='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:24 executing program 4:
r0 = fcntl$getown(0xffffffffffffff9c, 0x9)
r1 = syz_open_procfs(r0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000480))
r4 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x0)
unshare(0x0)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r1, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:24 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:24 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x100000001, <r2=>0x0, 0x0, 0x8000})
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000000c0)={0x0, r2, 0x10003, 0xf7dc})
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)=0x100000001, 0x4)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0xfffffffffffffffd, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[], [{@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@measure='measure'}]})

04:38:24 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0xfffffffffffffff4, 0x0, 0x1, &(0x7f00000000c0)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@check_int_data='check_int_data'}, {@ssd_spread='ssd_spread'}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@dont_measure='dont_measure'}, {@measure='measure'}]})
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0)

04:38:24 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0a3a2d023c126295718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:24 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:24 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev}}, 0x1e)

04:38:25 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:25 executing program 0:
r0 = socket$inet6(0xa, 0x20000000000007fd, 0x4000000080)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast2}}, &(0x7f00000003c0)=0xe8)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000040)='./file0\x00', 0x9, 0x3, &(0x7f0000000440)=[{&(0x7f0000000080)="a6da99ed693d83bb12f0d61508092ab7635f878883f7ecf9ec19624f0975816536cc3f05f110cc6f69e14ba4653343c3489ff15701528f79cb74c9ca75486846e90737c2079bc731828b41daadc9bcee3e45c90b3a14637ae681a7756d6bf20e4ff7c2bc77d137be8b113ac3597195c2863d7a6e1e4df31a0f6ecce08080540753d11c048b8c78b04bd8", 0x8a, 0x5}, {&(0x7f0000000180)="f59a43532b6c87bda34aa4d65e60e3ac07273a181b7dc581233c6550b1097ef11a104107b9eebb8c561fa33dfa315070fc0447387deb177da0ed3ce29e680399d28a1d87c7f2d9222226367bc2f48f8f37ae6d8024516193e869401bc7f9b7a3476159e69a3fc1e573553b870a22e3cbcffec06f88d8b1be5603c2aa17f640a3a02457b8790f4206a6a55a83c5acfb481233424853430eb66ea5ae28464980606a7e5d955185c9cb6dd0e65c269109ee13654335d36272c27f92765a96a2e5af866401ef543a56384176e4ccbd85939a59a74c09ffe7698f46e5eebe2b449a6928dfe376ba8cc57e8fc2a195c1", 0xed, 0xffffffffffffffc0}, {&(0x7f00000002c0)="2dcd08b5b0a8f36ce467c6430e219f53e1907180926dadc1a99731aae551066428f79d4a8a914ee8709c55837375bec3b324aac9d63efd7b408ae5e96ac85ea2240b0beaa81305598c6ec1b77be44c8b43f55d84c2075192ea22030398b9735e7e64076112474478dd78c6fdc7c1fc30334bc3fc90cc8da0d41bba8fe36fbd4e357710b73aae2399f9b33a6b2a4a04d512c4c1e1b671fe7812f7ff25b9269000fb72602435b0632a7c1f441ec1b2cf09725430726af7624af75b435cf450259a933e7e5629784bf8f89bbb449ce491e0536621a06a5d2049bf4974cd", 0xdc}], 0x100000, &(0x7f00000005c0)={[{@fault_injection={'fault_injection', 0x3d, 0x6}}, {@acl='acl'}], [{@mask={'mask', 0x3d, '^MAY_READ'}}, {@seclabel='seclabel'}, {@dont_hash='dont_hash'}, {@pcr={'pcr', 0x3d, 0x9}}, {@uid_eq={'uid', 0x3d, r1}}]})
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:25 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x1fe, 0x0)
write$binfmt_aout(r1, &(0x7f0000006c40)=ANY=[@ANYBLOB="ff0700c134"], 0x5)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r2=>0x0})
ioctl$DRM_IOCTL_DMA(r1, 0xc0406429, &(0x7f00000005c0)={r2, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:25 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:25 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:25 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:25 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000000)=0x1ff, 0x4)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70721ab85aa86a6124596f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6425762f70746d78002c6d6561737572652c00f1ec8b6bfd1a592aa9724c44e38c3e888566562f05413102c908ddc0732af07f04b3df1844877d5470b013ad9a4a7ebbe55dc249d12b49a5551a4eb16cfe9496fefb73e915618176ff00a47f1e75984b9c1587edab00b22321a9dbe72940f3612a8cc542121363f1db954b3963af059159b429f733110b0ee87905604c5c17c7f75c2bcd74964f365629cbb8609ec3e9e4a12c474fb616f3ec69da439af2befa27642a7e8605af4227a0be34aec0f1e4e506c322780bf56377af904e664f2f07a263653bc9e36cf213a0fe9e62d81d1922192c8b635507"])

04:38:25 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000440)={0x0, 0x0, 0x5, 0x0, [], [{0x4, 0x1, 0x8, 0x80, 0xffffffffffffff81, 0x100000001}, {0x10001, 0x80000001, 0x9c4, 0x80000000, 0xe9, 0x6}], [[], [], [], [], []]})
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:25 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:25 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:26 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:26 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:26 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1749.576942] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[ 1749.595668] FAT-fs (loop3): Filesystem has been set read-only
[ 1749.620408] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1750.193837] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1750.554642] FAT-fs (loop3): error, fat_get_cluster: detected the cluster chain loop (i_pos 0)
04:38:27 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x1fe, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r2=>0x0})
ioctl$DRM_IOCTL_DMA(r1, 0xc0406429, &(0x7f00000005c0)={r2, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:27 executing program 0:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x74, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x9, @loopback, 0x3ff}, @in6={0xa, 0x4e24, 0x7, @dev={0xfe, 0x80, [], 0x18}, 0x8000}, @in={0x2, 0x4e22, @loopback}, @in6={0xa, 0x4e21, 0x7, @mcast1, 0x8000}, @in={0x2, 0x4e20, @empty}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180)={r1, 0x5, 0x7, [0x0, 0x76, 0x2, 0x7f, 0x3, 0x4, 0x7ff]}, 0x16)
r2 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r2, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:27 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f0000000380)="0f0766b818008ed80f20e035000040000f22e00faea66647000066ba2000b801000000efc4c13565d4b805000000b9f4ce05c80f01d9670f01750c66b8e3000f00d8c4c2e99626", 0x47}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:27 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f0000000380)="0f0766b818008ed80f20e035000040000f22e00faea66647000066ba2000b801000000efc4c13565d4b805000000b9f4ce05c80f01d9670f01750c66b8e3000f00d8c4c2e99626", 0x47}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:27 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000480))
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:27 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x0, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1751.312102] FAT-fs (loop3): error, fat_get_cluster: detected the cluster chain loop (i_pos 0)
04:38:28 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000480))
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:28 executing program 1:
msgsnd(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="090000000000000051027c7816d40900000000000000148f834e519d779b82eb72db64a296876b6e9f3de3fc18ad5d25a809e4a307c5958bc79466a09761e844dd0d9df087950d7cc29a30b3f6f0aa85a0"], 0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_MP_STATE(0xffffffffffffffff, 0x8004ae98, &(0x7f0000000480))
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000280), 0xffffffffffffffff)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x401, 0x101000)
ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f0000000240)={{0x8, 0xfe85, 0x0, 0x1, 0x4, 0xdde6}, 0xec})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
msgrcv(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ee000000000000000000000000000000000000"], 0x1, 0x0, 0xa4a3ad41a879dde0)

04:38:28 executing program 0:
r0 = memfd_create(&(0x7f0000000000)='btrfs\x00', 0x1)
ioctl$TIOCCBRK(r0, 0x5428)
r1 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1751.626671] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1751.658195] FAT-fs (loop3): Filesystem has been set read-only
[ 1751.718661] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
04:38:28 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:28 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f0000000380)="0f0766b818008ed80f20e035000040000f22e00faea66647000066ba2000b801000000efc4c13565d4b805000000b9f4ce05c80f01d9670f01750c66b8e3000f00d8c4c2e99626", 0x47}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:28 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f0000000380)="0f0766b818008ed80f20e035000040000f22e00faea66647000066ba2000b801000000efc4c13565d4b805000000b9f4ce05c80f01d9670f01750c66b8e3000f00d8c4c2e99626", 0x47}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:28 executing program 5:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x1fe, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r2=>0x0})
ioctl$DRM_IOCTL_DMA(r1, 0xc0406429, &(0x7f00000005c0)={r2, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:28 executing program 1:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x1fe, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r2=>0x0})
ioctl$DRM_IOCTL_DMA(r1, 0xc0406429, &(0x7f00000005c0)={r2, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:28 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1752.083004] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1752.105632] FAT-fs (loop3): Filesystem has been set read-only
[ 1752.123382] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
04:38:28 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:28 executing program 5:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:28 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c2d023c126285718070")
execve(&(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000dc0)=[&(0x7f00000007c0)='system.posix_acl_default\x00', &(0x7f0000000800)='!\x00', &(0x7f0000000880)='system.posix_acl_default\x00', &(0x7f0000000c80)='system.posix_acl_default\x00', &(0x7f0000000cc0)='\x00', &(0x7f0000000d00)='system.posix_acl_default\x00', &(0x7f0000000d40)='\x00', &(0x7f0000000d80)='system.posix_acl_default\x00'], &(0x7f0000000e80)=[&(0x7f0000000e00)='ppp1selfbdevcpuset/bdevvmnet0$\x00', &(0x7f0000000e40)='btrfs\x00'])
syz_mount_image$btrfs(&(0x7f0000000840)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000ac0)=ANY=[@ANYPTR64=&(0x7f00000008c0)=ANY=[@ANYRESDEC=r0, @ANYRES32=r0, @ANYRES64, @ANYPTR=&(0x7f0000000880)=ANY=[], @ANYBLOB="03edac4448596003951890210fb2fd7d515689a914bd5ced87efd12cb85964bab7b3821ca63b8e2b9e0dcb37bdd3ed17d8f8ceb7b7c96f72c6ab45b4c19eb53804e1e5854c677ca0cbcf0312247c576628909647cf551df9c3e1c2291972fae5b429bf433bfb74b806c9a9a84f2c55af5fa8bb607e519fe7dd6f0b297bd0e022f711ddb260f5dafaa7", @ANYRESHEX=r0, @ANYBLOB="6d4c051eecbcac5bb376538ce8aaf7aa475c19a1495d", @ANYBLOB="1b30d6ed4e5f37469adadd1453d7dd5fce08e73d1bd30a3ccc823d7bc8952cd74888af130b73ee7eb15810d2a19d57ef512569e9074ec2be8bc67c3760372bc1d59b71e9bdd7fb99ebeeb06cd64027619ab20cbb7b2934f1b4328a2c967347aaf3f410a0b2bcabe456c4fcf6d2ac72a120c05590ecf242a32da41920192ff6f83d86cae50580a7b4cafb95bcda1d5c05a7a62a11cce781e3c52c127059b3f34917df2f72a9755b9591134bf9e6225096fa21bae83da33069ccf4117c1c1ed81c30a937a8cd668aefc5db965bb709331d5c13254637fdab1ab024bbed8524378c9491460796ba", @ANYRESOCT, @ANYRESHEX=r0], @ANYRES16=r0])
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@local}, 0x0, @in6=@dev}}, &(0x7f00000003c0)=0xe8)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000440)={{{@in=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@dev}}}, &(0x7f0000000540)=0xe8)
r3 = getuid()
fstat(r0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
stat(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000006c0)={0x0, <r6=>0x0}, &(0x7f0000000700)=0xc)
fstat(r0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setxattr$system_posix_acl(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000b00)=ANY=[@ANYBLOB="02000000010005000000000002000000", @ANYRES32=r1, @ANYBLOB="e5ff9426c7b78f99881ae53b7e72039b64d96f5ea53350043c6c09ef63559413891f4b18d772917705a7b74f428b8ece4e7d8098eaf92d17be3234ea1c1ac0a59c209e418b0c275603579a8114eec000b08138e030523be62e02b0ecd80973ad79824cca8810429e818d8b854bd4ab0fffa9a64435ee822da2eaaa4f70ca05db6b68ec5b7c2a56f6cadd1d569b73b3eeca65a22254f7048a2b0c5751e33727e22448af8e802469308007d7031333784841d65ca45ae9b769271b306de5baf486f37508ced80aa5c8ee5d61900d871d3e72e281d2e9e3a741e893d1f8334fd6a3e967dc845cf8ebe3d24853e4bccebf82d4d6", @ANYRES32=r2, @ANYBLOB="02000400", @ANYRES32=r3, @ANYBLOB="02000200", @ANYRES32=r4, @ANYBLOB="02000600", @ANYRES32=r5, @ANYBLOB="02000500", @ANYRES32=r6, @ANYBLOB="040007000000000008000200", @ANYRES32=r7, @ANYBLOB="10000500000000002000020000000000"], 0x5c, 0x3)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000000)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000080)}, {&(0x7f00000000c0)=""/108, 0x6c}, {&(0x7f0000000180)}], 0x3, &(0x7f0000000200)=""/10, 0xa}, 0x0)

04:38:28 executing program 1:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:29 executing program 0:
r0 = socket$inet6(0xa, 0x802, 0x400000007c)
fcntl$notify(r0, 0x402, 0x4)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000080)="a789bfbf17cf0d3ecc2f51cc8ad8297dab1c5f285e222b0d9521fecf02e34fb8426711b43ce839079e5cf045e94ee812a49de0b5339bcffcd83638504103c202bafc5a186351961fcf046ca5304ebfedd29bc67ce6569dadc6ab9b653c47e21d966dd94c8c099edeb9d84027484a7733c8f689a6fd60d1b2ba0d653aca0614db505da35883da5bc53112cfebb40c1262bc", 0x91, 0x3}, {&(0x7f0000000180)="c046fa209938a3f0733e7b1c3f8998587756c74643818a40fd597f94c6ed89f8431bd4c370f3c79a40fd78d3202521530d92dcae4fffd81f43b37ec09a3313e51797b1b3be15cbd25de38b21f06b1c126e4377d34ff6fc4608de1b1121a26ebc6b6798a4e56bec07c0d8161899b7669afa49f111c7780468c7960ced6201795cae96342c37f3c585f9d57356f23c3f81a808d5ec996886720d396de3951fd889bee2e3f5cf145b406488d5079857e47f8a585ba280c20a9a05ce2fd361a527f2c429ee240e586aef5ab756bb03d9cba67c9eb5412e2ba544aea3f4f68afeeb20b0a2bce76831dd492bfc45", 0xeb}], 0x1, &(0x7f0000000300)={[{@ssd='ssd'}], [{@subj_type={'subj_type'}}, {@measure='measure'}]})

04:38:29 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:29 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f0000000380)="0f0766b818008ed80f20e035000040000f22e00faea66647000066ba2000b801000000efc4c13565d4b805000000b9f4ce05c80f01d9670f01750c66b8e3000f00d8c4c2e99626", 0x47}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1752.582491] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006500)
[ 1752.590656] FAT-fs (loop1): Filesystem has been set read-only
[ 1752.614269] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006500)
04:38:29 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000240)={0x79})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000007c0)={"a523fb9656eb871ffcd7ffeb51d84e738a55eba841ae487e33cdd921e8a51ce6c924020f0ac3562dd8cdeb31deac16f46da4ac16ee8165bce439eddce671c5b0a1103ea3f86a43cbb78504f6f9c77c2f09dc27632ec6036ee52a87e321e707c0cfe15576c26d52d0334c8d4693e127b3a046a5ed7796c9c5017cfd58ec871ed76369846fea9ebfa2f7f96496abf4ef57ed1ecd930eb9e13396875f01e932804ffe8a34c8fbedd97cdfb3176ec59fbbfd20a6ff17795431c3908530e4f5f703480a5211cc6a7e2084e4a9b6aedf60b7b8084b00ca2cbed255b4cc4679c967432fea5e95119f9635e94794aab6ef54f290677fa08d0ee2cc8eae468efd02417055d3f3ccc86b629dfb878c4d115c16c75fe352cffa93648cf49577256b5d2faf0634335c97ffff966ae90cbf81250df3613c25d2789c869c9cc95a6e9d364c4c684059c593f9950e66cf81cd9f36d73fade4f0cbb795010364d13ff32c12efd91d0ebb6533700945f2db6113a630bd521eec89a74c46e1733b72d6e4d2ccee3b40f99809a9a4fb5fc2d1c53e1366d455bcbe81893100ab56b2556b55c1a0c5787356b464c3bf7011488e55f587a6d4420d46d69a74ee5bbfbcb0d6cb00aae8c3dfd6dd2e9f76d7a542f20553207b668dce69f1b463ee9166e81bb109f461b8885f15c9e525d72260ccdbd69e3345612158114780b9409ea856cb724faa6ed27ba836b35c10e7c7d43f2fa34f98f16a00f31565e16a213eaf4a7f438c89733ebe6d16328b930fd942bc64d631dd1f2aa1cc2ccdaff2324076c83e1ba4d2a0e40e010c96b42e7a4a76cd7a89ef592b9b3030f62d9fbd565ee5908ab90b42620b61e5d1e08621a31d21003cd12a450461636472fa64a7e1b98778bfb482fb4b4da31b42ee98b10f9c0f4c085d08c37ee2e3a9e4a5aff72a0ab844fcbfa224842c85f6cdfd25829c44760e3859624f891df4824f7d17938ac2def6721639176fad9512ee9b4c5de1412cf3083e1d5ee2d29b63267ccba535409da7bef05d3fa79a3ef037ee609e01ad345ee17f48b5e8510f767de35df4dfb856f7533ad88866c6b01fe345107ba7191a8809e2e014492acf9c4f35cad664198a65c55f884490f4b30b4526324be842c393f336f16bea2bf6c6b917fdb751e12ff689ab4ffa44625a8b2bc1de4e88682abe5ce9d1942792747681ad23c31046d825140987f19a9cf10323c3f50a20f35a6d1dd8ca6758296b4537a0da1a853011b777623c8774b3689897cf9264a7782470847f36a8093faee04114663438ab39d8a777fb3e10cb4a2402a939a98d387087c5ca5fd8fbc4d96ae698b5bb84a0a8484e2b85743e623a033eb5b1889ccfb4b95885bc69d4c1cb819b95e7923e557c9ec9ec10e94d1e1295fc2f256fa095036f6cfc04c414fc57fc72c120614a586089c93741e97a61c466"})
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000000)=0xefff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text32={0x20, &(0x7f0000000380)="0f0766b818008ed80f20e035000040000f22e00faea66647000066ba2000b801000000efc4c13565d4b805000000b9f4ce05c80f01d9670f01750c66b8e3000f00d8c4c2e99626", 0x47}], 0x1, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

04:38:29 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:29 executing program 1:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:29 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:29 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000100)=@add_del={0x2, &(0x7f00000000c0)='veth0_to_bond\x00'})
splice(r0, &(0x7f0000000040), r0, &(0x7f0000000080), 0x592, 0x2)
syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2)

04:38:29 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1752.860319] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006500)
[ 1752.895973] FAT-fs (loop1): Filesystem has been set read-only
[ 1752.916234] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006500)
04:38:29 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x9, 0x8, 0xfff, 0xfffffffffffffffa, <r1=>0x0}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r1, 0x2}, &(0x7f0000000100)=0x8)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'gre0\x00'})
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:29 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:29 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000480))
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:29 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000480))
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:29 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000240)={<r0=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r0, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:29 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
chdir(&(0x7f0000000000)='.\x00')
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:29 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000480))
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:29 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000000)=""/35, &(0x7f0000000040)=0x23)

04:38:29 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffff9c, 0xc018620b, &(0x7f00000000c0)={<r1=>0x0})
r2 = mmap$binder(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x110, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0xd8, 0x0, &(0x7f0000000180)=[@reply_sg={0x40486312, {{0x1, 0x0, 0x2, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000040), &(0x7f0000000080)=[0x0]}, 0x7fff}}, @acquire={0x40046305, 0x1}, @free_buffer={0x40086303, r1}, @release={0x40046306, 0x2}, @reply_sg={0x40486312, {{0x2, 0x0, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x18, &(0x7f0000000100), &(0x7f0000000140)=[0x78, 0x18, 0x18]}, 0x4}}, @decrefs={0x40046307, 0x1}, @decrefs={0x40046307, 0x4}, @increfs_done={0x40106308, r2}], 0xda, 0x0, &(0x7f00000002c0)="836d66db56ba5f65a079704c7bf52e2e8b1c21c64fd0dfbe5fe901157366f015baa4f08fffc4899a73426f147236300d41df42148efd6f77402599237f73e6b3f3f59504d7b04ff641ac4548f06e4a4daf0f221e9c475b333880130cfc2af63ab6494700a3b89ce9a3030d1b4730b2f0491ccb918a57412c6cc2bdcfeb7f10d2f11db08f6a9e660720aaeff12118a2ed4fb74dc56c6096b8ba9190a70bbc1349cfe0996df83f11e70a5e7ba5d794ed8634db633ba96ca03936dc392f816205893e8be5db4d1344e1cdfe804c5fa5340c66b59d16444fb7fbfbde"})
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:30 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000480))
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000240)={<r0=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r0, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:30 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(0x0, 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000480))
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={<r1=>0x0, 0xfff}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={r1, 0x1f}, 0x8)
stat(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
lstat(&(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000440)={0x0, <r5=>0x0}, &(0x7f0000000480)=0xc)
r6 = getegid()
getresgid(&(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540)=<r7=>0x0)
r8 = getgid()
stat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
r10 = getgid()
lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000640)={{}, {0x1, 0x7}, [{0x2, 0x0, r2}, {0x2, 0x2, r3}, {0x2, 0x0, r4}, {0x2, 0x6, r5}], {0x4, 0x3}, [{0x8, 0x6, r6}, {0x8, 0x3, r7}, {0x8, 0x1, r8}, {0x8, 0x2, r9}, {0x8, 0x4, r10}], {0x10, 0x7}, {0x20, 0x6}}, 0x6c, 0x2)
syz_mount_image$ext4(&(0x7f00000006c0)='ext2\x00', &(0x7f0000000700)='./file0/file0/file0\x00', 0x7, 0x3, &(0x7f0000001840)=[{&(0x7f0000000740)="45e96117e3b825edae55bbcb685fb1e62b0bb7d613d06c3f19b72cf4ed4c3e6151bd79fcaf0103f7a518f36c438061a428bac0a63e9ce50caf5462d6fee988de153d12aea8fae94f57b44683f297c5416741edd5c358c80cbac5d9a2712b3c6f0290e3f1b5825dbb4df88fcc6382a32863ac601c4404e1ea2bf1d0e4f3aa14bed28b500e099cb50a8d55f54181b3c5380a91fff5f12827324c427d6070b797dc4ab1108797f999f792f01aa912659c226b671906791ec7c8b7f46489a048a88934fdbbc8805e8f59a115bdb9c2c08d55df1a7a61fadeeb8b89985a0829c34da9adaf759ad55376218a43d6ee65abd813b2ce7ce571403fd5de1896030d14997958d01e5525acc0a859dc92cc52602fdaddc5f933090068b4574cbcc3ec134ea20744aea525cb1e31ab794de5af7fdce66c0dd0c3cc909a71efe42adb77a1fb067cbda846da190020b51bf49b0cda23b75f78439ced34e0c59d6af82850f11711a10c75f93b78f5de50097cd49d5096ec368744cc120c43064772e72f8dfe4644c27a368c8ad135b921247d719808b4074a1c740b99a996669d6eee50680669c9a4778bda585c501d7924b28617147ad32102d67f74dd28f4043a07416daedd203171d0661fb3fd5182ceca7430da51b5c0694d103445715d4e3c38fddfc538e459fa88352352d373a98368982eb992098b06bb52120697965c75f7538972a3d93ca38df6bdaaf86fb0cd449c3c82d65f05120f9da26bbfd8f59c5e2dc085c0d66e8ccde28891b250bf6935d3cb4dcf90cd546af2f928b81aac67a678a9b634816d18c9c8baa2cafa6a094f3b67d6b29b72e199383cf1e885705401920d18cc69a0c090265512218e1b5936618801d8431d59e289caa7b70f957cfe6920dcb1e7aaaf84f4cd1604e81f3adf2bb0eea26ffe832074296fdde50e83fb7b5a20e7ca445dcb1c0582f9ee1ae4f1e1e72d47d10a914d4e3320680ae252c724b253837d6304f48c01d19875ec94076ac411d741cd928d156b009d294253b3be1f44982441117856ade950ffb3447dbab0a5fd437658f07a5e4a8420b526e3d84fc695ddba9b8d524cabfe2986761f0ab825950e4156a907158472af631456e5e5e40c0a5cc0db8ffb31c560edb35620ee4dda9ff1e9eec7c0741d3be919715f9718f77d4042ef3f466f4a425e83550b2381cae650e9fe3a08f977a812000d5c4f014f0a6b9037bee4fc994262032053f33df3aa2e99f49926bdc779dad81c2274d6a4df88ccfe0854e8d96389e262ade8fdc31ef57b7251846888f3cd491556cdacf51e2ca6c9fa8e298f9201021f08567ed7464287fab950e5489758130d41d3ff3fe9dd7f8a88c628feb9135f2664744840b905a8d1079945d8dfe7d4c494680a559abc031f18e6a1babe4ebfc44bc6d44ce340b51c11004450ee6ea295e6c01a6ea1bb013348d6ae68fe4468adfaedca99b7df911b012f749f03648eb78cb89646c68012bcc9ba12d5f57e2e8986bf379acd74aad10fd46d8f139c26b035e526323499791e111a93e7c6be52b1a01829218383fb950146dd06a6b856d6df7ec65b078adee0bbe401692876569d49de2560551d7a2dda29a4d48fdec130e1d8b3146237fc7b7d2bd80e87e30fabe77044667134f2bff7310c0385ca305b0b641d7f3036be432df34f62f2fd1c847c2c7f476800c5de06ec77af00e702952c2123e77807d2ae4fcc727463f08e749543ab425c42c00955307d38943612c846402530ea698a9c9e1e9d2df71ac7ff74830b7a531ddd784987c386c8424a3a1f6cae9e90410cd12294fa326bd35f837d1308eb7833084f66683fb94a500c8c604e7048fdbcd41d1dd3c8ea8c976cf87c9e8fd813590e2728ca583c184831eca9cb585bdbdeec017ef8256c43581ae060dae36aa88c89f47d5b9fb39deda22a0166ae06db1f114ee2ad44078d1cd7608f0413d59d5d33e6f54057b0cd3ccc3b822eeb2fbd15f809290cee05c24234e11e2fb353054b25c43bf14814f8a0556f420068c1a7b4243205677b4f6108203c7e8d2f03d01a34f94b276af874f30a78d37d7c89b3f83883c30285b912030756886a15ce1512fb6cd50d93eb4f3b0cb1e86ce88bca2941c85d3d09e1c17798c0b14404432565dbdb2107a690fa402f1ecc20792aa6fae7d70673165587cb6153909d44f4e1183bc52208dc918a7ee0a1577c53f1c8f8be91158f66f8cda9777001a88f2a4ea58ddbb662aca7d2615b006186f32a941678260dc984178ad70c7db37d173c9c90fbfe02c34813dae5ed00a17a498525aac0d1cb2bc39df8059b9c18cb0065e66d3b137e564d476c1bd46319254bda55af1afca008164c2efbc653fbbac8b8a468e708de969c02a1e9f36ac74561e8ec7f6936decfd80fd34a52f5876c21ec45a2492679e36d2107b7deffba45e9368daefaf0dd4d90936ecb915457f9ded1a72e2613ad68d71597d334e92f3b7e7705118e7897ae1c1acf5fe7f4222cd359bfbde839f96a418fabf1d2a424cec3347ae4a808ce7069998e17c4ac4b4b68e12b6bd9edc37d23173d8a608e74b384bcfcb3c68b91947c408119f375e502bfb034890113c193c7fb2edf72beb126d87a93d8422bf95390a3c19960d0846d004747728fc2add1504d59d5122ce9611ca87da8621d92fcf5b3e63a696a14a965c2b82df9263a0ae50eed0492fbeb8814fe21ba8a58e64641dadfd8135002a9fe5e3363d643c6f9442e9560e76f1f5415a396906a65000403df5bbcca5345aaaf0a747673e6927d8376fd7575545c3672fd0c57f12bd3bdebfb3ede186d04cd1b8694c194ef3035fd5dcf3b07148243299ce79f384f209c6d9958ccb55218e38e84c22bd6ca6ae0c215bb24ce29f48bee7a0ee3f0eea075b9a298cc2e513153d2934eaeddf4303969de8d988f982ac7d51bda63ef9df04936351a44e1e9f889819acef8209b992480cc7c8ecbdce1cd8d8ad976515f51cb758972c79f2402b56afde06fb364329fe48ae4f1b72df0fe97a7412e4a9535c427d819ba28a3c92d56fdc0b96d84266f8e8032c7dbc0e7679b2ebb76be0fb6a103b2b8647593a47bb362a3af9541bb93ed133b3ad975d7f5d39375ac89e40c4b10cf06a1dd9bec3691b234918e6c294918dec548bc6bce8e30d5b535483e12561a7c7b98128d205d9c586a476a6f8221055716134231934fa77135aebe35f846812c59958f03ce4afbcd05cea716e6bc9f0f834b367c987acb7b032c61b49943ef955f0e1a55961577341d570a69d20e96c15a77cbe8961b8a6042489ebb41c0ccd7a91eece79209997c4901779c05c75fce094e2e1024770187ac5d70b749b53f4f2b6482ed09b4274d48c2af4bc9925b207b446bc4f3c6e9e4e2897882d59c3972a1a99d027958e0c2121b1b0d1358db64627a489d574eea52b18744fe19a3b00f9a253dc1c2a718d0b7bc8980a37e9c32922b2226ba7cf5473ae6da8f944b37afac9c0a5ee2d83c1a05046e37b55c9969a419cec7fc09df0e5a97af21691efdff182eb3d1153450e803ae5c8249f86508800e94fd16345bbe13f59f51b5c3fce4302a6444db92aedad40cf2852e3c75168c4105ae58e4ee925e6f34a81be99cfacb4d9f7b27488440f27713f4311db9ec0ad562768c0813838b0e83de27bd0ad59f72e5d0b5b2a11e22d738cff03f1e9c12b1326f2abba5811c815197397261b79bbea146f4b3fbc3b28227db970ccafa74f98e7679f72f353138b050c18234f3eda9959c18c6593893bf7ea8bc3e7ac60b3142c8ca4f74ba2601b80b574a8df5a943634127d8e8b94ad123dd239a6f2d9e65021f8e5031f146091cda4c18080ff9324f25db247ad6b6ee4a0d2f79d61ba064cafb5c7a7f7e484f9aa3fbdd34b324cdbc97f552069fc8c81bd691f79f30c6f4ee9b39b1620b5fc2be12244cab1d6cf6a13879ca96ff6da9365be4a3d6371f099f3c3aae2524875ef0fed13e0c7cb86adcf1e5e9962323ecdb5df233c8614388b96d0a571d3a753ab5264b4b9934851c6382d429617ecbf57e06ff2d1520e8e2a479205c23d7cde10c3016716b7832a2b400b92688aa50c4983753d882e403d23a39c0bf2ffeef1436c01e87a12a088e4f248cf02b4c8d3ba2825f57438e6ab9912cb8a3269c80317abf69881524e4f819d4d164ccbdbb9d9ebdd2b7189744d75488b828609516bb896d9362ea9a9120530bd4b59d79b3f655e56da739835364f642ebc5095c5f2f711faa68ec78c53e6743543c3d9299645dadfcd641972d6c6b13e6dfa4b8270cc7357941073a5504b5b14251821ac8e9426291c07f3d498f1c5cb56f11d1e54838cba61b5383d32a67821477c92b29f595a65b6ba8b1958632d8fac4f8f1bad30e457cf032e18ff75acea25b4020e9d1bdff1eb0531a431a1a79b62fe775736b4633cafb12454a4c277f0bcf37f8e3bf663b6d8b88f8b937500ce5a8b8e61a846db321f0d24e32a24d628245ff2176030867ddd774ac006b05db2da074b65a1019ca40692ce301508947df59c14973b9016aff872528d51767448f77e5e83f0d35d730346eb455e51d483bb3ec12173d9621795e5d5e931f97cc0303ebcfb264461668a19a262de9010f0845fd9d1cddd82d5e242ef8a907073193c8f76394516fb5f789cbeadb90ae92ecce99ee8a4aeaebcfe86fa69f572344017443c924e5c48f7a99cf796f98b5f8813045c8c0305667457c37f4e79e26c4fc94f6117ac4999183901ecd7e511e272b0164c0bad5a99f3d1c20f9d57e93938004679fe3a7e4e14cc9cec010e45394434d2e551eaac62bd7a133324fea89612d31f3be57d4be387a79084163962935f67bcbdcd3f6e260e7e95116d6eb1058b9a07f755c2b2953b3770cf9c963edd9048f1e3facd91719f7568915c6a5c9aaa302318f2a7fea17dc6bff57ca8918216a172236add74489afb2197286901fdd076bb2db264dfeb4a91b8866ece24424bd2e4f780a55e7a56eac3005dfbf16b9b22fe17ece969d41b6744913f0c3dbd8965f86b301320f426c102010c12f1866bb4c63afaa14b77d4eb98300c6f363f7fa9feef6bf7aca3136b41d23dd66dba0be8a8ca5f7315000cf32f4fc334ee17a0139269075d7719567c5284b39ea640406cfb98bcc810b23e1455676fd8b2fd5e4031f2f89250976a2cb0717502c410803551e149d56766c472b24075cb76d9dd8f65c1db4ec7a19a3222b9dc7956e24f9ee6c85afe23b5f501acae00e31bab2b3f9c16847192a470406914f14e4dca409ec0492aaf30de1140a9bd462ed24d479dbfa144e91ba58a26563b98e1b96fdca23fe3cbb1a8b667982004b15d4f2a223078c28de2fb5dc8c1dc888d1f2be71c432e5aa89231f280f9b8f32556906f51374795438d0019dc8db9c1e2a58076b507c48c5c036093f77dbc576f5df785419a75e7bed403531dbac1717205ec066fae56ea05b069032d3d1db4a0ddf75e4e6bc27a983cf5eae25fe2a9e033a807542f89dbae2e58d691f33af03dbe77c51d39fbe44d6b66dda0c50ebf6ce20cf314a27cc44144db5840f724476af0525c239491ddf45f4bdbbe87e1f0ca5827b6932cf08d7e14e7efeaac1efaaeee6bd99255eae275b5981787c7113a05ea1c43ab71a99a4102cfb7611d2c7a134677820f13841223c701ee482483ceabeeb4f52066d9a51e80dc934d2aaa6c74fb7508c7895ffd1329e7b7250ca99d736252cac42a27de85408836853981792ebbfcbc300e3719183a03c177e98b056d71f13aaf84403a3d4", 0x1000, 0x3}, {&(0x7f0000001740), 0x0, 0x10000}, {&(0x7f0000001780)="05bfb9f2904d4b0615bd7fbfcc8385c9ebf5df4d641204fa64827d954a5d79f543acffde04d7bb0924992813c73af63f201014226e121b61df1316d4c8ac9fedf128f97a40437133f34e389d364f68588e34bb949051b2e93118c9d1381e8bbedf7feb382c9522dd8ba6e44dc5ee141096f48deddd7a525a87fd7ca3595f7eae53e3e5c3d20c299453ebc469dfe97ba9677d63bed2e7112c8e76a93dd7", 0x9d, 0x100000001}], 0xc000, &(0x7f00000018c0)={[{@discard='discard'}, {@grpjquota='grpjquota='}], [{@dont_hash='dont_hash'}, {@dont_appraise='dont_appraise'}, {@pcr={'pcr', 0x3d, 0x1d}}, {@obj_user={'obj_user', 0x3d, 'btrfs\x00'}}]})

04:38:30 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r4, 0x5411, &(0x7f0000000480))
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000240)={<r0=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r0, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:30 executing program 0:
r0 = socket$inet6(0xa, 0x6, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f0000000180)=0x5, 0x4)
accept$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800c0000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=@newtclass={0x90, 0x28, 0x100, 0x70bd28, 0x25dfdbfb, {0x0, r2, {0xffe4, 0x1}, {0x0, 0xf}, {0x7}}, [@TCA_RATE={0x8, 0x5, {0x4, 0x4}}, @TCA_RATE={0x8, 0x5, {0x2, 0x7}}, @TCA_RATE={0x8, 0x5, {0x2, 0x905d}}, @TCA_RATE={0x8, 0x5, {0x8001, 0x1f80000000000}}, @tclass_kind_options=@c_qfq={{0x8, 0x1, 'qfq\x00'}, {0x34, 0x2, [@TCA_QFQ_WEIGHT={0x8, 0x1, 0x4}, @TCA_QFQ_LMAX={0x8}, @TCA_QFQ_LMAX={0x8, 0x2, 0x4e}, @TCA_QFQ_LMAX={0x8, 0x2, 0x7}, @TCA_QFQ_WEIGHT={0x8, 0x1, 0x1}, @TCA_QFQ_LMAX={0x8, 0x2, 0x5}]}}, @TCA_RATE={0x8, 0x5, {0x101, 0x1}}, @TCA_RATE={0x8, 0x5, {0x9, 0x7}}]}, 0x90}, 0x1, 0x0, 0x0, 0x80}, 0x4050)
r3 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f00000004c0)={{0x7, 0x0, 0x7, 0x2e30, 'syz1\x00', 0x5}, 0x4, 0x422, 0x4, r3, 0x5, 0x7, 'syz1\x00', &(0x7f0000000440)=['rescan_uuid_tree', 'self}+%security:vmnet1\x95*\x00', 'nodeveth1.:keyring!system[\x00', '{}\x00', 'selinuxvboxnet0\x00'], 0x57, [], [0x1, 0x1000, 0x400, 0x8]})
syz_mount_image$btrfs(&(0x7f0000000100)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)={[{@datacow='datacow'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:30 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000480))
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 3:
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:30 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="750065725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562ff0300002f6465762f70746d78000272657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f70746d78002c6d6561737572652c00faf096d93ef06ad7dea5a96c24c4d8846fb4a70028c8c45ca35e"])

04:38:30 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:30 executing program 0:
r0 = socket$inet6(0xa, 0x806, 0x400400007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718270")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
write$P9_RMKDIR(r1, &(0x7f0000000040)={0x14, 0x49, 0x1, {0x0, 0x1, 0x2}}, 0x14)
ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0x40)

04:38:31 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000000)=0x5)

04:38:31 executing program 3:
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:31 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:31 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:31 executing program 0:
r0 = socket$inet6(0xa, 0x80000000000803, 0x100057f1b91a)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000440)=ANY=[@ANYBLOB='fragment=data,compress,fragmenuid_tree,smackfsdef=/dev/ptmx\x00,subj_type=TIPCv2\x00,\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'])
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40000, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000100)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r2, @ANYBLOB="20002cbd7000ffdbdf25040000005c0005000800010065746800080001006962e5ff0700010065746800080001006574680008000100756470000c00020008000300050000000800010075647000080001006574680014000200080003004000000008000300000000005c0001002c00020008000200070000000800010011000000080004000600000008000300c1ffffff08000100030000002c0004001400010002004e22ac14141800000000000000001400020002004e207f0000010000000000000000"], 0xcc}, 0x1, 0x0, 0x0, 0x800}, 0x1)

04:38:31 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:31 executing program 3:
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:31 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
ioctl$IOC_PR_PREEMPT(r0, 0x401870cb, &(0x7f0000000000)={0x1, 0x3f, 0x1, 0x1})

04:38:31 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:31 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, 0x0)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:31 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b667d3011124d736465663d2f6465762f70746d78002c6d6561737572652c00"])
fsetxattr$security_evm(r0, &(0x7f0000000080)='security.evm\x00', &(0x7f00000000c0)=@ng={0x4, 0x7, "c8fec2004ba987"}, 0x9, 0x1)

04:38:31 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:31 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000000))
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")

04:38:31 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r3, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r5, 0x5411, &(0x7f0000000480))
r7 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r6, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:31 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000180)={@in={{0x2, 0x4e21, @remote}}, 0x0, 0xfffffffffffff001, 0x0, "30204e1ce79a56156d9c2fd34b366c5a2c5d275709b77fb08de32afad3d32e3feb88a9375a13624dd4d6ddd0b77c7a50841a97596cee15de4dcff8955edddab0d67aeac2fff0a2b5363e04bbafa3ae44"}, 0xd8)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
r2 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x2400)
write$sndseq(r2, &(0x7f00000002c0)=[{0x100000001, 0x1ff, 0x0, 0x3f, @time, {0x2be, 0x7}, {0xe1, 0x20}, @note={0x2, 0x0, 0xff, 0x44cc, 0x2}}, {0x2, 0x100, 0x14c7, 0xff, @time={0x0, 0x1c9c380}, {0x80000000, 0x6}, {0x9, 0x9}, @addr={0xcc40, 0x3}}, {0x1758, 0x9060, 0x4, 0xd0, @tick=0x1, {0x5, 0x1}, {0x1f, 0x5}, @addr={0x9, 0xffff}}, {0x7fff, 0x7f, 0x9, 0x0, @time={0x77359400}, {0x6, 0x9}, {0x10000, 0x5}, @control={0x8, 0x100, 0x1f}}, {0xa8b0, 0x200, 0x3, 0x1, @tick=0xffff, {0x2, 0x3}, {0x5}, @result={0x4, 0x4}}, {0x1, 0x7f, 0x3, 0x1, @tick=0x3, {0xe6f, 0xfffffffffffffff8}, {0x1, 0x1}, @time=@tick=0x7}], 0x120)
write$P9_RAUTH(r1, &(0x7f0000000040)={0x14, 0x67, 0x1, {0x80, 0x0, 0x6}}, 0x14)

04:38:31 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:31 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:31 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
mkdir(&(0x7f00000001c0)='./bus\x00', 0x10)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:32 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
mkdir(&(0x7f00000001c0)='./bus\x00', 0x10)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:32 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
r1 = syz_open_dev$admmidi(&(0x7f0000000240)='/dev/admmidi#\x00', 0x9, 0x163201)
ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffff9c, 0xc018620b, &(0x7f00000002c0)={<r2=>0x0})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000300)={r2})
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1, 0x10000)
getsockname$packet(r3, &(0x7f0000000040)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffff9c, 0x50, &(0x7f0000000340)={0x0, <r5=>0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0)=r5, 0xffffffffffffffa6)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_subvol_rm_\\llowed,compress,subvol=/dev/ptmx\x00,rescF_uuid_tree,smackfsdef=/dev/ptmx\x00,measure,\x00\x00'])
sendmsg$can_bcm(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x1d, r4}, 0x10, &(0x7f0000000100)={&(0x7f0000000180)={0xfa79bbce23f93224, 0xe0, 0x4b, {}, {0x77359400}, {0x0, 0xfff, 0x8001, 0x5}, 0x1, @can={{0x1, 0x100000000, 0x1, 0x2}, 0x3, 0x1, 0x0, 0x0, "94776e020315b83a"}}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)

04:38:32 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
mkdir(&(0x7f00000001c0)='./bus\x00', 0x10)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:32 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
mkdir(&(0x7f00000001c0)='./bus\x00', 0x10)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:32 executing program 3:
syz_mount_image$vfat(0x0, &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:32 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
mkdir(&(0x7f00000001c0)='./bus\x00', 0x10)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:32 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = memfd_create(&(0x7f0000000000)='cgroup\x00', 0x5)
fstat(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getresgid(&(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000100), &(0x7f0000000180))
lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
write$P9_RSTATu(r1, &(0x7f00000002c0)={0x77, 0x7d, 0x2, {{0x0, 0x5f, 0x2, 0x3, {0x8, 0x2, 0x7}, 0x10000000, 0x7f1a, 0x27f, 0x0, 0x8, 'compress', 0x4, 'GPL)', 0x6, 'btrfs\x00', 0x1a, 'cpuset:.\'ppp0[\\%systemppp1'}, 0x3, 'em0', r2, r3, r4}}, 0x77)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:32 executing program 4:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$TIOCMBIC(r4, 0x5417, &(0x7f00000000c0)=0x3)
pipe(&(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000480))
r8 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r7, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
mkdir(&(0x7f00000001c0)='./bus\x00', 0x10)
ioctl$VIDIOC_SUBDEV_S_EDID(r6, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:32 executing program 0:
pipe2(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x7ff)
ioctl$SG_GET_COMMAND_Q(r0, 0x2270, &(0x7f0000000040))
r1 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
pipe2(&(0x7f0000000080), 0x4000)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_subvol_rm_allowed,compress,subvol=/dev/ptmx\x00,rescan_uuid_trG`%ee,smackfsdef=/dev/ptmx\x00,measur'])

04:38:32 executing program 5:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000000)=0x5)
r2 = syz_open_dev$video(&(0x7f00000001c0)='/dev/video#\x00', 0x5779, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000200)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}, &(0x7f0000000280)=0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
io_setup(0x8, &(0x7f0000000100)=<r6=>0x0)
io_submit(r6, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000001c0)={'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x1003})
io_submit(r6, 0x2, &(0x7f00000019c0)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0}, 0x0])
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:32 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'em1'}}, {@measure='measure'}]})

04:38:32 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/mls\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x5, &(0x7f0000000040))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0)
r5 = open(&(0x7f00000002c0)='./file0\x00', 0x100, 0xc0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000180)='io.stat\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r5, 0x84, 0xf, &(0x7f00000001c0)={<r7=>0x0, @in={{0x2, 0x4e23, @broadcast}}, 0x1f, 0x200, 0x3, 0xf1, 0x401}, &(0x7f0000000280)=0x98)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r6, 0x84, 0xf, &(0x7f00000004c0)={r7, @in6={{0xa, 0x4e20, 0x8, @loopback, 0x1}}, 0x200, 0x8, 0x9, 0x0, 0x5c0}, &(0x7f0000000400)=0x98)
ioctl$TCSETS(r4, 0x40045431, &(0x7f00003b9fdc)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c41})
r8 = syz_open_pts(r4, 0x0)
ioctl$VIDIOC_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f00000000c0)={0x6, 0x4b9, 0x5, [], &(0x7f0000000000)=0x8})
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f00000007c0)=ANY=[@ANYBLOB="10000000000000002000020000000000a71f48a80ae73bad125dd8e110faf6a1d33f865cdfda52dea5caca04223a4e753e058b343700003b9ba63a0817c40e02e9e4dd8745d316b54f97ef1652dac017e6d59a6f4523c98b0b69060b5a8ed409101967c40c1c47c673307d07b667085b518caeeb6bbc3f8a044f47885d9fbb77baf451d2623031feb7f799e721f8ff9a15c41f5b0c8b14efdeb7e7368839911b923282a686b5e6a2b254d5e6e11e631080f4fb86c24a5994df54293856cccccfada1d6860fce83e20d5157c3af8fd2ae206d43788eba9d04206fe6359d28d3d490b7d16eb658a000bcd7b67a380c40a2e13dda49198d66f59c3733fd17e6c8095a831050e9ce7e7e48c10e74a312bec8353b752e327cab65fbc8353740ff8e0bd131c97a6e66ea2fecc1bf04e1bd37d768f894ea1851d557ae9990c394d5a939c19de9bb42366a3ae44247e08fa6427c70eab2e52bbfedf8d3304197fd2c83e83ca0bb18e55a17426457699c7777c3067a139209b36a6df68697756737a7552746b12fe631720d0379fc51dbfb9f232e1a347b82489bc3a60b18c83f88d89bbf98ce5e58138bfd32ca13684a0b2e080bd38958db1dd822ba0768edb5"], 0x1, 0x3)
process_vm_readv(r3, &(0x7f0000000440)=[{&(0x7f0000000580)=""/229, 0xe5}], 0x1, &(0x7f0000000780)=[{&(0x7f0000000680)=""/238, 0xee}], 0x1, 0x0)
setresgid(0x0, 0x0, 0x0)
write(r4, &(0x7f0000c34fff), 0xffffff0b)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000140)={0x5, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x9})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000005, 0x5c831, r8, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f00000001c0)={0x7b, 0x0, [0x2, 0x4000000040, 0xbf6, 0x9]})
ioctl$FS_IOC_RESVSP(r5, 0x40305828, &(0x7f0000000300)={0x0, 0x7, 0xbb, 0xd806})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@remote, 0x0, r1})
r9 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$TIOCLINUX6(r6, 0x541c, &(0x7f0000000340)={0x6, 0x1b})
ioctl$VIDIOC_CREATE_BUFS(r9, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(r0, r0)

04:38:32 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_su`vol_rm_allowed,comprQss,compress-force,rescao_uuid_tree,dont_measure,measure,\x00'])

04:38:33 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:33 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
r2 = socket(0x2, 0x0, 0x6)
recvfrom(r2, &(0x7f0000000000)=""/15, 0xf, 0x40000042, 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000001c0)={0x10001, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:33 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
r1 = shmget(0x0, 0x4000, 0x800, &(0x7f0000ff9000/0x4000)=nil)
shmctl$IPC_STAT(r1, 0x2, &(0x7f00000002c0)=""/103)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r2 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x40)
ioctl$VIDIOC_G_PARM(r2, 0xc0cc5615, &(0x7f00000001c0)={0x8, @output={0x1000, 0x1, {0x100, 0x5}, 0x2, 0xb29}})
ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})

04:38:33 executing program 5:
fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f00000001c0)={0x0, <r0=>0x0})
perf_event_open(&(0x7f000001d000)={0x1, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000080)={0x1, "5ad6b39011ca890f51b631262d4b413cb097fbf2e3500ec6185d0f39a70c0d1f", 0x3, 0x1})
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:33 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@ssd='ssd'}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(r1, 0x5381)

04:38:33 executing program 4:
fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f00000001c0)={0x0, <r0=>0x0})
perf_event_open(&(0x7f000001d000)={0x1, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000080)={0x1, "5ad6b39011ca890f51b631262d4b413cb097fbf2e3500ec6185d0f39a70c0d1f", 0x3, 0x1})
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:33 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:33 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x65)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x4000)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, r0, 0x5}, 0xfdd7)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000240)={0x5, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
r3 = dup2(0xffffffffffffffff, r1)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000000)={0x16aa, 0x3}, 0x2)

04:38:33 executing program 5:
fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f00000001c0)={0x0, <r0=>0x0})
perf_event_open(&(0x7f000001d000)={0x1, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000080)={0x1, "5ad6b39011ca890f51b631262d4b413cb097fbf2e3500ec6185d0f39a70c0d1f", 0x3, 0x1})
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:33 executing program 4:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}}, &(0x7f00000003c0)=0x14)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f0000000240)=0x1)

04:38:33 executing program 2:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r1=>0x0}, &(0x7f00000003c0)=0x14)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r1)
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000240)=0x1)

04:38:33 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0xfffffffffffffdc3, 0x0, 0xfffffffffffffffe, &(0x7f0000001e00))

04:38:33 executing program 5:
fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f00000001c0)={0x0, <r0=>0x0})
perf_event_open(&(0x7f000001d000)={0x1, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$VIDIOC_ENUMAUDIO(r2, 0xc0345641, &(0x7f0000000080)={0x1, "5ad6b39011ca890f51b631262d4b413cb097fbf2e3500ec6185d0f39a70c0d1f", 0x3, 0x1})
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:33 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', 0x0, 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:33 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x65)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x4000)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, r0, 0x5}, 0xfdd7)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000240)={0x5, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
r3 = dup2(0xffffffffffffffff, r1)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000000)={0x16aa, 0x3}, 0x2)

04:38:33 executing program 5:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r1=>0x0}, &(0x7f00000003c0)=0x14)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r1)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000240)=0x1)

04:38:33 executing program 1:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r1=>0x0}, &(0x7f00000003c0)=0x14)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x2007fff)
fremovexattr(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="747275737465642e00001c000023000000001c9e0002"])
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000240)=0x1)

04:38:33 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:33 executing program 0:
r0 = socket$inet6(0xa, 0x4000803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1757.406603] FAT-fs (loop3): bogus number of reserved sectors
[ 1757.426832] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:34 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
accept$packet(0xffffffffffffff9c, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000080)={r2, 0x3843, 0x3, 0x400, 0x8, 0x3, 0x4})

