[  512.660072]  ? ns_capable_common+0x12c/0x160
[  512.664491]  copy_namespaces+0x284/0x310
[  512.668558]  copy_process.part.0+0x2603/0x6a70
[  512.673153]  ? proc_fail_nth_write+0x7d/0x180
[  512.677653]  ? proc_cwd_link+0x1b0/0x1b0
[  512.681733]  ? __cleanup_sighand+0x50/0x50
[  512.685978]  ? lock_downgrade+0x740/0x740
[  512.690136]  _do_fork+0x19e/0xce0
[  512.693601]  ? fork_idle+0x280/0x280
[  512.697322]  ? fput+0xd4/0x150
[  512.700614]  ? SyS_write+0x15e/0x230
[  512.704362]  SyS_clone+0x37/0x50
[  512.707733]  ? sys_vfork+0x30/0x30
[  512.711291]  do_syscall_64+0x1e8/0x640
[  512.715212]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  512.720075]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  512.725270] RIP: 0033:0x45a6f9
[  512.728468] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  512.736179] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  512.743454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  512.750754] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  512.758028] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  512.765310] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:24:59 executing program 0:
syz_genetlink_get_family_id$SEG6(0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x02'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)

23:24:59 executing program 4:
clone(0x42080000, 0x0, 0x0, 0x0, 0x0)
kexec_load(0x7, 0x4, &(0x7f0000000340)=[{&(0x7f0000000000)="2b8b0d11a180136f4562f74b6af9ae98a04d66bde20a4d0edb8238cd5e5f83b20ffcd260955c4f2a978d9a00ace745e6fbc40d5a580813cd01f5362425ff8e66382d241aae3c8c0cab049cc49fbc32c10b625985932a47077a5a43229cab0a7fe84fbad6299bd23b9463dca4ea65715a74dffe7ff1f2f48ee13674a02573c706464c1313dd990ac716bac6279be19f5402c8f2a08845f3fbac796dd349", 0x9d, 0x8, 0x3}, {&(0x7f00000000c0)="a89b31815f62e79de5c8296c8180b729d4cb293cbec38d931265f3c8d903dec3e8641222c38ce52c6d1e306bd5577223676b2f973cec648980ddfd80bf0edecf11cc573d261a09ed51a8e938aca3fdb495ab6b6d3407ad2b9a0180423922d71a2ec73e5e98547c58aceb2dc6cda92266305c78a0d3b16d2c1c60ea4350fe343769b12ada1128464948d9984f86cf33276bca598260268aa9a5deaa56bca6bc622bbb962f0b41c14d4502fccfec44c33e3743df2840023b3c685562781164b6d9326309e2de36c17826fdeaf0ff9079a9117b075abae39be331eba962e1660d06fd20b57215487e26712caa9421f85121acc35f9662dcfbc5", 0xf8, 0x6, 0x4}, {&(0x7f00000001c0)="0b8605dfc8cc60aae9462b2eeb2f19b87007d1781e9ffd18fc71605302faf9e269767ba2a304924b480ee64924625168a8c1ccdbec551d8a6ccac9c57188408dd7398cb8fc29437d34e76ca50a0cb732aae014fc0d9dc61977078bd70b4461006d", 0x61, 0x9, 0x5}, {&(0x7f0000000240)="fec829b762c821a39eb90e9bd4a048606976ee52ff477bd05583342301b902182a0a29b0eac2d0f79ce277f7b7cdd45d1831398703658ccac146a90d50fbb2fae8e6c8f70acbbbdeecd952139e50ffb409a02e8f4922ef9adb89cf1245835f73925b6b30684162e9d074f95d7f4c4ebb1036ac7cb34100c996a83e45016bf4330efb3344db72a4afb754954758d1ad05fd254987ff52949d0628646adb716626ff8648eefeb69185c8188637d4841966c34f0bbea3d6792becfe9d7d09ee66ef34", 0xc1, 0x3f, 0x20000000000}], 0x30000)

23:24:59 executing program 0:
creat(0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r0 = creat(&(0x7f0000000140)='./file1\x00', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x402c5828, &(0x7f0000000000)={0x580000, 0x0, 0x1001000200000000, 0x0, 0xc00, 0x3000, [0xff0f, 0x3800000, 0xa]})
getpid()
pipe(0x0)
tkill(0x0, 0x9)
r1 = socket$inet6(0xa, 0x400000000803, 0x0)
close(r1)
socket(0x0, 0x80000000000802, 0x0)

23:24:59 executing program 1:
clone(0x30000200, 0x0, 0x0, 0x0, 0x0)

23:24:59 executing program 2 (fault-call:0 fault-nth:31):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:24:59 executing program 0:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f0000002580)={[{@journal_ioprio={'journal_ioprio'}}]})

23:24:59 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x400000, 0x0)
fallocate(r0, 0x30, 0xffffffffffff4c96, 0xb8a)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = dup3(r4, r5, 0x80000)
ioctl$ASHMEM_SET_NAME(r6, 0x41007701, &(0x7f00000000c0)='/dev/dsp\x00')
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{0x182}, "d35334bb5bd8253d", "76421f65bfecc2d4ecebce59046efade87d6e43ca961a157fbbdc15ac3aa1d28", "8eb70e85", "51dad09b717f8854"}, 0x38)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_PPC_GET_PVINFO(r8, 0x4080aea1, &(0x7f0000000100)=""/127)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
sync_file_range(r9, 0xfe, 0x0, 0x0)

[  513.115865] FAULT_INJECTION: forcing a failure.
[  513.115865] name failslab, interval 1, probability 0, space 0, times 0
[  513.159859] CPU: 0 PID: 26980 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  513.167796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  513.177163] Call Trace:
[  513.179779]  dump_stack+0x142/0x197
[  513.183434]  should_fail.cold+0x10f/0x159
[  513.187602]  should_failslab+0xdb/0x130
[  513.191600]  kmem_cache_alloc+0x2d7/0x780
[  513.195760]  ? find_held_lock+0x35/0x130
[  513.199829]  ? copy_tree+0x4a2/0x8a0
[  513.203555]  alloc_vfsmnt+0x28/0x7d0
23:24:59 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
io_setup(0x0, &(0x7f0000000080)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
io_cancel(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r3, &(0x7f0000000000)="6374f6bf86688878b5e13b05c02f9f2739aff66129f66052c816c389c295e1fd76ffb71e7d922476a3fdaa6cb6670ec488dcbf5198236ec30032eaa94e8de7f09098cf2790a1af9f55bcad82c87065164aa5ee68cbb1033aca70728e67a7f5de1e31e1681ebe438192625aa0342df7bd91279ae45271990d77350e44eda1858dee2b11fdae798b3482e6efb76af72352441cc764f28f45d700ba95e91dcfce9d9d48008391035bcee0ea9ac09de1c9ad70cb0c31351378fd3212b98ded29e95fb3601d5fa196c19a165820fe13367c2bdad3c9a52f2bb308abb1a874befc663b9b0d1b9894c1b61747d2958caa0f18369fe5e979007df919807fe89b21", 0xfd, 0x7fff}, &(0x7f0000000140))

[  513.207278]  clone_mnt+0x70/0xee0
[  513.210738]  ? lock_downgrade+0x740/0x740
[  513.214890]  ? do_raw_spin_unlock+0x16b/0x260
[  513.219393]  copy_tree+0x33b/0x8a0
[  513.222950]  copy_mnt_ns+0x11c/0x8c0
[  513.226668]  ? kmem_cache_alloc+0x611/0x780
[  513.230999]  ? selinux_capable+0x36/0x40
[  513.235177]  create_new_namespaces+0xc9/0x720
[  513.239683]  ? ns_capable_common+0x12c/0x160
[  513.244097]  copy_namespaces+0x284/0x310
[  513.248171]  copy_process.part.0+0x2603/0x6a70
[  513.252775]  ? proc_fail_nth_write+0x7d/0x180
23:24:59 executing program 3:
clone(0x787467fbcfe1f9c, 0x0, 0x0, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0xffffffffffffffaf)
r2 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r2)
r3 = open(&(0x7f0000000400)='./bus\x00', 0x1141042, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x8000fffffffe)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040)='devlink\x00')
sendmsg$DEVLINK_CMD_PORT_SET(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x9c, r4, 0x0, 0x470bd25, 0x25dfdbff, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8, 0x4, 0x3}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8}}, {{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0x4, 0x2}}]}, 0x9c}}, 0x10)
r5 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/status\x00', 0x0, 0x0)
r6 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r6, 0x7, &(0x7f0000027000)={0x1})
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r7, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r7, r7, &(0x7f0000000240), 0x7fff)
r8 = getpid()
sched_setattr(r8, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000400)={&(0x7f00000001c0), 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xd0, r4, 0x901, 0x70bd2a, 0x25dfdbfc, {}, [{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r5}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x2}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r6}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r7}}, {@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r8}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
setresuid(r1, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
mount$9p_virtio(&(0x7f0000000000)='syz\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x2850608, &(0x7f00000000c0)={'trans=virtio,', {[{@aname={'aname', 0x3d, '{em0eth0'}}], [{@dont_measure='dont_measure'}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@dont_appraise='dont_appraise'}, {@smackfsdef={'smackfsdef', 0x3d, '^\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@hash='hash'}, {@smackfshat={'smackfshat', 0x3d, 'posix_acl_access\x96-/,}keyring*\\trustedproc,'}}, {@uid_eq={'uid', 0x3d, r1}}, {@subj_user={'subj_user', 0x3d, 'em1lovboxnet0*'}}, {@measure='measure'}]}})

[  513.257277]  ? proc_cwd_link+0x1b0/0x1b0
[  513.261353]  ? __cleanup_sighand+0x50/0x50
[  513.265597]  ? lock_downgrade+0x740/0x740
[  513.269756]  _do_fork+0x19e/0xce0
[  513.273221]  ? fork_idle+0x280/0x280
[  513.276948]  ? fput+0xd4/0x150
[  513.280145]  ? SyS_write+0x15e/0x230
[  513.283867]  SyS_clone+0x37/0x50
[  513.287239]  ? sys_vfork+0x30/0x30
[  513.290787]  do_syscall_64+0x1e8/0x640
[  513.294677]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  513.299535]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  513.304729] RIP: 0033:0x45a6f9
[  513.307922] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  513.315652] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  513.322928] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  513.330288] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  513.337577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  513.344859] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:00 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1000, 0x7, 0x3f, 0x8}, {0x2, 0x9, 0x9, 0x80000001}]})

23:25:00 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r4, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000002e00070200"/20, @ANYRES32=r4, @ANYBLOB="ecff120000000000000000de"], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000011c0)={'vlan0\x00', r4})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r5 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r5, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
sendmsg$nl_route(r5, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8008104}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@setneightbl={0x20, 0x43, 0x400, 0x70bd2c, 0x25dfdbff, {0x2}, [@NDTA_NAME={0xc, 0x1, 'vlan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x40008800)

23:25:00 executing program 0:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x200000, 0x0)
fchdir(r0)
open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfff, 0xc7c}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040), 0x4)
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f00000003c0)=0x1)
syz_open_procfs(0x0, &(0x7f0000000000)='loginuid\x00')
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
r2 = syz_open_procfs(0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
getsockopt$inet_udp_int(r2, 0x11, 0x65, &(0x7f0000000280), 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='bpf\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="e7ed5dccb97cfeb3f4cf796575d9a290919c10002f151cd12b7266ab9f7dcf7f4fbb65dc88f99e0fc63985868bd9ef7ee06f42bbb3956a93a20ca7ef647548d949d7a1258674aa7987cfdc3d3b9a181f720e534df78df8f2ab24a9db3329d1d66d63b14d153220bd9df08582955d67f1c31cc17391afcb8555e2b516167637a295ef0d6531ada34a25bbc18a9b2209cfa9fcc5"])
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
write$binfmt_elf64(r3, 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
io_setup(0x2, &(0x7f0000000000)=<r5=>0x0)
r6 = getpid()
tkill(r6, 0x9)
r7 = getpgrp(r6)
syz_open_procfs(r7, &(0x7f0000000100)='loginuid\x00')
r8 = socket(0x0, 0x2, 0x0)
sendfile(r8, 0xffffffffffffffff, 0x0, 0x80000001)
io_submit(r5, 0x1, &(0x7f0000000300)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x933313f415ba6da6, 0x4b, 0xffffffffffffffff, &(0x7f0000000140)="dd55d9cd99ee1676dfa7b8ec9fe2f7b84f511f4479ee1d5f601681c1389563ee46136c34b8b2696a5e7757ac7d682e72b68564b6448dd5299ec7bbc9b431c4b4672ed4d85f17ae98dcbc194d8059fc0c533909f441400ddce920aa1645dde37ec8ad3d014372c17988bd6b20ee673f4ed0156a7a43172e46d9f2121679c12573bde5ea0171a20ea545021d9092adfc89dcc61aff108a8cc7a2e5aecc00e2fc", 0x9f, 0xfffffffffffffff8}])
openat(0xffffffffffffffff, 0x0, 0x0, 0x118)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240)='devlink\x00')
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x68, r9, 0x0, 0x0, 0x0, {}, [@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, @pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, @pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}]}, 0x68}}, 0x0)
sendmsg$DEVLINK_CMD_GET(r4, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000004}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="88000000", @ANYRES16=r9, @ANYBLOB="00082bbd7000ffdbdf2501000000100001006e6574646576736981000000100002006e657464657673696d300000080001007067690014000200103030303a3030302e3000000000080001007063690014000200303030303a30303a31302e3000000000080001007063690014000200303030303a30303a31302e30000000000000"], 0x88}}, 0x4)

23:25:00 executing program 2 (fault-call:0 fault-nth:32):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:00 executing program 4:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x101000, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000000c0)={<r1=>0x0, 0x8}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000140)={r1, 0xbc, "7569325dced93738f0251b911908a3280a34bce3f1838da96bc18c9dc786d5ecdd093e223a6ab40ac2b406a9a414bfe21a82b66e4c310380e244343cc3390aa96367feecc0af5cf7bb6f71879dba7b92b2d8c31379c78b98d66cc7028bf1f75796da79d7a40fd35a8e5e5313b8cc5fdbe1c9715f04c8af17d0fe33c84a5f3d2fb89641d17be9478e7d8a83fd82df111bf0156fc776b09b57bb8ba0efa0e18a2dec612d1c387259d9b81f2faf10e7b72581fed9f561727dbdb90cb63f"}, &(0x7f0000000240)=0xc4)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:00 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r0, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r0, 0x1)
r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r2=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000000c0)={r2}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000000)={<r3=>r2, 0x4}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={r3, 0x10000}, 0x8)

[  513.735232] FAULT_INJECTION: forcing a failure.
[  513.735232] name failslab, interval 1, probability 0, space 0, times 0
[  513.799153] CPU: 1 PID: 27021 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  513.807144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  513.816509] Call Trace:
[  513.819160]  dump_stack+0x142/0x197
[  513.822809]  should_fail.cold+0x10f/0x159
[  513.826986]  should_failslab+0xdb/0x130
[  513.830977]  kmem_cache_alloc+0x2d7/0x780
[  513.835293]  ? find_held_lock+0x35/0x130
[  513.839370]  ? copy_tree+0x4a2/0x8a0
[  513.843096]  alloc_vfsmnt+0x28/0x7d0
[  513.846822]  clone_mnt+0x70/0xee0
[  513.850284]  ? lock_downgrade+0x740/0x740
[  513.854449]  ? do_raw_spin_unlock+0x16b/0x260
[  513.858965]  copy_tree+0x33b/0x8a0
[  513.862530]  copy_mnt_ns+0x11c/0x8c0
[  513.866259]  ? kmem_cache_alloc+0x611/0x780
[  513.870603]  ? selinux_capable+0x36/0x40
[  513.874687]  create_new_namespaces+0xc9/0x720
[  513.879203]  ? ns_capable_common+0x12c/0x160
[  513.883646]  copy_namespaces+0x284/0x310
[  513.887850]  copy_process.part.0+0x2603/0x6a70
[  513.892450]  ? proc_fail_nth_write+0x7d/0x180
[  513.896952]  ? proc_cwd_link+0x1b0/0x1b0
[  513.901030]  ? __cleanup_sighand+0x50/0x50
[  513.905282]  ? lock_downgrade+0x740/0x740
[  513.909445]  _do_fork+0x19e/0xce0
[  513.912910]  ? fork_idle+0x280/0x280
[  513.916632]  ? fput+0xd4/0x150
[  513.919860]  ? SyS_write+0x15e/0x230
[  513.923581]  SyS_clone+0x37/0x50
[  513.926950]  ? sys_vfork+0x30/0x30
[  513.930501]  do_syscall_64+0x1e8/0x640
[  513.934396]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  513.939257]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  513.944453] RIP: 0033:0x45a6f9
23:25:00 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x1ff)

[  513.947644] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  513.955364] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  513.962640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  513.969924] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  513.977469] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  513.984842] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:00 executing program 4:
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x80800, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000000c0)={r0, &(0x7f0000000040), &(0x7f0000000080), 0x4}, 0x20)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:00 executing program 1:
clone(0x481000, 0x0, 0x0, 0x0, 0x0)

23:25:00 executing program 2 (fault-call:0 fault-nth:33):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:00 executing program 5:
clone(0x787467f88fa1d9c, 0x0, 0x0, 0x0, 0x0)

[  514.201058] FAULT_INJECTION: forcing a failure.
[  514.201058] name failslab, interval 1, probability 0, space 0, times 0
23:25:00 executing program 3:
clone(0x10000000, 0x0, 0x0, 0x0, 0x0)

23:25:00 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x0)
open(0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000100), 0x4)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)

[  514.291221] CPU: 0 PID: 27063 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  514.299273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  514.308636] Call Trace:
[  514.311238]  dump_stack+0x142/0x197
[  514.314888]  should_fail.cold+0x10f/0x159
[  514.319052]  should_failslab+0xdb/0x130
[  514.323042]  __kmalloc_track_caller+0x2ec/0x790
[  514.327725]  ? kstrdup_const+0x48/0x60
[  514.331621]  kstrdup+0x3a/0x70
[  514.334820]  kstrdup_const+0x48/0x60
23:25:01 executing program 4:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000bc0)={0x0, 0x1, 0xf, 0xb, 0x4, &(0x7f00000007c0)="77480a7a85b3c22e19f8f9f96355e65b31edbb438a363818074e08e87aed71d58b42f7c0e44cda489382e90ef4970b41560f0b6064aca73805ca43304c584efbffcce9a288cf3af4e787cc1a1226a348c78ba7bc9449a3e7c3c313ba46880fafa20c4ca4551f71774ac306ec95aec2785dff50ea6ed1b81718280dab0013527101c725bccaef93ac025f522b10b4232b19774d40a16266cd190c3fa8bb0011d9066be8fe995aa27721ff31c6af7db4813eeffca52258ed97e70d533b824d39e1965b5ac50152ce361cf1b0fcc267401de4bb8c46d9c6ef02d0605c7dc0c60c8f3298ad698ab9d22f7e10109812ef2f72093522f91926f525b3fadeee1ecdc4c24a7f5a65a19d1286d8024e5add79a06d304c364775992b0252e4df018b6a5170c734826d87dcb4ebda475754236699c8ccc7458f6c34f7bf342aece5ae50b1da7e0f1dbb91d0c07cdca4b446d426ffbb7ae7ed356d61a04a7bfd44ca416e5dbfb7fe53e2fdd0fccdcbaf5425e5cbe9dd11a10dbf37377c297cdf984e169509438a3ac89fc52367b0d564313c816eff800e8e2ff69b141868fa2a3ead775735c90259e517f99aa5b5201262c0c87b4f93bd609c95f387d0ccdf9e9a093a2f5b57ed265d4974a2dd9d7ea19915ba71f043e88de8c89ee580eab03864838c95075a8b75409d9f6a370b7a211d56ae1cfe463d58d90bfa4a49708e2dd708d3ce0069187d162400e2643749c34f321b9de092653f0e0b95602518b8a925d2665be8cac0f76afceff0b42766d44f2a9c8d1049941fb8fcce9c141f0090ebbb122c2eb443774f62cc6ab8a8adc3ffb237ea4a4ed1de9f25070981cb5e6d27af8ef9fc7604846272e8308fb94375f6a81f28ca8fac7241dd1936e8031bd497ce1357a075200861f20b127f0fac65ee8ce621d65f52959b2c4c6c5c6c7a19957d94d069ff4df831b7c6d50800efc74550d31a9ffc55aa1679619d81687933cca948d72af1a00a04f2b565ff1a90e68a30b7fda8b8563d11cc1b2dbaf5c58b4c9a280de2f10a0d49b3b83192824902637437b0c120d1d8b5e20006385117b9c9d957c0f605b2255773669dc26a6fbff48685884f3f581522397dee7a4b449dffd17f547f77eec0040f5e6496420a69a6e83aa678cd854c3d43c2dff38487c2520ff1a81d43e2428842b6a0cb93301028feab419e38e965706889c2906ca28bb11d7ffbac95ce2b4441c2198f59ceadc705292f662cc33accd80b1433e19e23768213709891c32fe0c8b9cd21c24b7328bb35ad1f6d3c6598ce2603d2b43a984b9cdd97fc546e6f512dfc0ce939102f5f69a3938ce3e73a2e9e18662084fd339187bf31da57fba88c14495d6a4c18cd59b17432b53b93adc93c29328f7bfa2834a0c5c04032f31fddd7ef82de8f5af7c7ce09288ef1803904e4c7d1998dad88b0dacc6d7ac4"})
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r3, 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r5, 0x0, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000c00)={0x0, 0x0, <r8=>0x0}, &(0x7f0000000080)=0xc)
setgroups(0x1, &(0x7f00000002c0)=[r8])
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000740)=@broute={'broute\x00', 0x20, 0x5, 0x66e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, &(0x7f0000000000), &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff010000001100000012474cf980f363616966300000000000000000000000626f6e645f736c6176655f310000000076657468305f746f5f7465616d00000068737230000000000000000000000000ffffffffffff0000feffff00aaaaaaaaaa0affffffff00cb9e00000016010000660100006367726f757000000000000000000000000000000000000000000000000000000800000000000000ff7f0000010000004e464c4f47000000000000000000000000000000000000000000000000000000500000000000000001800000bcb8ff0700000000f530cd3007f0f194ac4e783709e11a13c3536c009e1bd5a5b9ccdbed34dde4e104b391fe00406e243c3cd0dfc1aa5ef1985534020a1442d10e170b71316c63d3000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000000000000000000000000000000000000000000000000003000000ff7f00000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000fcffffff020000001100000002000000fbfb687372300000000000000000000000007465716c3000000000000000000000006970366772657461703000000000000000000000000000000000000000000000aaaaaaaaaaaa00000000ffa8ffffffffffffff360000feff6e0000009e000000d6000000434f4e4e5345434d41524b00000000000000000000000000000000000000000008000000000000000200000000000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa250000fbc88a4d00000000090000009afad31b0060766c616e3000000000000000000000006c61706230000000000000000000000073797a6b616c6c65723100000000000076657468305f746f5f62726964676500aaaaaaaaaabbff8100ff00ffaaaaaaaaaa2a007fff0000ffde0000000e010000860100006f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=r3, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r8, @ANYBLOB="0205000000000000766c616e000000000000000000000000000000000000000000000000000000000800000000000000040003003a010402434c415353494659000000000000000000000000000000000000000000000000080000000000000009000000000000006e666c6f67000000000000000000000000000000000000000000000000000000500000000000000007000000070073ff00000000b00c6124603768cd2d1e3fc7f759e237d296dc0d6aa97153f30fc8370c51e4b7944c9098af5eda17209097799c3f360fbfb3ed0e1f657f9c4b93d64e9b8ab9550000000000000000000000000000000000000000000000000000000000000000000000000000000003000000feffffff010000000900000028000000001b6e72300000000000000000000000000076657468305f746f5f7465616d0000006970365f76746930000000000000000064756d6d793000000000000000000000aaaaaaaaaaaa00007e0000ff1fd4464eecf700feff000000ae000000fe0000004e01000071756f7461000000000000000000000000000000000000000000000000000000180000000000000000000000000000000600000000000000901f00000000000049444c4554494d45520000000000000000000000000000000000000000000000280000000000003c0c000073797a3100000000000000000000000000000000000000000000000001000000000000006c6f670000000000000000000000000000000000000000000000000000000000280000000000000006fbb38811de4d3d750c0789e0b7b7e990308078c626346fa5794faba421e700010000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000100000011000000000000006005697036677265300000000000000000006272696467655f736c6176655f3100007465716c30000000000000000000000073797a5f74756e000000000000000000aaaaaaaaaaaa000081ffff0daaaaaaaaaa26010000feffff6e0000006e0000009e0000004e4651554555450000000000000000000000000000000000000000000000000008000000000000000400000000000000"]}, 0x6e5)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  514.338538]  alloc_vfsmnt+0xe5/0x7d0
[  514.342264]  clone_mnt+0x70/0xee0
[  514.345739]  ? lock_downgrade+0x740/0x740
[  514.349892]  ? do_raw_spin_unlock+0x16b/0x260
[  514.354403]  copy_tree+0x33b/0x8a0
[  514.358069]  copy_mnt_ns+0x11c/0x8c0
[  514.361787]  ? kmem_cache_alloc+0x611/0x780
[  514.366117]  ? selinux_capable+0x36/0x40
[  514.370196]  create_new_namespaces+0xc9/0x720
[  514.374698]  ? ns_capable_common+0x12c/0x160
[  514.379114]  copy_namespaces+0x284/0x310
[  514.383182]  copy_process.part.0+0x2603/0x6a70
[  514.387789]  ? proc_fail_nth_write+0x7d/0x180
[  514.392389]  ? proc_cwd_link+0x1b0/0x1b0
[  514.396471]  ? __cleanup_sighand+0x50/0x50
[  514.400704]  ? lock_downgrade+0x740/0x740
[  514.404856]  _do_fork+0x19e/0xce0
[  514.408312]  ? fork_idle+0x280/0x280
[  514.412037]  ? fput+0xd4/0x150
[  514.415254]  ? SyS_write+0x15e/0x230
[  514.418971]  SyS_clone+0x37/0x50
[  514.422350]  ? sys_vfork+0x30/0x30
[  514.425906]  do_syscall_64+0x1e8/0x640
[  514.429805]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  514.434656]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:25:01 executing program 1:
clone(0x787467f3cf11d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f0000000000)=""/10)

[  514.439844] RIP: 0033:0x45a6f9
[  514.443036] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  514.450757] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  514.458037] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  514.465312] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  514.472580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  514.479862] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:01 executing program 3:
clone(0xbcd2df0d48ad3d10, 0x0, 0x0, 0x0, 0x0)

23:25:01 executing program 5:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x800, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000100)=@ccm_128={{}, "85d57dad4a63426d", "8ab037ac12dd8d964e68a7a1482dd5b4", 'a<%2', "c91f9acbfd283bd5"}, 0x28)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000000040)=""/140)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:01 executing program 2 (fault-call:0 fault-nth:34):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:01 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
epoll_create1(0x0)

23:25:01 executing program 3:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000040)={0x7ff, 0x3, 0x7fffffff, 'queue1\x00', 0x7ff})
clone(0x40014500, 0x0, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x6, @local}, 0x0, {0x2, 0x4e23, @local}, 'hsr0\x00'})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/btrfs-control\x00', 0x10000, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = dup2(r1, r4)
r6 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r6)
connect$inet(r6, &(0x7f0000000240)={0x2, 0x4e23, @remote}, 0x10)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r7, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r7, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r7, 0x1)
r8 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r9=>0x0]}, &(0x7f000095dffc)=0x8)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(0xffffffffffffffff, 0x111, 0x2, 0x1, 0x4)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f00000000c0)={r9}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000180)={r9, 0x4}, 0x8)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)

23:25:01 executing program 5:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000080)={<r2=>0x0, 0x76, "2c6db9c7b95d60940e61328043ddee96ea8d3daee1107026f190e923a1027b010bf831213358f0e29d94b3e978f42480b570bc1bea01b8bf09738ec28a6b2e11857c359a7bf89b9fb449033a9f93b7a9d35d28a4be71913b6493a08edd7789cc7332663a4739d310afb7de85a8d074cecfa405a618f5"}, &(0x7f0000000100)=0x7e)
setsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140)={r2, 0x7}, 0x8)
ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f0000000040)={0x4, 0x4, 0x4})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
lseek(r5, 0xee8, 0x0)

23:25:01 executing program 1:
clone(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e24, 0x4, @ipv4={[], [], @multicast2}, 0x1}}}, 0x84)

[  514.729602] FAULT_INJECTION: forcing a failure.
[  514.729602] name failslab, interval 1, probability 0, space 0, times 0
[  514.814307] CPU: 0 PID: 27099 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  514.822235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  514.831593] Call Trace:
[  514.831615]  dump_stack+0x142/0x197
[  514.831634]  should_fail.cold+0x10f/0x159
[  514.831650]  should_failslab+0xdb/0x130
[  514.831661]  __kmalloc_track_caller+0x2ec/0x790
[  514.831673]  ? kstrdup_const+0x48/0x60
[  514.831690]  kstrdup+0x3a/0x70
[  514.831701]  kstrdup_const+0x48/0x60
[  514.831711]  alloc_vfsmnt+0xe5/0x7d0
[  514.831727]  clone_mnt+0x70/0xee0
[  514.850828]  ? lock_downgrade+0x740/0x740
[  514.850841]  ? do_raw_spin_unlock+0x16b/0x260
[  514.850855]  copy_tree+0x33b/0x8a0
[  514.850872]  copy_mnt_ns+0x11c/0x8c0
[  514.850881]  ? kmem_cache_alloc+0x611/0x780
[  514.850894]  ? selinux_capable+0x36/0x40
[  514.850908]  create_new_namespaces+0xc9/0x720
[  514.850919]  ? ns_capable_common+0x12c/0x160
[  514.850931]  copy_namespaces+0x284/0x310
[  514.850943]  copy_process.part.0+0x2603/0x6a70
23:25:01 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
ioctl$MON_IOCH_MFLUSH(r1, 0x9208, 0xfff)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r2 = syz_genetlink_get_family_id$tipc2(0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r13, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r13, 0xae80, 0x0)
ioctl$KVM_RUN(r13, 0xae80, 0x0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xf9, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYPTR=&(0x7f0000000700)=ANY=[@ANYBLOB="e24a882aa621c9ddfcbf2d3838", @ANYBLOB="dfa77637c30596965d96f42f1b07a8f1629246263903c77d3798a9313eaad86d68647eb8dee15e51a60f751c6235a21c4bb616549c7c09f19cc9628c471efba7411c8dfb78245e2e4ef8c99a379ece2a1846fa722b60b44535170af477cdbab40fb10ddfd533f92920d99a0891e56b59ece548ac", @ANYRES16=r0, @ANYRESOCT, @ANYRESOCT=0x0], @ANYRES32=r4, @ANYPTR=&(0x7f0000000900)=ANY=[@ANYRES64=0x0, @ANYRESDEC, @ANYRESDEC=0x0, @ANYRESDEC, @ANYRES32, @ANYBLOB="4a9fd8e488116cc9c0f2d6a0f67ff3215a8f1e853e91e208a03432dff151a813f25eee4407400c4ce29d5eeda74486944eac2a35bec77dc5a5e8388abfef8c6b4791f49e15c71a4dcc460520ed377e50b0b6171d9be7a4013c599e1e575db47da6a1b23da29aca6881e09d1573ad844d9b3a5420a602f657fc7cfc5f01beb959cb9194c49a441d6cf8814f3fa9dca6adc88df6d1ccfc5abe13e8d69583a318855ca8c3612fcad0600abde4e4b92742fd2cc6ae16154947e8607e7848ca10c34c549c5223ac8d5b24917ff1ce4a649d20c7f4086813a12a6234c8a319a0f547", @ANYPTR64=&(0x7f00000007c0)=ANY=[@ANYRES64=r6, @ANYRESHEX=r8, @ANYRES16=0x0, @ANYRES32=r9, @ANYRESOCT=0x0, @ANYBLOB="47a64c7b2c91842ecfa6579cd965611901d565d8fc55fc7628639289b2744e956204779b5ae698311544d0398e22f7954d002d3d54f0e3a80c0a197f25f65356c4fb41e22e3cb7af40731a94ee82b41bc508b0db61029ee6650d34d31d5891d506696f2d960b7f9cf9e7c6355854ab176bcdb277e6da5ca4ace7a17be864e1ebc1d6899d9619ebb44063b3d5363128d5b1cc373193530f", @ANYRESHEX, @ANYRESOCT=0x0, @ANYRESDEC, @ANYRES64=r10], @ANYRES16=r13, @ANYRES16], @ANYRESOCT, @ANYRESHEX]}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000440)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="be6a8fef", @ANYRES16=r2, @ANYBLOB="0a0327bd7000fedbdf250b000000940001000c00020008000400060000002c0004001400010002004e21ac14141c00000000000000001400020002004e22e00000020000000000000000100001007564703a73797a30000000001c00020008000200030000000800020000100000080001001a0000002c0002000800010001000000080001000600000008000400ffffff7f080003000200000008000400ff07000014000700080002003f000000080001008a0ff328440007000c000400733b00000000000008000200010100000c00040001000000000000000c00040009000000000000000c0004002a6700000000000008000100000000801c0009000800010005000000080001000400000008000200bf0000003001010044000400200001000a004e2100000080fe80000000000000000000000000002403000000200002000a004e230000fffffe8000000000000000000000000000aa0900000044000200080002000000000008000200b60e000008000200cab10000080002000002000008000200200000000800030050320000080001001b000000080003000700000038000400200001000a004e24000024e000000000000000000000ffffac1414aa018000001400020002004e21ac1e00010000000000000000100001007564703a73797a3000000000080003008100000008000300000000004c000200080003000000000008000400000000000800020009000000080004003c0d000008000400d70000000800010001000000080003000300000008000300fbffffff08000200050000004c0007000c0004000800000000000000080001000100010008000100010100000c00030004000000000000000800010000004000080002000200000008000200070000000800020061ed0000a40004003c000700080002000300000008000200000000000800040004000000080002000000000008000400b9bc0000080002003e0c0000080003002262000014000700080002000900000008000300200000001c000700080004000400000008000400eee00000080003000004000014000700080004000900000008000200050000001400070008000400ff7f000008000100110000000c00010073797a3000000000340007000c00040040000000000000000800020002000000080002001c0000000c000400060000000000000008000200000100003c000100380004001400010002004e22e00000010000000000000000200002000a004e21000000ff00"/934], 0x3ac}, 0x1, 0x0, 0x0, 0x4}, 0x10000000)
r14 = syz_genetlink_get_family_id$nbd(&(0x7f0000000600)='nbd\x00')
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x28, r14, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xfffffffffffffce0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x28}, 0x1, 0x0, 0x0, 0x48000}, 0x8041)

23:25:01 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(0xffffffffffffffff, 0x6431)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000080)='./file0\x00', 0x8, 0x1)
io_setup(0x0, &(0x7f00000000c0))

[  514.850965]  ? proc_fail_nth_write+0x7d/0x180
[  514.868880]  ? proc_cwd_link+0x1b0/0x1b0
[  514.868900]  ? __cleanup_sighand+0x50/0x50
[  514.868912]  ? lock_downgrade+0x740/0x740
[  514.868928]  _do_fork+0x19e/0xce0
[  514.868940]  ? fork_idle+0x280/0x280
[  514.868955]  ? fput+0xd4/0x150
[  514.884804]  ? SyS_write+0x15e/0x230
[  514.884820]  SyS_clone+0x37/0x50
[  514.884827]  ? sys_vfork+0x30/0x30
[  514.884842]  do_syscall_64+0x1e8/0x640
[  514.884850]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  514.884866]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  514.902081] RIP: 0033:0x45a6f9
[  514.902087] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  514.902096] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  514.902101] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  514.902106] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  514.902112] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  514.902118] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:01 executing program 0:
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000240)='/dev/sg#\x00', 0x0, 0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfffffef3)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000802, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
dup2(r2, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$caif_stream(0x25, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unshare(0x0)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xf8c44189f7000000}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528ac06}], 0x1, 0x0)

23:25:01 executing program 5:
clone(0x787467fbcfa3d9c, 0x0, 0x0, 0x0, 0x0)

23:25:01 executing program 2 (fault-call:0 fault-nth:35):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:01 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
write$P9_RSTAT(r0, &(0x7f0000000000)={0x56, 0x7d, 0x1, {0x0, 0x4f, 0x7, 0x39f0, {0x12, 0x4, 0x4}, 0x10c0000, 0x3, 0x2, 0x9, 0x8, 'vboxnet0', 0xc, '\\!&*vboxnet0', 0x7, 'selinux', 0x1, ')'}}, 0x56)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:01 executing program 1:
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)=0x200, 0x4)
clone(0x787467fbdfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  515.252814] FAULT_INJECTION: forcing a failure.
[  515.252814] name failslab, interval 1, probability 0, space 0, times 0
[  515.267173] CPU: 1 PID: 27151 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  515.275090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  515.284465] Call Trace:
[  515.287059]  dump_stack+0x142/0x197
[  515.290740]  should_fail.cold+0x10f/0x159
[  515.294896]  should_failslab+0xdb/0x130
[  515.298884]  kmem_cache_alloc+0x2d7/0x780
[  515.303165]  ? find_held_lock+0x35/0x130
[  515.307242]  ? copy_tree+0x4a2/0x8a0
[  515.310973]  alloc_vfsmnt+0x28/0x7d0
[  515.314696]  clone_mnt+0x70/0xee0
[  515.318154]  ? lock_downgrade+0x740/0x740
[  515.322313]  ? do_raw_spin_unlock+0x16b/0x260
[  515.326827]  copy_tree+0x33b/0x8a0
[  515.330475]  copy_mnt_ns+0x11c/0x8c0
[  515.334196]  ? kmem_cache_alloc+0x611/0x780
[  515.338535]  ? selinux_capable+0x36/0x40
[  515.342604]  create_new_namespaces+0xc9/0x720
[  515.347088]  ? ns_capable_common+0x12c/0x160
[  515.351502]  copy_namespaces+0x284/0x310
[  515.355577]  copy_process.part.0+0x2603/0x6a70
[  515.360186]  ? proc_fail_nth_write+0x7d/0x180
[  515.364792]  ? proc_cwd_link+0x1b0/0x1b0
[  515.368868]  ? __cleanup_sighand+0x50/0x50
[  515.373122]  ? lock_downgrade+0x740/0x740
[  515.377290]  _do_fork+0x19e/0xce0
[  515.380755]  ? fork_idle+0x280/0x280
[  515.384477]  ? fput+0xd4/0x150
[  515.387680]  ? SyS_write+0x15e/0x230
[  515.391407]  SyS_clone+0x37/0x50
[  515.394771]  ? sys_vfork+0x30/0x30
[  515.398315]  do_syscall_64+0x1e8/0x640
[  515.402206]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  515.407061]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  515.412252] RIP: 0033:0x45a6f9
[  515.415437] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  515.423155] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  515.430435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  515.437713] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  515.444992] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
23:25:02 executing program 4:
clone(0x20200, 0x0, 0x0, 0x0, 0x0)

23:25:02 executing program 4:
clone(0xffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
tkill(r0, 0x25)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000040)=[@mss, @mss, @mss, @mss, @sack_perm, @timestamp, @window, @timestamp], 0x8)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000000))
ptrace$cont(0x9, r0, 0x0, 0x0)
clone(0x2100000, 0x0, 0x0, 0x0, 0x0)

[  515.452268] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:02 executing program 5:
clone(0x4000000, 0x0, 0x0, 0x0, 0x0)

23:25:02 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000001200)='/dev/vsock\x00', 0x0, 0x0)
setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000001240)={0x5, {{0xa, 0x4e24, 0x377, @ipv4={[], [], @multicast2}, 0x100}}}, 0x88)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x80000, 0x0)
ioctl$BLKGETSIZE(r1, 0x1260, &(0x7f0000000040))

23:25:02 executing program 2 (fault-call:0 fault-nth:36):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:02 executing program 3:
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, &(0x7f0000000000)={0xb53, 0x40, 0x5, 'queue1\x00', 0x3})
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
socket$packet(0x11, 0x2, 0x300)
sendto$inet(r1, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r3}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000000c0)={<r4=>r3, 0xdf, "851dfc68d2e7c3561872b011c459d15a49e0212c2bc8aca3fb3780c98ea696c0e7cd45d4c89e94cc3809ef357a75c49fd77816251ba365bcda426490fa82dc196fb53c6cf69990eacb50466fbdfb69bdddb1266ce29bfc2b7d32e977d4e14200fab7f0e3352a3fbd5ab1930e34c58ed0512ad6bd683be72c62383898ba36c0a5749dd43997d04287d427846f0685c02fb8e5960623e63eca1edf7abcb63427dafb216c2f99147fd50fdd359c24e7c8cffea817ca1c6588598b4fcd6b843cab18cb48099cfe45eddbe6a9bff5d86e78955bbef2288d6be3746200b72f5dd4a7"}, &(0x7f00000001c0)=0xe7)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={r4, 0xe0000000}, 0x8)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:02 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x4a0000, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x1000, 0x3})

[  515.704348] FAULT_INJECTION: forcing a failure.
[  515.704348] name failslab, interval 1, probability 0, space 0, times 0
[  515.747258] CPU: 0 PID: 27179 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  515.755193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  515.764550] Call Trace:
[  515.767150]  dump_stack+0x142/0x197
[  515.770784]  should_fail.cold+0x10f/0x159
[  515.770801]  should_failslab+0xdb/0x130
[  515.770813]  __kmalloc_track_caller+0x2ec/0x790
[  515.770828]  ? kstrdup_const+0x48/0x60
[  515.770839]  kstrdup+0x3a/0x70
[  515.778945]  kstrdup_const+0x48/0x60
[  515.778956]  alloc_vfsmnt+0xe5/0x7d0
[  515.778968]  clone_mnt+0x70/0xee0
[  515.778979]  ? lock_downgrade+0x740/0x740
[  515.778989]  ? do_raw_spin_unlock+0x16b/0x260
[  515.810175]  copy_tree+0x33b/0x8a0
[  515.813707]  copy_mnt_ns+0x11c/0x8c0
[  515.817405]  ? kmem_cache_alloc+0x611/0x780
[  515.821709]  ? selinux_capable+0x36/0x40
[  515.825801]  create_new_namespaces+0xc9/0x720
[  515.830424]  ? ns_capable_common+0x12c/0x160
[  515.834828]  copy_namespaces+0x284/0x310
[  515.838878]  copy_process.part.0+0x2603/0x6a70
[  515.843449]  ? proc_fail_nth_write+0x7d/0x180
[  515.847946]  ? proc_cwd_link+0x1b0/0x1b0
[  515.852033]  ? __cleanup_sighand+0x50/0x50
[  515.856262]  ? lock_downgrade+0x740/0x740
[  515.860396]  _do_fork+0x19e/0xce0
[  515.863834]  ? fork_idle+0x280/0x280
[  515.867531]  ? fput+0xd4/0x150
[  515.870706]  ? SyS_write+0x15e/0x230
[  515.874405]  SyS_clone+0x37/0x50
[  515.877751]  ? sys_vfork+0x30/0x30
[  515.881271]  do_syscall_64+0x1e8/0x640
[  515.885154]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  515.889981]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  515.895166] RIP: 0033:0x45a6f9
[  515.898348] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  515.906097] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  515.913370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  515.920651] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  515.927940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  515.935269] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:02 executing program 5:
clone(0x5884400, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x2c00, 0x38)
fchdir(r0)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, &(0x7f0000000040)={0x1, 0x0, 0x2, {0x4000ca, 0x4, 0x4, 0x10000ff}})

23:25:02 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x1, 0x10000)
ioctl$SIOCRSSL2CALL(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)=@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0})
socket$inet_tcp(0x2, 0x1, 0x0)

23:25:02 executing program 3:
clone(0x6ded8b8d3231752e, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000000)={0x1, 0x5, 0x3})

23:25:02 executing program 2 (fault-call:0 fault-nth:37):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:02 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x25000)

23:25:02 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x25000)

[  516.075140] FAULT_INJECTION: forcing a failure.
[  516.075140] name failslab, interval 1, probability 0, space 0, times 0
[  516.122368] CPU: 0 PID: 27213 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  516.130315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  516.139681] Call Trace:
[  516.142275]  dump_stack+0x142/0x197
[  516.145920]  should_fail.cold+0x10f/0x159
[  516.150082]  should_failslab+0xdb/0x130
[  516.154081]  kmem_cache_alloc+0x2d7/0x780
[  516.158234]  ? find_held_lock+0x35/0x130
[  516.162300]  ? copy_tree+0x4a2/0x8a0
[  516.166016]  alloc_vfsmnt+0x28/0x7d0
[  516.169724]  clone_mnt+0x70/0xee0
[  516.173166]  ? lock_downgrade+0x740/0x740
[  516.173176]  ? do_raw_spin_unlock+0x16b/0x260
[  516.173186]  copy_tree+0x33b/0x8a0
[  516.173200]  copy_mnt_ns+0x11c/0x8c0
[  516.173207]  ? kmem_cache_alloc+0x611/0x780
[  516.173218]  ? selinux_capable+0x36/0x40
[  516.173232]  create_new_namespaces+0xc9/0x720
[  516.201932]  ? ns_capable_common+0x12c/0x160
[  516.206350]  copy_namespaces+0x284/0x310
[  516.210413]  copy_process.part.0+0x2603/0x6a70
[  516.210431]  ? proc_fail_nth_write+0x7d/0x180
[  516.210439]  ? proc_cwd_link+0x1b0/0x1b0
[  516.210456]  ? __cleanup_sighand+0x50/0x50
[  516.219534]  ? lock_downgrade+0x740/0x740
[  516.231946]  _do_fork+0x19e/0xce0
[  516.235407]  ? fork_idle+0x280/0x280
[  516.239128]  ? fput+0xd4/0x150
[  516.242328]  ? SyS_write+0x15e/0x230
[  516.246053]  SyS_clone+0x37/0x50
[  516.249412]  ? sys_vfork+0x30/0x30
[  516.252956]  do_syscall_64+0x1e8/0x640
[  516.256842]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  516.261695]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  516.266885] RIP: 0033:0x45a6f9
[  516.270065] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  516.270075] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  516.270081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  516.270086] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  516.270091] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  516.270095] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  516.320130] protocol 88fb is buggy, dev hsr_slave_0
[  516.325352] protocol 88fb is buggy, dev hsr_slave_1
[  516.330484] protocol 88fb is buggy, dev hsr_slave_0
[  516.335526] protocol 88fb is buggy, dev hsr_slave_1
[  516.340646] protocol 88fb is buggy, dev hsr_slave_0
[  516.345681] protocol 88fb is buggy, dev hsr_slave_1
23:25:05 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10)

