003 [ 664.716736] RBP: 00007fc6935fa1d0 R08: 0000000000000000 R09: 0000000000000000 13:37:40 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 1) [ 664.723999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 664.731364] R13: 00007ffdeb6479bf R14: 00007fc6935fa300 R15: 0000000000022000 13:37:40 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 4) 13:37:40 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) (async) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), r0) sendmsg$BATADV_CMD_TP_METER_CANCEL(r4, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x3c, r5, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x9}]}, 0x3c}}, 0x40) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r0) sendmsg$BATADV_CMD_TP_METER_CANCEL(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x3c, r6, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20000080) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000408}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x58, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x800) 13:37:40 executing program 4: r0 = add_key(&(0x7f00000001c0)='user\x00', &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r1) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, r1, 0x1) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000000)={'ip6tnl0\x00', 0x0, 0x4, 0xfb, 0x3, 0x7, 0x49, @loopback, @mcast2, 0x10, 0x700, 0xffffffff, 0xd3}}) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) (async) ioctl$SIOCPNDELRESOURCE(r4, 0x89ef, &(0x7f0000000180)=0x3) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000140)={'syztnl2\x00', &(0x7f00000000c0)={'syztnl2\x00', r3, 0x2f, 0x20, 0x7e, 0xfb92, 0x16, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, 0x8000, 0x10, 0x7, 0x2}}) 13:37:40 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r2 = socket$packet(0x11, 0x3, 0x300) accept4$packet(r2, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14, 0x800) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) write$cgroup_freezer_state(r3, &(0x7f0000000100)='THAWED\x00', 0x7) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0xfdfe, 0x1000}, 0x4) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={0x0, 0x2, r0, 0x7, 0x80000}) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) accept4$packet(r2, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14, 0x800) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) write$cgroup_freezer_state(r3, &(0x7f0000000100)='THAWED\x00', 0x7) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0xfdfe, 0x1000}, 0x4) (async) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={0x0, 0x2, r0, 0x7, 0x80000}) (async) 13:37:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 6) [ 664.829500] FAULT_INJECTION: forcing a failure. [ 664.829500] name failslab, interval 1, probability 0, space 0, times 0 [ 664.842206] FAULT_INJECTION: forcing a failure. [ 664.842206] name failslab, interval 1, probability 0, space 0, times 0 [ 664.855479] FAULT_INJECTION: forcing a failure. [ 664.855479] name failslab, interval 1, probability 0, space 0, times 0 [ 664.864249] CPU: 0 PID: 10087 Comm: syz-executor.1 Not tainted 4.14.284-syzkaller #0 [ 664.874568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 664.883916] Call Trace: [ 664.886501] dump_stack+0x1b2/0x281 [ 664.890136] should_fail.cold+0x10a/0x149 [ 664.894275] should_failslab+0xd6/0x130 [ 664.898260] kmem_cache_alloc_trace+0x29a/0x3d0 [ 664.902922] kvm_dev_ioctl+0x155/0x1450 [ 664.906899] ? fsnotify+0x974/0x11b0 [ 664.910600] ? kvm_put_kvm+0xab0/0xab0 [ 664.914473] ? SyS_write+0x1b7/0x210 [ 664.918199] ? kvm_put_kvm+0xab0/0xab0 [ 664.922102] do_vfs_ioctl+0x75a/0xff0 [ 664.925896] ? lock_acquire+0x170/0x3f0 [ 664.929859] ? ioctl_preallocate+0x1a0/0x1a0 [ 664.934258] ? __fget+0x265/0x3e0 [ 664.937702] ? do_vfs_ioctl+0xff0/0xff0 [ 664.941665] ? security_file_ioctl+0x83/0xb0 [ 664.946056] SyS_ioctl+0x7f/0xb0 [ 664.949411] ? do_vfs_ioctl+0xff0/0xff0 [ 664.953375] do_syscall_64+0x1d5/0x640 [ 664.957258] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 664.962433] RIP: 0033:0x7f3b3102d109 [ 664.966125] RSP: 002b:00007f3b2f9a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 664.973820] RAX: ffffffffffffffda RBX: 00007f3b3113ff60 RCX: 00007f3b3102d109 [ 664.981099] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 664.988363] RBP: 00007f3b2f9a21d0 R08: 0000000000000000 R09: 0000000000000000 [ 664.995648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.002936] R13: 00007ffe8975eecf R14: 00007f3b2f9a2300 R15: 0000000000022000 [ 665.010206] CPU: 1 PID: 10092 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 665.018094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.027449] Call Trace: [ 665.030044] dump_stack+0x1b2/0x281 [ 665.033689] should_fail.cold+0x10a/0x149 [ 665.037840] should_failslab+0xd6/0x130 [ 665.041833] kmem_cache_alloc_trace+0x29a/0x3d0 [ 665.046508] kvm_dev_ioctl+0x964/0x1450 [ 665.050501] ? fsnotify+0x974/0x11b0 [ 665.054219] ? kvm_put_kvm+0xab0/0xab0 [ 665.058115] ? SyS_write+0x1b7/0x210 [ 665.061833] ? kvm_put_kvm+0xab0/0xab0 [ 665.065725] do_vfs_ioctl+0x75a/0xff0 [ 665.069551] ? lock_acquire+0x170/0x3f0 [ 665.073533] ? ioctl_preallocate+0x1a0/0x1a0 [ 665.077953] ? __fget+0x265/0x3e0 [ 665.081418] ? do_vfs_ioctl+0xff0/0xff0 [ 665.085399] ? security_file_ioctl+0x83/0xb0 [ 665.089902] SyS_ioctl+0x7f/0xb0 [ 665.093273] ? do_vfs_ioctl+0xff0/0xff0 [ 665.097257] do_syscall_64+0x1d5/0x640 [ 665.101153] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 665.106349] RIP: 0033:0x7fa37e383109 [ 665.110063] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 665.117773] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 13:37:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 2) 13:37:41 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @multicast}, 0x10) socketpair(0x2, 0x1, 0xfffffffc, 0x0) [ 665.125042] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 665.132456] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 665.139727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.146991] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:41 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x40], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000440)={&(0x7f0000000400)=[0x4, 0x101, 0x8, 0x9, 0x9, 0x80, 0x5, 0xffffffc0, 0x81], 0x9, 0x800, 0x0, 0xffffffffffffffff}) getsockopt$packet_buf(r2, 0x107, 0x16, &(0x7f00000002c0)=""/247, &(0x7f00000003c0)=0xf7) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="00082dbd7000fbdbdf250600000008001900ac1e0101"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x2f, 0x9, 0x4, 0x4, 0x1, @private0, @rand_addr=' \x01\x00', 0x10, 0x8000, 0x4, 0x4}}) connect$packet(r1, &(0x7f0000000180)={0x11, 0xf7, r4, 0x1, 0x6, 0x6, @broadcast}, 0x14) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001500)=@bloom_filter={0x1e, 0x1, 0x1000, 0x7, 0x0, r1, 0x800, '\x00', r4, r5, 0x1, 0x4, 0x2, 0x7}, 0x48) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f00000000c0)={0xcf, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000004c0)={&(0x7f0000000480)=[0x7ff, 0x7, 0x7fff, 0x1], 0x4, 0x0, 0x0, 0xffffffffffffffff}) ioctl$KVM_GET_XSAVE(r6, 0x9000aea4, &(0x7f0000000500)) [ 665.182313] FAULT_INJECTION: forcing a failure. [ 665.182313] name failslab, interval 1, probability 0, space 0, times 0 [ 665.198724] CPU: 0 PID: 10089 Comm: syz-executor.2 Not tainted 4.14.284-syzkaller #0 [ 665.206634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.215990] Call Trace: [ 665.218577] dump_stack+0x1b2/0x281 [ 665.222201] should_fail.cold+0x10a/0x149 [ 665.226344] should_failslab+0xd6/0x130 [ 665.230313] kmem_cache_alloc_trace+0x29a/0x3d0 [ 665.234975] kvm_dev_ioctl+0x964/0x1450 [ 665.238973] ? fsnotify+0x974/0x11b0 [ 665.242674] ? kvm_put_kvm+0xab0/0xab0 [ 665.246554] ? SyS_write+0x1b7/0x210 [ 665.250259] ? kvm_put_kvm+0xab0/0xab0 [ 665.254131] do_vfs_ioctl+0x75a/0xff0 [ 665.257922] ? lock_acquire+0x170/0x3f0 [ 665.261884] ? ioctl_preallocate+0x1a0/0x1a0 [ 665.266281] ? __fget+0x265/0x3e0 [ 665.269725] ? do_vfs_ioctl+0xff0/0xff0 [ 665.273692] ? security_file_ioctl+0x83/0xb0 [ 665.278091] SyS_ioctl+0x7f/0xb0 [ 665.281442] ? do_vfs_ioctl+0xff0/0xff0 [ 665.285402] do_syscall_64+0x1d5/0x640 [ 665.289281] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 665.294480] RIP: 0033:0x7fc694c85109 [ 665.298173] RSP: 002b:00007fc6935fa168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 665.305887] RAX: ffffffffffffffda RBX: 00007fc694d97f60 RCX: 00007fc694c85109 [ 665.313162] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 665.320419] RBP: 00007fc6935fa1d0 R08: 0000000000000000 R09: 0000000000000000 13:37:41 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) accept$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) pkey_mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0xffffffffffffffff) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x10500) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000040)={0xc400000000000000, 0x1000, 0x10000, 0xa, 0x18}) 13:37:41 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @multicast}, 0x10) (async) socketpair(0x2, 0x1, 0xfffffffc, 0x0) [ 665.327674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.334928] R13: 00007ffdeb6479bf R14: 00007fc6935fa300 R15: 0000000000022000 [ 665.352247] CPU: 1 PID: 10115 Comm: syz-executor.1 Not tainted 4.14.284-syzkaller #0 [ 665.360162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.369519] Call Trace: [ 665.372110] dump_stack+0x1b2/0x281 [ 665.375746] should_fail.cold+0x10a/0x149 [ 665.379909] should_failslab+0xd6/0x130 [ 665.383888] kmem_cache_alloc_node_trace+0x25a/0x400 [ 665.389011] __kmalloc_node+0x38/0x70 [ 665.392811] kvmalloc_node+0x88/0xd0 [ 665.396526] kvm_dev_ioctl+0x6ba/0x1450 [ 665.400510] ? fsnotify+0x974/0x11b0 [ 665.404225] ? kvm_put_kvm+0xab0/0xab0 [ 665.408116] ? SyS_write+0x1b7/0x210 [ 665.411835] ? kvm_put_kvm+0xab0/0xab0 [ 665.415731] do_vfs_ioctl+0x75a/0xff0 [ 665.419538] ? lock_acquire+0x170/0x3f0 [ 665.423515] ? ioctl_preallocate+0x1a0/0x1a0 [ 665.427933] ? __fget+0x265/0x3e0 [ 665.431389] ? do_vfs_ioctl+0xff0/0xff0 [ 665.435372] ? security_file_ioctl+0x83/0xb0 [ 665.439784] SyS_ioctl+0x7f/0xb0 [ 665.443150] ? do_vfs_ioctl+0xff0/0xff0 [ 665.447126] do_syscall_64+0x1d5/0x640 [ 665.451031] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 665.456217] RIP: 0033:0x7f3b3102d109 [ 665.459920] RSP: 002b:00007f3b2f9a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 665.467629] RAX: ffffffffffffffda RBX: 00007f3b3113ff60 RCX: 00007f3b3102d109 [ 665.474984] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:37:41 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 7) 13:37:41 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x40], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) (async, rerun: 32) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000440)={&(0x7f0000000400)=[0x4, 0x101, 0x8, 0x9, 0x9, 0x80, 0x5, 0xffffffc0, 0x81], 0x9, 0x800, 0x0, 