04:38:34 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1757.618983] FAT-fs (loop3): bogus number of reserved sectors
[ 1757.633214] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1757.640037] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1757.646535] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
04:38:34 executing program 4:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r1=>0x0}, &(0x7f00000003c0)=0x14)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x2007fff)
fremovexattr(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="747275737465642e00001c000023000000001c9e0002"])
ioctl$TIOCSPGRP(r4, 0x5410, &(0x7f0000000000))
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000240)=0x1)

04:38:34 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_S_FBUF(r1, 0x4030560b, &(0x7f00000002c0)={0x22, 0x29, &(0x7f00000001c0)="4ba15ae155d32f22fac3ee6383f527a69ba3fbedf0f1edcd4aca63e1c267445057a5a56c57b4f1663862ec5809d3937dadb1794c8c905246576f054dc567f01db18d159d1cca1c9248a5d00eb9b178d7e1c7514a0c967aeee242f7831515b6e3bc121f5f378428aacfb2c02de93428cf413bfbcc6d03d5af34d713cb7df428affe63637eab449e1a991da03c0a19be5f26f434927cec19456a209314447cd1e2baed6bf52318d78c76a6e167bef5a56d7056be63bf6d7af37fe6744df586bcb26e99e6df802a96c1e2281a033c25fd190f4851", {0xfffffffffffffff9, 0x6, 0x1afd218f686a9247, 0x5, 0x4, 0x7fff000000, 0xb}})
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x8, &(0x7f0000000000)=[{0x7fffffff, 0xe3, 0x8, 0x6}, {0x8, 0x4, 0x4, 0xffff}, {0x6, 0xff, 0x401}, {0x6, 0x8000, 0x3, 0x100}, {0x4, 0x1, 0x8, 0x1000}, {0x9, 0x80, 0xf59, 0x1}, {0xfcb1, 0x6, 0x80000000, 0x100000001}, {0x8, 0x0, 0x7ff, 0x100000000}]})
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
socket$alg(0x26, 0x5, 0x0)
ioctl$KDENABIO(r2, 0x4b36)

04:38:34 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:34 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f64948b785a23b81b7d2c6d6561737572652c00"])

04:38:34 executing program 5:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r1=>0x0}, &(0x7f00000003c0)=0x14)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x2007fff)
fremovexattr(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="747275737465642e00001c000023000000001c9e0002"])
ioctl$TIOCSPGRP(r4, 0x5410, &(0x7f0000000000))
write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7)
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000240)=0x1)

[ 1757.865015] audit: type=1326 audit(1545107914.420:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=7886 comm="syz-executor2" exe="/root/syz-executor2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45a4ca code=0x0
04:38:34 executing program 1:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400), &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r1=>0x0}, &(0x7f00000003c0)=0x14)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ftruncate(r4, 0x2007fff)
fremovexattr(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="747275737465642e00001c000023000000001c9e0002"])
ioctl$TIOCSPGRP(r4, 0x5410, &(0x7f0000000000))
write$P9_RSETATTR(r4, &(0x7f0000000040)={0x7}, 0x7)
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000240)=0x1)

[ 1757.934581] FAT-fs (loop3): bogus number of reserved sectors
[ 1757.968604] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:34 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1758.148193] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
04:38:34 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x30000, 0x0)
utimensat(r1, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={{}, {0x0, 0x7530}}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1758.194708] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1758.225365] FAT-fs (loop3): bogus number of reserved sectors
[ 1758.231294] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1758.279851] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
04:38:34 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1758.466452] FAT-fs (loop3): bogus number of reserved sectors
[ 1758.475622] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1758.486340] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
04:38:35 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:35 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bond_slave_1\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

[ 1758.666431] FAT-fs (loop3): bogus number of reserved sectors
[ 1758.711156] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:35 executing program 2:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400)={<r0=>0x0}, &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r2=>0x0}, &(0x7f00000003c0)=0x14)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x2007fff)
fremovexattr(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="747275737465642e00001c000023000000001c9e0002"])
ioctl$TIOCSPGRP(r5, 0x5410, &(0x7f0000000000))
write$P9_RSETATTR(r5, &(0x7f0000000040)={0x7}, 0x7)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000240)=0x1)
connect$inet6(r5, &(0x7f0000000140)={0xa, 0x4e24, 0x9, @empty, 0x200}, 0x1c)
setsockopt$inet6_MRT6_DEL_MFC(r5, 0x29, 0xcd, &(0x7f0000000540)={{0xa, 0x4e20, 0x8, @remote, 0xcf}, {0xa, 0x4e22, 0xffffffffffff07af, @empty, 0x7}, 0x0, [0x8, 0x5, 0x180000, 0x1, 0x4, 0x8, 0x7, 0x1]}, 0x5c)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000340)={r0, 0x8}, &(0x7f0000000380)=0x8)

[ 1759.000155] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[ 1759.007541] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
04:38:35 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x4000, 0x0)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$TUNSETGROUP(r1, 0x400454ce, r2)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000000240))
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:35 executing program 1:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400)={<r0=>0x0}, &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r2=>0x0}, &(0x7f00000003c0)=0x14)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x2007fff)
fremovexattr(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="747275737465642e00001c000023000000001c9e0002"])
ioctl$TIOCSPGRP(r5, 0x5410, &(0x7f0000000000))
write$P9_RSETATTR(r5, &(0x7f0000000040)={0x7}, 0x7)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000240)=0x1)
connect$inet6(r5, &(0x7f0000000140)={0xa, 0x4e24, 0x9, @empty, 0x200}, 0x1c)
setsockopt$inet6_MRT6_DEL_MFC(r5, 0x29, 0xcd, &(0x7f0000000540)={{0xa, 0x4e20, 0x8, @remote, 0xcf}, {0xa, 0x4e22, 0xffffffffffff07af, @empty, 0x7}, 0x0, [0x8, 0x5, 0x180000, 0x1, 0x4, 0x8, 0x7, 0x1]}, 0x5c)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000340)={r0, 0x8}, &(0x7f0000000380)=0x8)
sendfile(r1, r5, &(0x7f0000d83ff8), 0x800000000024)
getsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f00000004c0), &(0x7f0000000500)=0x4)

04:38:35 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000040)='cgroup.type\x00', 0x2, 0x0)
ioctl(r0, 0x40, &(0x7f0000000180)="0a682d023c12628571807027ca845d6763b462f5d6db4d7c7ade359d8af5f2c98622bbf0e3d7149650749742d8f4f800c8520ccd32412c4d72bc8c457f660c403157fbc8d51b385f58ed9ae08aa110fb5d11cef619a9a45cf7874e028751925f0a98e99b1e2300002656dd74bae401a286350f066d11ea215db5700caddd23cc57d4165762f989c5bee1b03c32d612b9ffda4535a4757e5d5e5006283f3a0c34528c")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x2000, 0x0)

04:38:35 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:35 executing program 5:
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[]])
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000400)={<r0=>0x0}, &(0x7f0000000440)=0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000005c0), &(0x7f0000000600)=0x8)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
getsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f00000000c0)={@ipv4={[], [], @local}, <r2=>0x0}, &(0x7f00000003c0)=0x14)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0)
timer_create(0x3, &(0x7f0000000640)={0x0, 0x3, 0x2, @thr={&(0x7f0000000800)="9b4a2a16c4773bb28b3d3c1818fbadb5bbb62c06fec1b3f2b5e1bf11146acf3e189c0865b84e0247f84b2909f98d23be30c80891cdff13de8951d441362a6a452cb72e657bd59be3011e08d413aa96a9ceaec8742b11cdcd130ce8c530906804598945f2bd81a729805ee71c5edb2304def8479d", 0x0}}, 0x0)
timer_delete(0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x1c\x9e\x00\x02\x00', 0x811})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000280)=r2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0x2007fff)
fremovexattr(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="747275737465642e00001c000023000000001c9e0002"])
ioctl$TIOCSPGRP(r5, 0x5410, &(0x7f0000000000))
write$P9_RSETATTR(r5, &(0x7f0000000040)={0x7}, 0x7)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000240)=0x1)
connect$inet6(r5, &(0x7f0000000140)={0xa, 0x4e24, 0x9, @empty, 0x200}, 0x1c)
setsockopt$inet6_MRT6_DEL_MFC(r5, 0x29, 0xcd, &(0x7f0000000540)={{0xa, 0x4e20, 0x8, @remote, 0xcf}, {0xa, 0x4e22, 0xffffffffffff07af, @empty, 0x7}, 0x0, [0x8, 0x5, 0x180000, 0x1, 0x4, 0x8, 0x7, 0x1]}, 0x5c)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000340)={r0, 0x8}, &(0x7f0000000380)=0x8)
sendfile(r1, r5, &(0x7f0000d83ff8), 0x800000000024)

[ 1759.133983] FAT-fs (loop3): bogus number of reserved sectors
[ 1759.164976] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:35 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2)
getpeername$unix(r1, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e)

04:38:35 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
r2 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="2321202e2f66696c6530207b202f6465762f7620202e6370757365746b736570c67369785f61636c5f6163637927202f25ccbff150a5788355b1104d832e3fdb37b2995b31492f59dd6eefef7e09a99c07fae45e52702f0ce784191728a512a744333f9313010099ddb2888b5ff00000000000000000000000000000000000000000000000000000000000000000e80a9cb01af5e7000000000000000000"], 0x97)
r3 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x2, 0x2)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f00000002c0))
setsockopt$llc_int(r3, 0x10c, 0x6, &(0x7f0000000280)=0x1ff, 0x4)
ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
r4 = accept4$nfc_llcp(r3, &(0x7f0000000400), &(0x7f0000000300)=0x60, 0x800)
r5 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f00000004c0)={0x8, 0x0, [], {0x0, @reserved}})
ioctl$VIDIOC_ENUMAUDOUT(r5, 0xc0345642, &(0x7f0000000000)={0x7, "5cda540cca44f043b878d6e7c703fb7a992392b169a4ef040b77c6e5a6316673", 0x2, 0x1})
fcntl$setpipe(r2, 0x407, 0x1d95c7ba)
fchmod(r0, 0x100)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f00000001c0)={0x0, 0x0, [], {0x0, @bt={0x8, 0x400, 0x1, 0x2, 0x1000, 0xffffffff00000001, 0x6, 0x0, 0x7, 0x8, 0xfffffffffffffc00, 0x80, 0xa0, 0x4, 0x4, 0x8}}})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r4)

04:38:35 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:35 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
r2 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
write$binfmt_script(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="2321202e2f66696c6530207b202f6465762f7620202e6370757365746b736570c67369785f61636c5f6163637927202f25ccbff150a5788355b1104d832e3fdb37b2995b31492f59dd6eefef7e09a99c07fae45e52702f0ce784191728a512a744333f9313010099ddb2888b5ff00000000000000000000000000000000000000000000000000000000000000000e80a9cb01af5e7000000000000000000"], 0x97)
r3 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x2, 0x2)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f00000002c0))
setsockopt$llc_int(r3, 0x10c, 0x6, &(0x7f0000000280)=0x1ff, 0x4)
ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
r4 = accept4$nfc_llcp(r3, &(0x7f0000000400), &(0x7f0000000300)=0x60, 0x800)
r5 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f00000004c0)={0x8, 0x0, [], {0x0, @reserved}})
ioctl$VIDIOC_ENUMAUDOUT(r5, 0xc0345642, &(0x7f0000000000)={0x7, "5cda540cca44f043b878d6e7c703fb7a992392b169a4ef040b77c6e5a6316673", 0x2, 0x1})
fcntl$setpipe(r2, 0x407, 0x1d95c7ba)
fchmod(r0, 0x100)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r2, 0xc0945662, &(0x7f00000001c0)={0x0, 0x0, [], {0x0, @bt={0x8, 0x400, 0x1, 0x2, 0x1000, 0xffffffff00000001, 0x6, 0x0, 0x7, 0x8, 0xfffffffffffffc00, 0x80, 0xa0, 0x4, 0x4, 0x8}}})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r4)

[ 1759.399225] FAT-fs (loop3): bogus number of reserved sectors
[ 1759.414524] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:36 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r1})
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000080)={0x0, <r2=>0x0}, &(0x7f00000001c0)=0xc)
quotactl(0x4, &(0x7f0000000000)='./file0\x00', r2, &(0x7f0000000200)="6dcdb0bb2ef737372044814fcbc2a3c739b0e7f910f420cb03238bd02ca1ce44869141ae37ca80d9fc2cfd8b31f9d892a20c646f718e2f2d52bcbbab0cb4eb5e10545bd827f9c9f92d34d21b65f50c885e0b706f8d1837d4d5c222a90d72ca614583935a82b536f8ca42d91dcc5fc338193581529e2ac38061fccd2c46fb27")
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000280))
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x0, &(0x7f0000000140), 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1759.677932] FAT-fs (loop3): bogus number of reserved sectors
[ 1759.702959] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1759.774565] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
04:38:36 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x10000, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000080)={0x1000, 0x9000})
clock_gettime(0x0, &(0x7f00000001c0)={<r3=>0x0, <r4=>0x0})
setitimer(0x1, &(0x7f0000000200)={{r3, r4/1000+10000}, {0x0, 0x7530}}, &(0x7f0000000240))
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x3, 0x9)
r1 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x2, 0x50000)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'irlan0\x00'})
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@mcast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000340)=0xe8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond_s\xf0\xfa\xcf\xa5_0\x00', <r4=>r3})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@mcast1, 0x0, r4})
r5 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2)
setsockopt$packet_drop_memb(r5, 0x107, 0x2, &(0x7f0000000080)={r4, 0x1, 0x6, @remote}, 0x10)
r6 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r6, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{0x0}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1759.815795] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
04:38:36 executing program 0:
r0 = socket$inet6(0xa, 0x8000000000d, 0x6b1)
ioctl(r0, 0xfffffffffffffffd, &(0x7f0000000000)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1759.917516] FAT-fs (loop3): bogus number of reserved sectors
04:38:36 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
ioctl$VIDIOC_STREAMOFF(r1, 0x40045613, &(0x7f0000000000)=0x7)
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0)
fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000200))
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f00000001c0)={0x1ff, 0x1, 0x4, 0x400})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r2 = shmget(0x2, 0x4000, 0x4, &(0x7f0000ffb000/0x4000)=nil)
shmctl$SHM_LOCK(r2, 0xb)
r3 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0)
fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000200))
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f00000001c0)={0x1ff, 0x1, 0x4, 0x400})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r2 = shmget(0x2, 0x4000, 0x4, &(0x7f0000ffb000/0x4000)=nil)
shmctl$SHM_LOCK(r2, 0xb)
r3 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

[ 1759.971612] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:36 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000001c0)=@xdp={0x2c, 0x0, <r1=>0x0}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000240)=""/202, 0xca}, {&(0x7f0000000340)=""/249, 0xf9}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x3, &(0x7f00000014c0)=""/153, 0x99}, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bpq0\x00', <r2=>r1})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r2})
r3 = fcntl$dupfd(r0, 0x406, r0)
ioctl$KVM_PPC_GET_SMMU_INFO(r3, 0x8250aea6, &(0x7f0000000000)=""/12)
r4 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 4:
r0 = socket$inet6(0xa, 0x400000000000803, 0x4)
ioctl(r0, 0x400001000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0xffffffffffff1a4d, 0x0)
syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000400))
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000700)={0x28, 0x0, 0xffffffff}, 0x10)
r3 = syz_init_net_socket$llc(0x1a, 0x80200000000002, 0x0)
sendto$llc(r3, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_timeval(r3, 0x1, 0x14, &(0x7f0000000080)={0x0, 0x2710}, 0x10)
recvmmsg(r3, &(0x7f000000cd80)=[{{&(0x7f000000be80)=@ll, 0x80, &(0x7f000000c2c0)=[{&(0x7f000000bf00)=""/139, 0x8b}, {&(0x7f000000bfc0)=""/220, 0xdc}, {&(0x7f000000c0c0)=""/93, 0x5d}, {&(0x7f000000c140)=""/193, 0xc1}, {&(0x7f000000c240)=""/115, 0x73}], 0x5, &(0x7f000000c340)=""/106, 0x6a, 0xffffffff}, 0x6}, {{0x0, 0x0, &(0x7f000000c600)=[{&(0x7f000000c3c0)=""/56, 0x38}, {&(0x7f000000c400)=""/74, 0x4a}, {&(0x7f000000c480)=""/114, 0x72}, {&(0x7f000000c500)=""/132, 0x84}, {&(0x7f000000c5c0)=""/15, 0xf}], 0x5, 0x0, 0x0, 0x7d48bddc}, 0x100000001}, {{0x0, 0x0, &(0x7f000000c700)=[{&(0x7f000000c680)=""/90, 0x5a}], 0x1, &(0x7f000000c740)=""/16, 0x10, 0x7f}, 0x200}, {{&(0x7f000000c780)=@ethernet, 0x80, &(0x7f000000ca00)=[{&(0x7f000000c800)=""/210, 0xd2}, {&(0x7f000000c900)=""/92, 0x5c}, {&(0x7f000000c980)=""/82, 0x52}], 0x3, &(0x7f000000ca40)=""/40, 0x28}, 0x6}, {{&(0x7f000000ca80)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r4=>0xffffffffffffffff}}, 0x80, &(0x7f000000cd00)=[{&(0x7f000000cb00)=""/255, 0xff}, {&(0x7f000000cc00)}, {&(0x7f000000cc40)=""/180, 0xb4}], 0x3, &(0x7f000000cd40)=""/5, 0x5, 0x2}, 0xffffffff}], 0x5, 0x2000, &(0x7f000000cec0)={0x0, 0x1c9c380})
timer_create(0x3, &(0x7f00000003c0)={0x0, 0x18, 0x0, @thr={&(0x7f0000000200)="6903e89e0ef31a108c6c617c1e91032c6eea2d4c4192005139942e9da3ee8c602ecf6f7051c5d366e4a75e4edce2690631bef392b95f2f6a8debac74e4d2439e789c29bd0cde430f139f81dcef64b9a5", 0x0}}, &(0x7f0000000440)=<r5=>0x0)
timer_delete(r5)
io_getevents(0x0, 0x7ff, 0x0, &(0x7f0000000500), &(0x7f0000000540))
r6 = socket$inet6(0xa, 0x803, 0x8)
ioctl(r6, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070")
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='.\x8e\xd8ents\x00\xa3\\\xcc\xe1O\x1a\xf7\xebl\fo,\x1e\xf0\x93\xc0.\xa3\xbf:\x8d\x98\x938\xc9\xb0Ls\xd2\xef\v\xfc\x98\x00\x00\x00\x00}#0\x06_\x16\aQ\xd2\a\xb9=\xe7\x80\xbe\xba\xee*#\xcd5\x13\xe5\xe5\xbc*\x15~\xbe\x0f\xa4\xc8\x9f\xda\xf0\x80\xb1\xa5?\x84\xc3\x80', 0x26e1, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8)
ioctl$DRM_IOCTL_MARK_BUFS(r1, 0x40206417, &(0x7f0000000480)={0x5973, 0x48, 0x100, 0xfff, 0xd, 0x8})
ioctl$EXT4_IOC_RESIZE_FS(r7, 0x40086610, &(0x7f0000000740))
socket$bt_hidp(0x1f, 0x3, 0x6)
r8 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x401, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000040)={{{@in=@multicast1, @in=@loopback}}, {{@in=@loopback}, 0x0, @in6}}, &(0x7f0000000140)=0xe8)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000004c0)={<r9=>0xffffffffffffffff}, 0x0, 0x2}}, 0x20)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000600)='/dev/qat_adf_ctl\x00', 0x140c0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r8, &(0x7f0000000580)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x3, @local, 0x8}, {0xa, 0x4e23, 0x6, @local, 0x6ced}, r9, 0x9}}, 0x48)
syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
io_setup(0x140000000000, &(0x7f0000000000))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x0, 0x0)

04:38:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{0x0}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:36 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x200000, 0x0)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000080)=@sack_info={<r2=>0x0, 0x8, 0x9}, &(0x7f00000001c0)=0xc)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000200)=r2, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f00000002c0)='\x00')
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
socket$inet6(0xa, 0x800, 0xc82)
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
mq_getsetattr(r1, &(0x7f0000000240)={0x2, 0x1, 0x9, 0x76, 0x100, 0x2, 0x2, 0x326}, &(0x7f0000000280))
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)
fallocate(r3, 0x58, 0x9, 0x81)

04:38:36 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={<r1=>0x0, 0x9, 0x2, 0x8, 0xa, 0x32bc}, &(0x7f0000000040)=0x14)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000080)={r1, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xc}}}, 0x3, 0x10001, 0x400, 0xca, 0x400}, &(0x7f0000000180)=0x98)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r2 = open(&(0x7f00000001c0)='./file0\x00', 0x4000, 0x80)
setsockopt$TIPC_MCAST_BROADCAST(r2, 0x10f, 0x85)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_subvol_rm_allowed,compress,subvol=/dev/ptmx\x00,rescan_uuid_tfee,smackfsdef=/dev/ptmx\x00,measure,\x00'])

04:38:36 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x100, 0x0)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000200)={0x8, 0x2, 0x4, 0xe000, {}, {0x1, 0x0, 0xffffffffffffffd9, 0xfffffffffffffff9, 0xd, 0x20, "c471b951"}, 0x6, 0x7, @planes=&(0x7f00000001c0)={0x7, 0xfffffffffffffbff, @fd=r2}, 0x4})
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x100, 0x0)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000200)={0x8, 0x2, 0x4, 0xe000, {}, {0x1, 0x0, 0xffffffffffffffd9, 0xfffffffffffffff9, 0xd, 0x20, "c471b951"}, 0x6, 0x7, @planes=&(0x7f00000001c0)={0x7, 0xfffffffffffffbff, @fd=r2}, 0x4})
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

[ 1760.171714] FAT-fs (loop3): bogus number of reserved sectors
[ 1760.195959] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:36 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x100, 0x0)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000200)={0x8, 0x2, 0x4, 0xe000, {}, {0x1, 0x0, 0xffffffffffffffd9, 0xfffffffffffffff9, 0xd, 0x20, "c471b951"}, 0x6, 0x7, @planes=&(0x7f00000001c0)={0x7, 0xfffffffffffffbff, @fd=r2}, 0x4})
r3 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{0x0}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:36 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}, [0xe7]})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x9dd)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r1, &(0x7f0000000040)="2b408c3321cd7f769454848a702047c188d2fa1375f220fb5fe2e20428c7041ae4a124cbf0645fd8e00669180ff895659327c19aee1310cf742914b856c4b1501d1ba07dc44c9092fc7eb08425eda2c723434b44c471cc0f61b135274958c7c36c6ff0bdb804c981c76802589017b99bd84500821659568d0ca48b121a9e189251c1e9f2cdad14da1235a60ba9c0cdfb48ea410595cbf308f565a6f4a5a9b3f0c65e691dee7432dad0823d97ee8ddc2508f546d10c0f84826bccea205197770e4da8ee0cceb7d3886003304925d5ab", &(0x7f0000000180)=""/134}, 0x18)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:36 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}, [0xe7ffffffffffffff]})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c}}, [0x500]})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:36 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:37 executing program 2 (fault-call:20 fault-nth:0):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1760.445598] FAT-fs (loop3): bogus number of reserved sectors
[ 1760.468319] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:37 executing program 4 (fault-call:20 fault-nth:0):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:37 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x3ac, 0x3ef, 0x5, 0x30c, 0x0, 0x1d3, 0xe003, 0x33c, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x0, r0})
r1 = syz_open_dev$video(&(0x7f0000000480)='/dev/video#\x00', 0x100000007fffffff, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f00000000c0)={0x0, 0x8000, 0x2000000000000002, {0x1, @pix={0x0, 0x0, 0x0, 0x0, 0x0, 0x15182c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff}}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)

04:38:37 executing program 1 (fault-call:6 fault-nth:0):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300), 0x20)

04:38:37 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:37 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f70746d78002c6d6561737572652c004dc08d1398b445d70102524533fc12b51a0ad2e2e8c0267000c3df2f6602337d0f3b60d57ad59a5526c09abb2011e732"])
creat(&(0x7f0000000000)='./file0\x00', 0xa0)
r1 = add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0x0)
keyctl$restrict_keyring(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='user\x00')

[ 1760.616389] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1760.684437] FAULT_INJECTION: forcing a failure.
[ 1760.684437] name failslab, interval 1, probability 0, space 0, times 0
[ 1760.717354] CPU: 1 PID: 8039 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #156
[ 1760.724657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1760.734003] Call Trace:
[ 1760.734036]  dump_stack+0x244/0x39d
[ 1760.734059]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1760.734074]  ? mark_held_locks+0x130/0x130
[ 1760.734102]  should_fail.cold.4+0xa/0x17
[ 1760.753939]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1760.759046]  ? mark_held_locks+0x130/0x130
[ 1760.763289]  ? mark_held_locks+0x130/0x130
[ 1760.767520]  ? zap_class+0x640/0x640
[ 1760.771232]  ? print_usage_bug+0xc0/0xc0
[ 1760.775315]  ? find_held_lock+0x36/0x1c0
[ 1760.779380]  ? __lock_is_held+0xb5/0x140
[ 1760.783499]  ? amd_iommu_attach_device+0x2e8/0x2f0
[ 1760.788441]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1760.793904]  __should_failslab+0x124/0x180
[ 1760.798140]  should_failslab+0x9/0x14
[ 1760.801939]  kmem_cache_alloc_node+0x26e/0x730
[ 1760.806518]  ? find_held_lock+0x36/0x1c0
[ 1760.810580]  __alloc_skb+0x119/0x770
[ 1760.814285]  ? mark_held_locks+0xc7/0x130
[ 1760.818431]  ? netdev_alloc_frag+0x1f0/0x1f0
[ 1760.822842]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1760.827422]  ? trace_hardirqs_on+0xbd/0x310
04:38:37 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1760.831743]  ? lock_release+0xa00/0xa00
[ 1760.835718]  ? lock_sock_nested+0xe2/0x120
[ 1760.839953]  ? trace_hardirqs_off_caller+0x310/0x310
[ 1760.845057]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1760.850591]  ? check_preemption_disabled+0x48/0x280
[ 1760.855600]  ? lock_sock_nested+0x9a/0x120
[ 1760.859832]  ? lock_sock_nested+0x9a/0x120
[ 1760.864150]  ? __local_bh_enable_ip+0x160/0x260
[ 1760.868865]  kcm_sendmsg+0xf69/0x24a5
[ 1760.872673]  ? check_preemption_disabled+0x48/0x280
[ 1760.877708]  ? kasan_check_read+0x11/0x20
[ 1760.881853]  ? kcm_tx_work+0x120/0x120
[ 1760.885739]  ? sock_has_perm+0x2bc/0x3e0
[ 1760.889798]  ? selinux_secmark_relabel_packet+0xe0/0xe0
[ 1760.895162]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1760.900705]  ? avc_has_perm+0x55f/0x7e0
[ 1760.904681]  ? avc_has_perm_noaudit+0x630/0x630
[ 1760.909360]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1760.914897]  ? security_socket_sendmsg+0x94/0xc0
[ 1760.919647]  ? kcm_tx_work+0x120/0x120
[ 1760.923535]  sock_sendmsg+0xd5/0x120
[ 1760.927252]  sock_write_iter+0x35e/0x5c0
[ 1760.931317]  ? sock_sendmsg+0x120/0x120
[ 1760.935301]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1760.940836]  ? iov_iter_init+0xe5/0x210
[ 1760.944820]  __vfs_write+0x6b8/0x9f0
[ 1760.948540]  ? kernel_read+0x120/0x120
[ 1760.952424]  ? __might_sleep+0x95/0x190
[ 1760.956396]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1760.961939]  ? selinux_file_permission+0x90/0x540
[ 1760.966787]  ? rw_verify_area+0x118/0x360
[ 1760.970932]  vfs_write+0x1fc/0x560
[ 1760.974978]  ksys_write+0x101/0x260
[ 1760.978609]  ? __ia32_sys_read+0xb0/0xb0
[ 1760.982672]  ? trace_hardirqs_off_caller+0x310/0x310
[ 1760.987781]  __x64_sys_write+0x73/0xb0
[ 1760.991668]  do_syscall_64+0x1b9/0x820
[ 1760.995559]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1761.000924]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1761.005846]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1761.010696]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1761.015718]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1761.020736]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1761.025843]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1761.030698]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1761.035881] RIP: 0033:0x457669
[ 1761.039071] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.057972] RSP: 002b:00007f5c80a76c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1761.065685] RAX: ffffffffffffffda RBX: 00007f5c80a76c90 RCX: 0000000000457669
[ 1761.072947] RDX: 0000000000000020 RSI: 0000000020000300 RDI: 0000000000000004
04:38:37 executing program 5 (fault-call:20 fault-nth:0):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1761.080213] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1761.087476] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5c80a776d4
[ 1761.094825] R13: 00000000004c605f R14: 00000000004dabe0 R15: 0000000000000005
04:38:37 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f776564ad8b0036876b6e9e732c737562766f6c3d2f6465762f70746d78002c7569645f747265652c736d61636b66736465663d2f6465762f70746d78002c6d6561737572652c000000000000000000"])
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000440)=""/4096)

[ 1761.187719] FAULT_INJECTION: forcing a failure.
[ 1761.187719] name failslab, interval 1, probability 0, space 0, times 0
[ 1761.203075] CPU: 1 PID: 8048 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1761.210371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1761.210378] Call Trace:
[ 1761.210403]  dump_stack+0x244/0x39d
[ 1761.210424]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1761.210455]  should_fail.cold.4+0xa/0x17
[ 1761.210475]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1761.210489]  ? _raw_spin_unlock+0x2c/0x50
[ 1761.210503]  ? __mutex_lock+0x85e/0x16f0
[ 1761.210520]  ? loop_control_ioctl+0x91/0x530
[ 1761.222442]  ? zap_class+0x640/0x640
[ 1761.222460]  ? mutex_trylock+0x2b0/0x2b0
[ 1761.222484]  ? find_held_lock+0x36/0x1c0
[ 1761.231351]  ? __lock_is_held+0xb5/0x140
[ 1761.231367]  ? apply_subsystem_event_filter+0x1818/0x19a0
[ 1761.231393]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1761.231410]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1761.240538]  ? avc_has_extended_perms+0xab2/0x15a0
[ 1761.240561]  __should_failslab+0x124/0x180
[ 1761.240578]  should_failslab+0x9/0x14
[ 1761.240594]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1761.248779]  loop_add+0xa3/0xa40
[ 1761.248793]  ? loop_lookup+0x105/0x230
[ 1761.248818]  ? loop_queue_rq+0x690/0x690
[ 1761.248841]  loop_control_ioctl+0x199/0x530
[ 1761.248854]  ? loop_add+0xa40/0xa40
[ 1761.248865]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1761.248883]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1761.256970]  ? loop_add+0xa40/0xa40
[ 1761.256988]  do_vfs_ioctl+0x1de/0x1790
[ 1761.257010]  ? ioctl_preallocate+0x300/0x300
[ 1761.257030]  ? selinux_file_mprotect+0x620/0x620
[ 1761.265111]  ? __sb_end_write+0xd9/0x110
[ 1761.265130]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1761.265147]  ? fput+0x130/0x1a0
[ 1761.280132]  ? do_syscall_64+0x9a/0x820
[ 1761.280152]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1761.280166]  ? security_file_ioctl+0x94/0xc0
[ 1761.280183]  ksys_ioctl+0xa9/0xd0
[ 1761.298605]  __x64_sys_ioctl+0x73/0xb0
[ 1761.298624]  do_syscall_64+0x1b9/0x820
[ 1761.298637]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1761.298655]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1761.298680]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1761.298696]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1761.298710]  ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250
[ 1761.298725]  ? __switch_to_asm+0x40/0x70
[ 1761.310585]  ? __switch_to_asm+0x34/0x70
[ 1761.322534]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1761.322556]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1761.322568] RIP: 0033:0x457669
04:38:37 executing program 1 (fault-call:6 fault-nth:1):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300), 0x20)

04:38:37 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x9, 0x100)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f00000000c0)={'filter\x00'}, &(0x7f0000000180)=0x54)
r2 = getpgid(0xffffffffffffffff)
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000080)=r2)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f0000000040)={0x400, 0x0, 0x300d, 0x100000000, 0x9, 0xba, 0xfffffffffffffffe, 0x1})
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1761.322586] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.340408] RSP: 002b:00007f7c8bd0dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1761.340422] RAX: ffffffffffffffda RBX: 00007f7c8bd0dc90 RCX: 0000000000457669
[ 1761.340435] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1761.340443] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000
04:38:38 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$FICLONE(r0, 0x40049409, r0)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_subvol_rm_allowed,compress,subvol=/dev/ptmx\x00,rescan_uuid_tree,smackfsdef=/dev/ptmx\x00,measurJ,\x00'])

[ 1761.340451] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd0e6d4
[ 1761.340458] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1761.510430] FAT-fs (loop3): bogus number of reserved sectors
[ 1761.529219] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1761.584283] FAULT_INJECTION: forcing a failure.
[ 1761.584283] name failslab, interval 1, probability 0, space 0, times 0
[ 1761.601945] CPU: 0 PID: 8068 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #156
[ 1761.609227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1761.618563] Call Trace:
[ 1761.621138]  dump_stack+0x244/0x39d
[ 1761.624751]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1761.629951]  should_fail.cold.4+0xa/0x17
[ 1761.633997]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1761.639085]  ? __save_stack_trace+0x8d/0xf0
[ 1761.643395]  ? zap_class+0x640/0x640
[ 1761.647091]  ? save_stack+0xa9/0xd0
[ 1761.650701]  ? save_stack+0x43/0xd0
[ 1761.654309]  ? find_held_lock+0x36/0x1c0
[ 1761.658364]  ? __lock_is_held+0xb5/0x140
[ 1761.662413]  ? zap_class+0x640/0x640
[ 1761.666110]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1761.671545]  ? check_preemption_disabled+0x48/0x280
[ 1761.676543]  __should_failslab+0x124/0x180
[ 1761.680759]  should_failslab+0x9/0x14
[ 1761.684542]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1761.689638]  __kmalloc_node_track_caller+0x3c/0x70
[ 1761.694555]  __kmalloc_reserve.isra.40+0x41/0xe0
[ 1761.699293]  __alloc_skb+0x155/0x770
[ 1761.702985]  ? mark_held_locks+0xc7/0x130
[ 1761.707115]  ? netdev_alloc_frag+0x1f0/0x1f0
[ 1761.711505]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1761.716072]  ? trace_hardirqs_on+0xbd/0x310
[ 1761.720371]  ? lock_release+0xa00/0xa00
[ 1761.724323]  ? lock_sock_nested+0xe2/0x120
[ 1761.728539]  ? trace_hardirqs_off_caller+0x310/0x310
[ 1761.733641]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1761.739175]  ? check_preemption_disabled+0x48/0x280
[ 1761.744173]  ? lock_sock_nested+0x9a/0x120
[ 1761.748389]  ? lock_sock_nested+0x9a/0x120
[ 1761.752613]  ? __local_bh_enable_ip+0x160/0x260
[ 1761.757276]  kcm_sendmsg+0xf69/0x24a5
[ 1761.761068]  ? check_preemption_disabled+0x48/0x280
[ 1761.766078]  ? kasan_check_read+0x11/0x20
[ 1761.770206]  ? kcm_tx_work+0x120/0x120
[ 1761.774076]  ? sock_has_perm+0x2bc/0x3e0
[ 1761.778122]  ? selinux_secmark_relabel_packet+0xe0/0xe0
[ 1761.783469]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1761.788987]  ? avc_has_perm+0x55f/0x7e0
[ 1761.792946]  ? avc_has_perm_noaudit+0x630/0x630
[ 1761.797626]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1761.803146]  ? security_socket_sendmsg+0x94/0xc0
[ 1761.808075]  ? kcm_tx_work+0x120/0x120
[ 1761.811946]  sock_sendmsg+0xd5/0x120
[ 1761.815647]  sock_write_iter+0x35e/0x5c0
[ 1761.819694]  ? sock_sendmsg+0x120/0x120
[ 1761.823659]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1761.829188]  ? iov_iter_init+0xe5/0x210
[ 1761.833161]  __vfs_write+0x6b8/0x9f0
[ 1761.836860]  ? kernel_read+0x120/0x120
[ 1761.840728]  ? __might_sleep+0x95/0x190
[ 1761.844696]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1761.850230]  ? selinux_file_permission+0x90/0x540
[ 1761.855080]  ? rw_verify_area+0x118/0x360
[ 1761.859215]  vfs_write+0x1fc/0x560
[ 1761.862766]  ksys_write+0x101/0x260
[ 1761.866377]  ? __ia32_sys_read+0xb0/0xb0
[ 1761.870422]  ? trace_hardirqs_off_caller+0x310/0x310
[ 1761.875522]  __x64_sys_write+0x73/0xb0
[ 1761.879395]  do_syscall_64+0x1b9/0x820
[ 1761.883264]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1761.888606]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1761.893521]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1761.898346]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1761.903342]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1761.908345]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1761.913345]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1761.918173]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1761.923357] RIP: 0033:0x457669
[ 1761.926533] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1761.945425] RSP: 002b:00007f5c80a76c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1761.953111] RAX: ffffffffffffffda RBX: 00007f5c80a76c90 RCX: 0000000000457669
[ 1761.960360] RDX: 0000000000000020 RSI: 0000000020000300 RDI: 0000000000000004
[ 1761.967617] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1761.974894] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5c80a776d4
[ 1761.982146] R13: 00000000004c605f R14: 00000000004dabe0 R15: 0000000000000005
04:38:38 executing program 4 (fault-call:20 fault-nth:1):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:38 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x288000, 0x0)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000040), &(0x7f0000000080)=0x4)
getsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000009c0), &(0x7f0000000a00)=0x4)
syz_mount_image$hfsplus(&(0x7f00000000c0)='hfsplus\x00', &(0x7f0000000100)='./file0\x00', 0x100000000, 0xa, &(0x7f0000000800)=[{&(0x7f0000000180)="bacb7b9a784b46237a62fcf9388c752487a32a2bb67c54dcc11a34523d2c207ff71feb2b34b30a06c764ef432e34cec412b4508de02cfd5ecf36fa22a67c79f53d6547d79ce6f930a1709b97e8bf07b22de23b7ac64f3df5fea6e77e14ed9931f13cba59df374c896db90783f91827c88b5affb717ae0855e942a07c24f5d439489f24e18dabcb55f481efc6f671da0fa7fb6b323e7a42b1c4cc3c40ed92cedb9e", 0xa1, 0x9}, {&(0x7f0000000240)="a86a4745a6e0b60b8514877bf6124f9e490412984aa567e5632157b1dfab6a99140208", 0x23, 0x3}, {&(0x7f00000002c0)="ab7f132cbba515a9cbe9bec8bae3acf59cfbf41d4e4633f4275484a39bb6b15dd7b4f1576d143dc181ed63196b09ca34df88dfb1b0e1a94f80a0bdfc816019c8182389841afdf702c2ff2982b24ad0571db08f655567424552ff95bc46f56c08060279c8afcdc7c3e5cda6d76175565dc2b0a18e45daa7e43f4a0f5d6e762ff511f6bee89fd045a2be5b24fb57bbf804e33dcd0c823a08b3c1f151f7d65a58613d7d", 0xa2, 0x1}, {&(0x7f0000000440)="36010853889d05309a0d3d6ea310095388ae50863cae5dbda8d7c0a35129871bd4fa1303ed1fe235874e67f97204ee5c9f6aff3c490c26857e9a3b44d5cb4a815b44a767f7279c066a93e79bb95fbfbfef5c8c59a1761ced698e208e1b14b1e4c14a1239e4a92741a9fc7960f5e5d7e5d891acc5941b2c4e4f4fa6f9a82cc865dfc23862ebd1bd632c4b8cd8f05f6d0acec431c3f088371308db1e6f25dccc8bb1bf7bf491bad6f351118185e8b6ab1a7f114c61ab9ee10a34690aa64199312302f5a2bab406c190408119d2967e32e9674a22c5704de9f6a35473b312f07ab81b7ad8ff2942aa8f8942050c1a32429bf7e89a20de5f223099ba21e943", 0xfd, 0x3f}, {&(0x7f0000000380)="438d7231421465b3ac1a2c6bcfcd663cee9211c70a9b3eda0a2cf9052846c3a1f5355a8ed1f144c1c41f039401c630d05a5cfbd68c5df819eb6d708d04302d86c77f65b6e6c4b18ed3cd7b736c6ff25227531d199b3c85fc003be3e530c5a2419afe7b155a75829c0377db332421e0df155980243f2b25c12118", 0x7a, 0x3}, {&(0x7f0000000540)="f0f34767c9a213730d0cbf7843e8ff59385a3f9a2b21f5720555732b172712e0e9f2b345b88427e59353f4f9d705346656067ecc279b928194d948cc300ea03bdcff52b750da35c086a8a590596b12de768298ee2e1057ff204d80b52c90a52d71d55405555d62711b7517fb3818f15acd180e5c03", 0x75, 0x8}, {&(0x7f00000005c0)="e5f0357cd2bfff0f882b89a73b9bbb6467e2d68046073ae110dc289879c003cc4523c3ff9f34a00de5432319553c57739f75b8b3ecf3422ea137e7802044ffebbdbe35b4982a0858c666acdadcbe67635e888ec344b873543482878c09ce84c7f40df883c2605a883f4d8e4f89ea336b6c74fffe42d53bb8ab9f0ab8d871ef371240c2159ca8e81eb12f141dc183d2a7a9948abcf48a2e8b3d95", 0x9a, 0xfbe}, {&(0x7f0000000680)="c4cb41da538b", 0x6, 0xfe}, {&(0x7f00000006c0)="ff4978134261cc350ca7dd662ddd812d750f5280dec20d73785a26850d604b3bef8b2ca54b607da29ba048e0087c2a29750ac10e70df8d7d61cde47f43a6b5c7b8364cf4", 0x44, 0x587}, {&(0x7f0000000740)="f2efe4acdf9a9445b9af37755411db4683d140b13cc9a650215dada9313e75196da467c1c7200d778e0e1200c4e3c93d920cbaa2f4a85420d5bddb35cf14569ce120483d2ef94e48d47a827708de20ca1ce1654e524cf19c1aa3b3d9fa30de31d8cc1c3576fa88b9e82ea1b8759e512d31fb8b94896bf6c61957ba498f137a2e0e6a3459d0a72dfd6d632abc", 0x8c, 0x7}], 0x4801, &(0x7f0000000900)={[{@session={'session', 0x3d, 0x1f}}, {@part={'part', 0x3d, 0x6}}, {@nobarrier='nobarrier'}], [{@measure='measure'}, {@dont_measure='dont_measure'}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@fsname={'fsname', 0x3d, '&&$wlan0%-{lo'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]})

04:38:38 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c3e, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:38 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1762.087679] FAULT_INJECTION: forcing a failure.
[ 1762.087679] name failslab, interval 1, probability 0, space 0, times 0
[ 1762.108270] CPU: 1 PID: 8069 Comm: syz-executor5 Not tainted 4.20.0-rc7+ #156
[ 1762.115559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1762.124911] Call Trace:
[ 1762.127508]  dump_stack+0x244/0x39d
[ 1762.131146]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1762.136364]  should_fail.cold.4+0xa/0x17
[ 1762.140430]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1762.145532]  ? _raw_spin_unlock+0x2c/0x50
[ 1762.149697]  ? __mutex_lock+0x85e/0x16f0
[ 1762.153771]  ? loop_control_ioctl+0x91/0x530
[ 1762.158181]  ? zap_class+0x640/0x640
[ 1762.161894]  ? print_usage_bug+0xc0/0xc0
[ 1762.165965]  ? find_held_lock+0x36/0x1c0
[ 1762.170046]  ? __lock_is_held+0xb5/0x140
[ 1762.174130]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1762.179583]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1762.184163]  ? retint_kernel+0x2d/0x2d
[ 1762.188055]  __should_failslab+0x124/0x180
[ 1762.192291]  should_failslab+0x9/0x14
[ 1762.196087]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1762.200759]  loop_add+0xa3/0xa40
[ 1762.204159]  ? loop_lookup+0x105/0x230
[ 1762.208050]  ? loop_queue_rq+0x690/0x690
[ 1762.212116]  ? loop_control_ioctl+0x15d/0x530
[ 1762.216641]  loop_control_ioctl+0x199/0x530
[ 1762.220960]  ? loop_add+0xa40/0xa40
[ 1762.224591]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1762.230052]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1762.234985]  ? loop_add+0xa40/0xa40
[ 1762.238613]  do_vfs_ioctl+0x1de/0x1790
[ 1762.242509]  ? ioctl_preallocate+0x300/0x300
[ 1762.246923]  ? selinux_file_mprotect+0x620/0x620
[ 1762.251679]  ? __sb_end_write+0xd9/0x110
[ 1762.255742]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1762.261277]  ? fput+0x130/0x1a0
[ 1762.264590]  ? do_syscall_64+0x9a/0x820
[ 1762.268604]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1762.274145]  ? security_file_ioctl+0x94/0xc0
[ 1762.278553]  ksys_ioctl+0xa9/0xd0
[ 1762.282013]  __x64_sys_ioctl+0x73/0xb0
[ 1762.285895]  do_syscall_64+0x1b9/0x820
[ 1762.289780]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1762.295146]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1762.300079]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1762.304921]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1762.309935]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1762.314946]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1762.319968]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1762.324816]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1762.329996] RIP: 0033:0x457669
[ 1762.333192] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1762.352090] RSP: 002b:00007ff6d87ecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1762.359795] RAX: ffffffffffffffda RBX: 00007ff6d87ecc90 RCX: 0000000000457669
[ 1762.367058] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000006
[ 1762.374318] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1762.381590] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6d87ed6d4
[ 1762.388853] R13: 00000000004c087d R14: 00000000004d19b8 R15: 0000000000000008
04:38:39 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:39 executing program 1 (fault-call:6 fault-nth:2):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300), 0x20)

04:38:39 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="757365735f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f70746d78002c6d6561737572652c00485217bd4116d4c812c05845eb2aacc230d73b4410be2041eae6bfae6203f31a8186e2e4564fc297e02b4c1ae959b54f1dce8d2f608079f658e2c07d90f7f9fd"])

04:38:39 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:39 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c0e, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:39 executing program 0:
r0 = socket$inet6(0xa, 0xa, 0x80000000000e)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002cf2650463616e5f757569645f747265652c736d61636b6673646554397e663d2f6465762f70746d78002c6d6561737572"])
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x1, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x16)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000040)={{0x2f, @broadcast, 0x4e22, 0x2, 'dh\x00', 0x20, 0x8, 0x59}, {@multicast1, 0x4e22, 0x1, 0xe70, 0x7, 0x401}}, 0x44)

[ 1762.571956] FAULT_INJECTION: forcing a failure.
[ 1762.571956] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1762.586336] FAULT_INJECTION: forcing a failure.
[ 1762.586336] name failslab, interval 1, probability 0, space 0, times 0
[ 1762.617041] CPU: 0 PID: 8091 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1762.624325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1762.633686] Call Trace:
[ 1762.636260]  dump_stack+0x244/0x39d
[ 1762.639890]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1762.645072]  should_fail.cold.4+0xa/0x17
[ 1762.649115]  ? rcu_softirq_qs+0x20/0x20
[ 1762.653092]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1762.658189]  ? zap_class+0x640/0x640
[ 1762.661887]  ? radix_tree_iter_tag_clear+0x90/0x90
[ 1762.666796]  ? __save_stack_trace+0x8d/0xf0
[ 1762.671106]  ? find_held_lock+0x36/0x1c0
[ 1762.675152]  ? __lock_is_held+0xb5/0x140
[ 1762.679206]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1762.684646]  ? mark_held_locks+0xc7/0x130
[ 1762.688779]  __should_failslab+0x124/0x180
[ 1762.693009]  should_failslab+0x9/0x14
[ 1762.696794]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1762.701885]  ? __fprop_inc_percpu_max+0x2d0/0x2d0
[ 1762.706712]  __kmalloc_node+0x3c/0x70
[ 1762.710507]  blk_mq_alloc_tag_set+0x385/0xad0
[ 1762.714989]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1762.720163]  ? loop_add+0x151/0xa40
[ 1762.723774]  loop_add+0x2c9/0xa40
[ 1762.727222]  ? loop_queue_rq+0x690/0x690
[ 1762.731272]  loop_control_ioctl+0x199/0x530
[ 1762.735575]  ? loop_add+0xa40/0xa40
[ 1762.739184]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1762.744616]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1762.752230]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1762.757141]  ? loop_add+0xa40/0xa40
[ 1762.760760]  do_vfs_ioctl+0x1de/0x1790
[ 1762.764643]  ? ioctl_preallocate+0x300/0x300
[ 1762.769059]  ? selinux_file_mprotect+0x620/0x620
[ 1762.773798]  ? __sb_end_write+0xd9/0x110
[ 1762.777847]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1762.783363]  ? fput+0x130/0x1a0
[ 1762.786626]  ? do_syscall_64+0x9a/0x820
[ 1762.790600]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1762.796121]  ? security_file_ioctl+0x94/0xc0
[ 1762.800510]  ksys_ioctl+0xa9/0xd0
[ 1762.803954]  __x64_sys_ioctl+0x73/0xb0
[ 1762.807825]  do_syscall_64+0x1b9/0x820
[ 1762.811693]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1762.817037]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1762.821948]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1762.826774]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1762.831771]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1762.836781]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1762.841786]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1762.846616]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1762.851784] RIP: 0033:0x457669
[ 1762.854972] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1762.873968] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1762.881669] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1762.888930] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1762.896182] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1762.903443] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1762.910702] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1762.919270] CPU: 1 PID: 8090 Comm: syz-executor1 Not tainted 4.20.0-rc7+ #156
[ 1762.926560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1762.935907] Call Trace:
[ 1762.938495]  dump_stack+0x244/0x39d
[ 1762.942130]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1762.947321]  ? is_bpf_text_address+0xac/0x170
[ 1762.951825]  should_fail.cold.4+0xa/0x17
[ 1762.955887]  ? kasan_check_read+0x11/0x20
[ 1762.960038]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1762.965135]  ? rcu_softirq_qs+0x20/0x20
[ 1762.969107]  ? unwind_dump+0x190/0x190
[ 1762.973031]  ? is_bpf_text_address+0xd3/0x170
[ 1762.978011]  ? kernel_text_address+0x79/0xf0
[ 1762.982414]  ? __kernel_text_address+0xd/0x40
[ 1762.986906]  ? unwind_get_return_address+0x61/0xa0
[ 1762.991832]  ? __save_stack_trace+0x8d/0xf0
[ 1762.996160]  ? save_stack+0xa9/0xd0
[ 1762.999799]  ? save_stack+0x43/0xd0
[ 1763.003427]  ? kasan_kmalloc+0xc7/0xe0
[ 1763.007312]  ? __kmalloc_reserve.isra.40+0x41/0xe0
[ 1763.012232]  ? __alloc_skb+0x155/0x770
[ 1763.016119]  ? kcm_sendmsg+0xf69/0x24a5
[ 1763.020882]  ? sock_sendmsg+0xd5/0x120
[ 1763.020898]  ? sock_write_iter+0x35e/0x5c0
[ 1763.028997]  ? __vfs_write+0x6b8/0x9f0
[ 1763.032886]  ? vfs_write+0x1fc/0x560
[ 1763.036595]  ? ksys_write+0x101/0x260
[ 1763.040392]  ? __x64_sys_write+0x73/0xb0
[ 1763.044449]  ? do_syscall_64+0x1b9/0x820
[ 1763.048503]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1763.053889]  ? zap_class+0x640/0x640
[ 1763.057602]  __alloc_pages_nodemask+0x366/0xea0
[ 1763.062386]  ? check_preemption_disabled+0x48/0x280
[ 1763.067411]  ? __alloc_pages_slowpath+0x2de0/0x2de0
[ 1763.072428]  ? __lock_is_held+0xb5/0x140
[ 1763.076502]  ? __kmalloc_node_track_caller+0x3c/0x70
[ 1763.081613]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1763.086891]  ? kasan_unpoison_shadow+0x35/0x50
[ 1763.091468]  ? kasan_kmalloc+0xc7/0xe0
[ 1763.095357]  ? __kmalloc_node_track_caller+0x50/0x70
[ 1763.100456]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[ 1763.105996]  alloc_pages_current+0x173/0x350
[ 1763.110403]  skb_page_frag_refill+0x45f/0x6a0
[ 1763.114999]  ? skb_orphan_partial+0x280/0x280
[ 1763.119493]  ? trace_hardirqs_on+0xbd/0x310
[ 1763.123817]  ? lock_release+0xa00/0xa00
[ 1763.127917]  ? lock_sock_nested+0xe2/0x120
[ 1763.132146]  ? trace_hardirqs_off_caller+0x310/0x310
[ 1763.137254]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1763.142790]  ? check_preemption_disabled+0x48/0x280
[ 1763.147799]  ? lock_sock_nested+0x9a/0x120
[ 1763.152024]  ? lock_sock_nested+0x9a/0x120
[ 1763.156256]  sk_page_frag_refill+0x55/0x1f0
[ 1763.160578]  kcm_sendmsg+0x4c9/0x24a5
[ 1763.164390]  ? check_preemption_disabled+0x48/0x280
[ 1763.169404]  ? kasan_check_read+0x11/0x20
[ 1763.173565]  ? kcm_tx_work+0x120/0x120
[ 1763.177449]  ? sock_has_perm+0x2bc/0x3e0
[ 1763.181512]  ? selinux_secmark_relabel_packet+0xe0/0xe0
[ 1763.186873]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1763.192407]  ? avc_has_perm+0x55f/0x7e0
[ 1763.196387]  ? avc_has_perm_noaudit+0x630/0x630
[ 1763.201056]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1763.206595]  ? security_socket_sendmsg+0x94/0xc0
[ 1763.211345]  ? kcm_tx_work+0x120/0x120
[ 1763.215230]  sock_sendmsg+0xd5/0x120
[ 1763.218942]  sock_write_iter+0x35e/0x5c0
[ 1763.223015]  ? sock_sendmsg+0x120/0x120
[ 1763.227079]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1763.232608]  ? iov_iter_init+0xe5/0x210
[ 1763.236584]  __vfs_write+0x6b8/0x9f0
[ 1763.240299]  ? kernel_read+0x120/0x120
[ 1763.244181]  ? __might_sleep+0x95/0x190
[ 1763.248151]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1763.253686]  ? selinux_file_permission+0x90/0x540
[ 1763.258544]  ? rw_verify_area+0x118/0x360
[ 1763.262691]  vfs_write+0x1fc/0x560
[ 1763.266231]  ksys_write+0x101/0x260
[ 1763.269856]  ? __ia32_sys_read+0xb0/0xb0
[ 1763.273913]  ? trace_hardirqs_off_caller+0x310/0x310
[ 1763.279045]  __x64_sys_write+0x73/0xb0
[ 1763.282933]  do_syscall_64+0x1b9/0x820
[ 1763.286817]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1763.292175]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1763.297097]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1763.301934]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1763.307045]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1763.312057]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1763.317075]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1763.321917]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1763.327099] RIP: 0033:0x457669
[ 1763.330288] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1763.349184] RSP: 002b:00007f5c80a76c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1763.356890] RAX: ffffffffffffffda RBX: 00007f5c80a76c90 RCX: 0000000000457669
[ 1763.364154] RDX: 0000000000000020 RSI: 0000000020000300 RDI: 0000000000000004
04:38:39 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300), 0x20)