23:25:05 executing program 1:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000200)={0x0, 0x0, 0x1, 0x0, [], [{0x1f, 0x100, 0x8001, 0x3, 0x5, 0x4}, {0x5495, 0x100, 0x4, 0x200, 0x3, 0x7}], [[]]})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000000)={{{@in=@multicast2, @in=@broadcast}}, {{@in6=@initdev}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8)
clone(0x4008100, 0x0, 0x0, 0x0, 0x0)

23:25:05 executing program 3:
r0 = socket$inet6(0xa, 0x3, 0xff)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r1, 0xc02c5341, &(0x7f0000000080))
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000000))

23:25:05 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000000)={0xffe1, 0x6, 0x1})

23:25:05 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x25000)

23:25:05 executing program 2 (fault-call:0 fault-nth:38):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  518.523386] FAULT_INJECTION: forcing a failure.
[  518.523386] name failslab, interval 1, probability 0, space 0, times 0
[  518.544685] CPU: 1 PID: 27241 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  518.552630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  518.562008] Call Trace:
[  518.564590]  dump_stack+0x142/0x197
[  518.568221]  should_fail.cold+0x10f/0x159
[  518.572359]  should_failslab+0xdb/0x130
[  518.576319]  __kmalloc_track_caller+0x2ec/0x790
[  518.580984]  ? kstrdup_const+0x48/0x60
[  518.584868]  kstrdup+0x3a/0x70
[  518.588050]  kstrdup_const+0x48/0x60
[  518.591759]  alloc_vfsmnt+0xe5/0x7d0
[  518.595462]  clone_mnt+0x70/0xee0
[  518.598916]  ? lock_downgrade+0x740/0x740
[  518.603048]  ? do_raw_spin_unlock+0x16b/0x260
[  518.607530]  copy_tree+0x33b/0x8a0
[  518.611070]  copy_mnt_ns+0x11c/0x8c0
[  518.614775]  ? kmem_cache_alloc+0x611/0x780
[  518.619082]  ? selinux_capable+0x36/0x40
[  518.623148]  create_new_namespaces+0xc9/0x720
[  518.627644]  ? ns_capable_common+0x12c/0x160
[  518.632047]  copy_namespaces+0x284/0x310
[  518.636099]  copy_process.part.0+0x2603/0x6a70
[  518.640676]  ? proc_fail_nth_write+0x7d/0x180
[  518.645184]  ? proc_cwd_link+0x1b0/0x1b0
[  518.649269]  ? __cleanup_sighand+0x50/0x50
[  518.653557]  ? lock_downgrade+0x740/0x740
[  518.657708]  _do_fork+0x19e/0xce0
[  518.661154]  ? fork_idle+0x280/0x280
[  518.664858]  ? fput+0xd4/0x150
[  518.668036]  ? SyS_write+0x15e/0x230
[  518.671855]  SyS_clone+0x37/0x50
[  518.675221]  ? sys_vfork+0x30/0x30
[  518.678775]  do_syscall_64+0x1e8/0x640
[  518.682668]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  518.687513]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  518.692693] RIP: 0033:0x45a6f9
[  518.695865] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  518.703644] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  518.710898] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:25:05 executing program 1:
clone(0x8690623091ac1727, 0x0, 0x0, 0x0, 0x0)

23:25:05 executing program 3:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$USBDEVFS_DISCSIGNAL(r0, 0x8010550e, &(0x7f0000000040)={0xffffff81, &(0x7f0000000000)="38e137ed335ea7761f66353a103fb2856a9a2a467b4876e704a454e24f4383"})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:05 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x25000)

[  518.718178] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  518.725432] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  518.732684] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:05 executing program 4:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000000)=0x10, 0x4)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:05 executing program 2 (fault-call:0 fault-nth:39):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:05 executing program 1:
clone(0x200000, 0x0, 0x0, 0x0, 0x0)

23:25:05 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x3f, 0x90004)
r0 = socket$inet(0x2, 0x6, 0x5)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000080)={0x89, @remote, 0x4e22, 0x1, 'wlc\x00', 0x4, 0x8, 0xc}, 0x2c)

23:25:05 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x8001, 0x111080)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x8, 0x0, 0x80})
syz_open_dev$mice(&(0x7f00000000c0)='?dev/input/mice\x00', 0x0, 0x10100)

23:25:05 executing program 5:
clone(0x787467fb4fa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000000)={{0x9, 0x90}, {0x1, 0x9}, 0x3, 0x3, 0x3})
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$TIOCNOTTY(r1, 0x5422)

23:25:05 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x25000)

23:25:05 executing program 5:
clone(0x80000000, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x40, 0x0)
ioctl$IMGETDEVINFO(r0, 0x80044944, &(0x7f0000000040)={0x7fffffff})

23:25:05 executing program 4:

23:25:05 executing program 1:
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000040)={0x20, 0x0, 0x5, 0x400, 0x82e1})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000080)=""/127)

23:25:05 executing program 3:
clone(0x20000000, 0x0, 0x0, 0x0, 0x0)

23:25:05 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x25000)

[  519.075557] FAULT_INJECTION: forcing a failure.
[  519.075557] name failslab, interval 1, probability 0, space 0, times 0
23:25:05 executing program 4:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
read$usbmon(r0, &(0x7f0000000040)=""/157, 0x9d)

[  519.171286] CPU: 1 PID: 27295 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  519.179207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  519.188586] Call Trace:
[  519.191193]  dump_stack+0x142/0x197
[  519.194838]  should_fail.cold+0x10f/0x159
[  519.199003]  should_failslab+0xdb/0x130
[  519.202987]  kmem_cache_alloc+0x2d7/0x780
[  519.207138]  ? find_held_lock+0x35/0x130
[  519.211189]  ? copy_tree+0x4a2/0x8a0
[  519.211199]  alloc_vfsmnt+0x28/0x7d0
[  519.211209]  clone_mnt+0x70/0xee0
[  519.211218]  ? lock_downgrade+0x740/0x740
[  519.211227]  ? do_raw_spin_unlock+0x16b/0x260
[  519.211238]  copy_tree+0x33b/0x8a0
[  519.234272]  copy_mnt_ns+0x11c/0x8c0
[  519.237991]  ? kmem_cache_alloc+0x611/0x780
[  519.242313]  ? selinux_capable+0x36/0x40
[  519.242330]  create_new_namespaces+0xc9/0x720
[  519.242343]  ? ns_capable_common+0x12c/0x160
[  519.242356]  copy_namespaces+0x284/0x310
[  519.250887]  copy_process.part.0+0x2603/0x6a70
[  519.250906]  ? proc_fail_nth_write+0x7d/0x180
[  519.250915]  ? proc_cwd_link+0x1b0/0x1b0
[  519.250933]  ? __cleanup_sighand+0x50/0x50
[  519.250943]  ? lock_downgrade+0x740/0x740
[  519.250959]  _do_fork+0x19e/0xce0
[  519.284303]  ? fork_idle+0x280/0x280
[  519.288038]  ? fput+0xd4/0x150
[  519.291243]  ? SyS_write+0x15e/0x230
[  519.294967]  SyS_clone+0x37/0x50
[  519.298341]  ? sys_vfork+0x30/0x30
[  519.301890]  do_syscall_64+0x1e8/0x640
[  519.305784]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  519.310644]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  519.315851] RIP: 0033:0x45a6f9
[  519.319043] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  519.326760] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  519.334036] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  519.341315] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  519.348594] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  519.355863] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:06 executing program 2 (fault-call:0 fault-nth:40):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:06 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000040)='NET_DM\x00')
sendmsg$NET_DM_CMD_START(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r1, 0x14, 0x70bd26, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x10)

23:25:06 executing program 5:
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$KDFONTOP_COPY(r0, 0x4b72, &(0x7f0000000440)={0x3, 0x1, 0xe, 0x1d, 0x12c, &(0x7f0000000040)})
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = open(&(0x7f0000000400)='./bus\x00', 0x1141042, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x8000fffffffe)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040)='devlink\x00')
sendmsg$DEVLINK_CMD_PORT_SET(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x9c, r3, 0x0, 0x470bd25, 0x25dfdbff, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8, 0x4, 0x3}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {0x8}}, {{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0x4, 0x2}}]}, 0x9c}}, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x60, r3, 0x400, 0x70bd27, 0x25dfdbfb, {}, [{{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x14, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x2}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x8040}, 0x80)
clone(0x787467f3cfb1f9c, 0x0, 0x0, 0x0, 0x0)

23:25:06 executing program 4:
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x4)
ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f0000000400)={0xa, 0x16})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/sequencer2\x00', 0x80000, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000440)='/dev/full\x00', 0x80800, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000000780)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000500)=ANY=[@ANYBLOB="0c020000", @ANYRES16=r2, @ANYBLOB="00002dbd7000fedbdf250f0000000c000900080002000000008018000200080002000400000004000400080001000400000038000200080002008000000008000200540800000800010003000000080001f0ffffff00080002000600000004000400080002000100000038000200080001007f0000000400040008000200ff0f000004000400040004000400040008000100090000000400040004000400040004000c00090008000100010100001c0001001000010069623a636169663000000000080003000000000014000600080001000100000008000100000800001c0104000c00010073797a310000000054000702080001000b00000008000200030000000800020000000000080004000f7a0000080004000010000008000300010000000800020007000000080003000800000008000400e10d0000080004000100000024000700080001000d000000080001000b0000000800040005000000080001000f0000001c00070008000300b5000000080004000200000008000200040000001400010062726f6164636173742d6c696e6b00000c00010073797a31000000001400010062726f6164816173742d6c696e6b00002c0007000800030005000000080001000e0000000800010005000000080004000800000008000300000000000c00010073797a31000000000c00010073797a31000000000c0006000800010000000000"], 0x20c}}, 0x10)

23:25:06 executing program 0:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x25000)

23:25:06 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:06 executing program 3:
clone(0x91c2b1c2e640490f, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80000)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100)='devlink\x00')
sendmsg$DEVLINK_CMD_PORT_SET(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, r2, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [{{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0x4, 0x1}}, {{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0x4, 0x2}}, {{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0x4, 0x2}}]}, 0xa4}, 0x1, 0x0, 0x0, 0xd20aadafe99e0cbd}, 0x0)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x246800, 0x0)
setsockopt$sock_void(r3, 0x1, 0x24, 0x0, 0x0)

[  519.485682] FAULT_INJECTION: forcing a failure.
[  519.485682] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  519.497552] CPU: 1 PID: 27342 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  519.497560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  519.497564] Call Trace:
[  519.497580]  dump_stack+0x142/0x197
[  519.521029]  should_fail.cold+0x10f/0x159
[  519.525194]  __alloc_pages_nodemask+0x1d6/0x7a0
[  519.529875]  ? __alloc_pages_slowpath+0x2930/0x2930
23:25:06 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1330e47d, 0x101001)
sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8002004}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x300, 0x70bd2b, 0x25dfdbfc, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x2004c054}, 0x80)

[  519.529898]  cache_grow_begin+0x80/0x400
[  519.529909]  kmem_cache_alloc+0x6a6/0x780
[  519.529923]  ? find_held_lock+0x35/0x130
[  519.547183]  alloc_vfsmnt+0x28/0x7d0
[  519.550908]  clone_mnt+0x70/0xee0
[  519.554366]  ? lock_downgrade+0x740/0x740
[  519.558516]  ? do_raw_spin_unlock+0x16b/0x260
[  519.563019]  copy_tree+0x33b/0x8a0
[  519.566567]  copy_mnt_ns+0x11c/0x8c0
[  519.570281]  ? kmem_cache_alloc+0x611/0x780
[  519.574629]  ? selinux_capable+0x36/0x40
[  519.578682]  create_new_namespaces+0xc9/0x720
23:25:06 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f0000000000))

[  519.583173]  ? ns_capable_common+0x12c/0x160
[  519.587580]  copy_namespaces+0x284/0x310
[  519.591649]  copy_process.part.0+0x2603/0x6a70
[  519.596236]  ? proc_fail_nth_write+0x7d/0x180
[  519.600727]  ? proc_cwd_link+0x1b0/0x1b0
[  519.604804]  ? __cleanup_sighand+0x50/0x50
[  519.609051]  ? lock_downgrade+0x740/0x740
[  519.613201]  _do_fork+0x19e/0xce0
[  519.616651]  ? fork_idle+0x280/0x280
[  519.620368]  ? fput+0xd4/0x150
[  519.623566]  ? SyS_write+0x15e/0x230
[  519.627289]  SyS_clone+0x37/0x50
[  519.630668]  ? sys_vfork+0x30/0x30
[  519.634217]  do_syscall_64+0x1e8/0x640
[  519.638105]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  519.642963]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  519.648190] RIP: 0033:0x45a6f9
[  519.651394] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  519.651406] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  519.651417] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  519.673697] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:25:06 executing program 0:
socket$inet6(0xa, 0x80003, 0x6b)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x25000)

23:25:06 executing program 5:
clone(0x787467fb86e159c, 0x0, 0x0, 0x0, 0x0)

23:25:06 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x25000)

[  519.680964] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  519.688233] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:06 executing program 2 (fault-call:0 fault-nth:41):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:06 executing program 5:
clone(0x200, 0x0, 0x0, 0x0, 0x0)
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000000)=0x2)

23:25:06 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x25000)

23:25:06 executing program 1:
clone(0x100000, 0x0, 0x0, 0x0, 0x0)
get_mempolicy(&(0x7f0000000080), &(0x7f00000000c0), 0x8, &(0x7f0000001000/0x1000)=nil, 0x1)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000)=0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r3, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r3, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r3, 0x1)
r4 = msgget(0x3, 0x8)
msgctl$IPC_INFO(r4, 0x3, &(0x7f0000000380)=""/68)
r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f00000002c0)=ANY=[@ANYBLOB="01000000fb8ca6e5e669e2", @ANYRES32=<r6=>0x0], &(0x7f000095dffc)=0x8)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000300)='/dev/cachefiles\x00', 0x141a00, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f00000000c0)={r6}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000180)={<r7=>r6, 0x101}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000280)={r7, 0x2}, 0x8)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/mls\x00', 0x0, 0x0)
ioctl$VIDIOC_G_OUTPUT(r9, 0x8004562e, &(0x7f0000000140))
ioctl$KVM_ASSIGN_PCI_DEVICE(r8, 0x8040ae69, &(0x7f0000000040)={0x80, 0x5, 0xc4, 0x9, 0x4})

[  519.847137] FAULT_INJECTION: forcing a failure.
[  519.847137] name failslab, interval 1, probability 0, space 0, times 0
[  519.883191] IPVS: ftp: loaded support on port[0] = 21
[  519.888464] CPU: 1 PID: 27383 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  519.896359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  519.896364] Call Trace:
[  519.896381]  dump_stack+0x142/0x197
[  519.896400]  should_fail.cold+0x10f/0x159
[  519.896416]  should_failslab+0xdb/0x130
[  519.896427]  kmem_cache_alloc+0x2d7/0x780
[  519.916116]  ? find_held_lock+0x35/0x130
[  519.916133]  ? copy_tree+0x4a2/0x8a0
[  519.916146]  alloc_vfsmnt+0x28/0x7d0
[  519.916157]  clone_mnt+0x70/0xee0
[  519.916168]  ? lock_downgrade+0x740/0x740
[  519.924271]  ? do_raw_spin_unlock+0x16b/0x260
[  519.924287]  copy_tree+0x33b/0x8a0
[  519.924305]  copy_mnt_ns+0x11c/0x8c0
[  519.924312]  ? kmem_cache_alloc+0x611/0x780
[  519.924325]  ? selinux_capable+0x36/0x40
[  519.932105]  create_new_namespaces+0xc9/0x720
[  519.932117]  ? ns_capable_common+0x12c/0x160
[  519.932130]  copy_namespaces+0x284/0x310
[  519.932142]  copy_process.part.0+0x2603/0x6a70
[  519.932157]  ? proc_fail_nth_write+0x7d/0x180
[  519.932165]  ? proc_cwd_link+0x1b0/0x1b0
[  519.932181]  ? __cleanup_sighand+0x50/0x50
[  519.932194]  ? lock_downgrade+0x740/0x740
[  519.997904]  _do_fork+0x19e/0xce0
[  520.001343]  ? fork_idle+0x280/0x280
[  520.005044]  ? fput+0xd4/0x150
[  520.008218]  ? SyS_write+0x15e/0x230
[  520.011914]  SyS_clone+0x37/0x50
[  520.015261]  ? sys_vfork+0x30/0x30
[  520.018784]  do_syscall_64+0x1e8/0x640
[  520.022666]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  520.027501]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  520.032691] RIP: 0033:0x45a6f9
[  520.035877] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:25:06 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x25000)

23:25:06 executing program 4:

[  520.043570] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  520.050838] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  520.058092] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  520.065342] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  520.072608] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:07 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x22042, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r1, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0), &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={0x0, 0x2, 0x30}, &(0x7f0000000080)=0xc)

23:25:07 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffd000/0x2000)=nil)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)={0xae, 0x5, 0xfa67e66fbaad37ab, 0x8000, 0x3, [{0x4bf9, 0x6, 0x401, 0x0, 0x0, 0x202}, {0x2, 0x1, 0xffffffffffffb8c7, 0x0, 0x0, 0xdbb1bcfb0bc3541d}, {0xf01a, 0x800, 0x2, 0x0, 0x0, 0x200}]})

23:25:07 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000000))
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000040)=""/41)
eventfd2(0x1, 0x141801)

23:25:07 executing program 2 (fault-call:0 fault-nth:42):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:07 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x25000)

23:25:07 executing program 1:
clone(0x80000000, 0x0, 0x0, 0x0, 0x0)

23:25:07 executing program 5:
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000)='/dl\x00\x00\x00\x00\x00I7\x00', 0x2620c0, 0x0)
write$P9_RWSTAT(r0, &(0x7f0000000040)={0x7, 0x7f, 0x1}, 0x7)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x10200, 0x0)
ioctl$TIOCMSET(r1, 0x5418, &(0x7f00000000c0)=0xa6b)
clone(0x70030000, 0x0, 0x0, 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x400000, 0x0)
connect$netlink(r2, &(0x7f0000000140)=@unspec, 0xc)

23:25:07 executing program 0:
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x25000)

[  520.908883] FAULT_INJECTION: forcing a failure.
[  520.908883] name failslab, interval 1, probability 0, space 0, times 0
23:25:07 executing program 4:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='rdma.current\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000080)='./file0\x00')
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
accept(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f0000000180)=0x80)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000200)={0x3, 'veth0_to_bo\xf8\x00', {0x1}, 0x5})
ioctl$RTC_ALM_READ(r2, 0x80247008, &(0x7f00000000c0))
clone(0xa014dd00, 0x0, 0x0, 0x0, 0x0)

23:25:07 executing program 1:
clone(0x1095100, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000))

[  520.987645] CPU: 1 PID: 27421 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  520.995611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  521.004979] Call Trace:
[  521.007589]  dump_stack+0x142/0x197
[  521.011230]  should_fail.cold+0x10f/0x159
[  521.011249]  should_failslab+0xdb/0x130
[  521.019376]  kmem_cache_alloc+0x2d7/0x780
[  521.019390]  ? find_held_lock+0x35/0x130
[  521.019401]  ? copy_tree+0x4a2/0x8a0
[  521.019413]  alloc_vfsmnt+0x28/0x7d0
23:25:07 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
accept4$rose(r0, &(0x7f0000000040)=@short={0xb, @dev, @default, 0x1, @null}, &(0x7f0000000080)=0x1c, 0x80000)

[  521.019425]  clone_mnt+0x70/0xee0
[  521.038625]  ? lock_downgrade+0x740/0x740
[  521.042787]  ? do_raw_spin_unlock+0x16b/0x260
[  521.047291]  copy_tree+0x33b/0x8a0
[  521.050839]  copy_mnt_ns+0x11c/0x8c0
[  521.054553]  ? kmem_cache_alloc+0x611/0x780
[  521.058883]  ? selinux_capable+0x36/0x40
[  521.062975]  create_new_namespaces+0xc9/0x720
[  521.067487]  ? ns_capable_common+0x12c/0x160
[  521.071902]  copy_namespaces+0x284/0x310
[  521.075970]  copy_process.part.0+0x2603/0x6a70
[  521.080563]  ? proc_fail_nth_write+0x7d/0x180
[  521.080573]  ? proc_cwd_link+0x1b0/0x1b0
[  521.080594]  ? __cleanup_sighand+0x50/0x50
[  521.080605]  ? lock_downgrade+0x740/0x740
[  521.080617]  _do_fork+0x19e/0xce0
[  521.080628]  ? fork_idle+0x280/0x280
[  521.080641]  ? fput+0xd4/0x150
[  521.080649]  ? SyS_write+0x15e/0x230
[  521.080661]  SyS_clone+0x37/0x50
[  521.101004]  ? sys_vfork+0x30/0x30
[  521.101021]  do_syscall_64+0x1e8/0x640
[  521.101030]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  521.101048]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  521.101056] RIP: 0033:0x45a6f9
23:25:07 executing program 0:
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x25000)

23:25:07 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
recvmmsg(r0, &(0x7f0000001380)=[{{&(0x7f0000000000)=@rc, 0x80, &(0x7f0000001300)=[{&(0x7f0000000080)=""/198, 0xc6}, {&(0x7f0000000180)=""/63, 0x3f}, {&(0x7f00000001c0)=""/21, 0x15}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000001200)=""/213, 0xd5}], 0x5}, 0x8}], 0x1, 0x40, &(0x7f00000013c0)={0x77359400})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:07 executing program 0:
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x25000)

[  521.101060] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  521.101069] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  521.101074] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  521.101079] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  521.101084] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  521.101089] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:07 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = socket$bt_rfcomm(0x1f, 0x3, 0x3)
fallocate(r0, 0x25, 0x4, 0x100000000)

23:25:07 executing program 2 (fault-call:0 fault-nth:43):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:07 executing program 5:
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x41)
ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000200)=""/230)
clone(0x787467ffc7b1f9c, 0x0, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000300)='bpq0\x00')
r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x80, 0x0)
ioctl$MON_IOCX_GET(r2, 0x40189206, &(0x7f0000000180)={&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000080)=""/196, 0xc4})

23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000180)=0x25000)

23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000180)=0x25000)

[  521.334434] FAULT_INJECTION: forcing a failure.
[  521.334434] name failslab, interval 1, probability 0, space 0, times 0
[  521.393483] CPU: 1 PID: 27467 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  521.401416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  521.410808] Call Trace:
[  521.413410]  dump_stack+0x142/0x197
[  521.417051]  should_fail.cold+0x10f/0x159
[  521.421219]  should_failslab+0xdb/0x130
[  521.425203]  __kmalloc_track_caller+0x2ec/0x790
[  521.429889]  ? kstrdup_const+0x48/0x60
[  521.433788]  kstrdup+0x3a/0x70
[  521.436987]  kstrdup_const+0x48/0x60
23:25:08 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000080)=0xc)
r4 = getgid()
setgroups(0x1, &(0x7f00000002c0)=[r4])
write$FUSE_ATTR(r0, &(0x7f00000000c0)={0x78, 0x0, 0x4, {0xfffffffffffffffa, 0xffff, 0x0, {0x0, 0x0, 0x3ea0fbee, 0x4, 0x1, 0xfff, 0x9, 0xccf, 0x5, 0x9, 0x3, r1, r3, 0x100, 0x20200000}}}, 0x78)

[  521.440711]  alloc_vfsmnt+0xe5/0x7d0
[  521.444428]  clone_mnt+0x70/0xee0
[  521.447887]  ? lock_downgrade+0x740/0x740
[  521.452042]  ? do_raw_spin_unlock+0x16b/0x260
[  521.456546]  copy_tree+0x33b/0x8a0
[  521.460099]  copy_mnt_ns+0x11c/0x8c0
[  521.463814]  ? kmem_cache_alloc+0x611/0x780
[  521.468141]  ? selinux_capable+0x36/0x40
[  521.472207]  create_new_namespaces+0xc9/0x720
[  521.476730]  ? ns_capable_common+0x12c/0x160
[  521.481147]  copy_namespaces+0x284/0x310
[  521.485220]  copy_process.part.0+0x2603/0x6a70
23:25:08 executing program 5:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cachefiles\x00', 0x0, 0x0)
close(r1)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r3, 0xffff}}, 0x10)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000000)={0xf, 0x8, 0xfa00, {r3, 0x12}}, 0x10)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  521.489799]  ? proc_fail_nth_write+0x7d/0x180
[  521.494296]  ? proc_cwd_link+0x1b0/0x1b0
[  521.498374]  ? __cleanup_sighand+0x50/0x50
[  521.502622]  ? lock_downgrade+0x740/0x740
[  521.506785]  _do_fork+0x19e/0xce0
[  521.510263]  ? fork_idle+0x280/0x280
[  521.514003]  ? fput+0xd4/0x150
[  521.517205]  ? SyS_write+0x15e/0x230
[  521.520927]  SyS_clone+0x37/0x50
[  521.524295]  ? sys_vfork+0x30/0x30
[  521.527841]  do_syscall_64+0x1e8/0x640
[  521.531731]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  521.536591]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x0, &(0x7f0000000180)=0x25000)

[  521.541781] RIP: 0033:0x45a6f9
[  521.544966] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  521.552678] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  521.559959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  521.567319] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  521.574605] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  521.581888] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:08 executing program 1:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e23, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @multicast2}, 'erspan0\x00'})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
r3 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x80200)
sendmsg$netlink(r3, &(0x7f00000029c0)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000002980)=[{&(0x7f0000000240)={0x12b8, 0x2d, 0x1, 0x70bd29, 0x25dfdbfe, "", [@generic="de161eb6225643a511fa3afbdea8000a61330a90b1f436aeea0bfe609a78304dfaa756656d587b99c29f99c47fdd56831f49b5eb32b090a7b3a30a", @generic="1da49db53675fe89826bb05daf9ee4a3bbfbd4d226dc8caf1fbc602d4baacdc649d66b1b3ee559dd45b71a8e77f7f6ce725705d96814783f32f4776116bb1adf23ba30f79e81b4b128e59faccab2915666908adfa80d8f794a79c47b82d9c8672f224457ba4b731b750aa2c635c7e5c31c2eb888b2b51e0288b87083c7de77032770b66f9d7b59dcb83e57b56bb078846af56d5e42addd92f75d4df48fa0a1bcaf49e36b4829228c424c97a4f1d63544fd6cd4cf5c397909eb1362a8588002191b40602de6d7f7c7134a8593ffc98e641d1b7b1e382c0e76ef1419c8f053a59246bc54810767fc5dd91f04f37d496f96d8", @nested={0x117c, 0x8e, [@generic, @typed={0x8, 0x80, @u32=0x1}, @generic="62746b0a350fbaf2b4d419ad12f38f99e55fdf64432e726f2d1c2eaa7075404ac64ff7050c7120a82f40c54f51b7ee770cda048deb7b5cb013bf209f77446541a95dde2c68fa5da880f33b32c8bca1a285919883c6c18eece142121055a540caa6ee311d20ef9652aedf05893687438f380b439adacf534e4417366b63fc5449bbf8477cad4980fb89b5caca2752bef6576eb9f828815332dd2656f396df5e507ef8387ee1de4ed5a95737b8695a343c48cbe773e704fa5881ad5169c79c11d9074c6f7f6613f770b7ba851f0a45de6c2681f139184bc8c3056c578842958173a57b4ae483c28ef50baa301da2ed94bc799c6786642e666ac4939a5a1afd06f6eb09faacb1febe8daf74e183db6d44d2c48d83a6e94c2e70140a17bfbf0c2d8a778e60eac6773902202153dc957c74a1e53f7f4500b4c8851688bc5e12f050b2f6ea3087ac343048e2c350c8531b4fa10e9a7a83ca1e31d3a70975a7e3256b3f87284c945898e76a799161cf7182f0eb976c3807883b2d7cab8c25bda3c4fe3a85077e9b9fb43867c683492ae3c41210649b1b02ada5e702b03bddb06ad41c7088aed44983072a60c15770cfb812623719e5275bc239999949c5cd415a308ffb210ce7162c6fb6af7784360ada4a64ef510a74e035d5b073c99372c476bfb18fe4aaebe6a6768e75a19764b5d536252214612b94c8ee0bb71798ed7db546df6af1bd9ad35b348ba0e4ce7eaebdc25587f904253a0cdfe5958577882b086e6d0e6029aa9f2107855b7e8afa2cd887fd802f0ad41c3f487fa0fe7efb72e088fabd107b1751b6ed030f9a281db4e850352e8908a5487f1ad688ee6c205786b769b11679a4b0928410e5a8c0b7889a72be519f678d90c3ca081586a73bd244b1cdb73a8f724579a8e45dbc70dc7674923c0b1489946916fc644b27e723c16f4806bb6d42c884fc0b4e67f5ec6da56d0b77a10220329a0b11f40ba2d467c674f8dc09264a02484a588b48794e4e03c89dbfc80765a6c1e67fbefbc7aef099062f9420e79887222ab6d13928945e9a1735b609fe9ea31468faa86b9bf78bfa953487a31a4ddf0c7316c4b50f4e5056d7e9832736d93181d8568d0d4e3637454bce9c5cd469848b4d044f9d500a979271e7db938f5262c3eaeacb8ac7d6133cc25afaa2fc7aee58dfcd3d8a4b2f9b9e5f7545735a78027b801d58c8a3348338b1ef46213884b457473da886fdcfeffbc5cb8a2e3e99208efcc1f525f0c07f7694c8fc36e0ff515308fccd2936da83d14fb952b2f6b9d473f9412efae579cfee67c54532f54511419e4644460e78b076ddbee91456e7c592a22edef5716b9351cbd84bffca4fb58a33f27b6d9c04a3d94865e374755e528a8477d436d59e0cf1c8c7d745cf850046751ee7847f11d9d35e193ff8bb029b35c811b882750544c86f33a63eb7d2e8261c925a6ac30cc7430cf76ca08942a8a1450cb00d7adc90aa8767e4a4331def5df18e06049184401290afbdee674849b961fe771831c2cf0d522277bf3e7b38093a795f6c222b8be973e77d0f03280eb646ea85552238ac50e53ee03630f54b5eaf0bbd3d9622e340fb077640265dbfc1372cd22efd85fbf76a32d9eb57e9394195811c74afeaec58fe92492c40b51c909b879ccca7324c64594976632e0d0b8b61fd51c823022db73e9df4cf3b9b8d905c74ce33b22ecf362e4670008efb985817b31387b628f32ec38a2aeb6657e078553b070214d7d7e88a161c1d03e8a3cb3368d491a7b215808404d2eccf64ee1642da690f6ca2d3481b65d5ac3b848697401678ae6ee3aab1d3e7d5a85fe96df337109dfd3e2bd23c3ce90092eb8b8bf2fad055295cc8e05948472feb0adadfd5dcaf89cdb3811e464224cfa487ef6b747032389fad8f5de643082c755ee18fa103e2e4fb64ad26201dfa8b985de33481cd0b9f94a3738f833968661610617623b43d190b73ce682e0e97644ba9aae80dc586ca223994176ddf45c6693db9ad242c610ce44ac227aeb2f93545a62f0dfb5ed811e7fb43d0acd99ebcd0db30898ca9b9c5f4fda63bdfa785be2c53f0f3d5ce04facc03a22a9502b974af99ae89951a0dd80447369e88f6c0c00aeab7aae87423653edc98a926a1ddc813d7d85c9d0c6163ba0a76a07c46c937c732e1a58c5d862077871c19b00705792b94011629c61f0ce9190234768a1ee69ff81474a0e5b37e3a02e2041ba11f5d76f03d160f6ace072ac869baa920208dfe710a2055f3c43409de8d547d60811d8ba72224338529b5ada5f157cd1ae947e3484608ab345e4da8072bf13318899a14da05847a8e7d191a71341e16ea1e0d9a3300be68b2ba42aa90b3e1f8ddcc86cb93f364490b3d9ffbe508a26990560504e476c3e79d8ccd2e0fd6ab9b962f09396eb4e654e6e32d3420a794b6ebb9d5edc5278e399766f65c17e0e736e61ec5e48912b12a01a032f751ff9994c7dca4cc98d3f01e16368188ef338e9d1a40ec01c00748466f11ef0c7029fc026f1741f621e264bd9b5e2986bd382edf1a3a987363c07201002cbad3a5575348f6770507262d5a2ddddaa6c3110c31f700b5094cf7d88dc9dcedb69312d9ca8f31be3d615f940849783e60aedcdde93eaef30c5c625f20622f5dd3a1acb1d570e2352e580f2eba654afdd7239050a32bb4ef92a7ccb5393fbcd25c8cd3d9672d1c181b859f66f87f4be3a676e2518d665e1a0a177413d59b183c87f52caffa231dad710dbbfe67d47c43dc4c8b43eee672bccb63e67318c7ca828731dc36f7c99521c7661ca236b35f8678d1a7af2bce1e51cfe54f3c4b4276b172692a7f0ef6ce4a696f8e722077b0ccc36c8c696c79da8d45e28646f71c7f231acc4b16e241964f869330cd03a61f81f9ea5041d5d5a12ce81d27aa6e0d766152262df817d565d866ec6356954006fbf8bd75cfec55016b269fb6afc2743bb5deeef9b09428b8c1c0f404a2c001ec412b932bbb006b6cf9d11439bb3215aadcf96a247d5a3008e6bb3e3d08ec7ee94fd45abdc562dc765c60c35a2657808456e7f126c5c62e4a9a8f8abc40551ff33a0c5e6ed7f4094d7a8f0cc3b675624d520e6fdf9dfbae86eb187b219468c95f4d456682802c5aa43a391830e032ecfe31f1813ee21008cfba9f13a9ee1f4c25172a8e5dce6910523036a26ba11dc43079a0e906c5c516ec2beb03e50ea5fefdb85b021d0c78ecc25416fd62f3bc2bb44fc8a9742fd3fdcfe0922a58492d94a84d512aa3f7b178719f89f4481722e98a4db51992e4f7c08f7719ae44b6e306746dbd6a06152efef42bbdf0ff148097e139f349bc0f64b432a637bf72a6cdd8abbc3ecd22884daf68a4c280fc4ce83013dc4d9cbc28be6f83adf0f2f79d78cd73d463b6a3525d746aa1591efeaf0aedaaa32379b1100e58547b6486f0b454355a2b1af9fd57bdc6e354e68763490a310caacd1e38386726c78bdbeea1ccffeea1ae00ea4cc9dca9a193477bdb42f6972732eef11858f10f8fd3934847ea457cead55581d1e20ec4f861616cc9e32edb1e81a4fd68c4fb86296eb6d608642068a7d7ef823b932c2430f7425f16bba9be3a85ae87b1172f959a3362d2fcc9c7386f919c53ec621545b99b43789e7010f716307f2e609bc0479a3805a5977ecb816f031e5dc8beb215125e5d69eb90f95ab7e6d6e8e9150bfc485e9a4c621f8c3063a5a580b229883f427888be056ac24dfcc68989e304c9e3ffee38f34efff307b10cc69edd92fd5f9c6bca189d66abef2ec6fb90aeba28c34dd18ebc7493f010e8a26099499e660fc47a1b1a35b2288feb381a13a9927f7587a349eb29234bf772383df9d938a3d31f99a015aad3e1aaca9a192568a7f9e5905cd18584c8c0dfe7fb8dacb77a35676cf096ed6e9f6acad3d1c67b479710585f88ec1dad1e0221152ae012d55dce4900b87a798c7ec66dbbb546ce203742b20f497363f47f85090b80ec3008de72d4d0d34c92b22eb5c56a6012db36fc6be5ff59afed66bdbc360f41bedcfccaab1277d1db7146b443fcfb0fec25238ed49e41fe624377918ef61213e9f4f46201ce515f5bfd3f1e4b40802b4e1aaf8526581fd4a2e00732fe6b9b4df02c80957d3a8388e2800a70e97e5467255982d4538cd7b61a0fce816d1f5cec3002a6dcb81dee0ac18dd1f42bd14adcec1ca8ae5299b5fc398dc0038bd44b29063c9bf741e71a4a24453711535ed3c0d4fa2197a82681108c98b223a1557e2d50bc78c61c6486e97ad0358eb56a830a753fbdc5d389e3d07787a1c2d4c5f6edcac4d3045ef3ac460f4f67b84f0fcce349184b3c8396d4dba71c458b6d671cbca09397fce0e34557c54ea6ea16ac3cfa720488f9ee02a7631c937cf8aba09bbfe2e4bd44c1634761c678d19499dbb8b33e27a0f850d4802da7e4d5661dead3ea9228b94fb20596835e79ff214fc87cc09b9b0c23f79c02b33157c60757bad11d7e3b7dc5cbe0f4634c4151182a159b1a7c51c741dc1873892d7afed6f2588173c4ee1734ea65eb341f059fc7db250533d51a17b2d9017b895624ad5d258e76ef5c9f4531ed94113eba3ef78351879ad5b2ea4165db41d6523d72452b18056a9a5eb18d1ff744924c2829fe5e12d01c79beff77a189693515a6ee64259e9e0de3a3bedd23d59803feebad39ca52bffe100173565279e697f5313873b2afc2470add2251ee10a32f74f051f02735370135e1093b91e1704017dc491666cafda8c9a6297fbe615af33e518b32e7c27f71623b297ccd9c20eb337e7396d4b6ae0698c514846f41508cfba733629bd4d8a01ab9b25ffb02c14f09e752f8852a5b4968f1a3797ef8c86f4e46e3867ccdc21ae4f8b537e8aacb39a351b3fe0e4f39565af6781c725354e94efa742e42d2ed686e98e87cecd32b644d7896972dbeee39ef28c97c19802a61d6869543f89ea6bac4090b256c8a0c69b41ec271f6eeecd58b01337fbf9f5ec9b9d248e22ea96d6c90f3e086e0accffaac5cf7ab6c7d6fbd4c7b65dc30be7874f7a377e38ff6e87af9004c6d2fbd8b953d8cacb0c49f9ee8044d9c6b983a9330bb3b6949c71083821c04ffbaf91591b4bc0ca374917db46552f15ad057f5685abae811d7ccd14d081d0863ef5347442a6ac5f24e06adb96d3b260e2ddbc14966fb83e52ce6e482924fb110510805162c3417edbecf03f09541ae51af40de481814588d3d0e316656bb6d7a9d67819f2c8be2c3dc321c6881fcc9b6f9f94cf22c001c224898e907ec958197706c47d4819033d0da4c2da6d8fb9651372ff169afc2c777b8e6f63aaed48a34ed74b583de922e4d9c9ab370c439ff86d0f04c7e70b6f570db9c0b8a0651ddc9745cd713e7f733d11ed4872be0317e0b15714698041ab2fbbe869283a392679317b5313902ca1b50d5081e6dd8d698467e5ac4ceca4f7c842f024b39739bef8e0246da11e66d2d809462cc7a1de0ce911eb23ea8dedde50b018762992e235168fb59c02a7d00a94d36766ade31acdce687c5eb4b431617febda0c5abc96eaf7d61a7c1583e9733f697dba82b8d707203ff61ab348b1c850715f4070525764be9e290b11e60f55e6ff3080cda30fce5ec38fec174de7d1614aa9eb18ecbbd264584961a3725aa74b3f7fe46f0a0b2aa0606b2bcd4cf29c4956bae24cdc091aef64d3af141739614bffce2423fa2a07703b3e63c24d22476b4c9695ccd55bdee376f7bbb8621c169f47e2ad562e4fdc9f93cc8b0c162e26b6213f1c1f0997919fbf7e89daae67cb049", @typed={0x14, 0x8e, @ipv6=@local}, @generic="5e4974afd832e2e1bdb208672d82e912ed7b1eef20c575cf6f4da1a4a3cab9b60fae3ecf390b10c15572cb8139553ad490787ef71fe6aa882d98bad2342120788cdd2d5fe4d731f8491645518088d0c2c8c35c3eaeb0170b1a169c3bf1147901", @typed={0x4, 0x14}, @generic="f99992a96c5717d11b40d8f80bd94806363bc45615f73860d53f8043ecdea470641b58581fc9f2cc532045df8033a990a099db81d93f51c3fb0f0bc9e808e71683656f9fb90f6fe35d362b820955cb2452ce2e4998fb0f1a156b348668b0b4e752e7e6d2deca1e73e731bb6de8863de4b18c6832c2f766943a65839c325295b246ae409799eb30ca512be9524c6cadf3683020b7239ffc004a58611bbe253ed6fdf8fce473113169b2aefe86d7e37859ee8987a8f572a23e43cb25b58c9bfd8a", @generic="69af6a8a1cd6c6b8638553083693170b029ab24e3da0e3caf4d4ff3d714d95fb9a38bb707876a3da131bd00454f2ca0f96b149a0a50d"]}]}, 0x12b8}, {&(0x7f0000002a00)=ANY=[@ANYBLOB="9c1200002200040028bd7000fcdbdf2502750b82953daca5a387c1d31fe89b2bcb8702f6a22d04e104228d79702dfae29e1d18669f287c42070e4ab254c35dba4054058dee2b786c74c4305b58c6ede84ae2ffb33a185adb087995e0fc53142da964e6c6c992f198749e9cf064f77e4bf39392fbf1dbb0d358d275a16d9bed22576c5b172b1ef5d30e582b9a26178b1c2ac5e3816cef4b735f59c31700b3309586eee39cf3a06755ca3a300069d82d6a85a7994d6cd7185fe98df33c9c7b0b7ce7176e07609ec5a5260228838614bf6462490204525f108cd674660f32ea38c35d045d609bbac245d3cc1a9c2e2a7e0b089604e3f2d010b92f5b26180ff3af059477da1551a8d3afc32e8ccd6b965a6174130c11671d40781b138119d6188847352496830f726b0c8a7bb9b91d352decac5457c5be668a4390b539999486c936d4b39719e35dd0da6d4fa0b9df51d9511a31ecc58788be21d9cbdc0277989ee6f3232a05e976ddb0f000b2f6b53cd358198808562be5eb49b73e906844853d5dcb263c239b8ab632ad9824389d7ca6b60b6053729a908d948d1ec70ff75d439e20809107d33b1e940c5a69de2d6be8b6fe36a2cbefda863a349558a4e89b939b520be57dfff9404b22e1f3877702ffa8ae3aac204d0edf5d3f1232f3d5b1fe11b1cff6f56d827fc7af767066598a4b54828343335d94b7a7b8e5fe834fdd2904e2ec0e5ed17c57b9afa1fe655cdb196491307565ea35df3d5f2eb8a9a4324ebde7c71b42a47f284212ce62beb9bae37c1b356107d1a56e054445eb312fc11041087d59acb7887520f4da55dea6f577765733f491afc3e8f3567965c448bf8c9723570891870883ebf869745bcfec9aa05cffa6c043961c8038b1d4d1df50679edf1c7eab8330c7ef6b45b800953f67dc7be48cdc4c17cdbd40f74b79fcfa37e70b10ed429e12fd0159bd7a1fd5e5458ef02534cc1f2d16260ea13b65314198911ae4fd6c5de173fbd8d085bc9b66e6862ee507d758afcd991d97836123642456140a51d83e42e1eeb56bad590b60ce28d7945063e5b8f6df21738e701a891fd242661f36d3c5e981e1e9e5685b7d47aeac7b397b35eadc4146a2de9ae06857017b0037d503afda054088b23ebd6396b107e9cb6da2b50bffb779dd94a8f27e41817895fcc293ea42d25ee21a5caecc18d80d604b7cc842a57b1bf365d256fb0cee314946398373ab21e347d05aa22000aa30686faec8809fff7a834b745733cfc5f283b633aea3a6fbf26af1060d3d14f336e23c110e7357a4a5df4d875f753c8f12fe70391cf23b0ce1b12bcad54b5119f8d675ca5c34d6cd35c0f1b873cb39b21a2b1d42fdde0726c098f0a1049ab21a233a2952482a2b396838ca41d9c3b2ad6b09a2610fe27a3141d020ddca1b30b7687cec68ccd76e0c7c7aa5b74f6ef4a9699c249f034d023a8a52bcdc023f1d09e5310f115a001e16398dcd03ef1899ba92f939757635fe223a2a559cdf10053b282084e4e30c1a18727c87f0bb754780fdde38f0227cbb7627e0361ef44601c4c4abf391793ba327d1e231f785b3ae04e76b32c8d481f1477a804f40ecba8d3d6496337b18c0d2d9da8deb03a96008c8c6730deed60a936e61383c0657d44f0526fa545ba1b4e7ece6249ab2164f46914ce399c5862e6731fa848643ffd6cc6f84a3ad34211049b472a5faea576c6fa921895e7d4e482c40429190dd5214273859db6eb45e7d17b8fa92784109a379ce98cebe5919389671f269ce09a9b53e963a4755ba2fcd23727dbacc1b15b12741a4aa1bfe65cd302c879c508afddd5e1add35bc52b5295ba475ef83fe74945a0206518ff08555d8ee9cf62933ea75477fc16952e9420f5396a59b4dbac13625108d005fc7c5d1c285c5cc87e7bee44ddcd161c4f1e7029e2e0598fac03ec78867e4fb7fb97bfb1c8d0d3a3daf3e335f2a3e63a11da515c794251461b897ed368d74399ae3561e005b8c194a4f995a67f1933315c2fad5c10d4bf5e12f849855c79a23bde846e38646cf0180497e2f2753f2985f61072baa82255f56dc3e0cc5feb9cadd30a8cd322dfc43009d0b58179f11903826feed47a6c38d05e81122da1abb0f0f1c5705780923ec98857f1d96b0b0d5e0cccc70dd3b503ff02e7fe5455194ab8172ad6ad90423a885a16666ca1f171a7578323c9b66ec7855c45636907945fb78b930bc501c3d6691889826ae7e3d2fa4d81bb08f4127673802f79c23b28863cb61cbbd419466c67917d5f1ed8e8d79692b9e34de3f006a84d755b28db678f500c73ee93c2881c174fc005cd06e99f30dd9b99911561adb3d2cc7d8edf22477d81753a33702bf7ab141c99d285faef91d7ef0703673d7130905c4e1da65d0cc24383fb54ce9ed8214d675855d19738eb53623e90b582901f805fc2d340ebe246133e2f9722403749f4297cc492995ed46f6f17ba70cbae746a9fd1320dd121f7f0e31925ca8df00935dbc60270115106ab0d13ff25f2ebe9eafd4c5aee3934a9a67fb34a2d7c0d682ef054b55c9f442dfa382f71f4caa1d92dc0ed510eba97597c3c05f7cddf77c55a7d97e6ee954b3afd73648754baeb5a89a2b11f5474dfb89bd10b22281aaf570e2b836335dfadd1efa2eee2fbe4f33e18ec9fd339239a878cff9cf6165db50f581b5b3cc6aec3547b6f19a8eb21804bfe8905b5ed7c028e4922e9187ae4c430f28a20f57ae5c76601b27a63add9d0d347278efadb6600ec1e34fb3f5fc405ffac7e912bdacc794bd0b3adde45181e743529efeec4115f24730324076189267b037395c5872715f420649aa8e9839642d3730ce59be6330d19c14f1d633250437e0036505b41128e179e4f29fa79ec12f18f61127c225d2f9b1945886c160ae071ddffc18a17bf3aba293a6b7c73716b2c1fcca4a0e94d1738871b4241b8faaba9e352575217ce19c96b108063f6afd65000000000000000907ddaf529837473b27b7c2c2a61d2dc8552eedee72c09b24efc7fd87c8087b50cb6508f35266d4d548f5941c4bacae20ab0b94354ddd30144bb7452c126664ee787342b6cc18a98c570f3fd99c076400ff43bed2af15854606c4c5c2e01227d72cd8683ba1a417250a64667d3b2fca3a60172ef2f567c436507a77c836a1c75cfcf577066512f6e343af6e6c863522cc00c9449691f4d093780f274e7cea497795a980ac4d12eaa6f6d4592d08b780aec10c4b65ad462e0afcc1decbd5803560212e30dc8c2ab298a59d532b9b51da091c9aa0b0afc259b4034a130ad7c5dc278e9b06caba3cd659498d45f3dffcdac7640318c1df03d554b8b255038741fcf0cd280db0e53ffe5a21c7f2b4ad3a6314a147cf0f8056d5f710ed66a555f0b795c48ad1c5ae48438b293b1dc77c0ae81fd2c284549d70f9b1e41e0580c6c14471e10a87712cca33d8edca262e81c6163b25c0e88d6581c044b86904872798902111b1653f7da58667fe3df722bcbe3022061a07278ad485a6ee0798f8b6e3a799332f7994cd455c45ec0447e2b46be87e4e9783291f69d2de749f0e452cae19b4fa9251f2e3d503f8368767d5aaf24b659e3be45e4a5a475d1ee5820f8e167964fe740248a60d41f6f40e7e8a926a3e419bfe12815e736d0536a38a95418d980a3b5d11b943167390ed60a3867b3708e27039299e031f690e8917e7035610cd76dc56d94ce6e43ab5581db70914b02375d5c0c7b54ea76e165033eeb4d9803314a9face91702e5ef2d60c060721499c5a296a4199fcc5fb0487f3862c5b4e7d709087e79fe4482b98e60a9327fca85dda22e910c6dc2a2f9aa2a1625027e5961e18d51281c4acbde8fb7b2baaa45460e650fe9fd70018c9762ffcc4c02b380efc870f0d5a8e5faacd9b8224e3a5640452a4c864c671fe5aa8fd31315948185960f1904e4f41c8f629eeb478aa4d90af18f7b9640008681b09bdfc4a48e8d2ca773d07768502627f51c28463bd3e5850d97c2c67f7af6a4392716cd6b52c5ac63b36120578945457b1b4a41010ca635999d37ff3a2ad14aaeb9f14ae1f70c5ae9d8cf1e577b1eec560e3e345efbbd7be8f8328bc879315ee367736e88c8a4a1144a4059c53df013f14b4a45f8905b48950af49aa7e54c9e2623dea16ddcdfe702af52f34fcd5d31e4592cce766283616e273a948c6a2ba9ce34a3c0d1b68f8992a03309af606db8451619556108a8af93865e7e492d899a4cdd56221819a5cea257021c34e2044a3f2b24cc341ca1358e1bf0b64aaca88108eeca102eaa4ead6e65c2b3a9191a5d748722360b2205e547f20d91db3d1020caf93f23b9f42ddb2c0ca5cf8e1a58ed01a46b51f060619f4d191452e015a88086e585a7d19a1e5f18408f5c0343d0bb03097b94e8b2014d814d2ba3b24e16633cb50c3ea3dbfe318542b2572d778b00ce17207ea5912bb2a4dd9714f30d1f84be34665f2d406343cbd0385706294d50be344f6c17bf7c98cac43b787fac74d0675b73e39a0179ebec4adc102ee94c75ad0c2e0709214d5e1e0631fce381c3fe1a85d79d03e76f5adf2384cf52faadc70f401014622cb8b6e6eeacae5e99e75f1d584504a3091be9fa232337955c1368c7adadb6942ca37b6138fb2babf131b482ae638781f8f4883e869a6ab48f3f520f7987fc8ff9301c5f9cf6df217bbc14079e9d5738798b67c6c54335be1608eeb082abf9ddff4a3c302be6a34f9fa6e04ff170b754a3f14157ce19f9fbc600455a4f17c3d237ea538954d6dbc323397b4ad61c81397a47a75c9a4200a7dedd8902180c96d37ce6efc0f0d8f257a4093bacaddbc4fd22bdc32675450f6529251490d68a923312c570eb8e96b7d1fccd8677d4f6c232b30b127fa40482f1b4f1effbb1ac84f030371379244a164af023fb2f9e571ffe057c3736ed149977f26e1a0c48ba2698b153584301af4d388449913e72bea8ed06ddccf1373871ec5eadd89a67ae4da50e41a0e4fecddb1cd1fa399ca64f1b937403a61ac43c4af90933160dbf6ce9ea055a52af691b16d4d0390d96a33a69a31f82c2cc8296a64f8f24013a10f40e6fe1291efe25439c5337b045cc06a4b40383cdfc8342382b8543d9d61b64bda4c3f5d98f6d4874549694471934245f467e20d558c95c188ff4ed80ae026d1c27b33f6f8f996a3c2d4db80fa872314bb69b015812ec76c0671cb0910ae007ffdc356ec1faec4ad825151da9abfa167e5c3c4161ddc17adaa9fba2b7d08fe369ea7cb02aed2d77cfb6c118182ea4f7f05060ee71cc662b7b678dc5f0f202501cfca129c82104cdf2179687872c5e62a7e766fc051f288b68b56675e507d58dded65859af98913cbfa81e513f15341e4b384f2eea2dfbc10eecb1bc5cc11fdcbd074dabe54c70c14960298634387e0172a7385da6b79c966bd679a17930f53026ee31598f1597077bcb2342216cd8e8669087f37000000006ff2f258e7de42cb7086c748efc4fadc88e1805f7b338e3d5f65682bc10ef3fae4d24e5c03b39fba0f1884c9fc444913ea73654dc9fea3346a6b02b1e2b19b5e53d983ed31a0006b3a0e0fc50cf447036b019b8f634c3fb255303fb11ea508426a4fb32a846addd252df2a6ac749354b45787877f886785ae912a46a19ed3dd47ce42bd4f2dd30b87019d9fee251a2f5efceea649dd5730cbac1802e904dafa3c7ce0adcf333aa2340c5cdcc7388db3a439fbb485bfa16d10412ad6e0934b788632535235d749ecd86477359ccaab5db918090ec0f639124ad70396661bd5222c8003600fa4a36428d7a0e9eb1d53ee0f7898f7ccca95491cb0120ffc89bad2a02d2e428550bce45d19e351c966ed5fdd061be168d654f81b3d81211e88091cd38cf9bd25c40ec27109a78c667ac91fa23b9930ae2435ca5d955b9868f321f39c72c6dfc23e9d73d1c0ea76fe9f53d099bc55ba05934a59b61d623d4adb68423e97284a585871697f6e475b283b8b6dd3206fc2c427d2c433e0e1b39cc62f8547135b826829d5255aaac98da64a839c91e1a58fba6a78e159d9297e7ef264ea77a63e8135311c6c1c401510054dee816773843c80c9853ee612c740f429fa42988eddad651fd742896bc515ea1cc6f0d89cc0996735763e4d72d13743ca3e93eae7f6e752e95389e2980e42fcba045092097e83034386e4300be97f77188120fcb0f2f269e5e7db9ac2317f060966b4719623e4ad78fb68522a2fb521a161c9af200aa0452133b159bc2fd53c1282d88196abbabec7a59000fdafc6c8715159b27b88a2e59ca2074f586b2b565c4d1e4b41f9b35bc871cc1525663ea15e98c14349399806ce8e652e729513ec8ce61fc02417656679fa88cd81add01cd645622186ac1d998dd39dad0e348d8e4274d43a91290b12cf6e326a17c7ee62b828d1c957c1575cd6a22646640b4cbb28c4e56608d6fbfbc22f5aaf7597a19b1e4bf83d0fe7aca0a8fc117b6a54ec5cb8cab2048066a45819586cb16a1e7b0947bf4e27e18971ce8d2bf3443fb09c17a64c384eb14fb401ff19bfbdda242a3fa8821bd2c94e687ad99957799f72b286e88b497804da6ced83e0faf833ef073d845ec1685ce6e33aa17b1e85e03d7355fd1058bced0c6df5d584a12ffa0377895ceebcc11fbfc3422c2409efa14009400fe8800000000000000000000000000010c0058000600000000000000000000724dd0db87581c6579c8ede52755f9d8124166218c11dfc057ebf3f13aabb861d9c983d6289fc45bf7fcca2167a286e9fde355c9b550ed63d097c1a0f4af74dbed6a570d39299c54585ca8396b90458b030257eaddac774f2a51f3d13a960cebbd871e91ba785203ded7ccb414bbfc412fcb033a5e03d90b6daed09207f4035945fe4d7962b5d3ef2ffe9e74de31e9b4658e719975a18d27217461b478a5e4a17984a991a8346edbfbb76a940ad5d0cc88d69a6532daddcee4f45127784c5dbfc04e3f8efcb8a204feb16b9ce521331ed5bc2e06985562d33388152b2ea706ca5ca942ec62d5dbcc70104e65229f59bea47af53b83"], 0x129c}, {&(0x7f00000027c0)={0x18, 0x26, 0x100, 0x70bd2c, 0x25dfdbfc, "", [@typed={0x8, 0x84, @u32=0x428}]}, 0x18}, {&(0x7f0000002800)={0x164, 0x1b, 0x1, 0x70bd26, 0x25dfdbfd, "", [@generic="cbcca9d9657cc73c22b57666dfaf7ffdb7043a6a2f68d8de734458e0320ea1f46d59a149b3e0ed596ccf3c002efeb53ac25a3c97c8369f2a0abe7307f948662415584dd9fb2458c34cb7458a5c0a1651e69a2c4b451a6ebcd8ab763ce30e20c1e4c0e65664f05b2f9ae2d48206e723c8a1ebb928ba6e0c1db2198de07d97a101b54401d12b14d9e77646887e4a6ee437362dc65c54230ac74452e9defd7756d342644ad4c1d3adabee33d28ac5dc151de4803cd1867ccac43b82f80a61f43c8252d1d969a5b1e732b9f0584aa634e1", @generic="e2d63d61e9287de824f4935905aa6aad634e832f07b97c94ddaa63c15420b53e706235b92b648db094517a25ff6a88811b14c5e213d12ca2e9a46fbd085425336c52653d97a43eef19cd89f81a41dda93013020da2b3af578c31c4595ce59e7fea5276a9c314fbe84e232cb08cd1d03e70b165335904914a733fba8597068aafafae676b"]}, 0x164}], 0x4, 0x0, 0x0, 0x4040800}, 0x40000a1)
ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f00000000c0)=@get={0x1, &(0x7f0000000140)=""/245, 0x8})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:08 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x101, 0x5, 0x0, 0x100000000, 0xfffffffffffffffd}, 0x0)
ioprio_set$pid(0x3, r0, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
getpeername$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)