0xffffffffffffffff}) getsockopt$packet_buf(r2, 0x107, 0x16, &(0x7f00000002c0)=""/247, &(0x7f00000003c0)=0xf7) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="00082dbd7000fbdbdf250600000008001900ac1e0101"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000) (async, rerun: 32) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x2f, 0x9, 0x4, 0x4, 0x1, @private0, @rand_addr=' \x01\x00', 0x10, 0x8000, 0x4, 0x4}}) (rerun: 32) connect$packet(r1, &(0x7f0000000180)={0x11, 0xf7, r4, 0x1, 0x6, 0x6, @broadcast}, 0x14) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) bpf$MAP_CREATE(0x0, &(0x7f0000001500)=@bloom_filter={0x1e, 0x1, 0x1000, 0x7, 0x0, r1, 0x800, '\x00', r4, r5, 0x1, 0x4, 0x2, 0x7}, 0x48) (async) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f00000000c0)={0xcf, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000004c0)={&(0x7f0000000480)=[0x7ff, 0x7, 0x7fff, 0x1], 0x4, 0x0, 0x0, 0xffffffffffffffff}) ioctl$KVM_GET_XSAVE(r6, 0x9000aea4, &(0x7f0000000500)) 13:37:41 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 5) 13:37:41 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) accept$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) pkey_mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0xffffffffffffffff) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x10500) (rerun: 32) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000040)={0xc400000000000000, 0x1000, 0x10000, 0xa, 0x18}) [ 665.482251] RBP: 00007f3b2f9a21d0 R08: 0000000000000000 R09: 0000000000000000 [ 665.489527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.496793] R13: 00007ffe8975eecf R14: 00007f3b2f9a2300 R15: 0000000000022000 13:37:41 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x1, 0x6, @multicast}, 0x10) (async, rerun: 32) socketpair(0x2, 0x1, 0xfffffffc, 0x0) (rerun: 32) 13:37:41 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 3) [ 665.578574] FAULT_INJECTION: forcing a failure. [ 665.578574] name failslab, interval 1, probability 0, space 0, times 0 [ 665.622573] CPU: 0 PID: 10142 Comm: syz-executor.2 Not tainted 4.14.284-syzkaller #0 [ 665.630486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.632899] FAULT_INJECTION: forcing a failure. [ 665.632899] name failslab, interval 1, probability 0, space 0, times 0 [ 665.639928] Call Trace: [ 665.639948] dump_stack+0x1b2/0x281 [ 665.639961] should_fail.cold+0x10a/0x149 [ 665.639975] should_failslab+0xd6/0x130 [ 665.639987] kmem_cache_alloc_trace+0x29a/0x3d0 [ 665.639998] kvm_dev_ioctl+0x964/0x1450 [ 665.640012] ? fsnotify+0x974/0x11b0 [ 665.640025] ? kvm_put_kvm+0xab0/0xab0 [ 665.653102] FAULT_INJECTION: forcing a failure. [ 665.653102] name failslab, interval 1, probability 0, space 0, times 0 [ 665.653781] ? SyS_write+0x1b7/0x210 [ 665.653795] ? kvm_put_kvm+0xab0/0xab0 [ 665.653806] do_vfs_ioctl+0x75a/0xff0 [ 665.653820] ? lock_acquire+0x170/0x3f0 [ 665.708396] ? ioctl_preallocate+0x1a0/0x1a0 [ 665.712813] ? __fget+0x265/0x3e0 [ 665.716252] ? do_vfs_ioctl+0xff0/0xff0 [ 665.720220] ? security_file_ioctl+0x83/0xb0 [ 665.724623] SyS_ioctl+0x7f/0xb0 [ 665.727973] ? do_vfs_ioctl+0xff0/0xff0 [ 665.731932] do_syscall_64+0x1d5/0x640 [ 665.735812] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 665.740996] RIP: 0033:0x7fc694c85109 [ 665.744694] RSP: 002b:00007fc6935fa168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 665.752387] RAX: ffffffffffffffda RBX: 00007fc694d97f60 RCX: 00007fc694c85109 [ 665.759656] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:37:41 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x40], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000440)={&(0x7f0000000400)=[0x4, 0x101, 0x8, 0x9, 0x9, 0x80, 0x5, 0xffffffc0, 0x81], 0x9, 0x800, 0x0, 0xffffffffffffffff}) getsockopt$packet_buf(r2, 0x107, 0x16, &(0x7f00000002c0)=""/247, &(0x7f00000003c0)=0xf7) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="00082dbd7000fbdbdf250600000008001900ac1e0101"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000) (async) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x2f, 0x9, 0x4, 0x4, 0x1, @private0, @rand_addr=' \x01\x00', 0x10, 0x8000, 0x4, 0x4}}) connect$packet(r1, &(0x7f0000000180)={0x11, 0xf7, r4, 0x1, 0x6, 0x6, @broadcast}, 0x14) (async) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) bpf$MAP_CREATE(0x0, &(0x7f0000001500)=@bloom_filter={0x1e, 0x1, 0x1000, 0x7, 0x0, r1, 0x800, '\x00', r4, r5, 0x1, 0x4, 0x2, 0x7}, 0x48) (async) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f00000000c0)={0xcf, 0x6}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000004c0)={&(0x7f0000000480)=[0x7ff, 0x7, 0x7fff, 0x1], 0x4, 0x0, 0x0, 0xffffffffffffffff}) ioctl$KVM_GET_XSAVE(r6, 0x9000aea4, &(0x7f0000000500)) [ 665.766911] RBP: 00007fc6935fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 665.774165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.781416] R13: 00007ffdeb6479bf R14: 00007fc6935fa300 R15: 0000000000022000 [ 665.788710] CPU: 1 PID: 10152 Comm: syz-executor.1 Not tainted 4.14.284-syzkaller #0 [ 665.796603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.805964] Call Trace: [ 665.808554] dump_stack+0x1b2/0x281 [ 665.812194] should_fail.cold+0x10a/0x149 [ 665.816458] should_failslab+0xd6/0x130 [ 665.820467] kmem_cache_alloc_node_trace+0x25a/0x400 [ 665.825580] __kmalloc_node+0x38/0x70 [ 665.829385] kvmalloc_node+0x88/0xd0 [ 665.833186] kvm_dev_ioctl+0x6ba/0x1450 [ 665.837170] ? fsnotify+0x974/0x11b0 [ 665.840890] ? kvm_put_kvm+0xab0/0xab0 [ 665.844782] ? SyS_write+0x1b7/0x210 [ 665.848503] ? kvm_put_kvm+0xab0/0xab0 [ 665.852396] do_vfs_ioctl+0x75a/0xff0 [ 665.856203] ? lock_acquire+0x170/0x3f0 [ 665.860176] ? ioctl_preallocate+0x1a0/0x1a0 [ 665.864589] ? __fget+0x265/0x3e0 [ 665.868198] ? do_vfs_ioctl+0xff0/0xff0 [ 665.872181] ? security_file_ioctl+0x83/0xb0 [ 665.876742] SyS_ioctl+0x7f/0xb0 [ 665.880211] ? do_vfs_ioctl+0xff0/0xff0 [ 665.884197] do_syscall_64+0x1d5/0x640 [ 665.888096] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 665.893391] RIP: 0033:0x7f3b3102d109 [ 665.897209] RSP: 002b:00007f3b2f9a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 665.904923] RAX: ffffffffffffffda RBX: 00007f3b3113ff60 RCX: 00007f3b3102d109 [ 665.912197] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:37:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 8) [ 665.919703] RBP: 00007f3b2f9a21d0 R08: 0000000000000000 R09: 0000000000000000 [ 665.926972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 665.934247] R13: 00007ffe8975eecf R14: 00007f3b2f9a2300 R15: 0000000000022000 [ 665.949239] CPU: 1 PID: 10151 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 665.957152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.966506] Call Trace: [ 665.969105] dump_stack+0x1b2/0x281 [ 665.972129] FAULT_INJECTION: forcing a failure. [ 665.972129] name failslab, interval 1, probability 0, space 0, times 0 [ 665.972734] should_fail.cold+0x10a/0x149 [ 665.988054] should_failslab+0xd6/0x130 [ 665.992048] kmem_cache_alloc_node_trace+0x25a/0x400 [ 665.997151] __kmalloc_node+0x38/0x70 [ 666.000939] kvmalloc_node+0x88/0xd0 [ 666.004641] kvm_dev_ioctl+0x7c1/0x1450 [ 666.008615] ? fsnotify+0x974/0x11b0 [ 666.012323] ? kvm_put_kvm+0xab0/0xab0 [ 666.016216] ? SyS_write+0x1b7/0x210 [ 666.019925] ? kvm_put_kvm+0xab0/0xab0 [ 666.023799] do_vfs_ioctl+0x75a/0xff0 [ 666.027625] ? lock_acquire+0x170/0x3f0 [ 666.031601] ? ioctl_preallocate+0x1a0/0x1a0 [ 666.036263] ? __fget+0x265/0x3e0 [ 666.039719] ? do_vfs_ioctl+0xff0/0xff0 [ 666.043699] ? security_file_ioctl+0x83/0xb0 [ 666.048113] SyS_ioctl+0x7f/0xb0 [ 666.051477] ? do_vfs_ioctl+0xff0/0xff0 [ 666.055452] do_syscall_64+0x1d5/0x640 [ 666.059351] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 666.064532] RIP: 0033:0x7fa37e383109 [ 666.068234] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 666.075929] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 666.083182] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 666.090435] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 666.097688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.104943] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 [ 666.112239] CPU: 0 PID: 10172 Comm: syz-executor.2 Not tainted 4.14.284-syzkaller #0 [ 666.120122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.129476] Call Trace: [ 666.132056] dump_stack+0x1b2/0x281 [ 666.135670] should_fail.cold+0x10a/0x149 [ 666.139804] should_failslab+0xd6/0x130 [ 666.143763] kmem_cache_alloc_trace+0x29a/0x3d0 [ 666.148421] kvm_dev_ioctl+0x964/0x1450 [ 666.152381] ? fsnotify+0x974/0x11b0 [ 666.156078] ? kvm_put_kvm+0xab0/0xab0 [ 666.159965] ? SyS_write+0x1b7/0x210 [ 666.163662] ? kvm_put_kvm+0xab0/0xab0 [ 666.167550] do_vfs_ioctl+0x75a/0xff0 [ 666.171368] ? lock_acquire+0x170/0x3f0 [ 666.175327] ? ioctl_preallocate+0x1a0/0x1a0 [ 666.179721] ? __fget+0x265/0x3e0 [ 666.183159] ? do_vfs_ioctl+0xff0/0xff0 [ 666.187120] ? security_file_ioctl+0x83/0xb0 [ 666.191534] SyS_ioctl+0x7f/0xb0 [ 666.194882] ? do_vfs_ioctl+0xff0/0xff0 [ 666.198842] do_syscall_64+0x1d5/0x640 [ 666.202717] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 666.207893] RIP: 0033:0x7fc694c85109 [ 666.211585] RSP: 002b:00007fc6935fa168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 6) 13:37:42 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_RMFB(0xffffffffffffffff, 0xc00464af, &(0x7f00000000c0)=0x2) socket$l2tp6(0xa, 0x2, 0x73) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ec0300000024e9a8a09dcb65d06679e9bbbc354516e1ff3f0182f59e", 0x4d, 0x4040000, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl1\x00', r2, 0x2f, 0x4, 0x56, 0x4, 0x1, @remote, @private0, 0x20, 0x40, 0x3, 0x6}}) socket$l2tp6(0xa, 0x2, 0x73) 13:37:42 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) accept$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) pkey_mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0xffffffffffffffff) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x10500) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000040)={0xc400000000000000, 0x1000, 0x10000, 0xa, 0x18}) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) accept$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) (async) pkey_mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0xffffffffffffffff) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x10500) (async) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000040)={0xc400000000000000, 0x1000, 0x10000, 0xa, 0x18}) (async) 13:37:42 executing program 3: socketpair(0x2, 0x1, 0x4, 0x0) [ 666.219275] RAX: ffffffffffffffda RBX: 00007fc694d97f60 RCX: 00007fc694c85109 [ 666.226527] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 666.233780] RBP: 00007fc6935fa1d0 R08: 0000000000000000 R09: 0000000000000000 [ 666.241034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.248294] R13: 00007ffdeb6479bf R14: 00007fc6935fa300 R15: 0000000000022000 13:37:42 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_RMFB(0xffffffffffffffff, 