[ 1763.371414] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1763.378678] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5c80a776d4
[ 1763.385942] R13: 00000000004c605f R14: 00000000004dabe0 R15: 0000000000000005
04:38:40 executing program 4 (fault-call:20 fault-nth:2):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:40 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syncfs(r0)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:40 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c66, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:40 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0xe0}}, 0x20)

[ 1763.621560] FAULT_INJECTION: forcing a failure.
[ 1763.621560] name failslab, interval 1, probability 0, space 0, times 0
[ 1763.627162] FAT-fs (loop3): bogus number of reserved sectors
[ 1763.647100] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1763.662545] CPU: 0 PID: 8121 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
04:38:40 executing program 0:
r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000180)={@in6={{0xa, 0x4e24, 0xae, @remote, 0x3fffc000}}, 0x0, 0xfe, 0x0, "7cce9873f5816c45857e7681abd48f6889b726f7c5687c0bf69f93102f008422eb471ddf67658c4ddc224d5604e586960a68154f767ef370d5e3be58802717bc1db98ea36611e727e737e52d9dd9dea4"}, 0xd8)
r1 = socket$inet6(0xa, 0x803, 0x400000007c)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="015c2d021c85718070")
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000000)={0x6, 0x0, 0x3f, 0x6, 0x4, 0x2})
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000280)={0x7, 0x6, 0xfffffffffffffffe})
setxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.origin\x00', &(0x7f0000000100)='y\x00', 0x2, 0x2)

[ 1763.669835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1763.679182] Call Trace:
[ 1763.681783]  dump_stack+0x244/0x39d
[ 1763.685417]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1763.690629]  should_fail.cold.4+0xa/0x17
[ 1763.694696]  ? kernel_text_address+0x79/0xf0
[ 1763.699109]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1763.704212]  ? unwind_get_return_address+0x61/0xa0
[ 1763.709142]  ? __save_stack_trace+0x8d/0xf0
[ 1763.713476]  ? zap_class+0x640/0x640
[ 1763.717197]  ? save_stack+0xa9/0xd0
[ 1763.720826]  ? find_held_lock+0x36/0x1c0
[ 1763.724895]  ? __lock_is_held+0xb5/0x140
[ 1763.728971]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1763.734432]  __should_failslab+0x124/0x180
[ 1763.738672]  should_failslab+0x9/0x14
[ 1763.742479]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1763.747576]  ? retint_kernel+0x2d/0x2d
[ 1763.751472]  __kmalloc_node+0x3c/0x70
[ 1763.755273]  blk_mq_alloc_tag_set+0x41c/0xad0
[ 1763.759768]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1763.765311]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1763.770503]  loop_add+0x2c9/0xa40
[ 1763.773957]  ? loop_queue_rq+0x690/0x690
[ 1763.778020]  loop_control_ioctl+0x199/0x530
[ 1763.782337]  ? loop_add+0xa40/0xa40
[ 1763.785957]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1763.791405]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1763.796446]  ? loop_add+0xa40/0xa40
[ 1763.800074]  do_vfs_ioctl+0x1de/0x1790
[ 1763.803961]  ? ioctl_preallocate+0x300/0x300
[ 1763.808605]  ? selinux_file_mprotect+0x620/0x620
[ 1763.813362]  ? __sb_end_write+0xd9/0x110
[ 1763.817420]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1763.822951]  ? fput+0x130/0x1a0
[ 1763.826316]  ? do_syscall_64+0x9a/0x820
[ 1763.830292]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1763.835825]  ? security_file_ioctl+0x94/0xc0
[ 1763.840241]  ksys_ioctl+0xa9/0xd0
[ 1763.843691]  __x64_sys_ioctl+0x73/0xb0
[ 1763.847581]  do_syscall_64+0x1b9/0x820
[ 1763.851468]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1763.856827]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1763.861750]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1763.866590]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1763.871602]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1763.876617]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1763.881636]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1763.886487]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1763.891670] RIP: 0033:0x457669
[ 1763.894862] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1763.913757] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1763.921473] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1763.928740] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1763.936105] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1763.943369] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1763.950636] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:40 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:40 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={<r2=>0x0, 0x9}, &(0x7f0000000040)=0xc)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={r2, 0x401}, &(0x7f00000000c0)=0x8)

04:38:40 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c55, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:40 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x200000000000000}}, 0x20)

04:38:40 executing program 4 (fault-call:20 fault-nth:3):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:40 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c27, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1764.095239] FAULT_INJECTION: forcing a failure.
[ 1764.095239] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.109183] CPU: 0 PID: 8143 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1764.116466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1764.125816] Call Trace:
[ 1764.128408]  dump_stack+0x244/0x39d
[ 1764.132048]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1764.137243]  ? mark_held_locks+0xc7/0x130
[ 1764.141398]  should_fail.cold.4+0xa/0x17
[ 1764.145471]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1764.150576]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1764.156033]  ? zap_class+0x640/0x640
[ 1764.159749]  ? find_held_lock+0x36/0x1c0
[ 1764.163805]  ? __lock_is_held+0xb5/0x140
[ 1764.167879]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1764.173440]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1764.178979]  __should_failslab+0x124/0x180
[ 1764.183212]  should_failslab+0x9/0x14
[ 1764.187008]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1764.192209]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1764.197743]  ? find_next_bit+0x104/0x130
[ 1764.201807]  blk_mq_init_tags+0x79/0x2b0
[ 1764.205871]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1764.210191]  __blk_mq_alloc_rq_map+0xb1/0x2e0
[ 1764.214798]  blk_mq_alloc_tag_set+0x627/0xad0
[ 1764.219299]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1764.224510]  loop_add+0x2c9/0xa40
[ 1764.227964]  ? loop_queue_rq+0x690/0x690
[ 1764.232034]  loop_control_ioctl+0x199/0x530
[ 1764.236350]  ? loop_add+0xa40/0xa40
[ 1764.239975]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1764.245433]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1764.250227]  ? loop_add+0xa40/0xa40
[ 1764.253854]  do_vfs_ioctl+0x1de/0x1790
[ 1764.257746]  ? ioctl_preallocate+0x300/0x300
[ 1764.262252]  ? selinux_file_mprotect+0x620/0x620
[ 1764.267015]  ? retint_kernel+0x2d/0x2d
[ 1764.270915]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1764.276452]  ? security_file_ioctl+0x94/0xc0
[ 1764.280858]  ksys_ioctl+0xa9/0xd0
[ 1764.284319]  __x64_sys_ioctl+0x73/0xb0
[ 1764.288206]  do_syscall_64+0x1b9/0x820
[ 1764.292089]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1764.297459]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1764.302385]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1764.307232]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1764.312523]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1764.317539]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1764.322555]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1764.327400]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1764.332588] RIP: 0033:0x457669
[ 1764.335779] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1764.354674] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1764.362384] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1764.369655] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1764.376924] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1764.384187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
04:38:40 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70176ba3976ec6829b726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f758b69645f747265652c736d61ff3b6465762f70746d78002c6d6559652ecffe914c0f1e3dace89caf572f11ec22e60a2933e96a268e"])
r0 = dup(0xffffffffffffffff)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)={<r1=>0x0, 0x7fc000000000000}, &(0x7f00000000c0)=0x8)
r2 = creat(&(0x7f0000000a00)='./bus\x00', 0x0)
io_setup(0xb, &(0x7f0000000240)=<r3=>0x0)
io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000, 0x407000}])
open(&(0x7f0000000600)='./bus\x00', 0x0, 0x0)
close(r2)
open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000100)={r1, 0x0, 0x4, 0x8, 0xffff, 0x100}, 0x14)
connect(r0, &(0x7f0000000000)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x80)

[ 1764.391565] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:40 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x6b6b6b}}, 0x20)

[ 1764.419161] blk-mq: reduced tag depth (128 -> 64)
[ 1764.429614] audit: type=1804 audit(1545107920.990:979): pid=8162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor0" name="/root/syzkaller-testdir112704398/syzkaller.q4zRB3/2408/bus" dev="sda1" ino=16673 res=1
04:38:41 executing program 4 (fault-call:20 fault-nth:4):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

[ 1764.528331] audit: type=1804 audit(1545107921.090:980): pid=8165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor0" name="/root/syzkaller-testdir112704398/syzkaller.q4zRB3/2408/bus" dev="sda1" ino=16673 res=1
04:38:41 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x40086602, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1764.629136] FAT-fs (loop3): bogus number of reserved sectors
[ 1764.659882] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:41 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0xc0045878, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:41 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0xe0000000}}, 0x20)

[ 1764.695037] FAULT_INJECTION: forcing a failure.
[ 1764.695037] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.727572] CPU: 0 PID: 8171 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1764.734879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1764.744228] Call Trace:
[ 1764.746822]  dump_stack+0x244/0x39d
[ 1764.749353] audit: type=1804 audit(1545107921.290:981): pid=8163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=ToMToU comm="syz-executor0" name="/root/syzkaller-testdir112704398/syzkaller.q4zRB3/2408/bus" dev="sda1" ino=16673 res=1
[ 1764.750456]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1764.776665] audit: type=1804 audit(1545107921.290:982): pid=8162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor0" name="/root/syzkaller-testdir112704398/syzkaller.q4zRB3/2408/bus" dev="sda1" ino=16673 res=1
[ 1764.781721]  should_fail.cold.4+0xa/0x17
[ 1764.781736]  ? check_preemption_disabled+0x48/0x280
[ 1764.781766]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1764.808490] audit: type=1800 audit(1545107921.290:983): pid=8162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=collect_data cause=failed comm="syz-executor0" name="bus" dev="sda1" ino=16673 res=0
[ 1764.812414]  ? print_usage_bug+0xc0/0xc0
[ 1764.812428]  ? kasan_check_read+0x11/0x20
[ 1764.812442]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1764.812457]  ? rcu_softirq_qs+0x20/0x20
[ 1764.861269]  ? unwind_dump+0x190/0x190
[ 1764.865247]  ? zap_class+0x640/0x640
[ 1764.868945]  ? is_bpf_text_address+0xd3/0x170
[ 1764.873423]  ? find_held_lock+0x36/0x1c0
[ 1764.877463]  ? __lock_is_held+0xb5/0x140
[ 1764.881518]  ? save_stack+0xa9/0xd0
[ 1764.885125]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1764.890573]  __should_failslab+0x124/0x180
[ 1764.894798]  should_failslab+0x9/0x14
[ 1764.898592]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1764.903689]  __kmalloc_node+0x3c/0x70
[ 1764.907470]  sbitmap_init_node+0x288/0x440
[ 1764.911684]  sbitmap_queue_init_node+0xb2/0x850
[ 1764.916344]  ? __lock_is_held+0xb5/0x140
[ 1764.920411]  ? sbitmap_init_node+0x440/0x440
[ 1764.924813]  ? blk_mq_init_tags+0x79/0x2b0
[ 1764.929029]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1764.934043]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1764.939312]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1764.944847]  ? find_next_bit+0x104/0x130
[ 1764.948908]  blk_mq_init_tags+0x116/0x2b0
[ 1764.953046]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1764.957365]  __blk_mq_alloc_rq_map+0xb1/0x2e0
[ 1764.961852]  blk_mq_alloc_tag_set+0x627/0xad0
[ 1764.966329]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1764.971511]  loop_add+0x2c9/0xa40
[ 1764.974946]  ? loop_queue_rq+0x690/0x690
[ 1764.979226]  loop_control_ioctl+0x199/0x530
[ 1764.983526]  ? loop_add+0xa40/0xa40
[ 1764.987135]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1764.992567]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1764.997496]  ? loop_add+0xa40/0xa40
[ 1765.001105]  do_vfs_ioctl+0x1de/0x1790
[ 1765.004978]  ? ioctl_preallocate+0x300/0x300
[ 1765.009386]  ? selinux_file_mprotect+0x620/0x620
[ 1765.014133]  ? __sb_end_write+0xd9/0x110
[ 1765.018194]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1765.023720]  ? fput+0x130/0x1a0
[ 1765.026979]  ? do_syscall_64+0x9a/0x820
[ 1765.030945]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1765.036460]  ? security_file_ioctl+0x94/0xc0
[ 1765.040847]  ksys_ioctl+0xa9/0xd0
[ 1765.044290]  __x64_sys_ioctl+0x73/0xb0
[ 1765.048174]  do_syscall_64+0x1b9/0x820
[ 1765.052043]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1765.057395]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1765.062301]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1765.067125]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1765.072123]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1765.077122]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1765.082125]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1765.086952]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1765.092121] RIP: 0033:0x457669
[ 1765.095290] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1765.114176] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1765.121859] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1765.129107] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1765.136361] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1765.143700] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1765.151041] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1765.162662] blk-mq: reduced tag depth (128 -> 64)
04:38:41 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:41 executing program 4 (fault-call:20 fault-nth:5):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:41 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
sendto(r0, &(0x7f0000000000)="89a7cd36c9d2dacc013b0848fada10692d6dc201188f983afd715dcf2bb3eeda27f07baca6519fc6095ecc7a60f5df1eae0c74b0b3377689258d3c5c729d6698eb5d7958ecf6b709e9557a6fc2a6f2481dabb3f9234213f60aec6ef22593ed3eb8c82046386c0206c97c3e5a17d147d7256a1febbf3e8f9984c4e5f8cff13f047eaa009adf9139fb040c4fab82d6053359c53954ab4e003dcb1ce78eb4f886b0", 0xa0, 0x800, 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:41 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0xffffffff00000000}}, 0x20)

04:38:41 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6da09a5c5b8b601211e7f445a75c70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f7074"])

[ 1765.386851] FAULT_INJECTION: forcing a failure.
[ 1765.386851] name failslab, interval 1, probability 0, space 0, times 0
[ 1765.400142] CPU: 1 PID: 8189 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1765.407419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1765.407426] Call Trace:
[ 1765.407449]  dump_stack+0x244/0x39d
[ 1765.407470]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1765.407493]  should_fail.cold.4+0xa/0x17
[ 1765.432232]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1765.437348]  ? print_usage_bug+0xc0/0xc0
[ 1765.441419]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1765.446956]  ? zap_class+0x640/0x640
[ 1765.450681]  ? find_held_lock+0x36/0x1c0
[ 1765.454746]  ? __lock_is_held+0xb5/0x140
[ 1765.458821]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1765.458838]  ? __kmalloc_node+0x3c/0x70
[ 1765.458864]  __should_failslab+0x124/0x180
[ 1765.458880]  should_failslab+0x9/0x14
[ 1765.458897]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1765.481447]  sbitmap_queue_init_node+0x34d/0x850
[ 1765.486203]  ? __lock_is_held+0xb5/0x140
[ 1765.490278]  ? sbitmap_init_node+0x440/0x440
[ 1765.494710]  ? blk_mq_init_tags+0x79/0x2b0
[ 1765.498951]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1765.503969]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1765.509242]  ? find_next_bit+0x104/0x130
[ 1765.513310]  blk_mq_init_tags+0x116/0x2b0
[ 1765.517468]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1765.521796]  __blk_mq_alloc_rq_map+0xb1/0x2e0
[ 1765.526296]  blk_mq_alloc_tag_set+0x627/0xad0
[ 1765.530807]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1765.536005]  loop_add+0x2c9/0xa40
[ 1765.539480]  ? loop_queue_rq+0x690/0x690
[ 1765.543548]  ? loop_add+0xc/0xa40
[ 1765.547005]  loop_control_ioctl+0x199/0x530
[ 1765.551334]  ? loop_add+0xa40/0xa40
[ 1765.554961]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1765.560426]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1765.565364]  ? loop_add+0xa40/0xa40
[ 1765.568992]  do_vfs_ioctl+0x1de/0x1790
[ 1765.572880]  ? ioctl_preallocate+0x300/0x300
[ 1765.577291]  ? selinux_file_mprotect+0x620/0x620
[ 1765.582054]  ? __sb_end_write+0xd9/0x110
04:38:41 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
setxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x1)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7751642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736499ef3d39cad29a6d70746d78002c6d6561737572652c00"])

04:38:42 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/autofs\x00', 0x200000, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000002c0)={<r2=>0x0, @in={{0x2, 0x4e21, @loopback}}, 0x9, 0x9}, &(0x7f0000000240)=0x90)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000380)={r2, 0x2}, 0x8)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x8001)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={<r3=>0x0}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100)={r3, 0x800, 0x30}, 0xc)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000180)={[{@noinode_cache='noinode_cache'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:42 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
statx(r1, &(0x7f00000000c0)='./file0\x00', 0x6000, 0x0, &(0x7f0000000180))
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r2 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$KVM_IRQ_LINE(r2, 0x4008ae61, &(0x7f0000000040)={0x9, 0xff})

[ 1765.586123]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1765.591659]  ? fput+0x130/0x1a0
[ 1765.594938]  ? do_syscall_64+0x9a/0x820
[ 1765.598922]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1765.604461]  ? security_file_ioctl+0x94/0xc0
[ 1765.608876]  ksys_ioctl+0xa9/0xd0
[ 1765.612342]  __x64_sys_ioctl+0x73/0xb0
[ 1765.616235]  do_syscall_64+0x1b9/0x820
[ 1765.620123]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1765.625493]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1765.630425]  ? trace_hardirqs_off_thunk+0x1a/0x1c
04:38:42 executing program 0:
r0 = socket$inet6(0xa, 0x20000080000, 0x100000001)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70727a9c68e32a6573732c737562766f6c3d2f4565762f70746d78002c72657363616e5f757569f70c00000000000065762f70746d78002c6d6561737572652c00000000000000000000000000"])
r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x6, 0x80000)
write$selinux_validatetrans(r1, &(0x7f00000000c0)={'system_u:object_r:dhcpd_exec_t:s0', 0x20, 'system_u:object_r:audisp_remote_exec_t:s0', 0x20, 0x4, 0x20, '/usr/sbin/cups-browsed\x00'}, 0x78)

[ 1765.635267]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1765.640287]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1765.645318]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1765.650858]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1765.655882]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1765.660736]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1765.665921] RIP: 0033:0x457669
[ 1765.669109] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1765.688005] RSP: 002b:00007f7c8bd2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1765.695711] RAX: ffffffffffffffda RBX: 00007f7c8bd2ec90 RCX: 0000000000457669
[ 1765.702972] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1765.710234] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1765.717498] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd2f6d4
[ 1765.724761] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1765.739676] blk-mq: reduced tag depth (128 -> 64)
04:38:42 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c7e, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:42 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c06, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:42 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x1000000}}, 0x20)

[ 1765.916094] FAT-fs (loop3): bogus number of reserved sectors
[ 1765.922118] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:42 executing program 4 (fault-call:20 fault-nth:6):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:42 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_subvolhrm_allowed,compress,subvol=/dev/ptmx\x00,rescan_uuid_tree,smackfsdef=/dev/ptmx\x00,measure,\x00'])
ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000))

04:38:42 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:42 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x10}}, 0x20)

04:38:42 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c68, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1766.052678] FAULT_INJECTION: forcing a failure.
[ 1766.052678] name failslab, interval 1, probability 0, space 0, times 0
[ 1766.090782] CPU: 0 PID: 8232 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1766.098172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1766.107526] Call Trace:
[ 1766.110112]  dump_stack+0x244/0x39d
[ 1766.113727]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1766.118905]  should_fail.cold.4+0xa/0x17
[ 1766.122967]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1766.128059]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1766.133578]  ? zap_class+0x640/0x640
[ 1766.137285]  ? find_held_lock+0x36/0x1c0
[ 1766.141333]  ? __lock_is_held+0xb5/0x140
[ 1766.145437]  ? ip6mr_rule_action+0x1e8/0x4b0
[ 1766.149835]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1766.155272]  ? __lockdep_init_map+0x105/0x590
[ 1766.159751]  __should_failslab+0x124/0x180
[ 1766.163966]  should_failslab+0x9/0x14
[ 1766.167761]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1766.172857]  ? init_wait_entry+0x1c0/0x1c0
[ 1766.177080]  ? check_preemption_disabled+0x48/0x280
[ 1766.182076]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1766.187081]  sbitmap_queue_init_node+0x34d/0x850
[ 1766.191815]  ? __lock_is_held+0xb5/0x140
[ 1766.195861]  ? sbitmap_init_node+0x440/0x440
[ 1766.200266]  ? blk_mq_init_tags+0x79/0x2b0
[ 1766.204482]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1766.209481]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1766.214740]  ? find_next_bit+0x104/0x130
[ 1766.218788]  blk_mq_init_tags+0x177/0x2b0
[ 1766.222945]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1766.227249]  __blk_mq_alloc_rq_map+0xb1/0x2e0
[ 1766.231741]  blk_mq_alloc_tag_set+0x627/0xad0
[ 1766.236219]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1766.241492]  ? idr_alloc+0x10/0x1b0
[ 1766.245112]  loop_add+0x2c9/0xa40
[ 1766.248547]  ? loop_queue_rq+0x690/0x690
[ 1766.252593]  loop_control_ioctl+0x199/0x530
[ 1766.256893]  ? loop_add+0xa40/0xa40
[ 1766.260503]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1766.265939]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1766.270853]  ? loop_add+0xa40/0xa40
[ 1766.274459]  do_vfs_ioctl+0x1de/0x1790
[ 1766.278334]  ? ioctl_preallocate+0x300/0x300
[ 1766.282728]  ? selinux_file_mprotect+0x620/0x620
[ 1766.287468]  ? __sb_end_write+0xd9/0x110
[ 1766.291514]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1766.297047]  ? fput+0x130/0x1a0
[ 1766.300307]  ? do_syscall_64+0x9a/0x820
[ 1766.304272]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1766.309791]  ? security_file_ioctl+0x94/0xc0
[ 1766.314180]  ksys_ioctl+0xa9/0xd0
[ 1766.317620]  __x64_sys_ioctl+0x73/0xb0
[ 1766.321488]  do_syscall_64+0x1b9/0x820
[ 1766.325354]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1766.330712]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1766.335623]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1766.340447]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1766.345446]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1766.350455]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1766.355972]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1766.360975]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1766.365801]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1766.370987] RIP: 0033:0x457669
[ 1766.374171] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1766.393140] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
04:38:43 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c0f, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:43 executing program 0:
lsetxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x1)
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x2, 0x800)
connect$l2tp(r0, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xa}}, 0x4, 0x2, 0x4, 0x4}}, 0x26)
r2 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r2, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="087365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465f051f26d71a6ae20ca234bd1f151bd0f76"])
lseek(r0, 0x0, 0x2)

04:38:43 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x2}}, 0x20)

[ 1766.400826] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1766.408075] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1766.415329] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1766.422581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1766.429830] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1766.449703] blk-mq: reduced tag depth (128 -> 64)
04:38:43 executing program 0:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x9, 0x40000)
r1 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$KVM_SET_DEBUGREGS(r0, 0x4080aea2, &(0x7f00000000c0)={[0x0, 0xf000, 0x4, 0x3004], 0x8, 0x20, 0xace7})
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)={[{@acl='acl'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@appraise_type='appraise_type=imasig'}]})

04:38:43 executing program 4 (fault-call:20 fault-nth:7):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:43 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
dup3(r0, r0, 0x80000)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:43 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x6b6b6b00000000}}, 0x20)

[ 1766.593234] FAT-fs (loop3): bogus number of reserved sectors
[ 1766.616504] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:43 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x3ff, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x200, 0x0)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000440)={0x1, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1e}}}, 0x1, 0x2, [{{0x2, 0x4e21, @multicast1}}, {{0x2, 0x7, @dev={0xac, 0x14, 0x14, 0x1e}}}]}, 0x190)
sendto$inet6(r1, &(0x7f00000002c0)="a5ec377cafdcfba35ac0d1bc8dbfd0cfae5e612207dadabe7ba2e9f1d05a4395176f2b958edcab009bbf728e9d1bc2a345656e90ad6ad89d372c79b15e8295aa1cc147ab67115982039d5c3f7bc684665610ee4772f438c1fcb893c112df76c08bbdcc0503a8cc7fe1f0394bd89f7cb355cd39c270da33020457e5866374e2fb60d89a533994bd1b", 0x88, 0x0, &(0x7f0000000380)={0xa, 0x4e20, 0x4, @ipv4={[], [], @loopback}, 0x2}, 0x1c)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, r2, 0x302, 0x70bd2c, 0x25dfdbfb, {{}, 0x0, 0x5, 0x0, {0xaf, 0x19, {0xffffffffffff8000, 0x5, 0x10001, 0x400}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x20004004)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000600)={0x0, {{0x2, 0x4e24, @remote}}, 0x0, 0x7, [{{0x2, 0x4e20, @remote}}, {{0x2, 0x4e20, @rand_addr=0xb438}}, {{0x2, 0x4e22, @empty}}, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x4e24, @empty}}, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1c}}}]}, 0x410)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c73762f708efae1ae012e174b4bb0f63cc782a8746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f70746d78002c6d6561737572652c0000000000000000000037701abce520c616265d5dd0a59dd0cb8c8bb960ff5f911984b7b12463a99f45"])
ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000a40)={0x0, {0x2, 0x4e24, @local}, {0x2, 0x4e23, @local}, {0x2, 0x4e21, @empty}, 0x4, 0x0, 0x0, 0x0, 0x3, &(0x7f00000003c0)='syzkaller1\x00', 0xfff, 0x6, 0x4})

04:38:43 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f70746d78002c6d6561737572652c006f2766ec84640d1e88f906a59bd53ae1583c71f3d65ac50ccfc9c3fd28c3f92b3a01f64206eb970ec860b2547e247a5cd2baf36cd6f636f24937d733349a28e47ea9e1ffa6690d438f0bc24be76f68cb659d6b80956b1b940719eebd6331a4ce7fe34e8f04b1d235405af50a1577b2a5bb9ff37685aa577b824f1087a3b7fbb3ebe8326cb9434df8a7e55d215b281302569e6c843a3c69a4bfed35c4b735374573a487f2858edbc8b7ac997d0c0bb3f980a812ce96304a04b1eec17ef5b145c7b2"])

[ 1766.750688] FAULT_INJECTION: forcing a failure.
[ 1766.750688] name failslab, interval 1, probability 0, space 0, times 0
[ 1766.772034] CPU: 1 PID: 8268 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1766.779317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1766.788652] Call Trace:
[ 1766.791243]  dump_stack+0x244/0x39d
[ 1766.794857]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1766.800030]  ? __blk_mq_alloc_rq_map+0xb1/0x2e0
[ 1766.804679]  ? blk_mq_alloc_tag_set+0x627/0xad0
[ 1766.809327]  ? loop_add+0x2c9/0xa40
[ 1766.812933]  ? loop_control_ioctl+0x199/0x530
[ 1766.817408]  ? ksys_ioctl+0xa9/0xd0
[ 1766.821021]  should_fail.cold.4+0xa/0x17
[ 1766.825173]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1766.830273]  ? zap_class+0x640/0x640
[ 1766.833975]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1766.839498]  ? check_preemption_disabled+0x48/0x280
[ 1766.844498]  ? zap_class+0x640/0x640
[ 1766.848194]  ? __lock_is_held+0xb5/0x140
[ 1766.852257]  ? __lockdep_init_map+0x105/0x590
[ 1766.856740]  ? __lock_is_held+0xb5/0x140
[ 1766.860792]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1766.866225]  ? sbitmap_queue_init_node+0xce/0x850
[ 1766.871048]  ? __lock_is_held+0xb5/0x140
[ 1766.875093]  __should_failslab+0x124/0x180
[ 1766.879310]  should_failslab+0x9/0x14
[ 1766.883105]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1766.888191]  ? find_next_bit+0x104/0x130
[ 1766.892245]  __kmalloc_node+0x3c/0x70
[ 1766.896040]  blk_mq_alloc_rq_map+0xcc/0x220
[ 1766.900344]  __blk_mq_alloc_rq_map+0xb1/0x2e0
[ 1766.904825]  blk_mq_alloc_tag_set+0x627/0xad0
[ 1766.909310]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1766.914489]  loop_add+0x2c9/0xa40
[ 1766.917933]  ? loop_queue_rq+0x690/0x690
[ 1766.921984]  loop_control_ioctl+0x199/0x530
[ 1766.926288]  ? loop_add+0xa40/0xa40
[ 1766.929893]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1766.935338]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1766.940258]  ? loop_add+0xa40/0xa40
[ 1766.943900]  do_vfs_ioctl+0x1de/0x1790
[ 1766.947771]  ? ioctl_preallocate+0x300/0x300
[ 1766.952161]  ? selinux_file_mprotect+0x620/0x620
[ 1766.956912]  ? __sb_end_write+0xd9/0x110
[ 1766.960956]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1766.966476]  ? fput+0x130/0x1a0
[ 1766.969736]  ? do_syscall_64+0x9a/0x820
[ 1766.974208]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1766.979731]  ? security_file_ioctl+0x94/0xc0
[ 1766.984121]  ksys_ioctl+0xa9/0xd0
[ 1766.987559]  __x64_sys_ioctl+0x73/0xb0
[ 1766.991428]  do_syscall_64+0x1b9/0x820
[ 1766.995298]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1767.000643]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1767.005552]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1767.010376]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1767.015998]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1767.021007]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1767.026013]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1767.030853]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1767.036021] RIP: 0033:0x457669
[ 1767.039201] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1767.058182] RSP: 002b:00007f7c8bd2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1767.065975] RAX: ffffffffffffffda RBX: 00007f7c8bd2ec90 RCX: 0000000000457669
[ 1767.073235] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1767.080488] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1767.087735] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd2f6d4
[ 1767.094984] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1767.131166] blk-mq: reduced tag depth (128 -> 64)
04:38:43 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174", 0xb}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:43 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c36, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:43 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c5f, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:43 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0xe000000000000000}}, 0x20)

04:38:43 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = memfd_create(&(0x7f0000000000)='\\GPL^nodevcgroupself\x00', 0x2)
ioctl$KDSKBLED(r1, 0x4b65, 0x7ff)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="757365725f737562766c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c016d61636b66736465663d2f6465762f70746d78002c6d6561737572652c00"])

04:38:43 executing program 4 (fault-call:20 fault-nth:8):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:43 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x40030000000000}}, 0x20)

04:38:43 executing program 0:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x22000, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000040)={@dev, <r1=>0x0}, &(0x7f0000000080)=0x14)
sendmsg$xdp(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x2c, 0x3, r1, 0x29}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000100)}, {&(0x7f0000000180)="814f62a995ff47b46c3095c4a19c4db5d6c0f8ef4f1f0b146e1ada1e381c5949a45d506dcb3eb7e025dc24bef9a7710c18bea0183808893bc78160af31e4b5b5", 0x40}], 0x2, 0x0, 0x0, 0x80}, 0xc845)
r2 = socket$inet6(0xa, 0x803, 0x400000007f)
mq_getsetattr(r0, &(0x7f0000000100)={0x0, 0x7, 0x3, 0x3, 0x8000, 0x6, 0x8ce, 0xc6}, &(0x7f0000000240))
ioctl(r2, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1767.384422] FAT-fs (loop3): bogus number of reserved sectors
04:38:44 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x80087601, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:44 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c31, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:44 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB="757300080000000000006c5f726d5f616c6c6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f8a746d78002c6d6561737572652c0000000000000000"])

[ 1767.428553] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:44 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x100000000000000}}, 0x20)

04:38:44 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002", 0x11}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:44 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = getuid()
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000180)={{{@in6, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@multicast1}, 0x0, @in=@broadcast}}, &(0x7f0000000080)=0xe8)
getresuid(&(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000100), &(0x7f00000002c0))
r4 = geteuid()
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x2, &(0x7f0000000440)={[{@metacopy_off='metacopy=off'}, {@metacopy_off='metacopy=off'}, {@nfs_export_off='nfs_export=off'}, {@xino_off='xino=off'}, {@metacopy_off='metacopy=off'}], [{@uid_eq={'uid', 0x3d, r1}}, {@fowner_lt={'fowner<', r2}}, {@subj_user={'subj_user', 0x3d, 'smackfsdef'}}, {@fsmagic={'fsmagic', 0x3d, 0x3bcb}}, {@uid_gt={'uid>', r3}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'trusted'}}, {@pcr={'pcr', 0x3d, 0x21}}, {@fowner_gt={'fowner>', r4}}]})

04:38:44 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c2f, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:44 executing program 0:
r0 = socket$inet6(0xa, 0x7ff, 0x2080)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x80000, 0x0)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x1)
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000040)={0xfffffffffffffffc, 0x4080000, 0x3, 0x5})
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1767.653045] FAT-fs (loop3): invalid media value (0x00)
[ 1767.686244] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1767.693491] FAULT_INJECTION: forcing a failure.
04:38:44 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x8000000}}, 0x20)

[ 1767.693491] name failslab, interval 1, probability 0, space 0, times 0
[ 1767.777449] CPU: 0 PID: 8325 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1767.784735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1767.794090] Call Trace:
[ 1767.796688]  dump_stack+0x244/0x39d
[ 1767.800317]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1767.805521]  should_fail.cold.4+0xa/0x17
[ 1767.809930]  ? kernel_text_address+0x79/0xf0
[ 1767.814338]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1767.819434]  ? unwind_get_return_address+0x61/0xa0
[ 1767.824362]  ? __save_stack_trace+0x8d/0xf0
[ 1767.828691]  ? zap_class+0x640/0x640
[ 1767.832410]  ? mark_held_locks+0xc7/0x130
[ 1767.836556]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1767.841317]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1767.845925]  ? __lock_is_held+0xb5/0x140
[ 1767.849998]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1767.855454]  __should_failslab+0x124/0x180
[ 1767.859688]  should_failslab+0x9/0x14
[ 1767.863485]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1767.868583]  ? save_stack+0xb1/0xd0
[ 1767.872218]  __kmalloc_node+0x3c/0x70
[ 1767.876017]  blk_mq_alloc_rq_map+0x10d/0x220
[ 1767.880425]  __blk_mq_alloc_rq_map+0xb1/0x2e0
[ 1767.884921]  blk_mq_alloc_tag_set+0x627/0xad0
[ 1767.889425]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1767.894621]  loop_add+0x2c9/0xa40
[ 1767.898071]  ? loop_queue_rq+0x690/0x690
[ 1767.902144]  loop_control_ioctl+0x199/0x530
[ 1767.906459]  ? loop_add+0xa40/0xa40
[ 1767.910086]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1767.915543]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1767.920573]  ? loop_add+0xa40/0xa40
[ 1767.924200]  do_vfs_ioctl+0x1de/0x1790
[ 1767.928091]  ? ioctl_preallocate+0x300/0x300
[ 1767.932504]  ? selinux_file_mprotect+0x620/0x620
[ 1767.937285]  ? __sb_end_write+0xd9/0x110
[ 1767.941348]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1767.946882]  ? fput+0x130/0x1a0
[ 1767.950156]  ? do_syscall_64+0x9a/0x820
[ 1767.954138]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1767.959673]  ? security_file_ioctl+0x94/0xc0
[ 1767.964089]  ksys_ioctl+0xa9/0xd0
[ 1767.967545]  __x64_sys_ioctl+0x73/0xb0
[ 1767.971431]  do_syscall_64+0x1b9/0x820
[ 1767.975346]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1767.980712]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1767.985635]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1767.990478]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1767.995491]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1768.000507]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1768.005527]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1768.010373]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1768.015584] RIP: 0033:0x457669
[ 1768.018788] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1768.037679] RSP: 002b:00007f7c8bcecc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1768.045382] RAX: ffffffffffffffda RBX: 00007f7c8bcecc90 RCX: 0000000000457669
[ 1768.052643] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000007
[ 1768.059906] RBP: 000000000072c0e0 R08: 0000000000000000 R09: 0000000000000000
[ 1768.067166] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bced6d4
[ 1768.074432] R13: 00000000004c087d R14: 00000000004d19b8 R15: 0000000000000009
[ 1768.085207] blk-mq: reduced tag depth (128 -> 64)
04:38:44 executing program 4 (fault-call:20 fault-nth:9):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:44 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x40000, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x7, 0x4, 0x4a0, 0x0, 0x138, 0x0, 0x3b8, 0x3b8, 0x3b8, 0x4, &(0x7f0000000040), {[{{@arp={@local, @local, 0x0, 0xffffffff, @mac=@dev={[], 0x14}, {[0x0, 0xff, 0x0, 0x0, 0xff, 0xff]}, @mac=@broadcast, {[0xff, 0x0, 0xff, 0x0, 0xff, 0xff]}, 0x6, 0x2, 0x284, 0x3, 0x8000, 0xd009, 'bond_slave_1\x00', 'bond_slave_0\x00', {0xff}, {0xff}, 0x0, 0x100}, 0xf0, 0x138}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00', 0x1}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="63301cbef5bc", @local, @loopback, 0x1}}}, {{@arp={@remote, @multicast2, 0xffffffff, 0x0, @empty, {[0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}, @mac=@broadcast, {[0xff, 0xff, 0xff]}, 0x100000000, 0xfffffffffffffc01, 0xfffffffffffffff7, 0x8, 0x101, 0x4, 'lo\x00', 'eql\x00', {0xff}, {}, 0x0, 0x200}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @remote, 0xf, 0xffffffff}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x4f0)

04:38:44 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x5421, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:44 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)={[{@barrier='barrier'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:44 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
socket(0x9, 0xa, 0x1ff)

04:38:44 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
socket(0x1a, 0x80804, 0x1)
write$binfmt_misc(r0, &(0x7f0000000000)={'syz1', "10d9634109737e5b3bf19966bbb3a04c322017c4751c61cda643b903b8b490a43d99a10aa8f1fe5f687e8f87bee55fb0991a89f2cc17d6d841aedfa89bfb39568f0e8217c8cf960ee632a026bee9a743cf2111d973ff233b45ca16c3cdfdccb51d38ed538587dee221a13a4d12170c33585a0588f8aea07e329a656afa48db0a3f83cf76058613be9b124a8a3f5453163dfa4645300f159e65b58bd2d683cb7c5430a775c6892bd2c58c"}, 0xae)

04:38:44 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c08, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:44 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002", 0x11}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:44 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x10000000}}, 0x20)

[ 1768.357141] FAULT_INJECTION: forcing a failure.
[ 1768.357141] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1768.401237] CPU: 0 PID: 8354 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1768.408545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1768.418008] Call Trace:
[ 1768.420609]  dump_stack+0x244/0x39d
[ 1768.424256]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1768.429456]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1768.434224]  should_fail.cold.4+0xa/0x17
[ 1768.438290]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1768.443400]  ? zap_class+0x640/0x640
[ 1768.447113]  ? find_held_lock+0x36/0x1c0
[ 1768.451190]  ? is_bpf_text_address+0xac/0x170
[ 1768.455693]  ? __lock_is_held+0xb5/0x140
[ 1768.459762]  ? rcu_softirq_qs+0x20/0x20
[ 1768.463742]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1768.469197]  ? mark_held_locks+0xc7/0x130
[ 1768.473349]  ? is_bpf_text_address+0xd3/0x170
[ 1768.477847]  ? __might_sleep+0x95/0x190
[ 1768.481827]  __alloc_pages_nodemask+0x366/0xea0
[ 1768.486500]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1768.491965]  ? __alloc_pages_slowpath+0x2de0/0x2de0
[ 1768.496991]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1768.501764]  ? blk_mq_hw_queue_to_node+0x82/0x110
[ 1768.506610]  ? write_comp_data+0x70/0x70
[ 1768.510721]  ? __cpu_to_node+0x7d/0xa0
[ 1768.514613]  ? blk_mq_hw_queue_to_node+0xcc/0x110
[ 1768.519458]  blk_mq_alloc_rqs+0x31c/0x980
[ 1768.523620]  ? blk_mq_alloc_rq_map+0x220/0x220
[ 1768.528199]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1768.533482]  ? kasan_unpoison_shadow+0x35/0x50
[ 1768.538081]  ? __kmalloc_node+0x50/0x70
[ 1768.542075]  __blk_mq_alloc_rq_map+0x15f/0x2e0
[ 1768.546672]  blk_mq_alloc_tag_set+0x627/0xad0
[ 1768.551176]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1768.556373]  loop_add+0x2c9/0xa40
[ 1768.559826]  ? loop_queue_rq+0x690/0x690
[ 1768.563913]  loop_control_ioctl+0x199/0x530
[ 1768.568232]  ? loop_add+0xa40/0xa40
[ 1768.571856]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1768.577314]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1768.582252]  ? loop_add+0xa40/0xa40
[ 1768.585970]  do_vfs_ioctl+0x1de/0x1790
[ 1768.589983]  ? ioctl_preallocate+0x300/0x300
[ 1768.594499]  ? selinux_file_mprotect+0x620/0x620
[ 1768.599258]  ? __sb_end_write+0xd9/0x110
[ 1768.603319]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1768.608090]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1768.613624]  ? security_file_ioctl+0x94/0xc0
[ 1768.618067]  ksys_ioctl+0xa9/0xd0
[ 1768.621519]  __x64_sys_ioctl+0x73/0xb0
[ 1768.625405]  do_syscall_64+0x1b9/0x820
[ 1768.629286]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1768.634650]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1768.639574]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1768.644418]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1768.649434]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1768.654450]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1768.659472]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1768.664316]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1768.669501] RIP: 0033:0x457669
[ 1768.672693] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1768.691588] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
04:38:44 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0xc0045878, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:44 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = gettid()
wait4(r1, &(0x7f0000000000), 0x8, 0x0)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r2 = dup(0xffffffffffffffff)
ioctl$DRM_IOCTL_GET_MAP(r2, 0xc0286404, &(0x7f0000000040)={&(0x7f0000ff9000/0x4000)=nil, 0x4, 0x4, 0x4, &(0x7f0000ff8000/0x2000)=nil, 0x9})

04:38:45 executing program 0:
r0 = socket$inet6(0xa, 0xe, 0x4000000083)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000080)={0x3}, 0x18e)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$BLKROSET(r1, 0x125d, &(0x7f00000000c0)=0x8)
ioctl$RTC_VL_READ(r1, 0x80047013, &(0x7f0000000040))

[ 1768.699290] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1768.706557] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1768.713846] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1768.721106] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1768.728367] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:45 executing program 4 (fault-call:20 fault-nth:10):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:45 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={<r1=>0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
r2 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
r3 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)
connect$bt_l2cap(r3, &(0x7f0000000200)={0x1f, 0x9, {0x400, 0x1580000000000000, 0x8, 0x100000000, 0x904, 0x9}, 0xfff, 0x4}, 0xe)
ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000180))
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={r1, 0x1, 0x9}, 0x8)

04:38:45 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0xffffffffffffffff}}, 0x20)

04:38:45 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="757365725f73c062766f6c5f726d5f616c6c6f7765482c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f7033a3d3ae2c6d6561737572652c00d4cadbf2ef61a51b33468282ea25fdbbddb02a23696acd25de8c5ba8cf97639fe36ae537a0564b50c38576e67f0a53385c9f8e61386b"])

[ 1768.884026] FAT-fs (loop3): invalid media value (0x00)
[ 1768.902709] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:45 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c25, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:45 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x9, 0x800000000000800)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000100)="493418fc24d9994f534762e5c0921bd6757bd40802ca1c1edb5179e6767afe159908fd11d3837ed8cec8adf309fa3059cd744440c2e95d7e8e2b264f81ae42b7f5ad218425583202069e4452e5a02b838b84a79255f53f8e91328c4df82125b402227945317b01328c463a791a9768cd7024f6645fe5fbb89a9e821ace06fab5e01b68a1228e143b16010e10a9891db254a6233437ac4c", &(0x7f00000002c0)="58890443355df7a7132dbcff82ce265b1915b6d4b65a7ccec2e8c690b61f2e37a95c3007f6dce18652d2a10f6bb9f1a34df144ce7c92cedc114b4f2f05549da9846a2101446b195539d2876ae30f825336c888f057b6cdd49c5d3d388da7662971d300558a66af8ab73bcb231dc3543c711437a9cb661dcd747f9d338c7dc3dda701d7ea7502ee778d39c82ce3b1ac4236e60d15ef03f524f6664d8c90713e55ff146172e97ef8aefd3a66a8e040c1c54b891d4622f304767eca76ffe5f03a1999496478502da8b7a8195f6e32d2a43df7532cf1fbbed688d4b5ae0d44fcfe21869bbca1dc", 0x2}, 0x20)
write$selinux_access(r1, &(0x7f0000000200)={'system_u:object_r:scsi_generic_device_t:s0', 0x20, 'unconfined_u:system_r:insmod_t:s0-s0:c0.c1023', 0x20, 0x100000000007}, 0x6e)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1768.941297] FAULT_INJECTION: forcing a failure.
[ 1768.941297] name failslab, interval 1, probability 0, space 0, times 0
[ 1768.965145] CPU: 0 PID: 8387 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1768.972427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1768.981927] Call Trace:
[ 1768.984502]  dump_stack+0x244/0x39d
[ 1768.988121]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1768.993314]  ? is_bpf_text_address+0xac/0x170
[ 1768.997905]  should_fail.cold.4+0xa/0x17
[ 1769.001948]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1769.007041]  ? check_preemption_disabled+0x48/0x280
[ 1769.012060]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1769.016810]  ? zap_class+0x640/0x640
[ 1769.020592]  ? mark_held_locks+0xc7/0x130
[ 1769.024720]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1769.029458]  ? find_held_lock+0x36/0x1c0
[ 1769.033513]  ? __lock_is_held+0xb5/0x140
[ 1769.037564]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1769.043002]  __should_failslab+0x124/0x180
[ 1769.047225]  should_failslab+0x9/0x14
[ 1769.051016]  kmem_cache_alloc_node+0x26e/0x730
[ 1769.055589]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1769.060645]  blk_alloc_queue_node+0xed/0xe80
[ 1769.065043]  ? blk_init_allocated_queue+0x640/0x640
[ 1769.070044]  ? __mutex_init+0x1f7/0x290
[ 1769.074001]  ? psi_task_change.cold.11+0x1ac/0x1ac
[ 1769.078927]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1769.084444]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1769.089183]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1769.093835]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1769.099007]  blk_mq_init_queue+0x4b/0xb0
[ 1769.103070]  loop_add+0x376/0xa40
[ 1769.106507]  ? loop_queue_rq+0x690/0x690
[ 1769.110642]  loop_control_ioctl+0x199/0x530
[ 1769.114952]  ? loop_add+0xa40/0xa40
[ 1769.118560]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1769.123995]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1769.128912]  ? loop_add+0xa40/0xa40
[ 1769.132531]  do_vfs_ioctl+0x1de/0x1790
[ 1769.136415]  ? ioctl_preallocate+0x300/0x300
[ 1769.140820]  ? selinux_file_mprotect+0x620/0x620
[ 1769.145563]  ? __sb_end_write+0xd9/0x110
[ 1769.149610]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1769.155129]  ? fput+0x130/0x1a0
[ 1769.158390]  ? do_syscall_64+0x9a/0x820
[ 1769.162348]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1769.167869]  ? security_file_ioctl+0x94/0xc0
[ 1769.172260]  ksys_ioctl+0xa9/0xd0
[ 1769.175701]  __x64_sys_ioctl+0x73/0xb0
[ 1769.179569]  do_syscall_64+0x1b9/0x820
[ 1769.183450]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1769.188794]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1769.193703]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1769.198539]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1769.203536]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1769.208544]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1769.213554]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1769.218383]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1769.223562] RIP: 0033:0x457669
04:38:45 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x34000}}, 0x20)