23:25:08 executing program 2 (fault-call:0 fault-nth:44):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, 0x0)

23:25:08 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ipx\x00')
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000080)={0x80, 0x1})
prctl$PR_GET_ENDIAN(0x13, &(0x7f0000000000))

23:25:08 executing program 5:
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x4800)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, &(0x7f0000000240)={&(0x7f0000000200)=@ipv4_getroute={0x1c, 0x1a, 0x10, 0x70bd28, 0x25dfdbfb, {0x2, 0x0, 0x20, 0x0, 0x1, 0x0, 0xff, 0x8, 0x600}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000020}, 0x20000000)
write$UHID_CREATE2(r0, &(0x7f0000000040)={0xb, 'syz0\x00', 'syz1\x00', 'syz1\x00', 0x41, 0x2, 0x38a, 0x3, 0x6, 0x2, "688a5d4cede2ab1292935d927e287f1ee4da53a94e75f18685e781ab8d36305bbe76979714940c1b79f1614285ea1fad4ec65a69c54737e24c046e5c0a1a9fa4b8"}, 0x159)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, 0x0)

[  521.779409] FAULT_INJECTION: forcing a failure.
[  521.779409] name failslab, interval 1, probability 0, space 0, times 0
[  521.803076] CPU: 1 PID: 27515 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  521.811000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  521.820363] Call Trace:
[  521.822963]  dump_stack+0x142/0x197
23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, 0x0)

[  521.826615]  should_fail.cold+0x10f/0x159
[  521.830792]  should_failslab+0xdb/0x130
[  521.834781]  __kmalloc_track_caller+0x2ec/0x790
[  521.839464]  ? kstrdup_const+0x48/0x60
[  521.843365]  kstrdup+0x3a/0x70
[  521.846574]  kstrdup_const+0x48/0x60
[  521.850300]  alloc_vfsmnt+0xe5/0x7d0
[  521.854025]  clone_mnt+0x70/0xee0
[  521.857521]  ? lock_downgrade+0x740/0x740
[  521.861683]  ? do_raw_spin_unlock+0x16b/0x260
[  521.866189]  copy_tree+0x33b/0x8a0
[  521.869747]  copy_mnt_ns+0x11c/0x8c0
[  521.873466]  ? kmem_cache_alloc+0x611/0x780
23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180))

23:25:08 executing program 3:
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x4000, 0x0)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x1a3d0, 0x0, 0x54000000, [], [{0x801, 0x0, 0x80000001, 0x0, 0x1}, {0x801, 0x0, 0x80080080000001}]})
r4 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000340)='NET_DM\x00')
sendmsg$NET_DM_CMD_STOP(r3, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, r4, 0x6a65bc0f1b6c398b, 0x70bd2b, 0x0, {}, [""]}, 0x14}}, 0x100)
write$P9_RMKNOD(r2, &(0x7f0000000400)={0x14, 0x13, 0x2, {0x8a, 0x0, 0x4}}, 0xfffffffffffffe55)
sendmsg$NET_DM_CMD_START(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100002}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r4, 0x400, 0x70bd2a, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000000}, 0x40)
sendmsg$NET_DM_CMD_START(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x40e, 0x70bd28, 0x25dfdbfb, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x20028001}, 0x2911ecd357460a67)

[  521.877935]  ? selinux_capable+0x36/0x40
[  521.882012]  create_new_namespaces+0xc9/0x720
[  521.886522]  ? ns_capable_common+0x12c/0x160
[  521.890946]  copy_namespaces+0x284/0x310
[  521.895022]  copy_process.part.0+0x2603/0x6a70
[  521.899622]  ? proc_fail_nth_write+0x7d/0x180
[  521.904128]  ? proc_cwd_link+0x1b0/0x1b0
[  521.908208]  ? __cleanup_sighand+0x50/0x50
[  521.912462]  ? lock_downgrade+0x740/0x740
[  521.916626]  _do_fork+0x19e/0xce0
[  521.920092]  ? fork_idle+0x280/0x280
[  521.923816]  ? fput+0xd4/0x150
23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180))

[  521.927013]  ? SyS_write+0x15e/0x230
[  521.930727]  SyS_clone+0x37/0x50
[  521.934091]  ? sys_vfork+0x30/0x30
[  521.937638]  do_syscall_64+0x1e8/0x640
[  521.941527]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  521.946381]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  521.951575] RIP: 0033:0x45a6f9
[  521.954768] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  521.962484] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  521.969764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:25:08 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000180))

23:25:08 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x20000, 0x0)
ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000040)={0x3, 0xe7f})

[  521.969771] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  521.969776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  521.969782] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:08 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})
ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0)
syz_genetlink_get_family_id$tipc(0x0)

[  522.053956] audit: type=1800 audit(1575674708.746:107): pid=27528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.3" name="bus" dev="sda1" ino=16913 res=0
23:25:08 executing program 2 (fault-call:0 fault-nth:45):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:08 executing program 4:
r0 = syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r0, 0xc0845658, &(0x7f0000000040)={0x0, @bt={0x4, 0xffff8001, 0x0, 0x0, 0xffffffffffffffe1, 0x1ff, 0x8, 0x4, 0x8001, 0x2, 0x400, 0x6, 0x4, 0x3, 0x0, 0x2}})
syz_open_dev$binderN(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_score_adj\x00')
sendmmsg$nfc_llcp(r1, &(0x7f0000002ac0)=[{&(0x7f00000001c0)={0x27, 0x0, 0x1, 0x2, 0xff, 0x83, "9b23f3a7acc9982c7ecfcd9a1687e1e931c47d9feee357db394daef0cc851af44c10db8f2994b1ca09107f22fdcb2211a37ff7612348192e90ecb02a306859", 0x20}, 0x60, &(0x7f0000000480)=[{&(0x7f0000000240)="f07804ea367c19e750ed0dcf470ecef438c9281d810a91aabe6bed49b76751c5c3fce7", 0x23}, {&(0x7f0000000280)="1e97f65d45beba0f23e5b1f34f1a4077e612734bba49e96535d94020", 0x1c}, {&(0x7f00000002c0)="cf22c8705345caaefa1f7e699eee811d4ced8b789e866232a23b7cb080d848d394ff85a536e0604398688cd2d9c0107f31e2c1ce3f46df57c2d489754df5ab27568b3e599eda6655c9be0da59cdf0f287410ddb6e960b5bb0db93d5f165d55bf3fb23545a5f6175be2d2fab12b07c0fd5e7faaf641612a848cd19db0ab208813d37b9c6c84f17d4d88b9075c392d40e152ee03a08d3d00f81d6173b5e445db09876dbde78ae3517ff0cb4e8a1cf1454ce836c07ccd70a2468a8531086cc986da54af5ba608c612f5bcd9f30c4d6c4c25d21b2528eecd6d10f885e75d4455d866d82555fe9bf2d72aea5ca343a7", 0xed}, {&(0x7f00000003c0)="0ab55b6260d8cf139df7119c6a187af63f837448515d785b05c2bbac9d3aff00de0af8bf1d35b04ebf121decd776e88615bf877bc8f5a8414780731001b25e094506a0f914e5902ba0d385965e0c13aec1bef31f8bf7a7b7e72772e98a1761cf2b9f18931903e87ec866fa657f56c727edd17155ef03111b46d213d513ac8ced40b33124ec0f40a40c94caec3fbd0d4b8f177af48c251a2f65fbb0b1db907922fdcb62812914d34854af9e3b34d934e23a013977b8b8189120c57d", 0xbb}], 0x4, &(0x7f00000004c0)={0xe8, 0x29, 0x0, "f258fdb1ad84115ac04792e0a6ba44b36b434fb31c65aacdfc5c243f3545e2c356f07aee369d11a2720a0980ca06babfe8526c7839a1e841674feaaf66fbe7a90d5a6f66b98713b36bd9a47c8f69bcc4c8277af58c528d018ca1fbe45b05da6f29b334b088717b1ac55be6ccec7dbe1db34be615f4f8f317bf7df36911ad10920d446ff84bac7b27dcfdfd3ed3a09f4e858478e6784c8a94d4323ed9d5e00dedc16893c4b80431f1f3106cd8e3b1e29e47d0995400731415784a10dc5135b357c28394ae5b8021edc55867054d53d80c9966a4ac503c"}, 0xe8, 0x40000}, {&(0x7f00000005c0)={0x27, 0x0, 0x0, 0x5, 0x5, 0x8, "f317b822d76d73264a5d2494ee51bc7ebbd4d838cdcdb8a6ecd0a4830571aae39005b788f40a2a4616511bee703b3038256968e116bc82cd9bcab329a72e18", 0x2d}, 0x60, &(0x7f00000007c0)=[{&(0x7f0000000640)="b153432956fe4fd9cd00e5ecb3f8977660ab05704a73e8a7141ed6f341f5d194447b66a73d5c33a9c1f751c1b4623500a0fdad44963fee", 0x37}, {&(0x7f0000000680)="fd764404118f3ced5ad0186dbd19e5403c976c3650eb538c06b631833f5dd60de73d966021ef91606f8c0d091c839c5230e6cfa86d05cdc3b9", 0x39}, {&(0x7f00000006c0)}, {&(0x7f0000000700)="893270f5bc34a70f3d8788d39cf4120584927d34cbd284460c64c5278dbe6d4d9578f3ac922fc5b0c0fffefd206f71b1e322640476d8fb150955e270c6cf3e04440f330302c7d490e16bef7a656da726e889baf85e3237407a3ffd31ecf8c5470e71c53bb7bce34012bd3afb0bf943ad0f399042c703f77ee95d2d0488eb92f6ea05d67d3905e702db1153f1391dca4f5f11e2e999c39b35f05ce1bce9d50437921b", 0xa2}], 0x4, &(0x7f0000000800)={0x78, 0x108, 0x8a2, "8a5f854484b1a92534a39a8172de06d91418a4dd24373d0e50b6a1496e15baf4bc5f977089c9ddd69c3867586c7fe128e6a4c7a5b7a4db9fb9220a28bbed3fc9ab05beda177be3ee7018af0401dfa12ca00f82dc1d8e3e3ed3a997d0801b1f484f2440"}, 0x78, 0x81}, {&(0x7f0000000880)={0x27, 0x1, 0x1, 0xf, 0x1, 0x6, "6c099db41a3a46d68133a822b627ad7ad49b1cd503f58067c57549f85b9ce17d7bf2e093c09c2cc28a54fe139be77e5fa25b69347d50ea8ae1c634ae2aec3d", 0x2c}, 0x60, &(0x7f0000001a80)=[{&(0x7f0000000900)="472260870d38d273202a0484056aa95bf438c3855c400e2db1ecf16e17b59522a3d2f039088c838efbbbcec84e65e81afad378167adb7b73b4bfe1e24b9e0c7b982f61d474dfcbcd85524f2d0ef6c83990eed8df10eefdce22dd0c062d9a8741256d65cedbde3c3d0662aa4bea2d0ab13ddac4330ba1d7521f92e28b2bcd4c59c6f83063e00245837d", 0x89}, {&(0x7f00000009c0)="d51397e284b918968d5336d0df37f6d8490c046b759d614a005cdb648e57d6aab810e283610b282acc269a209c76ad89589defb2fb9b7778c0b89372d7606dfd76308aafd53154271c69ae7bab595c8cc91d5cd87bcd8bd9d1ac4f0038edf786c3ba81f7a1938b8e93118f670c29347c4e0bfa527817d18ff1b458afdbb4d2192bd138678e8c31948b1000a7040296f4fe6ad85081ddc27e7dba73456e2c2cefa003ae5a6ab143b574bf4867cf0d7808c3595f2bc7090c085941de72f29e1d0fe6d3899e7183353851aee4b2d06164a21f48139389ef00bac8aab198031239eec216708b78b88821ade6d48661eb1f0b7c7c33d3ff0d3e4e9390e65b04c8b8172ec54fbf38cdd1447b84e069baba298b39765c05f73faed4f524c4c099bc0d9310b06471ea57c647efc80193096af68fccc3399e70a1d5d4308a01b29c80641ea208a2f0919dc817884395b100169f40a70e000acaf57aa34c5d0cf818b38afbd31badbafc2d61b0644ae71ad02c748329e9467f398ec85207c41ca5a50974c84e7d6a44990a08e1b55dbdf563f6ee19f0ac04e08945b3de0e5fab1c7d08f8165bc3df2249dd7aa3fbf9ad54d92fc859b12a57ac6e0598c115161bb29c4d5e6393a42094daf2f64a880c0789ef295928780f5cd1c1d20a4271242105ddd5e5690dc8a408cc4c755cfbd6d86385f58150a35839135d68f190ad3175d0422fb36e7164962da67724b8290e049a1be5ab03b53b41e7ee9aa14623465265bc0ae8388202afecf4cf1ebec3f2f3e69da6c33b2d97f28ade5025a1262b0508f5b3b5e1bdd775767934d5e17507dd20447e0b90ebee6169e9c200a81acec612cc3c9974543ef085c4e38b07f7832deb2f0e8cd308d88622585d78620c40ae7572a6d62d940c6ca88a62b89479a2e5b81b5393cd663d3065e01083c89a48d09555d0f465497a5cd912dd6cd048bddb5776da94c133b89b5befd4b74b4f4bf9e641d0b58c143322f940f9942cd3a47e28dbd0c9ac6e8ef699abab81e7fee0bbe33dc24284f9b176ea5df266965271cb260773c9e4d4e61826e68ecaf3176f1c4690b2e4215452b3a3c4a11e6550f69844ddba3877c8d0905e37b37f7dfa0881f73938f592d63fdab26a23d2f3f408f923c621ad0780959538dcf48ae769758bf7f9d69485529d236a426771d288fbb267f315be325df0ab7484b78368725b62e1e9fd953a563bae9a37bb067c2dfb3881cdf6c8d2ebb044e8c572b7802cbb43c7a83da29d836c4a71791ea5672a0ed3b7e06936a3f0cdaadc4a6036e91f7a548139807135d5092ec202a8280c0b2ffad1abf5119b734a8427cf8c81b92d55b5f30b00d668dce072988851851b953666c912b654df755ab35b87094b9bf0ef49243250981729d8d290a3b48d3745bcd51fd92cdb3231fd91ff2f10d175f6fe8e492eff8a25a8b40862036031c6ecc5c3f575580b964babfe21a85c63337c6ca834913c1ecb1be8646a502efe08890191712192606da133109b8575664417160dd6f8ac8abad0259d6185525186bd41d811ed7a2638de8bb081d334f71e03fdcbf496a7833096f31e52eba870ad7776f67ec794004b7597229c34d8012ac37f60f58cb62e4ad59a9d38b7e3317a731fa2e06e6b78cf3575f728c19ebfcc923016c96b954af37a654423111f41abf0fc9b99ff44105d2437721884035043dad241c60d456965d964d0480a5a93793c5b41e50297d3de416303cbf600b4925c44acd870e9e4e8ebe1023ebd409dc53ed5a86577c51dff555a3eb3a1277c278015512bf0ce9225ac8dd7a4dd9ce01a32d1550423c3c1bdde440ff837bbac8111e6ab05c62be420ca6ea53f1a3c8936d8fa9584055ae88c5912811016d215fce845e5cf336417591e181d6d8eeb0bb8b5e33c154ac2905ea1e94b84f0504569f5da8768c3d29c7a8a912e7522f29948149c41a9afce1e4b00275256066b256ab5f86e30b6bc26d78a4f498dc006cbf633bca2271639beafdf6ad37a2d42cb9aefff179bb603f1ca6d58e0398f327147c845970adf2ac7a7e426dac8db9588b30753dd8497957f6798d2d1a9d38b7f7d3e13540fbdd51855161e4c95bbc1dac0348023e922a435574b8bd47de99c68dfa12ffc8c41a68cd4b696be4c9ef429bd3f9357e1e6e9fbf208841c405bc93388567ae6fd200169057031b4a6305f560e6fe8c56004f92b9e9e51dc9849bcd742b877afbebb1a0a5a7a7dc92c4866d87925211ec7d49e7212652ca225c4a3095bb8be64bffc0f964857b0174d7e606001b7442c6a14d4e83912a94b4fe42216322eb8cffdc1cf69e82689b2d6d2862515b5bcd1d3e5cd9a3a346492a2840473af6c47698fc2172ac80a9aebce02274be30c41939bd4a1f48ed47dcc58cc7fc888dbc8100416dd3bcf551edab36d8750754594392eb1625a5e9b0278c5714b42ff2afdd1a41998e1f5febb6f0582d5b543fd9f08e0c5eb1fedefb4570479ec3c4ee0d66091559b746acd42b4951ca968fa0fb7f967228b9a063afab9d06cdf9f1ab9db2d5626f7471f2a7a9ca044ac0c0e5b9841f4438a67436a4079bf01c4d8936ab0cdc8f8d8d86d01a21cd399fe4f3386654f20a79f03f63b7dbb876ce62c174fce87968cf19dc86ca3df444c41ca89710ae9548d8e3543d62f54f5ea5f7a93d30c48502dd592c67d22a1820a90a32718dabd9528a6ef3356cbc8cd135bbcfd104a41d62ece5af34cb575a8749a005cf451179df4da7148e0280879ba0edf00c64956dd5d64ff95781f01bca911e8bd626331d4d6b257c6618394fda507d06512873de8fdd0ae5a85ed587e3196b5f7f8992d8861406f6b444848300c4ecce9ff9fc61e19839bff58c32e844744862c4df77216944665e2c3ad7c44c78df13140a7c2d891ea337e2d14c39465f593a76e975fc4eca55ee0f2fb24702bc4294b21afa7fec95bdf7d61b7d53481db840d138d9af06c2d2f23f8d51f056f01ddf06382f291c73374b98cfac95a7b96a36baaa6af6d7f87e4a54c88e43a0d80c9210358080956f794a5758bd58454416ee97c986d4d4a597431175abaeb3fe1d25c9fc89879b033006ab120f71134ebd5e21f2f111574a0e0bf20efdb394c7ef6b91a591013ac8a23c8f9f87687d91b0f9645f3b46bb2459e123ec36ee6debf4317763260f2a33f9b7e50135a6683cb1d8522e35a23b6970ae3bf1890dd82a546213f6229f09f8b087a0630174b575731d92a933a9bbf0e12707d241cfa040fcd62f45dfb88f3d016bb019d61eacc180336c579d6733bec49cf81a5da34e0a7f4bda43f3c795ccd9a5c9b6200a746e10726ea29906deae949cf31b9bb4f21bd2a64e3731fef8ce198fc66ac6b3bafd8fceda85cea141c613aafb446ca36391bb15c47d8fdd564c6a70e20e92928e61a8e25b9454c4b94be3afee6ee4ad6492dd4d89a4a60662622c675d3332d53e98e1459c1eee84019b3293ce76da764f7600224b0a6c59e0712684d63ff33277a170767c303ae9ea1e2cef9f74ded61e654aee2a38d44e141440c1b34e046797782e75cf134c888989373f14919e16ec13fc92dd063ba89f1108b579934c0057883013a7356ff1dcb10d4e8a30eaad1593758f82281709800bfa38a907fe1c50cedcd2fc62531d23b4b96773f959a07f19c7d15bd0262d344ea47cfbdda240bcb959fed56d2c89db9cc39dfa5e4920df512ca06c6b148aaf185e8a192603e0293a8ea775c568ab436f1c45baae2f032c9a0093c956a357cff50e067c477db2f2bcdc21ff4a69cea7bc3a79a0a455954ec1065afd4614316a7733b9cb5bb23cbb2ce3ae865343acd945546be4bf2399d54c77f78dcb47faf738e6db636b1c722fb9accadcb5f144526ebb7b5d6473a41a844380bbfcc0d059535874384cdd242a3543e2a7b11db8e3bb5752375efcc865a4ade86248aad78bc99fd2411412a155a9621e95de1782f29d2d0ab47746d0d836e3c1b948369aca8eed8cde11a9584ed69ce9decd6ec23de9ed2e24efe65c085500443622618d512d6c9e78b9afb1ed30f229ff81826186b4ecd06e74db8a6b011b7de4f80c36728c1473f0fbc30ea6527ebf59a014c07b804f666c6ae5a4212610bded557de7e844cadc5f90ccdbc4bccd6ceb56bde70684820620d9eacbbd7208a675f3020f9b8152042fc0aec9f36f43750d965cf2efff1426d55710b4589dc321e5c8424c6af2c52ad6bb62ee87550b427d5c6c99c11ae3d21fc01e7013eacf71385c935790bcefad89eff70215c3669f2510c17a1c3d0346d32cea31c6f772cd874dc7701b1012a4957a342b6156fa3a0750ccac72ce5d5e492b9a621755cbbd29022807f41922033ab7b9ce8248ad5001f43220a8e77e8d01bce7b7cd89b4b712b30b82e67eab907c39478dd426dacf6772aafb06885c813006c08bd5d9c3df202b3a11728f6a6663ba852302ab14c2b344e9d8e77fcaaea4eba8e8921bd200e760a9a4cc75c8e86e5a8746730df91d104062a19ca1bc4ec5a9413bf59c8e194d1183f225aaf17dd3c31aa7851760de13a27ced9c6f1f5c5278e18e2b201fbfe01210fc0b4e893d5cd94749fed73538e74e7385bb87388fd905ce9f7897f8c49910a42c8edf2160299d73012ce00ccebba22b3b03cb268041df8545d32c2e53e549422bf15ff6de929569a56eaaa60920dafaa0c57f8c0763b9140967d94e88054f5bb3d55999b0c9559dca1bc420a8731a467a66bf948f67be6bc442d5d9695cc2c48b74015ba6c9ded111ed116c6c78307bef4e3dd0e2ff68f1bd22721f4d08025a26b4a65aada542a8262547f859ad47be3cbeaf8a2eddaa9b5d59e66cde1af9dfb457d50ca8b04e43e7bf3ef5b0de4632e78ea993edc854b68fab83523f3f71ddc3cf09402508656b2e7ce7b67daadf830aa7128b6ff2bf5d85a8a09555d62fd8ef79b0d31048157797d0a9df695ff4d28c7c4aa4e5a8428d68600f85129e65265bda7653982095d1934c3604e42b56f7aab110d5423a04693083359682b1cda1c6cc65cf5640f0a988a516a12bea323c222b1576cc35b349b23321cc8bc1632765939aaa52c2c6a7ab5e631bbbd461e92cdec93bb980d7c5b1a4eb3558f50671d737565d2e7f6ec08197a974fe7a2e4ce0c887483ed3b41098196fdef3ba3fb0870f60e2665d238453042cbc269dc4aecce511f493c93fb4cf8bf0f5215bc55fa245e0a2c4e697691da607466ec24d1a889bc6521e55a806117173e61863d9d929663a3a10171fd28ab67642b9a1da6ce44c2b8a702bc8f1310830b6e6a8d4f0f59a1178ef1a77d25020cd63489acff8c06f446f87fbf0fe19a3b2bab6da09a99f02353303402f890066691c9562f116c30d86c5293161d1c73fca4f4205af492d55b28eb91554abfe47f403ba252eab4e25ebb211df327ed4a8b4c6813dfb3e4760b442d3a57cfd4889686ab3da34f8d2ecdc1a7358915610335737b4dc789e67fbf0295556f3e8f291b1a9f0fb204175a26dd69efdf4a493adb60d6a37cc5a3e30bf55eac44d697f42bf690fdea4d076068b68462f712cfc2c42a4b175e98884168ed2cdf96709d083ac99683ba24fc651ea600a73426bbbf37f70932196d89e99e77d2bed36b9e322ddd06e48efc91767371d297918cd050cc5b35acbfc01218aa6c92fb2d3ef1679009a642e5701bf9524305699a5c53c369dab8e327a7450957bed1fd64fd8bd48a963890d1ce1284896230b57f6af2483b8984c1730b4e5dc4dbbcd8eac904ebee647fa2188a9e03fd112716", 0x1000}, {&(0x7f00000019c0)="49eed49e9da0e1e14ff08fc0a3756ca5f7e882e16861087aa920599eb1622e56d481e8af9290090d35940643b192a34a256383b530bd4234f78d1326369c0346c2838446bceace70ddb61c4178fa78d59ba4ed1e79c73fe7543b77b8b9e1dff9ca10f4b3a72f61a7400a0de3b1cd71c8b6f47fe79235f16575d52485395cf18aebbc8f59e7ebd89871cbf08df6933c3f355686dfab16e779115d22650e00dded35301d19a9", 0xa5}], 0x3, &(0x7f0000001ac0)={0x30, 0x8a, 0x80000001, "6398df9579037e916fe02c36b437cfc6dcb4d030026f78a32c7dc514a213eb"}, 0x30, 0x40004}, {&(0x7f0000001b00)={0x27, 0x1, 0x2, 0x5, 0x3, 0x3f, "31b21f225d4a9d2de7d595e90f7fb35707e02394ef8102fbf89efc518da1aaf334bc654a3fdfa3fc39e6a1e69a5acfae1646ca58a410254f178f2079a57b81", 0x3b}, 0x60, &(0x7f0000001c80)=[{&(0x7f0000001b80)="98d83935a0e7c260e80d01fe2dacb6f29968b20f89b6688f51bc3157f6bc907502b2426dc62e75fd2970cdaf1b1b7024776a79f578eb1aa6065c9f0beb0232be4e35e06d40dd761a952c2a5b70baca8406bccfa9e498d1192cc01a03f7e7f7d53e09fdceb79f99813d67a624aa7fedf85064d33f969483717a0e66d9879445b4200426c5959beb6dab4102e04a3db9cf79413776981cf7428019d0ab72c0d9d8e7fbc2f52e82f7e2b5e113e3637a59fa7ca8670bb8596569929da0b37d0d21368321f69d2be76f9a8cd70585f1e2", 0xce}], 0x1, &(0x7f0000001cc0)={0x10, 0x108, 0x9}, 0x10, 0x14000000}, {&(0x7f0000001d00)={0x27, 0x1, 0x0, 0x4, 0x5, 0x15, "a4d69aa15cc77a88eea25e597baea145dfabe3ca756207a855d74c381a153ddf8ae978014fc16004f2247b4664d5101054d881dfa18af14f13fe389ea015f8", 0x3c}, 0x60, &(0x7f0000002100)=[{&(0x7f0000001d80)="e616791b08b4a6f29b580f06fcbe76b188dd62e20ddf674a659e2702e222baca407f568e0125f9dc1510f4c21cd69d2f3021803f01d4f551b21f0511a4aefaba02d4d141f48aed19c7c44e17f1de4f37538551275f99c3af42df485e73bea093cceb9513717af40a8ff3de91ee26cf5e86ef0add4cb1003893138725b51490d6c9629ca76a53b4ba5522e4a6b63794633991e03f7c93d15325b48ba8ae65cfb8b421f7e8d8698d73f43b02706a9fd72682fc5c91627956ede47f036ea1a31624d7dbd9c4f8f8ebf9f5625e848b6ed82e05a925023fd24c785d00", 0xda}, {&(0x7f0000001e80)="dad9c408729bf034b7e0f2be9aea930b16a0348426571e3125efc6d909df3377dd1a2171e085b15c", 0x28}, {&(0x7f0000001ec0)="298c2b79c214c54ec2a876612809b3d39e514ba96eaeceff67f16db49e3f365e07f5132ab5258f81f9b57d80feced414f785356c2d96cb151a4bc7869ca1dfe154e4de5346851b3b9879ef666d1ee65ed3924855d3c18833cf249e7ee87a9dba9639b48768708d5733666cd37a189e9e8a7deb2ff6c26565f2096085ebb28b88ccd8c7a729dbda2672b4cf47e86c33fff80ff15ee8eeae2c7f30d360594c3e4414ff8c72a3705bfd3bac04adcaeb4cf0ee4e367f18d1ab8f80e866ef2e022c", 0xbf}, {&(0x7f0000001f80)="b586909741", 0x5}, {&(0x7f0000001fc0)="75659cfe7ddddc2ca0f3ec72e2556d313a9b5e64949c8edd83477f2ee7e46243e3e1da4069cce41998abf2ca9bc4081e2b02672ce18a892c1e807b0709c44815b71f52b9196048", 0x47}, {&(0x7f0000002040)="d23dc36793a154592b9e6cba7bf32997e189c30cdff1dae5b5ed019762f9198f7019fb9f924d8eff5fa058c6640b846e0aceacc4d5c8eaf2d4b42bba3e34ceb9e3f45f01511194f71b141081b6e3994514497210113206ac5e4fc40259be3c97aa233bcdd789f56df874f4b3af7f3f070593f1968672486159e1033da8d1ea6c552496ddfa43f5c4d2", 0x89}], 0x6, &(0x7f0000002180)={0xc8, 0x0, 0x1, "d15833fa1cfc80235c5dff31430328e9d1c07528bef6dbe3cce025a5e830317f8ac5b3a02e3bbfe7812b6a9b206e0aa4a8eedfb950b9d300c1d3572a80d51be64d71b72f2fb8b950198531ad4ee79b065a2cbb4a67b35e08e689034bc9f01ec065af8d7bbd1ac5098d9ac024922be19f21d9af173eb30fc2a79cbaf8ab6cc810b8a3932c7717cabbc2465171ba4ecb7f7ae10e9c95e0c0324d8c24a6114d7fc5e96bbf244f6631cf433efb4b24ef1da55a"}, 0xc8, 0x2010}, {&(0x7f0000002280)={0x27, 0x1, 0x0, 0x5, 0x1, 0x20, "825509f43bcd89ec39e4eb6d9dd1a90ce24ef9e50339c25822862530f171602f56eaaa63e3b934598e0c9cf9a4c56bf526504f40ae97d793bad7e3c670be9b", 0x2a}, 0x60, &(0x7f0000002980)=[{&(0x7f0000002300)="fcd6e70b4d233adf0fb1652cb70798ae2954467647e0bf74efd74ced50b1e2f11fbb45d9ad554cbaaecb046e73ccb8dd8c28a2084c23480a07f6a79658a2ad3e65a1d4f65971072754dd90a89214cbbf142a5765d43728158775ae951c8f3b639a892cda00dafa4b5401f8c014a5a73f09c580589fb00f635bbc4f0662c5d9cbf87fee41d5569ef1ecd3ec06daf05eedc4ba0255e838335c79cc005e1abd6d75f380cd9010d5c3ff229e5c6e8963a2fc996d91b7ef28cadc639b93ed2c10c411fd590bb8d93681115469949493ed", 0xce}, {&(0x7f0000002400)="f63b49957ed5cc41cd992ef3018cf03f09245173b240ebe2c577f43beb3c2751b04316d67c272dfcad9072993151f66f8ee9ab8c73c083c39daf827a0c0098d6016ad8a2d49683416892696a5fd9831a7f79", 0x52}, {&(0x7f0000002480)="24b538c2add1e813f809d55df36bdb5e27a4eda8e801ef972816ddbd6ca63035f408802fb49e723c6f8d630b8a0528d8fbccdaf40ccb687996f62ab04bc67079df16", 0x42}, {&(0x7f0000002500)="67681c510ebac50a02f5e6286c028431b07964bf2d70b61468f4a50a3b1ea62402646aac62ce4449df5f96bb4d7f689106cce47df8ade84c2e36885a0c0b910bb36ddd640930eb2c3a59218e67934f1674384525e84e0b27df836ea2acebff3174ad5f5d5136a36b59389f20edd079b8fac5633136b99e1a2b663ad94f1385880e833a6a3a800cb266731e7ab3a8e4945fa30eedc82f46928cf0d8fa0dd3e7423e3e919f3ae82cc78ee00fc8ca78ff6a386fb4f1eb0673d214e584238f6844a155c18ce6feb3", 0xc6}, {&(0x7f0000002600)="0caa2cce181b7be22b762094027a225e6001ae77e59b40bf94a96f0cdc4e7c08ddbf8b98440ef6111ecb0a6b634b16d72862b80b7e4021c4d30128bf4b712693a72fedcfed412e17194b0e71c9009eb75741a0d63707f2a57d32424c5612bf608b3db01232c63c7da511a91204a33aa25166be0f2b0f10231b98a39123054d20655f9ee282ba262743a840ff935cc52c14546ce3688b0f2a19e0842faece63c79093d1fe693a059339862a56d124e541afd6900dc0bd7f93ea2451f5f0bcf403649996531b13e3a2cbf0b05ebb4e9dc33c361e9d5205521dc2", 0xd9}, {&(0x7f0000002700)="36c0fd82b4bbb55da966d46f4e03a29c94f3e4a0c562201d330c93fe25677244e241bd6893ba51645d027395564e7d2508d75d648b4d950f949010b6cd679d72444691f9da882fab25750ed9f1e6a0de9ac6fa087b9d434f35f391711d1e64e16cce23b8acbee6fa7410aa8b23ad84423ec44e7ad5cce426919b13162b1254e3cebc6b79157fe6", 0x87}, {&(0x7f00000027c0)="08e13ca6482009c3b8ef967f453042e664afb9149f0d1d8ea8627b4c339904", 0x1f}, {&(0x7f0000002800)="9cb18fce416fccbe994575932449228f4394b7fbc59d5fbb123cc06e679a3c898fd90ef4e5c237586d9bcff0a48e3d6afee6e8f89a1a0444d76a240f7551c34c77681dfedd3cea2b8cbea6a2e427c7507f30fae04ae789f6e4ca9db1ec69798a62e72e59925e9f81f15768a05ddadb82ceac55d840ff4c1c40", 0x79}, {&(0x7f0000002880)="96ec065962579d2ce3fc6d24a26c0965eae510f7cfc189fe32bb3ed08306003ef328f0b3c5bb30ccb8d7d381d1d595039268b44d6a9020880a6254da174467bb4ea02c01260f0a6a543fe2093dcf4e4f3f16666b1809ac374e2f9e5b25019afd420d7d3e8d4ba6575df11bcc7bc4f6cc2abfdf9c8aabb2256e86cb96ae2217893f38f8837bc37f03583466d0c53458b1d925fcaf7ac471da3f680273ed871463d452603cda510581fb6354b7fcb313f875593fb9bcd2256407a523c2951dad01b7e10be37ca7f8ed9bd5bc55ab9579501f8675dee41bf941042b5d4f8a2aa1295c0b4e0af9bf2f8d3d10149e4a51ae063c", 0xf1}], 0x9, &(0x7f0000002a40)={0x68, 0x6, 0x1ff, "d1db636e1508f90326fd2540fbf3d0f310ae157ff17db34c8de8d700d1be39bf2579ce88dce8801f454cd07e7a06a1a353434546b2f9d142668cb65a873c87333f6a67d803510d2db57cee03193c37619bc7e29f5268"}, 0x68, 0x400}], 0x6, 0x80)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000140)={0x100000001, 0x8, 0x4})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000002cc0)='dctcp\x00', 0x6)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:08 executing program 3:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})
r4 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f0000000380)={0xffff8001, 0x0, [], {0x0, @bt={0x1, 0x9, 0x0, 0x1, 0x2, 0x4, 0x8, 0x800, 0x8, 0x6, 0x3, 0xff, 0x7, 0x10001, 0xe, 0x9}}})