0xc00464af, &(0x7f00000000c0)=0x2) (async) socket$l2tp6(0xa, 0x2, 0x73) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ec0300000024e9a8a09dcb65d06679e9bbbc354516e1ff3f0182f59e", 0x4d, 0x4040000, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl1\x00', r2, 0x2f, 0x4, 0x56, 0x4, 0x1, @remote, @private0, 0x20, 0x40, 0x3, 0x6}}) socket$l2tp6(0xa, 0x2, 0x73) [ 666.376164] FAULT_INJECTION: forcing a failure. [ 666.376164] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 666.388130] CPU: 0 PID: 10195 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 666.396014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.405494] Call Trace: [ 666.408090] dump_stack+0x1b2/0x281 [ 666.411732] should_fail.cold+0x10a/0x149 [ 666.415887] ? is_bpf_text_address+0xb8/0x150 [ 666.420394] __alloc_pages_nodemask+0x22c/0x2720 [ 666.425160] ? unwind_get_return_address+0x51/0x90 [ 666.430096] ? __save_stack_trace+0xa0/0x160 [ 666.434517] ? __lock_acquire+0x5fc/0x3f20 [ 666.438764] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 666.443609] ? kvm_dev_ioctl+0x6ba/0x1450 [ 666.447762] ? do_vfs_ioctl+0x75a/0xff0 [ 666.451740] ? SyS_ioctl+0x7f/0xb0 [ 666.455283] ? do_syscall_64+0x1d5/0x640 [ 666.459346] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 666.464719] ? _flat_send_IPI_mask+0x109/0x1a0 [ 666.469312] ? cache_alloc_refill+0x2fa/0x350 [ 666.473824] cache_grow_begin+0x91/0x700 [ 666.477890] ? fs_reclaim_release+0xd0/0x110 [ 666.482306] ? check_preemption_disabled+0x35/0x240 [ 666.487340] cache_alloc_refill+0x273/0x350 [ 666.491705] kmem_cache_alloc_node_trace+0x3e5/0x400 [ 666.496828] __kmalloc_node+0x38/0x70 [ 666.500649] kvmalloc_node+0x88/0xd0 [ 666.504369] kvm_dev_ioctl+0x7c1/0x1450 [ 666.508351] ? fsnotify+0x974/0x11b0 [ 666.512068] ? kvm_put_kvm+0xab0/0xab0 [ 666.515969] ? SyS_write+0x1b7/0x210 [ 666.519740] ? kvm_put_kvm+0xab0/0xab0 [ 666.523635] do_vfs_ioctl+0x75a/0xff0 [ 666.527456] ? lock_acquire+0x170/0x3f0 [ 666.530888] FAULT_INJECTION: forcing a failure. [ 666.530888] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 666.531463] ? ioctl_preallocate+0x1a0/0x1a0 [ 666.547942] ? __fget+0x265/0x3e0 [ 666.551386] ? do_vfs_ioctl+0xff0/0xff0 [ 666.555520] ? security_file_ioctl+0x83/0xb0 [ 666.559916] SyS_ioctl+0x7f/0xb0 [ 666.563267] ? do_vfs_ioctl+0xff0/0xff0 [ 666.567225] do_syscall_64+0x1d5/0x640 [ 666.571118] entry_SYSCALL_64_after_hwframe+0x46/0xbb 13:37:42 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 4) 13:37:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 9) 13:37:42 executing program 3: socketpair(0x2, 0x1, 0x4, 0x0) [ 666.576317] RIP: 0033:0x7fa37e383109 [ 666.580016] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 666.587710] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 666.594971] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 666.602227] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 666.609480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.616739] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 [ 666.624017] CPU: 1 PID: 10214 Comm: syz-executor.1 Not tainted 4.14.284-syzkaller #0 [ 666.631908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.641262] Call Trace: [ 666.643919] dump_stack+0x1b2/0x281 [ 666.647554] should_fail.cold+0x10a/0x149 [ 666.651715] __alloc_pages_nodemask+0x22c/0x2720 [ 666.656483] ? register_lock_class+0x1d0/0x1180 [ 666.661157] ? trace_hardirqs_on+0x10/0x10 [ 666.665399] ? __lock_acquire+0x5fc/0x3f20 [ 666.669640] ? __lock_acquire+0x5fc/0x3f20 [ 666.673864] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 666.678788] ? __lock_acquire+0x5fc/0x3f20 [ 666.683010] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 666.688097] ? trace_hardirqs_on+0x10/0x10 [ 666.692319] ? trace_hardirqs_on+0x10/0x10 [ 666.696542] cache_grow_begin+0x91/0x700 [ 666.700588] ? fs_reclaim_release+0xd0/0x110 [ 666.704984] ? check_preemption_disabled+0x35/0x240 [ 666.709987] cache_alloc_refill+0x273/0x350 [ 666.714298] kmem_cache_alloc_node_trace+0x3e5/0x400 [ 666.719391] __kmalloc_node+0x38/0x70 [ 666.723177] kvmalloc_node+0x88/0xd0 [ 666.726878] kvm_dev_ioctl+0x6ba/0x1450 [ 666.730842] ? fsnotify+0x974/0x11b0 [ 666.734559] ? kvm_put_kvm+0xab0/0xab0 [ 666.738433] ? SyS_write+0x1b7/0x210 [ 666.742134] ? kvm_put_kvm+0xab0/0xab0 [ 666.746005] do_vfs_ioctl+0x75a/0xff0 [ 666.749789] ? lock_acquire+0x170/0x3f0 [ 666.753747] ? ioctl_preallocate+0x1a0/0x1a0 [ 666.758140] ? __fget+0x265/0x3e0 [ 666.761577] ? do_vfs_ioctl+0xff0/0xff0 [ 666.765548] ? security_file_ioctl+0x83/0xb0 [ 666.769940] SyS_ioctl+0x7f/0xb0 [ 666.773303] ? do_vfs_ioctl+0xff0/0xff0 [ 666.777289] do_syscall_64+0x1d5/0x640 [ 666.781189] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 666.786369] RIP: 0033:0x7f3b3102d109 [ 666.790064] RSP: 002b:00007f3b2f9a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 666.797775] RAX: ffffffffffffffda RBX: 00007f3b3113ff60 RCX: 00007f3b3102d109 [ 666.805044] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 666.812305] RBP: 00007f3b2f9a21d0 R08: 0000000000000000 R09: 0000000000000000 [ 666.819572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 13:37:42 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0xfca7) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x3ff) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0xffffffff, 0x0, 0x1}) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x5}, 0x4) 13:37:42 executing program 3: socketpair(0x2, 0x1, 0x4, 0x0) 13:37:42 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_RMFB(0xffffffffffffffff, 0xc00464af, &(0x7f00000000c0)=0x2) (rerun: 32) socket$l2tp6(0xa, 0x2, 0x73) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async, rerun: 32) r1 = socket$packet(0x11, 0x3, 0x300) (rerun: 32) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ec0300000024e9a8a09dcb65d06679e9bbbc354516e1ff3f0182f59e", 0x4d, 0x4040000, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl1\x00', r2, 0x2f, 0x4, 0x56, 0x4, 0x1, @remote, @private0, 0x20, 0x40, 0x3, 0x6}}) socket$l2tp6(0xa, 0x2, 0x73) 13:37:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 7) 13:37:42 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10180, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 666.826841] R13: 00007ffe8975eecf R14: 00007f3b2f9a2300 R15: 0000000000022000 13:37:43 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0xfca7) (async) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x3ff) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0xffffffff, 0x0, 0x1}) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x5}, 0x4) 13:37:43 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000100)="c1c7334e022cab6e3555f7e9a5b37f35bc1e44660083730533a42ae868d70d1a4104eedc2b0f560df7f64c16d5cf7e0e6567f24d2c9fe9f1c64c13ab745c2b19f080961d5d563182eaa3abc76e0700978c3c3b3d0b5858b364a745415afe43d1e02cc2a170a9e198d8d4a91c2bf9dff2c8a979a78c052ce320fe3054a03cca7e56c2ef199b0d010136e1487aa262ada7c511336c34c916354a465820427d266c43ca0132835f49991060805cea7e7ddf5aab8153af4bec9d0bec1d1fb5a8209d9cc17f4b9975d2fdaeca17ac7991e2b154072c407fb6ee0c", 0xd8) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_CAP_HYPERV_SYNIC(r0, 0x4068aea3, &(0x7f0000000080)) 13:37:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10180, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10180, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:43 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x1}, 0x4) [ 666.947974] FAULT_INJECTION: forcing a failure. [ 666.947974] name failslab, interval 1, probability 0, space 0, times 0 [ 667.022689] CPU: 1 PID: 10239 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 667.030602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.039965] Call Trace: [ 667.042556] dump_stack+0x1b2/0x281 [ 667.046176] should_fail.cold+0x10a/0x149 [ 667.050315] should_failslab+0xd6/0x130 [ 667.054296] kmem_cache_alloc_trace+0x29a/0x3d0 [ 667.058951] kvm_dev_ioctl+0x964/0x1450 [ 667.062911] ? fsnotify+0x974/0x11b0 [ 667.066608] ? kvm_put_kvm+0xab0/0xab0 [ 667.070499] ? SyS_write+0x1b7/0x210 [ 667.074199] ? kvm_put_kvm+0xab0/0xab0 [ 667.078074] do_vfs_ioctl+0x75a/0xff0 [ 667.081865] ? lock_acquire+0x170/0x3f0 [ 667.085822] ? ioctl_preallocate+0x1a0/0x1a0 [ 667.090217] ? __fget+0x265/0x3e0 [ 667.093663] ? do_vfs_ioctl+0xff0/0xff0 [ 667.097622] ? security_file_ioctl+0x83/0xb0 [ 667.102016] SyS_ioctl+0x7f/0xb0 [ 667.105366] ? do_vfs_ioctl+0xff0/0xff0 [ 667.109341] do_syscall_64+0x1d5/0x640 [ 667.113216] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 667.118389] RIP: 0033:0x7fa37e383109 13:37:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 5) 13:37:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10180, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x10180, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:43 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0xfca7) (async) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x3ff) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0xffffffff, 0x0, 0x1}) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x5}, 0x4) 13:37:43 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000100)="c1c7334e022cab6e3555f7e9a5b37f35bc1e44660083730533a42ae868d70d1a4104eedc2b0f560df7f64c16d5cf7e0e6567f24d2c9fe9f1c64c13ab745c2b19f080961d5d563182eaa3abc76e0700978c3c3b3d0b5858b364a745415afe43d1e02cc2a170a9e198d8d4a91c2bf9dff2c8a979a78c052ce320fe3054a03cca7e56c2ef199b0d010136e1487aa262ada7c511336c34c916354a465820427d266c43ca0132835f49991060805cea7e7ddf5aab8153af4bec9d0bec1d1fb5a8209d9cc17f4b9975d2fdaeca17ac7991e2b154072c407fb6ee0c", 0xd8) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_CAP_HYPERV_SYNIC(r0, 0x4068aea3, &(0x7f0000000080)) 13:37:43 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x1}, 0x4) [ 667.122103] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 667.129805] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 667.137057] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 667.144314] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 667.151567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.158823] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c0140, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) [ 667.239130] FAULT_INJECTION: forcing a failure. [ 667.239130] name failslab, interval 1, probability 0, space 0, times 0 [ 667.283222] CPU: 1 PID: 10268 Comm: syz-executor.1 Not tainted 4.14.284-syzkaller #0 [ 667.291137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.300493] Call Trace: [ 667.303091] dump_stack+0x1b2/0x281 [ 667.306730] should_fail.cold+0x10a/0x149 [ 667.310909] should_failslab+0xd6/0x130 [ 667.314895] kmem_cache_alloc_trace+0x29a/0x3d0 [ 667.319574] kvm_dev_ioctl+0x964/0x1450 [ 667.323559] ? fsnotify+0x974/0x11b0 [ 667.327289] ? kvm_put_kvm+0xab0/0xab0 [ 667.331182] ? SyS_write+0x1b7/0x210 [ 667.334899] ? kvm_put_kvm+0xab0/0xab0 [ 667.338789] do_vfs_ioctl+0x75a/0xff0 [ 667.342598] ? lock_acquire+0x170/0x3f0 [ 667.346577] ? ioctl_preallocate+0x1a0/0x1a0 [ 667.350995] ? __fget+0x265/0x3e0 [ 667.354462] ? do_vfs_ioctl+0xff0/0xff0 [ 667.358445] ? security_file_ioctl+0x83/0xb0 [ 667.362862] SyS_ioctl+0x7f/0xb0 [ 667.366232] ? do_vfs_ioctl+0xff0/0xff0 [ 667.370213] do_syscall_64+0x1d5/0x640 [ 667.374116] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 667.379306] RIP: 0033:0x7f3b3102d109 13:37:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 8) 13:37:43 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x1}, 0x4) socketpair(0x2, 0x1, 0x0, 0x0) (async) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x1}, 0x4) (async) 13:37:43 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) bind$packet(r1, &(0x7f0000000000)={0x11, 0x15, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@RTM_DELMDB={0x38, 0x55, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x0, 0x4, {@in6_addr=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x9000}, 0x40005) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:43 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000100)="c1c7334e022cab6e3555f7e9a5b37f35bc1e44660083730533a42ae868d70d1a4104eedc2b0f560df7f64c16d5cf7e0e6567f24d2c9fe9f1c64c13ab745c2b19f080961d5d563182eaa3abc76e0700978c3c3b3d0b5858b364a745415afe43d1e02cc2a170a9e198d8d4a91c2bf9dff2c8a979a78c052ce320fe3054a03cca7e56c2ef199b0d010136e1487aa262ada7c511336c34c916354a465820427d266c43ca0132835f49991060805cea7e7ddf5aab8153af4bec9d0bec1d1fb5a8209d9cc17f4b9975d2fdaeca17ac7991e2b154072c407fb6ee0c", 0xd8) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_CAP_HYPERV_SYNIC(r0, 0x4068aea3, &(0x7f0000000080)) [ 667.383016] RSP: 002b:00007f3b2f9a2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 667.390727] RAX: ffffffffffffffda RBX: 00007f3b3113ff60 RCX: 00007f3b3102d109 [ 667.398000] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 667.405267] RBP: 00007f3b2f9a21d0 R08: 0000000000000000 R09: 0000000000000000 [ 667.412536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.419834] R13: 00007ffe8975eecf R14: 00007f3b2f9a2300 R15: 0000000000022000 [ 667.420970] FAULT_INJECTION: forcing a failure. 13:37:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c0140, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) (async) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) [ 667.420970] name failslab, interval 1, probability 0, space 0, times 0 13:37:43 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) bind$packet(r1, &(0x7f0000000000)={0x11, 0x15, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@RTM_DELMDB={0x38, 0x55, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x0, 0x4, {@in6_addr=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x9000}, 0x40005) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) bind$packet(r1, &(0x7f0000000000)={0x11, 0x15, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@RTM_DELMDB={0x38, 0x55, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x0, 0x4, {@in6_addr=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x9000}, 0x40005) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) 13:37:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 6) 13:37:43 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x21a8c2) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x130, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x4000) 13:37:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c0140, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 13:37:43 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) bind$packet(r1, &(0x7f0000000000)={0x11, 0x15, 0x0, 0x1, 0x1, 0x6, @multicast}, 0x14) (async) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@RTM_DELMDB={0x38, 0x55, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x0, 0x4, {@in6_addr=@loopback}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x9000}, 0x40005) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) [ 667.532082] CPU: 0 PID: 10287 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 667.540081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.549437] Call Trace: [ 667.552034] dump_stack+0x1b2/0x281 [ 667.555668] should_fail.cold+0x10a/0x149 [ 667.559818] should_failslab+0xd6/0x130 [ 667.563797] kmem_cache_alloc_trace+0x29a/0x3d0 [ 667.568470] kvm_dev_ioctl+0x964/0x1450 [ 667.572450] ? fsnotify+0x974/0x11b0 [ 667.576162] ? kvm_put_kvm+0xab0/0xab0 [ 667.580054] ? SyS_write+0x1b7/0x210 [ 667.583778] ? kvm_put_kvm+0xab0/0xab0 [ 667.587679] do_vfs_ioctl+0x75a/0xff0 [ 667.591479] ? lock_acquire+0x170/0x3f0 [ 667.595457] ? ioctl_preallocate+0x1a0/0x1a0 [ 667.599867] ? __fget+0x265/0x3e0 [ 667.603326] ? do_vfs_ioctl+0xff0/0xff0 [ 667.607303] ? security_file_ioctl+0x83/0xb0 [ 667.611715] SyS_ioctl+0x7f/0xb0 [ 667.615082] ? do_vfs_ioctl+0xff0/0xff0 [ 667.619058] do_syscall_64+0x1d5/0x640 [ 667.622950] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 667.628130] RIP: 0033:0x7fa37e383109 13:37:43 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100, 0x4}, 0x10) 13:37:43 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100, 0x4}, 0x10) socketpair(0x2, 0x1, 0x0, 0x0) (async) connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100, 0x4}, 0x10) (async) 13:37:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 9) 13:37:43 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:43 executing program 0: setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socketpair(0x29, 0x804, 0x6, &(0x7f0000000040)={0xffffffffffffffff}) getpeername$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x80) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) 13:37:43 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x21a8c2) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x130, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x4000) [ 667.631833] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 667.639538] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 667.646807] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 667.654080] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 667.661434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.668700] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:43 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100, 0x4}, 0x10) socketpair(0x2, 0x1, 0x0, 0x0) (async) connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100, 0x4}, 0x10) (async) 13:37:43 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x21a8c2) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x130, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x4000) socketpair(0x2, 0x1, 0x0, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x21a8c2) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x130, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x4000) (async) [ 667.748601] FAULT_INJECTION: forcing a failure. [ 667.748601] name failslab, interval 1, probability 0, space 0, times 0 13:37:43 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:43 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, r0) r1 = pkey_alloc(0x0, 0x2) r2 = pkey_alloc(0x0, 0x4) pkey_mprotect(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x2000004, r2) pkey_free(r1) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x5000000, r1) 13:37:43 executing program 0: setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socketpair(0x29, 0x804, 0x6, &(0x7f0000000040)={0xffffffffffffffff}) getpeername$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x80) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) [ 667.842345] CPU: 0 PID: 10345 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 667.850264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.859616] Call Trace: [ 667.862241] dump_stack+0x1b2/0x281 [ 667.865882] should_fail.cold+0x10a/0x149 [ 667.870039] should_failslab+0xd6/0x130 [ 667.874030] kmem_cache_alloc_trace+0x29a/0x3d0 [ 667.878703] ? kvm_exit+0x80/0x80 [ 667.882160] __kthread_create_on_node+0xbe/0x3a0 [ 667.886916] ? kthread_park+0x130/0x130 [ 667.890895] ? trace_hardirqs_on+0x10/0x10 [ 667.895136] ? trace_hardirqs_on+0x10/0x10 [ 667.899371] ? kvm_exit+0x80/0x80 [ 667.902823] kthread_create_on_node+0xa8/0xd0 [ 667.907319] ? __kthread_create_on_node+0x3a0/0x3a0 [ 667.912357] ? __lockdep_init_map+0x100/0x560 [ 667.916857] ? __lockdep_init_map+0x100/0x560 [ 667.921365] kvm_vm_create_worker_thread+0x12d/0x200 [ 667.926482] ? kvm_mmu_reset_context+0x70/0x70 [ 667.931196] ? kvm_io_bus_unregister_dev+0x320/0x320 [ 667.936316] ? kvm_mmu_reset_context+0x70/0x70 13:37:44 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_0\x00'}) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'syztnl2\x00', r2, 0x2f, 0x72, 0xff, 0xfc, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x1, 0x20, 0x80, 0x331}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x9a6e, 0x5], 0x2, 0x800, 0x0, 0xffffffffffffffff}) recvfrom$packet(r1, &(0x7f00000002c0)=""/116, 0x74, 0x20, &(0x7f0000000340)={0x11, 0x15, r2, 0x1, 0x1, 0x6, @multicast}, 0x14) recvfrom$packet(r3, &(0x7f0000000180)=""/94, 0x5e, 0x40010122, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r6, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x4c, r6, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffffff81}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x84}, @BATADV_ATTR_VLANID={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x90}, 0x4000000) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x16, r2, 0x1, 0x8, 0x6, @remote}, 0x14) 13:37:44 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, r0) r1 = pkey_alloc(0x0, 0x2) r2 = pkey_alloc(0x0, 0x4) pkey_mprotect(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x2000004, r2) (async) pkey_free(r1) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x5000000, r1) [ 667.940914] ? kfree+0x1f0/0x250 [ 667.944286] kvm_mmu_post_init_vm+0x2e/0x90 [ 667.948640] kvm_dev_ioctl+0xfbb/0x1450 [ 667.952625] ? fsnotify+0x974/0x11b0 [ 667.956341] ? kvm_put_kvm+0xab0/0xab0 [ 667.960229] ? SyS_write+0x1b7/0x210 [ 667.964035] ? kvm_put_kvm+0xab0/0xab0 [ 667.967939] do_vfs_ioctl+0x75a/0xff0 [ 667.971741] ? lock_acquire+0x170/0x3f0 [ 667.975719] ? ioctl_preallocate+0x1a0/0x1a0 [ 667.980133] ? __fget+0x265/0x3e0 [ 667.983598] ? do_vfs_ioctl+0xff0/0xff0 [ 667.987579] ? security_file_ioctl+0x83/0xb0 [ 667.991993] SyS_ioctl+0x7f/0xb0 [ 667.995363] ? do_vfs_ioctl+0xff0/0xff0 [ 667.999339] do_syscall_64+0x1d5/0x640 [ 668.003228] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 668.008411] RIP: 0033:0x7fa37e383109 [ 668.012115] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 668.019822] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 668.027094] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 668.034365] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 10) 13:37:44 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 32) r0 = pkey_alloc(0x0, 0x3) (rerun: 32) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, r0) (async) r1 = pkey_alloc(0x0, 0x2) r2 = pkey_alloc(0x0, 0x4) pkey_mprotect(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x2000004, r2) pkey_free(r1) (async) pkey_mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x5000000, r1) 