[ 1769.226735] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1769.245617] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1769.253305] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1769.260553] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1769.267805] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1769.275057] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1769.282307] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:46 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002", 0x11}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:46 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008919, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000040)='./file0\x00', 0x7fffffff, 0x7, &(0x7f0000001440)=[{&(0x7f0000000180)="2b6345dd57de080b140cd77a0500650907901c650d9c635dd271276f690e0a7241dcca8f7a0d675cf611344f4f5f5cfd59fe13299aa5b05abe19a08c359aae904b707006d11e2c95c4e81649284102616b0011adf8f98ddff5f5dc284def9b1f5e51b1b823535abba3eab899d28e1a671822eba6c32bd3d407341a9bd0a277dd6c271c72a3a4104e39389dff5adc7f4fc6a87cbfaae37c8c0e241d236dcd2a0694c7d499a7392de612c4ac158f95ecfba962bf41f71970133a4ec8cf52b348ad09a04bc4ac25faeff023266d71cce5d1236ae8aba4f5daa1841c41d2", 0xdc}, {&(0x7f0000000440)="a12d91d76bb31e0286cf2a604c698735b3bb56a7ed1e650ad33029d68a78387a5cadcf76f716e2b71d1c75f7a430d2867a14032aea0ff965607e4835c301afa449220d1f32842e8b3c253ec564ef0f9eb2550ac3868b2eba9080575639dfe051e5cbaa106a4c616792d10316405e2882bb56002380326e6c816a2a866e7bc03ae43563dc9d61492ba4b03d4651ec32ee0ef55ce00121cd5b8b9a27188116a2d92672e749972944a52fd2796edefa399b9b10d6308d1216e09fd64451813d3e36b688d7c72d39505b043183bc2efbb8bd3be734ca9f2467c4c177027f6bf3585ff9a89ff9b1d5009a51ed98d53bb17f1f163bab0beb2909bc70d1e91c1279db12010b1328ad46c11495ff47e80ac670c9a8503bd5d46ad5a49d4270064ec76bbc65c75003ca8e9e360ed9263cc9b4b8bf462499b9fbd9316de3d76a0edde54a21861428f6159e94563186ba2d083c5dabba1f5b34f7fa91e21e35a43828a43e6c0f5f8a8e8a0e4390dd6d55ee734a9a6b914786aaf1145ad4536dc3e042a4a305d99a5f0c378d09e87281cf348dff9726478099c0af0e89b895b3bbb0882db7c2681b5db8d712551cabebf62572802acc74cc234207b0c9d0dac98109ba4e6a3f6cba3c6bf575285f08e0d9a5bc824eeb2eb016b6bd231578a8f3cca31b80ac71e18e41ef6d89dc01974f916a988ddffe23257b7401e6f09c6af464754263cdf2c2ba4bf94423c709174d5038e3bbf69abde5879f36d263e581622a4d7cd19a0a71e27e21e89916ea34332e6bb0b187adb37e38643e19566d88c122d3466a007c6b6b1f88a91e009edeafbd3c3248cdf6c67befca7b31e067ac1dd2aa15fd2ffed94bf7c7e815fc17b24896f1a2b0daf127650777adf01817c10643df66abc5f71860be7ec1d3cb78f0c9656811142a1e19ddc4491b31f36a67bbb793353da3e14854a0cb44dd9ac5ddd478209f97cc6a1772dfe44406cce69c02422f0552d10f971edd8d8e68185ba2dedfc167e2d126966ddebd9e63e2a9ca336647207dbc3321918db318064eb929e63a1e8f4e6eba673e6f43113ae5689bbe6813803b6605710b6e129d458b1f6fe46243707cff690299ead80c5a0366e05b9ed27521f1ad2394adb5d9862d6717051f5948358ed5f1a5ac1d45505dd76137b3995f081181555278ea393eb3a85a21975e84c68916b717770ab2b3db7170c7cccfb60d5acf02d9a39c103c467567f406dc7086c7d74f1421cb31bdba9a59224fe4b90d6c3fb97868d1054b2627f1e7430d941e6a0b1cb21ab958f241af4f5bd7434e5b36b13342d4d9e7b08824f122e9c0cf92e85e01a38898c6d5c0b8fb820ca1c4dd03dbc9a10169f38797aa53f2f1b57a9fbe63571ec9cea2e83c6bc966be22650be7abc0f579164aa74c552b9a67f446b8a303b4ba523dc2a1bee36ce496c24c4710d6d5c5f747556656915392e4db94ab07dbd2944d75c3671666e8f0ed1c91dbbc6c243f04e04e34ba0c47ba015b54c40d205e394b6ad8eeffd65be4a83ad9f5a77064339419a72251f427f3a14b263f0734a6d0c779d029da1e9dbf96d9c252b94cd10211bb2e79bcf2bec1ffaf8aada818b48a79da6e7321c8d8914183ad0b9038b9cd35096548a8eecd888e009540ba1fbef1dca6eb5cb9afe813bb8a78949ad6773b3bc3d75991205e0c980a8b1c52fc2d220c4f0bc8183542c3ccffbefe91c1a9f86b70adc2ed72019174ae529ecf2b41d018ae5a0c9f58b097d157613f97d6c3169c8aa26e612d352ecfcf3790290088853e94473e12b310e22d9d31ea99ec585486971b5c679cb8e504355a19b12749b5a93b4e224df39396c1e92d65ba9ef9af22dcdedbc3b845c8b255ff620152d902fca34330de8540ae0122d911f72eb1ecec637027a828bc9602388847b00faed476a5538d8aedb3900722868d44783f14e264bf5c494a0200020655c1bcbbe5bcda1d1632e09d4e5d9375d07c5bcbac613f52619cdb39cdf8ea8ab83ce182dd65eb7b59c22009268021ee08a6c20f7237db16e59f0513d07f72405002ab52eeee46ed76b3ca02e72adc4e17e6eb54d6d1be1c8c523e7f2948a03d8585d6e0d5cac49d2e675d469551752ebcbede88a4a9a21efa80339040f3a46676cb4bb489ddcff47de41db0890c711d2b6d415c435d5f2644d06303d6f9a3fd301a489a90e1ec4c6ddb14621ec486c8125ef47bc94b1e9dc3e5cca0e5844b3b89ecc812bcc27ec4c51b478c1f03ea1861e60dc2475218474b8f85091fa7a348da7d15abe90429ae052e0a140c52594f7f991e86d4a51bcc0caa1ede80986b9bcd8d68160d8d8aa6cbd5c3313af01c94e2112de0fbe99c2852d13f27574fb9e839dd9cb904f7cb18416072361d7532c47f60ac45b6727f929dabb747fdc7cc482d0fdb68e03ab0ac40c0bda2d366593592094e7d55ffaa756732a589c3e7da67fbbffea0de4fab2d90ae1a16116bcb4e4816bd8fad0bd429e5d6562ace23510b6f77de9d7a81508e7bb32f1ca4fb7d1dfb11a2c2f0c4a1a74e0f047bbd2116fd397d6a6f7f4fad6bee5d05a6c6a2f861fbc1dcf293fb519a0f5a4e16f39273d867e189364ce2fa78a9623e7d37b7dcac7b21c38c28594d213226487cbaeed321a88be7964885e660855d4396ec4d45d43374696dff6f9b440a6ccbc3f91187b36831c0673b7ee069ef599db27441829901882c62c62f6968828e8e08f9ec451bf6e36407e2f78de05930567fd5587292f9310b4ea5f05b3c3fe9892fcd20aebb0b30705b192d18d22028996bd704ea53d672881b7cc39e6f09890abfa2d56daff64fc533392f1dc0a848d0f4e6565daae3568aaa011da20cca6be7e70efcf5848a29989af598862eec06e07cabf0125ab2318751d45697352d81c7ff9b163bce1fa66390b137b1175a1811eca6996f2ee325d140403e6c39bd2cdc2fef67df7ee6d1a1b1bd589980026ca1e36769c12f9746692edfef00f4f9dcf27e70dc1d5278c6d54c6af84eca054fd6d2892c0bff8feae82af4a8ab2b30e96019908f4a75ef7b0ffa4eecbc08201fcfe98780d99a115dac8ab2591ba34fbbfa8337c07d0b85ca9be82444f42e83c91bad0ce404a70204a6ab59fa3ed870df3a752778a14d0f0fdcf552cf9f606b4afe9681266f2d552ab6450034f9247c3e07190342a0b7e03f8995a807696a45ccba44afbf6a4fc1242fc01dd6586f91e76f2744a03f968780108fa2cd35e46d3da2045d41c075e5376e4f0c742b24daa44ddd44783940698e99678b8502d7f5ea239a66f54bced86d24b8905bac194a00a2d4d480006bede1c5af90eb6cfce7d743ee9abbb52894a3614fbd91827e5658966f07b87530a676e3e3af307d7ca829f89679eef919631b89c6100b9f9cda09cb93f3a029457dfa596779a1149a89368f27bc88f14636cb6ea3f5a087cb626e35c27cfb59417b9b94f86cacd2c5058d38313b136df92d4856c44171652654cc46d69be006ad32e99bef30405bc435b37526c36c4dd4c1797cdc64ed14aacd360df8a709d9d85e1591f1c4e19ee87e1af17c5b85dba1400ca14fc4126febf9d3d4b431f5db6033252b12b8aab6b2a0e8664580b63239c793ceb67ffd0975cdf66c6f240bfdcca55593887c24474c4d730f25e22ecb0fb2f2a9162a2af50b61ffaac670d4a4421d9da05ee8ae1c54611af4892b312ae4c2788cc7cd33f73668cfbf52ea903f40512d3e57e843c06e8436d542601a1227612dc8b83a4665abfd6f2994adb5bc18bfc7ac3afdc223fab5ebf6722d63ce0d6a4e3b9aa5e5dbd1c665667e8f9c07d718d87d2bfb8e20893703529c2c3d2af087e5c973e76ca1cca1f80ba90d5966e6bf0294c1bc903c6a762b9ed002a7df96981a138f97dc6c8bad96cd05b60de23d50d173cbc920f634c99c1f957981a3eb360b9f444bdf84eda4789e283cd991616bdbf5c694b940f3b51480e099369cdd65dad0850df6822692da5d8ebe21034148a48820861f5e74bfcc8dee96943952f65b9a93bd7649c48b548d136882e6ac4e3c87521d94953ad71c445a86da2465674d5ebe34411dae3cd14138296ac8b264d3072f94031765740ad31c94ab052577c07c4bcc14689a13d21419ba995a7cb5fa95533d3c1e5b95210a9089f9839486e4803c96a9dc6dfa57c0caf22ecfbcef30fecb8511e2c2a90a54003944c49b7b7a283abd7d0d77e2ce735955a16dd1676bc978a465e949f5998e85970772ca0148c8a5cd5c2c167442bf92702cec5d90f2828d31ab76f5c23dbe8a8ea7541908be74686c50ec59a3ff5f9c90d2c21e87ca040cf01ea58a7adda9d93caad2bea9c2a03737f9e095bffbea1cc19fe3cfc701c901c568bbb8da070121fb0cf6c5bac580ed0e9ac92baacdc534f7706d9868884d5e745b5fc8de7cd0e899442327b8f08c4c648d7f8f0eacd07650613b588a935f1668ebf4bd96a317c1ee5ba38f463289872d9e79e55be07af8289178ab7a0a49f8701360b50d23f8f64886a90d6e5f11bf7e33487f5a40e77a642e3ca132274268ebb3fe3e88eee0ebfb1d1291357cf7ccff7d484a92695d3e90798416c8bad1107e7dec92aeb711d47368c8ceff2f2303bf0910e6b81f2e3c3b54203292ae82c567f056e1026ab4ecf63f3a57abcb8c28730c7d3d5b28bb4d26957f6cf285ea70f78dd9235df59c8bdabbc34904513eec7892ea46828686b733a39091c13d845dc7746456c05eccedc3a0367ceada9060dd32f3694fa80db82fdd4a46962d90490e04cf92c7ca623eb59a5ba3a308cc983ef94904407da50dc12ba58f03aeb62005a58034a48f8d6aaced3fa1325b196c0deb128698f431d6e3f19deb34cf530fa68b1338b1e8cf108c61e46e06159e066fbad7eb0a9a3760782f32f849f6b12e53146e209c9f9b6d558994a3ee91e577aa08613a0fc9260a56c3cf76643dab8cd016e2bc556585f1ea969efcd744059e25e6170064c2d1cc6dcee47ec994836140de64a608c3afb835bfe9a61612eb196f435e5138c234a61ac5fc2988aa97123955ce2747af28f592eb31fae61ac0a7ee0504bbf1d04ff12c478c2bb4cdcae25162dbe0e0100c1ebfa56d92d98ae251baf38bd99980f03c1ab0fdc66e6d67c10c5327b5a60e339c6083f752050b96fd99fa5d72912667f21177b9e36ea714bdb6e383c4e1ea57e1b893ea4e52a3e6ee1ae53b3f308fab4e0a90bc06a2fb5cdfd4c9a4ed8e99152ce3d9b758b1b4bc61aa6fb7bd05771dc680faf94df754741362ce82b667db83d0a49c56ebe8d54316bbd3a37ccc6d15ebcf91e11f374ea84d629ec6f8dd278b1565f95316a9eec4d92a49fb3e9dcf5eae8362411907203d76b2859c25235cb91a5217db53ddda540195885ebfe7ef3e14e671601cce587bd6cc6d81e63f19ae30c42d5731a67f779690829f6090a5eeb96f1602fab5b82b3e25da97b37202a5c35af5168c5ad8d18aec624994ff0e4c4872dfd7ff405c504a4210d58d434d6ce67c5508a992fb95dbcd8a9083de625c5a32dff0e9d8ef7b8e8a731eba682eb141add5c1bd35ad938d4fa02a054a68a28a854925ab8cd601ad627e3cfc9efc7d6fef400ca7e1325c3a11c832f3959c52450a2d204d8642fecb6679027f8868b6d361dc9d9d55c3ecb30cabd2c3330de944fc492c59999ef548bc3b08470b59d7c1d80e32147a50bab53975245fec0efe6e0703e587e5fdfd6b653d82ad276de0ea0f68d1482fa626ac308971a7c05abd3249840f244a8e09a81603a8fa5f825d939d7a154fadb3d025", 0x1000, 0x1ff}, {&(0x7f0000000080), 0x0, 0x4}, {&(0x7f00000000c0)="ac723ff5c61696d84f0e13d93eba5750253cdafc7644ce13913f73e021dd3a116851085157aec682075c86ee122b76bf8ea1620d5078f487ac787e9054290dce309cb1d8320658", 0x47, 0xc93}, {&(0x7f00000002c0)="8e2e108bb71fde893a00768bff90e5ef2b810a1657866130f3dcff366f28bba1ee57d57c8e399720ed067b1449f4688d397ed901c938b2c8018025591c3f98c6c3ec94a5ef5ac74b1ac00c446a81a297906fb4ae8beea1d8e6987ffd808d102ef77b39d7b7a8e1529515d40fd72f8f7fdd62b2f8023be248be5b973ba15ea8db1cfb8724443360e409b5c89ca4b9897bb340d882", 0x94, 0x3}, {&(0x7f0000001e80)="fa8da5c47bba7f7567746e2c247f994d9d550132c3a52685b93b7b89fe46aa4daa332b3691a8b1ddc424c41a3a91281af97c3109d5c162fe592f5e212a6c9250bb75dfcf9ac711ef4095c2adf4687855478d01422d1088a127ffa8b8b403a92410ccc09d51d0fd417d21c0c705475e8f8f2ed7bc442b42a113307b79d3a0c75a4f5d8a7d4738bf8019639ff94108f21c5c86b96bcc767c9b23e875b5ec29979876a924c2f21ebc5c3b5d236b91b9ea5915d4abc90be47e54c25731089d0cd8f5bad8f7d143c295ba1c501574ebfd912455fe2df08e6bf41936542697225e3df6076c114158b1d0f84e4a47450f680ce1d93a6dc421dd9c84efdb17953d82a60a8c8858c6344d7674e56b8827abfbfa0996efd6610084028bcf3f36473b5793149e580b3aa7e8041294b7aa828ce4cd8f4aa89f90741355d84aa40fd4820cd957c020286292466822581761a7a53990dddfc41ef6d243c170729e2960280ab7250817b2e071d5a138074a049b4c58bf18761c146d1090c5c45814f910d518209d4ae77ffcf81f28b8e5e2430cb84780e838896ef2ce4f89172fe0e5a755c8f60448d246470d2e84cc141770222e6bb9ebc28478545ea4f7ef63934c69cf6c90eef2ac3e3f583af4090ce236ba439d8364f54abde7fcc5ccac12a2b24667c7fdc7937eb9cfdee64170a86feb478428d9513ffcd59f7ad68ad2c187fd1047908e65fe18d233880d7241734aa362b0fd8feb750e2bef56a40124ffd40d610d447af78923ff05597cbdd942772088dc502ca3eccde78a170a9afd15d099f241e77b0931a9507aad6f9b7a1d7e05f4dd37d476fc7aa9a415d31feb668379304715308a6a84899ab052b829e5e0ca4edfc258557a094a7686975b5b7483d302e2f6a56a4ca252a515c16e8ae81c2e34a1fe321a197bf054be5b1d82e844036d784b983b5e185809badf3fcaacf28eda0fcd1d3d924a15735795cfabccbdcf2425d890c9b88221c9255ce67510235b51b12efb201dca68836b9adb073a875c0a5a0af8d2c27fc80520bc45e60fb29bf44e59e3594e4dea85465a8264591e25d8701bc150fb63bec8be3633c630e5f38ec932eaa339a9e1dd1706623499a553406f89f24ac36cdf6fb1ec5f1d751548f85f9f68d0f6b7148e714d96f32d690f42e71a46340ffd0f403ce702e9485c16a95b4dc854439e6d715849f38b5635134277844260ff5440def18c470557efaa242b421fc67a41e6891eb2dd87681b2706a572d6f6ad8643f25e8aaaf0131e0660e6af86f012eb32c6b86b9ab82ff8f0b1407b56f33a42dd839b277d76994aeba9a7092977ff7c0e2b4c7b50b169d652b6e5c6f32655442b8649f9cdd7f5d0591b7ce5f007e5ccef325aeb203e890a333169d1cb46079cc761a29453c1ea7e941551dbf2315b30729654aad375c7f559f1bd445e2c2b9494f7b4ca27977bc94053442a0784d473b81d6cb526965a7c4ec2fb5920dc4f78e939170c106e16cf5f96def2ede7958154dc347e9971c0285bafbf5c66fc4fb087f275b2bd3f6319b0936bc06b8530e49d8916c7bac470456d5d3ae9b2c76c15d1f67fcb8b67d5f998c33f066fb76e2b449782f3b047da6450b768a539a9ea7a463f06dc8b1fff89a40456d215c2c495105bfcf988bfc0ad11474762b9b7996266e03653e6b83634eccee815f2526de3e6f356bb12e4f9127b33bed79494fc8917be7d04a53592342431783d1b6e309fbab11ea555425bc9d23b12224f3da9387104f4c975095ab83ed52f9cece5c1f7f085bcc0163c05edec0d61e9165149b43a2c769475806755d068bfdb82f0774108ec8d8375f3544bed662bd4f3bf06f63ddd7a522a36bab5cdfff1f67a3da6b8fb55d4f3144af672dab9a0d7c4af675d8674987a65a8245c1ca909a3b5b5493936cd4df717175d89f221af2d1166e8efac5bc0498deaa963d4368f248deb704ef3e9fce1ff250c283a074c325133244e9af584e211265d235daf56d1763061fe09b78c9dd0b9880ecc8b1e9c0624c0d3d54d42ffe2d01cd6576d9410b6fc5607d4bf2a29df3ced4a7764522b76f1a6adc1d87f9ec069d3a337a676de9e0fd5e21236715b8c0d51b93acaa44f33c9f47491193cc89668606129b9eb98126229dcfe2a708f81a4024b697f50858f26289f7a8cac3a36af86f19693168a6116ce58df86a8c646de56b90bb52eb301d735a2c752e65b5b6bc4ad676a4c1cdcd98bf62898c99a91b441ede636d1bd3c81d96d1a9ee927b4fec98a872b95930820e0d9f3db1e6cef2c9e7d4edaee68d0e149dd31ea97748f93e09edd364bb6b1e5daa10d1911e6e0e766f726cf90af00dd645a870bf50d5016f56cbf18fa3a19e6b5782acf741d54d24eb8d31d0cbdcdc5e1e8f17e6a4adc33d239a1384c8a2237095d5cec14fcc353158934915647d7231227fd548ab591b435860db66bc2e2e51ceb4544cc30e59bce235ba04caf87898a1b221912fc7a8b97f5be909cb911f75e05cf8d12c487561572a9711ba450acc58fbc357e5647b8d9ef19519443d7fc0a0e92d147bf1e30c20125556aab1e5d9fe5175d8a4dfbd8127beb83f24a213177ef54e5f83b9db63597e8798c9c598511fdfb1d613ea4eb6c7fc315d2bda2fe79caf3d65e0063baebb597e814ace552d41a056a6f93ec56816ee50db57159472252cabf6e0d68e3dece05080b3e76b8dc187f876b3c1d9a9c33f618c60aeda7965faf5cff09584789cf2660efbfea80433cedc349dac6782e6b62ddc0c17217fe17b53e7681613abdc45a51655df10b26b6b91d36a1e66cb7eabfc3b5e43248710611fa358adb9edd6f8e5ae8bcf60733b7e1ca26dd5642be2bd3b271c3e0e88793d3afb6e2b503996381dc2da3ded2cb3452118cf495a42d6cdf3e82d2a1a6b3994fe75f5d92350350536b7d0a347eaacce7116f0828f1d4f9a89b3309baf340b21b88b8175b4d924c458fd3261316a5080891ae8ea3fe185f50d3119ffe836110286bace3e3a636d6ff149a61e4ca9ef357a01195b0eaab8248ae7376c2b3aab4a1ad30b67243108d2414c0b6498eeaeaa4b01ac9782c9045385125e81802ae05b14822fcf15e888369c8d5038cc715b0fd9983b30721d110fabbf3f8dfcb5a37170b30390665f57c45514591a3bcf430024db3051442d99afba6081743cbac34cfcb0316894d64ddb95073b6c197a3f911060886a0d00a9d88889402a2ab805e8755e87aafa5fb9248df6f3f88c1d079123df99216883d3b9ccd674fdae8302720660e5048ab2d61fe36855af5b3cdb1edda9cf012c8bb1106be2e60ef5169f011b34155a4f6152f99f54bbb92450f62cc2e8433a2f24250dde249e41e721b74961b5636e4b971c1d16c78614bc3121e46a6c1f39cbc9550289457725eefd930c49f5f30c572ecd0d8b35991d36299c2122cfb2c8e84befb11175fe2e8c07e3fd09cebb880adc379bec5ee7f6d2a00a9221286c7e85dde4b993c857701059209865c99e76ef3d769f90f67d84bb3e65fa1879f1c9088d4da8afac39fd8c60ebfef705a1be9f210dea307e47ecf1fe42bbb3b0721b026805bf67f5a615e58f65355101060cd2a9f30fd78487f83e5e76d22d12faef2de105d6f09a1e25687d986b789be5bcdd44d988c022b585a019ee9445608f5bcff95ed25b41ab8a366badfac2365788ef038496bef7a246723094aba379198986322e8e20bb82ba41ad8e21182113a373c56c42d0a8627b7e9a66e862310ebda12265000533f1907ff5d6205a50454289f0ce9bca59f8bf108bbc04234a78822996b956c0cbd14841315b44aca43577920d1048ae43d73f88ec987d17f2a8fb6990c144dd064ec02cf3b2814cef6696d1f34dd5f349e6a429ff9e9a998f14ad2197620186c852a8cf668870dd23d1160a015f8ef4bb10c2ec3b0b36f0a3ad34879384930c8effd807e249573de38f87f39a9ea23cb83e7287408f3ecd9c418819f3a9aebf171274add1dff79520a3614e75a55afb59a449f4bb7dbd36a8fd39ea66e483e95196f2407356db5486d924221dd4f3d996adc4f475fcce5b4aa0648998dc0d200f21ccfe78290a0a2b2403d93f56bc8514a41ed7493eb200b1527c37478f392945a600fe711c7d4957358970774248685ae34cdd5b04b3da295161ce4b013a7ea058fdd5bf8cc7483894b7e37c9058bb7c750599476e2e3cffee54abc71afe7d3c95ce514035fa227b50f49275bdd81c532afb015ed81cfd6c29226036f5c72b6a6fc591cd0be8808c8b6bcbfea4ed372fe598c25b87ab309ffcc961f9b27104e2d99cdad0381505bc2ba800cf2f60e1e485c28812747a8faa520565e844226a94284ecba7d8f5086c1320b590934aa52c9bcdb303dbe87186f9bbee8c2e5507255730aad0aa74b2e8678c6af8511502313e98f0832f1a8bc691db8c37cd3ce98fbc934459ab5dcf6157730e8c98a391a7f7602b754a461d051a41f4ef164746934a1c8c6fb4b74df67e3fb100c05f5bdecb562add1561ddd8b30572cf49ad8a13d529b87b45d6ea21a2407552e1b03210e6cb2e6a6b204051c21afa120ab1043e36b6a32778864f4093522a1819eb96dfb80458c828a82b3138f226f785b31c0de3aae0d78f326d42aeb3132ed2c011142980514dd12f23090ea502854575a9186826da2da0245f66079ec6724260b4dc226289635d4007beb79538d203fc7720b4a2c63a93c159e6413408a3ce376c4138524e5a4262741d1934c817921a12f7c56b243b84b91c52acf3bd4e1b230027e8337bb617ab28501cff1fef8b5da3f209467b39ea6cfe0b5e95662ada09e517f233d3d39878ea10e97166b82b57baa42ca541fb7cef66c07658c79a4a01a0faed3ec80a1cfb504b205896a594b9a0e2d11bc971b869e8a6fce51357b3233437e8d99fb539a1118a963be9416011cf53ede5434774655b64659b5a40ce9fd5b84d0e0fe1e97947a1ccdaa9a94133314ce0a675653571ff50bab979694ffe0e0f5ab105f58b596bcea47cfe146941606a01ff3fde151967c7c0f221a2edf0e21e1e017e384bdd143dcaa365e160cf9d4a9a83b2bf5d8fcb58a34a0ae6ba205fa21bb601ae47912d8308b16b0e6ae9a1dc16ca1f5a32d2feff88e5237d04d939f89097c6bbe6b559091c0efd7fbf1015e9c4b303a3cb1d6744082dbe4f506d4229c48158efa46a174010b47dba5d449e1d66bdebbcc890e4fd41af01fa02c0845671dfb91de3ee66607c64e4f5ff4136f82b981f727ecfd3c7c78b40e7ba96eadf7bc1aef88c34308a82791ce084aca2f0db3d234b030902790d94b881f4f1b9c6b4195a9d9d917a65b65a7a609805231fc4d96db499377fc5e18ddb79f89d120c931b839ac7134ab2563d78c306da11e329133c5bcc758b1e1f29cfefd49b62573520699b0e557b29d2bb142c53e23f18d4b138e6ce9b2db79fe4bb7fcd07af455ef34bdb5778b1045ada4190a9d62e334d0c8d80d0b4d3dc362bd03dce8bfdcb5c6817e07965dc0da49b6a78e2ade1a22f6ac566d0362b5097e2813fd073fc384c4e2650f3d2dc1ed9310fc24bc79df6dc9acbfca10e50687419683bf1c995c67fb5183e2f3cbdfe2219c6941415c859c1a61b3dd6f031036439a2f028ff691f3b974e271d972ff0b6e77adc455e98f425e70b89658a4f8f1ff8a3f6ea79c49534bf00cbb3fd29fbea745cd3d9afa5e66bf604d77d0451e0be8df4c47248f0005e8cd38abfe972901e78237023997fe3185c8d4c04bfca479779853be64b11faccc8d86", 0x1000, 0xda6}, {&(0x7f0000000380)="3ef504c8877de0059c9d0c52cfbd2bc39aa8c16d4931260064ce", 0x1a, 0x3f}], 0x1400, &(0x7f0000001500)={[{@fsync_mode_posix='fsync_mode=posix'}, {@inline_dentry='inline_dentry'}, {@noinline_data='noinline_data'}, {@lfs_mode='mode=lfs'}, {@grpjquota={'grpjquota', 0x3d, 'compress'}}], [{@hash='hash'}, {@audit='audit'}]})
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:46 executing program 4 (fault-call:20 fault-nth:11):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:46 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x800000000000000}}, 0x20)

04:38:46 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c45, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:46 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c4b, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:46 executing program 0:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000180)={0x2, r0})
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x54000}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x138, r1, 0xf0c, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x44, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x43}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x90e4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_MEDIA={0x1c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_MEDIA={0x38, 0x5, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xf2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x800}]}]}, @TIPC_NLA_MEDIA={0x14, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_MEDIA={0x54, 0x5, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10000}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe48}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xbf}]}]}, @TIPC_NLA_BEARER={0xc, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_NET={0x18, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
r2 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r2, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1769.595061] FAULT_INJECTION: forcing a failure.
[ 1769.595061] name failslab, interval 1, probability 0, space 0, times 0
[ 1769.628887] CPU: 0 PID: 8415 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1769.636272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1769.645616] Call Trace:
[ 1769.648191]  dump_stack+0x244/0x39d
[ 1769.651803]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1769.657001]  ? should_fail+0x88d/0xd01
[ 1769.660886]  should_fail.cold.4+0xa/0x17
[ 1769.664930]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1769.669679]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1769.674769]  ? __mutex_lock+0x85e/0x16f0
[ 1769.678815]  ? zap_class+0x640/0x640
[ 1769.682507]  ? retint_kernel+0x2d/0x2d
[ 1769.686378]  ? find_held_lock+0x36/0x1c0
[ 1769.690426]  ? __lock_is_held+0xb5/0x140
[ 1769.694477]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1769.699909]  ? zap_class+0x640/0x640
[ 1769.703616]  __should_failslab+0x124/0x180
[ 1769.707840]  should_failslab+0x9/0x14
[ 1769.711627]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1769.716708]  ? lockdep_init_map+0x9/0x10
[ 1769.720751]  ? __init_waitqueue_head+0x9e/0x150
[ 1769.725404]  ? init_wait_entry+0x1c0/0x1c0
[ 1769.729626]  __kmalloc_node+0x3c/0x70
[ 1769.733411]  ? mempool_alloc_slab+0x60/0x60
[ 1769.737715]  mempool_init_node+0x131/0x550
[ 1769.741937]  ? ida_alloc_range+0x953/0xc70
[ 1769.746158]  ? mempool_free+0x370/0x370
[ 1769.750113]  ? mempool_alloc_slab+0x60/0x60
[ 1769.754431]  mempool_init+0x3d/0x50
[ 1769.758044]  bioset_init+0x3d4/0x840
[ 1769.761741]  ? bioset_exit+0x370/0x370
[ 1769.765640]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1769.770656]  blk_alloc_queue_node+0x287/0xe80
[ 1769.775152]  ? blk_init_allocated_queue+0x640/0x640
[ 1769.780161]  ? __mutex_init+0x1f7/0x290
[ 1769.784150]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1769.789680]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1769.794417]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1769.799087]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1769.804261]  blk_mq_init_queue+0x4b/0xb0
[ 1769.808557]  loop_add+0x376/0xa40
[ 1769.811995]  ? loop_queue_rq+0x690/0x690
[ 1769.816042]  loop_control_ioctl+0x199/0x530
[ 1769.820342]  ? loop_add+0xa40/0xa40
[ 1769.823951]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1769.829393]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1769.834307]  ? loop_add+0xa40/0xa40
[ 1769.837938]  do_vfs_ioctl+0x1de/0x1790
[ 1769.841823]  ? ioctl_preallocate+0x300/0x300
[ 1769.846233]  ? selinux_file_mprotect+0x620/0x620
[ 1769.850984]  ? __sb_end_write+0xd9/0x110
[ 1769.855033]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1769.860550]  ? fput+0x130/0x1a0
[ 1769.863812]  ? do_syscall_64+0x9a/0x820
[ 1769.867782]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1769.873304]  ? security_file_ioctl+0x94/0xc0
[ 1769.877695]  ksys_ioctl+0xa9/0xd0
[ 1769.881137]  __x64_sys_ioctl+0x73/0xb0
[ 1769.885011]  do_syscall_64+0x1b9/0x820
[ 1769.888886]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1769.894249]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1769.899163]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1769.903989]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1769.908987]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1769.913999]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1769.919541]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1769.924555]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1769.929385]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1769.934557] RIP: 0033:0x457669
[ 1769.937735] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1769.956618] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1769.964308] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1769.971562] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1769.978819] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1769.986077] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
04:38:46 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x2000000}}, 0x20)

[ 1769.993326] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:46 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x100000890c, &(0x7f0000000000)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:46 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c18, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1770.041075] FAT-fs (loop3): invalid media value (0x00)
04:38:46 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c21, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:46 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0xe000}}, 0x20)

[ 1770.134354] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:46 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270", 0x14}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:46 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x200200, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0485661, &(0x7f0000000040)={0x7, 0x1, @raw_data=[0xcb, 0x13, 0xf9d, 0xfffffffffffffffc, 0x40, 0x3, 0x5, 0x39, 0x1, 0x1, 0x3, 0x4, 0x1ff, 0x10000, 0x9649, 0x3]})

04:38:46 executing program 4 (fault-call:20 fault-nth:12):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:46 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c77, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:46 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c5e, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:46 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1000000000000aae, 0x80000)
stat(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000001c80)=0x5)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000002c0)={{{@in6, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0}}, {{@in=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000100)=0xe8)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={<r5=>0xffffffffffffffff, r1, 0x0, 0xa, &(0x7f0000000200)='\'[md5sum\'\x00', 0xffffffffffffffff}, 0x30)
r6 = getpgrp(0x0)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000001b80))
sendmsg$netlink(r1, &(0x7f0000001ac0)={&(0x7f0000000080)=@kern={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000000440)={0x1ac, 0x1b, 0x20, 0x70bd29, 0x25dfdbfb, "", [@typed={0x8, 0x61, @uid=r2}, @nested={0x194, 0x6d, [@generic="3ef6edfa0a92e729d957d9b57c774969bac8e96947b1d3905c8c431d2b3a80227ae5c55d02d53e6aebbe5350475540ee467e95c3e4d58cc109f5e2ebee1f28927abc5fd716a8d3c037965a9d309b84349564be9f3fbc533ac154503298e4ad57969ee8a3ba6f0a6485e354ea3db56c84336bbf4949f039580f7a4a32324697c70ee27900ca890d81a1e0c812b23215509564f9cef1d917eff38506dcf85ffc65fa952518a721c2cddd083b5b9402fe3361ae254091ab", @generic="bccacaabbfe0fc9a1d4a292ed5861852cb50d781dc96024276e2007e7f855e6bd1ae88180f8122860b2f4962df0627ab215ef57ebbd5724767eafb1218", @generic="91e0397f5fb8b59dcd706ab59f679e4d599154cdaa9425b9919bb9064f3385b26c15ac347cb5005aaf39c5c86f56d6ab123779b79d9bd71a26ddc811fcae7ce9e05449a991e8058b43407b4abe0ef65c5aa45ca4e41222dcfb4f596b811c7979414644603b876c1bea0de8c0d0fea089dab70335da58f67fe74eed25f9982e0e13bd60f805fc854a4e2cfcf640ca49f1fbab24d2b0ebe6902a1b"]}]}, 0x1ac}, {&(0x7f0000000600)=ANY=[@ANYBLOB="84140000220010042dbd7000fedbdf251c00670008005e000000000508000500ff00000008003500", @ANYRES32=r4, @ANYBLOB="0c0046000900000000000000bc033f004c837f7fd1b53e61b5d7401051037bc085531f71c0383288ea6351e6f6d497d2242fa1109e86cd7430debeac113cac4a68dad40c3a867a615242eae4079b80f7f6dcd99f319b5019caf559eb53aaf5d153f7c3bba9a541340553559994605a2dcdf7e23eb6fcd2db44646484ec616405b538f44304e01210d28201d43fd4e79a43fa4266a2f00232866f320dbddd4cfccffa8db916944f4f2e71ce69d1315d0c0bd4d7ee265c710ea146e88e3db7b649cd0288288d7393012a7322d2305836616821fcd1b137a52419c893ef900ddd63d371e92a76e04fbba3b22b0d55125bb97c8b33f2c7a84823196247c534b9d232dcd1c64c3127f66526924890ac4250c36c48e54ca6976e42c80a31ad86ba24055b15d4f7b443b655c095b06e4d6e0d6c2ff2e2be3db833c530ec1d08002500ac141411f02447d2bcf7894ca6e8da884aaa83345655e2b584fca91ed95c62e7002c3f70a9fff16dca1cc4f06a0c6d6447ae80d98e16f9b90d554d71e04e6540ab0e979d3e7f86445c5ccfe0785e2ee3308b7f551d1f61f1496eb4a3e9ac4f0421ad385666a9a3237d10202c125744883493e764ca56d5744996073a75f6a2fb17af4fc988d377ba6f8942f4bc14cedc7c081154078dfccd154196efef169f5c4154bcf723c0da87526d4f4b2f0b37ca398239d413a7c01bda85a722bcaa9240d16936d2f37a96e961485595db64daf82f17a3f1ff27295416ba7678375a809ef027bb787e0d5191da66bced0e8b9c3a272566efbab0d33f18199bf7560bed404869138409daa88c2abfcb5d55d70a43e54d3d695cc54011e4060f355d08ca7c3872b80bb9f5944eac9a99e2b60671ed78a232e954beb01298883d319c06574d07a60347d777b967891e2bb73f14b7481d17a0d2c82e40646b6170540bbdd0bd1aa636e9574a34c15e99baff46c7dd56dd989baef77817a581873f243c6b7249e336a69a1ac50cfa6cbf61580600cce8430d8cb389cb410c44c8fbe8b576bf0354baaa7dff009cb1c8fdadf4ec59104e4ab03980de1db4003c94d7455611c3390431297ccc8fb1fa61488a9f6cbefb81ee2aea8ba353bd78adcb3cccfbf400c9db972441f1e7064a84569b2df1881a9e9cc739b103bce8bcce49c708286e1aec0f38ddc93686de4d55ca88e8bf07949a3b7b6f013bd4bb6b0dae1843522831f3d4d79f8e4b42918dc9596364e0513027fcc10fb629fe1be708ef223664cf37dfea1d1aef9c3018416e4c4a633d5ed5db6274c74e88b9605b56599a487d38415f728ec0b88c0b543bf89fb54004137088ec6e53f3539abbfca1ff73074d00dc890978133d08108df4a4901092007edbba25a20315976a26c393d10fe69b22851940f51521731b9bc66db4409a754cb115999167b5f3535dd23af7adf175f9897127bea9216798ae4dc730b7418653f578f8da69f591723c5db42d8060678b5429d44e200382fd96f0d8ba31e1fea5a6c5aa58241448f525ef3588fc33c8208608cb01dc3c16db07e9bd85ebf331708e2734bfbab3822b839cac9feb832a5047718811726acc22f3fc00f3a505b909c424da0154070ca8a50a12a09090bb09f6948c5d5d8935269a9af15907b5cc10977a398baba6725ae43c1d54784784bdb12d64dd2ecb75aabb38cfd19c931a8a990169317976cb7b42e103a1a0ee349db2a771607fef32c6dec82926d5904dbf90aac438f3f3db4207d762d79c9c067165b7bb5db582c6955cff504a0684f5f7029de9fd10bb575d73e6fb2f12d954749379f2f06eff51a14ad6e9e07834309a35f5e471a1e0c702b3735ac19d76a2df5af645e01e768245fb079fc071495c5040cae9d8a2daadfffc968d89832e8ef291ffd6f8a2d54e9d1ffc7014a6b13404b55d4d21129f761a0c306689159ded92b819c6a07eb63570566e2850f2a8fcd71c833e84057333a7ba183ef2dbab503d606051cb896fa6a970dfbb165d794c8a52be9cb5cb7876445e786427dfe50321da2063f9924040add6533d582933b2926bc971b6055fbf4a825ac61a132e21e4e4fc654a82aa9ec73c52982da0bcd63d8dd5ddd52fb6cf1de3f8b7c557eed2bc0bdb0d0196c8ce3db6cf25ea91fcf85dcbffff3995f6e139241db8dd555bbfee96b8ddee11804443ccc6da4fcaced5f574068040f04a895a1a5e13f2f00528d40620e231499c1026ab2386d89c589b45e36f8db007e10a5354e1a2c24613403c6a80c0fef916f649c66a4acd24f87b40082a903eae9628ac6f5af31d051baabe76dc1bf7437a382468d4611dcb9bf0e30bb1f32f96102871cd0a9ba8b15a335001f1d15e888870ca9892d26fd3d951f6030ab876dfd164cc99a668b8492599d2931dbf79f1e2537d2e1cfd501a105592480edf1eac146bc44a82f329dc5384f904f4dae321d282b347824e6c20cd38e608befeba528f5344d14ff229bd5bc5ccd119333b5e65dd6ab8d551bf7b23fe69374566b9a80923b37ad3239d3116b9a98b2fdc2e040ba19d71f3ee547170e559ef00e95765dcfb8725cf687b3dff6b889de666ff30231067224385e9833ec5b97eca58d52425de17fd0dfa2275a3c900fc9fcc4232cd776753a42ca9463b0b43d9547ed0ba51736a30c29a5da7786d0eb9fb1afe3dff387382593a6b5236b6e0b35b4ebdd70a7ceb97c296ff946e7b4bd9519112a6185524796dcb0cf10daa731bebc9743936876c60261c569e62cce2f6da025b4c2e6e83c909ba0f697d2a4e30e03fd21967fc60ae94a613ed08a30eab0faf5ed4e185c13272d2e6d1d92ba07d4379e056557a3ccb85752917710b98465a898829f839c3248d6650a209e6178a6ecffeb4d4aa3be21cfd31a57e44d9899a3ef9f9e9b6f907b72c4dd1e4a82573fce6e28dc35623f8370e02839255c956554a6c0103a438d9bdfc0837143cf95e7bbb96b60040f45fda09dcd755fad0948cccef9ef36295e623f78b1e6d019500fcd8623914069b840b818204062aa2fbb7428f51fe9540300b11642b7d6de114393b0b49c65952d2954b2a717b0abc00958c9859e731270e1d9b33572fb35eba660198f3b06ca9051b2f1120324a14f4dce9c28a30804ed7abf3404e19a2d40d8718b0f175dadeddbc27c02b143ba12b4cd8824c528c643410b271afdeebafbf9f3e456efc5353cccd1b844005292d914fa10169c61f12cf9df5480368670fa2ffd169598dc4d26a8c45af763bdc79354ae8c0e10852d958e06c1742fb118de769b8eb0e65ad017bfbe009a055dead1a4ee007b410779da646a32fcfbb785d87550f9cfc54487688cce7b964fce10e1291b61afb936af8cab19a84ffd6be3216fb4674f8c1a7dc680ac128a1d8168cc4dc2add6edbb1788f7260f2f2ea5f1aa2e50ea76c4c86ba0f99864f6397050ac77b386b2e5a2e7c96587ece6937348987596bb1bd38ff2f34094011d62130affd87a933666a17c04e32c5764c2b76236972aca313fe9ab01071099ab9bb285bcf288556b029e95d37182879f6e1f5effc7909af8dc93e2427ca0f46df2a29c40051b1e45ec320ccc097da0c91ea7845185bc3da37f1338038ecf394aacf4b5ee9a55a1d98c8108ddb249caf2da08a0c5a741d0228dd68016dfef35920e50abc9c97c78ccc9327e0734ee1b2e2ccf65cf0932e365c2e4d42231b6fbba0db53beb811dd389536186c03ee1c89c24b136c7ce2906befa6cf4c14c7e23f0244af48cc54f53f5dafbaae949557930d4afe8989aabfb8a0c5ffaab09d75e38548b3b66fed520fab11855f780ba2bd63a09064868311ee6b6e4f8d579f3556236408c916534909a420cde5522c945e7ed8b630abd5eae3476d069ccccfb4c97c77cd71daab02fea2a83ecabc22d63417269d3d940b33cf1d097cbbf283439af4009ef58588126397bef14d42c3fd67759288e42b01eaa595cb6d26e7f0a8fb3fdbff6d21021d4e0ab73f0a2b2c2d42ae4da458e502564b9272a7ee4a02e4c7c46841b55832f76954b4429d121f6fa2370b94c95cdbdc36891fe6f3ae8ed321b70cfa88ab929498fd7b411de01964732408eaf6be8a7b37c65a0882f8499e93c59fc448b665a27173427f272c80df243b13d197b2853f03a50bb036a9759ff8e8ebf718d76ab274c91863a5f053cd459efda53b0b7f8a4e63f3880e2b5fc507ba44aea3f53c9e0d82d667193ef123342ce2961ec55cc841cb4bfd36ef1454353695657a0dd5b259bef9e5950e2cc2a7b3dc917057e8526f4a28634e6442713acb1d3165b8cd7762294b8612147151acd2298a264ff03ad09b96ed265682d4d488a642866cd5345010ad8bbb58ac66f527b5ff68dfcea6314ca568507c34c7e6fdd7a874816b5906747cd0de07737cdba8b9583e2f62e2843393d9696822654fcd60d0951b0ec03bf9a9eba78b889b640c2f5113e36f6dcb8931fb7a09d3ae0f426f66d49b18a713ffd7e8e4a794f8cb334fab1ebdd367cb4edb43ed2520daff0a45d06e2e7a120c97cdeb24858a2781c4df47e8ab06a00ea3165a87c1600f6d20f2bc5e4de8b820847c5f8bfc48e98852ceb02a8586a88db351227be020312679dc2b6273ba9c26f185fa91cb47a7627f341fef25cc8e531ebea49532840f47ef6792015ea9f8fd80d088dc590600d5da5c82b7e9c9bce2d178d9ddb249c77510daf3a17a98fadef0697c4052eae052ad3ed7ed5b57b87cbe1649588b0d76e26cf427d914e2cc48d98b7024725369de0d9b143c7fb43a7610f037c2624a0e71db47afddc742c5794324e01b2d6689dbe25645fb9605b3550766cfd3973384db400b9c731500bd7883c83c27a637165d5ce6c84bd7f1633a86a7c633e78c5cbc3475050451b53dbb809178560d95c2110b9e0f2d4a0bb09b2c7ec19ab258acde8dbf67f27a3f9e9e8ae4343aa025d333750ae87ae8c81f7e7a8dfe58d59bdbaf271617679028f71bcf33784ffcbf456c3a4b74dee8b3bd4131a1bca4066b3f904d774cf659d741576b816394e900c9ae4595a39e81e9f85cf008dfb43b1f0dbb1988ff77f487d73eb8389118cfd67ef458a6f9b8fd42dac52aed9f6c54a72017e812b9e4c30eb07776a3ab58844eb42abefe657ec2675117713dd9d467e38d35fc3e00cc0af61763c296034c34b3f6e09a666dfece01126110314b369d013a118224dcb1d1cb56c30392222880fe29ab9040747c41bb31091deb18b85c6d1d1434045b49b630f8d8b65685cda6636705768cb43567333a714e59fbe07873e49072db342a3b0a47aa4417254c234ebdb80edfd24b62e70b27cf865f3e0e4f3416a3dcdf839290db1f566271a5edce660ffed335d53bf7f346f613219e6fd7be4fb10bb9a358fac0550f1dc5422e2dec036f9560f8fdf9e6e46ec60825f5f96de9a001f3f0863a097dd85094dbfc25a75f89cab384fe9c148b8fdbb4723900fcf7d084096c729968cb4b247e6bb3fb09a04c0701deb15162cf351a39dedc9495a4915100c428ba64d1e8fa1933da68b867917ef6e996c6d9e8dc9b74b595fb2907ba8e07e797c9e002ca8d719e217d54e850591238088a4814d94cebad35f6e096a0b819885f0d040b948d108b0bc54c2aaf4841dbfef0a708c9ee18e717b4d4434c256a7b772dac7d952f742846024fc6e6b8d7ca30ef604e1014ebbd80a729fec3ab52e74c1f5f8ff00bae067524ac90fd6b27b675f6cb61c71c955831498b9a8504d7868a79b374d76f692e3332e9c9eec03904ae0995ecd3d0b8789ada0b7ac3d787da379c9870c9a200a94ac92ce3f4887bdcb8a6b9830ad6a86977d8d4ce76a03243adf5b7e4be072ab1317e6d37424562f12030db9a6d08c885d6f28b571899fe5ab5f2a8ce5199af23dea542da3934ef82ad201755dac7ae5552e823d2f091f6eb716d0492206eb3438b13f082aeb346052a718e0af06af9c64542953cfa093ed547b901bfb885a46ffbea209f950537dcefb02575486e61776e99fb4969b0144bd215546a9ecc3b4c9b0e946fa9ba23397d8a8ebdaee16611298114d1eac369a89686b263e1323d6bbba952ba3e382794a27e287d7b09c40a739239e09558b4dee76dcf82b74de93cbc984e0127393a3eb9c4ea02cdd250e2a217c25ba522eb740ef6b3da04f81cdbc758921a5a9522e9c243c467f728e00ff97fe0d0bfd40c0e6c93c60fe67c7c9538dde8d3a2ab756e3ba03baef7dfa69a88f0cd1e43fce8bbece085eab8334af7b2c2f6fbec7891fb549cd7169459bea51c4c8fe3dc2d2476bcb69defa56ea3aa7af948ac9da416f48885f8946ed4e0ec44880bc106b720b99f933dda2f6ed5adc14fe2e144fbe7ef27a98837d9f2638103918eb2f095c95f9754820d6f62a13cdf27018cc8609aaa12abfd31061282d048c5164ffdb1a2ba025d8c594a207f888f7e69642afdfb7232de9b8cafcce072629c3ff27358c186a2a789bd0a8b94d0d0c0bde829d633b3cf8f759870d03501f091dc9b2691b5b26c6642803142fb97e4f1dea9137ced1b636e44c4efefb69c82f15756c5ad7c6e0922d2b473a52e5534a60fdd3be78a810437f58e2b7bd5aedec3786dd87a3200e7ee15131e610ed9cc71babbdf7c0097c481cd59bb70abe5d2be3db9d27453c998ec0ca0b99503096f492f846b5709dd1d7539a7c64dd81a824fc8bf4ccfe8c3ea3f6ab79c9885126bb1c04d0669a940ea7b2eaae2f8f4aba04da7fa7b42569de2d077d9d189154126466cc7e6df18777faeaa5cd41db7f32402faf21ebf4b0b18163e1e9fb9560de43848c40344b6cc2c90687cc344e6c4ca24ba646d69d2422c349d5311543bdb5c833bd4f8aa35b137c71cd22c6b03026acb0927993e2205c824f91465ab1dd110850186554aca323cfa24f16198542419f8c2c96c7d2583a216d225f72c5b7145d4ab958fec411fec329f4dbd38afa2e86d86a536f0c672efd3b9acdb15b791472cc49fa712b9ecc5d1f0e2e66e43b0f18ecd5fdecbf10f8d785bd151d74b723e65d8974ff55e150c5c5404c999a4fd884f19ef5877657570e4841f2442e210f76b226a6bc23d236426ee619742320e0339d0034aee2495217066e7dd2cefa76e964893720c3eaa39bae70b33902f318eb62948f40b56d42d1d9e50cb77c831ed6daf979634b4d39110abacf280a69a96eff94f7c23fe566008004800", @ANYRES32=r5, @ANYBLOB="0800ffff", @ANYRES32=r6, @ANYBLOB="edc668f058613da382f2d79fbd0d85c71fee5073e3c676efaad951087f62a655b07c6aa39502646c2a7d1017a82323c8fe315dc4255207522225e10627a1cf3886eb5099d82cce00599bd845e1dccbe7557ed23c4ac10774ce6395bc9d44cb636738de10c7a9f8efd80c"], 0x1484}], 0x2, 0x0, 0x0, 0x10}, 0x40008c0)
sendmsg$xdp(r1, &(0x7f0000002f00)={&(0x7f0000001cc0)={0x2c, 0x2, r3, 0x3}, 0x10, &(0x7f0000002e80)=[{&(0x7f0000001d00)="65dbe232eb4a243a453421ed94ae920c", 0x10}, {&(0x7f0000001d40)="57ce86e9a780b489b6a32197bea4a15bc5025d5e897887964b1d5a87eeddbc86593775f2797f87b3283f4e1a8e7f612cf6b16fc2cd308c45b3ae20a727625766a61900e020731eae3a95bcf4aa45a6d111f69cd67560188c4f", 0x59}, {&(0x7f0000001dc0)="fc4144249bc88f32b0a4a1b9970e5c4720af9396d1f877d62aac6d1fe77675c381d2ef08647f707ee9bebf7fdea23e5422d7d321310efba0ba5200784e0323e1163ac920ca73e50a93da5ca9a27d515f0c4f59b0c60fd3ea0b16da873f6a2e199cfe69b2c78982052009d9fd7e9bdab9cde933584daa91905dddfcae5bb68340ddd2c2dc8f49248102812ef8dbc62efa9e63c6d9e59dbe81236d7160e5e4dc886b74cd14c143b3f41d291dd7ba19ea8575067020bfc97f22e2984288f98f9d053581cab2d4ff0f2004a477065440cddad374c6d3742358cd7b8c42ed5f785a56e06455f873515210fa67ce0803ed43c0a50fd5a1cd6b7d9e84b2be9f6567912372a1e4b9ccd93ee14f087265e38c97e68d602a16b3b0151f12f43698743f909dfd13eb5dfa60367831e1a9f2f899928146bb5c6ab87a281b6aaa8ba5a43c18d02762d81f121503b51db0b39e573adb66cfda6c2718118b980338c465078948a8f8b76be6b057c4aa18be121bd09929f83c9ea9149610a598e2757b246a4b8ac8583d55ed54c67c672a3e052ad205d4b93d6dd3e25388fcdefa09a14e5c746b8dfcedec312aded1359e9d271570102f670f57c566eded12b34db8016302f77c2f23cbeeae87d11645756dd13021080faba3be09c1b4311f8b265ab005537213494b2f882746343f517078dc6a2ba3186bbcbc4788e3be758c562f89bb9db17f4fc619682c705455251f383b754286fe50c813fda9bc2a37c759d69ebd823d1486c449e7844d28a28f9f99a75ed7c35a1f1c5e40e10f6a2304a8be265ca01941bae49d210383b95a488e8859c63b6030c216ce33e916aeec7915363c023685a1d7a814ff08f0a8433b3ca5f25c7463d068588b4e3cdf272eee5785def992465dabcb2ca70d94078e8e57a1f45ac6a9a0ad9f2c5f86fc4f6637ba2ab6542df5e6eaf4068d9e56389290b957b343cbaed377dc569db341fdc8dd4b7824667f9e29cc6579098cf06ff332bc26b680fedcb0491857233c5918617422711c2de6a449ed7d669b980bd9b2220c54528ccb816db2ad11086ec504b662bfe2d8c24e082c83e089d108cc97b292b5730743d58737f556373927f6ef7638be61c13404e08c34d192c6d2a8cb4b3b6bd0ddf3fe4f17e8fb8a1d5ca7a6f51e1ce28607d7321a3a837257b432617a1e6b77c62a4ae3dae6c9b93fef6e0158dffa4d27be2dcc83a264fb8700c254903c81889b208fce6c2f38d32ab2b806c75630723d679b0501ce7c44e9489d159f5fd00078d79324c8a36627966087bc22f839e2479896df7ac80f774c719cff0584e76dc80d8e095cb6c5612ea5afe2d096c97ebdbacc1456cc2f473c4d0b05a8e09b5d94f5ffa996666b0e8da09c9508d5a8384a20cb89a409876e447702d6808cb2289cef32bb5e865a5049ee2007b8ad2baea3af01360f699f9943334c973a5400e6f748d37e6f3bdaa5f0bef6de4bff4bb7d7093a52b75bc144e6c1f90d35eca69092e23d148b2ff3db547b03c85671961cd630661199631783b26391e6f86696f84cb2aaef9ed6f7cbfb3b72a8eed04df53363dbca33a1ff32e6af44c427771835c36a442c1d4cb662a4432afa1cea1220461d5da45430791f5778db5b9567efd8d1142bf5241e2dbd25f9b2c01a481df65d19f0d4dfac41882a1a19e204b18192a982f9c6a290964261632089791bba2470fe9330e004cac5691e4df31e0d3bbbda311e9c7daf587d841c7439f3ff667a57263c5c556192121c21a72a2460779d9311ca6c364435e6f540c7680d3ab6697cc9e419a5528de7ef9f27b3987105dff16f5dd5aeebbf3d4d8431147485cd244c77e7fc4bd5b4e431e12ee91107250137d5e5eb9ccfb2e4813fd95b81585ec2bd7987860108968e735f54b6eb63c6e8a9a1b2d3c4467520f178684749b7486fbb9abbd6737e60c8d3c7d2243ba444553809eb12bf89d8395add9fbbfce5d9d96ac74ad160efde7d344d0f753588bbef14446d758c4fbb967cfe1fd079b14976e0a8474530a8918471585b2dde86bfe420a7fdcabba8668078991c71c1ffffa851d64f7c69068b1e4224b8b0c5faa35644ffcc005f19d7f577222415494e7f78237636206af9f341c621321498c300de51ea4b0400bc892972a3deca235d43bf3629f0443445bc81589140cdedf5a77f770ad241cf6bb4bc8d9e81f84962efc299bd83b4a1dd32fc8b588ad9f510e3611a4c207e63b6e34285ce7637bfba407021035e8af5233ef65c83165ae83480fab1f034e50d5b59df7d94670c6317116997abd8c13c63e0b8533d0fa29b499d40b88e192a124e245186c9a61e24865b1b5e735ba26e80cebffa54ead4a7a2756cbba7dcd50053ca32f8381665e7cca491207a5607d8a4d26efa0de5183610aa96298a98e51c27738cbfe40149fe2c7bf248fc71306bbbdb4d2fbc5d43e9d935c21296026cc81f6930626d1ed49bd71be973a2a32131d8392f6d527dba7d3927508d4e6c5a3e98b7193b79e24c5cb6ba5ef841bf2ab14145b3448c86e37ba4f0ec412ff092d4ca881de5781ab9e8a719187e0a3ab3469a301ddadb929f05851dc9f3b85a0063fa5bb718ff927dd95c8a3b8856a976e0f6c900632df89b973657d381eb6f95cf2a0a333724ec24949e9dfcc49609da389b43487ea447ff7e68f602d8f48086adfca12e3d85528428686eeab7a08b64ffc6335532b4b3b8254a8792f1445ff87220654fffd4b06c2c066533e5422eddde96e13e924dee01c8adb44e33d34d1a4e4dc4c4e663542fcf7f806631e4610c647df0465392083ced4281b4fb330f31ba44f4352ace775a28c3b29f8a5d67635ba79c9e7d71e3545c56c72f2ee1173071ec6fb52d8d23f76cc7b007f9d4939d03cf1c287296a6c1d31b9bdb05f50c7bd317c1bd4d60fe47e27b4d42c390ac599960e8cb429d29e0b48bfd5e174b0a9acd1d8fa840fff1dbee84fd41402ad8c5fa573b21d94a142b41d93bdc25d45aa93269203ca342f71cf8daf58dfd7130a4da8bac62c477f1d9193c1e140796d7d946ec57d1e7009d91626d2a90c05ca92264e0f82c87c75f47940cca8837d81eee1be308b823a9eb727266baa99650cf541cb017c2d3152e98a0ac0016231a273c3938755fd2f95a5218d9174cf90b958a7e2e061801f605f0786dc038f44a0e735a88cf7610fab02cc3485edf2857d67db28803ef8a15a31ffc9e306e47663368b625da95d694d6ca2001e8e8a984e8f0d4445b69c213a55908175dd99291bab0c5765cdc0c73e0a4ed4e0ee4d877257836af64f179aaa3e821173d60d8c6fd757802904a386071c4b7cf757100bb6c3b73064dfdfbbeb96e1516d58a8fad85175db170779abb9770e2fc38331ee5fe0cea771d64c82a2573c1e9c637bded04046e63a991dbdf31d98133549c1f424a1e73760a32ac799fa21680371e481a5c0c1cc097112c194538a41f4752dee04effe5e4e36ce51c4482a8c93a3b9505e59e7f26e34ee7bf39c3373ea9c4ad2df560d87c80f4041af9d8ba0edcf0417a9242861f5c449d547a2e58e65878d880ae0e398edd012bc3b2d6764bdb4f24874f489e18d802c43a81cf2561d115b0764311ff98636ce3c5959e78d54f1bbcf79e373e990841cc174275d9887d8ebdf39d1e2db5bdb06f15b0cde76e030917e7a9e0bc2be48fc0f104ccabd4b7c7bd4029581c15a00ebb1bb4ce1b7fffa35318ecdd28e2bc7b8a1eb52535c51dce5f234a88e779d9e20d417c6a8b7dd83d282a60d223ac346ac5c67107ee0e2b8ac869469e64572eeb2f04bfe5657f926ce72adc173b031f4b319e558e2714c1784821df566458e1705c40448712dffc6d2639898168052087aedd393d5d9e5737adc5a9c0292b89a8c6d89953005553b05b85063b4c304e68f4a1ac5b46e59e9c4cea9cf7227f4be30cfc9b0f3a236f8f50f76ec9f2424701ab1635243d31f471a0f3dc6cf8b5daab18f3d3227c2678f430d8b37c4a74f736663d17ae789021492751811d6544b10a38d207bbe299c072d8cc67f8a6fc2bceaa20427316454e2b61ee655b69c01a6fa46410016bdc42ff2df0a8e07ef7aa77a292e6d5cf0368a8273c08c021834b7e8e2f78bd3c929eb06019d30fff4456e656ede56ab99961b0b54ea29681889eae1569af931f2b6f0450c5debfa0f4a2664ba0c977b5daf0922854664f1e88001a09ea0c6aa4fc9f5025ce393d07d4cf7c2cf4b027834a121a52254574f8866ae9b1d350fa2624d51425b2c91823d2bd6587f8b21a8654f173f2a6a37ab25762fae19443c2db7d03e7b6a9f7b9b7ba9078fd51353f2f82754d6f9ff654aed6ae2d1ef099deee776d897785915b93db04c16b51b60a6025ea262225398bf9ca69fc515f16d2bc548062c3b994083cc2894f5eb3015fa23b1199f287dba08784fe57915df6b8bff29572b3b036037341c3dfa9253336633cf2f3757002a778e1648d3c38315faa1f1f24a0c67346592ac51895d1a45146ba215ca3fe3800c4bdf4c5fb07bbcdd8bca379985f2e5fc166175fa01a355b67d7f22c44791dfbd541025e82006fe4f7b47d43ab14318e31da038a39bf10422fc2cbfe736f5621b7e1b7ddbda95e3ca45c883b45b3f868212df02fb023db3f0952ae9d7d6b502e7051bdec6947dd179918c1d99dcfbddf7ed1a2939937226bd79cf54c0996ff5b11992bedb842d8471f2bef9c86f9205f59ce5e5d0a582df67c45ae1a4f2145ba871c83ca9a05a5b660b4d646ab296085bb47325d9dfdbb5db75bf0cd4d5fb0b78788a6954cfac33c8211cb62906151cde3ce86a96dc78133eab36435658f1c2eb94eeddbd27d47b05cdc3122cb28ed4d1c7018cacb54e6a9efcc68467621e3d98b0b34fdea9d8c87ea062cf9290af6defcf08b9fe53e7bd11227e80467feba9720dcd5bbc3b11ba037a9d6201ded599cf27fb8a5f068d63ee75f5da57fb3d553127d5992bab17d4cd5ce722c18467f56650dc80dcba31318d6060c3d8ae84979f1bfdc06985fb6fa6a7856fe625c2bf12313b8098d32be93f18aabea2d031edc687eecab7ea5a1c66876ed1b1a42d40730e11558e168695c91324642c2cb6d19e5c3b810305b52541b515ad3cd183a698d44810bc24c202b0b5127c9ec4ea413dd1e4214f2e1c096dbbb43a776441967721800a4e7813af2bef85e3b0286b5ffa491fba59a07a570ab573ddbbaf7ebaf0abd10592d8987a8d54702534704b4e617856c692ae226a3fd6f2e2bff0b2a209b155a92b1ebfc2ec2fc9f1e8104ab7e63fb471dfcdcf73ac4a89a9cb59e012ed9e3bc7fe1f7e77fdd299d4c902095d27e570df5dd22c7805d0683fd6cf2fa2f7ed895ef635e03c307f62a152a5047431359d3c4148670ecd57980a59db9470be0091f7c20ceba1ed15da59b788057003226713b0afc17b6476fce56fe5f9250b76c09256b8ee8d0883375608a71648be9e7bfd30140a50eb8196d8bf5ba348e46d6f368330c9a5ca7c9efd73f1d47aabb4b31eb52a064b944cd2bc598aa2d22e47fb1db4b144c9733d1084c3e76a02b019d06b9e6c0c8591eae95e43422e50ece02ee06fdc8fe22b659718cfd00b272cc8e87aa5ed240e75dac8dad7da88a6f2d4ae30a67e53fddffee3c7c8bb0c2b1a942aaa68d74277f3f8d5e2f7fd2d28e4ce9a4b5e47e10e1ed28dd002cd2cdba7dc7be8efc29a7435b0f4b69757e6db1439621d949c4cbb74cc54dfa1f50cc863ab2d57f8cf0e6eeca33f05320212f43349ef9b90290588314bd7de8a3575168e8b5", 0x1000}, {&(0x7f0000002dc0)="3c6ef1c8a87dc389d11c4a80eacb62a4e03afe15a4154d0ad4b2a5cd11fec4d7e8dbbd9efb5f8da70ac7c998b1", 0x2d}, {&(0x7f0000002e00)="15597b14c557f7733f33264e22dc8bc7ea0604d5fdc752346b0e6abe7354be1e11335644f0b758c9b68796a1d12b3081eddbb40d20ec228f127ed00c16f5e7224f1d5a8b64f057b0a23ccad286121f614f1c1973102d3fa5376a3fb74e9a4af77efe4c3985757afc21bb688d705fd5eb277c1a994296b3", 0x77}], 0x5, 0x0, 0x0, 0x800}, 0x4000)
ioctl$FIONREAD(r1, 0x541b, &(0x7f0000001b40))
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
getsockname$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000001b00)=0x1c)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001c00)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7703002c636f6d70726573732c7375dc54724a6ccdefee9e706bb962766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61636b66736465663d2f6465762f70746d78002c6d6561737572652c00"])
poll(&(0x7f0000001bc0)=[{r0, 0x2262}, {r0, 0x2}, {r1, 0x684}, {r0, 0x44}, {r1, 0x400}], 0x5, 0x1ab7)