23:25:08 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f00000003c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1f, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={'nr', 0x0}, 0x3, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
get_mempolicy(&(0x7f0000000240), &(0x7f00000002c0), 0xfffffffffffffc01, &(0x7f0000ffb000/0x2000)=nil, 0x4)
mount$bpf(0x20000000, &(0x7f0000000900)='./file0/file0\x00', 0x0, 0x2001001, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'batadv0\x00'})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000009c0)={{{@in6, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000440)=0xe8)
r13 = socket$nl_route(0x10, 0x3, 0x0)
r14 = socket$netlink(0x10, 0x3, 0x0)
r15 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r15, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r16}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r16, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r15, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000002e00070200"/20, @ANYRES32=r16, @ANYBLOB="ecff120000000000000000de"], 0x24}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x1fa, &(0x7f0000000000)={&(0x7f0000000b40)=@ipv6_delroute={0x0, 0x19, 0x442e2731351e2f0d, 0x70bd2d, 0x25dfdbff, {0xa, 0x20, 0x28, 0x17, 0xfe, 0x2, 0xff, 0x8, 0x800}, [@RTA_UID={0x0, 0x19, r12}, @RTA_OIF={0x0, 0x4, r16}, @RTA_ENCAP_TYPE, @RTA_GATEWAY={0x0, 0x5, @rand_addr="fd803468f02e2b6391edf8831222cd28"}, @RTA_EXPIRES={0x0, 0x17, 0xac}]}, 0xfffffffffffffeb2}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r11, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000002e00070200"/20, @ANYRES32=r11, @ANYBLOB="ecff120000000000000000de"], 0x24}}, 0x0)
bind$packet(r6, &(0x7f0000000100)={0x11, 0x10, r11, 0x1, 0x1}, 0x14)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000cfd000000000026df311347a765", @ANYRES32=r17, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
socket$key(0xf, 0x3, 0x2)
preadv(0xffffffffffffffff, 0x0, 0xc40c94d75fb102d0, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4)
pivot_root(&(0x7f0000000380)='./file0\x00', &(0x7f0000000340)='./file0\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:08 executing program 1:
clone(0x40000000, 0x0, 0x0, 0x0, 0x0)

[  522.184401] FAULT_INJECTION: forcing a failure.
[  522.184401] name failslab, interval 1, probability 0, space 0, times 0
23:25:08 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})
ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0)
syz_genetlink_get_family_id$tipc(0x0)

[  522.211479] audit: type=1804 audit(1575674708.746:108): pid=27532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir326903702/syzkaller.ftciMZ/148/bus" dev="sda1" ino=16913 res=1
[  522.410520] CPU: 0 PID: 27559 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  522.418544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  522.427904] Call Trace:
[  522.430494]  dump_stack+0x142/0x197
[  522.434140]  should_fail.cold+0x10f/0x159
[  522.438295]  should_failslab+0xdb/0x130
[  522.442256]  __kmalloc_track_caller+0x2ec/0x790
[  522.446908]  ? kstrdup_const+0x48/0x60
[  522.450790]  kstrdup+0x3a/0x70
[  522.453996]  kstrdup_const+0x48/0x60
[  522.457709]  alloc_vfsmnt+0xe5/0x7d0
[  522.461418]  clone_mnt+0x70/0xee0
[  522.464857]  ? lock_downgrade+0x740/0x740
[  522.469007]  ? do_raw_spin_unlock+0x16b/0x260
[  522.473505]  copy_tree+0x33b/0x8a0
[  522.477038]  copy_mnt_ns+0x11c/0x8c0
[  522.480747]  ? kmem_cache_alloc+0x611/0x780
[  522.485078]  ? selinux_capable+0x36/0x40
[  522.489131]  create_new_namespaces+0xc9/0x720
[  522.493613]  ? ns_capable_common+0x12c/0x160
[  522.498054]  copy_namespaces+0x284/0x310
[  522.502215]  copy_process.part.0+0x2603/0x6a70
[  522.506940]  ? proc_fail_nth_write+0x7d/0x180
[  522.511532]  ? proc_cwd_link+0x1b0/0x1b0
[  522.515621]  ? __cleanup_sighand+0x50/0x50
[  522.519849]  ? lock_downgrade+0x740/0x740
[  522.523992]  _do_fork+0x19e/0xce0
[  522.527449]  ? fork_idle+0x280/0x280
[  522.531163]  ? fput+0xd4/0x150
[  522.534347]  ? SyS_write+0x15e/0x230
[  522.538049]  SyS_clone+0x37/0x50
[  522.541397]  ? sys_vfork+0x30/0x30
[  522.544922]  do_syscall_64+0x1e8/0x640
[  522.548823]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  522.553666]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  522.558838] RIP: 0033:0x45a6f9
[  522.562019] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  522.569722] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  522.577330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  522.584590] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  522.591860] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  522.599123] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  522.606753] protocol 88fb is buggy, dev hsr_slave_0
[  522.611868] protocol 88fb is buggy, dev hsr_slave_1
[  522.616963] protocol 88fb is buggy, dev hsr_slave_0
[  522.622014] protocol 88fb is buggy, dev hsr_slave_1
[  522.627070] protocol 88fb is buggy, dev hsr_slave_0
[  522.632143] protocol 88fb is buggy, dev hsr_slave_1
23:25:09 executing program 4:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/\xf0\x95aY\x9b\xbc\xb6\xc1\x98\x03\x0e\xa0\x8fp\x89oc\xb2\x9eVys\x9d\xe3\xccD\xa6v)\x8e\"\xa8(\xc7\x8e\x05k/I\x93K9p\xc1/\xb3\x8b\t*\xde\xb2l\xe9I\xde\x88\xd30Pl\xe0\xbb\xe6\xc3)V\x9d\xdbu\xea~\x14+\x98nS_g\xafE\xb2X\xd0', 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x5, @local, 0x1}, 0x1c)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
ioctl$NBD_DISCONNECT(r2, 0xab08)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:09 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})
ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0)
syz_genetlink_get_family_id$tipc(0x0)

23:25:09 executing program 4:
ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000040)={0x4, 0x0, {0x54, 0x7fff, 0x6, {0x8, 0x1}, {0x6, 0xff}, @period={0x5a, 0x4, 0x1, 0x8, 0x7fff, {0x401, 0x0, 0x6}, 0x8, &(0x7f0000000000)=[0x3, 0x7f, 0x7f, 0x40, 0x7f, 0x8, 0x7, 0x8]}}, {0x51, 0x7, 0x5, {0x1, 0xffff}, {0x2, 0x20}, @const={0x800, {0x9, 0xbec0, 0xfe6, 0x3}}}})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0)

23:25:09 executing program 2 (fault-call:0 fault-nth:46):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:09 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})
ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0)
syz_genetlink_get_family_id$tipc(0x0)

[  523.005279] FAULT_INJECTION: forcing a failure.
[  523.005279] name failslab, interval 1, probability 0, space 0, times 0
[  523.024109] CPU: 1 PID: 27603 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  523.032044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  523.041402] Call Trace:
[  523.041422]  dump_stack+0x142/0x197
[  523.041440]  should_fail.cold+0x10f/0x159
[  523.041456]  should_failslab+0xdb/0x130
[  523.041466]  kmem_cache_alloc_trace+0x2e9/0x790
[  523.041476]  ? retire_userns_sysctls+0x90/0x90
[  523.041487]  ? copy_mnt_ns+0x47/0x8c0
[  523.041502]  copy_utsname+0x11c/0x330
[  523.041515]  create_new_namespaces+0x153/0x720
[  523.041524]  ? ns_capable_common+0x12c/0x160
[  523.041536]  copy_namespaces+0x284/0x310
[  523.060528]  copy_process.part.0+0x2603/0x6a70
[  523.060546]  ? proc_fail_nth_write+0x7d/0x180
[  523.060554]  ? proc_cwd_link+0x1b0/0x1b0
[  523.060572]  ? __cleanup_sighand+0x50/0x50
[  523.060583]  ? lock_downgrade+0x740/0x740
[  523.060597]  _do_fork+0x19e/0xce0
[  523.060610]  ? fork_idle+0x280/0x280
[  523.060623]  ? fput+0xd4/0x150
[  523.060633]  ? SyS_write+0x15e/0x230
[  523.060648]  SyS_clone+0x37/0x50
[  523.069011]  ? sys_vfork+0x30/0x30
[  523.128202]  do_syscall_64+0x1e8/0x640
[  523.132090]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  523.136942]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  523.142129] RIP: 0033:0x45a6f9
[  523.145315] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:25:09 executing program 3:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='memory.current\x00', 0x0, 0x0)
write$P9_RSTAT(r1, &(0x7f0000000040)={0x53, 0x7d, 0x2, {0x0, 0x4c, 0x9, 0x7, {0x65ed29262c72ab89, 0x4, 0x7}, 0x100000, 0x3, 0x7fff, 0x3, 0x8, 'trusted]', 0x8, '\x8b/5proc$', 0x9, '\xa1*vmnet1^'}}, 0x53)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:09 executing program 1:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x24020, 0x0)
fsetxattr$security_smack_transmute(r0, &(0x7f0000000040)='security\x81SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
dup3(r0, r2, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r6 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r6, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0xc30cd520dc9489b7, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendfile(r5, r3, 0x0, 0xffffffff)

23:25:09 executing program 4:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000000)={&(0x7f0000ff9000/0x4000)=nil, 0x1, 0x3, 0x4, &(0x7f0000ffb000/0x1000)=nil, 0x101})

[  523.153110] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  523.160379] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  523.167650] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  523.174933] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  523.182360] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:09 executing program 5:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
ioctl$DRM_IOCTL_CONTROL(0xffffffffffffffff, 0x40086414, &(0x7f0000000680)={0x2, 0x17})
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
setsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000100)=0x1, 0xbba5dba3)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r2 = gettid()
r3 = syz_open_dev$media(&(0x7f0000000440)='/dev/media#\x00', 0xff, 0x8000)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000004c0)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0xcb0004}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x28, r4, 0x10, 0x703d2a, 0x25dfdbfb, {{}, 0x0, 0xb, 0x0, {0xc, 0x14, 'syz1\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x20088805}, 0x6010)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r6, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r6, r6, &(0x7f0000000240), 0x7fff)
r7 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r7)
write$P9_RLERRORu(r7, &(0x7f00000005c0)={0x19, 0x7, 0x1, {{0xc, '/dev/media#\x00'}, 0x8}}, 0x19)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000380)={0x0, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=0x5ed, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x5, 0x4}, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x7, 0xb3f6, 0x400}, &(0x7f0000000200)=0xa, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={r2, r6, 0x0, 0x1, &(0x7f0000000040)='\x00', r8}, 0x30)
write$P9_RREADLINK(r5, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r5, r5, &(0x7f0000000240)=0xfffffffffffffffd, 0x7fff)
getsockopt$netrom_NETROM_T4(0xffffffffffffffff, 0x103, 0x6, &(0x7f0000000600)=0x5, &(0x7f0000000640)=0x4)
accept$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f00000000c0)=0x1c)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

23:25:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})
ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0)

23:25:10 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0)

23:25:10 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080))
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x1, 0x6000, 0x2000, &(0x7f0000000000/0x2000)=nil})
write$P9_RREADLINK(r0, &(0x7f0000000180)=ANY=[@ANYRES32=r3], 0x170)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r9 = msgget$private(0x0, 0x8)
msgsnd(r9, &(0x7f0000000280)={0x1, "bc4d5460b728c4e6d273742989f6942f5c48d0007ee96ef7ea71c5ff3c351c1252bb8bc70d3ef810d36574c90e0294bebe65fe7793147255084e35c640"}, 0x45, 0x800)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e, 0x0, 0x0, 0x40000000000]})
r10 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20\x00', 0x20000, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r10, 0xc040564a, &(0x7f0000000300)={0x5, 0x0, 0x3007, 0x1, 0xffff, 0x1, 0x2, 0x1})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_GET_REG_LIST(r8, 0xc008aeb0, &(0x7f0000000100)=ANY=[@ANYBLOB="090000000000000000000400000000a2000002000000000000000800000010000000ff0f00000000000008000000000000000200000000000000f70e0000000000"])
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f00000000c0), 0x4)

23:25:10 executing program 4:
clone(0x787467fac5a119c, 0x0, 0x0, 0x0, 0x0)

23:25:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:10 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x1, 0x0, 0x2})
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})

23:25:10 executing program 2 (fault-call:0 fault-nth:47):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:10 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
bind$ax25(r0, &(0x7f0000000000)={{0x3, @default}, [@default, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
getsockopt$ax25_int(r0, 0x101, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000200), &(0x7f0000000280)=0xc)
ioctl$IOC_PR_PREEMPT(r0, 0x401870cb, &(0x7f0000000380)={0x1ff, 0x2, 0x1, 0x4})
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000002c0)='/selinux/checkreqprot\x00', 0x800, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000300)={r2, r0, 0x19, 0x2}, 0x10)
ioctl$ASHMEM_SET_PROT_MASK(r1, 0x40087705, &(0x7f0000000180)={0x6, 0x62})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_GET_MAGIC(r3, 0x80046402, &(0x7f00000001c0))

23:25:10 executing program 3:
clone(0x60049000, 0x0, 0x0, 0x0, 0x0)

23:25:10 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f0000000080))
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x5)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x125f8d7cc0b0b99a, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x20000, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x6, 0x6, 0x3, 0x3}})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:10 executing program 4:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
migrate_pages(r0, 0x1, &(0x7f0000000040)=0x84d, &(0x7f0000000080)=0x2)
clone(0x200000, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f00000000c0)={0x8, {{0xa, 0x4e20, 0x9, @mcast1, 0x3}}, 0x0, 0x4, [{{0xa, 0x4e21, 0x7, @mcast1, 0x4bae4fa3}}, {{0xa, 0x4e23, 0x5f, @local, 0x9}}, {{0xa, 0x4e20, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x7cf0}}, {{0xa, 0x4e23, 0xfffffffb, @ipv4={[], [], @remote}, 0x4}}]}, 0x290)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000380)='/dev/dlm_plock\x00', 0x400800, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r2, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r2, 0x1)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000000c0)={r4}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f00000003c0)={r4, 0x40}, 0x8)
setrlimit(0x1, &(0x7f0000000000)={0x10001, 0x1})

23:25:10 executing program 1:
clone(0x4000, 0x0, 0x0, 0x0, 0x0)

23:25:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  523.701419] FAULT_INJECTION: forcing a failure.
[  523.701419] name failslab, interval 1, probability 0, space 0, times 0
23:25:10 executing program 5:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x12041, 0x0)
ioctl$TUNSETOWNER(r0, 0x400454cc, 0xffffffffffffffff)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e20, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'erspan0\x00'})
getsockname$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000080)=0x10)

[  523.796472] CPU: 1 PID: 27673 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  523.804424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  523.813823] Call Trace:
[  523.816431]  dump_stack+0x142/0x197
[  523.820083]  should_fail.cold+0x10f/0x159
[  523.824253]  should_failslab+0xdb/0x130
[  523.828251]  kmem_cache_alloc_trace+0x2e9/0x790
[  523.832957]  ? retire_userns_sysctls+0x90/0x90
[  523.837545]  copy_ipcs+0xf8/0x400
[  523.841003]  create_new_namespaces+0x1dd/0x720
[  523.845586]  ? ns_capable_common+0x12c/0x160
[  523.850001]  copy_namespaces+0x284/0x310
[  523.854061]  copy_process.part.0+0x2603/0x6a70
[  523.858657]  ? proc_fail_nth_write+0x7d/0x180
[  523.863167]  ? proc_cwd_link+0x1b0/0x1b0
[  523.867247]  ? __cleanup_sighand+0x50/0x50
[  523.871486]  ? lock_downgrade+0x740/0x740
[  523.875640]  _do_fork+0x19e/0xce0
[  523.879095]  ? fork_idle+0x280/0x280
[  523.882810]  ? fput+0xd4/0x150
[  523.886000]  ? SyS_write+0x15e/0x230
[  523.889715]  SyS_clone+0x37/0x50
[  523.893084]  ? sys_vfork+0x30/0x30
[  523.896641]  do_syscall_64+0x1e8/0x640
[  523.900570]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  523.905424]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  523.910613] RIP: 0033:0x45a6f9
[  523.913800] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  523.921514] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  523.928791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  523.936329] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:25:10 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = creat(&(0x7f0000000140)='./file0\x00', 0x104)
ioctl$VT_DISALLOCATE(r1, 0x5608)
accept4(r0, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @local}, &(0x7f0000000080)=0x80, 0x800)

23:25:10 executing program 4:
clone(0x18000, 0x0, 0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x50000, 0x0)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0)=0xb25)
ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000040)={0xcce})
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000100)=0xeb)

[  523.943606] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  523.950894] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:10 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000180)={{0x3, 0x3, 0x1, 0x0, 0x3}, 0x40, 0xfffffffffffffffe})

23:25:10 executing program 2 (fault-call:0 fault-nth:48):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:10 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  524.207454] FAULT_INJECTION: forcing a failure.
[  524.207454] name failslab, interval 1, probability 0, space 0, times 0
[  524.224326] CPU: 1 PID: 27720 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  524.232257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  524.241620] Call Trace:
[  524.244219]  dump_stack+0x142/0x197
[  524.247854]  should_fail.cold+0x10f/0x159
[  524.252009]  should_failslab+0xdb/0x130
[  524.255993]  kmem_cache_alloc_node_trace+0x280/0x770
[  524.261102]  ? ida_simple_get+0x104/0x190
[  524.265255]  __kmalloc_node+0x3d/0x80
[  524.269058]  kvmalloc_node+0x4e/0xe0
[  524.272775]  bucket_table_alloc+0x3cd/0x5d0
[  524.277121]  rhashtable_init+0x4a0/0x810
[  524.281278]  ipc_init_ids+0xc6/0x1e0
[  524.285000]  sem_init_ns+0x11a/0x150
[  524.288716]  copy_ipcs+0x228/0x400
[  524.292305]  create_new_namespaces+0x1dd/0x720
[  524.296908]  ? ns_capable_common+0x12c/0x160
[  524.301328]  copy_namespaces+0x284/0x310
[  524.305399]  copy_process.part.0+0x2603/0x6a70
[  524.309992]  ? proc_fail_nth_write+0x7d/0x180
[  524.314495]  ? proc_cwd_link+0x1b0/0x1b0
[  524.318567]  ? __cleanup_sighand+0x50/0x50
[  524.322807]  ? lock_downgrade+0x740/0x740
[  524.326962]  _do_fork+0x19e/0xce0
[  524.330418]  ? fork_idle+0x280/0x280
[  524.334147]  ? fput+0xd4/0x150
[  524.337336]  ? SyS_write+0x15e/0x230
[  524.341069]  SyS_clone+0x37/0x50
[  524.344430]  ? sys_vfork+0x30/0x30
[  524.347971]  do_syscall_64+0x1e8/0x640
[  524.351855]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  524.356703]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  524.361926] RIP: 0033:0x45a6f9
[  524.365121] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  524.372842] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  524.380119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  524.387422] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  524.394681] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  524.401937] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:11 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)

23:25:11 executing program 5:
r0 = syz_open_dev$usbfs(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x3, 0x2000)
ioctl$USBDEVFS_RESET(r0, 0x5514)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:11 executing program 4:
clone(0x787467f9cda9c9c, 0x0, 0x0, 0x0, 0x0)

23:25:11 executing program 1:
clone(0x4800800, 0x0, 0x0, 0x0, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x4000, 0x0)
mmap$usbfs(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x18, 0x8071, r0, 0x1)
r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x8001, 0x81601)
ioctl$SG_GET_REQUEST_TABLE(r1, 0x2286, &(0x7f0000000080))
lsetxattr$security_selinux(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='security.selinux\x00', &(0x7f0000000280)='system_u:object_r:semanage_store_t:s0\x00', 0x26, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x0)

23:25:11 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:11 executing program 2 (fault-call:0 fault-nth:49):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:11 executing program 4:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x6, 0x200000)
ioctl$VIDIOC_G_SELECTION(r1, 0xc040565e, &(0x7f0000000040)={0x1, 0x102, 0x1, {0x0, 0x8, 0x8, 0xb92}})
fchdir(r0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
clone(0x787467e9c76159c, 0x0, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$TCGETS(r5, 0x5401, &(0x7f0000000140))
ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f0000000080)={0x10000, 0x0, [0x80, 0x10000, 0x72, 0xffff, 0x9, 0xffffffffffffff7f, 0x1]})

23:25:11 executing program 5:
clone(0xd2fad0e257e0e0b5, &(0x7f0000000000)="bb22d51dfbffe4cb0fd40bcddf921e4bad8ffdbe995c9e115ff3d778af070681a6326722d9d85f507d460badba8b0eb23930dfc426ae2eafb2f9df8c2738d528330072eed899783376821a8cad22c9692ea31291cc9244a3b4334d86d0b129944e4295f263cc1c0f2e744a9dedbda3409aea96fd3a9e866e50f9bb8ad749dfa036803f5c05e400ccab9297ed4fe41205d0139254b091ab5b63187f7d30ceba93a3a18b191d1b830e884335c15ce0008e", &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="5fb4d139a9bdb45d1ae30f705d310e573a928cb008cf8020d286b38ace8e591ec17ea9f6c30f4d5cfce751627f6502cb0ef0ac0022e91d908f55cc008da9b20a9d73941eaecf6f8fe81a004eab0f0d024099391fec2caae8eb99a25c5f5dc6dc294ef496bf85aee9d69d6db13f9aaf6c2a7a3aa9817988876898dc0347054095ea19742d47de78376e9c368580e53739163c5ebedd0c39c7e5284318637e43c0")
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0xf, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {{}, 0x0, 0x4101, 0x0, {0x15, 0x17, {0x10, 0x6, @udp='udp:syz1\x00'}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x2004000}, 0x4)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300)='/dev/zero\x00', 0x16c0, 0x0)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000340)={@remote, @multicast2}, &(0x7f0000000380)=0xc)

23:25:11 executing program 3:
clone(0x6a28900, 0x0, 0x0, 0x0, 0x0)

[  524.648288] FAULT_INJECTION: forcing a failure.
[  524.648288] name failslab, interval 1, probability 0, space 0, times 0
[  524.734045] audit: type=1400 audit(1575674711.426:109): avc:  denied  { associate } for  pid=27743 comm="syz-executor.1" name="kvm" dev="devtmpfs" ino=28 scontext=system_u:object_r:semanage_store_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1
[  524.768124] CPU: 0 PID: 27746 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  524.776064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  524.785509] Call Trace:
[  524.785528]  dump_stack+0x142/0x197
[  524.785548]  should_fail.cold+0x10f/0x159
[  524.785567]  should_failslab+0xdb/0x130
[  524.785578]  kmem_cache_alloc_trace+0x2e9/0x790
[  524.785589]  ? retire_userns_sysctls+0x90/0x90
[  524.785600]  ? copy_mnt_ns+0x47/0x8c0
[  524.791842]  copy_utsname+0x11c/0x330
[  524.791860]  create_new_namespaces+0x153/0x720
[  524.791872]  ? ns_capable_common+0x12c/0x160
[  524.791884]  copy_namespaces+0x284/0x310
[  524.791898]  copy_process.part.0+0x2603/0x6a70
[  524.791913]  ? proc_fail_nth_write+0x7d/0x180
[  524.791924]  ? proc_cwd_link+0x1b0/0x1b0
[  524.842922]  ? __cleanup_sighand+0x50/0x50
[  524.847146]  ? lock_downgrade+0x740/0x740
[  524.851281]  _do_fork+0x19e/0xce0
[  524.854723]  ? fork_idle+0x280/0x280
[  524.858423]  ? fput+0xd4/0x150
[  524.861685]  ? SyS_write+0x15e/0x230
[  524.865389]  SyS_clone+0x37/0x50
[  524.868735]  ? sys_vfork+0x30/0x30
[  524.872277]  do_syscall_64+0x1e8/0x640
[  524.876152]  ? trace_hardirqs_off_thunk+0x1a/0x1c
23:25:11 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:11 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$l2tp(0x18, 0x1, 0x1)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000040)=0x40)

[  524.880987]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  524.886159] RIP: 0033:0x45a6f9
[  524.889333] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  524.897027] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  524.904372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  524.911733] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  524.918995] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  524.926251] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:11 executing program 3:
pipe2$9p(&(0x7f0000000040), 0x80000)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x100)

23:25:11 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)=0xffffff7f, 0x4)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$FBIOPUTCMAP(r1, 0x4605, &(0x7f0000000140)={0x4, 0x3, &(0x7f0000000040)=[0x5, 0x6, 0x9d], &(0x7f0000000080)=[0x7f, 0x3ff, 0x4, 0x5, 0x14fa], &(0x7f00000000c0)=[0x6, 0x6], &(0x7f0000000100)=[0x0, 0x5, 0x1, 0x1, 0x6c5, 0x51, 0x6, 0x8]})

23:25:11 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:11 executing program 1:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
syz_open_dev$char_usb(0xc, 0xb4, 0x3)
accept$netrom(r0, &(0x7f0000000180)={{0x3, @bcast}, [@default, @rose, @default, @default, @default, @null, @rose, @netrom]}, &(0x7f00000000c0)=0x48)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x8, {{0x2, 0x4e22, @local}}}, 0x88)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:11 executing program 3:
clone(0x64000, 0x0, 0x0, 0x0, 0x0)

23:25:11 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:11 executing program 2 (fault-call:0 fault-nth:50):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  525.231097] FAULT_INJECTION: forcing a failure.
[  525.231097] name failslab, interval 1, probability 0, space 0, times 0
[  525.243323] CPU: 0 PID: 27806 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  525.251250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  525.260617] Call Trace:
[  525.263222]  dump_stack+0x142/0x197
[  525.266876]  should_fail.cold+0x10f/0x159
[  525.271018]  should_failslab+0xdb/0x130
[  525.274982]  kmem_cache_alloc_node_trace+0x280/0x770
[  525.280162]  ? ida_simple_get+0x104/0x190
[  525.284297]  __kmalloc_node+0x3d/0x80
[  525.288099]  kvmalloc_node+0x4e/0xe0
[  525.291798]  bucket_table_alloc+0x3cd/0x5d0
[  525.296105]  rhashtable_init+0x4a0/0x810
[  525.300328]  ipc_init_ids+0xc6/0x1e0
[  525.304058]  sem_init_ns+0x11a/0x150
[  525.307774]  copy_ipcs+0x228/0x400
[  525.311305]  create_new_namespaces+0x1dd/0x720
[  525.315886]  ? ns_capable_common+0x12c/0x160
[  525.320369]  copy_namespaces+0x284/0x310
[  525.324440]  copy_process.part.0+0x2603/0x6a70
[  525.329147]  ? proc_fail_nth_write+0x7d/0x180
[  525.333634]  ? proc_cwd_link+0x1b0/0x1b0
[  525.337708]  ? __cleanup_sighand+0x50/0x50
[  525.341950]  ? lock_downgrade+0x740/0x740
[  525.346233]  _do_fork+0x19e/0xce0
[  525.349680]  ? fork_idle+0x280/0x280
[  525.353408]  ? fput+0xd4/0x150
[  525.356605]  ? SyS_write+0x15e/0x230
[  525.360329]  SyS_clone+0x37/0x50
[  525.363680]  ? sys_vfork+0x30/0x30
[  525.367212]  do_syscall_64+0x1e8/0x640
[  525.371186]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  525.376102]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:25:12 executing program 4:
r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$set_timeout(0xf, r0, 0x0)
r1 = add_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="8d81612cff2899c5d4a786a52dbef59d74b9547e619de726b9de70ee53ff52ee46eff7964f5aeaae3a32831e2b337566584de13c181e50fcdc0b352dd0c3bcefc51a889b2c0fb03e2213dbbe6cc353826d3dd0b0efcce2f378178c421fcf99439f0f246108ed8f38d7997d48468e32a9f8e283f060e945d9ec58005e1c8e0545da34ba6148f13d22d536484975e07b89bd3569ab9738c2458bad365797960106b61bee561cec91c38a05082097f65eb338665e2d097371f848dbb6751e30865d9198d13581cec0ac88feed81acaaae4ced768032eb6e8c93836744ffec88d759c2d460391e36e645fa2d9bdff5", 0xed, r0)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000180)={r1, 0x55, 0xfd}, &(0x7f00000001c0)={'enc=', 'oaep', ' hash=', {'rmd128-generic\x00'}}, &(0x7f0000000240)="734785fc39ade7e167287aee7726fa7b9b196fe06c1ae401111104879d055225eeef566334e0110c84dac55071037fa710f6854b83d5a361e4c20d6686602d2d184359e23ff7fb04103f630bafefd397da59aa42b5", &(0x7f00000002c0)=""/253)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:12 executing program 1:
clone(0x10000, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
open(&(0x7f0000000180)='./bus\x00', 0x549481, 0x20)
ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000140)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000040)=""/227, 0xe3})
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/mls\x00', 0x0, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r1, &(0x7f0000000200)={0x29, 0x3, 0x0, {0x0, 0x8, 0x0, 'erspan0\x00'}}, 0x29)

23:25:12 executing program 5:
clone(0x787467facfa5c9c, 0x0, 0x0, 0x0, 0x0)

23:25:12 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  525.381280] RIP: 0033:0x45a6f9
[  525.384460] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  525.392197] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  525.399455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  525.406713] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  525.414013] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  525.421280] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:12 executing program 0:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:12 executing program 5:
clone(0x4200, 0x0, 0x0, 0x0, 0x0)

23:25:12 executing program 2 (fault-call:0 fault-nth:51):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:12 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  525.632709] FAULT_INJECTION: forcing a failure.
[  525.632709] name failslab, interval 1, probability 0, space 0, times 0
[  525.672368] CPU: 0 PID: 27832 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  525.680313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  525.689699] Call Trace:
[  525.689719]  dump_stack+0x142/0x197
[  525.689737]  should_fail.cold+0x10f/0x159
[  525.689753]  should_failslab+0xdb/0x130
[  525.689765]  kmem_cache_alloc_node_trace+0x280/0x770
[  525.689775]  ? trace_hardirqs_on_caller+0x400/0x590
[  525.689787]  ? kasan_unpoison_shadow+0x35/0x50
[  525.700177]  __kmalloc_node+0x3d/0x80
[  525.700191]  kvmalloc_node+0x4e/0xe0
[  525.700203]  bucket_table_alloc+0x160/0x5d0
[  525.700216]  rhashtable_init+0x4a0/0x810
[  525.700228]  ipc_init_ids+0xc6/0x1e0
[  525.700237]  msg_init_ns+0x12f/0x160
[  525.700245]  copy_ipcs+0x317/0x400
[  525.700260]  create_new_namespaces+0x1dd/0x720
[  525.750407]  ? ns_capable_common+0x12c/0x160
[  525.754833]  copy_namespaces+0x284/0x310
[  525.758997]  copy_process.part.0+0x2603/0x6a70
[  525.763601]  ? proc_fail_nth_write+0x7d/0x180
[  525.768110]  ? proc_cwd_link+0x1b0/0x1b0
[  525.772192]  ? __cleanup_sighand+0x50/0x50
[  525.776450]  ? lock_downgrade+0x740/0x740
[  525.780623]  _do_fork+0x19e/0xce0
[  525.784094]  ? fork_idle+0x280/0x280
[  525.787855]  ? fput+0xd4/0x150
[  525.791057]  ? SyS_write+0x15e/0x230
[  525.794783]  SyS_clone+0x37/0x50
[  525.798164]  ? sys_vfork+0x30/0x30
[  525.801717]  do_syscall_64+0x1e8/0x640
[  525.805617]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  525.810475]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  525.815671] RIP: 0033:0x45a6f9
[  525.818864] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  525.826580] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
23:25:12 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  525.833861] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  525.841155] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  525.848435] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  525.855714] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:12 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000080)=@security={'security\x00', 0xe, 0x4, 0x488, 0x0, 0x0, 0xf8, 0x238, 0xf8, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x3f0, 0x4, &(0x7f0000000040), {[{{@ip={@dev={0xac, 0x14, 0x14, 0x15}, @broadcast, 0xffffffff, 0x0, 'ip6_vti0\x00', 'gretap0\x00', {}, {0x7f}, 0x8, 0x2, 0x25}, 0x0, 0x98, 0xf8}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @broadcast, 0xffff, 0x7, [0x6, 0x1c, 0x26, 0x1f, 0x2e, 0x3a, 0x3e, 0x26, 0x27, 0x7, 0x5, 0x3, 0x13, 0x15, 0x29, 0x35], 0x0, 0xffff0001, 0x80000001}}}, {{@ip={@remote, @multicast1, 0x100000001, 0xffffff00, 'teql0\x00', 'tunl0\x00', {0x17e}, {}, 0x6, 0x2, 0x10}, 0x0, 0xe0, 0x140, 0x0, {}, [@common=@unspec=@connlabel={0x28, 'connlabel\x00', 0x0, {0xfeff, 0x3}}, @common=@socket0={0x20, 'socket\x00'}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@ipv4={[], [], @remote}, [0xffffffff, 0xff, 0xffffff00], 0x4e23, 0x4e22, 0x4e21, 0x4e24, 0x81, 0x1f, 0x2, 0x1, 0xfffffff9}}}, {{@ip={@rand_addr, @multicast2, 0x0, 0xff, 'dummy0\x00', 'syzkaller1\x00', {0xff}, {0x7f}, 0x62, 0x2, 0x2}, 0x0, 0x158, 0x1b8, 0x0, {}, [@common=@unspec=@conntrack1={0xc0, 'conntrack\x00', 0x1, {{@ipv6=@mcast2, [0xff000000, 0xffffff00, 0xce52ecf28ee1d907, 0xffffff00], @ipv4=@loopback, [0xffffff00, 0x0, 0x0, 0xff000000], @ipv4=@rand_addr=0x7, [0x62b18d8cf1e9538, 0xff, 0x0, 0x1fe], @ipv6=@dev={0xfe, 0x80, [], 0x27}, [0xffffff00, 0xffffffff, 0x0, 0x100000100], 0x9, 0xffffff54, 0x4, 0x4e20, 0x4e21, 0x4e24, 0x4e21, 0x9, 0x2000}, 0x0, 0x701}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x7ff, [0x80, 0x40, 0x1000, 0x4, 0x350, 0xffffffff], 0x1c, 0x5}, {0x3, [0x20, 0x2, 0x1, 0x8001, 0x7, 0x33], 0x8, 0x2}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8)

23:25:12 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:12 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:12 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040)='iso9660\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:12 executing program 2 (fault-call:0 fault-nth:52):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:12 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  526.328885] FAULT_INJECTION: forcing a failure.
[  526.328885] name failslab, interval 1, probability 0, space 0, times 0
[  526.370583] CPU: 0 PID: 27861 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  526.378522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  526.388931] Call Trace:
[  526.391534]  dump_stack+0x142/0x197
[  526.394597] ISOFS: Unable to identify CD-ROM format.
[  526.395176]  should_fail.cold+0x10f/0x159
[  526.395195]  should_failslab+0xdb/0x130
[  526.395211]  kmem_cache_alloc_node_trace+0x280/0x770
[  526.413531]  ? trace_hardirqs_on_caller+0x400/0x590
[  526.418562]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[  526.423679]  __kmalloc_node+0x3d/0x80
[  526.427610]  kvmalloc_node+0x4e/0xe0
[  526.431341]  bucket_table_alloc+0x3cd/0x5d0
[  526.435837]  rhashtable_init+0x4a0/0x810
[  526.439913]  ipc_init_ids+0xc6/0x1e0
[  526.443635]  shm_init_ns+0x105/0x140
[  526.447361]  copy_ipcs+0x32b/0x400
[  526.450914]  create_new_namespaces+0x1dd/0x720
[  526.455529]  ? ns_capable_common+0x12c/0x160
[  526.459949]  copy_namespaces+0x284/0x310
[  526.464027]  copy_process.part.0+0x2603/0x6a70
[  526.468624]  ? proc_fail_nth_write+0x7d/0x180
[  526.473129]  ? proc_cwd_link+0x1b0/0x1b0
[  526.477211]  ? __cleanup_sighand+0x50/0x50
[  526.481463]  ? lock_downgrade+0x740/0x740
[  526.485628]  _do_fork+0x19e/0xce0
[  526.489096]  ? fork_idle+0x280/0x280
[  526.492822]  ? fput+0xd4/0x150
[  526.496032]  ? SyS_write+0x15e/0x230
[  526.499763]  SyS_clone+0x37/0x50
[  526.503139]  ? sys_vfork+0x30/0x30
[  526.506693]  do_syscall_64+0x1e8/0x640
[  526.510590]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  526.515592]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:25:13 executing program 1:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x4000, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x1a3d0, 0x0, 0x54000000, [], [{0x801, 0x0, 0x80000001, 0x0, 0x1}, {0x801, 0x0, 0x80080080000001}]})
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000340)='NET_DM\x00')
sendmsg$NET_DM_CMD_STOP(r2, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, r3, 0x6a65bc0f1b6c398b, 0x70bd2b, 0x0, {}, [""]}, 0x14}}, 0x100)
write$P9_RMKNOD(r1, &(0x7f0000000400)={0x14, 0x13, 0x2, {0x8a, 0x0, 0x4}}, 0xfffffffffffffe55)
sendmsg$NET_DM_CMD_START(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100002}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r3, 0x400, 0x70bd2a, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000000}, 0x40)
sendmsg$NET_DM_CMD_START(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4002011}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfe, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x1)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
openat(r0, &(0x7f0000000300)='./bus\x00', 0x40000, 0x2c2)
r4 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000280)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
bind$bt_l2cap(r4, &(0x7f00000002c0)={0x1f, 0x40, {0x5, 0x7, 0x1, 0x20, 0x3, 0x2}, 0x1fd9}, 0xe)

23:25:13 executing program 0:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  526.520798] RIP: 0033:0x45a6f9
[  526.524002] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  526.531721] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  526.539002] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  526.546282] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  526.553909] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  526.561209] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:13 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000002000/0x3000)=nil, 0x3000}, 0x2})

23:25:13 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:13 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)

23:25:13 executing program 5:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0)
connect$llc(r0, &(0x7f0000000040)={0x1a, 0x102, 0x3, 0x3f, 0x9, 0x56, @link_local}, 0x10)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cachefiles\x00', 0x0, 0x0)
close(r1)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r3, 0xffff}}, 0x10)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f0000000140)={0xb, 0x10, 0xfa00, {&(0x7f0000000080), r3, 0x81}}, 0x18)

[  526.715334] audit: type=1804 audit(1575674713.406:110): pid=27870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir368478018/syzkaller.VyChbP/437/bus" dev="sda1" ino=17761 res=1
23:25:13 executing program 1:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x121002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r4, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="00000000c4107763febb895f68e1c8f35455f0e1a08eb0eeadd5e54ae3894440045a000000000000000000", @ANYRES32=r4, @ANYBLOB="ecff12000000000040000000"], 0x3}}, 0x0)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @remote}, 0x10)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:13 executing program 3:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x200002, 0x0)
ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000080))
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000580)='/selinux/status\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(0x0)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="24647ec1f9657ec9083514a13a6869137db10c8ecdc02af615eef53c16b248a40fee50ba491a659f14a6864e285cfb0c6a5b38c41d02afc17c5333211d387931a755af5d0ea42fe74bc117f1c5340900000000000000387d82277d991dd0b6729a62eb8dd6bed3a80af3059cff204440ffd39b8f01e9d0a4da4289dc86d100dfbdaa2cd7cee800a448501080d5b838a86b240c3f6eaf8f17ed10bc5f17f06132c72d21d592a7e1d31bc15aa0f03b91796ff6f8eb3f2371f21b8705af3df7e4bd2325c8654c3fc42f71b8983b970cdc68263738eb26a7652cbda8974c379426f8525fafaf4a6b744e5046ff352200ce67bce399f797dd558b68c0dffba8d3750be5fd5f5a74bf206414bbcad334f32da2d4a362fc57", @ANYRES16=r3], 0x2}}, 0x0)
sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f0000000a00)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000600)={0x3b0, r3, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x1c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_LINK={0xc8, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x132}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0xb0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x4, @dev={0xfe, 0x80, [], 0x2b}, 0x2}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x10001}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x0, @mcast2, 0x7}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x8, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xffffff81}}}}]}, @TIPC_NLA_NODE={0x4}, @TIPC_NLA_LINK={0xe8, 0x4, [@TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}]}]}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x200}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}]}, @TIPC_NLA_SOCK={0x20, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5c0}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x50, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1f}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xe55}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10000}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0x78, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-l\xe9nk\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}]}, 0x3b0}, 0x1, 0x0, 0x0, 0x4000}, 0x41)
r4 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r4)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc)
r5 = getpid()
sched_setattr(r5, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ptrace$getregset(0x4204, r5, 0x1, &(0x7f00000002c0)={&(0x7f00000001c0)=""/212, 0xfffffffffffffeab})
ioctl$PIO_FONTRESET(0xffffffffffffffff, 0x4b6d, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  526.804486] audit: type=1804 audit(1575674713.436:111): pid=27876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.1" name="/root/syzkaller-testdir368478018/syzkaller.VyChbP/437/bus" dev="sda1" ino=17761 res=1
23:25:13 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:13 executing program 2 (fault-call:0 fault-nth:53):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:13 executing program 5:
clone(0x787467fbd6a9d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
fchdir(0xffffffffffffffff)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3)

[  526.977255] FAULT_INJECTION: forcing a failure.
[  526.977255] name failslab, interval 1, probability 0, space 0, times 0
[  527.010094] CPU: 1 PID: 27911 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  527.018071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  527.027517] Call Trace:
[  527.030119]  dump_stack+0x142/0x197
[  527.030137]  should_fail.cold+0x10f/0x159
[  527.030152]  should_failslab+0xdb/0x130
[  527.030163]  kmem_cache_alloc_node_trace+0x280/0x770
[  527.030174]  ? trace_hardirqs_on_caller+0x400/0x590
[  527.030183]  ? kasan_unpoison_shadow+0x35/0x50
[  527.030198]  __kmalloc_node+0x3d/0x80
[  527.030210]  kvmalloc_node+0x4e/0xe0
[  527.030220]  bucket_table_alloc+0x160/0x5d0
[  527.030233]  rhashtable_init+0x4a0/0x810
[  527.047084]  ipc_init_ids+0xc6/0x1e0
23:25:13 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  527.047096]  shm_init_ns+0x105/0x140
[  527.076245]  copy_ipcs+0x32b/0x400
[  527.083478]  create_new_namespaces+0x1dd/0x720
[  527.083488]  ? ns_capable_common+0x12c/0x160
[  527.083499]  copy_namespaces+0x284/0x310
[  527.083510]  copy_process.part.0+0x2603/0x6a70
[  527.083526]  ? proc_fail_nth_write+0x7d/0x180
[  527.083533]  ? proc_cwd_link+0x1b0/0x1b0
[  527.083550]  ? __cleanup_sighand+0x50/0x50
[  527.083560]  ? lock_downgrade+0x740/0x740
[  527.083574]  _do_fork+0x19e/0xce0
[  527.121544]  ? fork_idle+0x280/0x280
[  527.125286]  ? fput+0xd4/0x150
[  527.128480]  ? SyS_write+0x15e/0x230
[  527.132207]  SyS_clone+0x37/0x50
[  527.135582]  ? sys_vfork+0x30/0x30
[  527.139131]  do_syscall_64+0x1e8/0x640
[  527.143017]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  527.147861]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  527.153043] RIP: 0033:0x45a6f9
[  527.156220] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  527.163922] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
23:25:13 executing program 5:
r0 = creat(&(0x7f0000000040)='./file0/bus/file0\x00', 0x2)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bsg\x00', 0x180, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000000)=0x8)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:13 executing program 3:
clone(0x787467fb4fa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000180)=0x3, &(0x7f00000001c0)=0x2)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r2, 0x0, 0x0)
ioctl$KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f00000002c0)={0xa, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]})
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='bpf\x00', 0x1000000, &(0x7f0000000080)={[{@mode={'mode', 0x3d, 0x7}}, {@mode={'mode', 0x3d, 0x10000}}, {@mode={'mode', 0x3d, 0x2b12fd15}}, {@mode={'mode', 0x3d, 0x2}}], [{@uid_lt={'uid<', r2}}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@dont_measure='dont_measure'}, {@fsmagic={'fsmagic', 0x3d, 0x4}}, {@smackfsfloor={'smackfsfloor', 0x3d, '}'}}]})