13:37:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000040)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:44 executing program 0: setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socketpair(0x29, 0x804, 0x6, &(0x7f0000000040)={0xffffffffffffffff}) getpeername$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x80) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) socketpair(0x29, 0x804, 0x6, &(0x7f0000000040)) (async) getpeername$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x80) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) (async) [ 668.041636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 668.048893] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:44 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_0\x00'}) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'syztnl2\x00', r2, 0x2f, 0x72, 0xff, 0xfc, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x1, 0x20, 0x80, 0x331}}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x9a6e, 0x5], 0x2, 0x800, 0x0, 0xffffffffffffffff}) recvfrom$packet(r1, &(0x7f00000002c0)=""/116, 0x74, 0x20, &(0x7f0000000340)={0x11, 0x15, r2, 0x1, 0x1, 0x6, @multicast}, 0x14) (async) recvfrom$packet(r3, &(0x7f0000000180)=""/94, 0x5e, 0x40010122, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r6, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x4c, r6, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffffff81}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x84}, @BATADV_ATTR_VLANID={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x90}, 0x4000000) (async) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x16, r2, 0x1, 0x8, 0x6, @remote}, 0x14) 13:37:44 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100), 0x106, 0x6}}, 0x20) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendto$packet(r0, &(0x7f0000001240), 0x0, 0x10, &(0x7f0000001280)={0x11, 0x18, r2, 0x1, 0x2, 0x6, @random="e4db4fbdedcb"}, 0x14) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x6, 0x301800) ioctl$DRM_IOCTL_IRQ_BUSID(r3, 0xc0106403, &(0x7f0000000040)={0x81, 0x8, 0x1, 0x1}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x4800) ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f00000001c0)={[0x86f9, 0x4, 0x80000000, 0x6, 0x54c, 0x8001, 0x80, 0x0, 0x2, 0x0, 0x200, 0x9, 0x3, 0x2, 0xa223, 0x8000, 0x5, 0x1, 0xff, 0x0, 0x3, 0x400, 0x80, 0x16, 0x5, 0x401, 0x3, 0x27, 0xe3, 0x4, 0xfffffc00, 0x1, 0xffff, 0x4, 0x1, 0xe6, 0x5, 0x1, 0x400, 0x8001, 0x0, 0x6, 0x1, 0x1, 0x7, 0x81, 0x9, 0x280000, 0x40, 0x8001, 0x9, 0x80000000, 0x2, 0x7, 0x4, 0x90b8, 0x959, 0xfffffffa, 0x4, 0x0, 0x8001, 0x6, 0xffffffff, 0x5, 0xff, 0x23, 0x8, 0xc, 0x1, 0x8, 0x7, 0x8, 0x1000, 0x3, 0x11c2, 0x1, 0x6c64, 0x7c4b4419, 0x7, 0xf74, 0x2, 0x17, 0x416, 0x9, 0xffff, 0x1, 0x6, 0x2, 0x100, 0xfffffff9, 0xffffffe1, 0x7fff, 0x8, 0xffff336b, 0xfff, 0x1f, 0xf0000000, 0xfffffffb, 0xfffffffc, 0x9, 0x77d20a8a, 0x0, 0x9, 0xfffffffe, 0x80000001, 0x0, 0x8, 0x1, 0x5, 0x1, 0x7, 0x286a, 0x0, 0x49, 0x7ff, 0x8, 0x2, 0x7fffffff, 0x4, 0xc37, 0x10001, 0x3224, 0x4, 0xe24f, 0xff, 0x10001, 0x3f, 0x0, 0x5, 0x6, 0x3, 0x8b5, 0x6, 0x1, 0xf1f, 0xc0b, 0x7fff, 0xffff, 0x200, 0x5, 0xfffffff7, 0x2, 0x6, 0x6, 0x5, 0xc0, 0x4, 0x5, 0xe3, 0x4c, 0x5, 0xfff, 0x6, 0x6, 0x3ff, 0xffff, 0x6, 0x0, 0xfffffbff, 0x401, 0x800, 0x9, 0x2, 0x89d, 0x6, 0x7000, 0x800, 0x2, 0x2347, 0x4, 0xffff0000, 0xffff, 0x8, 0x0, 0x3, 0xff, 0x800, 0x7, 0x7fffffff, 0x401, 0x4, 0x5, 0x6, 0x7c00, 0x20, 0xffffffe1, 0x9, 0x1000, 0x8000, 0x80000000, 0x1f, 0x53, 0x7fff, 0x5, 0x0, 0x3, 0x28, 0x7, 0x9, 0x40, 0x7fffffff, 0xfffffffc, 0xbb, 0x3, 0x5ab, 0x8001, 0x99, 0x2ecf7fde, 0x9, 0x903, 0x7fffffff, 0x0, 0x0, 0x1000, 0x7, 0xe7b, 0x4, 0x2, 0x8, 0x3, 0x0, 0xfffffffa, 0x5, 0x9, 0xffffffc1, 0x2, 0x8, 0x1ff, 0xfffffff7, 0x0, 0x100, 0x10000, 0x8001, 0xffffffff, 0x892, 0x4, 0x2, 0x4, 0x401, 0x1, 0x8, 0x471, 0x101, 0x4, 0x20, 0x7ff, 0xd5, 0x9, 0x6, 0x7, 0x7, 0x1, 0x4, 0xa74, 0x7, 0x6, 0x0, 0x622, 0x0, 0xe9, 0xdf1, 0x4, 0x2, 0x20, 0xffffffff, 0x6, 0x20, 0x66, 0xa89, 0x3f, 0x1f, 0x4000, 0x0, 0x1, 0x5, 0x3, 0x0, 0x9, 0x3ff, 0xa3, 0x9, 0x2, 0xe6, 0xffc3, 0x1, 0xfffffffc, 0x8, 0x2, 0x80000000, 0x10000, 0x3, 0x100, 0x3, 0x5, 0xfffffff7, 0x34c, 0x800, 0x7, 0x6, 0x1, 0x0, 0x5, 0x80, 0x7, 0xc88, 0xf0c, 0x1, 0x6, 0x3, 0x80000001, 0x5a, 0x4, 0x2, 0x1, 0x7, 0x3, 0x5, 0x1, 0xa91, 0x1, 0x100, 0x5e05, 0x4, 0x8, 0x7, 0x0, 0x3, 0x1, 0xa6, 0xfffffff9, 0x28000, 0x7ff, 0x4, 0x80, 0x7348, 0x800, 0x750e, 0x3, 0x3, 0x1ff, 0x0, 0x4, 0x1, 0x0, 0x3, 0x4c7, 0x9, 0x7589, 0x1, 0xcd2f, 0xb4b, 0x1, 0x4000000, 0x8, 0x81, 0x1, 0x4, 0x100, 0x6, 0xbfb7, 0x100, 0x3ff, 0xffffffe0, 0x7, 0x2, 0x2, 0x8000, 0x1, 0x0, 0x4, 0x902a, 0x2, 0x5, 0x6, 0x8, 0x4, 0x3, 0x4, 0x10001, 0x7fff, 0x1, 0x9, 0x2, 0x1, 0x5, 0x5, 0xf309, 0x5, 0x5, 0x18000000, 0xbb48, 0xffff, 0x9, 0x9, 0x2, 0x8, 0x6de, 0x4, 0xffff, 0x0, 0x3, 0xd9, 0x9, 0x3200, 0x9, 0x7fffffff, 0x6, 0x682, 0x3, 0x8000, 0x80000000, 0x64, 0x3, 0x3, 0x0, 0x9, 0xcfd, 0xd43, 0x6, 0x7, 0x1, 0x15, 0x400, 0x3, 0x5c9, 0x3, 0x9d, 0x81, 0x8, 0x0, 0x2, 0x8001, 0x1, 0x3, 0x5, 0x7ff, 0x4, 0x0, 0x101, 0x8, 0x2, 0x1, 0x4, 0x7fff, 0x0, 0x4, 0x3, 0x5, 0x5, 0x0, 0xfffffeff, 0x9, 0x62, 0x8, 0x4, 0x9, 0x7, 0x4, 0x80000000, 0x0, 0x9, 0x965, 0x8, 0x100, 0x4e, 0x1, 0x47, 0x2, 0x9, 0x400, 0x1ff, 0x80000001, 0x4, 0x100, 0xcf, 0x4, 0x7, 0x2, 0x181e, 0x6, 0xe7, 0x3ff, 0x7, 0x7fff, 0x2, 0x80000000, 0x6, 0x9, 0x5, 0xb0, 0x8001, 0x7, 0x7f, 0x8f, 0x5, 0x2, 0xbc37, 0x1, 0x9, 0x6, 0x0, 0x9, 0x2, 0x4, 0x8, 0x200, 0x1f, 0x2, 0x8001, 0x3, 0x5, 0xf9, 0x1, 0x7fffffff, 0x7f, 0x2, 0x3, 0x6, 0x7fff, 0x7, 0xffffffff, 0x1ff, 0x0, 0x6b22, 0x8, 0x5, 0x10000, 0x7fff, 0x0, 0xf8, 0x3, 0x0, 0xa86d, 0x8, 0x0, 0x6, 0x4, 0xb6, 0x1ff, 0x8001, 0x4, 0x60, 0x1, 0x4, 0x7, 0x7, 0x5, 0x81, 0x401, 0x3, 0x5, 0x6, 0x29077291, 0x2, 0xf0, 0xff, 0x3, 0x8, 0x1f, 0x1, 0x3, 0x964, 0xff, 0x7, 0x1, 0x8, 0x1, 0xf37c, 0x4, 0x9, 0xa, 0x9, 0x3a76, 0x4, 0x401, 0x5, 0x9, 0x9, 0x6, 0x3f, 0x7, 0x8, 0x17, 0x5, 0xffffff7f, 0x8, 0x28, 0x9, 0x40, 0xcc, 0xb0, 0x7, 0x5, 0x1, 0x4, 0x100, 0x2, 0x2, 0x100, 0x1, 0x101, 0x0, 0x3, 0xff, 0x3366, 0x5, 0x401, 0x2, 0x9, 0x0, 0x44d6, 0x6, 0x8, 0x1, 0xf9b2, 0x0, 0x2, 0x1, 0x2, 0x401, 0x7, 0x200, 0x2, 0x7, 0x8, 0x1000, 0x3561, 0x8001, 0x4, 0x3, 0x4, 0x3f1d, 0x2e1, 0x101, 0x2fc, 0x1, 0x2, 0x6, 0xfff, 0x80000001, 0x7, 0x200, 0x1, 0xd66, 0x9, 0xffffff27, 0xfffffffb, 0x7f, 0x2, 0xffffffff, 0x22ad, 0x1, 0x8001, 0xf1de, 0xb49, 0x10001, 0x8, 0x81, 0x4, 0x0, 0x1ff, 0x101, 0x5d, 0x6, 0x10001, 0x4, 0x7aeafde7, 0x8, 0x1, 0x7, 0x4, 0xda, 0x2, 0x6, 0x660d, 0x4, 0x83, 0x1a, 0xb0, 0x7, 0x6, 0x59, 0x1000, 0xfffff05b, 0x8001, 0xfffffe00, 0xffffffff, 0x928, 0x34aa, 0x7fffffff, 0xc8000000, 0x2e, 0x8001, 0x4, 0x1, 0x80, 0x2, 0x3, 0x2a1, 0x64, 0x1, 0x0, 0x0, 0x5, 0x0, 0x3, 0x7, 0x1, 0x6, 0x4, 0x3, 0x8, 0x10000, 0x4, 0x60, 0x1, 0x200, 0x7fff, 0xffff0001, 0x2, 0x8, 0x6, 0x2, 0x1b19, 0x5, 0x81, 0x2, 0x8, 0x3, 0x7, 0x2, 0x6365, 0x7f, 0x269, 0xff, 0x100, 0x2, 0x4, 0x5, 0xffffffff, 0x401, 0x3, 0x80000000, 0x81, 0xffffff1a, 0x80000000, 0x3f, 0xfff, 0x30, 0x1, 0x8, 0x8, 0x7, 0x1, 0x4, 0x5, 0x7f, 0x8, 0x9, 0x4, 0x1f, 0xfff, 0x3, 0x0, 0x7f, 0xd5, 0xfffffffd, 0xffffff2c, 0x9, 0x40, 0x7, 0x3105, 0x2, 0x9, 0x3ff, 0x9, 0x1, 0x5, 0x4, 0x1, 0x1, 0x1000, 0x200, 0xa7, 0x6, 0x7ff, 0x8, 0x8, 0x9, 0x8, 0x4, 0xa4c, 0xc8c8, 0x101, 0x1, 0x800, 0x3, 0x29caa481, 0x3f, 0x0, 0x1, 0x3, 0x9, 0x2, 0x3, 0xf345, 0x2, 0x1, 0x3, 0x40, 0x1f, 0x12, 0x2, 0x7c00000, 0x9, 0x1000, 0xfffffff8, 0x8, 0x1, 0x1, 0x2, 0x2, 0x57d, 0xff, 0x3, 0x7f, 0xff800000, 0x6, 0x9, 0x6, 0x3, 0x4, 0xfffffffe, 0x2, 0x1, 0x7, 0xffff, 0xffffffff, 0x6, 0x7f, 0xd6a, 0x7b, 0x3, 0x7, 0x1, 0x81, 0x1, 0x40, 0x6e, 0x3, 0x9518, 0x3, 0x7, 0xca2, 0x4, 0x4, 0x202, 0x0, 0x212, 0x7, 0x31ad0f11, 0x4, 0xe41, 0x4, 0xfff, 0x8001, 0xfffffffd, 0x100, 0x8, 0x1, 0x80000000, 0x200, 0x1ff, 0x4, 0x1, 0xfffffff9, 0x1b, 0x3, 0x101, 0xe8, 0x9, 0x0, 0xfffffffe, 0x6, 0xe61, 0x1, 0x9, 0x80000001, 0x9, 0x1, 0x4, 0x5, 0xec, 0x7, 0x40, 0x7fff, 0x0, 0x9, 0x1600cd1, 0x6, 0x15c, 0x6, 0x80, 0xfd, 0x6, 0x5, 0x0, 0x10001, 0x3f, 0xffffffff, 0x2, 0x0, 0x5, 0x2, 0x46a, 0xffffff01, 0x3, 0x6, 0x8, 0x3, 0xffff, 0x7ff, 0x9, 0xd78, 0x3, 0x0, 0x80, 0x8, 0x8, 0x40dc, 0x3, 0x2, 0xade, 0x81, 0x7, 0xfffffeff, 0xffffffff, 0x0, 0xffff, 0x20b1ef46, 0x6, 0x2, 0x8, 0x7ff, 0x0, 0xdab4, 0x2, 0x9, 0x2, 0xfffffff7, 0x9, 0x2, 0x10000, 0x401, 0x5, 0x16c, 0x3, 0x6, 0x1, 0xbb, 0x1000, 0xfe2, 0xc18, 0xe79f, 0x1, 0xa560, 0x101, 0x8, 0xfffffffa, 0x30, 0x10000, 0x80000001, 0x80000001, 0x272a7f6f, 0x0, 0x3c6, 0x4, 0x37, 0x82e, 0x10f, 0x2, 0x200, 0x2, 0x1, 0x9, 0x6, 0xa629, 0xffffffff, 0x5, 0x6, 0x8e, 0x10001, 0x9, 0xa3c, 0x1, 0x8000, 0x0, 0x3, 0x5, 0x8, 0x100, 0xfffffffd, 0x101, 0x7, 0x21c, 0x3cf2245, 0x5d28, 0xa9, 0x200, 0x7, 0x100, 0x81, 0x6e15, 0x0, 0x101, 0x3, 0x8, 0x15, 0x400, 0x10000, 0x1, 0x5, 0x7, 0x50]}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f0000001200)={0x6, 0x0, &(0x7f00000011c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x23d81) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f00000000c0)={0x49f, 0x4cd, 0x60e9}) 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) 13:37:44 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_0\x00'}) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'syztnl2\x00', r2, 0x2f, 0x72, 0xff, 0xfc, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x1, 0x20, 0x80, 0x331}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x9a6e, 0x5], 0x2, 0x800, 0x0, 0xffffffffffffffff}) recvfrom$packet(r1, &(0x7f00000002c0)=""/116, 0x74, 0x20, &(0x7f0000000340)={0x11, 0x15, r2, 0x1, 0x1, 0x6, @multicast}, 0x14) recvfrom$packet(r3, &(0x7f0000000180)=""/94, 0x5e, 0x40010122, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r6, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x4c, r6, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffffff81}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x84}, @BATADV_ATTR_VLANID={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x90}, 0x4000000) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x16, r2, 0x1, 0x8, 0x6, @remote}, 0x14) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_0\x00'}) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000200)={'syztnl2\x00', r2, 0x2f, 0x72, 0xff, 0xfc, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x1, 0x20, 0x80, 0x331}}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x9a6e, 0x5], 0x2, 0x800}) (async) recvfrom$packet(r1, &(0x7f00000002c0)=""/116, 0x74, 0x20, &(0x7f0000000340)={0x11, 0x15, r2, 0x1, 0x1, 0x6, @multicast}, 0x14) (async) recvfrom$packet(r3, &(0x7f0000000180)=""/94, 0x5e, 0x40010122, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r6, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x4c, r6, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffffff81}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x84}, @BATADV_ATTR_VLANID={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x90}, 0x4000000) (async) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x16, r2, 