04:38:46 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x6b6b6b00}}, 0x20)

[ 1770.317405] FAULT_INJECTION: forcing a failure.
[ 1770.317405] name failslab, interval 1, probability 0, space 0, times 0
[ 1770.344689] CPU: 0 PID: 8453 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1770.352002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1770.361357] Call Trace:
[ 1770.363961]  dump_stack+0x244/0x39d
[ 1770.367597]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1770.372803]  should_fail.cold.4+0xa/0x17
[ 1770.376865]  ? __kernel_text_address+0xd/0x40
[ 1770.381358]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1770.386458]  ? __save_stack_trace+0x8d/0xf0
[ 1770.390793]  ? zap_class+0x640/0x640
[ 1770.394506]  ? save_stack+0xa9/0xd0
[ 1770.398163]  ? save_stack+0x43/0xd0
[ 1770.401791]  ? kasan_kmalloc+0xc7/0xe0
[ 1770.405683]  ? find_held_lock+0x36/0x1c0
[ 1770.409748]  ? __lock_is_held+0xb5/0x140
[ 1770.413845]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1770.419292]  ? __lock_is_held+0xb5/0x140
[ 1770.423360]  __should_failslab+0x124/0x180
[ 1770.427623]  should_failslab+0x9/0x14
[ 1770.431424]  kmem_cache_alloc+0x2be/0x730
[ 1770.435579]  ? kasan_kmalloc+0xc7/0xe0
[ 1770.439468]  ? mempool_free+0x370/0x370
[ 1770.443442]  mempool_alloc_slab+0x44/0x60
[ 1770.447689]  mempool_init_node+0x2d2/0x550
[ 1770.451930]  ? mempool_free+0x370/0x370
[ 1770.455901]  ? mempool_alloc_slab+0x60/0x60
[ 1770.460233]  mempool_init+0x3d/0x50
[ 1770.463880]  bioset_init+0x3d4/0x840
[ 1770.467611]  ? bioset_exit+0x370/0x370
[ 1770.471502]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1770.476529]  blk_alloc_queue_node+0x287/0xe80
[ 1770.481028]  ? blk_init_allocated_queue+0x640/0x640
[ 1770.486043]  ? __mutex_init+0x1f7/0x290
[ 1770.490039]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1770.495676]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1770.500430]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1770.505104]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1770.510298]  blk_mq_init_queue+0x4b/0xb0
[ 1770.514359]  loop_add+0x376/0xa40
[ 1770.517810]  ? loop_queue_rq+0x690/0x690
[ 1770.521887]  loop_control_ioctl+0x199/0x530
[ 1770.526213]  ? loop_add+0xa40/0xa40
[ 1770.529835]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1770.535290]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1770.540054]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1770.544637]  ? loop_add+0xa40/0xa40
[ 1770.548264]  do_vfs_ioctl+0x1de/0x1790
[ 1770.552151]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1770.557609]  ? ioctl_preallocate+0x300/0x300
[ 1770.562034]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1770.566794]  ? retint_kernel+0x2d/0x2d
[ 1770.570682]  ? ksys_ioctl+0x62/0xd0
[ 1770.574310]  ? write_comp_data+0x14/0x70
[ 1770.578371]  ksys_ioctl+0xa9/0xd0
[ 1770.581826]  __x64_sys_ioctl+0x73/0xb0
[ 1770.585720]  do_syscall_64+0x1b9/0x820
[ 1770.589602]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1770.594964]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1770.599890]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1770.604738]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1770.609770]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1770.614789]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1770.620324]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1770.625344]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1770.630190]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1770.635373] RIP: 0033:0x457669
[ 1770.638566] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1770.657460] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1770.665180] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1770.672447] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1770.679712] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1770.686978] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1770.694242] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1770.711286] FAT-fs (loop3): invalid media value (0x00)
04:38:47 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c09, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:47 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c48, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1770.747829] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:47 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270", 0x14}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:47 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x8}}, 0x20)

04:38:47 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c2e, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1770.963925] FAT-fs (loop3): invalid media value (0x00)
[ 1770.982365] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:47 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x1000000000000000}}, 0x20)

04:38:47 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c22, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:47 executing program 4 (fault-call:20 fault-nth:13):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:47 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x5421, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:47 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270", 0x14}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1771.093490] FAULT_INJECTION: forcing a failure.
[ 1771.093490] name failslab, interval 1, probability 0, space 0, times 0
[ 1771.125081] CPU: 0 PID: 8495 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1771.132376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1771.141724] Call Trace:
[ 1771.144323]  dump_stack+0x244/0x39d
[ 1771.147959]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1771.153239]  ? __kernel_text_address+0xd/0x40
[ 1771.157739]  ? unwind_get_return_address+0x61/0xa0
[ 1771.162677]  should_fail.cold.4+0xa/0x17
[ 1771.166744]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1771.171859]  ? save_stack+0xa9/0xd0
[ 1771.175494]  ? kasan_kmalloc+0xc7/0xe0
[ 1771.179379]  ? kasan_slab_alloc+0x12/0x20
[ 1771.183532]  ? kmem_cache_alloc+0x12e/0x730
[ 1771.187859]  ? mempool_alloc_slab+0x44/0x60
[ 1771.192191]  ? mempool_init_node+0x2d2/0x550
[ 1771.196596]  ? mempool_init+0x3d/0x50
[ 1771.200392]  ? zap_class+0x640/0x640
[ 1771.204101]  ? loop_add+0x376/0xa40
[ 1771.207728]  ? loop_control_ioctl+0x199/0x530
[ 1771.212216]  ? do_vfs_ioctl+0x1de/0x1790
[ 1771.216269]  ? ksys_ioctl+0xa9/0xd0
[ 1771.219898]  ? __x64_sys_ioctl+0x73/0xb0
[ 1771.223953]  ? do_syscall_64+0x1b9/0x820
[ 1771.228008]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1771.233396]  ? find_held_lock+0x36/0x1c0
[ 1771.237461]  ? __lock_is_held+0xb5/0x140
[ 1771.241527]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1771.246983]  __should_failslab+0x124/0x180
[ 1771.251217]  should_failslab+0x9/0x14
[ 1771.255017]  kmem_cache_alloc+0x2be/0x730
[ 1771.259172]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1771.264702]  ? __phys_addr+0xa6/0x120
[ 1771.268499]  ? mempool_init+0x3d/0x50
[ 1771.272297]  ? mempool_free+0x370/0x370
[ 1771.276267]  mempool_alloc_slab+0x44/0x60
[ 1771.280411]  mempool_init_node+0x2d2/0x550
[ 1771.284648]  ? mempool_free+0x370/0x370
[ 1771.288630]  ? mempool_alloc_slab+0x60/0x60
[ 1771.292949]  mempool_init+0x3d/0x50
[ 1771.296577]  bioset_init+0x3d4/0x840
[ 1771.300289]  ? bioset_exit+0x370/0x370
[ 1771.304178]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1771.309199]  blk_alloc_queue_node+0x287/0xe80
[ 1771.313694]  ? blk_init_allocated_queue+0x640/0x640
[ 1771.318709]  ? __mutex_init+0x1f7/0x290
[ 1771.322697]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1771.328230]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1771.332985]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1771.337656]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1771.342855]  blk_mq_init_queue+0x4b/0xb0
[ 1771.346912]  loop_add+0x376/0xa40
[ 1771.350369]  ? loop_queue_rq+0x690/0x690
[ 1771.354437]  loop_control_ioctl+0x199/0x530
[ 1771.358846]  ? loop_add+0xa40/0xa40
[ 1771.362469]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1771.367918]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1771.372853]  ? loop_add+0xa40/0xa40
[ 1771.376478]  do_vfs_ioctl+0x1de/0x1790
[ 1771.380366]  ? ioctl_preallocate+0x300/0x300
[ 1771.384773]  ? selinux_file_mprotect+0x620/0x620
[ 1771.389528]  ? __sb_end_write+0xd9/0x110
[ 1771.393590]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1771.398343]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1771.403874]  ? security_file_ioctl+0x94/0xc0
[ 1771.408279]  ksys_ioctl+0xa9/0xd0
[ 1771.411750]  __x64_sys_ioctl+0x73/0xb0
[ 1771.415639]  ? do_syscall_64+0xca/0x820
[ 1771.419616]  do_syscall_64+0x1b9/0x820
[ 1771.423500]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1771.428869]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1771.433793]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1771.438633]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1771.443645]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1771.448657]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1771.453763]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1771.458606]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1771.463789] RIP: 0033:0x457669
[ 1771.466975] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1771.485868] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
04:38:48 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000000)={{{@in=@broadcast, @in6=@mcast2}}, {{@in=@broadcast}, 0x0, @in6=@ipv4={[], [], @remote}}}, &(0x7f0000000100)=0xe8)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:48 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x400300}}, 0x20)

[ 1771.493567] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1771.500845] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1771.508112] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1771.515375] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1771.522640] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:48 executing program 0:
r0 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x1)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f00000000c0)={<r1=>0x0, 0x1f}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={r1, 0x8}, 0x8)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x1, 0x400003)
fcntl$getflags(r2, 0x40b)
ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x2000, 0x0)
r3 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r3, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="777365725f737562766f6c5f726d5f616c6c6f58ffffffff2c8a2a1c83f506a5ee2c737562766f65762f70746d78002c72657363616e5f757569645f747265652c73526163652c000000000000000000000000d574f9f0e611e53082a0c6ee462cfbacc3e263e86d5dece2258ae839edeb5b384319644a0d252a43a0e83f4babea38beafeba18fd52961cf19d2d063cd52f12185940d83fd839b43a0790f4e8c"])

04:38:48 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c63, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1771.628865] FAT-fs (loop3): invalid media value (0x00)
04:38:48 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x2000000}}, 0x20)

04:38:48 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c50, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1771.656342] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:48 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl(r0, 0x1, &(0x7f0000000440)="63f87cfdc7fb1aaa463cd2fb93095e364999d1432b5aeb7ce331a073a6dab74409ae8605546003f1093432cf8159175b66ce698c52d0e731c367296d5023ad5e5293c2d20c8b3ee352e28d5209c87616a31d31ab0e32827a1c25779a696b16ec727e0e4c012333c9f450cc39c873d081e03e2211efd7ec2c5c92533ff534dd20db60528a6a00d44f016fce7f9b265c5f481129815bbc3719ad56610c8142729bcbf16325440b7fa57d51b630330081c1aab51cd86c57a099dfa758fe1fb17d33d1bd14c4acc0e4721370cc98c5edccd0d7c41ee8a732dc30c7b7851c6f4badea8565339fbf6516268c2fafdc24d520b542e95c3803e8429d004a2ffdbba4a6b59e930801f861260230f0a68ead16e6a94f16b92015fcc5c591d8649a627982fcffa94f0615a27a340b22ee2b626113e248a2a59d872bd89112f54cb7a2fee476bef93c92f1d80797310f2398d5194a294f9f990b437527d329da4e1771b2b3e0681575fd4aa171fd3612bb71648597c446a605b3d32c6ed8ff9a2ae2f4158e3575ee2340b58a797b0c0517bfa08e3977c35da1578e9b7d36506392a82b7eda2670d2ef17cf36e0a38eb767490faf370805c0a11e70583aed447aab38390b63fc5bea88a945ade7d0483e618dc69b778f7b88746fcbebc28f68ab2f35562ad54f514f5811860fe9a81abfe04d7a45bfa6da6b7618d04206dc15d25bab88e7b8839eaf46481a29732ad7ed368b36ffbe0a00abb932459949664edbdbde4d5c01873824401af02fce95295f2a55bbe80e9080fd2deb4ab61b8982972aa9d70876bd99493c4e28d692d8c991b3a523d227fd829e36352b84a9235199401fe53cd2ad21cb9d61075e1f6d10fbd5e120d0e9fc793958a057361e552ed685614c1ccaa173ccab5913d71e780c316aab3b0c70f404df7b76119dbb3ce2357367e24dec8c0a852faee3cc7ed019ddb69b71a2947e43a17efe4a51b0fcc90651d1b4259caa86130da341a4222e3d11b374ac098c433b7dfb778031d944629b7d57c1a4bb53f0cd12de709f3ac3ff372aca5cb3891e617ad0b4cebd2897ff7bcb618fede08b973e90bb244fe8842ecc028eac09a96239bb88b29fbac252d12fec553cb33290c7147065f2290b5dd61a74a0cb1a2cd94b560de84ccc5f964daf7c99a169d293f5b39ced5060dca7b932734e7ff8bdb9a7f68140376a739223f98f6e4ac987c6918aa02e965286d913f828ed35cbe521c4dbebb35dcd23b1457496385ba3cde8a5c9406e42d26a2a781c01e8c35fff1244186a3285eb68306d59e90caa20822fee40726d4e1934ed4b06cd48812c773b2ca49172230b9fa7aa67f4284d2482fc93b89fc99fbb4ee70f8577b6564ceae2508cc7e0d0b07d21c968f3a8893a3f02325fbeb102f9ace54a7a5a1de5fb1b7eb09125a07aeed68a2791e0564836d9faf051929febaf61b74e66c4da11c6f5e64c395d01135e3d2dfeda043b9a0f06044dc164cd60878a0b9133bcb3f1b443ad183c843b50b5b974080550cacba16a7e28a46893f836757a552efcf6de600fadfe6bcc6c2f573df27914ddfc36377b5c69ee3f9c69aa954a805984c56e08d487724abde5c7e0b8d5b5eed6754937531d4505f5dce22c624d106fca522069334de6d3b48a245e5cedc1a2c6d9f0391c995c8067920917c432c220fe0cded21d05cd25769df1f73c86868b25b28453d99907c90598d04378afa3804915f83621fc36ec59f7ffbe107dbd94e6c3d221ee5daffbe6dab8ee28895333142fb4fa2f43e1aed5d04ebe368f1abde23c6bd2882604df40096df9bfef68de2c51f8ddb41d9c6e4fdcf09cac2abda0377900ae707cfa59dd9fa5368d7a3eb24eb145275242824839e4ff3acceda60e8b7e58ac07337b2b1bf4da8b79b8ab33d0ac7e54bfcbf9f958375020ce74f5218f8ce4bfeca7ec8f26f0bc18dc6cbf7ca38906df9ab417f1a1de562cfd667a6cafc179a0999c9be2afaf0fd23d8fef298fa29076109e7452ee42a842c2b0fc8d096cbbf3fc280082c005ea0105151f35f045d1aef3c38fdec19efd7caae72b518f48d66698ae8f6d530df078d1507eaf795a7e69749e74f37c6265f4f5bd243ab8a4b9c51fc7c5765a9cc96ae8899abf7daa22d1343276192e6bc6201f96e33c40be4f37291e84531b24e983ac8296e8066369e30eb4ca955263140da06a575d0679767ad948d63b37ef983f83bbaf35568ec5ea90c009c13aad4f225756e3325ad8eb842a84a141fa3bdeac1f1667012c7179732bb7c4a1cb95e3b016a04a8b8918e3584fb01c8b9843e7b1d71cdabafca153d9a538e049903a4ff945da46c4b83d990ce4e7767bbf0166e1378f9a3720a076bc4eb1d81f1d0065c847459540f45a44fbf53942dde6e6791dbc18def983e8cdcba1fb94cdeff05d28f47f2afd32267d4d0a5cb1ce7a2a4992c72a41b017fd51abed0af94c521beda94e863f5525c391d187baa46acf5f8fc841062def8cd90dec12059a7a007ffa2658aa2b60986ee43f6a90b3ddac37838b52e1b7e1491f916d3df643faf10d1c250a330dbb9b8ab7437c157ed02e23a78cbc44eaa073feb097761034303337ada9bc415096f929b0b34840bcef9cf29b78acaa8af7620fd21bc80b33771148f9143c3ad44a3d9843019a2f9705aa398ea2a07e7e76dd82f69875eb1f6c6888df93dc95bd1234fc50c4569f92bde83670dc74848d9475fd65eb4e6730af60bf3b33cedd9e25b5784d7defcadcf414f88cde81f27965ed72af04c6ee329b1537074792b2396e8568a7b9728d8ababeab083994b3fccd8738061702214e52add15647f84197f072909eea4889eda9fc61ee2a383db0cef8b53aa270fc0d92ad77a152793e93375b47cc0a1513885a80eb80003c77e01ca66a1dd703fa6f747caab42d727e33462a1f85291ccd649707e286ed7588e2871619f42ce1f008fa3394189c4ae17ea3442cc4cf5e3c878fccfca295325600cd401cfbe4e6be5aea5b6313ba0f8fe6cbb6b147fb394d5f4e9bfacca596d223daaea77b52b665c5ea68bf462f0df7dc84f054fdcfe14c27565b01c8634e8bca14a1f9e7e0855f60cd6a3858c83357b7e76d61828f70f0a82aea3e6c5b4936deca962fec7835b46ba889f8a9a27fcb7e027ed0cbffb4e37acbdefce9de646d6d3510d8414df253d61bf50da54e14da77b50b2044ebff789d0d5413b28ed69378b891e84ced9b21a90aaa622a3570ce7ea4293cb02fdcb3daf47826955e6a5837171f28126d05a9e1774bdd1374806675124224b72733b5c8e99fc63c7b58b32e4b447bcb7334151ab7b2f58bd474b4de074aa8eb7ce7855ad75ac25d5aa278d10b7d5218d7d5f9b6870ec623fa405eb7993c245b6675999c0722deee669cc6712fea481e84f27d47515cb71fd6d8a48dbe6465eaf7673435f30d104c0373f7974f83a0eb73e0157c5a8e09ab84a49e22c43d51ad2f21414ffcc006b10572bd4f19f63f7c4b9ba367b973e452a8961e801c63da3187a8cdb916e1189a4a21fd425b85746940ebd350e354be8fc574217fa132609d98ec8510bf5166e919d2a16fedb2700b93523027fdcd8f47806c75b82e30de663cb77815be033640ac27ea336b17d941771e0e4ef02b7f6e2811a4c6bd7fc7e285fa90649f235317a8287c33fc4a493bb949810875baf50e35bdf0a4a1dbe26613fd21be1619a020c4122483d7bc844b5c79f517074ffb14d69836af2c52495d2eea5d5436738ec65f72207a5e0459fc5f60e40e19b1d60c60e4d00c9b4f70713a5156144f33e3a5955fbb2ba4d85992cce8702f688725ac97e4f29bdc7b47704ab067a44857319fdddba56c62e0393693ed7b2caa60d3c1c095598906cb3d3bb698faf202b43f8ae97ab9f82ec3de2ce7ec6db722d62747a741fd8232af82444a8d122aace41c22de513f35219b194122f84d537bf8aa2e1d718a89dc4e35ff7c84fb5a123b39eb90b74a3f4f5d1d579cf023209fb6add8bf78a5ecb23ce2d9f55b98da2dec145ed3957fd9d796c114d5d8d1ab5aacc9a12c82a0313e1d8f343b32e68f5c896c84e5c836a8358928cf0134a62c687943d5919291c9ad146db3270f53e9902ee55a7f2ed04dcf5565b763d7cbd59f14860347c6e832bd82bb802f1429ceaddfed526514131b50171ae4a5506b0ec645beb8194a3ec2754cc3d579524348892be47f4f0fb6fd182f941f454467eeb30f7b2cdf3c933ea9873b9fab2d8a824f894e395d860689744eeac22d33e04b4fbad416638e08775d94aed6941c2261c532222abb9fd94d06d39bf62460096db9b58fa1c67d7303737248486264474a1382a9b0a0dbc1a37f1bca809b1febb5cef68ee181af3767a32a8fa4ff69a93a01b751f7fabdba017227a623c4c9ab7b2eec7cdad2f515200b383359015ae991fdc096e274cef18de4af2822876b59e35cecd1edf05a8165d813f064877a49642f9eb9f0fd7bc6fce08755e5d1365e43150f9d0d6c23f58dcc9738ebb2f33c6af9f22b2f2cc4f9e47c06be75cab01c9f88a3ee221055b8b4f7337d2ee1c70f8227676583cb3ece157efa97204e6f6a4b988540bb1885bfe350628cc209a3989e6241d6da9fffb6f24202849b00903ba3332696ae1e2d92a2d8e4c0251384472f7e325f69751eb9ac4fb7267abe054b8ae9ebdfb90fad3bb6c94e43e6a68c0452c4ea556d7c6bead6e3aca8dc36de90f2aae7436945fa64c86fbd5680189512ed690d81775c3aa7652b815777906d21cc1029fff938f740edb0f46bf0b0d6f357604a0e5a2b122b36bc257955524ead6489a7eeb354fe57cedb1aaea5a782c66c1e95d761a43b9ad1c2f66a8c55aa9ae91bdc777968a2677939c2604b406a108c302a6e70a3ebfdcc248eab0dc3849f9617c29458b1ccf638010b3bf9a7b03f7829f527d3eb47fded3e1f027f6288f377fb6a3cf6165c077b29ecadbf2fa258fa797ee0bfeae9d28f38b619f09ad57837b2e9451da087327374fe83b3af295ee8832179fbc23149e3b9f3c966757f920e753deb78b4b3e02ff9138ca0cc024dd4b6ce6b2ec9c6ab53e55d6d892a0d7bb8613f1634a910aa935e1f4c540ac061e07cf821a1f04c83d817597f84b4f8e161a73d23e40664b205f9da58eb93b3cfe6fe3254ba98114546c04cea9051ba44ad0defebd4d89f159ea9046ddcba9a98c1e733588f8e16a2d7eaa69a49c592379463ac775811dba23dfb529a6af6ffe49ca06cd3713622a3d9a0dfe52414ece53f78ac044166b80c090557e7ad68ac159c56ada40926a359dae72a2ec36501939c64fae3172d6cacd6002e8489f9aced2316b55a3971dc59e7037ed17ff58ee56e0a178b4ce3df779f2671a1cbe3d640712ade1871e19a6cae7a32744d64cbc8e68b714389507be640173721aa2d8401b975dac1b6b682c85f299133db0f364de65af68983b489a9fbb67220762cc2acddf9371ab5346002ed95e2ba4ce44563940612a73fcf83ee5bbdd77e9308fc28609407a79902c01101bc205416f1de3eb8d1ddec6468d4c70e940432901c560c0897625d6840c276f84b52e1a4ba4b8d43a82a9d9d89f3de11944027b3dfd780a1a2e424d393b841cebf53c92bd817cbf4c59f650c69770f54ce0bd096fb084346898707305391efc82e7ead3afb15119f444561f9087d7235f496d0d5452b6eb2313c5c8752c83e6fcc6bbada34939508ff8e2ec2dcd95692a963c912e9061a169878882e37e0ac9b2dd27e644f836c5733bf37ca3ed7d26ebab62c1cfea444")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f53ca87806eb8bbf5652c736d61636b66736465663d2f65762f70746d78002c6d6561737572652c004bd750637d6831c7643ab5736c8718e2b1cf62ba4ca4fa5fc63f55bb3d66d477ec19956a75422ee7b57f0d6a711867a84f863ef3129a0a9d9e7f7f5c4ce3ef0b1549c021183fb3f4863c0cb62a13280779ea55d41897a6eb641b2b093bc9cb8de90dccf66b14c5dbacc03828dec6c82b3845be3ba8173f5cdea7feca271a59fe1eaebdd0a0b89c21503fb55036755cdfd0683098cd9b"])
socket$inet6(0xa, 0x6, 0x8)

04:38:48 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c32, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:48 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x8}}, 0x20)

04:38:48 executing program 4 (fault-call:20 fault-nth:14):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:48 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270ff", 0x15}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:48 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@fragment_all='fragment=all'}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfshat={'smackfshat', 0x3d, '&6@\xf6\xdecgroupnodevsecurity{vboxnet0ppp0@\'selfposix_acl_access}'}}, {@measure='measure'}]})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc)
r1 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x5, 0x2)
mknodat(r1, &(0x7f0000000180)='./file0\x00', 0x8040, 0x7f)
r2 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x11, 0x2)
write$UHID_SET_REPORT_REPLY(r2, &(0x7f0000000480)={0xe, 0x0, 0x20, 0x6, 0x1000, "ae3f15b362d77f236f3a5ee4eebde99d0342c06ce81e62b5847c2726a5c3c48c8a92aec8a50df5d5dadf69dcf5d48102412584e64215ce1acace0c80d60c1830a1507afd2204650767d2d1dbdfcda75169bfbfbe8c4472e548461c3ad9ecf2d40cbfd844c72743a1e042c91a0afe4e653a2f404c0b796fb3671fbe79ff7f5410d2b7ebc9fce34ae474a8ef0e2817d004d67c649e7931056d9c28daad4d7cb89897f5638d74107833483649f4dd078ef1edaca238882d8948a0832d4757b6c0ad8246c55e1aaa3b47fb1ea0323bf2c4034c3d59ce60af66b1294c7ab37880b8100cddba68e273bf4bafe2abaeda555cc41c1e466fef10e50db5caa8d5fa932854612fe84f85cb91fa4a9a5787f61b7913919aa431de6b1249effd246bb0e428fe62deef81a510fd287eafb46de4e06cdccbe77155c770350f2fd9fd179ac575399e6375c39c934b4476a99e75b06fd9b48b09250ed41ad602dc58e27c303ba93731ff273c7e5ea31b79b6aa124013ad59aabd98f174fd9c17a0452749cd006fdeee182d10919e3c0c6d55060263b1736a90b9c850e9bfe922aed21687c1e3b1b97e699bf6de221dc4370fc457d2b6ce9d3c472682d187c2f72089ebb599de77ab48349e060fc40c79ce39d6116e95091249c8d751753fe819f932744a488a9c246a477298f71a0860ba8732d20bf66029417856cebc62eb1e81e5c1c1f1f4f2a5e9ec76ad94fdfbf6ce750a7ce4d8b3b4ce1b4f33c48d71f45e1602d35fe1d24df71dcb6de20f87f5528a0efcd43ab212a62fb6c4a2713f83884a9affb4603c690afc228db498184a8ef1ace3d4ec99488256dad20ce946df23124be5d62b5a88f4a1bc87e6543e463c3b3cd03a1ad8ac79f16b105be1132797a1dc4fd605a038ec58863efe6ad277f70a221c1e4e02b10372ff6f2660b806da7ad5dc0f7ce114ba0ab6eb554fc750f47fadf65568341b793d27273a5007660b54499d43c48bdb5c148cedaa1528a339e9a4f6b3e844b2da8980a9807e7873988db3d691c3a6dcca3492d435bf245dc2e8419d62188f73a1cfe5ecc9fc87a48894347f4ec48ef71ea506cadf35963355cada9ec87fe5e0528c25ffda1d459b79fbbd6132a48635fb937a6addffd56d13fe483dc624e51f8a51eb2c1d49c1b042cd3d867d8d4bbff06198983761bdee6634f8745410245988516b129e9aa5cd1436c7a677fc41fb786ba6609e9de3907a7b9a4200503feb2298d39af3f89d2d4460a7ecb562183b8b68721020580a92d64c0ec13042e16c1f5dad4dae34790251f421bce19488a11578359b0272a42eb078ef864be8306c1ddf198b062c51a4a8d7fcde32fe9f661aa17aa685de6b811cb5668ab1f11e3699f50601ea472dc9e9613372f723c632ca08991148bc8ae5c99e8f1787042d369592857c941fe1d22fd870028113d20ddc3cc5c30fe7c1bfb44ceb07361d61cb3f4528d851a12cb6bd4180737d402a2e15f09235c3e79714d5500d2cf73cb7d0fdd2e5efaac619cea0884990c763495066fde9e34625a97b38749f497dddb68c38462f54fb22803fd427f5ea6947b60e46fffe000f999073431fb3ab7f2ab10f17c89e6bed109242a67c4efa23d29d3609ee06b5aa7aeef0b7525c7c276875bf6a412d158260dc92dc704bc2216caceb6842eb62e5c77e07f4fdd8f6a97bdd0bf7ef4b41844951c841fb5dc5b2a571240dd96700df44728ddfe5a736f80aab195886b1d58799050323f8053c8f52290b8f1f33046bbdbf24d30b7d52c1f9d5c9a5ca78bf7200c3655f9f7b9f936919e8414c7ddacb5b6fd652ddcfc66bb52e4b4b04640014174dcc14feea2fccc2f8bde0cb33d2ed794566a06237335cc1f204b7959a13b33b5b2fa189279ff09e1881058fa61aaece23dcb7e126aba856d7eb1f4be9b3dfceca31106df3ee0d0cd5d5323e100e899156d60aaec5bd694f28099b6bfed91d54350a6f0180e64f065faca391327c6bc27ea641efba151e09f12787f51a23fe6b2a30bdf4d9da097228652002d964773f4f43c7d5e5a0d346c6353cd4548afd8b95933ebba350f2eb7755769e4fe9df68d9cc43db3d5e16f19193bde0745af87c71b7ee86d15d9911453682cb96d12e922bdc4f32b9357f70be48693d6de139e5c01019f5c85fe7499bea42db657b31172f73de4e25c788c4d536c85bd784061cff18ad4fbb01c50b1c48ecc5aaeade80996a827a889b20eaf891b3e6cd1e1a1a422ec7d4d42e5722f4bd0d51a7e2cf3e2124ce31a1afa31ed5ae148b0c3a3990a153b528e4a7be7b64b327e40ff99ba18d7e7efb742a0b6fd7151b5a1662b0b64813178a2243fe937d3dfa2da1c2c0b5690b5b7c2e782206d65d7e8880dc4285911e2f8a7f82796759572471d86148a8e763a45d3d57b7c0ff60ac4f57d486f77f236abcbf4fe88a550c343ad463248dfed8b2f267237ba3fa8e1d15093dfa71ab804992d56130b3289b82c3961fd4e76c280a4b03f9c60fd0b078b0e019320a25084d9bf5dba22c5b278b549f53a8b7ecb40df2eb71dbc45492da8e1deac483df706f3c14d86df9e8e310305bb7c879aadffd5586b40b702574ce9e9a3284e383bd6287b717ed4af588b1e6eb38dcd93f163a452695282cec9988851119e393a481c44ad03518bc0616fb9265d796a967f33084ee4f5dedc6afb88ce52411e86da17c682b40ec042cb7e14e2c04dcf51de8754ebe7f04f19835d3944054fe1be40a95821b1e163a88dced25a32fab666148ff553528d9505378a30e25b72f12daf7d0984b4b638d96319fbd5ee166ddcd89d2307a289e1093f0783213f2b85a986eda32d8b72ada509e1f509174007818ec6f03a7f46b21dbaf909ce6958aff172a1de4250c6bef75f0b351145759814decdd333cc921686197fcdfdf9cde3e4a2b70b142dd5c5219cb302a78fc539e4f224cac9a2ac9ff8ca5c4858a543339319866cfb31fc551a7a83f6570c8c5afc0d3ef1cbc3787ac935ec51ec8241d9ce9580b02a50ddfc3172f74ed004330120682d0ea1258f9edf3cf72d2166cf496c21542ec85b35b7936b3746277c3a4aa52ef1c04044b2be595e09dae6d471f1f24e4bc4a7c15a2f9afa5867a7710931f40b33b3631bf3cebe99c67f960ddbf4cb91671e4fdf4a33d047b5db308c059bd9158f345c357ba3aa2b18bb61f0f97aef0e514f57378bc1c4e8d1e19f5d4a72165f3ea09abfabd0138cf26a02dd4f992964776ef86205cc479002168fd2e3d7263bc875b3bddcd6b4f21400b269b4fd8a5b8a89c822453767496d2d043032add17fd1dd8d4bd8157e037e03a67726efe1e98b4210ecadef19a0f685aa45f3ba0623be369c87a2f95021f58207fa2d3eab80d6fe4f75e63e3d41eb3647171dc0a51f64af67481d13456f1bd91d8c4c6108375bee4c27f51e1d003ffcd8adee69e76bf6ac8a0912480ee04510f95fba72867b576d41cf295216d46c689e649205e355e2ae3e0a5428e93372b98945ba337a104fd0c6b4a7c4302e42ecdd1f787273fea9a5f335ae16aecbc0742d719a9c65e0dc11e86b05be7f284ffb8bafb04b5966633d274786a555121225f6ef3ef8c2cfa760627c13545dd26f5cacfd83a5bda969cac185f70af3d1d0e46202d4118693355d3a69e6a639defde9fec8c781c6278e923c52135e666edc9e6c3fb5dc24bf130f58ffe98d1f5008772af68ea86ea8e9c5c1679ecb9a12bac4ff02f5e53cb7f1f09763469a486b6716c77d82321d79540abad19c7c57bd0fd920150af2735c2a78dd4d1d3ebff871b368e2b621632cf22590f8b7fde8795898a22bd181737dc8e1ee865e3cb282d6ac1d85aab67fb57d2330ba49f298033658ead03e609b64061d0f1bf6859be08242bdbc56eaaba71ee0f6464376f1275b7443ac58d493c81d620138fd4171e611e7e067cc3fcb67b12c66ab196f0c790326cffda1a299953b1b0e7167119fbd89c9a6f021330406731a8c664ad1ee1441f55a78f24f4714b7a99a1bc9d752a9bd0160779ead2705c79192a61d90d1429a5feae843a6901766d5c9c823d83748406beba6b1dc3b636fadbf04cffd1a11ca0b546a9fa81cd617e227c723e66bac393aa7d2ea1c11052da5ae6449fb9c5c7c19708c6b1c9d98032c3cf018f3c5b4da140962b2ec624539a7c4a5628b423e0c183a8fc2981afe6f13124ee7d1aedf0ef2de95e5e7a531b46579917fbe5eb804eea63ab4563746b3bca916f8773473398d7008a0e37000137d551c3f3be4a7c9afdefa1d5f1207855b18fb64608731243412221630308a74a77b1370fc21c6f71b47aada42bb12d4f2eb800d204378e1918b620384f88c43691552aa50550267030f51339b4343e749cf242a8b0031012f04c2eb663de0cabaef482278a3132dea82fb04049e0327bffc98548cb9114e160f9b339d1cf3549e2d506d88fa596e375b1aaf749be2c3d229c2692ddf796e6708d8104d517690e9682ed227c83c80ab4d7bf460af5662681f951a73da8a466ad2380e31341c2a3f8e504e8f6292533643cf4ee7ab85449297be3281eb4ab5270ec9382140f4c4208ab10a81f459a3fdf5c48b229f97324bd8c02bb829c5cedc5c287cc1cf8b516e9e35834024444c69927afb143faa88e0ba625aef34566b2282852b807c143d2653d0e95ce9dfc9c65ff3b389ae097c532dc940338f08731490e2514a08284605ad2582952379c1dc71c9c2aef90e9952750bd83630d75514bf563bdf325234dd80129b1ba25ba544cb6da77f2e5b52cbf3dc89a45eb50b1e424f3acf6c4f2f8e5b15f76105bc481e13a14dcd32581e530f9471fd46841305377c5da38b1efd403874a44742117eb8dffb17575219203af521f624c1753df112ec191b7676f7f50e2d25fbc664ea215315ee9e58aaf1f3f7b23885c7a30e3eecf5ab7a4b0b22f3a767bb4c93a5560991ae71550758d6fbf7ae97762e2d944bc0dfd0ac27cd4cd0b012bbc81495df3f58c7450a69c2a79e5eb72949050e5855dc55575d5979525d962cfdad1d306ea5b2552d367eeb374f653ba2882be8d2985c35db58cb526ee5e49d87aefb93e7195f55388890bbe4ef2ca59cc7086cf731d512ad42af0c8bfe6ea447ccee0a77241edcb55de6c7bd4dd8f473225cd68fc776d19de809a2f2cdef64d8bb7b55c042b91c81e5e231320b1e58364ad9e75dc3702736464975b123b5b9f4c70fad9722666b1790f76258bc7452ffa4884330838bcb6155482cd41f73179a9947ef5fb0fc26e0a71e9e26e48d62b9df1d148ae9bc86a30b91ad392f54653b22df35ea59598c7a375d1edd5cc600958ab5f21c6ed1a1ebc2db98424f1ad9c65fa2aec8d1b7c5408ff28a355c65ca9696425b00a1776708892683f235eead369beb5844ac251b3cf2d2ae1bfa0bc8aee8f7d2577d6efa767e3b431bb1f07fbd96e1dfd6d86cd7687aeffdae47a61055a164ca604341dc270803f21a8314afe5c10b54d699bcc026eced37fd3660b9937c13492cf9b93a6d217213ee011ec2415d02169cefbb2a6b4be175f620972fa857b3ee6a61350a569a0e3846ef30a0ed69b4abb3cf9d42c62f44e2c8363f8de0359e54c25688924a49e32c4fe8cf1f7ea2002d980be1234a9fb09ae8c7ec0ccbf95e42fd920026f65cf63e2c81fa84c3bf9b55229e8b0a43d553a00048b3c66271b6f24b11d5a73ff5564a6f15d17a47e7ac24aafc69f9094debfbd33761110e97d4e0afdbbdd0d0b706fa7f33798bb65cfb2c7c53c7660551241887f9e82722fe3ee99"}, 0x100c)
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='overlay\x00', 0x86000, &(0x7f0000000440))

04:38:48 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x200000000000000}}, 0x20)