23:25:13 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = eventfd2(0x0, 0x0)
r2 = dup(r0)
open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000002240)='9p\x00', 0x0, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
clone(0x80000800, 0x0, 0x0, 0x0, 0x0)

[  527.171177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  527.178434] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  527.185687] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  527.192945] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:13 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x4, &(0x7f0000001240)=[{&(0x7f0000000080)="442e1c1753d01d9131736db9cc461f9d9c747c97f74ccf594f46e535bb38e587bb15a41889fa3297b38b74492f50f305c4426e17e34cb9b1fc1b041a63226affcc8e3a1b377cc1c6a0e5719f5ec883a57de7cb9511285e8e44eb5acc451d98fb50fb49b880a403dba672163427608071e4296574256a490d8a4c3a01e7390d", 0x7f, 0x9}, {&(0x7f0000000100)="53dee79325c8d7284a5c6d9c36e252dcf27441a4b1ed73046db95bbe32516d2c", 0x20, 0xfffffffffffffc01}, {&(0x7f0000000140)="96ec58ba38c1eaae2b294f2b942165158dd33df21770573212b0e7a0b1e00acc69e94c383e63a2c737a99e39011e3172f7484fd2fae549779e66c58bc26431ce7faefdfae49c845a4a617c6e23ab5a1f51b7fd2fc699ba7e61193495a142ed2f24bc31f04ae63bd1c52d57af4dfc66a3d9ca2cbd0b0034ad0246ca02b1e2a86a6906856d999233332dee96b3b654311fa155970121c3144be9d7b882a004b68d1b6383f963ffdcd41cc3eb0f531ad9af5d7d5482ddfa16c2c6ed67f14cbac25fc9f295ea81b3d4f0ede3fea1f8e33a4a6699586cf8ae7e4ba150a76dab84ec01d8ef1d1c769ce28f7fe35d9a278f87181e55b8ad633af9bc35b5a2c2bca87098bab0faa9e1646e4bae429ad5ea1b66cb189f57984f0d0e405fe17d8fca52ebb0e11bbd108eba82f04dbaf26252920d9d49edd24ea0a49135cb8995611609174c9af16a970a2093e84782fb8eb9fe28e5e4074b357b91ce058cba4382708c3b0e6f1f14770a66a2de607b11b05e36aed9d91af4b4d46c995ac7fcfbc1636e754515c929aea3ba7ccd57a8a123c4d4e3445984e5d9e156afcd8a34ceec14c9690bf92771fc8724231bf33ec52c2f9d84fbbc387ad6c981900d47897db85572b87524da144ccfac536609ac22232932417d756d0b1fe4b34a877b612d2ef2ebe8fe8cd5b03bb8b25f7b66a66b0b901583b88f130b559938628274f083bc62ab340400e9ebc9d6c1c93ea79081e7e055a3c19303687a4de43f14bec576c2366a8d4bf47e147d02991a988d99e365c8d8c14c4b8b9f1230e19869847382ca8b9cef7a3980d0242a9219d3da7d76086684c3720acd42d7c45d58417c49240e674613bed23cc284f6653ffa2fdbe5d7a4d6a1c8e2ad122be86299b58f471bc390680217c3265233187734d1046535fde095e16d8e649b2493ec311b331d346488f5a362f3577fca7565b1f92e06a2f2976fe9bbc2f656379641a2853427d3666f1dcda8b7ed29c4bc0553563b9f39cab4bb15914050971f4d035a56acd4afd406d19daa84fadba4b118e777751215e382230a895324d7d2ffcdfe48531f280b0f47a39f1c130d6e54750c7e456000d6d63c5a9281546cc9c3ec83902b0f82cea1a2b56db329ede92d21d42df8bd666fa671b4f3e54dea0c2b81e4bce835078ee9b5d99a3c69a715ae1371184de10da95913b50ed0f22d335f234f4e887d4033b1d71c7d230476243b33a90683171f0e2ace112b5e2ad4119105a69fdcac6ab029908682e4a0bda1e56a52e66f81aa6d559e064c059574f3d7a9ad005a99c74b07f8e17c5ef8fba64427d5799d2faced63b0db876a3f8cfb5b446b3db37188137fd27e59dad76e609d3820020045d8319d1df7a6c2aba2fe3156601a5237609c3929012b5a6aff3bdac9d1b2fe4ef774a8e916f62f69d3bcfb61e571ab44fe29adec2f03b1c4205ef723e8f186184c58a9944260d796ead7efe5835408c31955498eb17e6c96a03c7616528d3c4e33ab00e31f2adbbe48d29d78a9508f25eb585a8f6f40c99689a2bf8bfd4b62534098a46c6d69ae47bf414e1095e608d09e6f548e17b5f8bbbb04f42862f6df0a6420895598b0818c7fc4087b4867cbf9d95679b71906aa72a7d7aaab9d3339bf123388ebddd20e83b3ee837ed4d659f24b360a451840cdd6ba9e86f07c887dd1a22ecfca6aeb4aa1cfbf039c6851c3c23e1334766eadc32cc383609b3e9a1899482de9209b6006ec0356c336eeaf4a1b09699a9f35bacd15dfba756628647f873441311a968f8ff68e93280ce404cf32b3806a4b4c094eae334822ac5a13774e37969897a7f1fa07fcb6a099a81c185a7fbb76763cfa4e005ba7dd423bbef3418dcd115f20f2ce04b5ed3fd06cff61ec23397d9d8da325b662faea85f01f62a4096e7c6519c364a068886fbdd4506b8a5f4fdf480b8a7cbcb513b65a8fdb4609a674abaf20990a64857ef078b88d0661d806c23ec24cd96f76ade5dda84024316980c72dabfe53947fd3598f678668404efbe86185193bb6986201f49621b8669ca549c053e832fa0a1ac2d53f0505bd055305ec478ef0c1c50bf3aca3eb68e2d168e245a2cdd7983e5488073a1a47834972bd70a37f01c48de9c1151d5d30f4895f07a0ec3a504209b664236683fe47d23b391397f5878b9dd2bafd8582347b20163145d2b749daa98e8d8de90e850062b66916f181c968689aefc09ca862f18c1cd96e1dffa6f0ff8dfd3d5c8df554dec6f7138a7a5cce3f90b711826b4d5960cb239394bd0df8725d5ccff79b6361ceb75aab69ca8885fe5fac58ae5b69b7e308e322a8e3206693a5f939af979e5f5eef035d2d8d2faba0fb954205f5dc390dd9e9e1699d0b224213258f2d3766108ac30f376e7495dc373e5f56dacadaa9d8f36756cb3461faf7e67396da9ff156d6f03360754ba4edfefe4224cc1e0f6add8ea89e9cc91a7085ce863b146fe542384a1ffc4c4c3f7f70e900263b73da5ab7d15d9b42b102b4b2106795ec77507c2a93a41fe0b9110ae190a7e0abe454a175a205a4ffe197574aa16f234f4945728f548ca0f296e40c5e0a2acb2802a7cd2e4cd60477f76eccbf2bd1dd6fe7c46b5a27bc0e28ea1585ab75f326a1dc142a9510e18ea21971ea61679c9c16529e01d9cb17709de26b40419509b6e36fea9af7674e019d63d2843b9ef95474c7b5e873597f201cf6e47c0d70e734f8a2d92b2d704e2350fc91e499e0cc024167e2ff738a7777858e546d1d2c9916ae90dc707e062928fbd214fd65a7fc33a745543af8b73c73e048f0170ead41027220a898cb82a054f980b0296cef77fbb2d280e870a0cc6bea7539901d6aab2f7c39a04ec20078cafba0e1be53c97868aca4b42855a033e3b47e689b16b404fdb6a4deec217354f80812b41b25a365e6e5b1a25af57a8e4d32f0a25c623e4e120fb82b16db719a2f6dca2f2260e71264e67086f040ebbc7a8479bcfcb58041ee3ba0db4dca61c7a949792d1e3c0f985aa9a023e766cf2479832aa40ebd1c65221f4acebe170b10ea27e6bd15cfcf23f3c568704c50607e3f8366cc3a1f2b5f96fdd7b842044cc89c20c2e7e3090bae44c2eef6b8f22483d89eadcad17450f14e6e8fc043cb961e0b349287c7cb79fc91b111f1aa27d8b192f38358135d11ffaa8f10fd3842dcdae45601ae84bc07e7f09a10800687cfe0cde2282b502402317df18f0c8dc15a813509f5987ba443f9d966e2492b12d238e63f907d19fdb2205332864d8d1cbdf7ff1816785f82894bdf9ca8fbb5dd55d4ca43ad00b31968c83205f51b7fe89d192a174c60272be9796281f5fa6461fa6de77cac499f0c610d4dd8c0ca3dc29e87ff2c862d6e0d1d152d668b1d06e16f81a8635a840eaee3f0443ffe4199896b73235a1a82efaf2d3fb46b64bc5d13a4ab03810cf31c20fa9a4cf56c369e992765f537f2338c66f009cf7dc1431269c15bf08735489258fd315021d6188cc9d4b226f20f982b3911ed08a10c909a0ee306bceea0d3c95cd530e0009cace81175da4ff6c50894b15766747245f97092c2fdf6db3a7dbcf5a43cdf93743cad77d5f231c9740dc431f00473e4d38e7f1838d207c45d63b5a73d59a7694353c8313bfb33b9538de2c0f9e6c89987c046455830d847092d870dc38cbd004440c6387daace4af3d66ca391637b0586dd8c1fb40903a050dd7e92d718f59c2243bd65d9c568875d6b9c6984c9baf18de920ddf6813b7e94224423121accd144773e7a35678abb1775a9b214cad6f5e158361418b9a613fd77e42dfd3f4f6c977b97cfadd318cdb02e5403325e80bd7c5d768a56a2e96ef3eee90da7df446f590f0d74316aa46ab45484a2f057dbf045be7e5bed4d3650961e55479e330c526fcba8a51ecd2ea3abb6a39880c8f54871e9fd498fb45eb5c30028bf11ed644b2a87febd5a5e1db9c21e87c8a3e9fece892c2fd2faae90de94458215223f7303a5165a16374407994b242f2fa4cf0bb95aed7aa1e3ceeeb71166ebf4c0a475d996bf03221f3d87d9f68de98ef4b427ce804bc795184a8cf77644fb6ed40e550a11139ee7a1ea12f939cb81c18cb07fd8e64e56909dbf05f80476694f89d8fc413f1a05ddd5f59a51f7f4a4ce6ef1b674ccf954944fffaa37bbcb8f117a47cfcb116040d42d43d0f27424a3cea660c14467fcdc923d954fc517503bb51180374188b920151155cf709c62fb0622d445cf8c5ff17cf6d9cdffeec30367923596da31de48eacf10a751d286ce8287529f710fccde4c51224f3a96c8d69d33ccbe627f0f8225af85ec50e94f6618c8e06a258e3df1bf194be65301557684faf30ad5e616f6038520a0a076c07e93032ae17f943f253d1df332a86d1481045f84d0a86643ffef7b32c4b4bfa518425b3416bad20752c6201518c257b2828ecad4479b0a2ec29d88491400043b75ec7348f32999902cd7b9a8af705cee73bf1b3419c22bae7f928bd0785886e737633651718301855f5e0ead3ca37f7e01685b2bf1fbb49331d13e1d4a9e0e276e2175f64c55a99d80f5dd30e421cff2b77ae69cfce4882561b558a61cad31b4b9bf7fcb72c42aa89716974dd46393e1850d20efa68947cbda26e38094e57598751831692b783368f261a47524a5c9b7b3ccc2d6bf36eda79c8c2069efff69eacb09fcb3893abff69ad8c798f4df3fd25c0ef70d50c3359cb2222abeb59aa886f767dcd6e34f936571e351bc7137bfcb071dc70f7d504a3ce5430b4b97de5e10ad01cd54cd4191638c8fa4dae887b4e7642930bf804142d1c5ac243ecfdbe0de7b2677c9a2d1c83a01bd4b1928a9468750982ce64b9840f3a7631bc142fa958b1e188e27ed73b0a54f63607a8789bf72dcf708ab2a074305a87e9b96873330680df61c82f972467c294a1cca14c0e20996432fca005d69488422e0f02a1ded51b4432a6574e332deb5ff755d9f21249b0343977b0cb1de30866c0c319fcb5837b0f4ffd76373839c5f29268eb74fb105a9f05f01353cd9743c20a4756898ca6d855a2c841a2632c93ad921702f0750a4a0dd8933f411f4e00bac2e960990423bd87fe33ddcdd232619a8fbf7bda45daced8a9c73b0152edc5040f4f90d44bd8d4e8f6f66818c1d298936655a862da635aee0ce8bb74d5114883b15912ad1d71b002d0a9ae50f7e3390def70a91d03057637519829e89e7be3d86ddecb99e69c51b53c30d66dfd86531c4574d69b00f16907d9d5ecf53b6b095cb96242f472ed8b5372c1e66fd0f95cbc894b458dfe5b3f7d8cb641d04a10919b19431cb19fc57f60a8c22f499ee951f3ecb8f60860c6010cf7743279f91b27041cfedb625085bfe399509fe0e363e8e951a49d41e495aa00b1ff1d21806b56d9e46712cc57720261ee6ac57ded959691a518896378a81e76cf62968a34b947f937f3d1e60bb0a641fa8fcf81fba8bf7a2f902fa9c72c849f96e89c624a8fd4dfd2890dc333cd3c51ff4c7ebe37e213df4b5199ed7fb705910662f9c6e34b9b5aaa0555af018723faa9457c67743ebed50d409716aa43329f83a5a5e1aab3156ba9cada53a5627be3f4bfdd131ee58a28e424f23786a70e2e263405eb01cbda93c10ee2cc7c0bc185dd26ba061b743403aa67eace32f9302e5f7ad5fa9ced441f006638f39be61d96ea16d35e63ea2c665cabcda11a04cef22f0d8ba348d95f93aff0d8af5122a799ef765b7d844e116d0bc57777698e55306e5bf114114debc2a2ba27c05875650bd8d1963199530008a695a320fcf", 0x1000, 0x9}, {&(0x7f0000001140)="265e7b4a0b7ba683893fc411d16a0d9b810193f4f11e5f42fbbf4dfc9ab5add74f40f803d398ce53d422bc48d0d2fd4ac00826748bdfe08d38e5c325212903c458bb41e1691db1684481cb86958055cf386e92d61bcf5caa95b84fc9de8969bb574e971be7de9ab3a57db30c3517378141c5d952b25a5103e644b25bb2fc13000d3f9997885093e006b8005148e5cd7cd9a6f40e97961cd2fd6e9ce6e989b8f176407e55cbd15083ff30c00c80dcbcdedd5fb339fb9833bf9021d6f3f13ff71ca5", 0xc1, 0x1}], 0x1000000, &(0x7f00000012c0)={[{@quota_quantum={'quota_quantum', 0x3d, 0x8001}}, {@quota_account='quota=account'}, {@lockproto_dlm='lockproto=dlm'}, {@norecovery='norecovery'}, {@discard='discard'}, {@quota_on='quota=on'}, {@noquota='noquota'}], [{@smackfsdef={'smackfsdef', 0x3d, '-md5sum'}}, {@appraise='appraise'}, {@smackfsroot={'smackfsroot', 0x3d, 'nodevppp1md5sum\'+!'}}, {@smackfshat={'smackfshat', 0x3d, '#mime_type&usereth0{'}}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}]})
clone(0x20008000, &(0x7f00000013c0)="17ad742ddc39a3eb03002ea76de5b8a558ad5e04a9d17808dd1dc2d5926a00553ce92bedc2b0fe24a163b8011214393018b5f9d8f8c5d6a824474ef1911ee27a0c7cee762296fc3be07f8ec201e28e8d8ed6ac64a6229ddf91214a334fb026288f515fc96680e55301358f509564f18735443c19313daf00fbdc6390535f3c3bf4b72828fb66dff7680f331a50e7a1d28ae74e6022f1c271e675470a6cf375fdc5b4b99e04f38f07d45042fa693fb4307f5624ff7a819d", &(0x7f0000001480), &(0x7f00000014c0), &(0x7f0000001500)="542aa2cecf395033142c84f58bf518d0adb46dbc")

23:25:14 executing program 3:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x40002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
fsetxattr$security_selinux(r2, &(0x7f0000000000)='security.selinux\x00', &(0x7f0000000040)='system_u:object_r:tmp_t:s0\x00', 0x1b, 0x7)

23:25:14 executing program 1:
clone(0x926c687182259999, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x40180, 0x0)
sendmsg(r0, &(0x7f0000001780)={&(0x7f0000000040)=@nfc_llcp={0x27, 0x0, 0x0, 0x2, 0x0, 0x5, "c0652fa211a2c69481534b651cbcc358e8bfa66ca6386e9abcfd91740cd6dc64a233d6164daf644efcbc0d65e280c91483336c1d0018f911c3ec96586023f5", 0x2c}, 0x80, &(0x7f0000001200)=[{&(0x7f00000000c0)="23599bbace5245b9b7e76af2213f889ecd43650d68cc4da7c9526f87db3128ea9e588ed57b6b441d145c2c15a2022ce07c3b1fb41e83e6346ef7f016e6be3ba92a09c43a484a726e111e0be21215aeffeaf4f29d0bfcf987b817f0ebe0f5b6ab8e5513a8376923c707c7db62f8713f0a105b35a3b0d4e45327d2d351a3d5f61b46cffd39e14cfca69d3e4bd9b54c5557af432d566ad388491a43f2cdc0472aab2a77877f0c2b0fabc74f1386132cc35adf5187cd9b5b6451f86441c1190d07b3caf53a2c29a50cf2f30a2d94cdf4dfaa18dbdf95be61ee0071b21d0c768d24502a0597b680ffab13b0ff6439a644bc01f94ed6", 0xf3}, {&(0x7f00000001c0)="a7339f35cf8c28d011caf268cdf96db4e3dd040e26c3485b1c8b0cae3a9c5b3f8336a1f70ce96473eb39617718940e09435d46dbf6", 0x35}, {&(0x7f0000000200)="c28d8914eecba678d086c2c6d5cf61a69f5c82f557ecc0dce250a33d947c87aafcda39a16cc2f5d1aada4fd9115f3702f64f8e9be29f72f146dc11fd58f4460cddf0f5d8e185d9342d7924bc8dcfe69eab041985ca22d7974e6cebe8c49b3e116ae0be5f3dc1ad6cef68821a824a91865338a2da652065c4224610eccdaf201c609cc7d4763fc71183719c237ae4f1e30934412e523e65919e15a9b364b2ff2fe544894dbe0e52f851fe6153e0921e87ef77b189f4b38dfa8288a575acca98cda8c2b573824fd71d94dc8ecc3ac55bbc266c434fb4e9b37545a6759372e5badd6d2bb8680c8e5e9d56f480caa3a71794c03847cf06235c01ac296e1091c8e7f5e7f7103ddcbac7e51f910dab29f2f968bea50d532872fe1296d09ebcd799bbf7ff007f77b809578c14311865bb7b0be79e2033d55b3b153b8a61c2bacb339fc0a1c392f3a84a6cc098102e808433266ef67c4884ae5df11d5241d651d130d2137f2840393ae9a6becbbd64dbffab5a7aba94ea8299850c1fda01868dfd945f40853e2c9477701c5e4bda5e00d8aea4d7c8eef2db7dada8ead98a397886725631ed198f77d202134ae4c6e87c040787f64b2b138686a05b4f9fef3cad2d96df73df9ebbdee05e8615439ccc97426c11c379d3393cf28f7be7c85c2ca2534df11f1705becb1c4f4518c73d0bb6548bf2c2903821f39436336b8f4affad5e719bf73ed9142764c4844b021edc8c1c08560c4612fda7f35dba72f8d09071e4cf37b569b7f3e4ef1ba7a64535066e480069cdc1f1684d7125bd3b6a19403e2903d62872aacf6e71b77b98722c58cea330a68af9023bab87b654b01ddeeb25bddf8ce9fb8090374f54d6c2a31508ab2032d67170021e9825fbc5880e6ffbf95887565754f43656448f57b6fa29db98ed3597568f13d90f34e961633a5dd7b6f51eba82c7bdc7d36156e2d664fe46c6486d110235079f5a99a99a62b7d0afac184318f1d70a8b5047340c4ab7210abff7bf1d32ab817820fe4522a85c538999466389716041a7b07bbaa1fe58657fa7864531fb535834110982e0e42e70f06f6854bbd8061985df02e72f846af09ee0407cf88b6fef6308daf2bf07d3a8948856b5d6ffcefb857ff7cb7a4f4f869ccb37408c5d22ad07a7cea391ec4dbbc8795403ddd7f97a5a74dbd0c21430eae3e3e640989760ba79d592ceb928c1e13dea978b268d82094018664f9c74412a8a1517b6474a8e09d4b9a94e676c9342d1df45dc2ad571ef7ad6a17d87daba26d4b774646ef47888c991925acae217bce4a7cb8cf5391a2207825aa0a9fa7369dd5cea1c8db1fe10417531537335183a4f18f61a81902a7640da434067661f1cacae5872bdd385c18c24d65354e64c3eae075457ffa270d816f0901aa46e83bb546148eb3a5160521c245d24a57a8892de061add761f15e3cf06131ccdc5ab16ecf576f04b07031aa00c7f5d36ce74a79ecc761ff0d7292acd4367600703a49f3fd7f568794fd20838780e72b242ab7c29f0182960a463e17823f714bb582958711d0547c66e101b6deeab0e3b525e2f9742548238d67175e1de9a1719bc469d6d5af2ed976ca07fb1347521c19444d19c6ee54e6cb10281edc3d550f5aca199b01ae0afaaecc7d93cebfc5eb8f1f3fb65fdbb4b8ce19e47f73b490df23d0f6f8a88d77117ef3c55cd8f39ae50c6d95e8e9b3c770589318f4791ca0715174a20e6704bcd8bf192480e66d508c975d51b150436aec911c7bb18d1b42e0a4e1027d69b3cebad8fb64ae84ad9f27edfcb5b714a80036d020f27267e7a40fb0a79cf5827742bdfac26b43d69afae7e84955ac204388fe222128e6ae8408ca8eef07e66968c94529b59a24acc888a0964572d39863b7fdad9907ab8b433af700ba82b23b0354a24b4fd97f281a6d7f8e9c91ac8da72c11fcd8895fb6fd6da93a643fd0fd7be4d0da7c5d47ebbd0591eec64db26c410c9ed656826fea8ffef70111be19dd3af72ab8e5e0929bb66663c42676a12041ebe87a366214e18bbbf73e8dcd6df4c3e53e3ed9c181c89090336b31e4d592113fdff99f97c6d33ded52291f16374a65184c294920548f0e03173a95a1c002b4d75a3fde10d1fafe35ce3839ca9d28a69a5a2419a914daa2b7f10210af4cea1283225c7b1bdcc42eb83ecf148a9b85c660db46b13519d57d1ee751344c9e84f41f5bc0a22678f81aa17149ea041091b77f56267e39fb3413c9572f42c9f85bbed8c36c2746f92dbe62df98d1fab8e817176d03a2cad9e16d9d92af99d86323d8dab693997cd9d069e739ca3ffb6103fcabdc822e728a27bcc0da9084ee1c986f7af2537d19218e51cd85cc28ba4b31b2d8918c06ea19f0d1bb1321c8e44d1b5fd0f160e6fd62d20cf22be669ad987184ce42c97bfd410f927f711d218731834ce762954627df7b7a023c07d518ca74c0faa6a9f18aab1e354a06966638dd259f4bd35c5157fc91d41d5de15420a37e0dbf7626bd61ef81c0e9b4ed67f01a78dd5f586418991cd97b81ebc2090957ca5133f21611d7e4d05f03c4ac550d744f4d36b96e5fb5ae2675fe605c0342b3a331dcde74f5330cd648a738de9bab6453fc940072a23fb70686f46e3821b033ac2a79a1bed0c5dba6cce650cc5e891f50e84de78e062532b1956d4e3a3c8f5ada6696d5790eed5364db41df731fec2ba48ceace0dab15211e20775fb9a86b477551a494b7eda1c5ea170263db4efc52aee9a0763a93a2655d2bc8bbdda47b1f4060021c313a66258d4f8c80b888163b3fad96bb2b52dba44e7d4bb9e54cf274bd781db1eee29e138c810be0f24587750b815fd0fd3c61753b0d2c5b18448006181cba04c93cf3f3b2f847e17467f550f559f629bc88d2436b4db81842aad5e4de6e0b9e2225aa61ad69aeed2da6deab78fa312d81bdd8bb22bda13ce3b29c47d967896ff28eb434bc298d28f5fdd345787a9c1cac85c72e0b0c16df729938c40aee46c82a1bc71a69ce77f67ee77eaa463f5cc62ccaad99fa5efba56556ea1ed5c1c384a8b31ffaafd07cce7286db145ef9b257779f87d57e165c8bc987307dd323e3014c37965934d78796928390c7064e1510bbfee6cf745ce69b35c5f7e469b646b429057d83c2eabe6845a6079ef82b26a5b5be04468f747946c0b3e91a27eb8a28e99ddcf3511f47ec3ec3698ae4286a713f08141c755a06d809bc80b927d412ebd7d7465246e6204e13fc919b65e91e1afbc6afc5f0b5143e4b21f076d5b39ccf95a9d9e1e5eabed539c9ec6921c5d0a0d45a0515dbafa5a6b23661536c6390db2f1c58e6e07cb447a32c9fb1e7254ae5b15a8b4618c9777e7d26a1415327f0b2ca1e6548fee4c0f44762b3b1a16a46bae0c3289095fbba3a0f884f38fb7a2162d804bf8de90e23980a72cb395c1c8b21e45e613660ae40d8d1b54a7e463bd8375caaac5e1e155f2b2764eb947a772465b38bfeacd02935cfc852b74cf17fffd3e181ca9d9c6aada2e9cee558dca7adc4ba4e383f193028f8a4d500e2059ef0afa493117921c143fc66bcef9d9702a987c3febefb13d86ef184aa1adeec98bd126ed0ce0e2377bdd217060f3f92d85a5d8f7a4c938e0fa1fde29f1be20b78055f5561ec3d057d45dcb6615d30146c7ec812614e185f319494222c4e99e14f87bf83727d91a6e78097fc49ab7cd4cc449e07808193f41cc7dc8c2332b7de913a0422a55e4e4e50aafbd67287a69b4951ad4bac61d086a70d03af2d57921fbcf878e08b24d5fa34d8d7e0de23b8332ca7b310b0bfd23b9a3b075a96baa490e57c8da0a8931d6ffdc746d6a50ab2e8e24884bd13c8a76a24f4c1c45038f672b14f5e717aa6687b482fb4b736fcfd7c4e361c9e9f2bc4fc880012f9d3ddbb1a903c5687ca48d80f960eab7f7fe95fdbc7f6684f2c688f8f7e5d1d83a73ac2b18a13f5cf6a57f3c2ab7ef1752561112d01a9791155a0426b1a12e3a81eea78e5d98c7352fd0e1f8e3c77f7a3fa3e140d321dbb1d59a86ba18ec416809f7b751b9e855855ff54af27972dd3578bb722b24bb0b6b7a78ee2ebadbf9a548d02d350f7a81c754de2d88a245aebd92dcea890ecbc35cac27b4f03628ef61dd6e96d6a3808e747158e47bb458c36dd8b867957e05dccd2e5a0f0759feb9b0e5231902bc407c6cf79a7a04effd1de23ea4891d9dbdb3dd83bfebbe6e76c446d87e65deae9a51293226cb79c2b293c347811da50c97c2011aa0b3c5425822f3cf67fe8779db11e214e1d14c310201a85c50d39d7a5b220a4f900a976406ed060b9ee3f9ba3ff4302eb8a8694de9974726f3ba539e5efc771be17282d086b47443c6252812cd59b0aebe33cad08bd0cb28d77c72093ae46c18b3c275fb7351cdca4dc33b2fdd1c24e2ec2ca3cf58b3ac3703d1287b516595714ea78879698a27d726aa3cb7f6e2f9785a5b26a998fd6a063cc95abab452796b1e160e82c224d7af50fda10a64c0197b6ff80cc493f45576b06fdd9d8f02b58952ddd895fe9ae631c2567c8ef9fe14f407757d80637e7d4b9df065c60621f57511dabbd16cc6e015692273303effdd3267a3d0c81d342b6e52e71a73c86e0bef4f2e36e993ed8699c1a218749325cbb467005612d0d730d60bea3152f50c1dee12058af0e177ab140699e2f542362c9481660a74d8735756b7cd721d428ac56db92f4bb99a06dd4bb65ae6689446142182692604ccd127e4129de90c749643a26b0dfc4bd2bb6e0804892575cea36010a633bbd5e52a49cb604a7fba96620feb6ae52388a030ed1fe32ee9c9bbad5c3af18ad13f6881dd7ee8397a574e88f7547c800cc7d8d37f59aeca27f382e982494d16fad5023c637a9190d0c3e51596b4012911f805fcfe4c2d0129c6f31561abd445574a723413a1a4ed7b389a65788de2352f597a09c74d78d300df48cd76d3a29a7c017f2958bc00f3303ef49bac05e758d9f9b77e119a04288b9b023cdf63d4cae38fad01c63e0157201e51605326c46f5a55cc80bd53ef0da772cf6104b76817f4880ec4b6509e24379fa820baeb7f3fd581391f4cd5bc957b0c6e6bbceb3933f1fe4d5e4d5e685b677d2a9661b4d447ac7f27c0a08fe39a17c51d56ab2473b73eff4d7b18bedca2038197d9f3f11b3e98c2c2ec36e8af5905beaec690c794d4330d1fe857e0d937cc48c633c93dad735b58f3ddc4a3a3104b47b0fe36b58846519898a3fb56d520d462d7ee01350cc2116d27cf06b03dccc0aedf0af783e0a4f869acb233011d567d7b2b8986af535cbec0d5990b394ce1a5721a93ddd3e809dfc857e4100317d38eb432c13994e9b01d3f2557d9a9b9a1fd94ff0e161bfdf41c6ded0cf4c109e2c61a9db8c63241ac5fe129933288957de51a1c65545b9b41efbdd44acc5a4455d4ad93c4d6169124e8604eeeda1f721255759e8653228f5007f2b5658e9ebdd609447a795b0c1a701c85ecd3f70f0081cffaa2f64ac8b52b5a7c565896ab7a14ec0cd23a44be2afea82076f8901f58be9745b7c46d745725b371361942edb62277474974344af6df8dce13fc330d3bc09f608fda544ba6d37827291bc2d7418d1cbfdef3a0a1c28492245406ac00dffb95a30638fea869c897f798719b67fbbd875610eef66268042c999a99d1172f071f382988c4783a249c2742b218f372c638f3fa12e75954f5d0b89bd63dbece3fc7109eb40a86abe3861f7b88d16a3a8a64e3a995c217450eed2269eb5922c333a8ba30fe639a7898f6d2153d35d77611b67f8095f237", 0x1000}], 0x3, &(0x7f0000001240)=ANY=[@ANYBLOB="a800000000000000130100000010000079b00e25688aa7abda13a35049104a8b3a7a6949bf70c7ff93c749710c815add2fd6fdffc986b211f967219f205bf61d0e380f8126fd13ac86b92187bb6ed6f2acd51e86b6e42c482e43905e3f6671afecb32ca7ec9082efff83322ee5b306606d7de8dedb2d615a9b68a2001000231700000052a0e7c9aba57259523a158a1814590183df9f6cc588a2e37c2d7cf9291ae6028a59e3ce59480000000000000011000000020000009c124c81f17aab4efc50e66bf3c671eb957c8f050655bb03bd0ee8f231c770a0a68e13dea2a19effa0ea1748bd51aeee8239000088000000000000000f0100000001000099d59ded767840aed343b6aeb6f63759cb6c207781b81b83d0135d69db407093f34ed79eaf18bbf967ddb49e822acd4e4abf6351657b103750572666892f97d637cb658809758d630fc4478d1edb36df295db93ba7764c3cbc85b051b95027cc5571c96ef0db8dcf1b8045ed84d1bd7fd4a5bf4cbb40980568000000000000003a000000040000001f20acd58d76a95f0e127ade9a6ecaae25715b1d389de0c041b94455edcfa9f87e7525b95e662475594842120221fad72f8b1d473a2834f1e96d813f9973c07326bc0f6d3848c5aa51ebad6ac46a2648b400000000000000780000000000000012010000ffff0000bda6abc7de9749207cecdc93d38af433cae26f08970c0e7345a8d6fe4853dfe0b5e91f89ea34ccbd514933e50381a8e9d71233a6b41c7e9879d85c072fe8db925f9b7d8414e948f00f7ee3fbb7bdd011282ec98c956defdf45ac904f7f401d98ecc9d20000000000d0000000000000008400000033470000402324884c3c1d47262a70834631803df5669291b2b82dccbc5278e7e384eb9194f1090e9b3510aa4a2418bf9d93f6260a7c50995f5e91e1164751f40ea8867a8f2350b2e8f54799f7043d3ee978de63f57cc01ed87dbc58f8d7de4ff153d714ccbca4052f46411ad4fb67061d6198b90627205eceada5798ea6a1d621aee685044362253f429b1efbcc0abf6996489f9888a3506857a9b854d051ead2c09703a570566c50f09c5b9277f5a72d8b78126a4e34903af08ba1c2000000000000003000000000000000c700000003000000bb355903ad520219ce7fe5cb22791a7d582264a2d33f18a756d901b0aaeb00add20000000000000029000000010000000f917ecb3706ff8306b75fdb4c0ca004862924e382fdbefaeb10b58fdd109b008debf18b4abbddd83d109c7415dd144ace3cfee01abb53285318dfe06b90b827572e7788ffc29ae96be140e56dcdb5157096e2393daeda23a57ebd45f4ac5a277559565d3e925b191f5707c1afb8679525ba79de00000000d8000000000000000c0000004d00000074dc9f66b3a23f483ae013dccd43d723640ffbcdb8457d0ade849d0305124ebdf9ff6da0f489090000003fc08f41fc24e57c26af56c1d0ebbf37ba2fad7371c307ddd87518bf92ac0f8158c8c92aacbf748841e37d0e9dbfd797dafe88e17e0d0362bdf076ae40a60a8fbe7e3bfece2c806a89382443b6948435608b2e41eb8c5e03aee8553955c97f59de63bba07e6436406dc2d77357c8867f66e3c322e835922d1a9906c34d9379a4b96a9cab1af82ac75c1eddbbe1dbd179243a7c47a86d01fda8072300000088000000000000002f010000040000003f5fbfe16a7cf89745bded6484209812ea284c6e53416a20c2f276cb57900c1b8cabb51e8ea5c6cbf1676081b4d8867ecd01eaeaaf5fd33a3148caea913c48899a565c6728d64c054266b049bb48c8fd7b67fb8f0edbd17d2af8ed6057e67be917d45cfea12915c268ca2bbd37f1dd9852e800"/1344], 0x540}, 0x1)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
write$P9_RREADLINK(r1, &(0x7f00000017c0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10)

23:25:14 executing program 5:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x810000, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='trusted.overlay.nlink\x00', &(0x7f0000000200)={'U+', 0x400}, 0x28, 0x2)
r3 = getpid()
sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100004}, 0xc, &(0x7f0000000100)={&(0x7f0000000800)={0x4a4, 0x20, 0x100, 0x70bd2b, 0x25dfdbfe, {0x1d}, [@generic="07836055407760e0", @typed={0x8, 0x1a, @fd=r0}, @typed={0xc, 0x24, @u64=0x8}, @typed={0x8, 0x47, @str='+\x00'}, @generic="7fafbfbed3ae617597bc69b46c9f2460f5db1d81ce7e2c1b75d7a506e9e5cbe20dfab18fc7216f2a285d7bb6fce6ee653c8de0320cdad2cbac2e36952ff610cb849df0bf7cfe77432544055d754ff20bf7232223fccde49a3b19f49b0b6af6609e0b2896d46593e3a12c34b179e6e846a097c3402d20069278a05ab5fa7ab0beaf07d2009d62505c2e604dcd6ed7ea7fe049cd6002a69665675dcf43fc21172083361ee6e6998982d1c5a2f25eaa", @typed={0x4, 0x54}, @nested={0x230, 0x1, [@generic="7864816ab1ad5ebcd2df429476a82789fe1ca43f43f3a8390adf2ad493347edc7112e310072c692409e03704b2a972ce160936f91ad05a1b649aa5c7e06c48818acfbc0cb5011a87aa4801258203032c27381ac6f103eb95a9c04f8557a9e1be36cee06ad21647a600c4f8a75ccff201646b", @generic="19567db74378beb3d96be426b6eff1fa2027bb0d3bda4a2bbdef6451274f536d0e8634c7c032d10c5646b92a764ba582bcd088dac125320719e03ed769ad9c8f76fed4d2b71bb3a449a6ffcebbdfa314c0fec22b2eb06b58ad552f945adc4abfaebbcd3ffe3696dd535b2aa5b93b62ae15e6719107517a60c074a0871adf87549e4d460d37a25bd98bdf0ead856525589dd585", @typed={0x8, 0x75, @pid=r3}, @generic="3c85d6bf19ad18db08c7f1208408d76f7df8c658a52f5e62707cec0545ffbf4319388980e98ee2dde8d0de63e912ce59df68db331b554769927d280d99c5ddf87d7a032809699da63f76d8ab71c24cf3cb9628b74b6f3959d341793b2eb5737a3ee48fadf8fa58287797814252a5435503afa6a507f30f3c79bbc5ff166c56946c041a563460f8637f1688244732332fb1d27e44f80d62eda875dca8f5aa0c1f69e55cda13332a62a4cc965c", @typed={0x10, 0x4, @str='$-.vmnet1\x00'}, @generic="71ca0fafa0b5dd1cb5cdb7e967b149b47828c3c302b34d5a856ac2ceeb1ade7465454e3e9d045e", @generic="cf0e7a4e57a595d1ebbb6291b417530b27f6ac245e99959c00601c2633ba524d7e2e69840ffcffdf17deee6bbbe7bd11e5a98d815a0c4fb843f6"]}, @nested={0x164, 0x73, [@typed={0xd8, 0x82, @binary="5d31bfbb7cc46fb468447511fcb3e93bbd9ea793216d9f8026ef52bc5eff6af4c3e64cef20a817e99729b7e1b5a1989c51d983cb3a52f9f5f4774e9870c1d36dd68df2df51c14d24aaf0022701b87ee8de96336d2f4199a75ea742d6fd001718025435dbbca7233249bf268466a2e69f26c1aba7f1e11023a7f2238a2baec92cfc95ba8d43ded10e7fbfcb5e37a703fe4c353714d34e9828ce3a2a3d1ceb4267c294d088550d2ffe34d1929527b2485a172f608a9fb00b2fc4bbe7dc508c10fadfa69afbc7a421292effa4698780a34022"}, @typed={0x8, 0x73, @ipv4=@loopback}, @generic="5a5d4576eeceed9e678403fea450ba84b843d22591365c1dff738c8a63c22d550d3be78ec7516d290ab6801bd0d8dc5be4fdb82964c4c28a7da7cbb65d50f1fbe1bff7da24266a6216e6cf74fef5f060a5555d82c2c3cc105bf9fff494f9139f246f53cf81583796eec4da3cd79cca4af64bdf5f106ed60b2fffbee06f44279c"]}, @generic="7d533a1bb85b2eb744dce307416340df1347c6d7764c08a5a4e6fba058df6b120c4c23"]}, 0x4a4}, 0x1, 0x0, 0x0, 0x641a9347f2f416c4}, 0x4000000)
getrlimit(0x1, &(0x7f0000000040))
ioctl$TCGETS(r0, 0x5401, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:14 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
setsockopt$inet6_dccp_buf(r0, 0x21, 0xf, &(0x7f0000000000)="6a99da0aa32184198c2315ab5a7477680f5eeff7e2d2d796ceb9048ff6931f1951c84911bbddc97fc6ee16f438ca00dff5db270fdbdbaa0822dd599faeea33e9e0c334f8ff11", 0x46)

23:25:14 executing program 2 (fault-call:0 fault-nth:54):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:14 executing program 3:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f0000000000)='\x00', 0x1)

23:25:14 executing program 5:
clone(0x100000, 0x0, 0x0, 0x0, 0x0)

23:25:14 executing program 1:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$EVIOCGBITSW(r0, 0x80404525, &(0x7f0000000100)=""/106)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000180)={'security\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
clone(0x82080100, 0x0, 0x0, 0x0, 0x0)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r2, 0x40a85321, &(0x7f0000000040)={{0x40, 0x1}, 'port1\x00', 0x72, 0x131c5c, 0x5, 0x5, 0x5, 0x3, 0x9, 0x0, 0x4, 0x9})

[  527.757989] FAULT_INJECTION: forcing a failure.
[  527.757989] name failslab, interval 1, probability 0, space 0, times 0
[  527.819549] CPU: 0 PID: 27985 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  527.827483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  527.836873] Call Trace:
[  527.839476]  dump_stack+0x142/0x197
[  527.843120]  should_fail.cold+0x10f/0x159
[  527.847284]  should_failslab+0xdb/0x130
[  527.851263]  kmem_cache_alloc+0x2d7/0x780
[  527.855416]  ? __lockdep_init_map+0x10c/0x570
[  527.859923]  alloc_vfsmnt+0x28/0x7d0
[  527.863651]  vfs_kern_mount.part.0+0x2a/0x3d0
[  527.868156]  kern_mount_data+0x56/0xc0
[  527.872051]  mq_init_ns+0x167/0x220
[  527.875715]  copy_ipcs+0x35e/0x400
[  527.879286]  create_new_namespaces+0x1dd/0x720
[  527.883869]  ? ns_capable_common+0x12c/0x160
[  527.888278]  copy_namespaces+0x284/0x310
[  527.892341]  copy_process.part.0+0x2603/0x6a70
[  527.896930]  ? proc_fail_nth_write+0x7d/0x180
[  527.901453]  ? proc_cwd_link+0x1b0/0x1b0
[  527.905525]  ? __cleanup_sighand+0x50/0x50
[  527.909771]  ? lock_downgrade+0x740/0x740
[  527.913930]  _do_fork+0x19e/0xce0
[  527.917414]  ? fork_idle+0x280/0x280
[  527.921134]  ? fput+0xd4/0x150
[  527.924333]  ? SyS_write+0x15e/0x230
[  527.928054]  SyS_clone+0x37/0x50
[  527.931419]  ? sys_vfork+0x30/0x30
[  527.934967]  do_syscall_64+0x1e8/0x640
[  527.938872]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  527.950865]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  527.956074] RIP: 0033:0x45a6f9
[  527.960140] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:25:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x8000)
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000100)={0xa2, &(0x7f0000000040)="ed5fd659603cabefbccd43ac7186c94277676795f83c906551d5bc84d96a152afa6e8b3c7a0badc895ac9b423530d9ee6cd3d697b5d0cbae57fbdd2288d6ca5258c6de16ad53b4c03ce3fd9831802c9ab1424ad4156af73e2a4fe03a69e562d9aa949ddcb4b96cf1fae6e7f8b4bbdf9eb21689a7b9bde6498446e467fbdb7a83167198024ee4738978a8004085e5885f863d5910c2469084a0c9d766da81d19b3126"})
r1 = socket(0x2000000000000021, 0x2, 0x1000000000000a)
sendmmsg(r1, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000005001e00000000000000004300000000000000"], 0x18}}], 0x1, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
recvmsg$can_bcm(r1, &(0x7f0000000300)={&(0x7f0000000140)=@x25={0x9, @remote}, 0x80, &(0x7f0000003680)=[{&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/233, 0xe9}, {&(0x7f0000001480)=""/217, 0xd9}, {&(0x7f0000001580)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/45, 0x2d}, {&(0x7f0000000200)=""/6, 0x6}, {&(0x7f0000000280)=""/104, 0x68}, {&(0x7f0000002580)=""/251, 0xfb}, {&(0x7f0000002680)=""/4096, 0x1000}], 0x9}, 0x140)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r1)