0x1, 0x8, 0x6, @remote}, 0x14) (async) 13:37:44 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000040)) (async, rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:44 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)={0x0, 0x0, @auto=[0x3e]}, 0x9, 0xfffffffffffffff8) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) [ 668.175582] FAULT_INJECTION: forcing a failure. [ 668.175582] name failslab, interval 1, probability 0, space 0, times 0 [ 668.248602] CPU: 1 PID: 10409 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 668.256521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.265888] Call Trace: [ 668.268485] dump_stack+0x1b2/0x281 [ 668.272110] should_fail.cold+0x10a/0x149 [ 668.276255] should_failslab+0xd6/0x130 [ 668.280225] kmem_cache_alloc_trace+0x29a/0x3d0 [ 668.284883] kvm_dev_ioctl+0x964/0x1450 [ 668.288862] ? fsnotify+0x974/0x11b0 [ 668.292612] ? kvm_put_kvm+0xab0/0xab0 [ 668.296501] ? SyS_write+0x1b7/0x210 [ 668.300309] ? kvm_put_kvm+0xab0/0xab0 [ 668.304193] do_vfs_ioctl+0x75a/0xff0 [ 668.307990] ? lock_acquire+0x170/0x3f0 [ 668.311967] ? ioctl_preallocate+0x1a0/0x1a0 [ 668.316369] ? __fget+0x265/0x3e0 [ 668.319805] ? do_vfs_ioctl+0xff0/0xff0 [ 668.323767] ? security_file_ioctl+0x83/0xb0 [ 668.328159] SyS_ioctl+0x7f/0xb0 [ 668.331510] ? do_vfs_ioctl+0xff0/0xff0 [ 668.335475] do_syscall_64+0x1d5/0x640 [ 668.339351] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 668.344523] RIP: 0033:0x7fa37e383109 13:37:44 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100), 0x106, 0x6}}, 0x20) (async) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) sendto$packet(r0, &(0x7f0000001240), 0x0, 0x10, &(0x7f0000001280)={0x11, 0x18, r2, 0x1, 0x2, 0x6, @random="e4db4fbdedcb"}, 0x14) (async) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x6, 0x301800) ioctl$DRM_IOCTL_IRQ_BUSID(r3, 0xc0106403, &(0x7f0000000040)={0x81, 0x8, 0x1, 0x1}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x4800) ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f00000001c0)={[0x86f9, 0x4, 0x80000000, 0x6, 0x54c, 0x8001, 0x80, 0x0, 0x2, 0x0, 0x200, 0x9, 0x3, 0x2, 0xa223, 0x8000, 0x5, 0x1, 0xff, 0x0, 0x3, 0x400, 0x80, 0x16, 0x5, 0x401, 0x3, 0x27, 0xe3, 0x4, 0xfffffc00, 0x1, 0xffff, 0x4, 0x1, 0xe6, 0x5, 0x1, 0x400, 0x8001, 0x0, 0x6, 0x1, 0x1, 0x7, 0x81, 0x9, 0x280000, 0x40, 0x8001, 0x9, 0x80000000, 0x2, 0x7, 0x4, 0x90b8, 0x959, 0xfffffffa, 0x4, 0x0, 0x8001, 0x6, 0xffffffff, 0x5, 0xff, 0x23, 0x8, 0xc, 0x1, 0x8, 0x7, 0x8, 0x1000, 0x3, 0x11c2, 0x1, 0x6c64, 0x7c4b4419, 0x7, 0xf74, 0x2, 0x17, 0x416, 0x9, 0xffff, 0x1, 0x6, 0x2, 0x100, 0xfffffff9, 0xffffffe1, 0x7fff, 0x8, 0xffff336b, 0xfff, 0x1f, 0xf0000000, 0xfffffffb, 0xfffffffc, 0x9, 0x77d20a8a, 0x0, 0x9, 0xfffffffe, 0x80000001, 0x0, 0x8, 0x1, 0x5, 0x1, 0x7, 0x286a, 0x0, 0x49, 0x7ff, 0x8, 0x2, 0x7fffffff, 0x4, 0xc37, 0x10001, 0x3224, 0x4, 0xe24f, 0xff, 0x10001, 0x3f, 0x0, 0x5, 0x6, 0x3, 0x8b5, 0x6, 0x1, 0xf1f, 0xc0b, 0x7fff, 0xffff, 0x200, 0x5, 0xfffffff7, 0x2, 0x6, 0x6, 0x5, 0xc0, 0x4, 0x5, 0xe3, 0x4c, 0x5, 0xfff, 0x6, 0x6, 0x3ff, 0xffff, 0x6, 0x0, 0xfffffbff, 0x401, 0x800, 0x9, 0x2, 0x89d, 0x6, 0x7000, 0x800, 0x2, 0x2347, 0x4, 0xffff0000, 0xffff, 0x8, 0x0, 0x3, 0xff, 0x800, 0x7, 0x7fffffff, 0x401, 0x4, 0x5, 0x6, 0x7c00, 0x20, 0xffffffe1, 0x9, 0x1000, 0x8000, 0x80000000, 0x1f, 0x53, 0x7fff, 0x5, 0x0, 0x3, 0x28, 0x7, 0x9, 0x40, 0x7fffffff, 0xfffffffc, 0xbb, 0x3, 0x5ab, 0x8001, 0x99, 0x2ecf7fde, 0x9, 0x903, 0x7fffffff, 0x0, 0x0, 0x1000, 0x7, 0xe7b, 0x4, 0x2, 0x8, 0x3, 0x0, 0xfffffffa, 0x5, 0x9, 0xffffffc1, 0x2, 0x8, 0x1ff, 0xfffffff7, 0x0, 0x100, 0x10000, 0x8001, 0xffffffff, 0x892, 0x4, 0x2, 0x4, 0x401, 0x1, 0x8, 0x471, 0x101, 0x4, 0x20, 0x7ff, 0xd5, 0x9, 0x6, 0x7, 0x7, 0x1, 0x4, 0xa74, 0x7, 0x6, 0x0, 0x622, 0x0, 0xe9, 0xdf1, 0x4, 0x2, 0x20, 0xffffffff, 0x6, 0x20, 0x66, 0xa89, 0x3f, 0x1f, 0x4000, 0x0, 0x1, 0x5, 0x3, 0x0, 0x9, 0x3ff, 0xa3, 0x9, 0x2, 0xe6, 0xffc3, 0x1, 0xfffffffc, 0x8, 0x2, 0x80000000, 0x10000, 0x3, 0x100, 0x3, 0x5, 0xfffffff7, 0x34c, 0x800, 0x7, 0x6, 0x1, 0x0, 0x5, 0x80, 0x7, 0xc88, 0xf0c, 0x1, 0x6, 0x3, 0x80000001, 0x5a, 0x4, 0x2, 0x1, 0x7, 0x3, 0x5, 0x1, 0xa91, 0x1, 0x100, 0x5e05, 0x4, 0x8, 0x7, 0x0, 0x3, 0x1, 0xa6, 0xfffffff9, 0x28000, 0x7ff, 0x4, 0x80, 0x7348, 0x800, 0x750e, 0x3, 0x3, 0x1ff, 0x0, 0x4, 0x1, 0x0, 0x3, 0x4c7, 0x9, 0x7589, 0x1, 0xcd2f, 0xb4b, 0x1, 0x4000000, 0x8, 0x81, 0x1, 0x4, 0x100, 0x6, 0xbfb7, 0x100, 0x3ff, 0xffffffe0, 0x7, 0x2, 0x2, 0x8000, 0x1, 0x0, 0x4, 0x902a, 0x2, 0x5, 0x6, 0x8, 0x4, 0x3, 0x4, 0x10001, 0x7fff, 0x1, 0x9, 0x2, 0x1, 0x5, 0x5, 0xf309, 0x5, 0x5, 0x18000000, 0xbb48, 0xffff, 0x9, 0x9, 0x2, 0x8, 0x6de, 0x4, 0xffff, 0x0, 0x3, 0xd9, 0x9, 0x3200, 0x9, 0x7fffffff, 0x6, 0x682, 0x3, 0x8000, 0x80000000, 0x64, 0x3, 0x3, 0x0, 0x9, 0xcfd, 0xd43, 0x6, 0x7, 0x1, 0x15, 0x400, 0x3, 0x5c9, 0x3, 0x9d, 0x81, 0x8, 0x0, 0x2, 0x8001, 0x1, 0x3, 0x5, 0x7ff, 0x4, 0x0, 0x101, 0x8, 0x2, 0x1, 0x4, 0x7fff, 0x0, 0x4, 0x3, 0x5, 0x5, 0x0, 0xfffffeff, 0x9, 0x62, 0x8, 0x4, 0x9, 0x7, 0x4, 0x80000000, 0x0, 0x9, 0x965, 0x8, 0x100, 0x4e, 0x1, 0x47, 0x2, 0x9, 0x400, 0x1ff, 0x80000001, 0x4, 0x100, 0xcf, 0x4, 0x7, 0x2, 0x181e, 0x6, 0xe7, 0x3ff, 0x7, 0x7fff, 0x2, 0x80000000, 0x6, 0x9, 0x5, 0xb0, 0x8001, 0x7, 0x7f, 0x8f, 0x5, 0x2, 0xbc37, 0x1, 0x9, 0x6, 0x0, 0x9, 0x2, 0x4, 0x8, 0x200, 0x1f, 0x2, 0x8001, 0x3, 0x5, 0xf9, 0x1, 0x7fffffff, 0x7f, 0x2, 0x3, 0x6, 0x7fff, 0x7, 0xffffffff, 0x1ff, 0x0, 0x6b22, 0x8, 0x5, 0x10000, 0x7fff, 0x0, 0xf8, 0x3, 0x0, 0xa86d, 0x8, 0x0, 0x6, 0x4, 0xb6, 0x1ff, 0x8001, 0x4, 0x60, 0x1, 0x4, 0x7, 0x7, 0x5, 0x81, 0x401, 0x3, 0x5, 0x6, 0x29077291, 0x2, 0xf0, 0xff, 0x3, 0x8, 0x1f, 0x1, 0x3, 0x964, 0xff, 0x7, 0x1, 0x8, 0x1, 0xf37c, 0x4, 0x9, 0xa, 0x9, 0x3a76, 0x4, 0x401, 0x5, 0x9, 0x9, 0x6, 0x3f, 0x7, 0x8, 0x17, 0x5, 0xffffff7f, 0x8, 0x28, 0x9, 0x40, 0xcc, 0xb0, 0x7, 0x5, 0x1, 0x4, 0x100, 0x2, 0x2, 0x100, 0x1, 0x101, 0x0, 0x3, 0xff, 0x3366, 0x5, 0x401, 0x2, 0x9, 0x0, 0x44d6, 0x6, 0x8, 0x1, 0xf9b2, 0x0, 0x2, 0x1, 0x2, 0x401, 0x7, 0x200, 0x2, 0x7, 0x8, 0x1000, 0x3561, 0x8001, 0x4, 0x3, 0x4, 0x3f1d, 0x2e1, 0x101, 0x2fc, 0x1, 0x2, 0x6, 0xfff, 0x80000001, 0x7, 0x200, 0x1, 0xd66, 0x9, 0xffffff27, 0xfffffffb, 0x7f, 0x2, 0xffffffff, 0x22ad, 0x1, 0x8001, 0xf1de, 0xb49, 0x10001, 0x8, 0x81, 0x4, 0x0, 0x1ff, 0x101, 0x5d, 0x6, 0x10001, 0x4, 0x7aeafde7, 0x8, 0x1, 0x7, 0x4, 0xda, 0x2, 0x6, 0x660d, 0x4, 0x83, 0x1a, 0xb0, 0x7, 0x6, 0x59, 0x1000, 0xfffff05b, 0x8001, 0xfffffe00, 0xffffffff, 0x928, 0x34aa, 0x7fffffff, 0xc8000000, 0x2e, 0x8001, 0x4, 0x1, 0x80, 0x2, 0x3, 0x2a1, 0x64, 0x1, 0x0, 0x0, 0x5, 0x0, 0x3, 0x7, 0x1, 0x6, 0x4, 0x3, 0x8, 0x10000, 0x4, 0x60, 0x1, 0x200, 0x7fff, 0xffff0001, 0x2, 0x8, 0x6, 0x2, 0x1b19, 0x5, 0x81, 0x2, 0x8, 0x3, 0x7, 0x2, 0x6365, 0x7f, 0x269, 0xff, 0x100, 0x2, 0x4, 0x5, 0xffffffff, 0x401, 0x3, 0x80000000, 0x81, 0xffffff1a, 0x80000000, 0x3f, 0xfff, 0x30, 0x1, 0x8, 0x8, 0x7, 0x1, 0x4, 0x5, 0x7f, 0x8, 0x9, 0x4, 0x1f, 0xfff, 0x3, 0x0, 0x7f, 0xd5, 0xfffffffd, 0xffffff2c, 0x9, 0x40, 0x7, 0x3105, 0x2, 0x9, 0x3ff, 0x9, 0x1, 0x5, 0x4, 0x1, 0x1, 0x1000, 0x200, 0xa7, 0x6, 0x7ff, 0x8, 0x8, 0x9, 0x8, 0x4, 0xa4c, 0xc8c8, 0x101, 0x1, 0x800, 0x3, 0x29caa481, 0x3f, 0x0, 0x1, 0x3, 0x9, 0x2, 0x3, 0xf345, 0x2, 0x1, 0x3, 0x40, 0x1f, 0x12, 0x2, 0x7c00000, 0x9, 0x1000, 0xfffffff8, 0x8, 0x1, 0x1, 0x2, 0x2, 0x57d, 0xff, 0x3, 0x7f, 0xff800000, 0x6, 0x9, 0x6, 0x3, 0x4, 0xfffffffe, 0x2, 0x1, 0x7, 0xffff, 0xffffffff, 0x6, 0x7f, 0xd6a, 0x7b, 0x3, 0x7, 0x1, 0x81, 0x1, 0x40, 0x6e, 0x3, 0x9518, 0x3, 0x7, 0xca2, 0x4, 0x4, 0x202, 0x0, 0x212, 0x7, 0x31ad0f11, 0x4, 0xe41, 0x4, 0xfff, 0x8001, 0xfffffffd, 0x100, 0x8, 0x1, 0x80000000, 0x200, 0x1ff, 0x4, 0x1, 0xfffffff9, 0x1b, 0x3, 0x101, 0xe8, 0x9, 0x0, 0xfffffffe, 0x6, 0xe61, 0x1, 0x9, 0x80000001, 0x9, 0x1, 0x4, 0x5, 0xec, 0x7, 0x40, 0x7fff, 0x0, 0x9, 0x1600cd1, 0x6, 0x15c, 0x6, 0x80, 0xfd, 0x6, 0x5, 0x0, 0x10001, 0x3f, 0xffffffff, 0x2, 0x0, 0x5, 0x2, 0x46a, 0xffffff01, 0x3, 0x6, 0x8, 0x3, 0xffff, 0x7ff, 0x9, 0xd78, 0x3, 0x0, 0x80, 0x8, 0x8, 0x40dc, 0x3, 0x2, 0xade, 0x81, 0x7, 0xfffffeff, 0xffffffff, 0x0, 0xffff, 0x20b1ef46, 0x6, 0x2, 0x8, 0x7ff, 0x0, 0xdab4, 0x2, 0x9, 0x2, 0xfffffff7, 0x9, 0x2, 0x10000, 0x401, 0x5, 0x16c, 0x3, 0x6, 0x1, 0xbb, 0x1000, 0xfe2, 0xc18, 0xe79f, 0x1, 0xa560, 0x101, 0x8, 0xfffffffa, 0x30, 0x10000, 0x80000001, 0x80000001, 0x272a7f6f, 0x0, 0x3c6, 0x4, 0x37, 0x82e, 0x10f, 0x2, 0x200, 0x2, 0x1, 0x9, 0x6, 0xa629, 0xffffffff, 0x5, 0x6, 0x8e, 0x10001, 0x9, 0xa3c, 0x1, 0x8000, 0x0, 0x3, 0x5, 0x8, 0x100, 0xfffffffd, 0x101, 0x7, 0x21c, 0x3cf2245, 0x5d28, 0xa9, 0x200, 0x7, 0x100, 0x81, 0x6e15, 0x0, 0x101, 0x3, 0x8, 0x15, 0x400, 0x10000, 0x1, 0x5, 0x7, 0x50]}) (async) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f0000001200)={0x6, 0x0, &(0x7f00000011c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x23d81) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f00000000c0)={0x49f, 0x4cd, 0x60e9}) [ 668.348215] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 668.355918] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 668.363171] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 668.370425] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 668.377769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 668.385021] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 11) 13:37:44 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40024}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x200, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004000) socketpair(0x2, 0x1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)) 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) 13:37:44 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 13:37:44 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)={0x0, 0x0, @auto=[0x3e]}, 0x9, 0xfffffffffffffff8) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)={0x0, 0x0, @auto=[0x3e]}, 0x9, 0xfffffffffffffff8) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) 13:37:44 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100), 0x106, 0x6}}, 0x20) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendto$packet(r0, &(0x7f0000001240), 0x0, 0x10, &(0x7f0000001280)={0x11, 0x18, r2, 0x1, 0x2, 0x6, @random="e4db4fbdedcb"}, 0x14) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x6, 0x301800) ioctl$DRM_IOCTL_IRQ_BUSID(r3, 0xc0106403, &(0x7f0000000040)={0x81, 0x8, 0x1, 0x1}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x4800) ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f00000001c0)={[0x86f9, 0x4, 0x80000000, 0x6, 0x54c, 0x8001, 0x80, 0x0, 0x2, 0x0, 0x200, 0x9, 0x3, 0x2, 0xa223, 0x8000, 0x5, 0x1, 0xff, 0x0, 0x3, 0x400, 0x80, 0x16, 0x5, 0x401, 0x3, 0x27, 0xe3, 0x4, 0xfffffc00, 0x1, 0xffff, 0x4, 0x1, 0xe6, 0x5, 0x1, 0x400, 0x8001, 0x0, 0x6, 0x1, 0x1, 0x7, 0x81, 0x9, 0x280000, 0x40, 0x8001, 0x9, 0x80000000, 0x2, 0x7, 0x4, 0x90b8, 0x959, 0xfffffffa, 0x4, 0x0, 0x8001, 0x6, 0xffffffff, 0x5, 0xff, 0x23, 0x8, 0xc, 0x1, 0x8, 0x7, 0x8, 0x1000, 0x3, 0x11c2, 0x1, 0x6c64, 0x7c4b4419, 0x7, 0xf74, 0x2, 0x17, 0x416, 0x9, 0xffff, 0x1, 0x6, 0x2, 0x100, 0xfffffff9, 