04:38:48 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c2a, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:48 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c1d, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1771.972466] FAULT_INJECTION: forcing a failure.
[ 1771.972466] name failslab, interval 1, probability 0, space 0, times 0
[ 1771.994022] CPU: 0 PID: 8551 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1772.001318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1772.010669] Call Trace:
[ 1772.013261]  dump_stack+0x244/0x39d
[ 1772.016894]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1772.022091]  ? should_fail+0x9b6/0xd01
[ 1772.025985]  should_fail.cold.4+0xa/0x17
[ 1772.030060]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1772.035175]  ? save_stack+0x43/0xd0
[ 1772.038803]  ? kasan_kmalloc+0xc7/0xe0
[ 1772.042698]  ? kasan_slab_alloc+0x12/0x20
[ 1772.046849]  ? zap_class+0x640/0x640
[ 1772.050560]  ? mempool_init+0x3d/0x50
[ 1772.054358]  ? bioset_init+0x3d4/0x840
[ 1772.058243]  ? blk_alloc_queue_node+0x287/0xe80
[ 1772.062907]  ? blk_mq_init_queue+0x4b/0xb0
[ 1772.067139]  ? loop_add+0x376/0xa40
[ 1772.070764]  ? loop_control_ioctl+0x199/0x530
[ 1772.075269]  ? do_vfs_ioctl+0x1de/0x1790
[ 1772.079341]  ? find_held_lock+0x36/0x1c0
[ 1772.083408]  ? __lock_is_held+0xb5/0x140
[ 1772.087477]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1772.092934]  __should_failslab+0x124/0x180
[ 1772.097168]  should_failslab+0x9/0x14
[ 1772.100971]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1772.106073]  ? lockdep_init_map+0x9/0x10
[ 1772.110134]  ? __init_waitqueue_head+0x9e/0x150
[ 1772.114808]  ? init_wait_entry+0x1c0/0x1c0
[ 1772.119050]  __kmalloc_node+0x3c/0x70
[ 1772.122850]  ? mempool_alloc_slab+0x60/0x60
[ 1772.127170]  mempool_init_node+0x131/0x550
[ 1772.131405]  ? mempool_free+0x370/0x370
[ 1772.135375]  ? mempool_alloc_slab+0x60/0x60
[ 1772.139694]  mempool_init+0x3d/0x50
[ 1772.143322]  bioset_init+0x646/0x840
[ 1772.147042]  ? bioset_exit+0x370/0x370
[ 1772.150942]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1772.155976]  blk_alloc_queue_node+0x287/0xe80
[ 1772.160476]  ? blk_init_allocated_queue+0x640/0x640
[ 1772.165486]  ? __mutex_init+0x1f7/0x290
[ 1772.169474]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1772.175006]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1772.179774]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1772.184445]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1772.189644]  blk_mq_init_queue+0x4b/0xb0
[ 1772.193703]  loop_add+0x376/0xa40
[ 1772.197154]  ? loop_queue_rq+0x690/0x690
[ 1772.201223]  loop_control_ioctl+0x199/0x530
[ 1772.205537]  ? loop_add+0xa40/0xa40
[ 1772.209159]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1772.214612]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1772.219540]  ? loop_add+0xa40/0xa40
[ 1772.223162]  do_vfs_ioctl+0x1de/0x1790
[ 1772.227056]  ? ioctl_preallocate+0x300/0x300
[ 1772.231461]  ? selinux_file_mprotect+0x620/0x620
[ 1772.236303]  ? __sb_end_write+0xd9/0x110
[ 1772.240363]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1772.245897]  ? fput+0x130/0x1a0
[ 1772.249176]  ? do_syscall_64+0x9a/0x820
[ 1772.253158]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1772.258693]  ? security_file_ioctl+0x94/0xc0
[ 1772.263098]  ksys_ioctl+0xa9/0xd0
[ 1772.266549]  __x64_sys_ioctl+0x73/0xb0
[ 1772.270439]  do_syscall_64+0x1b9/0x820
[ 1772.274325]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1772.279687]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1772.284613]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1772.289454]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1772.294469]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1772.299482]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1772.305016]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1772.310046]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1772.314894]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1772.320075] RIP: 0033:0x457669
[ 1772.323273] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1772.342166] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1772.349869] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1772.357133] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1772.364416] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1772.371854] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1772.379121] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:49 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x8, 0x101182)
chmod(&(0x7f0000000080)='./file0\x00', 0x58)
ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000040))
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast1}}, &(0x7f0000000200)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x200000, &(0x7f0000000640)=ANY=[@ANYBLOB="763a617d733d66642c7266526e6f3da7d893418e0f82ac549192762ad290741f07df367f57120122e11517f1660d9e45bb06f6243240fdfce2c16f02e7229943c98120b13cff0f000074e83040f5dd9c554ab2eaf43e2157fa02938cafcba38d3fff7e51c3c25a99fcaa1052c1b10d51779dbc7aa84495ab8b5e58be09580234b0343e2ee27d5e2e760000000000000001afeec5377f7531af5188974b6a1b1f797bc4d61b0298159d2f628941491432e5fb5400000000000000ddffffff0000000000000000000000", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',privport,dfltuid=', @ANYRESHEX=r2, @ANYBLOB=',access=any,debug=0x0000000000000009,access=user,version=9p2000,cache=fscache,fscontext=sysadm_u,fsmagic=0x0000000100000000,obj_user=/dev/snd/pcmC#D#c\x00,smackfstransmute=btrfs\x00,permit_directio,seclabel,appraise_type=imasig,\x00'])
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000100))
ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x10000, 0xfffffffffffff801, 0x2, 0x7, 0x7f, 0x7, 0x81, 0x10001, 0x9, 0x7ff, 0x100000000, 0x7ff})
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_subvZl_rm_alompress,subvol=/dev/ptmx\x00,resccn_uuid_tree,smackfsdef=/de\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'])

04:38:49 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x40030000000000}}, 0x20)

04:38:49 executing program 4 (fault-call:20 fault-nth:15):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:49 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c02, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1772.422889] FAT-fs (loop3): invalid media value (0x00)
[ 1772.429439] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:49 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c30, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:49 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270ff", 0x15}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:49 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="757365725f737562766f6c5f726d5f616c6c6f7765642c636f6d70726573732c737562766f6c3d2f6465762f70746d78002c72657363616e5f757569645f747265652c736d61476b66736465663d2f6465762f70746d780000000000737572652c00569541e599ff28af283d39e1787681508d07c6e304279d9a06a0c757dd7055034be76999da222bc6aa0573e9ff0064c6e189c7c7c1ba852fe5a259be528a11e95469c6f594d2623921ed68908172d73464823fc721e2838ac4743cd713026d39b006af11c66515a258a9eb11e414fd2c7eb340838dbcdb0752824b2ebbef2c1b6187546ada2552bb4bc1b5234471f2b6533cfd189a676ac8a1a40f779ef4136da5283cbaaba2ab4a8b43023b44f1920d7f5c015690d43e969f4f0dc09daa8065ed1e4f5a04f224f9fce152245e11ab66bb43c3"])

04:38:49 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0xffffffff00000000}}, 0x20)

[ 1772.547263] FAULT_INJECTION: forcing a failure.
[ 1772.547263] name failslab, interval 1, probability 0, space 0, times 0
[ 1772.588155] CPU: 0 PID: 8572 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1772.595543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1772.604900] Call Trace:
[ 1772.607490]  dump_stack+0x244/0x39d
[ 1772.611122]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1772.616327]  should_fail.cold.4+0xa/0x17
[ 1772.620386]  ? __kernel_text_address+0xd/0x40
[ 1772.624882]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1772.629988]  ? __save_stack_trace+0x8d/0xf0
[ 1772.634325]  ? zap_class+0x640/0x640
[ 1772.638035]  ? save_stack+0xa9/0xd0
[ 1772.641659]  ? save_stack+0x43/0xd0
[ 1772.645294]  ? kasan_kmalloc+0xc7/0xe0
[ 1772.649182]  ? find_held_lock+0x36/0x1c0
[ 1772.653241]  ? __lock_is_held+0xb5/0x140
[ 1772.657310]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1772.662760]  ? __lock_is_held+0xb5/0x140
[ 1772.666826]  __should_failslab+0x124/0x180
[ 1772.671057]  should_failslab+0x9/0x14
[ 1772.674854]  kmem_cache_alloc+0x2be/0x730
[ 1772.679001]  ? kasan_kmalloc+0xc7/0xe0
[ 1772.682887]  ? mempool_free+0x370/0x370
[ 1772.686860]  mempool_alloc_slab+0x44/0x60
[ 1772.691009]  mempool_init_node+0x2d2/0x550
[ 1772.695246]  ? mempool_free+0x370/0x370
[ 1772.699218]  ? mempool_alloc_slab+0x60/0x60
[ 1772.703534]  mempool_init+0x3d/0x50
[ 1772.707159]  bioset_init+0x646/0x840
[ 1772.710872]  ? bioset_exit+0x370/0x370
[ 1772.714760]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1772.719778]  blk_alloc_queue_node+0x287/0xe80
[ 1772.724273]  ? blk_init_allocated_queue+0x640/0x640
[ 1772.729289]  ? __mutex_init+0x1f7/0x290
[ 1772.733283]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1772.738830]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1772.743587]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1772.748266]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1772.753462]  blk_mq_init_queue+0x4b/0xb0
[ 1772.757528]  loop_add+0x376/0xa40
[ 1772.760982]  ? loop_queue_rq+0x690/0x690
[ 1772.765140]  loop_control_ioctl+0x199/0x530
[ 1772.769462]  ? loop_add+0xa40/0xa40
[ 1772.773090]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1772.778531]  ? retint_kernel+0x2d/0x2d
[ 1772.782421]  ? loop_add+0xa40/0xa40
[ 1772.786044]  do_vfs_ioctl+0x1de/0x1790
[ 1772.789932]  ? ioctl_preallocate+0x300/0x300
[ 1772.794340]  ? selinux_file_mprotect+0x620/0x620
[ 1772.799096]  ? __sb_end_write+0xd9/0x110
[ 1772.803158]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1772.808689]  ? fput+0x130/0x1a0
[ 1772.811974]  ? do_syscall_64+0x9a/0x820
[ 1772.815953]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1772.821577]  ? security_file_ioctl+0x94/0xc0
[ 1772.825989]  ksys_ioctl+0xa9/0xd0
[ 1772.829443]  __x64_sys_ioctl+0x73/0xb0
[ 1772.833326]  do_syscall_64+0x1b9/0x820
[ 1772.837206]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1772.842570]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1772.847493]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1772.852336]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1772.857348]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1772.862362]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1772.867914]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1772.872932]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1772.877774]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1772.882955] RIP: 0033:0x457669
[ 1772.886146] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1772.905040] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1772.912742] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1772.920008] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1772.927272] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1772.934535] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1772.941797] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:49 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
truncate(&(0x7f0000000000)='./file0\x00', 0xfff)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f00000000c0)=ANY=[@ANYBLOB='nossd,fragment=metadata,com\x00\x00ess-force=zlib,barrier,user_subvol_rm_allowed,smackfsdef=/dev/ptmx\x00,measure,\x00'])
chroot(&(0x7f0000000080)='./file0\x00')

04:38:49 executing program 4 (fault-call:20 fault-nth:16):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:49 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c37, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1773.026543] FAT-fs (loop3): invalid media value (0x00)
04:38:49 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c15, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:49 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0xe0000000}}, 0x20)

[ 1773.050983] FAT-fs (loop3): Can't find a valid FAT filesystem
04:38:49 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
rt_sigaction(0x1a, &(0x7f0000000080)={&(0x7f0000000000)="c462e99bd3f3466fc481f77d2cb2440f1b927d000000c442b992bcec65000000ca0600c4226d47e966470f3adfaea9e169e62564f20f2c10d8c9", {0x3}, 0x0, &(0x7f0000000040)="36660f3834972d79c960c4a1fee6f5407a718fe92895d6c4226d3e072edd5c8d00c4a2010d8618000000f20f2afe2e400f1d12c46121c6c0c2"}, &(0x7f0000000180)={&(0x7f00000000c0)="c4e1d971e00e66470f5d7ee7c4c14bc23e00c4e3595e4209d767ad45837e99dc42d901c461e3d0f8f3aa4435fc000000", {}, 0x0, &(0x7f0000000100)="2e0f0d5e00660f60afa8000000c481077c65eaff82a71a00000f129306000080f30f53320fefbde004000047defbf30f12bb0600000065450f619ae05a0000"}, 0x8, &(0x7f00000001c0))

[ 1773.109932] FAULT_INJECTION: forcing a failure.
[ 1773.109932] name failslab, interval 1, probability 0, space 0, times 0
[ 1773.156213] CPU: 0 PID: 8595 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1773.163509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1773.172857] Call Trace:
[ 1773.175452]  dump_stack+0x244/0x39d
[ 1773.179091]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1773.184295]  should_fail.cold.4+0xa/0x17
[ 1773.188360]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1773.193466]  ? save_stack+0xa9/0xd0
[ 1773.197091]  ? kasan_kmalloc+0xc7/0xe0
[ 1773.200981]  ? kasan_slab_alloc+0x12/0x20
[ 1773.205120]  ? kmem_cache_alloc+0x12e/0x730
[ 1773.209434]  ? mempool_alloc_slab+0x44/0x60
[ 1773.213769]  ? mempool_init_node+0x2d2/0x550
[ 1773.218172]  ? mempool_init+0x3d/0x50
[ 1773.221975]  ? zap_class+0x640/0x640
[ 1773.225690]  ? loop_add+0x376/0xa40
[ 1773.229328]  ? loop_control_ioctl+0x199/0x530
[ 1773.233819]  ? do_vfs_ioctl+0x1de/0x1790
[ 1773.237882]  ? ksys_ioctl+0xa9/0xd0
[ 1773.241502]  ? __x64_sys_ioctl+0x73/0xb0
[ 1773.245558]  ? do_syscall_64+0x1b9/0x820
[ 1773.249615]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1773.254981]  ? find_held_lock+0x36/0x1c0
[ 1773.259056]  ? __lock_is_held+0xb5/0x140
[ 1773.263127]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1773.268592]  __should_failslab+0x124/0x180
[ 1773.272830]  should_failslab+0x9/0x14
[ 1773.276629]  kmem_cache_alloc+0x2be/0x730
[ 1773.280774]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1773.286309]  ? __phys_addr+0xa6/0x120
[ 1773.290123]  ? mempool_init+0x3d/0x50
[ 1773.293922]  ? mempool_free+0x370/0x370
[ 1773.297911]  mempool_alloc_slab+0x44/0x60
[ 1773.302069]  mempool_init_node+0x2d2/0x550
[ 1773.306307]  ? mempool_free+0x370/0x370
[ 1773.310276]  ? mempool_alloc_slab+0x60/0x60
[ 1773.314594]  mempool_init+0x3d/0x50
[ 1773.318224]  bioset_init+0x646/0x840
[ 1773.321945]  ? bioset_exit+0x370/0x370
[ 1773.325834]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1773.330852]  blk_alloc_queue_node+0x287/0xe80
[ 1773.335353]  ? blk_init_allocated_queue+0x640/0x640
[ 1773.340365]  ? __mutex_init+0x1f7/0x290
[ 1773.344355]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1773.349897]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1773.354652]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1773.359330]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1773.364519]  blk_mq_init_queue+0x4b/0xb0
[ 1773.368675]  loop_add+0x376/0xa40
[ 1773.372126]  ? loop_queue_rq+0x690/0x690
[ 1773.376199]  loop_control_ioctl+0x199/0x530
[ 1773.380517]  ? loop_add+0xa40/0xa40
[ 1773.384138]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1773.389589]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1773.394516]  ? loop_add+0xa40/0xa40
[ 1773.398140]  do_vfs_ioctl+0x1de/0x1790
[ 1773.402029]  ? ioctl_preallocate+0x300/0x300
[ 1773.406437]  ? selinux_file_mprotect+0x620/0x620
[ 1773.411202]  ? __sb_end_write+0xd9/0x110
[ 1773.415266]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1773.420802]  ? fput+0x130/0x1a0
[ 1773.424078]  ? do_syscall_64+0x9a/0x820
[ 1773.428051]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1773.433583]  ? security_file_ioctl+0x94/0xc0
[ 1773.437989]  ksys_ioctl+0xa9/0xd0
[ 1773.441443]  __x64_sys_ioctl+0x73/0xb0
[ 1773.445327]  do_syscall_64+0x1b9/0x820
[ 1773.449209]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1773.454573]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1773.459511]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1773.464351]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1773.469364]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1773.474380]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1773.479397]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1773.484244]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1773.489425] RIP: 0033:0x457669
04:38:50 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x8000000}}, 0x20)

[ 1773.492616] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1773.511511] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1773.519212] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1773.526474] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1773.533735] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1773.541002] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1773.548263] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:50 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270ff", 0x15}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:50 executing program 0:
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000040)={<r0=>0x0}, &(0x7f0000000080)=0x7)
ptrace$setregs(0xffffffffffffffff, r0, 0x6, &(0x7f0000000180)="160f936d2b61c98c9fa8f65139ecf7e0b563db8700ad4b00ec9b675fb5d8b3d195d5393dfde06920945daf02f891e6dd7996d1d5a88a8bcd4bb47f0a7561e38ce1a280f04fb2158ac46024955056502ad1b550a05c53b84fa553b4793b1fc22ede207d3707b28f1a164631318ae67130ee74186e1c2946f28de53040a34a41c6a40efab4cc48d5ed3913d6337548b28d4e73f64e594ed4082de3693f52bfdbc6703fc4f049e447d4cbdf959a944fd6f79682d47a8c11c8c4315ae4584e54bb4a277502408982ee17b9de83de947b823a6be746abc0fbd7c0e6bbfa7f5ec141fb8043c1e7048a8c116dd091a9b3816059fe77e8c042c76a")
r1 = socket$inet6(0xa, 0x803, 0x400000007f)
pipe(&(0x7f0000000000))
ioctl(r1, 0x200, &(0x7f0000000140)="0a5c2d023c1262c5718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:50 executing program 4 (fault-call:20 fault-nth:17):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:50 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c19, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:50 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c62, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:50 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x2}}, 0x20)

04:38:50 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c4d, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:50 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
r1 = open(&(0x7f00000001c0)='./file0\x00', 0x2, 0x1)
name_to_handle_at(r1, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="2900000004000000484dae045c5b3ff2253c8a50e077aaaaa9c3e4e469758680d10b4b367dcb7465c50f154d335a87834f4e4a696d58424b04480c3d3bc4701d8c2f10a29b02e0dfda5eaff64b15900c65a06cfcb24f02d387ee42a4668e692ee321d032f993937bd1e3340effb2b3e05c3ea5937e59709c30307d15ce967c68f4f758f59123b4be27152ed4adabd984561e3e9cd07f73cebe6c9389e722d9ebee35e86198f9849dda2f0bcc2a0ee79610804147d37d33b9811a4a596a156440b0c8877ee637cc47958dd451f0b6fec0b025ae28a55f255ffe6f49dbd9ff98bd2b8d27f6cf2cabd7929773ae9fdd785f843c5c7b05a5b4df95c67c"], &(0x7f00000000c0), 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_STATS(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r2, 0x100, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008044}, 0x800)
memfd_create(&(0x7f0000000100)='smackfsdef', 0x7)

[ 1773.698978] FAT-fs (loop3): invalid media value (0x00)
[ 1773.711006] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1773.732264] FAULT_INJECTION: forcing a failure.
[ 1773.732264] name failslab, interval 1, probability 0, space 0, times 0
04:38:50 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x10}}, 0x20)

[ 1773.776734] CPU: 0 PID: 8626 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1773.784020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1773.793369] Call Trace:
[ 1773.795961]  dump_stack+0x244/0x39d
[ 1773.799602]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1773.804801]  ? do_vfs_ioctl+0x1de/0x1790
[ 1773.809083]  ? ksys_ioctl+0xa9/0xd0
[ 1773.812721]  ? __x64_sys_ioctl+0x73/0xb0
[ 1773.816777]  ? do_syscall_64+0x1b9/0x820
[ 1773.820860]  should_fail.cold.4+0xa/0x17
[ 1773.824927]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1773.830042]  ? zap_class+0x640/0x640
[ 1773.833759]  ? check_preemption_disabled+0x48/0x280
[ 1773.838794]  ? zap_class+0x640/0x640
[ 1773.842511]  ? __lock_is_held+0xb5/0x140
[ 1773.846585]  ? find_held_lock+0x36/0x1c0
[ 1773.850655]  ? __lock_is_held+0xb5/0x140
[ 1773.854739]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1773.860195]  __should_failslab+0x124/0x180
[ 1773.864427]  should_failslab+0x9/0x14
[ 1773.868230]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1773.873336]  ? bioset_exit+0x370/0x370
[ 1773.877226]  bdi_alloc_node+0x89/0xe0
[ 1773.881028]  blk_alloc_queue_node+0x2b7/0xe80
[ 1773.885526]  ? blk_init_allocated_queue+0x640/0x640
[ 1773.890547]  ? __mutex_init+0x1f7/0x290
[ 1773.894545]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1773.900077]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1773.904827]  ? blk_mq_alloc_tag_set+0x5ae/0xad0
[ 1773.909500]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1773.914170]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1773.919360]  blk_mq_init_queue+0x4b/0xb0
[ 1773.923417]  loop_add+0x376/0xa40
[ 1773.926868]  ? loop_queue_rq+0x690/0x690
[ 1773.930939]  loop_control_ioctl+0x199/0x530
[ 1773.935255]  ? loop_add+0xa40/0xa40
[ 1773.938878]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1773.944333]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1773.949261]  ? loop_add+0xa40/0xa40
[ 1773.952883]  do_vfs_ioctl+0x1de/0x1790
[ 1773.956775]  ? ioctl_preallocate+0x300/0x300
[ 1773.961182]  ? selinux_file_mprotect+0x620/0x620
[ 1773.965938]  ? __sb_end_write+0xd9/0x110
[ 1773.970003]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1773.975534]  ? fput+0x130/0x1a0
[ 1773.978828]  ? do_syscall_64+0x9a/0x820
[ 1773.982805]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1773.988355]  ? security_file_ioctl+0x94/0xc0
[ 1773.992763]  ksys_ioctl+0xa9/0xd0
[ 1773.996217]  __x64_sys_ioctl+0x73/0xb0
[ 1774.000101]  do_syscall_64+0x1b9/0x820
[ 1774.003986]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1774.009350]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1774.014272]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1774.019113]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1774.024131]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1774.029148]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1774.034681]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1774.039700]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1774.044545]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1774.049731] RIP: 0033:0x457669
[ 1774.052919] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
04:38:50 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@acl='acl'}], [{@appraise='appraise'}, {@measure='measure'}]})

[ 1774.071815] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1774.079517] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1774.086781] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1774.094042] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1774.101303] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1774.108567] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:50 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c55, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:50 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:50 executing program 4 (fault-call:20 fault-nth:18):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:50 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x800000000000000}}, 0x20)

04:38:50 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c16, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:50 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)=ANY=[@ANYBLOB='user_subvol_rm_allowed,compress,subvol=/dev/ptmx\x00,rescan_uuid_tree,smac+fsdef=/dev/ptmx\x00,measure,\x00'])

04:38:50 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:50 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c59, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1774.320051] FAULT_INJECTION: forcing a failure.
[ 1774.320051] name failslab, interval 1, probability 0, space 0, times 0
[ 1774.356525] CPU: 0 PID: 8660 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1774.363815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1774.373162] Call Trace:
[ 1774.375753]  dump_stack+0x244/0x39d
[ 1774.379387]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1774.384595]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1774.389358]  should_fail.cold.4+0xa/0x17
[ 1774.393426]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1774.398534]  ? _raw_spin_unlock_irqrestore+0xaf/0xd0
[ 1774.403637]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1774.408733]  ? zap_class+0x640/0x640
[ 1774.412446]  ? __debug_object_init+0x57d/0x1290
[ 1774.417108]  ? trace_hardirqs_on+0xbd/0x310
[ 1774.421423]  ? kasan_check_read+0x11/0x20
[ 1774.425569]  ? zap_class+0x640/0x640
[ 1774.429291]  ? find_held_lock+0x36/0x1c0
[ 1774.433355]  ? __lock_is_held+0xb5/0x140
[ 1774.437423]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1774.442878]  ? _raw_spin_unlock_irqrestore+0x82/0xd0
[ 1774.447979]  __should_failslab+0x124/0x180
[ 1774.452216]  should_failslab+0x9/0x14
[ 1774.456010]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1774.460674]  ? __lockdep_init_map+0x105/0x590
[ 1774.465170]  wb_congested_get_create+0x20a/0x4a0
[ 1774.469928]  ? wb_wakeup_delayed+0xf0/0xf0
[ 1774.474174]  ? __lockdep_init_map+0x105/0x590
[ 1774.478669]  wb_init+0x636/0x9e0
[ 1774.482035]  ? bdi_put+0x180/0x180
[ 1774.485573]  ? kmem_cache_alloc_node_trace+0x14c/0x740
[ 1774.490865]  ? __lockdep_init_map+0x105/0x590
[ 1774.495361]  ? loop_add+0x376/0xa40
[ 1774.498988]  ? lockdep_init_map+0x9/0x10
[ 1774.503041]  ? debug_mutex_init+0x2d/0x60
[ 1774.507193]  ? psi_task_change.cold.11+0x1ac/0x1ac
[ 1774.512135]  ? __lockdep_init_map+0x105/0x590
[ 1774.516636]  ? __init_waitqueue_head+0x9e/0x150
[ 1774.521310]  ? __lockdep_init_map+0x105/0x590
[ 1774.525801]  ? lockdep_init_map+0x9/0x10
[ 1774.529861]  ? __raw_spin_lock_init+0x2d/0x100
[ 1774.534440]  bdi_init+0x30d/0x4d0
[ 1774.537890]  ? wb_init+0x9e0/0x9e0
[ 1774.541425]  ? bdi_alloc_node+0x89/0xe0
[ 1774.545394]  ? bdi_alloc_node+0x89/0xe0
[ 1774.549365]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1774.554380]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1774.559653]  ? bioset_exit+0x370/0x370
[ 1774.563540]  bdi_alloc_node+0x9e/0xe0
[ 1774.567344]  blk_alloc_queue_node+0x2b7/0xe80
[ 1774.571865]  ? blk_init_allocated_queue+0x640/0x640
[ 1774.576882]  ? __mutex_init+0x1f7/0x290
[ 1774.580875]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1774.586410]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1774.591169]  ? blk_mq_alloc_tag_set+0x50e/0xad0
[ 1774.595842]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1774.601035]  blk_mq_init_queue+0x4b/0xb0
[ 1774.605090]  loop_add+0x376/0xa40
[ 1774.608540]  ? loop_queue_rq+0x690/0x690
[ 1774.612632]  loop_control_ioctl+0x199/0x530
[ 1774.616958]  ? loop_add+0xa40/0xa40
[ 1774.620588]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1774.626039]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1774.630797]  ? loop_add+0xa40/0xa40
[ 1774.634419]  do_vfs_ioctl+0x1de/0x1790
[ 1774.638321]  ? ioctl_preallocate+0x300/0x300
[ 1774.642731]  ? selinux_file_mprotect+0x620/0x620
[ 1774.647487]  ? retint_kernel+0x2d/0x2d
[ 1774.651376]  ? selinux_file_mprotect+0x620/0x620
[ 1774.656133]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1774.661663]  ? security_file_ioctl+0x94/0xc0
[ 1774.666082]  ksys_ioctl+0xa9/0xd0
[ 1774.669536]  __x64_sys_ioctl+0x73/0xb0
[ 1774.673430]  do_syscall_64+0x1b9/0x820
[ 1774.677311]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1774.682674]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1774.687599]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1774.692438]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1774.697450]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1774.702466]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1774.707484]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1774.712326]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1774.717504] RIP: 0033:0x457669
[ 1774.720693] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1774.739587] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1774.747289] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1774.754565] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1774.761837] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
04:38:51 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8100001}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0xc10, 0x70bd27, 0x25dfdbfb, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x40010)
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

04:38:51 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x6b6b6b}}, 0x20)

04:38:51 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
read(r0, &(0x7f0000000000)=""/236, 0xec)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})

[ 1774.769108] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1774.776371] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:51 executing program 4 (fault-call:20 fault-nth:19):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:51 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c6e, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:51 executing program 0:
capset(&(0x7f0000000040)={0x24020019980330}, &(0x7f0000000140))
setpriority(0x0, 0x0, 0x400000000000e6)
setpriority(0x0, 0x0, 0x0)

04:38:51 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x1000000}}, 0x20)

04:38:51 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c2d, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1774.919196] FAULT_INJECTION: forcing a failure.
[ 1774.919196] name failslab, interval 1, probability 0, space 0, times 0
04:38:51 executing program 0:
pselect6(0xa1, 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1774.985622] CPU: 0 PID: 8686 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1774.993013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1775.002356] Call Trace:
[ 1775.004929]  dump_stack+0x244/0x39d
[ 1775.008551]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1775.013725]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1775.018833]  should_fail.cold.4+0xa/0x17
[ 1775.022897]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1775.028005]  ? lockdep_init_map+0x9/0x10
[ 1775.032068]  ? __raw_spin_lock_init+0x2d/0x100
[ 1775.036649]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1775.042184]  ? wb_init+0x6f2/0x9e0
[ 1775.045730]  ? zap_class+0x640/0x640
[ 1775.049438]  ? print_usage_bug+0xc0/0xc0
[ 1775.053521]  ? bdi_put+0x180/0x180
[ 1775.057090]  ? kmem_cache_alloc_node_trace+0x14c/0x740
[ 1775.062365]  ? find_held_lock+0x36/0x1c0
[ 1775.066513]  ? __lock_is_held+0xb5/0x140
[ 1775.070590]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1775.076124]  ? retint_kernel+0x2d/0x2d
[ 1775.080012]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1775.084946]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.089701]  __should_failslab+0x124/0x180
[ 1775.093936]  should_failslab+0x9/0x14
[ 1775.097734]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1775.102398]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.107182]  blk_alloc_queue_stats+0x90/0x1c0
[ 1775.111678]  ? blk_stat_add+0x650/0x650
[ 1775.115663]  blk_alloc_queue_node+0x2fa/0xe80
[ 1775.120168]  ? blk_init_allocated_queue+0x640/0x640
[ 1775.125183]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.129935]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1775.134509]  ? retint_kernel+0x2d/0x2d
[ 1775.138397]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1775.143324]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.148079]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1775.153542]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.158299]  ? retint_kernel+0x2d/0x2d
[ 1775.162212]  blk_mq_init_queue+0x4b/0xb0
[ 1775.166271]  loop_add+0x376/0xa40
[ 1775.169723]  ? loop_queue_rq+0x690/0x690
[ 1775.173797]  loop_control_ioctl+0x199/0x530
[ 1775.178117]  ? loop_add+0xa40/0xa40
[ 1775.181739]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1775.187189]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1775.192121]  ? loop_add+0xa40/0xa40
[ 1775.195745]  do_vfs_ioctl+0x1de/0x1790
[ 1775.199637]  ? ioctl_preallocate+0x300/0x300
[ 1775.204045]  ? selinux_file_mprotect+0x620/0x620
[ 1775.208804]  ? __sb_end_write+0xd9/0x110
[ 1775.212868]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1775.218402]  ? fput+0x130/0x1a0
[ 1775.221678]  ? do_syscall_64+0x9a/0x820
[ 1775.225654]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1775.231190]  ? security_file_ioctl+0x94/0xc0
[ 1775.235596]  ksys_ioctl+0xa9/0xd0
[ 1775.239053]  __x64_sys_ioctl+0x73/0xb0
[ 1775.242939]  do_syscall_64+0x1b9/0x820
[ 1775.246819]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1775.252182]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1775.257106]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1775.261946]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1775.266962]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1775.271985]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1775.277004]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1775.281848]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1775.287028] RIP: 0033:0x457669
[ 1775.290217] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1775.309112] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1775.316818] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1775.324083] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1775.331345] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1775.338606] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1775.345872] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:51 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:52 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x400300}}, 0x20)

04:38:52 executing program 4 (fault-call:20 fault-nth:20):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:52 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x2, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:52 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0xe000}}, 0x20)

04:38:52 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c38, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1775.515096] FAULT_INJECTION: forcing a failure.
[ 1775.515096] name failslab, interval 1, probability 0, space 0, times 0
[ 1775.534534] CPU: 0 PID: 8712 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1775.541842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1775.551273] Call Trace:
[ 1775.553863]  dump_stack+0x244/0x39d
[ 1775.557501]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1775.562692]  ? print_usage_bug+0xc0/0xc0
[ 1775.566840]  ? print_usage_bug+0xc0/0xc0
[ 1775.570905]  should_fail.cold.4+0xa/0x17
[ 1775.574968]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1775.580074]  ? kasan_check_write+0x14/0x20
[ 1775.584311]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1775.589245]  ? mark_held_locks+0xc7/0x130
[ 1775.593400]  ? zap_class+0x640/0x640
[ 1775.597114]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1775.601870]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1775.606453]  ? find_held_lock+0x36/0x1c0
[ 1775.610523]  ? __lock_is_held+0xb5/0x140
[ 1775.614595]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1775.620050]  __should_failslab+0x124/0x180
[ 1775.624281]  should_failslab+0x9/0x14
[ 1775.628077]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1775.633178]  ? debug_object_free+0x690/0x690
[ 1775.637589]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1775.643234]  blkg_alloc+0x124/0x800
[ 1775.646863]  ? blkcg_reset_stats+0x3e0/0x3e0
[ 1775.651376]  ? lockdep_init_map+0x9/0x10
[ 1775.655430]  ? debug_mutex_init+0x2d/0x60
[ 1775.659573]  ? __mutex_init+0x1f7/0x290
[ 1775.663544]  ? __lockdep_init_map+0x105/0x590
[ 1775.668041]  ? kasan_check_write+0x14/0x20
[ 1775.672271]  ? percpu_ref_init+0x1fd/0x290
[ 1775.676506]  ? blk_set_pm_only+0x30/0x30
[ 1775.680570]  ? percpu_ref_noop_confirm_switch+0x10/0x10
[ 1775.685993]  blkcg_init_queue+0x27/0x560
[ 1775.690057]  blk_alloc_queue_node+0x972/0xe80
[ 1775.694572]  ? blk_init_allocated_queue+0x640/0x640
[ 1775.699584]  ? __mutex_init+0x1f7/0x290
[ 1775.703578]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1775.709114]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1775.713883]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1775.719075]  blk_mq_init_queue+0x4b/0xb0
[ 1775.723134]  loop_add+0x376/0xa40
[ 1775.726595]  ? loop_queue_rq+0x690/0x690
[ 1775.730660]  loop_control_ioctl+0x199/0x530
[ 1775.735076]  ? loop_add+0xa40/0xa40
[ 1775.738697]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1775.744155]  ? loop_add+0xa40/0xa40
[ 1775.747776]  do_vfs_ioctl+0x1de/0x1790
[ 1775.751664]  ? ioctl_preallocate+0x300/0x300
[ 1775.756072]  ? selinux_file_mprotect+0x620/0x620
[ 1775.760831]  ? __sb_end_write+0xd9/0x110
[ 1775.764892]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1775.770421]  ? fput+0x130/0x1a0
[ 1775.773701]  ? do_syscall_64+0x9a/0x820
[ 1775.777683]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1775.783217]  ? security_file_ioctl+0x94/0xc0
[ 1775.787624]  ksys_ioctl+0xa9/0xd0
[ 1775.791078]  __x64_sys_ioctl+0x73/0xb0
[ 1775.794963]  do_syscall_64+0x1b9/0x820
[ 1775.798846]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1775.804205]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1775.809378]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1775.814220]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1775.819241]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1775.824252]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1775.829271]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1775.834117]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1775.839301] RIP: 0033:0x457669
[ 1775.842496] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1775.861388] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1775.869090] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1775.876351] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1775.883612] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1775.890876] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1775.898136] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:52 executing program 4 (fault-call:20 fault-nth:21):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:52 executing program 0:
r0 = socket$inet6(0xa, 0x4000000000803, 0x3)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaff000000000086dd60b4090005ca290000000000000000000000ff1ee0000002000000000000000000000000000000018300907800093a0060b680fa0000000000000000000004000000ffffffffffff00000000000000000000ffffac14ffbb"], 0x0)

04:38:52 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:52 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x80087601, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:52 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c07, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:52 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0xffffffffffffffff}}, 0x20)

04:38:52 executing program 0:
socketpair$unix(0x1, 0x2000000000001, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/netlink\x00')
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0)

04:38:52 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgsnd(0x0, 0x0, 0x0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x2, 0x0)

[ 1776.080428] audit: type=1400 audit(1545107932.640:984): avc:  denied  { map } for  pid=8735 comm="syz-executor0" path="/proc/8735/net/netlink" dev="proc" ino=4026532842 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:proc_net_t:s0 tclass=file permissive=1
[ 1776.148076] FAULT_INJECTION: forcing a failure.
[ 1776.148076] name failslab, interval 1, probability 0, space 0, times 0
[ 1776.175538] CPU: 0 PID: 8737 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1776.182830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1776.192176] Call Trace:
[ 1776.194770]  dump_stack+0x244/0x39d
04:38:52 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x34000}}, 0x20)

[ 1776.198412]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1776.203618]  ? should_fail.cold.4+0x5/0x17
[ 1776.207858]  should_fail.cold.4+0xa/0x17
[ 1776.211915]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1776.216501]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1776.221603]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1776.226360]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1776.231815]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1776.236575]  ? retint_kernel+0x2d/0x2d
[ 1776.240472]  ? lock_is_held_type+0x18b/0x210
[ 1776.244886]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1776.250346]  __should_failslab+0x124/0x180
[ 1776.254581]  should_failslab+0x9/0x14
[ 1776.258377]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1776.263051]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1776.267993]  ? kasan_check_read+0x11/0x20
[ 1776.272136]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1776.277425]  ? rcu_softirq_qs+0x20/0x20
[ 1776.281408]  blk_iolatency_init+0x51/0x2e0
[ 1776.285647]  blkcg_init_queue+0x1e3/0x560
[ 1776.289794]  blk_alloc_queue_node+0x972/0xe80
[ 1776.294290]  ? blk_init_allocated_queue+0x640/0x640
[ 1776.299305]  ? __mutex_init+0x1f7/0x290
[ 1776.303292]  ? blk_mq_alloc_tag_set+0x5e5/0xad0
[ 1776.307970]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1776.313159]  blk_mq_init_queue+0x4b/0xb0
[ 1776.317218]  loop_add+0x376/0xa40
[ 1776.320670]  ? loop_queue_rq+0x690/0x690
[ 1776.324743]  loop_control_ioctl+0x199/0x530
[ 1776.329063]  ? loop_add+0xa40/0xa40
[ 1776.332684]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1776.338143]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1776.343070]  ? loop_add+0xa40/0xa40
[ 1776.346699]  do_vfs_ioctl+0x1de/0x1790
[ 1776.350589]  ? ioctl_preallocate+0x300/0x300
[ 1776.354997]  ? selinux_file_mprotect+0x620/0x620
[ 1776.359753]  ? __sb_end_write+0xd9/0x110
[ 1776.363818]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1776.369349]  ? fput+0x130/0x1a0
[ 1776.372646]  ? do_syscall_64+0x9a/0x820
[ 1776.376712]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1776.382245]  ? security_file_ioctl+0x94/0xc0
[ 1776.386653]  ksys_ioctl+0xa9/0xd0
[ 1776.390104]  __x64_sys_ioctl+0x73/0xb0
[ 1776.393993]  do_syscall_64+0x1b9/0x820
[ 1776.397877]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1776.403242]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1776.408164]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1776.413100]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1776.418117]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1776.423134]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1776.428150]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1776.433001]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1776.438192] RIP: 0033:0x457669
[ 1776.441384] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1776.460283] RSP: 002b:00007f7c8bd2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1776.467984] RAX: ffffffffffffffda RBX: 00007f7c8bd2ec90 RCX: 0000000000457669
[ 1776.475243] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1776.482505] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1776.489770] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd2f6d4
[ 1776.497035] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:53 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:53 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x6b6b6b00000000}}, 0x20)

04:38:53 executing program 4 (fault-call:20 fault-nth:22):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:53 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x80086601, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:53 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c04, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:53 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0xe000000000000000}}, 0x20)

[ 1776.671984] FAULT_INJECTION: forcing a failure.
[ 1776.671984] name failslab, interval 1, probability 0, space 0, times 0
[ 1776.690817] CPU: 0 PID: 8765 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1776.698106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1776.707452] Call Trace:
[ 1776.710042]  dump_stack+0x244/0x39d
[ 1776.713677]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1776.718871]  ? rcu_softirq_qs+0x20/0x20
[ 1776.722847]  should_fail.cold.4+0xa/0x17
[ 1776.726911]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1776.732009]  ? print_usage_bug+0xc0/0xc0
[ 1776.736065]  ? kernel_text_address+0x79/0xf0
[ 1776.740480]  ? __kernel_text_address+0xd/0x40
[ 1776.744973]  ? __save_stack_trace+0x8d/0xf0
[ 1776.749294]  ? zap_class+0x640/0x640
[ 1776.753016]  ? find_held_lock+0x36/0x1c0
[ 1776.757076]  ? __lock_is_held+0xb5/0x140
[ 1776.761147]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1776.766596]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1776.771350]  __should_failslab+0x124/0x180
[ 1776.775585]  should_failslab+0x9/0x14
[ 1776.779382]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1776.784504]  iolatency_pd_alloc+0x93/0x120
[ 1776.788731]  ? blk_queue_bypass_start+0x196/0x2c0
[ 1776.793569]  ? iolatency_set_limit+0x620/0x620
[ 1776.798147]  blkcg_activate_policy+0xf4/0x580
[ 1776.802656]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1776.807582]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1776.812864]  blk_iolatency_init+0x130/0x2e0
[ 1776.817190]  blkcg_init_queue+0x1e3/0x560
[ 1776.821336]  blk_alloc_queue_node+0x972/0xe80
[ 1776.825834]  ? blk_init_allocated_queue+0x640/0x640
[ 1776.830844]  ? __mutex_init+0x1f7/0x290
[ 1776.834835]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1776.840370]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1776.845150]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1776.850336]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1776.855093]  blk_mq_init_queue+0x4b/0xb0
[ 1776.859153]  loop_add+0x376/0xa40
[ 1776.862607]  ? loop_queue_rq+0x690/0x690
[ 1776.866689]  loop_control_ioctl+0x199/0x530
[ 1776.871005]  ? loop_add+0xa40/0xa40
[ 1776.874627]  ? retint_kernel+0x2d/0x2d
[ 1776.878511]  ? loop_add+0xa40/0xa40
[ 1776.882142]  ? do_vfs_ioctl+0x178/0x1790
[ 1776.886199]  ? loop_add+0xa40/0xa40
[ 1776.889819]  do_vfs_ioctl+0x1de/0x1790
[ 1776.893707]  ? ioctl_preallocate+0x300/0x300
[ 1776.898115]  ? selinux_file_mprotect+0x620/0x620
[ 1776.902877]  ? retint_kernel+0x2d/0x2d
[ 1776.906780]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1776.912314]  ? security_file_ioctl+0x94/0xc0
[ 1776.916723]  ksys_ioctl+0xa9/0xd0
[ 1776.920179]  __x64_sys_ioctl+0x73/0xb0
[ 1776.924067]  do_syscall_64+0x1b9/0x820
[ 1776.927949]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1776.933313]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1776.938236]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1776.943076]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1776.948091]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1776.953105]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1776.958122]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1776.962965]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1776.968146] RIP: 0033:0x457669
[ 1776.971347] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1776.990378] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1776.998086] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1777.005350] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1777.012621] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
04:38:53 executing program 0:
r0 = socket$kcm(0xa, 0x2, 0x11)
sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f0000000080)=@in6={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [0xe803, 0x0, 0x2a0, 0x2e9c000000000000]}, 0xd}, 0x80, 0x0}, 0x0)

[ 1777.019885] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1777.027153] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:53 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:53 executing program 4 (fault-call:20 fault-nth:23):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:53 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c1a, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:53 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c53, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:53 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = msgget$private(0x0, 0x58c)
msgsnd(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(r1, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:53 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x100000000000000}}, 0x20)

[ 1777.108512] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1777.212033] FAULT_INJECTION: forcing a failure.
[ 1777.212033] name failslab, interval 1, probability 0, space 0, times 0
[ 1777.223651] CPU: 0 PID: 8788 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1777.230936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1777.240284] Call Trace:
[ 1777.240304]  dump_stack+0x244/0x39d
[ 1777.240323]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1777.240338]  ? mark_held_locks+0x130/0x130
[ 1777.240366]  should_fail.cold.4+0xa/0x17
[ 1777.259974]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1777.265086]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1777.270636]  ? pcpu_balance_workfn+0x1700/0x1700
[ 1777.275395]  ? zap_class+0x640/0x640
[ 1777.279115]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1777.284649]  ? check_preemption_disabled+0x48/0x280
[ 1777.289675]  ? lock_acquire+0x1ed/0x520
[ 1777.293647]  __should_failslab+0x124/0x180
[ 1777.297878]  should_failslab+0x9/0x14
[ 1777.301673]  kmem_cache_alloc_node_trace+0x5a/0x740
[ 1777.306682]  ? rwlock_bug.part.2+0x90/0x90
[ 1777.310921]  ? trace_hardirqs_on+0x310/0x310
[ 1777.315337]  iolatency_pd_alloc+0x93/0x120
[ 1777.319577]  ? iolatency_set_limit+0x620/0x620
[ 1777.324166]  blkcg_activate_policy+0x221/0x580
[ 1777.328756]  blk_iolatency_init+0x130/0x2e0
[ 1777.333077]  blkcg_init_queue+0x1e3/0x560
[ 1777.337254]  blk_alloc_queue_node+0x972/0xe80
[ 1777.341754]  ? blk_init_allocated_queue+0x640/0x640
[ 1777.346772]  ? __mutex_init+0x1f7/0x290
[ 1777.350762]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1777.356294]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1777.361074]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1777.366263]  blk_mq_init_queue+0x4b/0xb0
[ 1777.370321]  loop_add+0x376/0xa40
[ 1777.373778]  ? loop_queue_rq+0x690/0x690
[ 1777.377838]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1777.383324]  loop_control_ioctl+0x199/0x530
[ 1777.387643]  ? loop_add+0xa40/0xa40
[ 1777.391273]  ? retint_kernel+0x2d/0x2d
[ 1777.395162]  ? loop_add+0xa40/0xa40
[ 1777.398782]  do_vfs_ioctl+0x1de/0x1790
[ 1777.402680]  ? __sanitizer_cov_trace_pc+0x1/0x50
[ 1777.407432]  ? ioctl_preallocate+0x300/0x300
[ 1777.411839]  ? selinux_file_mprotect+0x620/0x620
[ 1777.416597]  ? __sb_end_write+0xd9/0x110
[ 1777.420660]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1777.426306]  ? fput+0x130/0x1a0
[ 1777.429586]  ? do_syscall_64+0x9a/0x820
[ 1777.433568]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1777.439099]  ? security_file_ioctl+0x94/0xc0
[ 1777.443505]  ksys_ioctl+0xa9/0xd0
[ 1777.446955]  __x64_sys_ioctl+0x73/0xb0
[ 1777.450843]  do_syscall_64+0x1b9/0x820
[ 1777.454723]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1777.460082]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1777.465004]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1777.469845]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1777.474858]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1777.479875]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1777.484891]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1777.489736]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1777.494919] RIP: 0033:0x457669
04:38:54 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = msgget$private(0x0, 0x58c)
msgsnd(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(r1, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

[ 1777.498106] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1777.516999] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1777.524701] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1777.531965] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1777.539226] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1777.546489] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1777.553752] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:54 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = msgget$private(0x0, 0x58c)
msgsnd(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(r1, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:54 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0xe0}}, 0x20)

04:38:54 executing program 4 (fault-call:20 fault-nth:24):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:54 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = msgget$private(0x0, 0x58c)
msgsnd(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(r1, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:54 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = msgget$private(0x0, 0x58c)
msgrcv(r1, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:54 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:54 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c5e, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1777.786503] FAULT_INJECTION: forcing a failure.
[ 1777.786503] name failslab, interval 1, probability 0, space 0, times 0
[ 1777.806412] CPU: 0 PID: 8818 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1777.813689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1777.823025] Call Trace:
[ 1777.825604]  dump_stack+0x244/0x39d
[ 1777.829233]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1777.834429]  ? trace_hardirqs_on+0xbd/0x310
[ 1777.838733]  ? kasan_check_read+0x11/0x20
[ 1777.842869]  should_fail.cold.4+0xa/0x17
[ 1777.846931]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1777.852016]  ? retint_kernel+0x2d/0x2d
[ 1777.855885]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1777.860799]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1777.865542]  ? zap_class+0x640/0x640
[ 1777.869248]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1777.873985]  ? find_held_lock+0x36/0x1c0
[ 1777.878029]  ? __lock_is_held+0xb5/0x140
[ 1777.882083]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1777.887516]  ? __lock_is_held+0xb5/0x140
[ 1777.891567]  __should_failslab+0x124/0x180
[ 1777.895796]  should_failslab+0x9/0x14
[ 1777.899582]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1777.904674]  ? blkcg_iolatency_throttle+0x20a0/0x20a0
[ 1777.909844]  ? init_timer_on_stack_key+0xe0/0xe0
[ 1777.914587]  blk_throtl_init+0xca/0x630
[ 1777.918544]  ? blk_throtl_drain+0x810/0x810
[ 1777.922865]  ? blk_iolatency_init+0x1f7/0x2e0
[ 1777.927345]  blkcg_init_queue+0x205/0x560
[ 1777.931476]  blk_alloc_queue_node+0x972/0xe80
[ 1777.935954]  ? blk_init_allocated_queue+0x640/0x640
[ 1777.940950]  ? __mutex_init+0x1f7/0x290
[ 1777.944917]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1777.950448]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1777.955191]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1777.960367]  blk_mq_init_queue+0x4b/0xb0
[ 1777.964412]  loop_add+0x376/0xa40
[ 1777.967846]  ? loop_queue_rq+0x690/0x690
[ 1777.971892]  loop_control_ioctl+0x199/0x530
[ 1777.976195]  ? loop_add+0xa40/0xa40
[ 1777.979801]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1777.985240]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1777.990166]  ? loop_add+0xa40/0xa40
[ 1777.993773]  do_vfs_ioctl+0x1de/0x1790
[ 1777.997645]  ? ioctl_preallocate+0x300/0x300
[ 1778.002037]  ? selinux_file_mprotect+0x620/0x620
[ 1778.006780]  ? __sb_end_write+0xd9/0x110
[ 1778.010825]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1778.016342]  ? fput+0x130/0x1a0
[ 1778.019606]  ? do_syscall_64+0x9a/0x820
[ 1778.023567]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1778.029299]  ? security_file_ioctl+0x94/0xc0
[ 1778.033692]  ksys_ioctl+0xa9/0xd0
[ 1778.037256]  __x64_sys_ioctl+0x73/0xb0
[ 1778.041123]  do_syscall_64+0x1b9/0x820
[ 1778.045004]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1778.050347]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1778.055259]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1778.060089]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1778.065087]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1778.070084]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1778.075084]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1778.079911]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1778.085081] RIP: 0033:0x457669
[ 1778.088255] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1778.107140] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1778.114828] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1778.122077] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1778.129325] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
04:38:54 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c78, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:54 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x6b6b6b00}}, 0x20)

[ 1778.136576] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1778.143837] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:54 executing program 4 (fault-call:20 fault-nth:25):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:54 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c64, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:54 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c38, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1778.313500] FAULT_INJECTION: forcing a failure.
[ 1778.313500] name failslab, interval 1, probability 0, space 0, times 0
[ 1778.339165] CPU: 0 PID: 8838 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1778.346451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1778.355797] Call Trace:
[ 1778.358372]  dump_stack+0x244/0x39d
[ 1778.361985]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1778.367163]  should_fail.cold.4+0xa/0x17
[ 1778.371207]  ? mark_held_locks+0x130/0x130
[ 1778.375427]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1778.380511]  ? _raw_spin_unlock_irqrestore+0xaf/0xd0
[ 1778.385618]  ? __debug_object_init+0x57d/0x1290
[ 1778.390279]  ? find_held_lock+0x36/0x1c0
[ 1778.394330]  ? zap_class+0x640/0x640
[ 1778.398031]  ? find_held_lock+0x36/0x1c0
[ 1778.402076]  ? __lock_is_held+0xb5/0x140
[ 1778.406126]  ? check_preemption_disabled+0x48/0x280
[ 1778.411135]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1778.416576]  __should_failslab+0x124/0x180
[ 1778.420792]  should_failslab+0x9/0x14
[ 1778.424584]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1778.429683]  ? mark_held_locks+0xc7/0x130
[ 1778.433825]  ? _raw_spin_unlock_irq+0x27/0x80
[ 1778.438321]  throtl_pd_alloc+0xff/0x990
[ 1778.442276]  ? blk_queue_bypass_start+0x151/0x2c0
[ 1778.447099]  ? blk_throtl_dispatch_work_fn+0x4a0/0x4a0
[ 1778.452357]  ? __lock_is_held+0xb5/0x140
[ 1778.456418]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1778.461937]  ? blk_throtl_dispatch_work_fn+0x4a0/0x4a0
[ 1778.467195]  blkcg_activate_policy+0xf4/0x580
[ 1778.471678]  blk_throtl_init+0x3d3/0x630
[ 1778.475826]  ? blk_throtl_drain+0x810/0x810
[ 1778.480133]  ? blk_iolatency_init+0x1f7/0x2e0
[ 1778.484614]  blkcg_init_queue+0x205/0x560
[ 1778.488749]  blk_alloc_queue_node+0x972/0xe80
[ 1778.493231]  ? blk_init_allocated_queue+0x640/0x640
[ 1778.498233]  ? __mutex_init+0x1f7/0x290
[ 1778.502206]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1778.507723]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1778.512468]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1778.517644]  blk_mq_init_queue+0x4b/0xb0
[ 1778.521687]  loop_add+0x376/0xa40
[ 1778.525126]  ? loop_queue_rq+0x690/0x690
[ 1778.529185]  loop_control_ioctl+0x199/0x530
[ 1778.533486]  ? loop_add+0xa40/0xa40
[ 1778.537097]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1778.542534]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1778.547445]  ? loop_add+0xa40/0xa40
[ 1778.551080]  do_vfs_ioctl+0x1de/0x1790
[ 1778.554950]  ? ioctl_preallocate+0x300/0x300
[ 1778.559341]  ? selinux_file_mprotect+0x620/0x620
[ 1778.564082]  ? __sb_end_write+0xd9/0x110
[ 1778.568138]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1778.573669]  ? fput+0x130/0x1a0
[ 1778.576930]  ? do_syscall_64+0x9a/0x820
[ 1778.580887]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1778.586406]  ? security_file_ioctl+0x94/0xc0
[ 1778.590794]  ksys_ioctl+0xa9/0xd0
[ 1778.594229]  __x64_sys_ioctl+0x73/0xb0
[ 1778.598108]  do_syscall_64+0x1b9/0x820
[ 1778.601975]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1778.607318]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1778.612227]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1778.617055]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1778.622072]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1778.627169]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1778.632704]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1778.637707]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1778.642531]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1778.647805] RIP: 0033:0x457669
04:38:55 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x1000000000000000}}, 0x20)