[  527.967862] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  527.975144] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  527.982425] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  527.989700] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  527.997001] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:14 executing program 2 (fault-call:0 fault-nth:55):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:14 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = dup2(r0, 0xffffffffffffffff)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
write$binfmt_elf64(r3, &(0x7f0000000200)={{0x7f, 0x45, 0x4c, 0x46, 0x85, 0x40, 0x0, 0x5, 0xd8, 0x3, 0x1bcecb0a25e12866, 0x3, 0x1c8, 0x40, 0x100000001, 0x66dd, 0x3000, 0x38, 0x1, 0x4, 0x401, 0x7}, [{0x6, 0xffffffe1, 0x5, 0x2, 0x2, 0x7, 0xa0, 0x1}, {0x6474e551, 0x6, 0x5, 0x2, 0x7fff, 0x9, 0x69, 0x3}], "572fe633f667f0170112d1c56ce8110cff5ca7fee61be7da3c3b47efa876de722e23dfd636bb3d8f6f99f98255fcdd4bc54e088b9b1c6d45da560b8233addb0b7a17fd3ac645f8a808854c84e8b0089becbfcb7202cb7b15befe3e25856072399d837d9c1daadca75741cd734091c0ba5bc4fa4c049f80b2eaf32f53d29741bdc1f8f4bdf601aba3b8bbbd431c19f08c1e55ed6a82ccd72fe7385f21d5c8ef7fe095e1a1ee0455c1e8d3694b568fdca5bdd699f30153bb49752119171ca8a5571bac3bf6770b9355192bdf7d572fed96ad87bba42d79154ccea897f8f4b26e5ca6f25c72356ba4601ee6aaa2ab5a8f1c8ce9391f286fb9d65411e40df7079a380b65035bf6e995e4c75f35970e79c6db8378aa1b37638bf96dd9b988bbbcb48f4b57236c2a48d3dc1727a45c222f84067878d7a00b26cee0ec1a356b2492bff0a6cf3db5781e09539e2f9ad168599866de46e4b2e632333e8ccc4de75702e019855365b19243453a6b529e617a23d123996e7dc8879ab8f9388b5bb151dfeaf0af028ea00ef51227c19e34f54a4d66d7c41781a2140b2ad2941f5c5bd34678e245d43b5f5c27427be20652aa52c3ba115c738563c3daf5300de13248f250f0df7fbdb8904066196f383b8398a7e99d857bed3bf89df8d70c6cf435f288aea44ce4bc1d14f3e89a9577fb2cda2d7ee4f5d7e6599815cbd07e861be2ecc53cf6d661bc40415fcd4a100f05b106cfc4d4d7d6f4bbb963e0569e6cc02784f2fe5e1944182c061d49428c9ef7aeef3ebe54e1711426ada4836d8b200ddaee60d5fec8372198ef916ab53bafd2ec3da9846a3e087c6d1fa8e70671818c3b8a746005f095c579da1ad74a35515d92bacf690fe0752c524ccc791e8276b34147d7589600477844b383c4292792320db0ae2f2aaf3eb78e29bd7c3aed7dcd2168a22559e0efc25248e70db33257e0a4450cdce165a110463e2bd73d007a202cd70bc5fd5795da0fa30e9f814d71db5472d9b20a4ba37909bc30c1180462678e552fe8a75e7e70aa32fa499c8fc72a37520c783ac2a1d127a0e1ca1881ced71c02a21dfdc48ab988479d6b8db952f066387ca2e1b3acfab042951b16bf31281ccdae751bef8311ea33c5f63570ca4c3e7eb4df950ca000bd597f3296103536efa3a2ac1afad3ce875b1848e48b72cab08549f0f18bb27140c15e4b40094c94e0e34444bd76a30cd863083dcbced0b6244a043a3c896840e0b03da5d0b70e0be64e7683f85b3799987c95a05635a91a0f63775b5e0e781e1850da52a41641c89d31436d1fd07e7c6c0647c7cfd91c189e8ac23b8c3727d374397a1b4b3ffea5c8fb48ecf567b906c2d9827111a9531982a6fadde896c612a2963dc698bad8cc8ca652c4a2b94e311a18b242e9daa2975dd9a396c06c76ff12be3d241b30af24860b98845a7f97dd3183c82346fa8820826fc65d2e5a370f1c4b22929b9a9a843959896c816171658af1a8ae8a4ffab4c1c4b74cfb97dcbf0a882c9c02a264ff3ec62c582b79c8be14b0421ac80d0b61101d2186a1f2e12c679d27e8c76ba654b776c240c65348f3b2a08ea85b500ffe9ab0a8181b936a5fc63b435fdc388ef73a1648625380a19546fdfa7f326fafbdfa240cca656a705e463d00022b76438309703976249630110daabb8f8d54e92d0547b6aeab284dec9b14ee4e38516657a313eac72c21fda0ad8f10c5519c9c915f976457cd6b930b538f52a0f3885c94605aff90dd2f0f0ac6265a67ed2bece67d3bd57c73e170dc5bd795ec2f66a7c40000fffd77af2ec948facbf0567311546a92e77aeafc90de1b5c5a0524c01bb5f88d34c3b5c43546b32aeaa3df0d76eff7130b93b825db7b22bbb2c1b3edb7890af1ac5eab790787f104d1c82ccacc9c514a3f671bcc4bef5ef67a5a9b96e52863b33a1f4b2bac69740408b5a21a5b0d8c3318a4f4734df93548bca5688d792bcc4925c3089ea555928b3278cfa684cd75eff5de6ef4805eeec530909067a59f609dd127c53838f7ba5e85e48d9d41f30953602b01d70771d26cf5fb99dae8ca114a8b73244f352650a452b91c08078aa1a84e26509562dd51ea35e17d60a783dfd61b5db305042c88e82fa8d59ca26bf8d7b55d9f564d285ba179ff7d2ef48917c0a8f54df25ddce3a39e65c64c7f464ec23b8b359e82a302c31616305518d950b27fdce1a30353b79dcd6cae77da9d5bf26b1c5a7bd6d8ddf1f0835db8da029549d7ae4d0657f594d4fd9c9b55841463ae876dca227919452f28ecf8dbef52a7eacf9ae7b3a97c72261ac15524b667972a11697a823bc9b59697a4503d9e956615a09a0565d8d8eaddf646f463423aef8395205be55eb0ddbe28351b34a6c393a248205737b2950e31dff89d9cc9b6bc8224731aa7659f94e2474d4f34f1f96acc93267e49caba126015514ca8d9827ab963a6078faefb6194032ef2abff42a0ea0aa2a6f22aa8db4c6a67502c1da2a8eca080c823644a6989ea5a1f1820abdb314ddaf3d0675bd316300753665cfad0ce6e541e9bdff8f1d1f2d6b62ca4235a388a68ad323f3032128867b3cde67871b40a4c4875af56e20a3dc0f40a0c3af75b83484c6a869dfe3758deaf4a9e573e6bc54b90bee3b3cd29c12d03431a841462abff1cf9ebc11411207f600a3059e48e65ba967792c4d8cd2b3f8271d9aff5ccedc62dafc9eff3a03a77b1c62c95a872a958c0e0e1fb939d9fa934abed4c2b9ce2419a636c4fb4ae8654ffe7d0f80ed30a63eca226118c898c7b8e83c42d6af7a1709ec610d9a49d98e967ab417e2c83708799cb42ff02ce067edec5d4a5cba07d6b45ade44187940dd3d57778753295c879962650196e0bdcfbcff6cb7d40791465b8001a1ea9ef6d78f8610c2afe3b5c4eb1fb4239c8c912cae23c316e445b4193a453c12f9c438b0fdebeb645cba85edbfd0f0f911b67f405c75a50c64e8c12bd524ca2373e11b2125d97760411adb8239e9993e13e7837d60da4d3b618e761133ded9bc6566b8f8779828a684750eee09d9f9ced842a2850d578e3800b646b465d99ca4a61a63adab75c0f35a260e948410488a6e0e424982f8bc9c2de7f21f65f17d675cf91393bffb8c050fbb309ad63137db27edd9b7f30ef3978e3de6df117961f9937a64ae19f45ea5c577b601cf2da90c6703b41e8270640a893cc1e76ec71a42dddf915fae12100c42961c1d951a35dc2ffafc928077c3b0c187ab620b049bc5f4a4d047a9798ac870064ec2f0d1da0af01f03dbdacea5a76f69262da987bb6549add1a5e73bbbfab27a7024922524f23c3a0717ebade015730d64a05cd27b7ebdd85cf4432e4fcf8b3ee0ddae0b6970cc0296cd22a7e4252365f88acf305f566f86f7f8b3d699ea484873b80ae1ce68c98484246b41da6e4a1d1b99b12ddcfce000d91db1dbcf0553515b0b3bc0cefad549f672fe4c396069025a835b2c7a186de38c3d3e2cee3072ea4cab1b542cba39f90bf3c7f193dd5b3a6b326a64ed591c49e5dfb8960481e0748980469a95af86763e6cc5378f4df2844428eccbcc98366abb3f2af549be91b3d25de57ce6c37cb7da349a6cf6d2c600ba25b3cbef312718604c90fd87549df22dea2c3d75a48e8d7c992fd5cc5177ea2d48bf61df7444c99daa569ee6886fa6719fba6db7bb823a05bf92448608a4ca51347f60793d7b7d07447f5335333ecf94fe12c1e4026f7b9819e3afd623c71c854c6dbfbd541fc2ea1643337a8418e92ad3aa8353fbd2f0a3961c76ed8e200c61be0d4704c83cf235721046b63728dffacb6ab226eea36f41259356d823ee247d203005f442ebe07b1c4c65bc7a8b4484947cf45a9dfff150fd078b684fcee90b8089e5009210f2e1839bf09828426a28651c5423c59bbecef32746de05382738ff59d34f3bc9ea13e9d2862ad963f118c84925462a9688a43e27d781679693c3484f62e433cc905b8a302661f69e06ab8066fb97071ef0c0535b8495058274d13f538e27192ef32b868d8e7b91c93dfbec76586e468808e8201abaa97fc5318de066d4a0959b2389b3d1a240c89ec0d7e64eb53c9938780f97bc4313f6bada319002ae87d8b74fb341836e78562a15ef761e47cabd73239ec4e4f8dad9fd3f06d46b55e8ada9b4a69ad1d861a008a020f3d3323930f2441a112ff06c29448d7057add630d4c700539443d3266362def22b3b9986b05572ad9dc4209adfd073df53d4dc4aca14f7ea04c3a165a09832a10662585dda16a5174cc5766ee2355df3d992e95113d664dc80cee64c3166933264c028de1475b05d12360bf693dbce8473f4c34db41e22b5e26b16180451e34ede9c7c1d1e2cd884137bd3f3cd30f93905e55444a35104d088f96006857a1bf517c9f93dad8f6d5ff0be1cdc7e261d56d8a842f0a4a13338031554693b23978f635d4da82d4d65582410c88516d958f69ba22de653a198b490853397a1f8e8c45dcd7843165623d8e3175fcff040476eaee7fdcc0f8710cdf563cb714a707edeb14213117ad7bf7448df57d1166a59d4a0544c6fb4ae098899745533aaf8d98b831981e890506f1a47442a06fd8ff82b6feae8fd96734f98f0d13eb4b3b90b5779d738d82dcac89e067ba12f95bcf9f0ae5d67109adc5c2737937bbd87c230295e9bb9d7f483179a6fe7a71a3a55d3c3627ab46bc9f4f0dca977e28671d8606301685f514da56f1fcd6dc365d6ed6d63d8c3ad1e3e111e6c201413fc3627596e456a1919e0622007f7cfd7654eaca30b5eeb09350787a3472276d8f6407f4ee5affdfe7d873d45716feaa6cc0fdee6dfded6417164cd98ff884a82cf131d84d95d874934f55471fc10152a492a26ca1817ebe491720981ba667192e1892e3c33e507463444186f30e8a00d3b467bfe5f3595f2a8bc9e616355eb20207fd74240235580e5a82cbd9144dc885bfe852a799e31915aafd003a0ada5cc7031036f7e49a7a59660ba12047de9bc18a1e2cfefb2dfcfd671d271536fdeed512835ddedc3d086a812dee67d57380fa4f2153287c734cc9e9f04d6bbee430e0a8d19580eff0bf164b13ca28e90da12b266e5a7c437eda31976359f73d36ec373fe199e73d621217734e3386b2196730631941b32f12ebb2cf0553ea0c6ee1c08dbd1ef17db77c92dbac7e4b57d3e7d7cd21f03b2da634ba28bb9e327ec85f2ab2df31db57c4ae35fae4d41bc6b5c4e40001c469aceb1dbec860a250af5702bafc3362bd1e211299210df697278734e1117a68514dc27f7eae5875072564d19485ede0b61bc833e1ff611e685841e7036f9d8ddede2413bd49740e14e2688643a44d74988370684b7b0d3a8f6c7fd75bcb078720e564763b51d71880778396b069910c17121d5e13abe2156ba22c7bff3cb821a8e3210404b461c578ff1ac7baa9ddba0c5a1592d5ceefe2f1df01859fb8a7534b7e9e80997e7f0c5a36fdf8ec67b624d11ab70b5d0d43ec395ef849e6920e80a3cc14d31bc43810a6ffead440ac871cd79cebb06bfb017efae886df8565ebf9551928fd38312ab949e3d5fb4ef454272051b29b48947eac9b095bfebc9989b56e68919592160bca961c08f588477597a8bf4e7cbbc5eb6122ccadce56a5c76417accfb462129c4169bf951798e80568c2502ca958f182b08b05d0d19291745bdda37fe04a2ed8f017ed006ed83447eb22b752b863139094cf16340c19e510eff61642ba7f6b1328e1f685aeefedafcbc5705ac7bb7cd8cb260a77574a172977ff717148e9", [[], [], []]}, 0x13b0)
ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000000))
write$P9_RREMOVE(r0, &(0x7f0000000040)={0x5, 0x7b, 0x3}, 0x7)

23:25:14 executing program 5:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(0xffffffffffffffff, 0x80045700, &(0x7f0000000040))
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000000)={0x2, "2ddf"}, 0x3)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0)

[  528.210318] FAULT_INJECTION: forcing a failure.
[  528.210318] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  528.210331] CPU: 1 PID: 28017 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  528.210343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  528.239387] Call Trace:
[  528.241990]  dump_stack+0x142/0x197
[  528.245632]  should_fail.cold+0x10f/0x159
[  528.249789]  ? __might_sleep+0x93/0xb0
[  528.253685]  __alloc_pages_nodemask+0x1d6/0x7a0
[  528.258350]  ? __alloc_pages_slowpath+0x2930/0x2930
[  528.258435]  alloc_pages_current+0xec/0x1e0
[  528.258446]  __get_free_pages+0xf/0x40
[  528.271649]  get_zeroed_page+0x11/0x20
[  528.275547]  mount_fs+0x1cc/0x2a1
[  528.278996]  vfs_kern_mount.part.0+0x5e/0x3d0
[  528.283484]  kern_mount_data+0x56/0xc0
[  528.287361]  mq_init_ns+0x167/0x220
[  528.290975]  copy_ipcs+0x35e/0x400
[  528.294504]  create_new_namespaces+0x1dd/0x720
[  528.299089]  ? ns_capable_common+0x12c/0x160
[  528.303484]  copy_namespaces+0x284/0x310
[  528.307529]  copy_process.part.0+0x2603/0x6a70
[  528.312100]  ? proc_fail_nth_write+0x7d/0x180
[  528.316579]  ? proc_cwd_link+0x1b0/0x1b0
[  528.320633]  ? __cleanup_sighand+0x50/0x50
[  528.324854]  ? lock_downgrade+0x740/0x740
[  528.328988]  _do_fork+0x19e/0xce0
[  528.332438]  ? fork_idle+0x280/0x280
[  528.336147]  ? fput+0xd4/0x150
[  528.339325]  ? SyS_write+0x15e/0x230
[  528.343028]  SyS_clone+0x37/0x50
[  528.346381]  ? sys_vfork+0x30/0x30
[  528.349918]  do_syscall_64+0x1e8/0x640
[  528.354329]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  528.359175]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  528.364363] RIP: 0033:0x45a6f9
[  528.367536] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  528.375347] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  528.382609] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  528.389886] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  528.397151] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  528.404408] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:15 executing program 5:
keyctl$set_reqkey_keyring(0xe, 0x7)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
fcntl$dupfd(r1, 0x406, r0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=<r2=>0x0)
prlimit64(r2, 0xd09484f2b86e8305, &(0x7f0000000000)={0x1, 0x101}, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
write$P9_RCREATE(r3, &(0x7f00000000c0)={0x18, 0x73, 0x1, {{0x46, 0x1, 0x7}, 0x40}}, 0x18)

23:25:15 executing program 2 (fault-call:0 fault-nth:56):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:15 executing program 1:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x26380, 0x10)
fchdir(r0)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot\x00', 0x1, 0x0)
renameat(r0, &(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000080)='./file0\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:15 executing program 3:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000040)=0x14, 0x800)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000140)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e21, 0x20, 0x4e23, 0x0, 0x2, 0x20, 0x20, 0x5c, r1, r2}, {0x7fffffff, 0xed9, 0x5, 0x6, 0x7fff, 0x1, 0x7, 0x8000}, {0x67, 0x7, 0xc, 0x2}, 0x1, 0x6e6bb8, 0x3, 0x1, 0x1, 0x66a0aefc0f25ca00}, {{@in=@remote, 0x4d6, 0x3c}, 0xcbad2b329d9180b, @in6=@remote, 0x3500, 0x0, 0x1, 0x7f, 0x4, 0x9, 0x9}}, 0xe8)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:15 executing program 5:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
getsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000000)={0x2, 0x9, 0x0, 0x6, 0x4, 0xffffffff, 0x0, 0x8f})

23:25:15 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0)

[  528.655331] FAULT_INJECTION: forcing a failure.
[  528.655331] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  528.703857] CPU: 0 PID: 28039 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  528.711806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  528.721174] Call Trace:
[  528.721191]  dump_stack+0x142/0x197
[  528.721210]  should_fail.cold+0x10f/0x159
[  528.721221]  ? __might_sleep+0x93/0xb0
[  528.721234]  __alloc_pages_nodemask+0x1d6/0x7a0
[  528.721249]  ? check_preemption_disabled+0x3c/0x250
[  528.735476]  ? __alloc_pages_slowpath+0x2930/0x2930
[  528.735488]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  528.735499]  ? __alloc_pages_nodemask+0x639/0x7a0
[  528.760550]  alloc_pages_current+0xec/0x1e0
[  528.764884]  __get_free_pages+0xf/0x40
[  528.768776]  get_zeroed_page+0x11/0x20
[  528.772673]  selinux_sb_copy_data+0x2a/0x390
[  528.777093]  security_sb_copy_data+0x75/0xb0
[  528.781514]  mount_fs+0x1ec/0x2a1
[  528.784977]  vfs_kern_mount.part.0+0x5e/0x3d0
[  528.789481]  kern_mount_data+0x56/0xc0
[  528.793370]  mq_init_ns+0x167/0x220
[  528.797020]  copy_ipcs+0x35e/0x400
[  528.800566]  create_new_namespaces+0x1dd/0x720
[  528.805149]  ? ns_capable_common+0x12c/0x160
[  528.805162]  copy_namespaces+0x284/0x310
[  528.805175]  copy_process.part.0+0x2603/0x6a70
[  528.813622]  ? proc_fail_nth_write+0x7d/0x180
[  528.813630]  ? proc_cwd_link+0x1b0/0x1b0
[  528.813648]  ? __cleanup_sighand+0x50/0x50
[  528.813660]  ? lock_downgrade+0x740/0x740
[  528.835140]  _do_fork+0x19e/0xce0
[  528.838600]  ? fork_idle+0x280/0x280
[  528.842316]  ? fput+0xd4/0x150
[  528.845508]  ? SyS_write+0x15e/0x230
[  528.849228]  SyS_clone+0x37/0x50
23:25:15 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x6, 0x0, 0x0, 0x5}, 0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/route\x00')
write$P9_RWRITE(r1, &(0x7f0000000040)={0xb, 0x77, 0x1, 0x7ff}, 0xb)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x1ff)

[  528.852602]  ? sys_vfork+0x30/0x30
[  528.856157]  do_syscall_64+0x1e8/0x640
[  528.860150]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  528.860168]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  528.860175] RIP: 0033:0x45a6f9
[  528.860183] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246
[  528.870206]  ORIG_RAX: 0000000000000038
[  528.870212] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  528.870217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  528.870222] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:25:15 executing program 5:
clone(0x4400200, 0x0, 0x0, 0x0, 0x0)

[  528.870228] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  528.870233] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:15 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f0000000000)=0x400, 0x4)

23:25:15 executing program 3:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
recvfrom$inet6(r0, &(0x7f0000000000)=""/4096, 0x1000, 0x2, &(0x7f0000001000)={0xa, 0x4e22, 0xfffffffd, @remote, 0x2}, 0x1c)

23:25:15 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, 0x0)

23:25:15 executing program 2 (fault-call:0 fault-nth:57):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:15 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000040)={0xa2, {0x7, 0x101, 0x4, 0x6, 0x4, 0x64a}})
sched_getattr(r0, &(0x7f0000000000)={0x30}, 0x30, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r2, 0xf0c550e8195b5257, 0x70bd2d, 0x25dfdbfb, {{}, 0x0, 0xb, 0x0, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0xd865a2135750e40a}, 0x0)

23:25:15 executing program 5:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e1e, @local}, 'erspan0\x00'})
ioctl$FBIOGET_VSCREENINFO(r1, 0x4600, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  529.133543] FAULT_INJECTION: forcing a failure.
[  529.133543] name failslab, interval 1, probability 0, space 0, times 0
23:25:15 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0xa337634f50f3addd)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x5)
ioctl$VIDIOC_DECODER_CMD(0xffffffffffffffff, 0xc0485660, &(0x7f0000000040)={0x5, 0x1, @raw_data=[0x400, 0x0, 0x6, 0x9, 0xc1, 0x3d, 0xffffffff, 0x4, 0x425, 0x20, 0x2, 0x3f, 0x4, 0x0, 0x0, 0x45d9]})
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
ioctl$SOUND_MIXER_READ_DEVMASK(r2, 0x80044dfe, &(0x7f0000000180))
fchdir(r1)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r1, 0x81785501, &(0x7f0000000140)=""/6)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000280)={0x8000, 0x7fff, 0x2d00, 0x4, 0x1a, 0x9, 0x66, 0x2, 0x3, 0x9})
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r4, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
setsockopt$inet_opts(r4, 0x0, 0xb, &(0x7f0000000200)="32c5d988d6fee9128666706c606e48f6a0b217b48ef4ceb20ec0e1913f6f40463aa0997d7851c27def87d1f84fc84c713f0dbae5916292396bbfbd18cea896baab4c6daf6747d47412b1dde4f2e2b4a9f1a2d124ac5b5d28d792a6", 0x5b)
init_module(&(0x7f0000000000)='\x00', 0x1, &(0x7f0000000100)='wlan0-{eth1wlan0security\x00')

[  529.187049] CPU: 0 PID: 28084 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  529.194982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  529.194987] Call Trace:
[  529.195003]  dump_stack+0x142/0x197
[  529.195022]  should_fail.cold+0x10f/0x159
[  529.195038]  should_failslab+0xdb/0x130
[  529.195049]  kmem_cache_alloc_trace+0x2e9/0x790
[  529.195060]  ? lock_downgrade+0x740/0x740
[  529.195070]  ? do_raw_spin_unlock+0x16b/0x260
[  529.195082]  sget_userns+0xfe/0xc30
[  529.195091]  ? set_anon_super+0x20/0x20
[  529.195100]  ? __free_pages+0x54/0x90
[  529.195111]  ? get_empty_filp.cold+0x3b/0x3b
[  529.195122]  mount_ns+0x6d/0x190
[  529.195133]  ? mqueue_get_inode+0xaf0/0xaf0
[  529.195145]  mqueue_mount+0xc0/0xf0
[  529.195156]  mount_fs+0x97/0x2a1
[  529.195169]  vfs_kern_mount.part.0+0x5e/0x3d0
[  529.195180]  kern_mount_data+0x56/0xc0
[  529.195189]  mq_init_ns+0x167/0x220
[  529.195201]  copy_ipcs+0x35e/0x400
[  529.210793]  create_new_namespaces+0x1dd/0x720
[  529.210804]  ? ns_capable_common+0x12c/0x160
23:25:16 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x4000, 0x0)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
splice(r2, &(0x7f00000002c0)=0x2, r5, &(0x7f0000000300)=0x3d9b4000000, 0x1ff, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000180)={<r6=>0x0, 0x2c, &(0x7f0000000140)=[@in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e20, 0x3f, @empty, 0xffff}]}, &(0x7f00000001c0)=0x10)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000240)={r6, 0x76d}, &(0x7f0000000280)=0x8)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x1, 0x4000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_PPC_GET_SMMU_INFO(r8, 0x8250aea6, &(0x7f0000000000)=""/172)

[  529.210816]  copy_namespaces+0x284/0x310
[  529.210828]  copy_process.part.0+0x2603/0x6a70
[  529.210844]  ? proc_fail_nth_write+0x7d/0x180
[  529.300269]  ? proc_cwd_link+0x1b0/0x1b0
[  529.304349]  ? __cleanup_sighand+0x50/0x50
[  529.308609]  ? lock_downgrade+0x740/0x740
[  529.312894]  _do_fork+0x19e/0xce0
[  529.316360]  ? fork_idle+0x280/0x280
[  529.320081]  ? fput+0xd4/0x150
[  529.323292]  ? SyS_write+0x15e/0x230
[  529.327010]  SyS_clone+0x37/0x50
[  529.330368]  ? sys_vfork+0x30/0x30
[  529.330383]  do_syscall_64+0x1e8/0x640
23:25:16 executing program 3:
pkey_alloc(0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  529.330392]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  529.330408]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  529.330418] RIP: 0033:0x45a6f9
[  529.351037] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  529.358925] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  529.366197] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  529.373469] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  529.380741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
23:25:16 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
ioctl$VIDIOC_S_MODULATOR(r1, 0x40445637, &(0x7f0000000040)={0x7f, "b4d1c2b92be1bd4861edb1bda7f5487d1c75e7ec7acf700c652af08fb3a7561c", 0x393652a2289ad87a, 0x1, 0x1, 0x10, 0x3})
setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, &(0x7f0000000000), 0x4)

23:25:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x0, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  529.388012] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:16 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x10000, 0x0)
ioctl$KVM_SMI(r0, 0xaeb7)

23:25:16 executing program 3:
openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x210000, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x4200, 0x0)
getsockopt$bt_hci(r0, 0x0, 0x2, &(0x7f0000000080)=""/202, &(0x7f0000000180)=0xca)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:16 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x48041, 0x0)
accept4$bt_l2cap(r0, &(0x7f00000000c0), &(0x7f0000000080)=0xe, 0x800)

23:25:16 executing program 5:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f00000000c0)={0x84, &(0x7f0000000000)="faec1e09f96eafde6eea0f16242aced1f37bc53e46b8dc51ccb9afa7038a995b0251080026db5541f8bea175bf2b129bd995ff53c02d4bf47cc1c287b27a00beee27f9f19589907d5b13be5a4c8f53a735bd8460017f3bbfebd7207db97ba1568a8193e9b4823f3aec8e44fbd9b19b2e99b7098d6465593d9e9c793e053563ef8b73767a"})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:16 executing program 2 (fault-call:0 fault-nth:58):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:16 executing program 3:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000080)}], 0x1)
r3 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000000)={'\x80\x96~'}, &(0x7f0000000240)='X', 0x1, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r3, r4, r4}, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={'crct10dif\x00'}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/bsg\x00', 0x8002, 0x0)
r8 = gettid()
write$P9_RGETLOCK(r7, &(0x7f00000006c0)=ANY=[@ANYBLOB="2000000037000000000000000000000000c6180d27f06ca0e66daf7aedf943bd7fbe5107594c9d5f01977d965233988ce31f3d13096470c6a2c41a174bd695e3f508c6d20ffeb64c45a3059f6b91c11bfd1c73e84aed2a198b92af8996187f3dd56acca69899c009dced02e83de3aa52396fd12c7b7ba53204a3f4e3fd4b77db188781c56ad7de5a991205ac7ddda5ee94a446279b82d7ff88f790bfd860e3460b506776e4103ee3a8260cdefe46b01b24de349100d153dd19ed97ea4b8be7256063819a1b3838eb7c5766ac26800b3184db9ac51c71fea4edc1a49be4ad5892b30863f6a7684a5365cc8fc074981d90ee8f8627e762a98b4ae76e863822e060e28f557d1dcb7b68e3152884c5c79ca39b3ca387c6361c45445dc2ab8186b6d5633bd985b505659015f5954afcbfb0fc02a951fa176ede97ed266558c28ea32d60591cc2cc6f39206ebebc246ef6caef9d1255d60000e87a332bebc933f44e1c", @ANYRES32=r8, @ANYBLOB="02005e28"], 0x20)
r9 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e, 0x1]})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
r11 = dup2(r5, r10)
getsockopt$inet_opts(r11, 0x0, 0x6, &(0x7f0000000280)=""/206, &(0x7f0000000100)=0xce)
clone(0x787467fbcfb1d9c, 0x0, 0x0, 0x0, 0x0)
r12 = socket$inet_sctp(0x2, 0x0, 0x84)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, <r13=>0x0})
ioctl$sock_FIOSETOWN(r12, 0x8901, &(0x7f0000000380)=r13)

23:25:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x0, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:16 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x8, @empty, 0xfffff9f4}, 0x1c)
rt_sigprocmask(0xc7afa94b5cfe2404, &(0x7f00000000c0)={0x9}, &(0x7f0000000080), 0x8)
prctl$PR_MCE_KILL(0x21, 0x0, 0x1)

23:25:16 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x0, 0x0)
mmap$fb(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000000, 0x110, r0, 0x4c000)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/de1\x8e\x10\xa6\xe1T>brl\x00', 0x80800, 0x0)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r1, 0x110, 0x4, &(0x7f0000000040), 0x4)

23:25:16 executing program 1:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)

[  529.749628] audit: type=1400 audit(1575674716.436:112): avc:  denied  { map } for  pid=28150 comm="syz-executor.5" path="/selinux/checkreqprot" dev="selinuxfs" ino=15 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file permissive=1
[  529.792891] FAULT_INJECTION: forcing a failure.
23:25:16 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
socket$inet6(0xa, 0xc, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x102, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000180)={0xf, 0x8, 0xfa00, {r1, 0x12}}, 0x10)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000001c0)={<r3=>0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}}, 0x400, 0x1ff, 0x1, 0x6, 0x22ee}, &(0x7f0000000280)=0x98)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f00000002c0)={r3}, 0x8)
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
r5 = getpid()
sched_setattr(r5, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ptrace$setopts(0x4206, r5, 0x2, 0x30)
ioctl$sock_inet_SIOCGARP(r4, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000000), 0x4)

[  529.792891] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  529.838241] CPU: 0 PID: 28160 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  529.846184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  529.846189] Call Trace:
[  529.846208]  dump_stack+0x142/0x197
[  529.846228]  should_fail.cold+0x10f/0x159
[  529.846239]  ? __might_sleep+0x93/0xb0
[  529.846255]  __alloc_pages_nodemask+0x1d6/0x7a0
[  529.846266]  ? check_preemption_disabled+0x3c/0x250
[  529.846278]  ? __alloc_pages_slowpath+0x2930/0x2930
[  529.846293]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  529.846309]  ? __alloc_pages_nodemask+0x639/0x7a0
[  529.869917]  alloc_pages_current+0xec/0x1e0
[  529.869932]  __get_free_pages+0xf/0x40
[  529.869943]  get_zeroed_page+0x11/0x20
[  529.890061]  selinux_sb_copy_data+0x2a/0x390
[  529.890079]  security_sb_copy_data+0x75/0xb0
[  529.890092]  mount_fs+0x1ec/0x2a1
[  529.890104]  vfs_kern_mount.part.0+0x5e/0x3d0
[  529.890114]  kern_mount_data+0x56/0xc0
[  529.907034]  mq_init_ns+0x167/0x220
[  529.915824]  copy_ipcs+0x35e/0x400
[  529.915839]  create_new_namespaces+0x1dd/0x720
[  529.915851]  ? ns_capable_common+0x12c/0x160
[  529.915863]  copy_namespaces+0x284/0x310
[  529.927661]  copy_process.part.0+0x2603/0x6a70
[  529.927682]  ? proc_fail_nth_write+0x7d/0x180
[  529.927689]  ? proc_cwd_link+0x1b0/0x1b0
[  529.927706]  ? __cleanup_sighand+0x50/0x50
[  529.934913]  ? lock_downgrade+0x740/0x740
[  529.934931]  _do_fork+0x19e/0xce0
[  529.934945]  ? fork_idle+0x280/0x280
[  529.934958]  ? fput+0xd4/0x150
[  529.934970]  ? SyS_write+0x15e/0x230
[  529.952576]  SyS_clone+0x37/0x50
23:25:16 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb], 0x5000})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000240))
perf_event_open(&(0x7f0000000000)={0x0, 0xfffffffffffffff1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5828, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0x4010ae42, 0x2)

[  529.961123]  ? sys_vfork+0x30/0x30
[  529.961140]  do_syscall_64+0x1e8/0x640
[  529.961149]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  529.961168]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  529.972970] RIP: 0033:0x45a6f9
[  529.972976] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  529.972988] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  529.972994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  529.973000] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:25:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x0, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:16 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000200)=0x1, 0x4)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ADD(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0xe4, r2, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x34, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}]}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc2a0}]}, @TIPC_NLA_NET={0x58, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x20}]}, @TIPC_NLA_BEARER={0x14, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_LINK={0x1c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x22008000}, 0x800)

[  529.973006] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  529.973011] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:16 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000040)={0x3d, 0x1})
ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, &(0x7f0000000000)=0x7)

23:25:16 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03]})

23:25:17 executing program 2 (fault-call:0 fault-nth:59):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:17 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:17 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000040)=@generic={0x3, 0x20, 0x2})

23:25:17 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000000)={0x1, 0x46ba})

23:25:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03]})

23:25:17 executing program 5:
clone(0x83001500, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x0, 0x80800)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000140)=&(0x7f0000000100))
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x101002, 0x0)
connect$netrom(r1, &(0x7f0000000040)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48)

23:25:17 executing program 3:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
prctl$PR_GET_DUMPABLE(0x3)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000040)=<r2=>0x0)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1, 0x0, 0x0, 0x2000000000000, r2})
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000080)={{0x25, @local, 0x4e24, 0x0, 'fo\x00', 0x12, 0xc89b, 0x48}, {@multicast2, 0x4e23, 0x93f0c3dc5a8116b, 0x6, 0x6cc, 0x6}}, 0x44)
setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x5, 0x0, 0x40, 0x8, 0x2}, 0xc)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ceph(&(0x7f0000000100)='ceph\x00', &(0x7f0000000140)='./file0\x00', 0x3fe000000000, 0x1, &(0x7f0000000180)=[{&(0x7f0000000280)="af4548ce5e93c11b09af837d9cdbac8ef0c76cd8ee1c64acc191af15f43012bed17bf882dccdcf02d7e6d148bd9f77835fc798acfa78f191adcb4fc8d53fd6b236ddb53fc2912bba3f9c07ae6e594252d88af2dbf2c1e0fa9da0a8cf95056f20599b709a3374149d84eeb885599da00422a67a92eac54038de8f0fc1d043", 0x7e, 0x5}], 0x800000, &(0x7f0000000200)='fo\x00')

[  530.387724] FAULT_INJECTION: forcing a failure.
[  530.387724] name failslab, interval 1, probability 0, space 0, times 0
[  530.468965] CPU: 0 PID: 28212 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  530.476894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  530.486244] Call Trace:
[  530.488830]  dump_stack+0x142/0x197
[  530.492450]  should_fail.cold+0x10f/0x159
[  530.496586]  should_failslab+0xdb/0x130
[  530.500548]  __kmalloc+0x2f0/0x7a0
[  530.504142]  ? __list_lru_init+0x6b/0x660
[  530.508278]  __list_lru_init+0x6b/0x660
[  530.512241]  sget_userns+0x4e0/0xc30
[  530.515953]  ? set_anon_super+0x20/0x20
[  530.519935]  ? get_empty_filp.cold+0x3b/0x3b
[  530.524414]  mount_ns+0x6d/0x190
[  530.527779]  ? mqueue_get_inode+0xaf0/0xaf0
[  530.532105]  mqueue_mount+0xc0/0xf0
[  530.535745]  mount_fs+0x97/0x2a1
[  530.539120]  vfs_kern_mount.part.0+0x5e/0x3d0
[  530.543615]  kern_mount_data+0x56/0xc0
[  530.547496]  mq_init_ns+0x167/0x220
[  530.551111]  copy_ipcs+0x35e/0x400
[  530.554639]  create_new_namespaces+0x1dd/0x720
[  530.559208]  ? ns_capable_common+0x12c/0x160
[  530.563603]  copy_namespaces+0x284/0x310
[  530.567649]  copy_process.part.0+0x2603/0x6a70
[  530.572228]  ? proc_fail_nth_write+0x7d/0x180
[  530.576735]  ? proc_cwd_link+0x1b0/0x1b0
[  530.580786]  ? __cleanup_sighand+0x50/0x50
[  530.585006]  ? lock_downgrade+0x740/0x740
[  530.589140]  _do_fork+0x19e/0xce0
[  530.592578]  ? fork_idle+0x280/0x280
[  530.596279]  ? fput+0xd4/0x150
[  530.599454]  ? SyS_write+0x15e/0x230
[  530.603152]  SyS_clone+0x37/0x50
[  530.606498]  ? sys_vfork+0x30/0x30
[  530.610031]  do_syscall_64+0x1e8/0x640
[  530.613903]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  530.618732]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  530.623902] RIP: 0033:0x45a6f9
[  530.627073] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  530.634767] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  530.642020] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  530.649273] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  530.656528] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  530.663785] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:17 executing program 5:

23:25:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03]})

23:25:17 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:17 executing program 3:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r1 = semget$private(0x0, 0x0, 0x38)
semctl$IPC_INFO(r1, 0x4, 0x3, &(0x7f0000000240)=""/155)
setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000080)={0x1, @loopback, 0x4e22, 0x3, 'sh\x00', 0x4, 0x146b, 0x34}, 0x2c)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
fgetxattr(r2, &(0x7f0000000000)=@random={'system.', 'systemppp0*,\xe3vboxnet1\x00'}, &(0x7f0000000040)=""/36, 0x24)
acct(&(0x7f00000000c0)='./bus\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x0, 0xfffffffffffffffe]})

[  530.929327] Process accounting resumed
23:25:17 executing program 2 (fault-call:0 fault-nth:60):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:17 executing program 5:
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x440040, 0x0)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000040)=@ccm_128={{0x2a658428041027a8}, "23db90d1a5fd0736", "4b5e0422b0afcde6dc6a260536382b55", "77d75a07", "eb7850d8e32421c8"}, 0x28)
clone(0x80050400, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x63, 0x80301)
syz_mount_image$bfs(&(0x7f0000000400)='bfs\x00', &(0x7f0000000440)='./bus\x00', 0x743, 0x6, &(0x7f00000008c0)=[{&(0x7f0000000480)="1e8e46fc337d2c524e0c73bcf0ea867bbe94acab1594d147e8334f0e2696866b4c4a8a114a58c1bb755b62dc160679f6033a05b8a1cdee90d17f876fe0694ce4b76b63559eeb626830566d972072b59a3c44a37a14d234d6efd3ebc7fe4bf363", 0x60, 0xcde1}, {&(0x7f0000000680)="56de6fae01035dc05c7e5d385d607a3591c7d28a43c36acf7ec4d7cc4b5493bc9a8b70115a96d5a877fd042b95019ab885dd46341e7ce50da03340a6475309ababe05e4fc1bbdc06c0bb5dd4474e7036ac38ff43350c481b753f270cef949084f6da03d3c28de5dede98e834a698c2d571a0fbe28dcffd763a6b83b043d16f63c56dbd832ad66a113e6cb02ddea50c6c70516e32b98a14ce6108570d906f8ab3b5ef838592b104b590a809c95db2f5bde859962b50ab984830f0beba1fcd648408349205b255c0b92c355b60f68510", 0xcf, 0x4}, {&(0x7f0000000780)="c3a031a3e391b53497f24359fb860cc8754f1c2f80f7f4a1683ee0b711c180473c075f72e2dffc201fca87b073d857657a8b18d14002c749fdf0c11e3e48286925bb80237741c691a18719e76fdb84cce515d3290c866a9a453673207fb4bb46748637bca8d664f3465e834c8668d2b120cb9cc9ed878601a0c7ef6ba25c57bc0ea1e972b59caf10d842bfa2efe509117b76674ec45a76c15bb8b10b1134a0f9a6550103be0b44e886ff085e23fb97159890a45b0ace115a2b916e4f684e2da9fb2b97de89fcecdd7371cfd04fb3d470b36e23a5c77b3ecc904bbbcf0df2164c160f261403ce4943a5ef6f4a8394bb249abc8f", 0xf3, 0x6}, {&(0x7f0000000500)='r', 0x1, 0x2}, {&(0x7f0000000540)="2e7d06f6ac", 0x5, 0xf259}, {&(0x7f0000000880)="a7c4ed1e650a3d74ba0c575ba49b0f71839a5cd3460115252fcb3e8c7f15f4e81df4432ac7306f2ef01d36df25", 0x2d, 0xfffffffffffffffd}], 0x1000002, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x40000, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_pid(r4, &(0x7f0000000000), 0x10000000d)
ioctl$DRM_IOCTL_ADD_CTX(r4, 0xc0086420, &(0x7f0000000200)={<r5=>0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000980))
ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f0000000380)={r5, 0x7, &(0x7f0000000240)=[0x1, 0x10, 0xc195, 0xffff, 0x2, 0x5, 0x5], &(0x7f00000002c0)=[0x800, 0x8], 0x20, 0x1, 0x9, &(0x7f0000000300)=[0xffff], &(0x7f0000000340)=[0x8]})
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f0000000080)={r5, 0x20})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r2, 0x4010641c, &(0x7f0000000640)={r5, &(0x7f0000000580)=""/139})
r6 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r6, 0x7, &(0x7f0000027000)={0x1})
r7 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r7, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r8 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r8, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r8, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r8, 0x1)
r9 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="01000008", @ANYRES32=<r10=>0x0], &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r8, 0x84, 0x6d, &(0x7f00000000c0)={r10}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f00000000c0)={<r11=>r10, 0x5}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000280)={r11, 0x54, &(0x7f0000000180)=[@in6={0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0xf}, 0x5}, @in6={0xa, 0x4e24, 0x8, @local, 0x4}, @in6={0xa, 0x4e20, 0x2, @empty, 0x3}]}, &(0x7f00000003c0)=0x10)
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000080)={r5})

23:25:17 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x10000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
recvmmsg(r2, &(0x7f0000002b00)=[{{&(0x7f0000000380)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000002740)=[{&(0x7f0000000400)=""/68, 0x44}, {&(0x7f0000000480)=""/158, 0x9e}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001540)=""/231, 0xe7}, {&(0x7f0000000300)=""/17, 0x11}, {&(0x7f0000001640)=""/4096, 0x1000}, {&(0x7f0000002640)=""/92, 0x5c}, {&(0x7f00000026c0)=""/76, 0x4c}], 0x8}, 0xad2}, {{0x0, 0x0, &(0x7f0000002a00)=[{&(0x7f00000027c0)=""/115, 0x73}, {&(0x7f0000002840)=""/83, 0x53}, {&(0x7f00000028c0)=""/153, 0x99}, {&(0x7f0000002980)=""/126, 0x7e}], 0x4, &(0x7f0000002a40)=""/129, 0x81}, 0x2}], 0x2, 0x43, &(0x7f0000002b80)={0x0, 0x1c9c380})
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={<r3=>0x0}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={r3, 0x91, 0x3ff, 0x5, 0x8}, &(0x7f0000000100)=0x14)
r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x200, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00')
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x600000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x34, r5, 0x200, 0x70bd2d, 0x25dfdbfb, {{}, 0x0, 0x4101, 0x0, {0x18, 0x17, {0xa, 0x3, @udp='udp:syz0\x00'}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x400c8}, 0x40c1)

23:25:17 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:17 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x0, 0xfffffffffffffffe]})

[  531.191232] FAULT_INJECTION: forcing a failure.
[  531.191232] name failslab, interval 1, probability 0, space 0, times 0
[  531.218065] CPU: 0 PID: 28261 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  531.225995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  531.235359] Call Trace:
[  531.237966]  dump_stack+0x142/0x197
[  531.241616]  should_fail.cold+0x10f/0x159
[  531.245776]  should_failslab+0xdb/0x130
[  531.249742]  __kmalloc+0x2f0/0x7a0
[  531.253295]  ? __list_lru_init+0x6b/0x660
[  531.257440]  __list_lru_init+0x6b/0x660
[  531.261402]  sget_userns+0x500/0xc30
[  531.265966]  ? set_anon_super+0x20/0x20
[  531.269925]  ? get_empty_filp.cold+0x3b/0x3b
[  531.274334]  mount_ns+0x6d/0x190
[  531.277689]  ? mqueue_get_inode+0xaf0/0xaf0
[  531.281997]  mqueue_mount+0xc0/0xf0
[  531.285617]  mount_fs+0x97/0x2a1
[  531.288975]  vfs_kern_mount.part.0+0x5e/0x3d0
[  531.293458]  kern_mount_data+0x56/0xc0
[  531.297339]  mq_init_ns+0x167/0x220
[  531.300949]  copy_ipcs+0x35e/0x400
[  531.304474]  create_new_namespaces+0x1dd/0x720
[  531.309040]  ? ns_capable_common+0x12c/0x160
[  531.313432]  copy_namespaces+0x284/0x310
[  531.317477]  copy_process.part.0+0x2603/0x6a70
[  531.322048]  ? proc_fail_nth_write+0x7d/0x180
[  531.326526]  ? proc_cwd_link+0x1b0/0x1b0
[  531.330580]  ? __cleanup_sighand+0x50/0x50
[  531.334813]  ? lock_downgrade+0x740/0x740
[  531.338947]  _do_fork+0x19e/0xce0
[  531.342386]  ? fork_idle+0x280/0x280
[  531.346088]  ? fput+0xd4/0x150
[  531.349265]  ? SyS_write+0x15e/0x230
[  531.352964]  SyS_clone+0x37/0x50
[  531.356311]  ? sys_vfork+0x30/0x30
[  531.359835]  do_syscall_64+0x1e8/0x640
[  531.363704]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  531.368536]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  531.373710] RIP: 0033:0x45a6f9
[  531.376881] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  531.384572] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  531.391823] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  531.399073] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  531.406326] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  531.413579] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:18 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r1, 0x0, 0x0)
r2 = getuid()
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000240)=[{&(0x7f0000000080)="c2b2c2719e91e3226d0b58c33b059d355cf60f8edc28648b573f46b14aa9e5db92d3b358f6c84df0db86084777c542e10de1b2ebefb9e43aace18868e41297d8e37236db4d2e49d716881d1d8bfb5bb854c0fb7f28a1d1c6de18697a24c1fd0ab6681f6e203c41e3c76c67aeb0b86d8764377de6f872c8ff35e3e7a5bf4c80def3e6745a555937812076657832d6c17597c9c46b229a90ac8cf3e6b89a35ecf301a4b63ffe60a3cbe4f4592b1e506592e213b5cfc87d5090ea", 0xb9, 0x4a76}, {&(0x7f0000000140)="c364d495866a81419994123b0feea49952e1dd3d1c6909bfef5722011484f844ca1d06774c332d0afd68206377445a20749a7a5228ecb5906f2ef42b50a8b9c392e1220a9d064b5255861500105024861c69c6231ae4579a39f694173a80946ddc4782fb0b338467dcf58705b2ef7d28e7dbe3d6198ec4c1c06c7a630ca023f5b7362c9c7aa736eff3a489518ed096d228a74e7e2f6019e9d283c1cd81464ac70a135b9e4a501dd903b278b360cfd9f9f87bd53a7c94f252108644d098ef77630fd38e31f0070a092160888d8c164fcc0ab698bc7160e6a3e0fb76de879f4304934169ceccda08732c11ffe31dd5707f6ca777b5b0432c968c1d4b35", 0xfc, 0xfe80}], 0x2080051, &(0x7f0000000280)={[{@type={'type', 0x3d, "a890ed70"}}], [{@euid_gt={'euid>', r1}}, {@smackfsfloor={'smackfsfloor'}}, {@fowner_eq={'fowner', 0x3d, r2}}]})