0xffffffe1, 0x7fff, 0x8, 0xffff336b, 0xfff, 0x1f, 0xf0000000, 0xfffffffb, 0xfffffffc, 0x9, 0x77d20a8a, 0x0, 0x9, 0xfffffffe, 0x80000001, 0x0, 0x8, 0x1, 0x5, 0x1, 0x7, 0x286a, 0x0, 0x49, 0x7ff, 0x8, 0x2, 0x7fffffff, 0x4, 0xc37, 0x10001, 0x3224, 0x4, 0xe24f, 0xff, 0x10001, 0x3f, 0x0, 0x5, 0x6, 0x3, 0x8b5, 0x6, 0x1, 0xf1f, 0xc0b, 0x7fff, 0xffff, 0x200, 0x5, 0xfffffff7, 0x2, 0x6, 0x6, 0x5, 0xc0, 0x4, 0x5, 0xe3, 0x4c, 0x5, 0xfff, 0x6, 0x6, 0x3ff, 0xffff, 0x6, 0x0, 0xfffffbff, 0x401, 0x800, 0x9, 0x2, 0x89d, 0x6, 0x7000, 0x800, 0x2, 0x2347, 0x4, 0xffff0000, 0xffff, 0x8, 0x0, 0x3, 0xff, 0x800, 0x7, 0x7fffffff, 0x401, 0x4, 0x5, 0x6, 0x7c00, 0x20, 0xffffffe1, 0x9, 0x1000, 0x8000, 0x80000000, 0x1f, 0x53, 0x7fff, 0x5, 0x0, 0x3, 0x28, 0x7, 0x9, 0x40, 0x7fffffff, 0xfffffffc, 0xbb, 0x3, 0x5ab, 0x8001, 0x99, 0x2ecf7fde, 0x9, 0x903, 0x7fffffff, 0x0, 0x0, 0x1000, 0x7, 0xe7b, 0x4, 0x2, 0x8, 0x3, 0x0, 0xfffffffa, 0x5, 0x9, 0xffffffc1, 0x2, 0x8, 0x1ff, 0xfffffff7, 0x0, 0x100, 0x10000, 0x8001, 0xffffffff, 0x892, 0x4, 0x2, 0x4, 0x401, 0x1, 0x8, 0x471, 0x101, 0x4, 0x20, 0x7ff, 0xd5, 0x9, 0x6, 0x7, 0x7, 0x1, 0x4, 0xa74, 0x7, 0x6, 0x0, 0x622, 0x0, 0xe9, 0xdf1, 0x4, 0x2, 0x20, 0xffffffff, 0x6, 0x20, 0x66, 0xa89, 0x3f, 0x1f, 0x4000, 0x0, 0x1, 0x5, 0x3, 0x0, 0x9, 0x3ff, 0xa3, 0x9, 0x2, 0xe6, 0xffc3, 0x1, 0xfffffffc, 0x8, 0x2, 0x80000000, 0x10000, 0x3, 0x100, 0x3, 0x5, 0xfffffff7, 0x34c, 0x800, 0x7, 0x6, 0x1, 0x0, 0x5, 0x80, 0x7, 0xc88, 0xf0c, 0x1, 0x6, 0x3, 0x80000001, 0x5a, 0x4, 0x2, 0x1, 0x7, 0x3, 0x5, 0x1, 0xa91, 0x1, 0x100, 0x5e05, 0x4, 0x8, 0x7, 0x0, 0x3, 0x1, 0xa6, 0xfffffff9, 0x28000, 0x7ff, 0x4, 0x80, 0x7348, 0x800, 0x750e, 0x3, 0x3, 0x1ff, 0x0, 0x4, 0x1, 0x0, 0x3, 0x4c7, 0x9, 0x7589, 0x1, 0xcd2f, 0xb4b, 0x1, 0x4000000, 0x8, 0x81, 0x1, 0x4, 0x100, 0x6, 0xbfb7, 0x100, 0x3ff, 0xffffffe0, 0x7, 0x2, 0x2, 0x8000, 0x1, 0x0, 0x4, 0x902a, 0x2, 0x5, 0x6, 0x8, 0x4, 0x3, 0x4, 0x10001, 0x7fff, 0x1, 0x9, 0x2, 0x1, 0x5, 0x5, 0xf309, 0x5, 0x5, 0x18000000, 0xbb48, 0xffff, 0x9, 0x9, 0x2, 0x8, 0x6de, 0x4, 0xffff, 0x0, 0x3, 0xd9, 0x9, 0x3200, 0x9, 0x7fffffff, 0x6, 0x682, 0x3, 0x8000, 0x80000000, 0x64, 0x3, 0x3, 0x0, 0x9, 0xcfd, 0xd43, 0x6, 0x7, 0x1, 0x15, 0x400, 0x3, 0x5c9, 0x3, 0x9d, 0x81, 0x8, 0x0, 0x2, 0x8001, 0x1, 0x3, 0x5, 0x7ff, 0x4, 0x0, 0x101, 0x8, 0x2, 0x1, 0x4, 0x7fff, 0x0, 0x4, 0x3, 0x5, 0x5, 0x0, 0xfffffeff, 0x9, 0x62, 0x8, 0x4, 0x9, 0x7, 0x4, 0x80000000, 0x0, 0x9, 0x965, 0x8, 0x100, 0x4e, 0x1, 0x47, 0x2, 0x9, 0x400, 0x1ff, 0x80000001, 0x4, 0x100, 0xcf, 0x4, 0x7, 0x2, 0x181e, 0x6, 0xe7, 0x3ff, 0x7, 0x7fff, 0x2, 0x80000000, 0x6, 0x9, 0x5, 0xb0, 0x8001, 0x7, 0x7f, 0x8f, 0x5, 0x2, 0xbc37, 0x1, 0x9, 0x6, 0x0, 0x9, 0x2, 0x4, 0x8, 0x200, 0x1f, 0x2, 0x8001, 0x3, 0x5, 0xf9, 0x1, 0x7fffffff, 0x7f, 0x2, 0x3, 0x6, 0x7fff, 0x7, 0xffffffff, 0x1ff, 0x0, 0x6b22, 0x8, 0x5, 0x10000, 0x7fff, 0x0, 0xf8, 0x3, 0x0, 0xa86d, 0x8, 0x0, 0x6, 0x4, 0xb6, 0x1ff, 0x8001, 0x4, 0x60, 0x1, 0x4, 0x7, 0x7, 0x5, 0x81, 0x401, 0x3, 0x5, 0x6, 0x29077291, 0x2, 0xf0, 0xff, 0x3, 0x8, 0x1f, 0x1, 0x3, 0x964, 0xff, 0x7, 0x1, 0x8, 0x1, 0xf37c, 0x4, 0x9, 0xa, 0x9, 0x3a76, 0x4, 0x401, 0x5, 0x9, 0x9, 0x6, 0x3f, 0x7, 0x8, 0x17, 0x5, 0xffffff7f, 0x8, 0x28, 0x9, 0x40, 0xcc, 0xb0, 0x7, 0x5, 0x1, 0x4, 0x100, 0x2, 0x2, 0x100, 0x1, 0x101, 0x0, 0x3, 0xff, 0x3366, 0x5, 0x401, 0x2, 0x9, 0x0, 0x44d6, 0x6, 0x8, 0x1, 0xf9b2, 0x0, 0x2, 0x1, 0x2, 0x401, 0x7, 0x200, 0x2, 0x7, 0x8, 0x1000, 0x3561, 0x8001, 0x4, 0x3, 0x4, 0x3f1d, 0x2e1, 0x101, 0x2fc, 0x1, 0x2, 0x6, 0xfff, 0x80000001, 0x7, 0x200, 0x1, 0xd66, 0x9, 0xffffff27, 0xfffffffb, 0x7f, 0x2, 0xffffffff, 0x22ad, 0x1, 0x8001, 0xf1de, 0xb49, 0x10001, 0x8, 0x81, 0x4, 0x0, 0x1ff, 0x101, 0x5d, 0x6, 0x10001, 0x4, 0x7aeafde7, 0x8, 0x1, 0x7, 0x4, 0xda, 0x2, 0x6, 0x660d, 0x4, 0x83, 0x1a, 0xb0, 0x7, 0x6, 0x59, 0x1000, 0xfffff05b, 0x8001, 0xfffffe00, 0xffffffff, 0x928, 0x34aa, 0x7fffffff, 0xc8000000, 0x2e, 0x8001, 0x4, 0x1, 0x80, 0x2, 0x3, 0x2a1, 0x64, 0x1, 0x0, 0x0, 0x5, 0x0, 0x3, 0x7, 0x1, 0x6, 0x4, 0x3, 0x8, 0x10000, 0x4, 0x60, 0x1, 0x200, 0x7fff, 0xffff0001, 0x2, 0x8, 0x6, 0x2, 0x1b19, 0x5, 0x81, 0x2, 0x8, 0x3, 0x7, 0x2, 0x6365, 0x7f, 0x269, 0xff, 0x100, 0x2, 0x4, 0x5, 0xffffffff, 0x401, 0x3, 0x80000000, 0x81, 0xffffff1a, 0x80000000, 0x3f, 0xfff, 0x30, 0x1, 0x8, 0x8, 0x7, 0x1, 0x4, 0x5, 0x7f, 0x8, 0x9, 0x4, 0x1f, 0xfff, 0x3, 0x0, 0x7f, 0xd5, 0xfffffffd, 0xffffff2c, 0x9, 0x40, 0x7, 0x3105, 0x2, 0x9, 0x3ff, 0x9, 0x1, 0x5, 0x4, 0x1, 0x1, 0x1000, 0x200, 0xa7, 0x6, 0x7ff, 0x8, 0x8, 0x9, 0x8, 0x4, 0xa4c, 0xc8c8, 0x101, 0x1, 0x800, 0x3, 0x29caa481, 0x3f, 0x0, 0x1, 0x3, 0x9, 0x2, 0x3, 0xf345, 0x2, 0x1, 0x3, 0x40, 0x1f, 0x12, 0x2, 0x7c00000, 0x9, 0x1000, 0xfffffff8, 0x8, 0x1, 0x1, 0x2, 0x2, 0x57d, 0xff, 0x3, 0x7f, 0xff800000, 0x6, 0x9, 0x6, 0x3, 0x4, 0xfffffffe, 0x2, 0x1, 0x7, 0xffff, 0xffffffff, 0x6, 0x7f, 0xd6a, 0x7b, 0x3, 0x7, 0x1, 0x81, 0x1, 0x40, 0x6e, 0x3, 0x9518, 0x3, 0x7, 0xca2, 0x4, 0x4, 0x202, 0x0, 0x212, 0x7, 0x31ad0f11, 0x4, 0xe41, 0x4, 0xfff, 0x8001, 0xfffffffd, 0x100, 0x8, 0x1, 0x80000000, 0x200, 0x1ff, 0x4, 0x1, 0xfffffff9, 0x1b, 0x3, 0x101, 0xe8, 0x9, 0x0, 0xfffffffe, 0x6, 0xe61, 0x1, 0x9, 0x80000001, 0x9, 0x1, 0x4, 0x5, 0xec, 0x7, 0x40, 0x7fff, 0x0, 0x9, 0x1600cd1, 0x6, 0x15c, 0x6, 0x80, 0xfd, 0x6, 0x5, 0x0, 0x10001, 0x3f, 0xffffffff, 0x2, 0x0, 0x5, 0x2, 0x46a, 0xffffff01, 0x3, 0x6, 0x8, 0x3, 0xffff, 0x7ff, 0x9, 0xd78, 0x3, 0x0, 0x80, 0x8, 0x8, 0x40dc, 0x3, 0x2, 0xade, 0x81, 0x7, 0xfffffeff, 0xffffffff, 0x0, 0xffff, 0x20b1ef46, 0x6, 0x2, 0x8, 0x7ff, 0x0, 0xdab4, 0x2, 0x9, 0x2, 0xfffffff7, 0x9, 0x2, 0x10000, 0x401, 0x5, 0x16c, 0x3, 0x6, 0x1, 0xbb, 0x1000, 0xfe2, 0xc18, 0xe79f, 0x1, 0xa560, 0x101, 0x8, 0xfffffffa, 0x30, 0x10000, 0x80000001, 0x80000001, 0x272a7f6f, 0x0, 0x3c6, 0x4, 0x37, 0x82e, 0x10f, 0x2, 0x200, 0x2, 0x1, 0x9, 0x6, 0xa629, 0xffffffff, 0x5, 0x6, 0x8e, 0x10001, 0x9, 0xa3c, 0x1, 0x8000, 0x0, 0x3, 0x5, 0x8, 0x100, 0xfffffffd, 0x101, 0x7, 0x21c, 0x3cf2245, 0x5d28, 0xa9, 0x200, 0x7, 0x100, 0x81, 0x6e15, 0x0, 0x101, 0x3, 0x8, 0x15, 0x400, 0x10000, 0x1, 0x5, 0x7, 0x50]}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f0000001200)={0x6, 0x0, &(0x7f00000011c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x23d81) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f00000000c0)={0x49f, 0x4cd, 0x60e9}) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) (async) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100), 0x106, 0x6}}, 0x20) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) sendto$packet(r0, &(0x7f0000001240), 0x0, 0x10, &(0x7f0000001280)={0x11, 0x18, r2, 0x1, 0x2, 0x6, @random="e4db4fbdedcb"}, 0x14) (async) syz_open_dev$dri(&(0x7f0000000000), 0x6, 0x301800) (async) ioctl$DRM_IOCTL_IRQ_BUSID(r3, 0xc0106403, &(0x7f0000000040)={0x81, 0x8, 0x1, 0x1}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x4800) (async) ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f00000001c0)={[0x86f9, 0x4, 0x80000000, 0x6, 0x54c, 0x8001, 0x80, 0x0, 0x2, 0x0, 0x200, 0x9, 0x3, 0x2, 0xa223, 0x8000, 0x5, 0x1, 0xff, 0x0, 0x3, 0x400, 0x80, 0x16, 0x5, 0x401, 0x3, 0x27, 0xe3, 0x4, 0xfffffc00, 0x1, 0xffff, 0x4, 0x1, 0xe6, 0x5, 0x1, 0x400, 0x8001, 0x0, 0x6, 0x1, 0x1, 0x7, 0x81, 0x9, 0x280000, 0x40, 0x8001, 0x9, 0x80000000, 0x2, 0x7, 0x4, 0x90b8, 0x959, 0xfffffffa, 0x4, 0x0, 0x8001, 0x6, 0xffffffff, 0x5, 0xff, 0x23, 0x8, 0xc, 0x1, 0x8, 0x7, 0x8, 0x1000, 0x3, 0x11c2, 0x1, 0x6c64, 0x7c4b4419, 0x7, 0xf74, 0x2, 0x17, 0x416, 0x9, 0xffff, 0x1, 0x6, 0x2, 0x100, 0xfffffff9, 0xffffffe1, 0x7fff, 0x8, 0xffff336b, 0xfff, 0x1f, 0xf0000000, 0xfffffffb, 0xfffffffc, 0x9, 0x77d20a8a, 0x0, 0x9, 0xfffffffe, 0x80000001, 0x0, 0x8, 0x1, 0x5, 0x1, 0x7, 0x286a, 0x0, 0x49, 0x7ff, 0x8, 0x2, 0x7fffffff, 0x4, 0xc37, 0x10001, 0x3224, 0x4, 0xe24f, 0xff, 0x10001, 0x3f, 0x0, 0x5, 0x6, 0x3, 0x8b5, 0x6, 0x1, 0xf1f, 0xc0b, 0x7fff, 0xffff, 0x200, 0x5, 0xfffffff7, 0x2, 0x6, 0x6, 0x5, 0xc0, 0x4, 0x5, 0xe3, 0x4c, 0x5, 0xfff, 0x6, 0x6, 0x3ff, 0xffff, 0x6, 0x0, 0xfffffbff, 0x401, 0x800, 0x9, 0x2, 0x89d, 0x6, 0x7000, 0x800, 0x2, 0x2347, 0x4, 0xffff0000, 0xffff, 0x8, 0x0, 0x3, 0xff, 0x800, 0x7, 0x7fffffff, 0x401, 0x4, 0x5, 0x6, 0x7c00, 0x20, 0xffffffe1, 0x9, 0x1000, 0x8000, 0x80000000, 0x1f, 0x53, 0x7fff, 0x5, 0x0, 0x3, 0x28, 0x7, 0x9, 0x40, 0x7fffffff, 0xfffffffc, 0xbb, 0x3, 0x5ab, 0x8001, 0x99, 0x2ecf7fde, 0x9, 0x903, 0x7fffffff, 0x0, 0x0, 0x1000, 0x7, 0xe7b, 0x4, 0x2, 0x8, 0x3, 0x0, 0xfffffffa, 0x5, 0x9, 0xffffffc1, 0x2, 0x8, 0x1ff, 0xfffffff7, 0x0, 0x100, 0x10000, 0x8001, 0xffffffff, 0x892, 0x4, 0x2, 0x4, 0x401, 0x1, 0x8, 0x471, 0x101, 0x4, 0x20, 0x7ff, 0xd5, 0x9, 0x6, 0x7, 0x7, 0x1, 0x4, 0xa74, 0x7, 0x6, 0x0, 0x622, 0x0, 0xe9, 0xdf1, 0x4, 0x2, 0x20, 0xffffffff, 0x6, 0x20, 0x66, 0xa89, 0x3f, 0x1f, 0x4000, 0x0, 0x1, 0x5, 0x3, 0x0, 0x9, 0x3ff, 0xa3, 0x9, 0x2, 0xe6, 0xffc3, 0x1, 0xfffffffc, 0x8, 0x2, 0x80000000, 0x10000, 0x3, 0x100, 0x3, 0x5, 0xfffffff7, 0x34c, 0x800, 0x7, 0x6, 0x1, 0x0, 0x5, 0x80, 0x7, 0xc88, 0xf0c, 0x1, 0x6, 0x3, 0x80000001, 0x5a, 0x4, 0x2, 0x1, 0x7, 0x3, 0x5, 0x1, 0xa91, 0x1, 0x100, 0x5e05, 0x4, 0x8, 0x7, 0x0, 0x3, 0x1, 0xa6, 0xfffffff9, 0x28000, 0x7ff, 0x4, 0x80, 0x7348, 0x800, 0x750e, 0x3, 0x3, 0x1ff, 0x0, 0x4, 0x1, 0x0, 0x3, 0x4c7, 0x9, 0x7589, 0x1, 0xcd2f, 0xb4b, 0x1, 0x4000000, 0x8, 0x81, 0x1, 0x4, 0x100, 0x6, 0xbfb7, 0x100, 0x3ff, 0xffffffe0, 0x7, 0x2, 0x2, 0x8000, 0x1, 0x0, 0x4, 0x902a, 0x2, 0x5, 0x6, 0x8, 0x4, 0x3, 0x4, 0x10001, 0x7fff, 0x1, 0x9, 0x2, 0x1, 0x5, 0x5, 0xf309, 0x5, 0x5, 0x18000000, 0xbb48, 0xffff, 0x9, 0x9, 0x2, 0x8, 0x6de, 0x4, 0xffff, 0x0, 0x3, 0xd9, 0x9, 0x3200, 0x9, 0x7fffffff, 0x6, 0x682, 0x3, 0x8000, 0x80000000, 0x64, 0x3, 0x3, 0x0, 0x9, 0xcfd, 0xd43, 0x6, 0x7, 0x1, 0x15, 0x400, 0x3, 0x5c9, 0x3, 0x9d, 0x81, 0x8, 0x0, 0x2, 0x8001, 0x1, 0x3, 0x5, 0x7ff, 0x4, 0x0, 0x101, 0x8, 0x2, 0x1, 0x4, 0x7fff, 0x0, 0x4, 0x3, 0x5, 0x5, 0x0, 0xfffffeff, 0x9, 0x62, 0x8, 0x4, 0x9, 0x7, 0x4, 0x80000000, 0x0, 0x9, 0x965, 0x8, 0x100, 0x4e, 0x1, 0x47, 0x2, 0x9, 0x400, 0x1ff, 0x80000001, 0x4, 0x100, 0xcf, 0x4, 0x7, 0x2, 0x181e, 0x6, 0xe7, 0x3ff, 0x7, 0x7fff, 0x2, 0x80000000, 0x6, 0x9, 0x5, 0xb0, 0x8001, 0x7, 0x7f, 0x8f, 0x5, 0x2, 0xbc37, 0x1, 0x9, 0x6, 0x0, 0x9, 0x2, 0x4, 0x8, 0x200, 0x1f, 0x2, 0x8001, 0x3, 0x5, 0xf9, 0x1, 0x7fffffff, 0x7f, 0x2, 0x3, 0x6, 0x7fff, 0x7, 0xffffffff, 0x1ff, 0x0, 0x6b22, 0x8, 0x5, 0x10000, 0x7fff, 0x0, 0xf8, 0x3, 0x0, 0xa86d, 0x8, 0x0, 0x6, 0x4, 0xb6, 0x1ff, 0x8001, 0x4, 0x60, 0x1, 0x4, 0x7, 0x7, 0x5, 0x81, 0x401, 0x3, 0x5, 0x6, 0x29077291, 0x2, 0xf0, 0xff, 0x3, 0x8, 0x1f, 0x1, 0x3, 0x964, 0xff, 0x7, 0x1, 0x8, 0x1, 0xf37c, 0x4, 0x9, 0xa, 0x9, 0x3a76, 0x4, 0x401, 0x5, 0x9, 0x9, 0x6, 0x3f, 0x7, 0x8, 0x17, 0x5, 0xffffff7f, 0x8, 0x28, 0x9, 0x40, 0xcc, 0xb0, 0x7, 0x5, 0x1, 0x4, 0x100, 0x2, 0x2, 0x100, 0x1, 0x101, 0x0, 0x3, 0xff, 0x3366, 0x5, 0x401, 0x2, 0x9, 0x0, 0x44d6, 0x6, 0x8, 0x1, 0xf9b2, 0x0, 0x2, 0x1, 0x2, 0x401, 0x7, 0x200, 0x2, 0x7, 0x8, 0x1000, 0x3561, 0x8001, 0x4, 0x3, 0x4, 0x3f1d, 0x2e1, 0x101, 0x2fc, 0x1, 0x2, 0x6, 0xfff, 0x80000001, 0x7, 0x200, 0x1, 0xd66, 0x9, 0xffffff27, 0xfffffffb, 0x7f, 0x2, 0xffffffff, 0x22ad, 0x1, 0x8001, 0xf1de, 0xb49, 0x10001, 0x8, 0x81, 0x4, 0x0, 0x1ff, 