04:38:55 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

[ 1778.650977] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1778.669860] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1778.677547] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1778.684821] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1778.692085] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1778.699348] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1778.706597] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:55 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c57, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:55 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x10000000}}, 0x20)

04:38:55 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c47, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:55 executing program 4 (fault-call:20 fault-nth:26):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:55 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x6b6b6b}}, 0x20)

04:38:55 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:55 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c2c, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:55 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0xe000}}, 0x20)

[ 1779.125214] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
04:38:55 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:55 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c63, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1779.165625] FAT-fs (loop3): Filesystem has been set read-only
[ 1779.187524] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
04:38:55 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c75, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:55 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:55 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:55 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x40030000000000}}, 0x20)

[ 1779.287871] FAULT_INJECTION: forcing a failure.
[ 1779.287871] name failslab, interval 1, probability 0, space 0, times 0
[ 1779.299080] CPU: 0 PID: 8887 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1779.306348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1779.315701] Call Trace:
[ 1779.318292]  dump_stack+0x244/0x39d
[ 1779.321922]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1779.327111]  ? debug_object_free+0x690/0x690
[ 1779.331518]  ? __kernel_text_address+0xd/0x40
[ 1779.336010]  ? unwind_get_return_address+0x61/0xa0
[ 1779.340944]  should_fail.cold.4+0xa/0x17
[ 1779.345016]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1779.350117]  ? zap_class+0x640/0x640
[ 1779.353834]  ? save_stack+0xa9/0xd0
[ 1779.357465]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1779.362998]  ? check_preemption_disabled+0x48/0x280
[ 1779.368016]  ? __lock_is_held+0xb5/0x140
[ 1779.372077]  ? __lockdep_init_map+0x105/0x590
[ 1779.376571]  ? lockdep_init_map+0x9/0x10
[ 1779.380631]  ? init_timer_on_stack_key+0xe0/0xe0
[ 1779.385391]  ? __lock_is_held+0xb5/0x140
[ 1779.389473]  __should_failslab+0x124/0x180
[ 1779.393709]  should_failslab+0x9/0x14
[ 1779.397520]  kmem_cache_alloc_node_trace+0x5a/0x740
[ 1779.402536]  ? lock_acquire+0x1ed/0x520
[ 1779.406528]  throtl_pd_alloc+0xff/0x990
[ 1779.410505]  ? blk_throtl_dispatch_work_fn+0x4a0/0x4a0
[ 1779.415783]  ? rwlock_bug.part.2+0x90/0x90
[ 1779.420015]  ? trace_hardirqs_on+0x310/0x310
[ 1779.424443]  ? blk_throtl_dispatch_work_fn+0x4a0/0x4a0
[ 1779.429722]  ? blk_throtl_dispatch_work_fn+0x4a0/0x4a0
[ 1779.434998]  blkcg_activate_policy+0x221/0x580
[ 1779.439600]  blk_throtl_init+0x3d3/0x630
[ 1779.443660]  ? blk_throtl_drain+0x810/0x810
[ 1779.447980]  ? blk_iolatency_init+0x1f7/0x2e0
[ 1779.452473]  blkcg_init_queue+0x205/0x560
[ 1779.456620]  blk_alloc_queue_node+0x972/0xe80
[ 1779.461114]  ? blk_init_allocated_queue+0x640/0x640
[ 1779.466126]  ? mark_held_locks+0xc7/0x130
[ 1779.470271]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1779.475023]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1779.479596]  ? retint_kernel+0x2d/0x2d
[ 1779.483480]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1779.488424]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1779.493886]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1779.498642]  ? retint_kernel+0x2d/0x2d
[ 1779.502532]  blk_mq_init_queue+0x4b/0xb0
[ 1779.506589]  loop_add+0x376/0xa40
[ 1779.510040]  ? loop_queue_rq+0x690/0x690
[ 1779.514105]  loop_control_ioctl+0x199/0x530
[ 1779.518425]  ? loop_add+0xa40/0xa40
[ 1779.522061]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1779.527514]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1779.532449]  ? loop_add+0xa40/0xa40
[ 1779.536073]  do_vfs_ioctl+0x1de/0x1790
[ 1779.539972]  ? ioctl_preallocate+0x300/0x300
[ 1779.544381]  ? selinux_file_mprotect+0x620/0x620
[ 1779.549140]  ? __sb_end_write+0xd9/0x110
[ 1779.553204]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1779.558738]  ? fput+0x130/0x1a0
[ 1779.562012]  ? do_syscall_64+0x9a/0x820
[ 1779.565990]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1779.571523]  ? security_file_ioctl+0x94/0xc0
[ 1779.575931]  ksys_ioctl+0xa9/0xd0
[ 1779.579380]  __x64_sys_ioctl+0x73/0xb0
[ 1779.583271]  do_syscall_64+0x1b9/0x820
[ 1779.587160]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1779.592518]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1779.597443]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1779.602289]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1779.607300]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1779.612379]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1779.617395]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1779.622241]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1779.627449] RIP: 0033:0x457669
[ 1779.630637] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1779.649532] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1779.657233] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1779.664496] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1779.671756] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1779.679016] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1779.686275] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:56 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:56 executing program 4 (fault-call:20 fault-nth:27):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:56 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x800000000000000}}, 0x20)

04:38:56 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:56 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:56 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:56 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:56 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c51, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:56 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c67, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1779.988442] FAULT_INJECTION: forcing a failure.
[ 1779.988442] name failslab, interval 1, probability 0, space 0, times 0
[ 1780.010204] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1780.023544] CPU: 0 PID: 8914 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1780.030824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1780.035362] FAT-fs (loop3): Filesystem has been set read-only
[ 1780.040173] Call Trace:
[ 1780.048720]  dump_stack+0x244/0x39d
[ 1780.052350]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1780.057540]  ? save_stack+0xa9/0xd0
[ 1780.061167]  should_fail.cold.4+0xa/0x17
[ 1780.065224]  ? print_usage_bug+0xc0/0xc0
[ 1780.069286]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1780.074396]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1780.078974]  ? retint_kernel+0x2d/0x2d
[ 1780.082859]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1780.087807]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1780.093248]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1780.097828]  ? zap_class+0x640/0x640
[ 1780.101543]  ? find_held_lock+0x36/0x1c0
[ 1780.105603]  ? __lock_is_held+0xb5/0x140
[ 1780.109684]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1780.115142]  ? blkcg_activate_policy+0x3db/0x580
[ 1780.119896]  __should_failslab+0x124/0x180
[ 1780.124138]  should_failslab+0x9/0x14
[ 1780.128044]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1780.132709]  ? blk_throtl_init+0x3e7/0x630
[ 1780.136953]  ? blk_throtl_drain+0x810/0x810
[ 1780.141275]  ? blk_mq_can_queue+0x50/0x50
[ 1780.145421]  ? plug_ctx_cmp+0x110/0x110
[ 1780.149410]  blk_stat_alloc_callback+0x5b/0x280
[ 1780.154085]  blk_mq_init_allocated_queue+0x12c/0x1680
[ 1780.159279]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1780.164809]  ? blk_alloc_queue_node+0x988/0xe80
[ 1780.169476]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1780.173965]  ? __mutex_init+0x1f7/0x290
[ 1780.177952]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1780.183482]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1780.188258]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1780.193449]  blk_mq_init_queue+0x63/0xb0
[ 1780.197508]  loop_add+0x376/0xa40
[ 1780.200959]  ? loop_queue_rq+0x690/0x690
[ 1780.205024]  loop_control_ioctl+0x199/0x530
[ 1780.209338]  ? loop_add+0xa40/0xa40
[ 1780.212961]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1780.218417]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1780.223347]  ? loop_add+0xa40/0xa40
[ 1780.226988]  do_vfs_ioctl+0x1de/0x1790
[ 1780.230875]  ? ioctl_preallocate+0x300/0x300
[ 1780.235285]  ? selinux_file_mprotect+0x620/0x620
[ 1780.240042]  ? __sb_end_write+0xd9/0x110
[ 1780.244122]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1780.249653]  ? fput+0x130/0x1a0
[ 1780.252926]  ? do_syscall_64+0x9a/0x820
[ 1780.256897]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1780.262430]  ? security_file_ioctl+0x94/0xc0
[ 1780.266839]  ksys_ioctl+0xa9/0xd0
[ 1780.270292]  __x64_sys_ioctl+0x73/0xb0
[ 1780.274183]  do_syscall_64+0x1b9/0x820
[ 1780.278071]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1780.283441]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1780.288368]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1780.293210]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1780.298224]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1780.303237]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1780.308254]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1780.313106]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1780.318302] RIP: 0033:0x457669
[ 1780.321493] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1780.340386] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1780.348089] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1780.355354] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1780.362618] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1780.369882] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1780.377145] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1780.385988] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
04:38:57 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:57 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x1000000000000000}}, 0x20)

04:38:57 executing program 4 (fault-call:20 fault-nth:28):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:57 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:57 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:57 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0xe0000000}}, 0x20)

04:38:57 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c03, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1780.545234] FAULT_INJECTION: forcing a failure.
[ 1780.545234] name failslab, interval 1, probability 0, space 0, times 0
[ 1780.619282] CPU: 0 PID: 8937 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1780.626587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1780.635949] Call Trace:
[ 1780.638547]  dump_stack+0x244/0x39d
[ 1780.642206]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1780.647398]  ? __kernel_text_address+0xd/0x40
[ 1780.651897]  should_fail.cold.4+0xa/0x17
[ 1780.655959]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1780.661080]  ? save_stack+0x43/0xd0
[ 1780.664709]  ? kasan_kmalloc+0xc7/0xe0
[ 1780.668596]  ? kmem_cache_alloc_trace+0x152/0x750
[ 1780.673436]  ? blk_stat_alloc_callback+0x5b/0x280
[ 1780.678283]  ? zap_class+0x640/0x640
[ 1780.681994]  ? loop_control_ioctl+0x199/0x530
[ 1780.686484]  ? do_vfs_ioctl+0x1de/0x1790
[ 1780.690540]  ? ksys_ioctl+0xa9/0xd0
[ 1780.694160]  ? __x64_sys_ioctl+0x73/0xb0
[ 1780.698225]  ? do_syscall_64+0x1b9/0x820
[ 1780.702295]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1780.707661]  ? find_held_lock+0x36/0x1c0
[ 1780.711724]  ? __lock_is_held+0xb5/0x140
[ 1780.715791]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1780.721243]  ? blk_mq_can_queue+0x50/0x50
[ 1780.725386]  __should_failslab+0x124/0x180
[ 1780.729618]  should_failslab+0x9/0x14
[ 1780.733413]  __kmalloc+0x2e0/0x760
[ 1780.736949]  ? kmem_cache_alloc_trace+0x353/0x750
[ 1780.741790]  ? blk_throtl_init+0x3e7/0x630
[ 1780.746162]  ? blk_stat_alloc_callback+0x84/0x280
[ 1780.751006]  ? blk_mq_can_queue+0x50/0x50
[ 1780.755152]  ? plug_ctx_cmp+0x110/0x110
[ 1780.759137]  blk_stat_alloc_callback+0x84/0x280
[ 1780.763813]  blk_mq_init_allocated_queue+0x12c/0x1680
[ 1780.769000]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1780.774535]  ? blk_alloc_queue_node+0x988/0xe80
[ 1780.779213]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1780.783708]  ? __mutex_init+0x1f7/0x290
[ 1780.787699]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1780.793233]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1780.798007]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1780.803202]  blk_mq_init_queue+0x63/0xb0
[ 1780.807263]  loop_add+0x376/0xa40
[ 1780.810736]  ? loop_queue_rq+0x690/0x690
[ 1780.814807]  loop_control_ioctl+0x199/0x530
[ 1780.819128]  ? loop_add+0xa40/0xa40
[ 1780.822750]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1780.828206]  ? loop_add+0xa40/0xa40
[ 1780.831829]  do_vfs_ioctl+0x1de/0x1790
[ 1780.835736]  ? ioctl_preallocate+0x300/0x300
[ 1780.840144]  ? selinux_file_mprotect+0x620/0x620
[ 1780.844900]  ? fput+0x1f/0x1a0
[ 1780.848096]  ? fput+0x24/0x1a0
[ 1780.851290]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1780.856874]  ? fput+0x130/0x1a0
[ 1780.860153]  ? do_syscall_64+0x9a/0x820
[ 1780.864129]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1780.869693]  ? security_file_ioctl+0x94/0xc0
[ 1780.874104]  ksys_ioctl+0xa9/0xd0
[ 1780.877558]  __x64_sys_ioctl+0x73/0xb0
[ 1780.881466]  do_syscall_64+0x1b9/0x820
[ 1780.885354]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1780.890719]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1780.895644]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1780.900494]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1780.905509]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1780.910524]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1780.915540]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1780.920384]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1780.925564] RIP: 0033:0x457669
[ 1780.928752] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1780.947662] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1780.955370] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1780.962751] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
04:38:57 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

[ 1780.970016] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1780.977466] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1780.984729] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:57 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c56, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:57 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:57 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

04:38:57 executing program 4 (fault-call:20 fault-nth:29):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:57 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c6d, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:57 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x100000000000000}}, 0x20)

04:38:57 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c14, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:57 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgsnd(0x0, 0x0, 0x0, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

[ 1781.245744] FAULT_INJECTION: forcing a failure.
[ 1781.245744] name failslab, interval 1, probability 0, space 0, times 0
[ 1781.283067] CPU: 0 PID: 8964 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1781.290358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1781.299704] Call Trace:
[ 1781.302321]  dump_stack+0x244/0x39d
[ 1781.305954]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1781.311149]  ? zap_class+0x640/0x640
[ 1781.314868]  should_fail.cold.4+0xa/0x17
[ 1781.318931]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1781.324036]  ? __lock_is_held+0xb5/0x140
[ 1781.328101]  ? zap_class+0x640/0x640
[ 1781.331821]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1781.337359]  ? pcpu_alloc+0x190/0x15e0
[ 1781.341257]  ? find_held_lock+0x36/0x1c0
[ 1781.345322]  ? __lock_is_held+0xb5/0x140
[ 1781.349434]  ? input_match_device_id+0x6e8/0x7b0
[ 1781.354198]  ? __lockdep_init_map+0x105/0x590
[ 1781.358692]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1781.364145]  ? kobject_init+0x23d/0x2f0
[ 1781.368129]  __should_failslab+0x124/0x180
[ 1781.372366]  should_failslab+0x9/0x14
[ 1781.376229]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1781.381324]  ? find_next_bit+0x104/0x130
[ 1781.385387]  __kmalloc_node+0x3c/0x70
[ 1781.389190]  blk_mq_init_allocated_queue+0x227/0x1680
[ 1781.394379]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1781.399911]  ? blk_alloc_queue_node+0x988/0xe80
[ 1781.404578]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1781.409068]  ? __mutex_init+0x1f7/0x290
[ 1781.413059]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1781.418591]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1781.423357]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1781.428549]  blk_mq_init_queue+0x63/0xb0
[ 1781.432608]  loop_add+0x376/0xa40
[ 1781.436062]  ? loop_queue_rq+0x690/0x690
[ 1781.440133]  loop_control_ioctl+0x199/0x530
[ 1781.444450]  ? loop_add+0xa40/0xa40
[ 1781.448073]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1781.453531]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1781.458460]  ? loop_add+0xa40/0xa40
[ 1781.462086]  do_vfs_ioctl+0x1de/0x1790
[ 1781.465974]  ? ioctl_preallocate+0x300/0x300
[ 1781.470387]  ? selinux_file_mprotect+0x620/0x620
[ 1781.475154]  ? __sb_end_write+0xd9/0x110
[ 1781.479217]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1781.484753]  ? fput+0x130/0x1a0
[ 1781.488040]  ? do_syscall_64+0x9a/0x820
[ 1781.492026]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1781.497563]  ? security_file_ioctl+0x94/0xc0
[ 1781.501969]  ksys_ioctl+0xa9/0xd0
[ 1781.505428]  __x64_sys_ioctl+0x73/0xb0
[ 1781.509316]  do_syscall_64+0x1b9/0x820
[ 1781.513202]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1781.518562]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1781.523493]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1781.528338]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1781.533351]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1781.538369]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1781.543385]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1781.548228]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1781.553407] RIP: 0033:0x457669
[ 1781.556603] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1781.575497] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1781.583202] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1781.590464] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1781.597727] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1781.605002] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1781.612270] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:58 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x6b6b6b00}}, 0x20)

04:38:58 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c0d, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:58 executing program 4 (fault-call:20 fault-nth:30):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:58 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:38:58 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4b47, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:58 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0xffffffffffffffff}}, 0x20)

[ 1781.811176] FAULT_INJECTION: forcing a failure.
[ 1781.811176] name failslab, interval 1, probability 0, space 0, times 0
[ 1781.827809] CPU: 0 PID: 8988 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1781.835094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1781.844454] Call Trace:
[ 1781.847059]  dump_stack+0x244/0x39d
[ 1781.850691]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1781.855889]  should_fail.cold.4+0xa/0x17
[ 1781.859944]  ? blk_mq_realloc_hw_ctxs+0xfe/0x12a0
[ 1781.864793]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1781.869898]  ? mutex_trylock+0x2b0/0x2b0
[ 1781.873960]  ? find_held_lock+0x36/0x1c0
[ 1781.878031]  ? zap_class+0x640/0x640
[ 1781.881740]  ? is_bpf_text_address+0xac/0x170
[ 1781.886228]  ? lock_downgrade+0x900/0x900
[ 1781.890382]  ? check_preemption_disabled+0x48/0x280
[ 1781.895397]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1781.900324]  ? kasan_check_read+0x11/0x20
[ 1781.904472]  ? __lock_is_held+0xb5/0x140
[ 1781.908533]  ? retint_kernel+0x2d/0x2d
[ 1781.912420]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1781.917870]  ? __kernel_text_address+0xd/0x40
[ 1781.922369]  ? unwind_get_return_address+0x61/0xa0
[ 1781.927313]  __should_failslab+0x124/0x180
[ 1781.931570]  should_failslab+0x9/0x14
[ 1781.935370]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1781.940466]  ? retint_kernel+0x2d/0x2d
[ 1781.944364]  __kmalloc_node+0x3c/0x70
[ 1781.948170]  blk_mq_realloc_hw_ctxs+0x295/0x12a0
[ 1781.952935]  ? blk_mq_free_map_and_requests+0x160/0x160
[ 1781.958302]  ? __lock_is_held+0xb5/0x140
[ 1781.962363]  ? __kmalloc_node+0x3c/0x70
[ 1781.966333]  ? __kmalloc_node+0x3c/0x70
[ 1781.970307]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1781.975324]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1781.980606]  ? kasan_unpoison_shadow+0x35/0x50
[ 1781.985187]  ? kasan_kmalloc+0xc7/0xe0
[ 1781.989083]  blk_mq_init_allocated_queue+0x2bb/0x1680
[ 1781.994269]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1781.999805]  ? blk_alloc_queue_node+0x988/0xe80
[ 1782.004479]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1782.008975]  ? __mutex_init+0x1f7/0x290
[ 1782.012972]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1782.018507]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1782.023290]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1782.028484]  blk_mq_init_queue+0x63/0xb0
[ 1782.032542]  loop_add+0x376/0xa40
[ 1782.035998]  ? loop_queue_rq+0x690/0x690
[ 1782.040083]  loop_control_ioctl+0x199/0x530
[ 1782.044400]  ? loop_add+0xa40/0xa40
[ 1782.048035]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1782.053489]  ? loop_add+0xa40/0xa40
[ 1782.057113]  do_vfs_ioctl+0x1de/0x1790
[ 1782.061090]  ? ioctl_preallocate+0x300/0x300
[ 1782.065499]  ? selinux_file_mprotect+0x620/0x620
[ 1782.070253]  ? __sb_end_write+0xd9/0x110
[ 1782.074318]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1782.079856]  ? fput+0x130/0x1a0
[ 1782.083134]  ? do_syscall_64+0x9a/0x820
[ 1782.087108]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1782.092643]  ? security_file_ioctl+0x94/0xc0
[ 1782.097053]  ksys_ioctl+0xa9/0xd0
[ 1782.100515]  __x64_sys_ioctl+0x73/0xb0
[ 1782.104402]  do_syscall_64+0x1b9/0x820
[ 1782.108286]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1782.113647]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1782.118574]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1782.123416]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1782.128429]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1782.133462]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1782.138484]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1782.143347]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1782.148529] RIP: 0033:0x457669
[ 1782.151722] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1782.170616] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1782.178317] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1782.185580] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1782.192842] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1782.200106] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
04:38:58 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[], 0x0, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

[ 1782.207367] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:58 executing program 4 (fault-call:20 fault-nth:31):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:58 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c7d, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1782.315570] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1782.332854] FAT-fs (loop3): Filesystem has been set read-only
04:38:58 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0xffffffff00000000}}, 0x20)

04:38:58 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0xe000000000000000}}, 0x20)

04:38:58 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c13, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1782.363484] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1782.390935] FAULT_INJECTION: forcing a failure.
[ 1782.390935] name failslab, interval 1, probability 0, space 0, times 0
[ 1782.435544] CPU: 0 PID: 9011 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1782.442830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1782.452176] Call Trace:
[ 1782.454769]  dump_stack+0x244/0x39d
[ 1782.458405]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1782.463594]  ? find_held_lock+0x36/0x1c0
[ 1782.467661]  should_fail.cold.4+0xa/0x17
[ 1782.471722]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1782.476910]  ? mark_held_locks+0xc7/0x130
[ 1782.481065]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1782.485821]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1782.490403]  ? retint_kernel+0x2d/0x2d
[ 1782.494309]  ? zap_class+0x640/0x640
[ 1782.498021]  ? mark_held_locks+0xc7/0x130
[ 1782.502169]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1782.506934]  ? zap_class+0x640/0x640
[ 1782.510645]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1782.515223]  ? retint_kernel+0x2d/0x2d
[ 1782.519111]  ? __lock_is_held+0xb5/0x140
[ 1782.523220]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1782.528670]  ? blk_mq_realloc_hw_ctxs+0x590/0x12a0
[ 1782.533612]  __should_failslab+0x124/0x180
[ 1782.537846]  should_failslab+0x9/0x14
[ 1782.541646]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1782.546749]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1782.552297]  ? check_preemption_disabled+0x48/0x280
[ 1782.557331]  __kmalloc_node+0x3c/0x70
[ 1782.561133]  blk_mq_realloc_hw_ctxs+0x62c/0x12a0
[ 1782.565898]  ? blk_mq_free_map_and_requests+0x160/0x160
[ 1782.571266]  ? __lock_is_held+0xb5/0x140
[ 1782.575327]  ? __kmalloc_node+0x3c/0x70
[ 1782.579300]  ? __kmalloc_node+0x3c/0x70
[ 1782.583275]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1782.588289]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1782.593567]  ? kasan_unpoison_shadow+0x35/0x50
[ 1782.598145]  ? kasan_kmalloc+0xc7/0xe0
[ 1782.602042]  blk_mq_init_allocated_queue+0x2bb/0x1680
[ 1782.607232]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1782.612767]  ? blk_alloc_queue_node+0x988/0xe80
[ 1782.617434]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1782.621932]  ? __mutex_init+0x1f7/0x290
[ 1782.625927]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1782.631460]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1782.636228]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1782.641417]  blk_mq_init_queue+0x63/0xb0
[ 1782.645474]  loop_add+0x376/0xa40
[ 1782.648931]  ? loop_queue_rq+0x690/0x690
[ 1782.652995]  loop_control_ioctl+0x199/0x530
[ 1782.657314]  ? loop_add+0xa40/0xa40
[ 1782.660938]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1782.666388]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1782.671319]  ? loop_add+0xa40/0xa40
[ 1782.674946]  do_vfs_ioctl+0x1de/0x1790
[ 1782.678840]  ? ioctl_preallocate+0x300/0x300
[ 1782.683247]  ? selinux_file_mprotect+0x620/0x620
[ 1782.688010]  ? __sb_end_write+0xd9/0x110
[ 1782.692073]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1782.697605]  ? fput+0x130/0x1a0
[ 1782.700880]  ? do_syscall_64+0x9a/0x820
[ 1782.704863]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1782.710398]  ? security_file_ioctl+0x94/0xc0
[ 1782.714805]  ksys_ioctl+0xa9/0xd0
[ 1782.718260]  __x64_sys_ioctl+0x73/0xb0
[ 1782.722145]  do_syscall_64+0x1b9/0x820
[ 1782.726031]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1782.731396]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1782.736322]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1782.741161]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1782.746183]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1782.751215]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1782.756238]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1782.761083]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1782.766265] RIP: 0033:0x457669
04:38:59 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

[ 1782.769453] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1782.788432] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1782.796137] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1782.803405] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1782.810667] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1782.817935] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1782.825200] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:38:59 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c04, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:38:59 executing program 4 (fault-call:20 fault-nth:32):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:38:59 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0xe0}}, 0x20)

04:38:59 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c25, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1782.992785] FAULT_INJECTION: forcing a failure.
[ 1782.992785] name failslab, interval 1, probability 0, space 0, times 0
[ 1783.026133] CPU: 0 PID: 9026 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1783.033423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1783.042763] Call Trace:
[ 1783.045343]  dump_stack+0x244/0x39d
[ 1783.048958]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1783.054148]  ? rcu_softirq_qs+0x20/0x20
[ 1783.058114]  should_fail.cold.4+0xa/0x17
[ 1783.062163]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1783.067249]  ? print_usage_bug+0xc0/0xc0
[ 1783.071294]  ? kernel_text_address+0x79/0xf0
[ 1783.075683]  ? __kernel_text_address+0xd/0x40
[ 1783.080162]  ? __save_stack_trace+0x8d/0xf0
[ 1783.084462]  ? zap_class+0x640/0x640
[ 1783.088162]  ? mark_held_locks+0xc7/0x130
[ 1783.092304]  ? save_stack+0xa9/0xd0
[ 1783.095917]  ? __lock_is_held+0xb5/0x140
[ 1783.099967]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1783.105403]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1783.110146]  __should_failslab+0x124/0x180
[ 1783.114362]  should_failslab+0x9/0x14
[ 1783.118151]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1783.123253]  __kmalloc_node+0x3c/0x70
[ 1783.127041]  sbitmap_init_node+0x288/0x440
[ 1783.131263]  blk_mq_realloc_hw_ctxs+0x6a5/0x12a0
[ 1783.136006]  ? blk_mq_free_map_and_requests+0x160/0x160
[ 1783.141353]  ? __lock_is_held+0xb5/0x140
[ 1783.145399]  ? __kmalloc_node+0x3c/0x70
[ 1783.149356]  ? __kmalloc_node+0x3c/0x70
[ 1783.153313]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1783.158310]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1783.163568]  ? kasan_unpoison_shadow+0x35/0x50
[ 1783.168134]  ? kasan_kmalloc+0xc7/0xe0
[ 1783.172008]  blk_mq_init_allocated_queue+0x2bb/0x1680
[ 1783.177198]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1783.182739]  ? blk_alloc_queue_node+0x988/0xe80
[ 1783.187389]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1783.191873]  ? __mutex_init+0x1f7/0x290
[ 1783.195862]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1783.201378]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1783.206138]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1783.211321]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1783.216062]  blk_mq_init_queue+0x63/0xb0
[ 1783.220105]  loop_add+0x376/0xa40
[ 1783.223543]  ? loop_queue_rq+0x690/0x690
[ 1783.227601]  loop_control_ioctl+0x199/0x530
[ 1783.231915]  ? loop_add+0xa40/0xa40
[ 1783.235528]  ? do_vfs_ioctl+0xa5/0x1790
[ 1783.239482]  ? loop_add+0xa40/0xa40
[ 1783.243105]  do_vfs_ioctl+0x1de/0x1790
[ 1783.246980]  ? ioctl_preallocate+0x300/0x300
[ 1783.251374]  ? selinux_file_mprotect+0x620/0x620
[ 1783.256125]  ? __sb_end_write+0xd9/0x110
[ 1783.260171]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1783.265691]  ? fput+0x130/0x1a0
[ 1783.268955]  ? do_syscall_64+0x9a/0x820
[ 1783.272911]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1783.278450]  ? security_file_ioctl+0x94/0xc0
[ 1783.282839]  ksys_ioctl+0xa9/0xd0
[ 1783.286283]  __x64_sys_ioctl+0x73/0xb0
[ 1783.290153]  do_syscall_64+0x1b9/0x820
[ 1783.294024]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1783.299368]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1783.304277]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1783.309107]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1783.314110]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1783.319110]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1783.324112]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1783.328942]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1783.334110] RIP: 0033:0x457669
[ 1783.337290] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1783.356172] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1783.363863] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1783.371116] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1783.378366] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1783.385615] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
04:38:59 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x200000000000000}}, 0x20)

04:38:59 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x1, 0x0)
msgrcv(0x0, &(0x7f0000000000)={0x0, ""/69}, 0x230, 0x0, 0x0)

[ 1783.392865] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:00 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:00 executing program 4 (fault-call:20 fault-nth:33):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:00 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c35, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:00 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x6b6b6b00000000}}, 0x20)

04:39:00 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c67, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1783.647224] FAULT_INJECTION: forcing a failure.
[ 1783.647224] name failslab, interval 1, probability 0, space 0, times 0
[ 1783.672270] CPU: 0 PID: 9051 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1783.679560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1783.688908] Call Trace:
[ 1783.691497]  dump_stack+0x244/0x39d
[ 1783.695126]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1783.700318]  ? should_fail+0xaf1/0xd01
[ 1783.704212]  should_fail.cold.4+0xa/0x17
[ 1783.708274]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1783.713372]  ? rcu_softirq_qs+0x20/0x20
[ 1783.717340]  ? unwind_dump+0x190/0x190
[ 1783.721231]  ? is_bpf_text_address+0xd3/0x170
[ 1783.725722]  ? zap_class+0x640/0x640
[ 1783.729435]  ? __kernel_text_address+0xd/0x40
[ 1783.733945]  ? unwind_get_return_address+0x61/0xa0
[ 1783.738888]  ? __save_stack_trace+0x8d/0xf0
[ 1783.743300]  ? __lock_is_held+0xb5/0x140
[ 1783.747362]  ? kasan_kmalloc+0xc7/0xe0
[ 1783.751249]  ? loop_add+0x376/0xa40
[ 1783.754871]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1783.760317]  ? __x64_sys_ioctl+0x73/0xb0
[ 1783.764372]  ? do_syscall_64+0x1b9/0x820
[ 1783.768428]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1783.773789]  ? zap_class+0x640/0x640
[ 1783.777510]  __should_failslab+0x124/0x180
[ 1783.781768]  should_failslab+0x9/0x14
[ 1783.785570]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1783.790668]  ? __lock_is_held+0xb5/0x140
[ 1783.794733]  blk_alloc_flush_queue+0x120/0x460
[ 1783.799307]  ? __kmalloc_node+0x3c/0x70
[ 1783.803277]  ? blk_insert_flush+0xb00/0xb00
[ 1783.807839]  ? kasan_unpoison_shadow+0x35/0x50
[ 1783.812421]  ? kasan_kmalloc+0xc7/0xe0
[ 1783.816308]  ? __lockdep_init_map+0x105/0x590
[ 1783.820817]  blk_mq_realloc_hw_ctxs+0x8c2/0x12a0
[ 1783.825583]  ? blk_mq_free_map_and_requests+0x160/0x160
[ 1783.830947]  ? __lock_is_held+0xb5/0x140
[ 1783.835009]  ? __kmalloc_node+0x3c/0x70
[ 1783.838977]  ? __kmalloc_node+0x3c/0x70
[ 1783.842950]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1783.847969]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1783.853246]  ? kasan_unpoison_shadow+0x35/0x50
[ 1783.857830]  ? kasan_kmalloc+0xc7/0xe0
[ 1783.861721]  blk_mq_init_allocated_queue+0x2bb/0x1680
[ 1783.866911]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1783.872442]  ? blk_alloc_queue_node+0x988/0xe80
[ 1783.877109]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1783.881599]  ? __mutex_init+0x1f7/0x290
[ 1783.885587]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1783.891119]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1783.895885]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1783.901079]  blk_mq_init_queue+0x63/0xb0
[ 1783.905136]  loop_add+0x376/0xa40
[ 1783.908586]  ? loop_queue_rq+0x690/0x690
[ 1783.912653]  loop_control_ioctl+0x199/0x530
[ 1783.916973]  ? loop_add+0xa40/0xa40
[ 1783.920595]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1783.926045]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1783.930976]  ? loop_add+0xa40/0xa40
[ 1783.934599]  do_vfs_ioctl+0x1de/0x1790
[ 1783.938488]  ? ioctl_preallocate+0x300/0x300
[ 1783.942895]  ? selinux_file_mprotect+0x620/0x620
[ 1783.947650]  ? __sb_end_write+0xd9/0x110
[ 1783.951713]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1783.957268]  ? fput+0x130/0x1a0
[ 1783.960547]  ? do_syscall_64+0x9a/0x820
[ 1783.964523]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1783.970056]  ? security_file_ioctl+0x94/0xc0
[ 1783.974464]  ksys_ioctl+0xa9/0xd0
[ 1783.977918]  __x64_sys_ioctl+0x73/0xb0
[ 1783.981807]  do_syscall_64+0x1b9/0x820
[ 1783.985687]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1783.991049]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1783.995981]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1784.000827]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1784.005855]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1784.010885]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1784.015902]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1784.020745]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1784.025925] RIP: 0033:0x457669
[ 1784.029113] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1784.048024] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1784.055726] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1784.062987] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1784.070247] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1784.077511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1784.084771] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:00 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c73, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:00 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:00 executing program 4 (fault-call:20 fault-nth:34):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:00 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
msgsnd(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="03"], 0x1, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)

04:39:00 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x400300}}, 0x20)

04:39:00 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c76, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1784.294341] FAULT_INJECTION: forcing a failure.
[ 1784.294341] name failslab, interval 1, probability 0, space 0, times 0
[ 1784.346023] CPU: 0 PID: 9070 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1784.353336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1784.362696] Call Trace:
[ 1784.365295]  dump_stack+0x244/0x39d
[ 1784.368934]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1784.374130]  ? is_bpf_text_address+0xd3/0x170
[ 1784.378636]  should_fail.cold.4+0xa/0x17
[ 1784.382696]  ? __save_stack_trace+0x8d/0xf0
[ 1784.387032]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1784.392151]  ? save_stack+0xa9/0xd0
[ 1784.395787]  ? zap_class+0x640/0x640
[ 1784.399510]  ? kmem_cache_alloc_node_trace+0x14c/0x740
[ 1784.404793]  ? blk_alloc_flush_queue+0x120/0x460
[ 1784.409546]  ? blk_mq_realloc_hw_ctxs+0x8c2/0x12a0
[ 1784.414476]  ? blk_mq_init_allocated_queue+0x2bb/0x1680
[ 1784.419837]  ? blk_mq_init_queue+0x63/0xb0
[ 1784.424069]  ? loop_add+0x376/0xa40
[ 1784.427691]  ? loop_control_ioctl+0x199/0x530
[ 1784.432184]  ? do_vfs_ioctl+0x1de/0x1790
[ 1784.436244]  ? ksys_ioctl+0xa9/0xd0
[ 1784.439872]  ? __x64_sys_ioctl+0x73/0xb0
[ 1784.443932]  ? do_syscall_64+0x1b9/0x820
[ 1784.447997]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1784.453369]  ? __save_stack_trace+0x8d/0xf0
[ 1784.457700]  ? __lock_is_held+0xb5/0x140
[ 1784.461787]  ? check_preemption_disabled+0x48/0x280
[ 1784.466806]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1784.472272]  __should_failslab+0x124/0x180
[ 1784.476512]  should_failslab+0x9/0x14
[ 1784.480310]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1784.485411]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1784.490431]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1784.495717]  __kmalloc_node+0x3c/0x70
[ 1784.499519]  blk_alloc_flush_queue+0x1e5/0x460
[ 1784.504198]  ? __kmalloc_node+0x3c/0x70
[ 1784.508179]  ? blk_insert_flush+0xb00/0xb00
[ 1784.512509]  ? kasan_unpoison_shadow+0x35/0x50
[ 1784.517111]  ? kasan_kmalloc+0xc7/0xe0
[ 1784.521008]  ? __lockdep_init_map+0x105/0x590
[ 1784.525520]  blk_mq_realloc_hw_ctxs+0x8c2/0x12a0
[ 1784.530288]  ? blk_mq_free_map_and_requests+0x160/0x160
[ 1784.535652]  ? __lock_is_held+0xb5/0x140
[ 1784.539718]  ? __kmalloc_node+0x3c/0x70
[ 1784.543700]  ? __kmalloc_node+0x3c/0x70
[ 1784.547677]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1784.552699]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1784.558000]  ? kasan_unpoison_shadow+0x35/0x50
[ 1784.562600]  ? kasan_kmalloc+0xc7/0xe0
[ 1784.566509]  blk_mq_init_allocated_queue+0x2bb/0x1680
[ 1784.571701]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1784.577237]  ? blk_alloc_queue_node+0x988/0xe80
[ 1784.581906]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1784.586399]  ? __mutex_init+0x1f7/0x290
[ 1784.590390]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1784.596008]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1784.600803]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1784.605994]  blk_mq_init_queue+0x63/0xb0
[ 1784.610058]  loop_add+0x376/0xa40
[ 1784.613508]  ? loop_queue_rq+0x690/0x690
[ 1784.617574]  loop_control_ioctl+0x199/0x530
[ 1784.621890]  ? loop_add+0xa40/0xa40
[ 1784.625514]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1784.630957]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1784.635534]  ? retint_kernel+0x2d/0x2d
[ 1784.639417]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1784.644345]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1784.649538]  ? loop_add+0xa40/0xa40
[ 1784.653164]  do_vfs_ioctl+0x1de/0x1790
[ 1784.657057]  ? ioctl_preallocate+0x300/0x300
[ 1784.661469]  ? selinux_file_mprotect+0x620/0x620
[ 1784.666231]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1784.671771]  ? fput+0x130/0x1a0
[ 1784.675047]  ? do_syscall_64+0x9a/0x820
[ 1784.679027]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1784.684557]  ? security_file_ioctl+0x94/0xc0
[ 1784.688984]  ksys_ioctl+0xa9/0xd0
[ 1784.692445]  __x64_sys_ioctl+0x73/0xb0
[ 1784.696332]  do_syscall_64+0x1b9/0x820
[ 1784.700220]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1784.705580]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1784.710503]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1784.715348]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1784.720362]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1784.725379]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1784.730397]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1784.735244]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1784.740426] RIP: 0033:0x457669
[ 1784.743617] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1784.762509] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1784.770216] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1784.777482] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1784.784751] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
04:39:01 executing program 0:

04:39:01 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c34, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1784.792017] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1784.799282] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:01 executing program 0:

04:39:01 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:01 executing program 4 (fault-call:20 fault-nth:35):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:01 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x1000000}}, 0x20)

04:39:01 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c7a, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:01 executing program 0:

[ 1785.022613] FAULT_INJECTION: forcing a failure.
[ 1785.022613] name failslab, interval 1, probability 0, space 0, times 0
04:39:01 executing program 0:

[ 1785.074505] CPU: 0 PID: 9094 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1785.081803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1785.091152] Call Trace:
[ 1785.093743]  dump_stack+0x244/0x39d
[ 1785.097392]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1785.102599]  should_fail.cold.4+0xa/0x17
[ 1785.106665]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1785.111766]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.116610]  ? __bpf_trace_preemptirq_template+0x30/0x30
04:39:01 executing program 0:

[ 1785.122064]  ? print_usage_bug+0xc0/0xc0
[ 1785.126125]  ? zap_class+0x640/0x640
[ 1785.129835]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.134595]  ? retint_kernel+0x2d/0x2d
[ 1785.138492]  ? __lock_is_held+0xb5/0x140
[ 1785.142571]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1785.148205]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1785.153682]  __should_failslab+0x124/0x180
[ 1785.157929]  should_failslab+0x9/0x14
[ 1785.161733]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1785.166838]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
04:39:01 executing program 0:

[ 1785.172373]  ? find_next_bit+0x104/0x130
[ 1785.176457]  blk_mq_init_tags+0x79/0x2b0
[ 1785.180519]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1785.184837]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1785.190372]  blk_mq_init_sched+0x21d/0x770
[ 1785.194619]  elevator_init_mq+0xd7/0x160
[ 1785.198684]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1785.203982]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1785.208474]  ? __mutex_init+0x1f7/0x290
[ 1785.212470]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1785.218005]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
04:39:01 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x100000003)
ioctl(r0, 0x1000008912, &(0x7f0000000180)="0a5c2d023c126285718070")
r1 = socket$inet(0x2, 0x3, 0x19)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)

[ 1785.222774]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1785.227971]  blk_mq_init_queue+0x63/0xb0
[ 1785.232030]  loop_add+0x376/0xa40
[ 1785.235483]  ? loop_queue_rq+0x690/0x690
[ 1785.239555]  loop_control_ioctl+0x199/0x530
[ 1785.243887]  ? loop_add+0xa40/0xa40
[ 1785.247527]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1785.252985]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.257744]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1785.262324]  ? retint_kernel+0x2d/0x2d
[ 1785.266215]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1785.271147]  ? loop_add+0xa40/0xa40
04:39:01 executing program 0:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8003, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$FUSE_GETXATTR(r0, 0x0, 0x0)
fallocate(r0, 0x3, 0x0, 0xfff9)

[ 1785.274780]  do_vfs_ioctl+0x1de/0x1790
[ 1785.278676]  ? ioctl_preallocate+0x300/0x300
[ 1785.283101]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1785.287863]  ? retint_kernel+0x2d/0x2d
[ 1785.291758]  ? security_file_ioctl+0x76/0xc0
[ 1785.296182]  ? security_file_ioctl+0x87/0xc0
[ 1785.300593]  ? security_file_ioctl+0x94/0xc0
[ 1785.305006]  ksys_ioctl+0xa9/0xd0
[ 1785.308479]  __x64_sys_ioctl+0x73/0xb0
[ 1785.312373]  do_syscall_64+0x1b9/0x820
[ 1785.316266]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1785.321634]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1785.326562]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1785.331407]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1785.336425]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1785.341445]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1785.346461]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1785.351295]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1785.356468] RIP: 0033:0x457669
[ 1785.359649] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1785.378533] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1785.386223] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1785.393474] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1785.400726] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1785.407979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1785.415230] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:02 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c5b, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:02 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x10000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

04:39:02 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:02 executing program 4 (fault-call:20 fault-nth:36):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:02 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x2000000}}, 0x20)

04:39:02 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c53, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:02 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x10000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

04:39:02 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c5d, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:02 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c11, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1785.694789] FAULT_INJECTION: forcing a failure.
[ 1785.694789] name failslab, interval 1, probability 0, space 0, times 0
[ 1785.715178] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1785.731294] FAT-fs (loop3): Filesystem has been set read-only
04:39:02 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x34000}}, 0x20)

04:39:02 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x10000000, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

[ 1785.749110] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1785.750258] CPU: 0 PID: 9130 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1785.763486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1785.772919] Call Trace:
[ 1785.775509]  dump_stack+0x244/0x39d
[ 1785.779142]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1785.784357]  should_fail.cold.4+0xa/0x17
[ 1785.788425]  ? check_preemption_disabled+0x48/0x280
[ 1785.793444]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1785.798534]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1785.803449]  ? kasan_check_read+0x11/0x20
[ 1785.807832]  ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170
[ 1785.813093]  ? rcu_softirq_qs+0x20/0x20
[ 1785.817062]  ? unwind_dump+0x190/0x190
[ 1785.820937]  ? zap_class+0x640/0x640
[ 1785.824654]  ? is_bpf_text_address+0xd3/0x170
[ 1785.829132]  ? find_held_lock+0x36/0x1c0
[ 1785.833176]  ? __lock_is_held+0xb5/0x140
[ 1785.837224]  ? save_stack+0xa9/0xd0
[ 1785.840831]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1785.846273]  ? save_stack+0x43/0xd0
[ 1785.849890]  ? kasan_kmalloc+0xc7/0xe0
[ 1785.853762]  ? kmem_cache_alloc_node_trace+0x14c/0x740
[ 1785.859022]  ? blk_mq_init_tags+0x79/0x2b0
[ 1785.863256]  ? elevator_init_mq+0xd7/0x160
[ 1785.867472]  ? blk_mq_init_allocated_queue+0x1074/0x1680
[ 1785.872924]  __should_failslab+0x124/0x180
[ 1785.877154]  should_failslab+0x9/0x14
[ 1785.880938]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1785.886027]  __kmalloc_node+0x3c/0x70
[ 1785.889812]  sbitmap_init_node+0x288/0x440
[ 1785.894042]  sbitmap_queue_init_node+0xb2/0x850
[ 1785.898690]  ? __lock_is_held+0xb5/0x140
[ 1785.902756]  ? sbitmap_init_node+0x440/0x440
[ 1785.907153]  ? blk_mq_init_tags+0x79/0x2b0
[ 1785.911369]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1785.916365]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1785.921622]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1785.927153]  ? find_next_bit+0x104/0x130
[ 1785.931197]  blk_mq_init_tags+0x116/0x2b0
[ 1785.935332]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1785.939642]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1785.945161]  blk_mq_init_sched+0x21d/0x770
[ 1785.949383]  elevator_init_mq+0xd7/0x160
[ 1785.953440]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1785.958705]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1785.963519]  ? __mutex_init+0x1f7/0x290
[ 1785.967504]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1785.973022]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1785.977769]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1785.982944]  blk_mq_init_queue+0x63/0xb0
[ 1785.986987]  loop_add+0x376/0xa40
[ 1785.990424]  ? loop_queue_rq+0x690/0x690
[ 1785.994473]  loop_control_ioctl+0x199/0x530
[ 1785.998773]  ? loop_add+0xa40/0xa40
[ 1786.002379]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1786.007813]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1786.012729]  ? loop_add+0xa40/0xa40
[ 1786.016342]  do_vfs_ioctl+0x1de/0x1790
[ 1786.020227]  ? ioctl_preallocate+0x300/0x300
[ 1786.024844]  ? selinux_file_mprotect+0x620/0x620
[ 1786.029592]  ? __fdget_pos+0x1bb/0x200
[ 1786.033481]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1786.038998]  ? fput+0x130/0x1a0
[ 1786.042271]  ? do_syscall_64+0x9a/0x820
[ 1786.046233]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1786.051752]  ? security_file_ioctl+0x94/0xc0
[ 1786.056155]  ksys_ioctl+0xa9/0xd0
[ 1786.059597]  __x64_sys_ioctl+0x73/0xb0
[ 1786.063473]  do_syscall_64+0x1b9/0x820
[ 1786.067341]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1786.072690]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1786.077601]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1786.082434]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1786.087448]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1786.092445]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1786.097443]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1786.102274]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1786.107450] RIP: 0033:0x457669
[ 1786.110630] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1786.129510] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1786.137198] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1786.144446] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1786.151696] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1786.158954] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1786.166202] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:02 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x2}}, 0x20)

04:39:02 executing program 4 (fault-call:20 fault-nth:37):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:02 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c71, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:02 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000180))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:02 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c23, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:02 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x8}}, 0x20)

[ 1786.428852] FAULT_INJECTION: forcing a failure.
[ 1786.428852] name failslab, interval 1, probability 0, space 0, times 0
[ 1786.445515] CPU: 1 PID: 9161 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1786.452803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1786.462146] Call Trace:
[ 1786.464722]  dump_stack+0x244/0x39d
[ 1786.468341]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1786.468363]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.468384]  should_fail.cold.4+0xa/0x17
[ 1786.468400]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1786.478321]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1786.478340]  ? zap_class+0x640/0x640
[ 1786.478368]  ? find_held_lock+0x36/0x1c0
[ 1786.478384]  ? __lock_is_held+0xb5/0x140
[ 1786.478410]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1786.510318]  ? __kmalloc_node+0x3c/0x70
[ 1786.514276]  ? __kmalloc_node+0x3c/0x70
[ 1786.518237]  __should_failslab+0x124/0x180
[ 1786.522468]  should_failslab+0x9/0x14
[ 1786.526258]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1786.531343]  ? check_preemption_disabled+0x48/0x280
[ 1786.536347]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1786.541344]  ? find_next_bit+0x104/0x130
[ 1786.545396]  sbitmap_queue_init_node+0x34d/0x850
[ 1786.550129]  ? __lock_is_held+0xb5/0x140
[ 1786.554173]  ? sbitmap_init_node+0x440/0x440
[ 1786.558560]  ? blk_mq_init_tags+0x79/0x2b0
[ 1786.562780]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1786.567788]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1786.573046]  ? find_next_bit+0x104/0x130
[ 1786.577094]  blk_mq_init_tags+0x116/0x2b0
[ 1786.581223]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1786.585534]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1786.591052]  blk_mq_init_sched+0x21d/0x770
[ 1786.595276]  elevator_init_mq+0xd7/0x160
[ 1786.599322]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1786.604594]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1786.609080]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.613830]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1786.618394]  ? retint_kernel+0x2d/0x2d
[ 1786.622263]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1786.627176]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.631912]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1786.637353]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1786.642093]  ? retint_kernel+0x2d/0x2d
[ 1786.645967]  blk_mq_init_queue+0x63/0xb0
[ 1786.650007]  loop_add+0x376/0xa40
[ 1786.653443]  ? loop_queue_rq+0x690/0x690
[ 1786.657494]  loop_control_ioctl+0x199/0x530
[ 1786.661806]  ? loop_add+0xa40/0xa40
[ 1786.665415]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1786.670851]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1786.675763]  ? loop_add+0xa40/0xa40
[ 1786.679372]  do_vfs_ioctl+0x1de/0x1790
[ 1786.683242]  ? ioctl_preallocate+0x300/0x300
[ 1786.687638]  ? selinux_file_mprotect+0x620/0x620
[ 1786.692377]  ? __sb_end_write+0xd9/0x110
[ 1786.696441]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1786.701961]  ? fput+0x130/0x1a0
[ 1786.705221]  ? do_syscall_64+0x9a/0x820
[ 1786.709179]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1786.714694]  ? security_file_ioctl+0x94/0xc0
[ 1786.719086]  ksys_ioctl+0xa9/0xd0
[ 1786.722522]  __x64_sys_ioctl+0x73/0xb0
[ 1786.726391]  do_syscall_64+0x1b9/0x820
[ 1786.730260]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1786.735608]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1786.740517]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1786.745361]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1786.750358]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1786.755369]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1786.760379]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1786.765204]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1786.770383] RIP: 0033:0x457669
[ 1786.773559] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1786.792446] RSP: 002b:00007f7c8bd2ec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1786.800136] RAX: ffffffffffffffda RBX: 00007f7c8bd2ec90 RCX: 0000000000457669
[ 1786.807386] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1786.814637] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
[ 1786.821892] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd2f6d4
[ 1786.829143] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:03 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c81, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x10}}, 0x20)