[  531.499776] BFS-fs: bfs_fill_super(): No BFS filesystem on loop5 (magic=00720000)
23:25:18 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xe05, 0xa80)
setsockopt$TIPC_MCAST_BROADCAST(r0, 0x10f, 0x85)

23:25:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x0, 0xfffffffffffffffe]})

23:25:18 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:18 executing program 0:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r0 = getpid()
tkill(r0, 0x9)
syz_open_dev$tty1(0xc, 0x4, 0x1)

23:25:18 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
dup3(r0, r1, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:18 executing program 2 (fault-call:0 fault-nth:61):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:18 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
r1 = getpid()
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, &(0x7f0000000100)={0x5, 0x1, 0x6, 0xc, 0x9})
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
sched_setattr(r1, &(0x7f0000000080)={0x30, 0x1, 0x1, 0x0, 0x6, 0x0, 0x0, 0x100000001}, 0x0)
r3 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r3)
write$P9_RUNLINKAT(r3, &(0x7f00000000c0)={0x7, 0x4d, 0x2}, 0x7)
r4 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r4)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000180)={<r5=>0xffffffffffffffff}, 0x13f, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r3, &(0x7f0000000200)={0x6, 0x118, 0xfa00, {{0x3, 0x1f, "493292b1f65932b792851a367662d7cbeb19379b48f3f83d15cbfa323f803aa05b76e33776b54005a3b76c0104a0fa2532591b94f05a4138edbc00fe4fbe226703eed6f1c18ad27096192bcf0b84a2b9845ecc79538e74a1e3a796ce500393f439a6c5368074d356d963c1b1fbeccf6c47b11434afcef7add411b41fd3eddfde9a15f3465752da5973e2d67250571e2928c5c1577f1e4cc98fbf286145f3f7d80f76e7562a5a5887988818b07dca3d685914fea69d5836931c5c099191303c36d8794b9ad68bf85abaa626b3067c9328a71c3efe62828daff8aaaa4780566949fd63d80d29ed75cae0fed4bd19c86dc4cf8748f6c0378c8ddb60466e48e3a1fa", 0x1f, 0xcd, 0xa8, 0x6d, 0x2, 0x40, 0x9}, r5}}, 0x120)
r6 = syz_open_procfs(r0, &(0x7f0000000000)='attr/exec\x00')
mount(&(0x7f0000000340)=@loop={'/dev/loop', 0x0}, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='cgroup\x00', 0x2000, 0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})

[  531.886720] FAULT_INJECTION: forcing a failure.
[  531.886720] name failslab, interval 1, probability 0, space 0, times 0
[  531.938393] CPU: 1 PID: 28314 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  531.946336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  531.955682] Call Trace:
[  531.955717]  dump_stack+0x142/0x197
[  531.955735]  should_fail.cold+0x10f/0x159
[  531.955751]  should_failslab+0xdb/0x130
[  531.955761]  __kmalloc+0x2f0/0x7a0
[  531.955775]  ? lock_downgrade+0x740/0x740
[  531.955786]  ? register_shrinker+0xbd/0x220
[  531.982096]  register_shrinker+0xbd/0x220
[  531.986256]  sget_userns+0x9bf/0xc30
[  531.989976]  ? set_anon_super+0x20/0x20
[  531.993960]  ? get_empty_filp.cold+0x3b/0x3b
[  531.998398]  mount_ns+0x6d/0x190
[  532.001780]  ? mqueue_get_inode+0xaf0/0xaf0
[  532.006108]  mqueue_mount+0xc0/0xf0
[  532.009747]  mount_fs+0x97/0x2a1
[  532.013122]  vfs_kern_mount.part.0+0x5e/0x3d0
[  532.017627]  kern_mount_data+0x56/0xc0
[  532.021523]  mq_init_ns+0x167/0x220
[  532.025156]  copy_ipcs+0x35e/0x400
[  532.028705]  create_new_namespaces+0x1dd/0x720
[  532.033297]  ? ns_capable_common+0x12c/0x160
[  532.037714]  copy_namespaces+0x284/0x310
[  532.041785]  copy_process.part.0+0x2603/0x6a70
[  532.046384]  ? proc_fail_nth_write+0x7d/0x180
[  532.050894]  ? proc_cwd_link+0x1b0/0x1b0
[  532.054992]  ? __cleanup_sighand+0x50/0x50
[  532.059236]  ? lock_downgrade+0x740/0x740
[  532.063393]  _do_fork+0x19e/0xce0
[  532.066863]  ? fork_idle+0x280/0x280
[  532.070581]  ? fput+0xd4/0x150
[  532.073781]  ? SyS_write+0x15e/0x230
[  532.077500]  SyS_clone+0x37/0x50
[  532.080871]  ? sys_vfork+0x30/0x30
[  532.084415]  do_syscall_64+0x1e8/0x640
[  532.088308]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  532.093160]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  532.098348] RIP: 0033:0x45a6f9
[  532.101536] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  532.109248] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  532.116530] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  532.123794] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  532.131045] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  532.138319] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  532.166918] BFS-fs: bfs_fill_super(): No BFS filesystem on loop5 (magic=00720000)
23:25:18 executing program 5:
clone(0x787467fbcff1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:18 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
dup3(r0, r1, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:18 executing program 0:

23:25:18 executing program 4:
r0 = pkey_alloc(0x0, 0x1)
pkey_mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000008, r0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000fed000/0x13000)=nil, 0x1000, 0x0, 0x100010, r1, 0x81000000)
clone(0x80000400, 0x0, 0x0, 0x0, 0x0)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x149102, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f0000000040)=0x2, 0x4)

23:25:18 executing program 3:
clone(0x832c25c09f1a9982, 0x0, 0x0, 0x0, 0x0)

23:25:18 executing program 2 (fault-call:0 fault-nth:62):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:18 executing program 3:
clone(0xca204100, 0x0, 0x0, 0x0, 0x0)

23:25:18 executing program 0:

[  532.308411] FAULT_INJECTION: forcing a failure.
[  532.308411] name failslab, interval 1, probability 0, space 0, times 0
[  532.341885] CPU: 1 PID: 28341 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  532.350074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  532.359434] Call Trace:
[  532.362023]  dump_stack+0x142/0x197
[  532.362042]  should_fail.cold+0x10f/0x159
[  532.362060]  should_failslab+0xdb/0x130
[  532.369808]  kmem_cache_alloc+0x2d7/0x780
[  532.377928]  ? lock_downgrade+0x740/0x740
[  532.382087]  ? mqueue_i_callback+0x30/0x30
[  532.386334]  mqueue_alloc_inode+0x1c/0x40
[  532.390494]  alloc_inode+0x64/0x180
[  532.394131]  new_inode_pseudo+0x19/0xf0
[  532.398111]  new_inode+0x1f/0x40
[  532.401486]  mqueue_get_inode+0x89/0xaf0
23:25:19 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3f, 0x8440)
accept4$nfc_llcp(r0, &(0x7f0000000040), &(0x7f00000000c0)=0x60, 0x80800)

23:25:19 executing program 4:
clone(0x787467f5cf3979c, 0x0, 0x0, 0x0, 0x0)

[  532.405554]  mqueue_fill_super+0x113/0x1f0
[  532.409790]  mount_ns+0xec/0x190
[  532.413157]  ? mqueue_get_inode+0xaf0/0xaf0
[  532.417484]  mqueue_mount+0xc0/0xf0
[  532.421107]  mount_fs+0x97/0x2a1
[  532.424461]  vfs_kern_mount.part.0+0x5e/0x3d0
[  532.428952]  kern_mount_data+0x56/0xc0
[  532.432847]  mq_init_ns+0x167/0x220
[  532.436478]  copy_ipcs+0x35e/0x400
[  532.440021]  create_new_namespaces+0x1dd/0x720
[  532.440031]  ? ns_capable_common+0x12c/0x160
[  532.440043]  copy_namespaces+0x284/0x310
[  532.440054]  copy_process.part.0+0x2603/0x6a70
[  532.440071]  ? proc_fail_nth_write+0x7d/0x180
[  532.449040]  ? proc_cwd_link+0x1b0/0x1b0
[  532.449061]  ? __cleanup_sighand+0x50/0x50
[  532.449073]  ? lock_downgrade+0x740/0x740
[  532.474618]  _do_fork+0x19e/0xce0
[  532.478084]  ? fork_idle+0x280/0x280
[  532.481805]  ? fput+0xd4/0x150
[  532.485014]  ? SyS_write+0x15e/0x230
[  532.488751]  SyS_clone+0x37/0x50
[  532.492123]  ? sys_vfork+0x30/0x30
[  532.495674]  do_syscall_64+0x1e8/0x640
[  532.499579]  ? trace_hardirqs_off_thunk+0x1a/0x1c
23:25:19 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
recvfrom$rose(0xffffffffffffffff, &(0x7f0000000000)=""/43, 0x2b, 0x10000, 0x0, 0x0)

23:25:19 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
dup3(r0, r1, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:19 executing program 0:

23:25:19 executing program 4:
clone(0x900000, 0x0, 0x0, 0x0, 0x0)

23:25:19 executing program 5:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000040)={0x3, "8292db"}, 0x4)
syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
ioctl$SIOCGETNODEID(r1, 0x89e1, &(0x7f0000000000)={0x2})
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  532.504437]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  532.509631] RIP: 0033:0x45a6f9
[  532.509639] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  532.520544] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  532.520550] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  532.520556] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  532.520561] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  532.520567] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:19 executing program 2 (fault-call:0 fault-nth:63):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:19 executing program 0:

23:25:19 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r5, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_ax25_SIOCADDRT(r5, 0x890b, &(0x7f0000000080)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x80, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = fcntl$dupfd(r1, 0x0, r3)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000040)=0x1f)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f0000000240)={0x0, 0x0, 0x2080})
r10 = creat(&(0x7f0000000000)='./bus\x00', 0x101)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ubi_ctrl\x00', 0x400c00, 0x0)
ioctl$sock_inet_SIOCGARP(r10, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
bind$netlink(r10, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbff, 0x1000515}, 0xc)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  532.666615] FAULT_INJECTION: forcing a failure.
[  532.666615] name failslab, interval 1, probability 0, space 0, times 0
[  532.712314] IPVS: ftp: loaded support on port[0] = 21
[  532.717900] CPU: 1 PID: 28374 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  532.725816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  532.735177] Call Trace:
[  532.737775]  dump_stack+0x142/0x197
[  532.741422]  should_fail.cold+0x10f/0x159
[  532.745584]  should_failslab+0xdb/0x130
[  532.749572]  kmem_cache_alloc+0x2d7/0x780
[  532.753774]  ? mqueue_alloc_inode+0x1c/0x40
[  532.758111]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  532.763570]  selinux_inode_alloc_security+0xb6/0x2a0
[  532.768679]  security_inode_alloc+0x94/0xd0
[  532.772991]  inode_init_always+0x552/0xaf0
[  532.777213]  alloc_inode+0x81/0x180
[  532.780915]  new_inode_pseudo+0x19/0xf0
[  532.784874]  new_inode+0x1f/0x40
[  532.788224]  mqueue_get_inode+0x89/0xaf0
[  532.792287]  mqueue_fill_super+0x113/0x1f0
[  532.796508]  mount_ns+0xec/0x190
[  532.799874]  ? mqueue_get_inode+0xaf0/0xaf0
[  532.804206]  mqueue_mount+0xc0/0xf0
[  532.807833]  mount_fs+0x97/0x2a1
[  532.811184]  vfs_kern_mount.part.0+0x5e/0x3d0
[  532.815682]  kern_mount_data+0x56/0xc0
[  532.819558]  mq_init_ns+0x167/0x220
[  532.823176]  copy_ipcs+0x35e/0x400
[  532.826708]  create_new_namespaces+0x1dd/0x720
[  532.831293]  ? ns_capable_common+0x12c/0x160
[  532.835707]  copy_namespaces+0x284/0x310
[  532.839850]  copy_process.part.0+0x2603/0x6a70
[  532.844433]  ? proc_fail_nth_write+0x7d/0x180
[  532.848932]  ? proc_cwd_link+0x1b0/0x1b0
[  532.852996]  ? __cleanup_sighand+0x50/0x50
[  532.857216]  ? lock_downgrade+0x740/0x740
[  532.861358]  _do_fork+0x19e/0xce0
[  532.864805]  ? fork_idle+0x280/0x280
[  532.868530]  ? fput+0xd4/0x150
[  532.871728]  ? SyS_write+0x15e/0x230
[  532.875444]  SyS_clone+0x37/0x50
[  532.878820]  ? sys_vfork+0x30/0x30
[  532.882382]  do_syscall_64+0x1e8/0x640
[  532.886272]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  532.891115]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  532.896319] RIP: 0033:0x45a6f9
[  532.899507] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  532.907220] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  532.914500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  532.921766] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  532.929024] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  532.936291] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:20 executing program 1:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x1000080002, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:20 executing program 5:
clone(0x20000000, 0x0, 0x0, 0x0, 0x0)

23:25:20 executing program 0:

23:25:20 executing program 2 (fault-call:0 fault-nth:64):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:20 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x80, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x2, 0xdfc7})
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r3, 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setresuid(r5, 0x0, 0x0)
r6 = getuid()
r7 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r7, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r7, r7, &(0x7f0000000240), 0x7fff)
getsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000300)={{{@in=@remote, @in6=@ipv4={[], [], @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@empty}, 0x0, @in=@broadcast}}, &(0x7f0000000400)=0xe8)
syz_mount_image$jfs(&(0x7f0000000080)='jfs\x00', &(0x7f00000000c0)='./file0\x00', 0x9, 0x2, &(0x7f0000000200)=[{&(0x7f0000000100)="8285656c74997e3915c57684", 0xc}, {&(0x7f0000000140)="6203a916e358dd8d77c784af80d9c5ea1f855acf64ee3cca900bcb941a1d48140c0f7d9d7e948306d9ea5c7f3564207c6c514481fad5fd87d6fb5702219ae9bd87d60f39da6f30fb7e13ab6d99bbc7339713b956c14cd75240116809074d22af86e50e448f09ae577374dd5353dc71f7429758ee883670d7162a39506aa27e861feb668943557415e60aec4aaff97b393fa6f08e5741d21208223dd4d249006a7141a67dc9", 0xa5, 0x2}], 0x40010, &(0x7f0000000440)={[{@uid={'uid', 0x3d, r1}}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@errors_remount='errors=remount-ro'}, {@grpquota='grpquota'}, {@quota='quota'}, {@umask={'umask', 0x3d, 0x4}}, {@noquota='noquota'}, {@integrity='integrity'}], [{@smackfsdef={'smackfsdef', 0x3d, '-em1'}}, {@seclabel='seclabel'}, {@euid_eq={'euid', 0x3d, r3}}, {@uid_eq={'uid', 0x3d, r5}}, {@pcr={'pcr', 0x3d, 0xf}}, {@euid_eq={'euid', 0x3d, r6}}, {@audit='audit'}, {@fowner_gt={'fowner>', r8}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@subj_role={'subj_role'}}]})

23:25:20 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000200)={0x4, [0x3, 0x2, 0x87, 0x3]}, 0xc)
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x50200, 0x2)
ioctl$VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f00000000c0)={0xb, @pix_mp={0x5, 0xa7, 0x10077618, 0x3, 0x1, [{0x64}, {0x4, 0x3}, {0x4, 0x100}, {0x6, 0x1}, {0x4, 0x9}, {0x7, 0x5}, {0x7}, {0x4, 0x1}], 0x8, 0x4, 0x0, 0x2, 0x6}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$FICLONE(r0, 0x40049409, r3)
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x200000, 0x0)
setsockopt$netrom_NETROM_T2(r4, 0x103, 0x2, &(0x7f0000000040)=0x80, 0x4)

23:25:20 executing program 4:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2, 0x0)
clone(0x787467f86ee0d9c, 0x0, 0x0, 0x0, 0x0)

23:25:20 executing program 0:

23:25:20 executing program 1:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x1000080002, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  533.808099] FAULT_INJECTION: forcing a failure.
[  533.808099] name failslab, interval 1, probability 0, space 0, times 0
[  533.890308] CPU: 1 PID: 28401 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  533.898352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  533.907724] Call Trace:
[  533.910313]  dump_stack+0x142/0x197
[  533.913931]  should_fail.cold+0x10f/0x159
[  533.918066]  should_failslab+0xdb/0x130
[  533.922113]  kmem_cache_alloc+0x2d7/0x780
[  533.926265]  ? mqueue_alloc_inode+0x1c/0x40
[  533.930598]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  533.936172]  selinux_inode_alloc_security+0xb6/0x2a0
[  533.941279]  security_inode_alloc+0x94/0xd0
[  533.945608]  inode_init_always+0x552/0xaf0
[  533.949856]  alloc_inode+0x81/0x180
[  533.953479]  new_inode_pseudo+0x19/0xf0
[  533.957446]  new_inode+0x1f/0x40
[  533.960822]  mqueue_get_inode+0x89/0xaf0
[  533.964872]  mqueue_fill_super+0x113/0x1f0
[  533.969101]  mount_ns+0xec/0x190
[  533.972452]  ? mqueue_get_inode+0xaf0/0xaf0
[  533.976761]  mqueue_mount+0xc0/0xf0
[  533.980372]  mount_fs+0x97/0x2a1
[  533.983723]  vfs_kern_mount.part.0+0x5e/0x3d0
[  533.988204]  kern_mount_data+0x56/0xc0
[  533.992073]  mq_init_ns+0x167/0x220
[  533.995683]  copy_ipcs+0x35e/0x400
[  533.999220]  create_new_namespaces+0x1dd/0x720
[  534.003787]  ? ns_capable_common+0x12c/0x160
[  534.008180]  copy_namespaces+0x284/0x310
[  534.012227]  copy_process.part.0+0x2603/0x6a70
[  534.016800]  ? proc_fail_nth_write+0x7d/0x180
[  534.021278]  ? proc_cwd_link+0x1b0/0x1b0
[  534.025329]  ? __cleanup_sighand+0x50/0x50
[  534.029547]  ? lock_downgrade+0x740/0x740
[  534.033683]  _do_fork+0x19e/0xce0
[  534.037123]  ? fork_idle+0x280/0x280
[  534.040823]  ? fput+0xd4/0x150
[  534.044085]  ? SyS_write+0x15e/0x230
[  534.047787]  SyS_clone+0x37/0x50
[  534.051136]  ? sys_vfork+0x30/0x30
[  534.054663]  do_syscall_64+0x1e8/0x640
[  534.058534]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  534.063380]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  534.068556] RIP: 0033:0x45a6f9
[  534.071729] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  534.079436] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
23:25:20 executing program 5:
clone(0x3d40b4694bb99004, 0x0, 0x0, 0x0, 0x0)

[  534.086692] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  534.093948] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  534.101219] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  534.108485] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:20 executing program 0:

23:25:20 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$vcsn(&(0x7f0000001300)='/dev/vcs#\x00', 0x8, 0x101000)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000001340)={'filter\x00', 0x32, "50434187393b649e8d86ea5b21883ec381cc71a2dc26df3e44529b356587fe2dd2a46c4fa16f0e5997a83e63e2ea6d5c76ef"}, &(0x7f00000013c0)=0x56)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0xa)
ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000000040)=""/28)

23:25:20 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
close(r0)

23:25:20 executing program 5:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
preadv(r2, &(0x7f0000000140)=[{&(0x7f0000000080)=""/142, 0x8e}], 0x1, 0x5)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:20 executing program 2 (fault-call:0 fault-nth:65):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:20 executing program 1:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x1000080002, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:21 executing program 0:

23:25:21 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
fstat(r1, &(0x7f0000000140))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f0000000040)={0x0, @reserved})
setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, &(0x7f0000000100)=0x63, 0x4)

23:25:21 executing program 0:

[  534.343407] FAULT_INJECTION: forcing a failure.
[  534.343407] name failslab, interval 1, probability 0, space 0, times 0
23:25:21 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:21 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$binderN(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0x800)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000040)=0xffffffff)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f00000000c0)=0x8)

[  534.423234] QAT: Invalid ioctl
[  534.439117] CPU: 1 PID: 28437 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  534.447068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  534.447074] Call Trace:
[  534.447092]  dump_stack+0x142/0x197
[  534.447111]  should_fail.cold+0x10f/0x159
[  534.447128]  should_failslab+0xdb/0x130
[  534.470825]  kmem_cache_alloc_trace+0x2e9/0x790
[  534.475493]  ? __lock_acquire+0x5f7/0x4620
[  534.475510]  selinux_parse_opts_str+0x3c1/0xa30
[  534.475520]  ? trace_hardirqs_on+0x10/0x10
[  534.475536]  ? selinux_sb_show_options+0xd50/0xd50
[  534.493589]  ? trace_hardirqs_on+0x10/0x10
[  534.497839]  ? d_instantiate+0x7b/0xa0
[  534.501747]  ? save_trace+0x290/0x290
[  534.505569]  ? find_held_lock+0x35/0x130
[  534.505580]  ? d_instantiate+0x7b/0xa0
[  534.505590]  ? lockref_get+0x46/0x60
[  534.505605]  superblock_doinit+0xeb/0x200
[  534.505616]  ? selinux_parse_opts_str+0xa30/0xa30
[  534.505633]  selinux_sb_kern_mount+0xa9/0x230
[  534.505643]  ? delayed_superblock_init+0x20/0x20
[  534.535509]  ? _raw_spin_unlock+0x2d/0x50
[  534.539668]  ? lockref_get+0x46/0x60
[  534.543389]  ? mount_ns+0xc1/0x190
[  534.546935]  security_sb_kern_mount+0x7d/0xb0
[  534.551425]  ? mqueue_mount+0xc0/0xf0
[  534.555237]  mount_fs+0x14e/0x2a1
[  534.558685]  vfs_kern_mount.part.0+0x5e/0x3d0
[  534.563186]  kern_mount_data+0x56/0xc0
[  534.567060]  mq_init_ns+0x167/0x220
[  534.570670]  copy_ipcs+0x35e/0x400
[  534.574199]  create_new_namespaces+0x1dd/0x720
[  534.578767]  ? ns_capable_common+0x12c/0x160
[  534.583162]  copy_namespaces+0x284/0x310
[  534.587218]  copy_process.part.0+0x2603/0x6a70
[  534.591789]  ? proc_fail_nth_write+0x7d/0x180
[  534.596267]  ? proc_cwd_link+0x1b0/0x1b0
[  534.600324]  ? __cleanup_sighand+0x50/0x50
[  534.604555]  ? lock_downgrade+0x740/0x740
[  534.608690]  _do_fork+0x19e/0xce0
[  534.612133]  ? fork_idle+0x280/0x280
[  534.615830]  ? fput+0xd4/0x150
[  534.619005]  ? SyS_write+0x15e/0x230
[  534.622725]  SyS_clone+0x37/0x50
[  534.626093]  ? sys_vfork+0x30/0x30
[  534.629636]  do_syscall_64+0x1e8/0x640
[  534.633511]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  534.638359]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  534.643532] RIP: 0033:0x45a6f9
[  534.646705] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  534.654397] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  534.661651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:25:21 executing program 0:

[  534.668905] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  534.676161] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  534.683415] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:21 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x2000, 0x0)
ioctl$IMCLEAR_L2(r0, 0x80044946, &(0x7f0000000040)=0x2)
getcwd(&(0x7f0000000080)=""/4096, 0x1000)

[  534.717721] binder: 28455:28458 ioctl c0044dff 200000c0 returned -22
23:25:21 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:21 executing program 2 (fault-call:0 fault-nth:66):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:21 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
gettid()

23:25:21 executing program 4:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x200, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r2, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r2, 0x1)
r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r4=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000000c0)={r4}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={r4, 0x8}, &(0x7f0000000040)=0x8)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000680)={&(0x7f0000000080)=[0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000600)=[0x0], &(0x7f0000000640)=[0x0], 0x2, 0x4, 0x1, 0x1})
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
sendmsg$nl_generic(r0, &(0x7f0000000580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2080}, 0xc, &(0x7f0000000540)={&(0x7f0000000140)={0x3e0, 0x10, 0xab8635274f347ed9, 0x70bd2a, 0x25dfdbfe, {}, [@nested={0x17c, 0x52, [@typed={0xc, 0x41, @u64=0x76d5}, @generic="b90513f2b7cece9c07aecaef590c03517d4d45470e60e2573903311d3da89c28c5391c94866cd7d032a1f7927e192c45c01d68a77089d0cd0cf1e4e6c95a68e53f87b633a4a3a58a2f6aace4662a6e5b4924b2db67efaa481ee48a2feda5d226c97fb4e118cadb97ce9effa52c361df76601ac85c0666e3751e1", @generic="9bc6f1cd63bb230efb81122a321a4a955fa28d4a14d71beec56f5a3e06665468a942553db77ad92e61cb5734550b35da099c3f46af97cb43ae0c6cc970021d09e85d6bf9f5367698c3ecce5de99c66a59629a53e1e86d2fcbd06178362f1216c59c8236391c3359d897ed06dad828a3b9cd3bcfca38d2f94d755d162c901ea82e15537c1de0e5a330286e8d765b3d3b64365a8b0b98c3e73870e2dc48d80160eced134605fff2fbb0f8e709dae31100a8552d80ea330a2c8aad67ec0d8dd2e13e2a29364ee9fc8b7d586fcc848b18d37e481943b51c549a908c995a37508d9b2291e596f80a89ed4f62791cdf26ef8ea3f7f"]}, @nested={0x1ec, 0x91, [@generic="be484c297de9f31bc0905e6525233a196977b3bb09d34a3b91a1ce7ea5adb8df9244711deb2720784b9a2e50fc6f0b54f16cdc08e770c930233bc79e56f9083173f1d0dcb5d116a65fabf4a514cb4511e1583c4597bae907dd86be941eac7b83f1290e4410", @generic="844c7beafdb5053fc780df04507ebe7d935ffdddc8710f1a86324c6660fc2ef707789b4aec8389c2a14c0cffa2be819b57e2a7bf3c5a865bdc7465260a84f0f74ab4bc5698e4557daf86adfc7d96e691b6c77bae0325918618e27f3546e898d088610ee78b06d2d9e53da558d6dec87762a6e903ebd5722a1ebe571c5e3b9a4e437c1877a4d1436e6561e6b57a9ba7b5c7b6ffb74e6194ff0faba08668446f92a4f1f9d9cf057162f73d61786e3e065bc330192e3231151fff32d21ca1485a016f35457409d51765c3f96edf79354bd353b28ad8981b539584df12af2eb1ef7d11", @generic="36249707d79f27eed31cd3c22c1f1263dc65ace6f1d4f40337651da52aec823fa749de95cd8788b1d25bcb4afd7312eb443cbb6c932f29225a8e363856c1c1c934fcc71a4f613ce8a5a7acc5c34b27a8b6b6f48ce0ab35696a9cb3b811efa6948e994422c2820a8fcb49a377ca4772c36d1b47469f1ce07520e027aac75451f97e70d21311537e52f2428c26ff1d3863b8edcfd3c4671efb8f98bcd7d196a86fecc3"]}, @nested={0x48, 0x88, [@typed={0x8, 0x41, @fd=r5}, @typed={0x18, 0x71, @str='trustedem1keyring[\x00'}, @generic="eb101d0a0f4c30d21e0cd70e1475eaa662127d0a23c71372f76009ef2dd371431813"]}, @typed={0xc, 0x1d, @str='^proc%\x00'}, @nested={0x10, 0x2d, [@typed={0xc, 0x1f, @u64=0x8}]}]}, 0x3e0}, 0x1, 0x0, 0x0, 0x10000}, 0x40000)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:21 executing program 0:

23:25:21 executing program 5:
prctl$PR_GET_KEEPCAPS(0x7)
clone(0x8822800, 0x0, 0x0, 0x0, 0x0)

23:25:21 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:21 executing program 0:

23:25:21 executing program 3:
ioctl$sock_SIOCSIFVLAN_GET_VLAN_VID_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  534.931269] FAULT_INJECTION: forcing a failure.
[  534.931269] name failslab, interval 1, probability 0, space 0, times 0
23:25:21 executing program 5:
prctl$PR_SET_SECUREBITS(0x1c, 0x10)
clone(0x8000, 0x0, 0x0, 0x0, 0x0)

[  535.001081] CPU: 1 PID: 28491 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  535.009018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  535.018378] Call Trace:
[  535.018399]  dump_stack+0x142/0x197
[  535.018429]  should_fail.cold+0x10f/0x159
[  535.018453]  should_failslab+0xdb/0x130
[  535.032784]  kmem_cache_alloc_trace+0x2e9/0x790
[  535.037466]  selinux_parse_opts_str+0x42c/0xa30
[  535.037480]  ? trace_hardirqs_on+0x10/0x10
[  535.046382]  ? selinux_sb_show_options+0xd50/0xd50
23:25:21 executing program 0:

[  535.051315]  ? trace_hardirqs_on+0x10/0x10
[  535.051327]  ? d_instantiate+0x7b/0xa0
[  535.051337]  ? save_trace+0x290/0x290
[  535.051346]  ? find_held_lock+0x35/0x130
[  535.051353]  ? d_instantiate+0x7b/0xa0
[  535.051363]  ? lockref_get+0x46/0x60
[  535.051374]  superblock_doinit+0xeb/0x200
[  535.051384]  ? selinux_parse_opts_str+0xa30/0xa30
[  535.083997]  selinux_sb_kern_mount+0xa9/0x230
[  535.088481]  ? delayed_superblock_init+0x20/0x20
[  535.093237]  ? _raw_spin_unlock+0x2d/0x50
[  535.097371]  ? lockref_get+0x46/0x60
[  535.101071]  ? mount_ns+0xc1/0x190
[  535.104596]  security_sb_kern_mount+0x7d/0xb0
[  535.109075]  ? mqueue_mount+0xc0/0xf0
[  535.112871]  mount_fs+0x14e/0x2a1
[  535.116312]  vfs_kern_mount.part.0+0x5e/0x3d0
[  535.120806]  kern_mount_data+0x56/0xc0
[  535.124685]  mq_init_ns+0x167/0x220
[  535.128296]  copy_ipcs+0x35e/0x400
[  535.131823]  create_new_namespaces+0x1dd/0x720
[  535.136390]  ? ns_capable_common+0x12c/0x160
[  535.140796]  copy_namespaces+0x284/0x310
[  535.144958]  copy_process.part.0+0x2603/0x6a70
[  535.149530]  ? proc_fail_nth_write+0x7d/0x180
[  535.154032]  ? proc_cwd_link+0x1b0/0x1b0
[  535.158083]  ? __cleanup_sighand+0x50/0x50
[  535.162305]  ? lock_downgrade+0x740/0x740
[  535.166457]  _do_fork+0x19e/0xce0
[  535.169898]  ? fork_idle+0x280/0x280
[  535.173688]  ? fput+0xd4/0x150
[  535.176866]  ? SyS_write+0x15e/0x230
[  535.180593]  SyS_clone+0x37/0x50
[  535.184202]  ? sys_vfork+0x30/0x30
[  535.187742]  do_syscall_64+0x1e8/0x640
[  535.191622]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  535.196466]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
23:25:21 executing program 1:
r0 = socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  535.201650] RIP: 0033:0x45a6f9
[  535.204824] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  535.212529] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  535.219788] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  535.227133] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  535.234388] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  535.241641] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:22 executing program 3:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selin\x05\x00\x00\x00\x00\x00\x00\x00t[pending_bools\x00', 0x1, 0x0)
ioctl$TIOCGICOUNT(r0, 0x545d, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 2 (fault-call:0 fault-nth:67):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 0:

23:25:22 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000500)={0x4, &(0x7f0000000480)=[{}, {}, {}, {}]})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x200, 0x0)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000440)={0x1, 0x0, 0x1a, 0x0, 0x71, &(0x7f0000000040)})

[  535.473213] FAULT_INJECTION: forcing a failure.
[  535.473213] name failslab, interval 1, probability 0, space 0, times 0
[  535.496845] CPU: 0 PID: 28527 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  535.504960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  535.514432] Call Trace:
[  535.514455]  dump_stack+0x142/0x197
23:25:22 executing program 3:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r1, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r3}, &(0x7f0000000000)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000000)=r3, 0x4)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 5:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0xe0101, 0x0)
setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f0000000040)='lo\x00', 0x3)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r1)
epoll_wait(r1, &(0x7f0000000080)=[{}], 0x1, 0xc1)

[  535.520652]  should_fail.cold+0x10f/0x159
[  535.520668]  should_failslab+0xdb/0x130
[  535.520678]  kmem_cache_alloc+0x2d7/0x780
[  535.520688]  ? retire_userns_sysctls+0x90/0x90
[  535.520704]  copy_pid_ns+0x1af/0xa50
[  535.520719]  create_new_namespaces+0x267/0x720
[  535.520731]  copy_namespaces+0x284/0x310
[  535.520743]  copy_process.part.0+0x2603/0x6a70
[  535.520760]  ? proc_fail_nth_write+0x7d/0x180
[  535.520766]  ? proc_cwd_link+0x1b0/0x1b0
[  535.520784]  ? __cleanup_sighand+0x50/0x50
[  535.520795]  ? lock_downgrade+0x740/0x740
23:25:22 executing program 4:
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$CAPI_INSTALLED(r0, 0x80024322)
r1 = open(&(0x7f0000000000)='./file0\x00', 0xec382, 0x8)
r2 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r2, 0x7, &(0x7f0000027000)={0x1})
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000040), 0x1)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in=@multicast2, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@initdev}, 0x0, @in6=@dev}}, &(0x7f0000000180)=0xe8)
mount$9p_tcp(&(0x7f00000000c0)='127.0.0.1\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x10050, &(0x7f0000000300)={'trans=tcp,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@mmap='mmap'}, {@cache_loose='cache=loose'}, {@msize={'msize', 0x3d, 0x7}}, {@aname={'aname', 0x3d, '*mime_typeem0em0:,'}}, {@msize={'msize', 0x3d, 0x20}}, {@aname={'aname', 0x3d, '#'}}, {@msize={'msize', 0x3d, 0xf7}}, {@afid={'afid', 0x3d, 0x2}}, {@access_any='access=any'}], [{@measure='measure'}, {@audit='audit'}, {@fowner_gt={'fowner>', r3}}]}})
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$SCSI_IOCTL_SYNC(r1, 0x4)
clone(0x1bab1ea58a8fb115, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 1:
r0 = socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  535.520807]  _do_fork+0x19e/0xce0
[  535.520818]  ? fork_idle+0x280/0x280
[  535.520830]  ? fput+0xd4/0x150
[  535.520838]  ? SyS_write+0x15e/0x230
[  535.520849]  SyS_clone+0x37/0x50
[  535.520855]  ? sys_vfork+0x30/0x30
[  535.520867]  do_syscall_64+0x1e8/0x640
[  535.520874]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  535.520891]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  535.520898] RIP: 0033:0x45a6f9
[  535.520903] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
23:25:22 executing program 0:

[  535.520912] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  535.520925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  535.520931] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  535.520936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  535.520942] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:22 executing program 1:
r0 = socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:22 executing program 2 (fault-call:0 fault-nth:68):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 5:
prctl$PR_SET_SECUREBITS(0x1c, 0x2)
socket$nl_crypto(0x10, 0x3, 0x15)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 0:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
preadv(r2, &(0x7f0000000140)=[{&(0x7f0000000080)=""/142, 0x8e}], 0x1, 0x5)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 4:
clone(0xa86b9364cc7ddb36, 0x0, 0x0, 0x0, 0x0)

[  535.807357] FAULT_INJECTION: forcing a failure.
[  535.807357] name failslab, interval 1, probability 0, space 0, times 0
[  535.868107] CPU: 0 PID: 28555 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  535.876176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  535.885769] Call Trace:
[  535.888369]  dump_stack+0x142/0x197
[  535.892009]  should_fail.cold+0x10f/0x159
[  535.892028]  should_failslab+0xdb/0x130
[  535.892039]  kmem_cache_alloc_trace+0x2e9/0x790
[  535.892045]  ? kmem_cache_alloc+0x611/0x780
[  535.892056]  ? retire_userns_sysctls+0x90/0x90
[  535.892074]  copy_pid_ns+0x1f5/0xa50
[  535.917612]  create_new_namespaces+0x267/0x720
[  535.922190]  copy_namespaces+0x284/0x310
[  535.926371]  copy_process.part.0+0x2603/0x6a70
[  535.930967]  ? proc_fail_nth_write+0x7d/0x180
[  535.935469]  ? proc_cwd_link+0x1b0/0x1b0
[  535.939531]  ? __cleanup_sighand+0x50/0x50
[  535.943894]  ? lock_downgrade+0x740/0x740
[  535.948056]  _do_fork+0x19e/0xce0
[  535.951506]  ? fork_idle+0x280/0x280
[  535.955246]  ? fput+0xd4/0x150
[  535.958430]  ? SyS_write+0x15e/0x230
[  535.962322]  SyS_clone+0x37/0x50
[  535.965678]  ? sys_vfork+0x30/0x30
[  535.969215]  do_syscall_64+0x1e8/0x640
[  535.973090]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  535.977924]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  535.983100] RIP: 0033:0x45a6f9
[  535.986273] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  535.993966] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  536.001221] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  536.008490] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:25:22 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x0, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:22 executing program 3:
clone(0xaca143237ca647e0, 0x0, 0x0, 0x0, 0x0)

23:25:22 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
ptrace$cont(0x1f, r0, 0x3, 0x105)

[  536.015762] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  536.023026] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  536.048835] QAT: Invalid ioctl
23:25:22 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x2000, 0x0)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4)

23:25:22 executing program 5:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r0, 0x40184152, &(0x7f00000001c0)={0x0, &(0x7f0000000180)=[&(0x7f0000000000)="8f4778351edec258d764398113bce484bd190d70d981fe10d9e96527752242393ab3e7f7813c41fa60d3bd4087aa3a5e7628ddc274caca2018f811756ef5b9387ef3f5b2fff1d0b6e75968c7388a6499fd01e32bd7068c0d38af4c709e8ce9de40a15221d0e2b9075d2f54bbf673638dc818cd7d7e5cda186fd0827d971558107d93fc3ca400a8c7c80ba38a187c", &(0x7f00000000c0)="9fa3b7091e1198fff9708a1f613d3dce8ca5435361c7e44c5b9370e2f12536a6fb0071c33742a86cb4f6a25a8a01543f9f51f3c99bd0a2f0caca7a6e80a35a64323c0f289c5208ba791883e498869050876d113dfe0d42aa095f924c32dab88e2adb564128d00879e0cd7e05cf361f451ec04165799b43a968465829e4a60e859da5c4551d"], 0x8})

23:25:22 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x7c, 0x40, 0x28})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = fcntl$getown(r0, 0x9)
r2 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x0, 0x100)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000240)={0x8001, {{0x2, 0x4e22, @multicast1}}, 0x1, 0xa, [{{0x2, 0x4e20, @remote}}, {{0x2, 0x4e20, @rand_addr=0x3}}, {{0x2, 0x4e23, @local}}, {{0x2, 0x4e24, @loopback}}, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x15}}}, {{0x2, 0x4e20, @remote}}, {{0x2, 0x4e20, @broadcast}}, {{0x2, 0x4e21, @empty}}, {{0x2, 0x4e21, @local}}, {{0x2, 0x4e23, @broadcast}}]}, 0x590)
ptrace$cont(0x18, r1, 0xfffffffffffff4b7, 0x4)

23:25:22 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x0, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:22 executing program 5:
clone(0xed16ab9202a7684d, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 2 (fault-call:0 fault-nth:69):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 3:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x134, 0x1000)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
mknod$loop(&(0x7f0000000000)='.//ile0\x00', 0x6000, 0x0)
r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
renameat(r3, &(0x7f0000000180)='.//ile0\x00', r3, &(0x7f00000007c0)='./file0/f.le.\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$sock_rose_SIOCADDRT(r2, 0x890b, &(0x7f00000003c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x1f, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={'nr', 0x0}, 0x3, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$setpipe(r4, 0x407, 0x0)
write(r4, &(0x7f0000000340), 0x41395527)
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
get_mempolicy(&(0x7f0000000240), &(0x7f00000002c0), 0xfffffffffffffc01, &(0x7f0000ffb000/0x2000)=nil, 0x4)
mount$bpf(0x20000000, &(0x7f0000000900)='./file0/file0\x00', 0x0, 0x2001001, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'batadv0\x00'})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000009c0)={{{@in6, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000440)=0xe8)
r13 = socket$nl_route(0x10, 0x3, 0x0)
r14 = socket$netlink(0x10, 0x3, 0x0)
r15 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r15, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r16}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r16, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r15, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000002e00070200"/20, @ANYRES32=r16, @ANYBLOB="ecff120000000000000000de"], 0x24}}, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x1fa, &(0x7f0000000000)={&(0x7f0000000b40)=@ipv6_delroute={0x0, 0x19, 0x442e2731351e2f0d, 0x70bd2d, 0x25dfdbff, {0xa, 0x20, 0x28, 0x17, 0xfe, 0x2, 0xff, 0x8, 0x800}, [@RTA_UID={0x0, 0x19, r12}, @RTA_OIF={0x0, 0x4, r16}, @RTA_ENCAP_TYPE, @RTA_GATEWAY={0x0, 0x5, @rand_addr="fd803468f02e2b6391edf8831222cd28"}, @RTA_EXPIRES={0x0, 0x17, 0xac}]}, 0xfffffffffffffeb2}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500"/20, @ANYRES32=r11, @ANYBLOB="00000e00ffffffff00000000080001006362710018040200040406000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000500060000000000000005000000"], 0x444}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000002e00070200"/20, @ANYRES32=r11, @ANYBLOB="ecff120000000000000000de"], 0x24}}, 0x0)
bind$packet(r6, &(0x7f0000000100)={0x11, 0x10, r11, 0x1, 0x1}, 0x14)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2000000011000cfd000000000026df311347a765", @ANYRES32=r17, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
socket$key(0xf, 0x3, 0x2)
preadv(0xffffffffffffffff, 0x0, 0xc40c94d75fb102d0, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4)
pivot_root(&(0x7f0000000380)='./file0\x00', &(0x7f0000000340)='./file0\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x0, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:23 executing program 0:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
preadv(r2, &(0x7f0000000140)=[{&(0x7f0000000080)=""/142, 0x8e}], 0x1, 0x5)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  536.569761] FAULT_INJECTION: forcing a failure.
[  536.569761] name failslab, interval 1, probability 0, space 0, times 0
[  536.611885] CPU: 1 PID: 28630 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  536.619824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  536.622307] QAT: Invalid ioctl
[  536.629184] Call Trace:
[  536.629205]  dump_stack+0x142/0x197
[  536.629223]  should_fail.cold+0x10f/0x159
[  536.629240]  should_failslab+0xdb/0x130
[  536.629252]  kmem_cache_alloc+0x2d7/0x780
[  536.646793]  ? lockdep_init_map+0x9/0x10
[  536.646804]  ? copy_pid_ns+0x4f/0xa50
[  536.646819]  alloc_pid+0x5d/0xc70
[  536.655051]  ? do_arch_prctl_64+0x1a0/0x560
[  536.655064]  ? copy_thread_tls+0x4cd/0x7a0
[  536.655080]  copy_process.part.0+0x272f/0x6a70
[  536.655097]  ? proc_fail_nth_write+0x7d/0x180
[  536.679940]  ? proc_cwd_link+0x1b0/0x1b0
[  536.684000]  ? __cleanup_sighand+0x50/0x50
[  536.688223]  ? lock_downgrade+0x740/0x740
[  536.692362]  _do_fork+0x19e/0xce0
[  536.695805]  ? fork_idle+0x280/0x280
[  536.699505]  ? fput+0xd4/0x150
[  536.702679]  ? SyS_write+0x15e/0x230
[  536.706377]  SyS_clone+0x37/0x50
[  536.709725]  ? sys_vfork+0x30/0x30
[  536.713253]  do_syscall_64+0x1e8/0x640
[  536.717125]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  536.721959]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  536.727169] RIP: 0033:0x45a6f9
[  536.730341] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  536.738045] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  536.745301] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  536.752560] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
23:25:23 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r0, r0, &(0x7f0000000240), 0x7fff)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r1, &(0x7f00000000c0)="e8", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r3=>0x0]}, &(0x7f000095dffc)=0x8)
msgget$private(0x0, 0x40)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={r3}, &(0x7f0000000000)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000280)={<r4=>r3, 0x80, 0x20}, &(0x7f0000000300)=0xc)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000600)=@assoc_value={r4, 0x8}, &(0x7f0000000640)=0x8)
ioctl$NBD_CLEAR_QUE(r0, 0xab05)
syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f0000000080)='./bus\x00', 0x7fffffff, 0x5, &(0x7f0000000380)=[{&(0x7f00000000c0)="2d5d96918a47f89a7c208bf80255b7668a9bfce21833c9fb664dce0e2c095277cedb49ea37ebb5ce0cab7e372dda081dd49ae11bf1d9538c9dcc20dd22f1af14fda8faf0f06f34283913a29bb219fb543e625a0c247a7a8eb1ac604694d4fe433f8733e183f4d4c57c7e11f27cc3ee3ac15468aaaf9e74425a480bc825b2b36d08de9955a245d37174141dac4d3b3b7048517218db6ec919c7dbde161726c6e42f8e18b3bc2813be2db3622c6a9bb3fe526e3d957868", 0xb6}, {&(0x7f0000000180)="bf43de7a2d04de2a9090a8a88a533dffc59c51b02e2c798c7c0f7e9b6c9cd1d3ca5e1662fb73b01f1c4c349625630067097986e4996d9d6c8af339899baeccacfb0520c9e2523210", 0x48, 0x1}, {&(0x7f0000000200)="fdb978cb726987dc62c5d62dc466971ca0ad75b89621c550e8c21ec2151195c8b996b07c71e6ca9a8c4b8c5dde89937fff27", 0x32, 0x1}, {&(0x7f0000000500)="3190b75e0a86a4040000000000000000da64b0e25d58577800000000003daa12ff30a33a868d8295beeef40187418ed629d7aa6aa16441c633c1cc4697b002cfba9591659255578072d6fa7d82b9bad9e6bb6273bab2eb0375780a04a78adea69e12a78352d0f8f92318d9576f492695ba9c5917017f2019f73fab8f4389c8dd2b0dd23accc700ff32fadc71396736b9274c859e6d1f844b9135a0fe50549dc1a211cbe5234f0e6f5e0cdb43c8ab5e3f8d875ce07e38bc8f315a0ba40c8b9a4c0aabddfc59da2b6f95cf5deacca0463a3a42095deabac100"/237, 0xed, 0x6a6}, {&(0x7f00000002c0)="f446a7b0aa61126cedfdb8d3f6df830d95f07dffcd727e78f3efe757708917cc63", 0x21, 0x7}], 0x10000, &(0x7f0000000400)={[{@expose_privroot='expose_privroot'}, {@commit={'commit', 0x3d, 0x7}}, {@jqfmt_vfsold='jqfmt=vfsold'}, {@data_ordered='data=ordered'}, {@hash_rupasov='hash=rupasov'}, {@data_journal='data=journal'}, {@user_xattr='user_xattr'}, {@noacl='noacl'}, {@data_writeback='data=writeback'}, {@commit={'commit', 0x3d, 0x6}}], [{@obj_role={'obj_role', 0x3d, '^)'}}, {@seclabel='seclabel'}, {@dont_appraise='dont_appraise'}, {@func={'func', 0x3d, 'FILE_MMAP'}}]})

[  536.759824] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  536.767111] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  536.797744] overlayfs: filesystem on './file0' not supported as upperdir
23:25:23 executing program 1:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:23 executing program 4:
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000540)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x800)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000080)=""/87, 0x57, 0x4, &(0x7f0000000100))
syz_open_pts(r1, 0x280000)
getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000000), &(0x7f00000005c0)=0x4)

23:25:23 executing program 0:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
preadv(r2, &(0x7f0000000140)=[{&(0x7f0000000080)=""/142, 0x8e}], 0x1, 0x5)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 3:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x6, &(0x7f0000027000)={0x1})
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {<r1=>0x0}, {}]})
ioctl$DRM_IOCTL_RM_CTX(r0, 0xc0086421, &(0x7f0000000080)={r1, 0x3})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 1:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  537.076555] QAT: Invalid ioctl
23:25:23 executing program 2 (fault-call:0 fault-nth:70):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
mknod$loop(&(0x7f0000000000)='.//ile0\x00', 0x6000, 0x0)
r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
renameat(r3, &(0x7f0000000180)='.//ile0\x00', r3, &(0x7f00000007c0)='./file0/f.le.\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:23 executing program 5:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})
r4 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f0000000380)={0xffff8001, 0x0, [], {0x0, @bt={0x1, 0x9, 0x0, 0x1, 0x2, 0x4, 0x8, 0x800, 0x8, 0x6, 0x3, 0xff, 0x7, 0x10001, 0xe, 0x9}}})

23:25:23 executing program 1:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:23 executing program 4:

23:25:23 executing program 3:
clone(0x81000, 0x0, 0x0, 0x0, 0x0)

23:25:24 executing program 4:
clone(0x54051800, 0x0, 0x0, 0x0, 0x0)

[  537.314682] FAULT_INJECTION: forcing a failure.
[  537.314682] name failslab, interval 1, probability 0, space 0, times 0
23:25:24 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:24 executing program 3:
clone(0x108c9000, 0x0, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x400000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$BLKRAGET(r2, 0x1263, &(0x7f00000000c0))
sendfile(r1, r1, &(0x7f0000000240), 0x7fff)
ioctl$SNDRV_PCM_IOCTL_LINK(r1, 0x40044160, &(0x7f0000000080)=0x7)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_ASSIGN_DEV_IRQ(r3, 0x4040ae70, &(0x7f0000000040)={0x8cf5, 0x17, 0x5, 0x801})

[  537.384753] CPU: 0 PID: 28688 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  537.392702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  537.402067] Call Trace:
[  537.404670]  dump_stack+0x142/0x197
[  537.408314]  should_fail.cold+0x10f/0x159
[  537.412483]  should_failslab+0xdb/0x130
[  537.416467]  kmem_cache_alloc+0x2d7/0x780
[  537.420640]  ? check_preemption_disabled+0x3c/0x250
[  537.425668]  alloc_vfsmnt+0x28/0x7d0
[  537.429394]  vfs_kern_mount.part.0+0x2a/0x3d0
[  537.433902]  ? rcu_read_lock_sched_held+0x110/0x130
[  537.438940]  kern_mount_data+0x56/0xc0
[  537.443036]  pid_ns_prepare_proc+0x1e/0x90
[  537.447286]  alloc_pid+0x9f0/0xc70
[  537.450839]  copy_process.part.0+0x272f/0x6a70
[  537.455610]  ? proc_fail_nth_write+0x7d/0x180
[  537.460113]  ? proc_cwd_link+0x1b0/0x1b0
[  537.464202]  ? __cleanup_sighand+0x50/0x50
[  537.468442]  ? lock_downgrade+0x740/0x740
[  537.472598]  _do_fork+0x19e/0xce0
[  537.476077]  ? fork_idle+0x280/0x280
[  537.479817]  ? fput+0xd4/0x150
[  537.483020]  ? SyS_write+0x15e/0x230
[  537.486741]  SyS_clone+0x37/0x50
[  537.490111]  ? sys_vfork+0x30/0x30
[  537.493658]  do_syscall_64+0x1e8/0x640
[  537.497560]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  537.502412]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  537.507617] RIP: 0033:0x45a6f9
[  537.510804] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  537.518519] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  537.525798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:25:24 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
mknod$loop(&(0x7f0000000000)='.//ile0\x00', 0x6000, 0x0)
r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
renameat(r3, &(0x7f0000000180)='.//ile0\x00', r3, &(0x7f00000007c0)='./file0/f.le.\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  537.533077] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  537.540362] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  537.547664] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  537.557967] audit: type=1804 audit(1575674724.246:113): pid=28682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir290644921/syzkaller.3X6sTI/310/bus" dev="sda1" ino=16945 res=1
23:25:24 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
mknod$loop(&(0x7f0000000000)='.//ile0\x00', 0x6000, 0x0)
r3 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
renameat(r3, &(0x7f0000000180)='.//ile0\x00', r3, &(0x7f00000007c0)='./file0/f.le.\x00')
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  537.673174] audit: type=1804 audit(1575674724.286:114): pid=28682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir290644921/syzkaller.3X6sTI/310/bus" dev="sda1" ino=16945 res=1
23:25:24 executing program 4:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000080)=0xc)
setgroups(0x1, &(0x7f00000002c0)=[r1])
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000080)=0xc)
setgroups(0x1, &(0x7f00000002c0)=[r3])
setregid(r1, r3)

23:25:24 executing program 2 (fault-call:0 fault-nth:71):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:24 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  537.920021] FAULT_INJECTION: forcing a failure.
[  537.920021] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  537.963147] CPU: 1 PID: 28730 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  537.971083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  537.980447] Call Trace:
[  537.983075]  dump_stack+0x142/0x197
[  537.986722]  should_fail.cold+0x10f/0x159
[  537.990892]  ? __might_sleep+0x93/0xb0
[  537.994804]  __alloc_pages_nodemask+0x1d6/0x7a0
[  537.999488]  ? __alloc_pages_slowpath+0x2930/0x2930
[  538.004543]  alloc_pages_current+0xec/0x1e0
[  538.008876]  __get_free_pages+0xf/0x40
[  538.012808]  get_zeroed_page+0x11/0x20
[  538.016704]  mount_fs+0x1cc/0x2a1
[  538.020168]  vfs_kern_mount.part.0+0x5e/0x3d0
[  538.024944]  ? rcu_read_lock_sched_held+0x110/0x130
[  538.029972]  kern_mount_data+0x56/0xc0
[  538.033873]  pid_ns_prepare_proc+0x1e/0x90
[  538.038118]  alloc_pid+0x9f0/0xc70
[  538.041675]  copy_process.part.0+0x272f/0x6a70
[  538.046260]  ? proc_fail_nth_write+0x7d/0x180
[  538.050831]  ? proc_cwd_link+0x1b0/0x1b0
[  538.054907]  ? __cleanup_sighand+0x50/0x50
[  538.059153]  ? lock_downgrade+0x740/0x740
[  538.063313]  _do_fork+0x19e/0xce0
[  538.066779]  ? fork_idle+0x280/0x280
[  538.070507]  ? fput+0xd4/0x150
[  538.073700]  ? SyS_write+0x15e/0x230
[  538.077408]  SyS_clone+0x37/0x50
[  538.080771]  ? sys_vfork+0x30/0x30
[  538.084316]  do_syscall_64+0x1e8/0x640
[  538.088202]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  538.093078]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  538.098286] RIP: 0033:0x45a6f9
[  538.101491] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  538.109206] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  538.116479] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
23:25:24 executing program 5:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})
r4 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f0000000380)={0xffff8001, 0x0, [], {0x0, @bt={0x1, 0x9, 0x0, 0x1, 0x2, 0x4, 0x8, 0x800, 0x8, 0x6, 0x3, 0xff, 0x7, 0x10001, 0xe, 0x9}}})

23:25:24 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x20001, 0x0)
mq_timedsend(r0, &(0x7f0000000040)="94af91cc28010af066896f1128a0241f25bc4c71aaa4fed26c1a64b25f3eb1ba107fa405a32781ebce", 0x29, 0xffffffff, &(0x7f0000000080)={0x77359400})

23:25:24 executing program 4:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x72a00, 0x0)
ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000040)={0x0, 0x0, @ioapic})
clone(0x4000000, 0x0, 0x0, 0x0, 0x0)

23:25:24 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x1000080002, 0x0)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:24 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
mknod$loop(&(0x7f0000000000)='.//ile0\x00', 0x6000, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  538.123839] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  538.131114] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  538.138396] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:24 executing program 3:
clone(0x9010b00, 0x0, 0x0, 0x0, 0x0)

23:25:24 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:24 executing program 4:
clone(0x787467fadfb9d9c, 0x0, 0x0, 0x0, 0x0)

23:25:24 executing program 4:
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x400, 0x0)
ioctl$NBD_SET_BLKSIZE(r0, 0xab01, 0x1e)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:24 executing program 2 (fault-call:0 fault-nth:72):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:25 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000040)={0x0, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x14}}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e20, @rand_addr=0x217}, 0x210, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x6})
r0 = semget(0x3, 0xae942043ba6721a6, 0x20)
semctl$GETNCNT(r0, 0x1, 0xe, &(0x7f00000000c0)=""/239)

[  538.325236] FAULT_INJECTION: forcing a failure.
[  538.325236] name fail_page_alloc, interval 1, probability 0, space 0, times 0
23:25:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
mknod$loop(&(0x7f0000000000)='.//ile0\x00', 0x6000, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  538.378552] CPU: 1 PID: 28764 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  538.386491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  538.395855] Call Trace:
[  538.398469]  dump_stack+0x142/0x197
[  538.402118]  should_fail.cold+0x10f/0x159
[  538.406279]  ? __might_sleep+0x93/0xb0
[  538.410182]  __alloc_pages_nodemask+0x1d6/0x7a0
[  538.414866]  ? __alloc_pages_slowpath+0x2930/0x2930
[  538.419919]  alloc_pages_current+0xec/0x1e0
[  538.424339]  __get_free_pages+0xf/0x40
[  538.428234]  get_zeroed_page+0x11/0x20
[  538.432125]  mount_fs+0x1cc/0x2a1
[  538.435585]  vfs_kern_mount.part.0+0x5e/0x3d0
[  538.440089]  ? rcu_read_lock_sched_held+0x110/0x130
[  538.445119]  kern_mount_data+0x56/0xc0
[  538.449039]  pid_ns_prepare_proc+0x1e/0x90
[  538.453284]  alloc_pid+0x9f0/0xc70
[  538.456844]  copy_process.part.0+0x272f/0x6a70
[  538.461469]  ? proc_fail_nth_write+0x7d/0x180
[  538.465974]  ? proc_cwd_link+0x1b0/0x1b0
[  538.470056]  ? __cleanup_sighand+0x50/0x50
[  538.474298]  ? lock_downgrade+0x740/0x740
[  538.478458]  _do_fork+0x19e/0xce0
[  538.481911]  ? fork_idle+0x280/0x280
[  538.485672]  ? fput+0xd4/0x150
[  538.488869]  ? SyS_write+0x15e/0x230
[  538.492584]  SyS_clone+0x37/0x50
[  538.495978]  ? sys_vfork+0x30/0x30
[  538.499520]  do_syscall_64+0x1e8/0x640
[  538.503475]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  538.508334]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  538.513535] RIP: 0033:0x45a6f9
[  538.516762] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  538.524574] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  538.531854] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  538.539215] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  538.546492] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  538.553763] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:25 executing program 4:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})
r4 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f0000000380)={0xffff8001, 0x0, [], {0x0, @bt={0x1, 0x9, 0x0, 0x1, 0x2, 0x4, 0x8, 0x800, 0x8, 0x6, 0x3, 0xff, 0x7, 0x10001, 0xe, 0x9}}})

23:25:25 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x40000, 0x0)

23:25:25 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:25 executing program 2 (fault-call:0 fault-nth:73):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:25 executing program 5:
clone(0x91c2b1c2e640490f, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r0)
accept4$x25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x12, 0x80000)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100)='devlink\x00')
sendmsg$DEVLINK_CMD_PORT_SET(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xa4, r2, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [{{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0x4, 0x1}}, {{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8, 0x4, 0x2}}, {{@nsim={{0x10, 0x1, 'netdevsim\x00'}, {0x10, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0x4, 0x2}}]}, 0xa4}, 0x1, 0x0, 0x0, 0xd20aadafe99e0cbd}, 0x0)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x246800, 0x0)
setsockopt$sock_void(r3, 0x1, 0x24, 0x0, 0x0)

23:25:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1'])
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:25 executing program 3:
clone(0xa000c000, 0x0, 0x0, 0x0, 0x0)

23:25:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  539.054687] FAULT_INJECTION: forcing a failure.
[  539.054687] name failslab, interval 1, probability 0, space 0, times 0
[  539.108267] CPU: 1 PID: 28800 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  539.116214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  539.125604] Call Trace:
[  539.128206]  dump_stack+0x142/0x197
[  539.131858]  should_fail.cold+0x10f/0x159
[  539.136021]  should_failslab+0xdb/0x130
[  539.140004]  kmem_cache_alloc_trace+0x2e9/0x790
[  539.144682]  ? lock_downgrade+0x740/0x740
[  539.148847]  ? trace_hardirqs_on_caller+0x400/0x590
[  539.153871]  ? do_raw_spin_unlock+0x16b/0x260
[  539.158379]  sget_userns+0xfe/0xc30
[  539.162005]  ? set_anon_super+0x20/0x20
[  539.166114]  ? get_empty_filp.cold+0x3b/0x3b
[  539.170551]  mount_ns+0x6d/0x190
[  539.173926]  ? proc_get_inode+0x620/0x620
[  539.178092]  proc_mount+0x6a/0xa0
[  539.181582]  mount_fs+0x97/0x2a1
[  539.184959]  vfs_kern_mount.part.0+0x5e/0x3d0
[  539.189495]  ? rcu_read_lock_sched_held+0x110/0x130
[  539.194607]  kern_mount_data+0x56/0xc0
[  539.198496]  pid_ns_prepare_proc+0x1e/0x90
[  539.202730]  alloc_pid+0x9f0/0xc70
[  539.206287]  copy_process.part.0+0x272f/0x6a70
[  539.210943]  ? proc_fail_nth_write+0x7d/0x180
[  539.215448]  ? proc_cwd_link+0x1b0/0x1b0
[  539.219530]  ? __cleanup_sighand+0x50/0x50
[  539.223774]  ? lock_downgrade+0x740/0x740
[  539.227930]  _do_fork+0x19e/0xce0
[  539.231505]  ? fork_idle+0x280/0x280
[  539.235241]  ? fput+0xd4/0x150
[  539.238449]  ? SyS_write+0x15e/0x230
[  539.242177]  SyS_clone+0x37/0x50
[  539.246338]  ? sys_vfork+0x30/0x30
[  539.249893]  do_syscall_64+0x1e8/0x640
[  539.253790]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  539.258655]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  539.263849] RIP: 0033:0x45a6f9
[  539.267027] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  539.274736] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  539.282013] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  539.289346] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  539.296627] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
23:25:26 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  539.303899] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:26 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:26 executing program 2 (fault-call:0 fault-nth:74):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:26 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  539.471541] IPVS: ftp: loaded support on port[0] = 21
[  539.503193] FAULT_INJECTION: forcing a failure.
[  539.503193] name failslab, interval 1, probability 0, space 0, times 0
[  539.518948] CPU: 1 PID: 28827 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  539.526877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  539.536248] Call Trace:
[  539.538863]  dump_stack+0x142/0x197
[  539.542511]  should_fail.cold+0x10f/0x159
[  539.546677]  should_failslab+0xdb/0x130
[  539.550662]  kmem_cache_alloc_trace+0x2e9/0x790
[  539.555341]  ? rcu_lockdep_current_cpu_online+0xf2/0x140
[  539.560821]  ? sget_userns+0xfe/0xc30
[  539.564633]  ? rcu_read_lock_sched_held+0x110/0x130
[  539.569663]  selinux_sb_alloc_security+0x46/0x220
[  539.574512]  security_sb_alloc+0x6d/0xa0
[  539.578681]  sget_userns+0x196/0xc30
[  539.582391]  ? set_anon_super+0x20/0x20
[  539.586381]  ? get_empty_filp.cold+0x3b/0x3b
[  539.590799]  mount_ns+0x6d/0x190
[  539.594173]  ? proc_get_inode+0x620/0x620
[  539.598332]  proc_mount+0x6a/0xa0
[  539.601795]  mount_fs+0x97/0x2a1
[  539.605169]  vfs_kern_mount.part.0+0x5e/0x3d0
[  539.605181]  ? rcu_read_lock_sched_held+0x110/0x130
[  539.605193]  kern_mount_data+0x56/0xc0
[  539.605208]  pid_ns_prepare_proc+0x1e/0x90
[  539.605219]  alloc_pid+0x9f0/0xc70
[  539.605237]  copy_process.part.0+0x272f/0x6a70
[  539.631363]  ? proc_fail_nth_write+0x7d/0x180
[  539.635874]  ? proc_cwd_link+0x1b0/0x1b0
[  539.639992]  ? __cleanup_sighand+0x50/0x50
[  539.644245]  ? lock_downgrade+0x740/0x740
[  539.648412]  _do_fork+0x19e/0xce0
[  539.651875]  ? fork_idle+0x280/0x280
[  539.655587]  ? fput+0xd4/0x150
[  539.658785]  ? SyS_write+0x15e/0x230
[  539.662512]  SyS_clone+0x37/0x50
[  539.665879]  ? sys_vfork+0x30/0x30
[  539.669446]  do_syscall_64+0x1e8/0x640
[  539.673336]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  539.678168]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  539.683340] RIP: 0033:0x45a6f9
[  539.686512] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  539.694221] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  539.701488] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  539.708754] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  539.716639] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  539.723894] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:26 executing program 4:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})
r4 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f0000000380)={0xffff8001, 0x0, [], {0x0, @bt={0x1, 0x9, 0x0, 0x1, 0x2, 0x4, 0x8, 0x800, 0x8, 0x6, 0x3, 0xff, 0x7, 0x10001, 0xe, 0x9}}})

23:25:27 executing program 5 (fault-call:3 fault-nth:0):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:27 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:27 executing program 2 (fault-call:0 fault-nth:75):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:27 executing program 3:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fchmod(r0, 0x3f0)
ioctl$TCFLSH(r1, 0x540b, 0xffffffffffffffff)
clone(0x4a041000, 0x0, 0x0, 0x0, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x8)
ioctl$sock_inet_SIOCGARP(r2, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$NBD_SET_TIMEOUT(r0, 0xab09, 0x200)
ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000040))

23:25:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r1, r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:27 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  540.470977] FAULT_INJECTION: forcing a failure.
[  540.470977] name failslab, interval 1, probability 0, space 0, times 0
[  540.545282] CPU: 1 PID: 28854 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  540.553217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  540.557124] FAULT_INJECTION: forcing a failure.
[  540.557124] name failslab, interval 1, probability 0, space 0, times 0
[  540.562571] Call Trace:
[  540.562631]  dump_stack+0x142/0x197
[  540.562656]  should_fail.cold+0x10f/0x159
[  540.562672]  should_failslab+0xdb/0x130
[  540.562681]  __kmalloc+0x2f0/0x7a0
[  540.562702]  ? __list_lru_init+0x6b/0x660
[  540.595883]  __list_lru_init+0x6b/0x660
[  540.599885]  sget_userns+0x4e0/0xc30
[  540.603608]  ? set_anon_super+0x20/0x20
[  540.607598]  ? get_empty_filp.cold+0x3b/0x3b
[  540.612000]  mount_ns+0x6d/0x190
[  540.615357]  ? proc_get_inode+0x620/0x620
[  540.619496]  proc_mount+0x6a/0xa0
[  540.622939]  mount_fs+0x97/0x2a1
[  540.626294]  vfs_kern_mount.part.0+0x5e/0x3d0
[  540.630775]  ? rcu_read_lock_sched_held+0x110/0x130
[  540.635775]  kern_mount_data+0x56/0xc0
[  540.639648]  pid_ns_prepare_proc+0x1e/0x90
[  540.643877]  alloc_pid+0x9f0/0xc70
[  540.647422]  copy_process.part.0+0x272f/0x6a70
[  540.651995]  ? proc_fail_nth_write+0x7d/0x180
[  540.656475]  ? proc_cwd_link+0x1b0/0x1b0
[  540.660526]  ? __cleanup_sighand+0x50/0x50
[  540.664767]  ? lock_downgrade+0x740/0x740
[  540.668901]  _do_fork+0x19e/0xce0
[  540.672339]  ? fork_idle+0x280/0x280
[  540.676036]  ? fput+0xd4/0x150
[  540.679222]  ? SyS_write+0x15e/0x230
[  540.682920]  SyS_clone+0x37/0x50
[  540.686283]  ? sys_vfork+0x30/0x30
[  540.689847]  do_syscall_64+0x1e8/0x640
[  540.693728]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  540.698578]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  540.703872] RIP: 0033:0x45a6f9
[  540.707069] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  540.714781] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  540.722040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  540.729295] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  540.736549] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
23:25:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r1, r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  540.743805] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r1, r0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  540.823717] CPU: 0 PID: 28859 Comm: syz-executor.5 Not tainted 4.14.158-syzkaller #0
[  540.831769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  540.841137] Call Trace:
[  540.843751]  dump_stack+0x142/0x197
[  540.847407]  should_fail.cold+0x10f/0x159
[  540.851566]  should_failslab+0xdb/0x130
[  540.855547]  __kmalloc_track_caller+0x2ec/0x790
[  540.860222]  ? do_get_msr+0x100/0x100
[  540.864025]  ? msr_io+0xba/0x210
[  540.867402]  memdup_user+0x26/0xa0
23:25:27 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200)
ioctl$USBDEVFS_RESET(r0, 0x5514)

23:25:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  540.870946]  ? do_get_msr+0x100/0x100
[  540.874749]  msr_io+0xba/0x210
[  540.877954]  ? lock_acquire+0x16f/0x430
[  540.881936]  ? kvm_get_msr_common+0x1130/0x1130
[  540.886612]  kvm_arch_vcpu_ioctl+0xc8f/0x32e0
[  540.891113]  ? kvm_arch_vcpu_ioctl+0xc41/0x32e0
[  540.895791]  ? kvm_arch_vcpu_put+0x3f0/0x3f0
[  540.900213]  ? lock_acquire+0x16f/0x430
[  540.904195]  ? vcpu_load+0x1e/0x90
[  540.907743]  ? vcpu_load+0x1e/0x90
[  540.911292]  ? vmx_vcpu_load+0x945/0xde0
[  540.915364]  ? __mutex_lock+0x36a/0x1470
[  540.919440]  ? handle_ept_violation+0x440/0x440
[  540.924122]  ? lock_downgrade+0x740/0x740
[  540.928276]  ? mutex_trylock+0x1c0/0x1c0
[  540.932345]  ? get_pid_task+0x98/0x140
[  540.936240]  ? find_held_lock+0x35/0x130
[  540.940306]  ? get_pid_task+0x98/0x140
[  540.944209]  ? kvm_arch_vcpu_load+0x419/0x750
[  540.948714]  kvm_vcpu_ioctl+0x80d/0xd10
[  540.952689]  ? kvm_vcpu_block+0xbb0/0xbb0
[  540.952705]  ? trace_hardirqs_on+0x10/0x10
[  540.961068]  ? __f_unlock_pos+0x19/0x20
[  540.961081]  ? save_trace+0x290/0x290
[  540.961091]  ? __f_unlock_pos+0x19/0x20
[  540.961101]  ? __fget+0x210/0x370
[  540.961109]  ? find_held_lock+0x35/0x130
[  540.961117]  ? __fget+0x210/0x370
[  540.961129]  ? kvm_vcpu_block+0xbb0/0xbb0
[  540.961138]  do_vfs_ioctl+0x7ae/0x1060
[  540.961150]  ? selinux_file_mprotect+0x5d0/0x5d0
[  540.961157]  ? lock_downgrade+0x740/0x740
[  540.961166]  ? ioctl_preallocate+0x1c0/0x1c0
[  540.961177]  ? __fget+0x237/0x370
[  540.961192]  ? security_file_ioctl+0x89/0xb0
[  541.013145]  SyS_ioctl+0x8f/0xc0
[  541.016501]  ? do_vfs_ioctl+0x1060/0x1060
[  541.020667]  do_syscall_64+0x1e8/0x640
[  541.024539]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  541.029370]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  541.034544] RIP: 0033:0x45a6f9
[  541.037727] RSP: 002b:00007f5d4120ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  541.045419] RAX: ffffffffffffffda RBX: 00007f5d4120ec90 RCX: 000000000045a6f9
[  541.052687] RDX: 00000000200000c0 RSI: 000000004008ae89 RDI: 0000000000000005
[  541.059941] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  541.067196] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5d4120f6d4
23:25:27 executing program 4:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})
r4 = syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x1, 0x2)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r4, 0xc0945662, &(0x7f0000000380)={0xffff8001, 0x0, [], {0x0, @bt={0x1, 0x9, 0x0, 0x1, 0x2, 0x4, 0x8, 0x800, 0x8, 0x6, 0x3, 0xff, 0x7, 0x10001, 0xe, 0x9}}})

[  541.074450] R13: 00000000004c3b39 R14: 00000000004d90b0 R15: 0000000000000006
23:25:27 executing program 5 (fault-call:3 fault-nth:1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:27 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:27 executing program 2 (fault-call:0 fault-nth:76):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:27 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000600)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5e]})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r10 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nvram\x00', 0xc2000, 0x0)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
poll(&(0x7f0000000080)=[{r3, 0x316}, {r4, 0x20}, {r7, 0x88}, {r0, 0xd4917099e4652f5b}, {r9, 0x4404}, {r10, 0x1001}, {r0, 0x315a7a517afde0e3}, {r12, 0x240}, {r0, 0xd084}], 0x9, 0x6)
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xdfd27)

23:25:27 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:27 executing program 3:
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x480800, 0x0)
accept4$unix(r0, &(0x7f0000000180), &(0x7f0000000000)=0x18, 0x4b4c52a0d3a721b0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000100)=0x1, 0x4)

23:25:27 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r3, 0x7, &(0x7f0000027000)={0x1})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000080)={@local, 0x20, 0x2a5040ebfdd3a5e6, 0x1, 0x3, 0x5, 0x1}, 0x20)
r4 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x5c9003, 0x0)
ioctl$USBDEVFS_RESETEP(r4, 0x80045503, &(0x7f0000000040)={0x7, 0x1})
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

23:25:28 executing program 0:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  541.328455] FAULT_INJECTION: forcing a failure.
[  541.328455] name failslab, interval 1, probability 0, space 0, times 0
[  541.417277] CPU: 1 PID: 28918 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  541.425218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  541.434571] Call Trace:
[  541.437184]  dump_stack+0x142/0x197
[  541.440811]  should_fail.cold+0x10f/0x159
[  541.444964]  should_failslab+0xdb/0x130
[  541.448941]  __kmalloc+0x2f0/0x7a0
[  541.452489]  ? __list_lru_init+0x6b/0x660
[  541.456632]  __list_lru_init+0x6b/0x660
[  541.460689]  sget_userns+0x500/0xc30
[  541.464399]  ? set_anon_super+0x20/0x20
[  541.468378]  ? get_empty_filp.cold+0x3b/0x3b
[  541.472783]  mount_ns+0x6d/0x190
[  541.476151]  ? proc_get_inode+0x620/0x620
[  541.480289]  proc_mount+0x6a/0xa0
[  541.483729]  mount_fs+0x97/0x2a1
[  541.487084]  vfs_kern_mount.part.0+0x5e/0x3d0
[  541.491744]  ? rcu_read_lock_sched_held+0x110/0x130
[  541.496745]  kern_mount_data+0x56/0xc0
[  541.500629]  pid_ns_prepare_proc+0x1e/0x90
[  541.504847]  alloc_pid+0x9f0/0xc70
[  541.508375]  copy_process.part.0+0x272f/0x6a70
[  541.512949]  ? proc_fail_nth_write+0x7d/0x180
[  541.517431]  ? proc_cwd_link+0x1b0/0x1b0
[  541.521489]  ? __cleanup_sighand+0x50/0x50
[  541.525710]  ? lock_downgrade+0x740/0x740
[  541.529846]  _do_fork+0x19e/0xce0
[  541.533285]  ? fork_idle+0x280/0x280
[  541.536984]  ? fput+0xd4/0x150
[  541.540160]  ? SyS_write+0x15e/0x230
[  541.543859]  SyS_clone+0x37/0x50
[  541.547206]  ? sys_vfork+0x30/0x30
[  541.550730]  do_syscall_64+0x1e8/0x640
[  541.554614]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  541.559445]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  541.564618] RIP: 0033:0x45a6f9
[  541.567791] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  541.575492] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  541.582744] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  541.589997] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  541.597341] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  541.604785] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:28 executing program 4:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})
syz_open_dev$cec(&(0x7f0000000300)='/dev/cec#\x00', 0x1, 0x2)

23:25:28 executing program 3:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x20000, 0x0)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040))
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:28 executing program 0:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:28 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0xa)

23:25:28 executing program 2 (fault-call:0 fault-nth:77):
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:28 executing program 0:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  542.045993] QAT: Invalid ioctl
[  542.059727] FAULT_INJECTION: forcing a failure.
[  542.059727] name failslab, interval 1, probability 0, space 0, times 0
[  542.078080] QAT: Invalid ioctl
[  542.113930] CPU: 0 PID: 28951 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  542.121876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  542.131237] Call Trace:
[  542.133833]  dump_stack+0x142/0x197
[  542.137472]  should_fail.cold+0x10f/0x159
[  542.141625]  should_failslab+0xdb/0x130
[  542.145603]  __kmalloc+0x2f0/0x7a0
[  542.149150]  ? lock_downgrade+0x740/0x740
[  542.153295]  ? register_shrinker+0xbd/0x220
[  542.157617]  register_shrinker+0xbd/0x220
[  542.161793]  sget_userns+0x9bf/0xc30
[  542.165506]  ? set_anon_super+0x20/0x20
[  542.169483]  ? get_empty_filp.cold+0x3b/0x3b
[  542.173891]  mount_ns+0x6d/0x190
[  542.177251]  ? proc_get_inode+0x620/0x620
[  542.181394]  proc_mount+0x6a/0xa0
[  542.184849]  mount_fs+0x97/0x2a1
[  542.188218]  vfs_kern_mount.part.0+0x5e/0x3d0
[  542.192730]  ? rcu_read_lock_sched_held+0x110/0x130
[  542.197745]  kern_mount_data+0x56/0xc0
[  542.201640]  pid_ns_prepare_proc+0x1e/0x90
[  542.205901]  alloc_pid+0x9f0/0xc70
[  542.209455]  copy_process.part.0+0x272f/0x6a70
[  542.214054]  ? proc_fail_nth_write+0x7d/0x180
[  542.218548]  ? proc_cwd_link+0x1b0/0x1b0
[  542.222638]  ? __cleanup_sighand+0x50/0x50
[  542.226871]  ? lock_downgrade+0x740/0x740
[  542.231031]  _do_fork+0x19e/0xce0
[  542.234487]  ? fork_idle+0x280/0x280
[  542.238201]  ? fput+0xd4/0x150
[  542.241390]  ? SyS_write+0x15e/0x230
[  542.245108]  SyS_clone+0x37/0x50
[  542.248469]  ? sys_vfork+0x30/0x30
[  542.252011]  do_syscall_64+0x1e8/0x640
[  542.255897]  ? trace_hardirqs_off_thunk+0x1a/0x1c
23:25:29 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:29 executing program 3:
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x6857b21ff1155d90)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
bind$isdn_base(r1, &(0x7f0000000080)={0x22, 0x7, 0x2, 0x6, 0xef}, 0x6)
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000000)={0x4, 0xa, 0x4, 0x800, {0x77359400}, {0x5, 0x8, 0xff, 0xf5, 0x80, 0xc2, "3c814c87"}, 0x6, 0x0, @userptr=0x2, 0x4})
membarrier(0x20, 0x0)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:29 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  542.260746]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  542.265933] RIP: 0033:0x45a6f9
[  542.269115] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  542.276824] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  542.284093] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  542.291361] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  542.298633] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  542.305920] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
23:25:29 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ioctl$sock_inet_SIOCGARP(r4, 0x8954, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @local}, 0x0, {0x2, 0x4e20, @local}, 'erspan0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r4, 0xc0305302, &(0x7f0000000040)={0x3ff, 0x0, 0x400, 0x542, 0x3f, 0x10000})
r5 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
fchdir(r5)
getsockname$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4}, &(0x7f0000000180)=0x1c)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x3ff)

23:25:29 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

[  542.683148] ==================================================================
[  542.690975] BUG: KASAN: use-after-free in put_pid_ns+0x80/0x90
[  542.696953] Read of size 8 at addr ffff888095393390 by task syz-executor.2/28951
[  542.704484] 
[  542.706123] CPU: 1 PID: 28951 Comm: syz-executor.2 Not tainted 4.14.158-syzkaller #0
[  542.714012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  542.723368] Call Trace:
[  542.725966]  dump_stack+0x142/0x197
[  542.729606]  ? put_pid_ns+0x80/0x90
[  542.733241]  print_address_description.cold+0x7c/0x1dc
[  542.738530]  ? put_pid_ns+0x80/0x90
[  542.742166]  kasan_report.cold+0xa9/0x2af
[  542.746327]  __asan_report_load8_noabort+0x14/0x20
[  542.751266]  put_pid_ns+0x80/0x90
[  542.754755]  free_nsproxy+0x104/0x200
[  542.758564]  switch_task_namespaces+0x98/0xb0
[  542.763074]  exit_task_namespaces+0x18/0x20
[  542.767407]  copy_process.part.0+0x3c67/0x6a70
[  542.772009]  ? proc_fail_nth_write+0x7d/0x180
[  542.776512]  ? proc_cwd_link+0x1b0/0x1b0
[  542.780595]  ? __cleanup_sighand+0x50/0x50
[  542.784841]  ? lock_downgrade+0x740/0x740
[  542.789010]  _do_fork+0x19e/0xce0
[  542.792479]  ? fork_idle+0x280/0x280
[  542.796201]  ? fput+0xd4/0x150
[  542.799397]  ? SyS_write+0x15e/0x230
[  542.803120]  SyS_clone+0x37/0x50
[  542.806515]  ? sys_vfork+0x30/0x30
[  542.810068]  do_syscall_64+0x1e8/0x640
[  542.813963]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  542.818822]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  542.824017] RIP: 0033:0x45a6f9
[  542.827817] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  542.835535] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  542.842820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  542.850218] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  542.857498] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  542.864762] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  542.872639] 
[  542.874254] Allocated by task 28951:
[  542.877956]  save_stack_trace+0x16/0x20
[  542.881914]  save_stack+0x45/0xd0
[  542.885349]  kasan_kmalloc+0xce/0xf0
[  542.889043]  kasan_slab_alloc+0xf/0x20
[  542.892935]  kmem_cache_alloc+0x12e/0x780
[  542.897695]  copy_pid_ns+0x1af/0xa50
[  542.901390]  create_new_namespaces+0x267/0x720
[  542.905956]  copy_namespaces+0x284/0x310
[  542.910002]  copy_process.part.0+0x2603/0x6a70
[  542.914582]  _do_fork+0x19e/0xce0
[  542.918014]  SyS_clone+0x37/0x50
[  542.921363]  do_syscall_64+0x1e8/0x640
[  542.925237]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  542.930405] 
[  542.932015] Freed by task 7:
[  542.935026]  save_stack_trace+0x16/0x20
[  542.938980]  save_stack+0x45/0xd0
[  542.942415]  kasan_slab_free+0x75/0xc0
[  542.946292]  kmem_cache_free+0x83/0x2b0
[  542.950247]  delayed_free_pidns+0x89/0xb0
[  542.954443]  rcu_process_callbacks+0x7b8/0x12b0
[  542.959100]  __do_softirq+0x244/0x9a0
[  542.962897] 
[  542.964507] The buggy address belongs to the object at ffff888095392b58
[  542.964507]  which belongs to the cache pid_namespace of size 2264
[  542.977407] The buggy address is located 2104 bytes inside of
[  542.977407]  2264-byte region [ffff888095392b58, ffff888095393430)
[  542.989449] The buggy address belongs to the page:
[  542.994376] page:ffffea000254e480 count:1 mapcount:0 mapping:ffff888095392200 index:0x0 compound_mapcount: 0
[  543.004328] flags: 0xfffe0000008100(slab|head)
[  543.008895] raw: 00fffe0000008100 ffff888095392200 0000000000000000 0000000100000003
[  543.016772] raw: ffffea0001c7b6a0 ffffea0001a710a0 ffff8882194d1080 0000000000000000
[  543.024644] page dumped because: kasan: bad access detected
[  543.030333] 
[  543.031955] Memory state around the buggy address:
[  543.036878]  ffff888095393280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  543.044230]  ffff888095393300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  543.051571] >ffff888095393380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  543.058912]                          ^
[  543.062792]  ffff888095393400: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
[  543.070131]  ffff888095393480: fc fc fc fc fc fc 00 00 00 00 00 00 00 00 00 00
[  543.077483] ==================================================================
23:25:29 executing program 4:
clone(0x40000, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xe8, 0x8400)
write$midi(r0, &(0x7f0000000040)="b2beb7bba2c7e8399c7ea1ae090e709ff0901afe08cb534fa993f46cc91abbca05bb1c1fed83042fd5a16d05dea1328f53dc488ea7d7e61b057e6b542c93391ba314412b9a5b4dcbb823dcdefce3a48a4b9e31add5ba2425f2e59da4e73a145e7b3a5c76787d7630ace04820a4f54fb9b81c00e3ddd5a811b59edc6e3be8d8221178d6332b018084d722b86b68eae3acfb40b6175335b854d682ec243bd4c1833633ad2fcc461c4258e0866ccca26acf494b67fa55e147a05326400ced8b9b20365d6ff866839c44c7239c49b0ef8fd0724254edfd3faab8e003c8387248564466f96891732b0b67a8a1", 0xea)
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000540)={0x0, @data})
ioctl$TIOCSBRK(r1, 0x5427)
fchdir(r1)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req3={0x2, 0x400, 0xff, 0x80000001, 0x8000, 0x20, 0x4}, 0x1c)
ioctl$FBIOGETCMAP(r1, 0x4604, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r2, r2, &(0x7f0000000240), 0x7fff)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x7a, 0x12, 0xf, 0x5, "71f79baa673998dfe92905d26135ba9526a9e312531e5cad603840510a6921c59752df150e193fae59a63bc8050cbdefe9d24e1453c8752a3940e3010b5c7fb7", "5d9572e9f36e006141d42a097b0e157b0bad0b0e11cd00e6297f03c2b299c218", [0xfd, 0xffffffff]})
r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
memfd_create(&(0x7f0000000500)='/dev/dmmidi#\x00', 0x1)
write$P9_RREADLINK(r3, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2)
sendfile(r3, r3, &(0x7f0000000240), 0x7fff)
ioctl$DRM_IOCTL_AGP_FREE(r3, 0x40206435, &(0x7f0000000280)={0x0, 0x0, 0x1, 0x9})

23:25:29 executing program 3:
utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x7, 0x81})
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:29 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
clone(0x787467fbcfa1d9c, 0x0, 0x0, 0x0, 0x0)

23:25:29 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet6(0xa, 0x1000080002, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

23:25:29 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = semget$private(0x0, 0x8, 0x0)
semctl$GETZCNT(r1, 0x0, 0xf, &(0x7f0000000600)=""/4096)
semctl$GETVAL(r1, 0x4, 0xc, &(0x7f0000000000)=""/160)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000000c0)={0x8c, 0x0, [0x4b564d03, 0xfffffffffffffffe]})

[  543.084822] Disabling lock debugging due to kernel taint
[  543.098746] Kernel panic - not syncing: panic_on_warn set ...
[  543.098746] 
[  543.106238] CPU: 1 PID: 28951 Comm: syz-executor.2 Tainted: G    B           4.14.158-syzkaller #0
[  543.115334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  543.124696] Call Trace:
[  543.127287]  dump_stack+0x142/0x197
[  543.130921]  ? put_pid_ns+0x80/0x90
[  543.134551]  panic+0x1f9/0x42d
[  543.137756]  ? add_taint.cold+0x16/0x16
[  543.141730]  ? ___preempt_schedule+0x16/0x18
[  543.146150]  kasan_end_report+0x47/0x4f
[  543.150146]  kasan_report.cold+0x130/0x2af
[  543.154489]  __asan_report_load8_noabort+0x14/0x20
[  543.159428]  put_pid_ns+0x80/0x90
[  543.162893]  free_nsproxy+0x104/0x200
[  543.166699]  switch_task_namespaces+0x98/0xb0
[  543.171201]  exit_task_namespaces+0x18/0x20
[  543.175560]  copy_process.part.0+0x3c67/0x6a70
[  543.180171]  ? proc_fail_nth_write+0x7d/0x180
[  543.184669]  ? proc_cwd_link+0x1b0/0x1b0
[  543.188738]  ? __cleanup_sighand+0x50/0x50
[  543.192977]  ? lock_downgrade+0x740/0x740
[  543.197130]  _do_fork+0x19e/0xce0
[  543.200582]  ? fork_idle+0x280/0x280
[  543.204298]  ? fput+0xd4/0x150
[  543.207523]  ? SyS_write+0x15e/0x230
[  543.211233]  SyS_clone+0x37/0x50
[  543.214595]  ? sys_vfork+0x30/0x30
[  543.218138]  do_syscall_64+0x1e8/0x640
[  543.222031]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  543.226880]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  543.232069] RIP: 0033:0x45a6f9
[  543.235257] RSP: 002b:00007efc0d5a9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  543.242966] RAX: ffffffffffffffda RBX: 00007efc0d5a9c90 RCX: 000000000045a6f9
[  543.250235] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0787467fbcfa1d9c
[  543.257503] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  543.264772] R10: 0000000000000000 R11: 0000000000000246 R12: 00007efc0d5aa6d4
[  543.272041] R13: 00000000004c0df1 R14: 00000000004d49e8 R15: 0000000000000003
[  543.280966] Kernel Offset: disabled
[  543.284607] Rebooting in 86400 seconds..