04:39:03 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c0d, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000180))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:03 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x40086602, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 0:
add_key(&(0x7f0000000140)='big_key\x00', &(0x7f0000003700)={'syz'}, 0x0, 0x0, 0xffffffffffffffff)

04:39:03 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x8000000}}, 0x20)

04:39:03 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c73, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000180))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:03 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c5d, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 4 (fault-call:20 fault-nth:38):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:03 executing program 0:
r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$setperm(0x5, r0, 0x0)

04:39:03 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x10000000}}, 0x20)

04:39:03 executing program 0:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c57, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c48, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c7a, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:03 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:03 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x6b6b6b00}}, 0x20)

[ 1787.370725] FAULT_INJECTION: forcing a failure.
[ 1787.370725] name failslab, interval 1, probability 0, space 0, times 0
[ 1787.404315] CPU: 0 PID: 9212 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1787.411610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1787.420946] Call Trace:
[ 1787.423528]  dump_stack+0x244/0x39d
[ 1787.427139]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1787.432313]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1787.437052]  should_fail.cold.4+0xa/0x17
[ 1787.441108]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1787.446195]  ? pcpu_alloc+0x75b/0x15e0
[ 1787.450079]  ? __sanitizer_cov_trace_pc+0x26/0x50
[ 1787.454918]  ? zap_class+0x640/0x640
[ 1787.458635]  ? find_held_lock+0x36/0x1c0
[ 1787.462681]  ? __lock_is_held+0xb5/0x140
[ 1787.466747]  ? raid_ctr+0x57d8/0xb145
[ 1787.470541]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1787.475976]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1787.480713]  __should_failslab+0x124/0x180
[ 1787.484947]  should_failslab+0x9/0x14
[ 1787.488729]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1787.493819]  sbitmap_queue_init_node+0x34d/0x850
[ 1787.498561]  ? __lock_is_held+0xb5/0x140
[ 1787.502607]  ? sbitmap_init_node+0x440/0x440
[ 1787.507021]  ? blk_mq_init_tags+0x79/0x2b0
[ 1787.511258]  ? rcu_read_lock_sched_held+0x14f/0x180
[ 1787.516254]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1787.521518]  ? find_next_bit+0x104/0x130
[ 1787.525563]  blk_mq_init_tags+0x177/0x2b0
[ 1787.529696]  blk_mq_alloc_rq_map+0x9f/0x220
[ 1787.534000]  blk_mq_init_sched+0x21d/0x770
[ 1787.538310]  elevator_init_mq+0xd7/0x160
[ 1787.542354]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1787.547621]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1787.552098]  ? __mutex_init+0x1f7/0x290
[ 1787.556070]  ? blk_mq_alloc_tag_set+0x633/0xad0
[ 1787.560729]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1787.566012]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1787.570753]  blk_mq_init_queue+0x63/0xb0
[ 1787.574801]  loop_add+0x376/0xa40
[ 1787.578248]  ? loop_queue_rq+0x690/0x690
[ 1787.582296]  loop_control_ioctl+0x199/0x530
[ 1787.586599]  ? loop_add+0xa40/0xa40
[ 1787.590228]  ? retint_kernel+0x2d/0x2d
[ 1787.594105]  ? loop_add+0xa40/0xa40
[ 1787.597713]  do_vfs_ioctl+0x1de/0x1790
[ 1787.601591]  ? ioctl_preallocate+0x300/0x300
[ 1787.606103]  ? selinux_file_mprotect+0x620/0x620
[ 1787.610846]  ? __sb_end_write+0xd9/0x110
[ 1787.614916]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1787.620431]  ? fput+0x130/0x1a0
[ 1787.623690]  ? do_syscall_64+0x9a/0x820
[ 1787.627664]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1787.633180]  ? security_file_ioctl+0x94/0xc0
[ 1787.637570]  ksys_ioctl+0xa9/0xd0
[ 1787.641007]  __x64_sys_ioctl+0x73/0xb0
[ 1787.644893]  do_syscall_64+0x1b9/0x820
[ 1787.648763]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1787.654106]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1787.659014]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1787.663840]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1787.668848]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1787.673932]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1787.679449]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1787.684450]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1787.689276]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1787.694443] RIP: 0033:0x457669
[ 1787.697633] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1787.716513] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1787.724198] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1787.731457] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1787.738716] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1787.745967] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1787.753305] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:04 executing program 4 (fault-call:20 fault-nth:39):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:04 executing program 0:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270ff", 0x15}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000001e00)='./bus\x00')
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x8080fffffffe)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:04 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x8000000}}, 0x20)

04:39:04 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x34000}}, 0x20)

04:39:04 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c68, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:04 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c1e, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1787.932310] FAULT_INJECTION: forcing a failure.
[ 1787.932310] name failslab, interval 1, probability 0, space 0, times 0
[ 1787.960302] CPU: 0 PID: 9236 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1787.967588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1787.976933] Call Trace:
[ 1787.979509]  dump_stack+0x244/0x39d
[ 1787.983120]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1787.988293]  ? blk_mq_init_sched+0x21d/0x770
[ 1787.992682]  ? elevator_init_mq+0xd7/0x160
[ 1787.996899]  ? blk_mq_init_allocated_queue+0x1074/0x1680
[ 1788.002339]  ? blk_mq_init_queue+0x63/0xb0
[ 1788.006570]  ? loop_control_ioctl+0x199/0x530
[ 1788.011054]  should_fail.cold.4+0xa/0x17
[ 1788.015097]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1788.020183]  ? zap_class+0x640/0x640
[ 1788.023882]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1788.029416]  ? check_preemption_disabled+0x48/0x280
[ 1788.034416]  ? zap_class+0x640/0x640
[ 1788.038115]  ? mark_held_locks+0xc7/0x130
[ 1788.042247]  ? __lock_is_held+0xb5/0x140
[ 1788.046300]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1788.051740]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1788.056486]  __should_failslab+0x124/0x180
[ 1788.060704]  should_failslab+0x9/0x14
[ 1788.064490]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1788.069572]  ? blk_mq_init_tags+0x183/0x2b0
[ 1788.073881]  __kmalloc_node+0x3c/0x70
[ 1788.077664]  blk_mq_alloc_rq_map+0xcc/0x220
[ 1788.081977]  blk_mq_init_sched+0x21d/0x770
[ 1788.086211]  elevator_init_mq+0xd7/0x160
[ 1788.090260]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1788.095539]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1788.100012]  ? __mutex_init+0x1f7/0x290
[ 1788.103990]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1788.109505]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1788.114249]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1788.119424]  blk_mq_init_queue+0x63/0xb0
[ 1788.123471]  loop_add+0x376/0xa40
[ 1788.126906]  ? loop_queue_rq+0x690/0x690
[ 1788.130964]  loop_control_ioctl+0x199/0x530
[ 1788.135265]  ? loop_add+0xa40/0xa40
[ 1788.138875]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1788.144310]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1788.149221]  ? loop_add+0xa40/0xa40
[ 1788.152829]  do_vfs_ioctl+0x1de/0x1790
[ 1788.156703]  ? ioctl_preallocate+0x300/0x300
[ 1788.161098]  ? selinux_file_mprotect+0x620/0x620
[ 1788.165851]  ? __sb_end_write+0xd9/0x110
[ 1788.169894]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1788.175422]  ? fput+0x130/0x1a0
[ 1788.178681]  ? do_syscall_64+0x9a/0x820
[ 1788.182657]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1788.188175]  ? security_file_ioctl+0x94/0xc0
[ 1788.192564]  ksys_ioctl+0xa9/0xd0
[ 1788.196013]  __x64_sys_ioctl+0x73/0xb0
[ 1788.199882]  do_syscall_64+0x1b9/0x820
[ 1788.203749]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1788.209107]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1788.214020]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1788.218861]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1788.223859]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1788.228860]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1788.233864]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1788.238695]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1788.243870] RIP: 0033:0x457669
[ 1788.247043] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1788.265936] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1788.273627] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
04:39:04 executing program 0:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c50, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1788.280878] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1788.288144] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1788.295396] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1788.302644] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:04 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:04 executing program 4 (fault-call:20 fault-nth:40):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:05 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x2}}, 0x20)

04:39:05 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c1c, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:05 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c2c, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1788.483288] FAULT_INJECTION: forcing a failure.
[ 1788.483288] name failslab, interval 1, probability 0, space 0, times 0
[ 1788.506107] CPU: 0 PID: 9256 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1788.513404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1788.522763] Call Trace:
[ 1788.525360]  dump_stack+0x244/0x39d
[ 1788.529008]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1788.534200]  ? should_fail+0x1a8/0xd01
[ 1788.538090]  should_fail.cold.4+0xa/0x17
[ 1788.542152]  ? kernel_text_address+0x79/0xf0
[ 1788.546560]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1788.551665]  ? unwind_get_return_address+0x61/0xa0
[ 1788.556599]  ? __save_stack_trace+0x8d/0xf0
[ 1788.560928]  ? zap_class+0x640/0x640
[ 1788.564640]  ? save_stack+0xa9/0xd0
[ 1788.568266]  ? save_stack+0x43/0xd0
[ 1788.571888]  ? kasan_kmalloc+0xc7/0xe0
[ 1788.575772]  ? __kmalloc_node+0x50/0x70
[ 1788.579740]  ? blk_mq_alloc_rq_map+0xcc/0x220
[ 1788.584232]  ? blk_mq_init_sched+0x21d/0x770
[ 1788.588636]  ? elevator_init_mq+0xd7/0x160
[ 1788.592873]  ? blk_mq_init_allocated_queue+0x1074/0x1680
[ 1788.598328]  ? __lock_is_held+0xb5/0x140
[ 1788.602395]  ? check_preemption_disabled+0x48/0x280
[ 1788.607424]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1788.612878]  ? __lock_is_held+0xb5/0x140
[ 1788.616946]  __should_failslab+0x124/0x180
[ 1788.621179]  should_failslab+0x9/0x14
[ 1788.624979]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1788.630081]  ? kasan_unpoison_shadow+0x35/0x50
[ 1788.634669]  __kmalloc_node+0x3c/0x70
[ 1788.638477]  blk_mq_alloc_rq_map+0x10d/0x220
[ 1788.642886]  blk_mq_init_sched+0x21d/0x770
[ 1788.647129]  elevator_init_mq+0xd7/0x160
[ 1788.651187]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1788.656470]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1788.660964]  ? __mutex_init+0x1f7/0x290
[ 1788.664965]  ? blk_mq_alloc_tag_set+0x79d/0xad0
[ 1788.669647]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1788.674873]  blk_mq_init_queue+0x63/0xb0
[ 1788.678931]  loop_add+0x376/0xa40
[ 1788.682382]  ? loop_queue_rq+0x690/0x690
[ 1788.686459]  loop_control_ioctl+0x199/0x530
[ 1788.690865]  ? loop_add+0xa40/0xa40
[ 1788.694489]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1788.699939]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1788.704870]  ? loop_add+0xa40/0xa40
[ 1788.708498]  do_vfs_ioctl+0x1de/0x1790
[ 1788.712582]  ? ioctl_preallocate+0x300/0x300
[ 1788.716999]  ? selinux_file_mprotect+0x620/0x620
[ 1788.721756]  ? __sb_end_write+0xd9/0x110
[ 1788.725819]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1788.731350]  ? fput+0x130/0x1a0
[ 1788.734627]  ? do_syscall_64+0x9a/0x820
[ 1788.738605]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1788.744134]  ? security_file_ioctl+0x94/0xc0
[ 1788.748542]  ksys_ioctl+0xa9/0xd0
[ 1788.751993]  __x64_sys_ioctl+0x73/0xb0
[ 1788.755880]  do_syscall_64+0x1b9/0x820
[ 1788.759762]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1788.765125]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1788.770051]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1788.774891]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1788.779902]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1788.784915]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1788.789932]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1788.794797]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1788.799977] RIP: 0033:0x457669
[ 1788.803165] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1788.822059] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1788.829762] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1788.837025] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1788.844288] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1788.851553] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1788.858818] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:05 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={<r1=>0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
r2 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
r3 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)
connect$bt_l2cap(r3, &(0x7f0000000200)={0x1f, 0x9, {0x400, 0x1580000000000000, 0x8, 0x100000000, 0x904, 0x9}, 0xfff, 0x4}, 0xe)
ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000180))
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={r1, 0x1, 0x9}, 0x8)

04:39:05 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x5460, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:05 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x8}}, 0x20)

04:39:05 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:05 executing program 4 (fault-call:20 fault-nth:41):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:05 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={<r1=>0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
r2 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
r3 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)
connect$bt_l2cap(r3, &(0x7f0000000200)={0x1f, 0x9, {0x400, 0x1580000000000000, 0x8, 0x100000000, 0x904, 0x9}, 0xfff, 0x4}, 0xe)
ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000180))
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={r1, 0x1, 0x9}, 0x8)

04:39:05 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c79, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:05 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4020940d, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:05 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x6b6b6b00000000}}, 0x20)

04:39:05 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={<r1=>0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
r2 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
r3 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)
connect$bt_l2cap(r3, &(0x7f0000000200)={0x1f, 0x9, {0x400, 0x1580000000000000, 0x8, 0x100000000, 0x904, 0x9}, 0xfff, 0x4}, 0xe)
ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000180))
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={r1, 0x1, 0x9}, 0x8)

[ 1789.094861] FAULT_INJECTION: forcing a failure.
[ 1789.094861] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1789.131999] CPU: 0 PID: 9285 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1789.139302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1789.148653] Call Trace:
[ 1789.151237]  dump_stack+0x244/0x39d
[ 1789.154871]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1789.160064]  ? rcu_read_unlock_special+0x1c0/0x1c0
[ 1789.165007]  should_fail.cold.4+0xa/0x17
[ 1789.169069]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1789.174177]  ? zap_class+0x640/0x640
[ 1789.177890]  ? find_held_lock+0x36/0x1c0
[ 1789.181961]  ? is_bpf_text_address+0xac/0x170
[ 1789.186458]  ? __lock_is_held+0xb5/0x140
[ 1789.190521]  ? rcu_softirq_qs+0x20/0x20
[ 1789.194496]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1789.199949]  ? is_bpf_text_address+0xd3/0x170
[ 1789.204445]  ? __might_sleep+0x95/0x190
[ 1789.208459]  __alloc_pages_nodemask+0x366/0xea0
[ 1789.213131]  ? __alloc_pages_slowpath+0x2de0/0x2de0
[ 1789.218150]  ? save_stack+0xa9/0xd0
[ 1789.221773]  ? save_stack+0x43/0xd0
[ 1789.225395]  ? kasan_kmalloc+0xc7/0xe0
[ 1789.229278]  ? __kmalloc_node+0x50/0x70
[ 1789.233250]  ? blk_mq_alloc_rq_map+0x10d/0x220
[ 1789.237832]  ? blk_mq_init_sched+0x21d/0x770
[ 1789.242237]  ? do_vfs_ioctl+0x1de/0x1790
[ 1789.246294]  ? ksys_ioctl+0xa9/0xd0
[ 1789.249916]  ? __x64_sys_ioctl+0x73/0xb0
[ 1789.253974]  ? do_syscall_64+0x1b9/0x820
[ 1789.258027]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1789.263397]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1789.268928]  ? find_next_bit+0x104/0x130
[ 1789.272987]  ? __cpu_to_node+0x7d/0xa0
[ 1789.276878]  ? blk_mq_hw_queue_to_node+0xcc/0x110
[ 1789.281721]  blk_mq_alloc_rqs+0x31c/0x980
[ 1789.285889]  ? blk_mq_alloc_rq_map+0x220/0x220
[ 1789.290487]  ? kmem_cache_alloc_node_trace+0x34b/0x740
[ 1789.295759]  ? kasan_unpoison_shadow+0x35/0x50
[ 1789.300347]  ? __kmalloc_node+0x50/0x70
[ 1789.304335]  blk_mq_init_sched+0x279/0x770
[ 1789.308587]  elevator_init_mq+0xd7/0x160
[ 1789.312652]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1789.317934]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1789.322429]  ? __mutex_init+0x1f7/0x290
[ 1789.326420]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1789.331949]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1789.336714]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1789.341904]  blk_mq_init_queue+0x63/0xb0
[ 1789.345962]  loop_add+0x376/0xa40
[ 1789.349412]  ? loop_queue_rq+0x690/0x690
[ 1789.353477]  loop_control_ioctl+0x199/0x530
[ 1789.357801]  ? loop_add+0xa40/0xa40
[ 1789.361431]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1789.366881]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1789.371811]  ? loop_add+0xa40/0xa40
[ 1789.375437]  do_vfs_ioctl+0x1de/0x1790
[ 1789.379327]  ? ioctl_preallocate+0x300/0x300
[ 1789.383742]  ? selinux_file_mprotect+0x620/0x620
[ 1789.388499]  ? __sb_end_write+0xd9/0x110
[ 1789.392559]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1789.398089]  ? fput+0x130/0x1a0
[ 1789.401382]  ? do_syscall_64+0x9a/0x820
[ 1789.405360]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1789.410906]  ? security_file_ioctl+0x94/0xc0
[ 1789.415321]  ksys_ioctl+0xa9/0xd0
[ 1789.418779]  __x64_sys_ioctl+0x73/0xb0
[ 1789.422663]  do_syscall_64+0x1b9/0x820
[ 1789.426545]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1789.431906]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1789.436836]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1789.441678]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1789.446689]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1789.451706]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1789.456721]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1789.461563]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1789.466745] RIP: 0033:0x457669
[ 1789.469933] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1789.488916] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
04:39:06 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x400300}}, 0x20)

[ 1789.496633] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1789.503898] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1789.511162] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1789.518511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1789.525774] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:06 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
r1 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
r2 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)
connect$bt_l2cap(r2, &(0x7f0000000200)={0x1f, 0x9, {0x400, 0x1580000000000000, 0x8, 0x100000000, 0x904, 0x9}, 0xfff, 0x4}, 0xe)
ioctl$BLKALIGNOFF(r1, 0x127a, &(0x7f0000000180))

04:39:06 executing program 4 (fault-call:20 fault-nth:42):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:06 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
r1 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)
connect$bt_l2cap(r1, &(0x7f0000000200)={0x1f, 0x9, {0x400, 0x1580000000000000, 0x8, 0x100000000, 0x904, 0x9}, 0xfff, 0x4}, 0xe)

04:39:06 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)

04:39:06 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:06 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c2f, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:06 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c29, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:06 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x10000000}}, 0x20)

[ 1789.711781] FAULT_INJECTION: forcing a failure.
[ 1789.711781] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1789.739242] CPU: 0 PID: 9317 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1789.746533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1789.755884] Call Trace:
[ 1789.758477]  dump_stack+0x244/0x39d
[ 1789.762115]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1789.767322]  should_fail.cold.4+0xa/0x17
[ 1789.771408]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1789.776513]  ? mark_held_locks+0xc7/0x130
[ 1789.780657]  ? zap_class+0x640/0x640
[ 1789.784369]  ? print_usage_bug+0xc0/0xc0
[ 1789.788447]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1789.793381]  ? print_usage_bug+0xc0/0xc0
[ 1789.797440]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1789.802887]  ? is_bpf_text_address+0xac/0x170
[ 1789.807602]  ? __lock_is_held+0xb5/0x140
[ 1789.811664]  ? zap_class+0x640/0x640
[ 1789.815391]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1789.820836]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1789.825411]  ? retint_kernel+0x2d/0x2d
[ 1789.829297]  ? trace_hardirqs_on_caller+0xc0/0x310
[ 1789.834232]  ? __might_sleep+0x95/0x190
[ 1789.838210]  __alloc_pages_nodemask+0x366/0xea0
[ 1789.842879]  ? __alloc_pages_slowpath+0x2de0/0x2de0
[ 1789.847889]  ? retint_kernel+0x2d/0x2d
[ 1789.851784]  ? __memset+0x30/0x30
[ 1789.855234]  ? memset+0x31/0x40
[ 1789.858514]  ? loop_init_request+0x83/0x180
[ 1789.862832]  ? loop_info64_from_compat+0x940/0x940
[ 1789.867773]  ? loop_info64_from_compat+0x940/0x940
[ 1789.872705]  blk_mq_alloc_rqs+0x31c/0x980
[ 1789.876857]  ? blk_mq_alloc_rq_map+0x220/0x220
[ 1789.881441]  ? kasan_unpoison_shadow+0x35/0x50
[ 1789.886026]  ? __kmalloc_node+0x50/0x70
[ 1789.890006]  blk_mq_init_sched+0x279/0x770
[ 1789.894246]  elevator_init_mq+0xd7/0x160
[ 1789.898312]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1789.903595]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1789.908084]  ? __mutex_init+0x1f7/0x290
[ 1789.912075]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1789.917607]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1789.922375]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1789.927574]  blk_mq_init_queue+0x63/0xb0
[ 1789.931634]  loop_add+0x376/0xa40
[ 1789.935085]  ? loop_queue_rq+0x690/0x690
[ 1789.939152]  loop_control_ioctl+0x199/0x530
[ 1789.943466]  ? loop_add+0xa40/0xa40
[ 1789.947097]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1789.952552]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1789.957486]  ? loop_add+0xa40/0xa40
[ 1789.961109]  do_vfs_ioctl+0x1de/0x1790
[ 1789.964996]  ? ioctl_preallocate+0x300/0x300
[ 1789.969424]  ? selinux_file_mprotect+0x620/0x620
[ 1789.974184]  ? __sb_end_write+0xd9/0x110
[ 1789.978247]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1789.983777]  ? fput+0x130/0x1a0
[ 1789.987055]  ? do_syscall_64+0x9a/0x820
[ 1789.991030]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1789.996563]  ? security_file_ioctl+0x94/0xc0
[ 1790.000974]  ksys_ioctl+0xa9/0xd0
[ 1790.004427]  __x64_sys_ioctl+0x73/0xb0
[ 1790.008316]  do_syscall_64+0x1b9/0x820
[ 1790.012198]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1790.017559]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1790.022498]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1790.027336]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1790.032351]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1790.037370]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1790.042398]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1790.047243]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1790.052424] RIP: 0033:0x457669
[ 1790.055610] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1790.074502] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1790.082203] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1790.089464] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1790.096729] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1790.103989] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
04:39:06 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)
syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x1000, 0x4000)

[ 1790.111252] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:06 executing program 4 (fault-call:20 fault-nth:43):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:06 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x10}}, 0x20)

04:39:06 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0x60, "23b20c86833f67a10eb2e3748a5f9ef129e3e717021265bf2a19958e67e46d279f7505e08aed693cb80df2658637666e69ef4e9ee188f626e6f6e343371f63cec473b04c80d0a9f2d98dbe3713fb051192af01252b2471cd183d9316acc5c6df"}, &(0x7f0000000080)=0x68)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:07 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0xe0}}, 0x20)

04:39:07 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c54, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:07 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c4a, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1790.440970] FAULT_INJECTION: forcing a failure.
[ 1790.440970] name failslab, interval 1, probability 0, space 0, times 0
[ 1790.456409] CPU: 0 PID: 9338 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1790.463697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1790.473126] Call Trace:
[ 1790.475718]  dump_stack+0x244/0x39d
[ 1790.479353]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1790.484558]  ? mark_held_locks+0xc7/0x130
[ 1790.488735]  should_fail.cold.4+0xa/0x17
[ 1790.492801]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1790.497902]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1790.503363]  ? zap_class+0x640/0x640
[ 1790.507081]  ? find_held_lock+0x36/0x1c0
[ 1790.511167]  ? __lock_is_held+0xb5/0x140
[ 1790.515237]  ? retint_kernel+0x2d/0x2d
[ 1790.519130]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1790.524589]  __should_failslab+0x124/0x180
[ 1790.528825]  should_failslab+0x9/0x14
[ 1790.532623]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1790.537723]  ? write_comp_data+0x22/0x70
[ 1790.541791]  elevator_alloc+0x82/0x1f0
[ 1790.545679]  dd_init_queue+0x9c/0x600
[ 1790.549476]  ? dd_exit_queue+0x250/0x250
[ 1790.553541]  ? kasan_unpoison_shadow+0x35/0x50
[ 1790.558125]  ? __kmalloc_node+0x50/0x70
[ 1790.562103]  blk_mq_init_sched+0x3b3/0x770
[ 1790.566344]  elevator_init_mq+0xd7/0x160
[ 1790.570406]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1790.575688]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1790.580182]  ? __mutex_init+0x1f7/0x290
[ 1790.584173]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1790.589703]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1790.594470]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1790.599661]  blk_mq_init_queue+0x63/0xb0
[ 1790.603719]  loop_add+0x376/0xa40
[ 1790.607173]  ? loop_queue_rq+0x690/0x690
[ 1790.611237]  loop_control_ioctl+0x199/0x530
[ 1790.615560]  ? loop_add+0xa40/0xa40
[ 1790.619194]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1790.624647]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1790.629577]  ? loop_add+0xa40/0xa40
[ 1790.633203]  do_vfs_ioctl+0x1de/0x1790
[ 1790.637094]  ? ioctl_preallocate+0x300/0x300
[ 1790.641500]  ? selinux_file_mprotect+0x620/0x620
[ 1790.646265]  ? __sb_end_write+0xd9/0x110
[ 1790.650325]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1790.655854]  ? fput+0x130/0x1a0
[ 1790.659130]  ? do_syscall_64+0x9a/0x820
[ 1790.663106]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1790.668642]  ? security_file_ioctl+0x94/0xc0
[ 1790.673046]  ksys_ioctl+0xa9/0xd0
[ 1790.676500]  __x64_sys_ioctl+0x73/0xb0
[ 1790.680390]  do_syscall_64+0x1b9/0x820
[ 1790.684368]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1790.689746]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1790.694679]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1790.699523]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1790.704544]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1790.709577]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1790.714434]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1790.719614] RIP: 0033:0x457669
[ 1790.722806] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
04:39:07 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x0, 0x1, &(0x7f0000001e00)={[{@user_subvol_rm='user_subvol_rm_allowed'}, {@compress='compress'}, {@subvol={'subvol', 0x3d, '/dev/ptmx\x00'}}, {@rescan_uuid_tree='rescan_uuid_tree'}], [{@smackfsdef={'smackfsdef', 0x3d, '/dev/ptmx\x00'}}, {@measure='measure'}]})
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

[ 1790.741698] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1790.749398] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1790.756660] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1790.763925] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1790.771185] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1790.778447] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:07 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:07 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:07 executing program 4 (fault-call:20 fault-nth:44):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:07 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c69, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:07 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c5c, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:07 executing program 0:
socket$inet6(0xa, 0x803, 0x400000007f)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:07 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0xffffffff00000000}}, 0x20)

04:39:07 executing program 0:
socket$inet6(0xa, 0x803, 0x400000007f)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

[ 1790.993379] FAULT_INJECTION: forcing a failure.
[ 1790.993379] name failslab, interval 1, probability 0, space 0, times 0
[ 1791.018541] CPU: 0 PID: 9363 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1791.025833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1791.035184] Call Trace:
[ 1791.037786]  dump_stack+0x244/0x39d
04:39:07 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x100000000000000}}, 0x20)

[ 1791.041418]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1791.046612]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1791.051379]  should_fail.cold.4+0xa/0x17
[ 1791.055441]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1791.060200]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1791.065316]  ? save_stack+0x43/0xd0
[ 1791.068940]  ? kasan_kmalloc+0xc7/0xe0
[ 1791.072833]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1791.077594]  ? zap_class+0x640/0x640
[ 1791.081305]  ? retint_kernel+0x2d/0x2d
[ 1791.085191]  ? find_held_lock+0x36/0x1c0
[ 1791.089268]  ? __lock_is_held+0xb5/0x140
[ 1791.093321]  ? pcpu_chunk_relocate+0x68/0x7a0
[ 1791.097823]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1791.103267]  ? psi_task_change.cold.11+0x1ac/0x1ac
[ 1791.108191]  ? kasan_check_write+0x14/0x20
[ 1791.112429]  ? kobject_init+0x23d/0x2f0
[ 1791.116412]  __should_failslab+0x124/0x180
[ 1791.120649]  should_failslab+0x9/0x14
[ 1791.124448]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1791.129555]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1791.135097]  dd_init_queue+0x10e/0x600
[ 1791.138984]  ? dd_exit_queue+0x250/0x250
[ 1791.143149]  ? kasan_unpoison_shadow+0x35/0x50
[ 1791.147740]  ? __kmalloc_node+0x50/0x70
[ 1791.151720]  blk_mq_init_sched+0x3b3/0x770
[ 1791.155963]  elevator_init_mq+0xd7/0x160
[ 1791.160027]  blk_mq_init_allocated_queue+0x1074/0x1680
[ 1791.165310]  ? blk_mq_map_swqueue+0xa50/0xa50
[ 1791.169805]  ? __mutex_init+0x1f7/0x290
[ 1791.173795]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1791.179334]  ? __blk_mq_alloc_rq_map+0x17d/0x2e0
[ 1791.184101]  ? blk_mq_update_nr_hw_queues+0xf00/0xf00
[ 1791.189295]  blk_mq_init_queue+0x63/0xb0
[ 1791.193353]  loop_add+0x376/0xa40
[ 1791.196826]  ? loop_queue_rq+0x690/0x690
[ 1791.200912]  loop_control_ioctl+0x199/0x530
[ 1791.205237]  ? loop_add+0xa40/0xa40
[ 1791.208858]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1791.214326]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1791.219256]  ? loop_add+0xa40/0xa40
[ 1791.222882]  do_vfs_ioctl+0x1de/0x1790
[ 1791.226774]  ? ioctl_preallocate+0x300/0x300
[ 1791.231181]  ? selinux_file_mprotect+0x620/0x620
[ 1791.235945]  ? __fdget_pos+0x1bb/0x200
[ 1791.239831]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1791.245363]  ? fput+0x130/0x1a0
[ 1791.248643]  ? do_syscall_64+0x9a/0x820
[ 1791.252616]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1791.258153]  ? security_file_ioctl+0x94/0xc0
[ 1791.262559]  ksys_ioctl+0xa9/0xd0
[ 1791.266011]  __x64_sys_ioctl+0x73/0xb0
[ 1791.269901]  do_syscall_64+0x1b9/0x820
[ 1791.273785]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1791.279148]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1791.284091]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1791.288936]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1791.293953]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1791.298968]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1791.303996]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1791.308839]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1791.314020] RIP: 0033:0x457669
[ 1791.317218] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1791.336219] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
04:39:07 executing program 0:
socket$inet6(0xa, 0x803, 0x400000007f)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

[ 1791.343922] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1791.351184] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1791.358461] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1791.365727] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1791.373004] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:08 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c70, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:08 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c4f, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:08 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000240)={<r1=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={r1, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:08 executing program 4 (fault-call:20 fault-nth:45):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:08 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:08 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x200000000000000}}, 0x20)

04:39:08 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x1000000000000000}}, 0x20)

04:39:08 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

[ 1791.611794] FAULT_INJECTION: forcing a failure.
[ 1791.611794] name failslab, interval 1, probability 0, space 0, times 0
[ 1791.631935] CPU: 0 PID: 9399 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1791.639229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1791.648575] Call Trace:
[ 1791.651177]  dump_stack+0x244/0x39d
[ 1791.654807]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1791.659994]  ? should_fail+0x19a/0xd01
[ 1791.663889]  should_fail.cold.4+0xa/0x17
[ 1791.667950]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1791.673066]  ? blk_mq_debugfs_register_sched_hctx+0x14d/0x1b0
[ 1791.679035]  ? zap_class+0x640/0x640
[ 1791.682745]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1791.687769]  ? blk_mq_init_sched+0x36a/0x770
[ 1791.692184]  ? find_held_lock+0x36/0x1c0
[ 1791.696244]  ? __lock_is_held+0xb5/0x140
[ 1791.700332]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1791.705778]  ? find_held_lock+0x36/0x1c0
[ 1791.709846]  __should_failslab+0x124/0x180
[ 1791.714080]  should_failslab+0x9/0x14
[ 1791.717893]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1791.722977]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1791.727545]  ? trace_hardirqs_on+0xbd/0x310
[ 1791.731845]  ? kasan_check_read+0x11/0x20
[ 1791.735979]  __alloc_disk_node+0xc9/0x510
[ 1791.740109]  ? disk_expand_part_tbl+0x3d0/0x3d0
[ 1791.744759]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1791.749845]  ? blk_queue_flag_set+0xf6/0x160
[ 1791.754239]  loop_add+0x459/0xa40
[ 1791.757675]  ? loop_queue_rq+0x690/0x690
[ 1791.761733]  loop_control_ioctl+0x199/0x530
[ 1791.766034]  ? loop_add+0xa40/0xa40
[ 1791.769654]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1791.775098]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1791.780015]  ? loop_add+0xa40/0xa40
[ 1791.783635]  do_vfs_ioctl+0x1de/0x1790
[ 1791.787521]  ? ioctl_preallocate+0x300/0x300
[ 1791.791915]  ? selinux_file_mprotect+0x620/0x620
[ 1791.796659]  ? __sb_end_write+0xd9/0x110
[ 1791.800704]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1791.806462]  ? fput+0x130/0x1a0
[ 1791.809726]  ? do_syscall_64+0x9a/0x820
[ 1791.813683]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1791.819202]  ? security_file_ioctl+0x94/0xc0
[ 1791.823595]  ksys_ioctl+0xa9/0xd0
[ 1791.827031]  __x64_sys_ioctl+0x73/0xb0
[ 1791.830899]  do_syscall_64+0x1b9/0x820
[ 1791.834766]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1791.840125]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1791.845038]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1791.849863]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1791.854867]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1791.860396]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1791.865405]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1791.870240]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1791.875415] RIP: 0033:0x457669
[ 1791.878599] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1791.897491] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1791.905177] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
04:39:08 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:08 executing program 0:
r0 = socket$inet6(0xa, 0x0, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

[ 1791.912427] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1791.919676] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1791.926925] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1791.934175] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:08 executing program 4 (fault-call:20 fault-nth:46):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:08 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0xe0000000}}, 0x20)

[ 1792.043117] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1792.075507] FAT-fs (loop3): Filesystem has been set read-only
[ 1792.091734] FAT-fs (loop3): error, invalid access to FAT (entry 0x00006500)
[ 1792.119967] FAULT_INJECTION: forcing a failure.
[ 1792.119967] name failslab, interval 1, probability 0, space 0, times 0
[ 1792.133683] CPU: 0 PID: 9428 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1792.140964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1792.150313] Call Trace:
[ 1792.152904]  dump_stack+0x244/0x39d
[ 1792.156539]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1792.161732]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1792.166491]  should_fail.cold.4+0xa/0x17
[ 1792.170552]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1792.175656]  ? zap_class+0x640/0x640
[ 1792.179365]  ? wait_for_completion+0x8a0/0x8a0
[ 1792.183953]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1792.189504]  ? check_preemption_disabled+0x48/0x280
[ 1792.194515]  ? zap_class+0x640/0x640
[ 1792.198232]  ? find_held_lock+0x36/0x1c0
[ 1792.202295]  ? __lock_is_held+0xb5/0x140
[ 1792.206429]  ? balance_leaf+0xba78/0xf570
[ 1792.210586]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1792.216035]  ? pcpu_balance_workfn+0x1700/0x1700
[ 1792.220793]  __should_failslab+0x124/0x180
[ 1792.225026]  should_failslab+0x9/0x14
[ 1792.228829]  kmem_cache_alloc_node_trace+0x270/0x740
[ 1792.233926]  ? lockdep_init_map+0x9/0x10
[ 1792.237993]  __kmalloc_node+0x3c/0x70
[ 1792.241809]  disk_expand_part_tbl+0x24b/0x3d0
[ 1792.246304]  ? blk_free_devt+0x60/0x60
[ 1792.250197]  __alloc_disk_node+0x177/0x510
[ 1792.254439]  ? disk_expand_part_tbl+0x3d0/0x3d0
[ 1792.259104]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1792.264211]  ? blk_queue_flag_set+0xf6/0x160
[ 1792.268622]  loop_add+0x459/0xa40
[ 1792.272072]  ? loop_queue_rq+0x690/0x690
[ 1792.276149]  loop_control_ioctl+0x199/0x530
[ 1792.280465]  ? loop_add+0xa40/0xa40
[ 1792.284086]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1792.289544]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1792.294475]  ? loop_add+0xa40/0xa40
[ 1792.298098]  do_vfs_ioctl+0x1de/0x1790
[ 1792.301996]  ? ioctl_preallocate+0x300/0x300
[ 1792.306406]  ? selinux_file_mprotect+0x620/0x620
[ 1792.311167]  ? __sb_end_write+0xd9/0x110
[ 1792.315231]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1792.320768]  ? fput+0x130/0x1a0
[ 1792.324042]  ? do_syscall_64+0x9a/0x820
[ 1792.328016]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1792.333546]  ? security_file_ioctl+0x94/0xc0
[ 1792.337951]  ksys_ioctl+0xa9/0xd0
[ 1792.341409]  __x64_sys_ioctl+0x73/0xb0
[ 1792.345296]  do_syscall_64+0x1b9/0x820
[ 1792.349270]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1792.354634]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1792.359560]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1792.364409]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1792.369426]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1792.374442]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1792.379462]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1792.384309]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1792.389489] RIP: 0033:0x457669
[ 1792.392689] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.411583] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1792.419279] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1792.426536] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1792.433797] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.441055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1792.448311] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:09 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c4c, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:09 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c26, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:09 executing program 0:
r0 = socket$inet6(0xa, 0x0, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:09 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x1000000}}, 0x20)

04:39:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, 0x0)
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={0x0, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:09 executing program 4 (fault-call:20 fault-nth:47):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:09 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x2000000}}, 0x20)

04:39:09 executing program 0:
r0 = socket$inet6(0xa, 0x0, 0x400000007f)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:09 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c64, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:09 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c12, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1792.644907] FAULT_INJECTION: forcing a failure.
[ 1792.644907] name failslab, interval 1, probability 0, space 0, times 0
04:39:09 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x6b6b6b}}, 0x20)

[ 1792.689554] CPU: 0 PID: 9450 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1792.696848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1792.706201] Call Trace:
[ 1792.708797]  dump_stack+0x244/0x39d
[ 1792.712462]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1792.717654]  ? __lock_is_held+0xb5/0x140
[ 1792.721719]  should_fail.cold.4+0xa/0x17
[ 1792.725784]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1792.730903]  ? zap_class+0x640/0x640
[ 1792.734640]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1792.740184]  ? find_held_lock+0x36/0x1c0
[ 1792.744246]  ? __lock_is_held+0xb5/0x140
[ 1792.748311]  ? fd_compat_ioctl+0x408/0x2730
[ 1792.752646]  ? disk_seqf_stop+0xa0/0xa0
[ 1792.756616]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1792.762149]  ? kasan_unpoison_shadow+0x35/0x50
[ 1792.766735]  __should_failslab+0x124/0x180
[ 1792.770966]  should_failslab+0x9/0x14
[ 1792.774765]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1792.779542]  ? part_uevent+0x120/0x120
[ 1792.783428]  ? percpu_ref_noop_confirm_switch+0x10/0x10
[ 1792.788851]  rand_initialize_disk+0x43/0xc0
[ 1792.793188]  __alloc_disk_node+0x2ba/0x510
[ 1792.797423]  ? disk_expand_part_tbl+0x3d0/0x3d0
[ 1792.802094]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1792.807195]  ? blk_queue_flag_set+0xf6/0x160
[ 1792.811605]  loop_add+0x459/0xa40
[ 1792.815060]  ? loop_queue_rq+0x690/0x690
[ 1792.819134]  loop_control_ioctl+0x199/0x530
[ 1792.823453]  ? loop_add+0xa40/0xa40
[ 1792.827080]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1792.832535]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1792.837466]  ? loop_add+0xa40/0xa40
[ 1792.841097]  do_vfs_ioctl+0x1de/0x1790
[ 1792.844987]  ? ioctl_preallocate+0x300/0x300
[ 1792.849394]  ? selinux_file_mprotect+0x620/0x620
[ 1792.854155]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1792.858908]  ? do_syscall_64+0x9a/0x820
[ 1792.862887]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1792.868426]  ? security_file_ioctl+0x94/0xc0
[ 1792.872849]  ksys_ioctl+0xa9/0xd0
[ 1792.876300]  __x64_sys_ioctl+0x73/0xb0
[ 1792.880190]  do_syscall_64+0x1b9/0x820
[ 1792.884077]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1792.889438]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1792.894381]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1792.899222]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1792.904233]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1792.909251]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1792.914266]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1792.919116]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1792.924299] RIP: 0033:0x457669
[ 1792.927494] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1792.946387] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1792.954118] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1792.961388] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1792.968649] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1792.976026] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1792.983296] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
04:39:09 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:09 executing program 4 (fault-call:20 fault-nth:48):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
pipe(&(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r3, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x0)
unshare(0x2000400)
ioctl$int_in(r2, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r4, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})

04:39:09 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

04:39:09 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0xffffffffffffffff}}, 0x20)

04:39:09 executing program 3:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unlink(0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000), 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000300)={{{@in6=@ipv4={[], [], @empty}, @in=@dev}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000000180)=0xe8)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, 0x0)
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000005c0)={0x0, 0x4, &(0x7f0000000440)=[0x0, 0x0, 0x7, 0x3f93], 0x0, 0x42, 0x3, 0x400, &(0x7f00000004c0)=[0x0, 0x2, 0x0], &(0x7f0000000580)=[0x0, 0x5be, 0x0]})
getgid()
fstat(0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001540)='./file0\x00', 0x0)
creat(&(0x7f0000000400)='./file0\x00', 0x2)

04:39:09 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(0x0, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0x0, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x4c46, 0x0)
unshare(0x2000400)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, 0x0)
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

04:39:09 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x106, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
r2 = syz_open_procfs(r1, 0x0)
unshare(0x20000000)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x40000010000009)
perf_event_open(0x0, 0x0, 0x0, r0, 0x0)
open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x2000000000000000)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x400c6615, 0x0)
perf_event_open(0x0, r1, 0x1, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000200)={{0x0, 0x0, 0xa, 0x1, 0x5}, 0x9e3a, 0xe049, 0x3})
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={@local, @empty, @mcast2})
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop-control\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
r5 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5)
perf_event_open(&(0x7f0000000500)={0x1, 0x70, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$LOOP_CTL_ADD(r4, 0x2, 0x0)
unshare(0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000280))
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000005c0)={{0xffffffffffffffff, 0x2, 0x7fff, 0x3, 0x80000001}, 0x2, 0x5, 0x1})
prctl$PR_SVE_SET_VL(0x32, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000440)={0x0, 0x22b, 0x40, [], &(0x7f0000000380)=0x7})
connect$pptp(r2, &(0x7f00000002c0)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x1e)

[ 1793.180292] FAULT_INJECTION: forcing a failure.
[ 1793.180292] name failslab, interval 1, probability 0, space 0, times 0
[ 1793.220225] CPU: 0 PID: 9481 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1793.227514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1793.236877] Call Trace:
[ 1793.239478]  dump_stack+0x244/0x39d
[ 1793.243089]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1793.248262]  ? lockdep_hardirqs_on+0x3bb/0x5b0
[ 1793.252830]  should_fail.cold.4+0xa/0x17
[ 1793.256874]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1793.261979]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1793.266719]  ? zap_class+0x640/0x640
[ 1793.270430]  ? find_held_lock+0x36/0x1c0
[ 1793.274474]  ? __lock_is_held+0xb5/0x140
[ 1793.278527]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1793.283964]  ? _raw_spin_unlock_irqrestore+0x6d/0xd0
[ 1793.289068]  ? print_usage_bug+0xc0/0xc0
[ 1793.293115]  __should_failslab+0x124/0x180
[ 1793.297370]  should_failslab+0x9/0x14
[ 1793.301154]  kmem_cache_alloc_trace+0x2d7/0x750
[ 1793.305806]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1793.311327]  ? check_preemption_disabled+0x48/0x280
[ 1793.316408]  device_create_groups_vargs+0xa7/0x270
[ 1793.321325]  device_create_vargs+0x46/0x60
[ 1793.325543]  bdi_register_va.part.9+0xc3/0x9c0
[ 1793.330106]  ? __bpf_trace_preemptirq_template+0x30/0x30
[ 1793.335534]  ? cgwb_kill+0x640/0x640
[ 1793.339232]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1793.343972]  ? retint_kernel+0x2d/0x2d
[ 1793.347843]  bdi_register+0x111/0x130
[ 1793.351637]  ? bdi_register_va+0x80/0x80
[ 1793.355686]  bdi_register_owner+0x5e/0x100
[ 1793.359902]  __device_add_disk+0xebd/0x13e0
[ 1793.364210]  ? blk_alloc_devt+0x2e0/0x2e0
[ 1793.368345]  ? pointer+0x900/0x900
[ 1793.371880]  ? __mutex_init+0x1f7/0x290
[ 1793.375838]  ? psi_task_change.cold.11+0x1ac/0x1ac
[ 1793.380765]  ? sprintf+0xb0/0xe0
[ 1793.384113]  ? scnprintf+0x130/0x130
[ 1793.387818]  ? __lockdep_init_map+0x105/0x590
[ 1793.392327]  device_add_disk+0x2a/0x40
[ 1793.396202]  loop_add+0x75b/0xa40
[ 1793.399640]  ? loop_queue_rq+0x690/0x690
[ 1793.403687]  loop_control_ioctl+0x199/0x530
[ 1793.407992]  ? loop_add+0xa40/0xa40
[ 1793.411617]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1793.417052]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1793.421965]  ? loop_add+0xa40/0xa40
[ 1793.425574]  do_vfs_ioctl+0x1de/0x1790
[ 1793.429452]  ? ioctl_preallocate+0x300/0x300
[ 1793.433852]  ? selinux_file_mprotect+0x620/0x620
[ 1793.438592]  ? __sb_end_write+0xd9/0x110
[ 1793.442657]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1793.448174]  ? fput+0x130/0x1a0
[ 1793.451453]  ? do_syscall_64+0x9a/0x820
[ 1793.455414]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1793.460933]  ? security_file_ioctl+0x94/0xc0
[ 1793.465326]  ksys_ioctl+0xa9/0xd0
[ 1793.468772]  __x64_sys_ioctl+0x73/0xb0
[ 1793.472659]  do_syscall_64+0x1b9/0x820
[ 1793.476538]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1793.481882]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1793.486797]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1793.491646]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1793.496656]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1793.501656]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1793.506655]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1793.511485]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1793.516653] RIP: 0033:0x457669
[ 1793.519830] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1793.538716] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1793.546402] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1793.553651] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1793.560901] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1793.568149] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
04:39:10 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x1, 0xb7, &(0x7f0000000240)=""/183}, 0x48)
r2 = socket$kcm(0x29, 0x1000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r0, r1})
write$binfmt_aout(r2, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0xe000000000000000}}, 0x20)

04:39:10 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x80)

[ 1793.575408] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1793.629466] WARNING: CPU: 0 PID: 9481 at block/genhd.c:704 __device_add_disk+0x10e6/0x13e0
[ 1793.637881] Kernel panic - not syncing: panic_on_warn set ...
[ 1793.643763] CPU: 0 PID: 9481 Comm: syz-executor4 Not tainted 4.20.0-rc7+ #156
[ 1793.651071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1793.660442] Call Trace:
[ 1793.663035]  dump_stack+0x244/0x39d
[ 1793.666663]  ? dump_stack_print_info.cold.1+0x20/0x20
[ 1793.671859]  panic+0x2ad/0x55c
[ 1793.675045]  ? add_taint.cold.5+0x16/0x16
[ 1793.679193]  ? __warn.cold.8+0x5/0x45
[ 1793.682993]  ? __device_add_disk+0x10e6/0x13e0
[ 1793.687575]  __warn.cold.8+0x20/0x45
[ 1793.691307]  ? rcu_softirq_qs+0x20/0x20
[ 1793.695281]  ? __device_add_disk+0x10e6/0x13e0
[ 1793.699858]  report_bug+0x254/0x2d0
[ 1793.703496]  do_error_trap+0x11b/0x200
[ 1793.707384]  do_invalid_op+0x36/0x40
[ 1793.711096]  ? __device_add_disk+0x10e6/0x13e0
[ 1793.715676]  invalid_op+0x14/0x20
[ 1793.719123] RIP: 0010:__device_add_disk+0x10e6/0x13e0
[ 1793.724309] Code: 00 80 a3 dc 00 00 00 ef e9 57 f7 ff ff e8 62 92 ff fd 0f 0b e9 cf f7 ff ff e8 56 92 ff fd 0f 0b e9 eb f6 ff ff e8 4a 92 ff fd <0f> 0b e9 e5 fd ff ff 4c 89 f7 e8 4b f8 42 fe e9 97 f0 ff ff e8 61
[ 1793.743200] RSP: 0018:ffff8881a3c67870 EFLAGS: 00010246
[ 1793.748556] RAX: 0000000000040000 RBX: ffff88818325aec0 RCX: ffffc90005a50000
[ 1793.755817] RDX: 0000000000040000 RSI: ffffffff837ff226 RDI: 0000000000000005
[ 1793.763079] RBP: ffff8881a3c67a48 R08: ffff8881b4ce8340 R09: ffffed103b5c5b5f
[ 1793.770341] R10: ffffed103b5c5b5f R11: ffff8881dae2dafb R12: ffff8881a3c67a20
[ 1793.777606] R13: 00000000fffffff4 R14: ffff88818325b430 R15: ffff88818325aec4
[ 1793.784885]  ? __device_add_disk+0x10e6/0x13e0
[ 1793.789474]  ? blk_alloc_devt+0x2e0/0x2e0
[ 1793.793628]  ? pointer+0x900/0x900
[ 1793.797174]  ? __mutex_init+0x1f7/0x290
[ 1793.801148]  ? psi_task_change.cold.11+0x1ac/0x1ac
[ 1793.806324]  ? sprintf+0xb0/0xe0
[ 1793.809690]  ? scnprintf+0x130/0x130
[ 1793.813403]  ? __lockdep_init_map+0x105/0x590
[ 1793.817897]  device_add_disk+0x2a/0x40
[ 1793.821780]  loop_add+0x75b/0xa40
[ 1793.825233]  ? loop_queue_rq+0x690/0x690
[ 1793.829308]  loop_control_ioctl+0x199/0x530
[ 1793.833622]  ? loop_add+0xa40/0xa40
[ 1793.837244]  ? perf_trace_sched_process_exec+0x860/0x860
[ 1793.842698]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1793.847628]  ? loop_add+0xa40/0xa40
[ 1793.851255]  do_vfs_ioctl+0x1de/0x1790
[ 1793.855144]  ? ioctl_preallocate+0x300/0x300
[ 1793.859550]  ? selinux_file_mprotect+0x620/0x620
[ 1793.864308]  ? __sb_end_write+0xd9/0x110
[ 1793.868370]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1793.873900]  ? fput+0x130/0x1a0
[ 1793.877175]  ? do_syscall_64+0x9a/0x820
[ 1793.881153]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1793.886694]  ? security_file_ioctl+0x94/0xc0
[ 1793.891102]  ksys_ioctl+0xa9/0xd0
[ 1793.894560]  __x64_sys_ioctl+0x73/0xb0
[ 1793.898444]  do_syscall_64+0x1b9/0x820
[ 1793.902324]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[ 1793.907685]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1793.912606]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1793.917445]  ? trace_hardirqs_on_caller+0x310/0x310
[ 1793.922460]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1793.927473]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1793.932487]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1793.937330]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1793.942509] RIP: 0033:0x457669
[ 1793.945699] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1793.964595] RSP: 002b:00007f7c8bd4fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1793.972291] RAX: ffffffffffffffda RBX: 00007f7c8bd4fc90 RCX: 0000000000457669
[ 1793.979548] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000008
[ 1793.986796] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1793.994045] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c8bd506d4
[ 1794.001296] R13: 00000000004c087d R14: 00000000004d19b8 R15: 000000000000000a
[ 1794.010128] Kernel Offset: disabled
[ 1794.013912] Rebooting in 86400 seconds..