0x101, 0x5d, 0x6, 0x10001, 0x4, 0x7aeafde7, 0x8, 0x1, 0x7, 0x4, 0xda, 0x2, 0x6, 0x660d, 0x4, 0x83, 0x1a, 0xb0, 0x7, 0x6, 0x59, 0x1000, 0xfffff05b, 0x8001, 0xfffffe00, 0xffffffff, 0x928, 0x34aa, 0x7fffffff, 0xc8000000, 0x2e, 0x8001, 0x4, 0x1, 0x80, 0x2, 0x3, 0x2a1, 0x64, 0x1, 0x0, 0x0, 0x5, 0x0, 0x3, 0x7, 0x1, 0x6, 0x4, 0x3, 0x8, 0x10000, 0x4, 0x60, 0x1, 0x200, 0x7fff, 0xffff0001, 0x2, 0x8, 0x6, 0x2, 0x1b19, 0x5, 0x81, 0x2, 0x8, 0x3, 0x7, 0x2, 0x6365, 0x7f, 0x269, 0xff, 0x100, 0x2, 0x4, 0x5, 0xffffffff, 0x401, 0x3, 0x80000000, 0x81, 0xffffff1a, 0x80000000, 0x3f, 0xfff, 0x30, 0x1, 0x8, 0x8, 0x7, 0x1, 0x4, 0x5, 0x7f, 0x8, 0x9, 0x4, 0x1f, 0xfff, 0x3, 0x0, 0x7f, 0xd5, 0xfffffffd, 0xffffff2c, 0x9, 0x40, 0x7, 0x3105, 0x2, 0x9, 0x3ff, 0x9, 0x1, 0x5, 0x4, 0x1, 0x1, 0x1000, 0x200, 0xa7, 0x6, 0x7ff, 0x8, 0x8, 0x9, 0x8, 0x4, 0xa4c, 0xc8c8, 0x101, 0x1, 0x800, 0x3, 0x29caa481, 0x3f, 0x0, 0x1, 0x3, 0x9, 0x2, 0x3, 0xf345, 0x2, 0x1, 0x3, 0x40, 0x1f, 0x12, 0x2, 0x7c00000, 0x9, 0x1000, 0xfffffff8, 0x8, 0x1, 0x1, 0x2, 0x2, 0x57d, 0xff, 0x3, 0x7f, 0xff800000, 0x6, 0x9, 0x6, 0x3, 0x4, 0xfffffffe, 0x2, 0x1, 0x7, 0xffff, 0xffffffff, 0x6, 0x7f, 0xd6a, 0x7b, 0x3, 0x7, 0x1, 0x81, 0x1, 0x40, 0x6e, 0x3, 0x9518, 0x3, 0x7, 0xca2, 0x4, 0x4, 0x202, 0x0, 0x212, 0x7, 0x31ad0f11, 0x4, 0xe41, 0x4, 0xfff, 0x8001, 0xfffffffd, 0x100, 0x8, 0x1, 0x80000000, 0x200, 0x1ff, 0x4, 0x1, 0xfffffff9, 0x1b, 0x3, 0x101, 0xe8, 0x9, 0x0, 0xfffffffe, 0x6, 0xe61, 0x1, 0x9, 0x80000001, 0x9, 0x1, 0x4, 0x5, 0xec, 0x7, 0x40, 0x7fff, 0x0, 0x9, 0x1600cd1, 0x6, 0x15c, 0x6, 0x80, 0xfd, 0x6, 0x5, 0x0, 0x10001, 0x3f, 0xffffffff, 0x2, 0x0, 0x5, 0x2, 0x46a, 0xffffff01, 0x3, 0x6, 0x8, 0x3, 0xffff, 0x7ff, 0x9, 0xd78, 0x3, 0x0, 0x80, 0x8, 0x8, 0x40dc, 0x3, 0x2, 0xade, 0x81, 0x7, 0xfffffeff, 0xffffffff, 0x0, 0xffff, 0x20b1ef46, 0x6, 0x2, 0x8, 0x7ff, 0x0, 0xdab4, 0x2, 0x9, 0x2, 0xfffffff7, 0x9, 0x2, 0x10000, 0x401, 0x5, 0x16c, 0x3, 0x6, 0x1, 0xbb, 0x1000, 0xfe2, 0xc18, 0xe79f, 0x1, 0xa560, 0x101, 0x8, 0xfffffffa, 0x30, 0x10000, 0x80000001, 0x80000001, 0x272a7f6f, 0x0, 0x3c6, 0x4, 0x37, 0x82e, 0x10f, 0x2, 0x200, 0x2, 0x1, 0x9, 0x6, 0xa629, 0xffffffff, 0x5, 0x6, 0x8e, 0x10001, 0x9, 0xa3c, 0x1, 0x8000, 0x0, 0x3, 0x5, 0x8, 0x100, 0xfffffffd, 0x101, 0x7, 0x21c, 0x3cf2245, 0x5d28, 0xa9, 0x200, 0x7, 0x100, 0x81, 0x6e15, 0x0, 0x101, 0x3, 0x8, 0x15, 0x400, 0x10000, 0x1, 0x5, 0x7, 0x50]}) (async) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f0000001200)={0x6, 0x0, &(0x7f00000011c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x23d81) (async) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f00000000c0)={0x49f, 0x4cd, 0x60e9}) (async) 13:37:44 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)={0x0, 0x0, @auto=[0x3e]}, 0x9, 0xfffffffffffffff8) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)={0x0, 0x0, @auto=[0x3e]}, 0x9, 0xfffffffffffffff8) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, 0x0, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) 13:37:44 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40024}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x200, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004000) socketpair(0x2, 0x1, 0x0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)) [ 668.544218] FAULT_INJECTION: forcing a failure. [ 668.544218] name failslab, interval 1, probability 0, space 0, times 0 [ 668.573580] CPU: 0 PID: 10501 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 668.581487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.590840] Call Trace: 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x6383, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x6383, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x6383, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) [ 668.593430] dump_stack+0x1b2/0x281 [ 668.597062] should_fail.cold+0x10a/0x149 [ 668.601216] should_failslab+0xd6/0x130 [ 668.605193] kmem_cache_alloc+0x28e/0x3c0 [ 668.609343] __d_alloc+0x2a/0xa20 [ 668.612793] ? lock_downgrade+0x740/0x740 [ 668.616940] anon_inode_getfile+0x101/0x2f0 [ 668.621260] ? compat_SyS_epoll_pwait+0x240/0x240 [ 668.626100] ? __alloc_fd+0x1be/0x490 [ 668.629907] kvm_dev_ioctl+0x50f/0x1450 [ 668.633887] ? fsnotify+0x974/0x11b0 [ 668.637600] ? kvm_put_kvm+0xab0/0xab0 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x6383, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 668.641485] ? SyS_write+0x1b7/0x210 [ 668.645199] ? kvm_put_kvm+0xab0/0xab0 [ 668.649086] do_vfs_ioctl+0x75a/0xff0 [ 668.652886] ? lock_acquire+0x170/0x3f0 [ 668.656858] ? ioctl_preallocate+0x1a0/0x1a0 [ 668.661273] ? __fget+0x265/0x3e0 [ 668.664728] ? do_vfs_ioctl+0xff0/0xff0 [ 668.668738] ? security_file_ioctl+0x83/0xb0 [ 668.673146] SyS_ioctl+0x7f/0xb0 [ 668.676511] ? do_vfs_ioctl+0xff0/0xff0 [ 668.680483] do_syscall_64+0x1d5/0x640 [ 668.684374] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 668.689563] RIP: 0033:0x7fa37e383109 13:37:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 12) 13:37:44 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) accept$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x22c422, 0x0) [ 668.693265] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 668.700974] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 668.708242] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 668.715518] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 668.722786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 668.730056] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:44 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 13:37:44 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40024}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x200, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004000) socketpair(0x2, 0x1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)) 13:37:44 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x45e8, 0x8000, 0x0], 0x3, 0x800, 0x0, 0xffffffffffffffff}) write$vhost_msg_v2(r1, &(0x7f00000001c0)={0x2, 0x0, {&(0x7f0000000080)=""/169, 0xa9, &(0x7f0000000180)=""/3, 0x1, 0x1}}, 0x48) 13:37:44 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) accept$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) 13:37:44 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_buf(r0, 0x107, 0x2, &(0x7f0000000000)="a94c61f92c69a59f5f2998512b30c924dced2972cd305a0eb07bb200cb9325c474ec24c8d60c6ccd841eff3f3754cdab2ff4743e7e06", 0x36) syz_open_dev$dri(&(0x7f0000000040), 0x6, 0x210000) 13:37:44 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x45e8, 0x8000, 0x0], 0x3, 0x800, 0x0, 0xffffffffffffffff}) (rerun: 32) write$vhost_msg_v2(r1, &(0x7f00000001c0)={0x2, 0x0, {&(0x7f0000000080)=""/169, 0xa9, &(0x7f0000000180)=""/3, 0x1, 0x1}}, 0x48) 13:37:44 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x22c422, 0x0) 13:37:44 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 13:37:44 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) accept$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) accept$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) (async) [ 668.891125] FAULT_INJECTION: forcing a failure. [ 668.891125] name failslab, interval 1, probability 0, space 0, times 0 [ 668.938916] CPU: 0 PID: 10554 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 668.946830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.956183] Call Trace: [ 668.958775] dump_stack+0x1b2/0x281 [ 668.962412] should_fail.cold+0x10a/0x149 [ 668.966564] should_failslab+0xd6/0x130 [ 668.970540] kmem_cache_alloc+0x28e/0x3c0 [ 668.974695] get_empty_filp+0x86/0x3f0 [ 668.978583] alloc_file+0x23/0x440 [ 668.982129] anon_inode_getfile+0x163/0x2f0 [ 668.986457] ? compat_SyS_epoll_pwait+0x240/0x240 [ 668.991296] ? __alloc_fd+0x1be/0x490 [ 668.995105] kvm_dev_ioctl+0x50f/0x1450 [ 668.999083] ? finish_task_switch+0x178/0x610 [ 669.003575] ? finish_task_switch+0x14d/0x610 [ 669.008065] ? kvm_put_kvm+0xab0/0xab0 [ 669.011952] ? __schedule+0x893/0x1de0 [ 669.015844] ? kvm_put_kvm+0xab0/0xab0 [ 669.019732] do_vfs_ioctl+0x75a/0xff0 [ 669.023561] ? lock_acquire+0x170/0x3f0 [ 669.027537] ? ioctl_preallocate+0x1a0/0x1a0 [ 669.031963] ? __fget+0x265/0x3e0 [ 669.035397] ? do_vfs_ioctl+0xff0/0xff0 [ 669.039353] ? security_file_ioctl+0x83/0xb0 [ 669.043758] SyS_ioctl+0x7f/0xb0 [ 669.047103] ? do_vfs_ioctl+0xff0/0xff0 [ 669.051057] do_syscall_64+0x1d5/0x640 [ 669.054929] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 669.060096] RIP: 0033:0x7fa37e383109 [ 669.063783] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 669.071470] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 669.078719] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:37:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 13) 13:37:45 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_buf(r0, 0x107, 0x2, &(0x7f0000000000)="a94c61f92c69a59f5f2998512b30c924dced2972cd305a0eb07bb200cb9325c474ec24c8d60c6ccd841eff3f3754cdab2ff4743e7e06", 0x36) syz_open_dev$dri(&(0x7f0000000040), 0x6, 0x210000) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r0, 0x107, 0x2, &(0x7f0000000000)="a94c61f92c69a59f5f2998512b30c924dced2972cd305a0eb07bb200cb9325c474ec24c8d60c6ccd841eff3f3754cdab2ff4743e7e06", 0x36) (async) syz_open_dev$dri(&(0x7f0000000040), 0x6, 0x210000) (async) 13:37:45 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x45e8, 0x8000, 0x0], 0x3, 0x800, 0x0, 0xffffffffffffffff}) write$vhost_msg_v2(r1, &(0x7f00000001c0)={0x2, 0x0, {&(0x7f0000000080)=""/169, 0xa9, &(0x7f0000000180)=""/3, 0x1, 0x1}}, 0x48) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x45e8, 0x8000, 0x0], 0x3, 0x800}) (async) write$vhost_msg_v2(r1, &(0x7f00000001c0)={0x2, 0x0, {&(0x7f0000000080)=""/169, 0xa9, &(0x7f0000000180)=""/3, 0x1, 0x1}}, 0x48) (async) 13:37:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x22c422, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x22c422, 0x0) (async) 13:37:45 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3ff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0xc040}, 0x4000014) 13:37:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20701, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 669.086114] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 669.093370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 669.100633] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:45 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3ff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0xc040}, 0x4000014) socketpair(0x2, 0x1, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3ff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0xc040}, 0x4000014) (async) 13:37:45 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x1000}, 0x4) [ 669.180040] FAULT_INJECTION: forcing a failure. [ 669.180040] name failslab, interval 1, probability 0, space 0, times 0 [ 669.216627] CPU: 0 PID: 10587 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 669.224547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.233898] Call Trace: [ 669.236487] dump_stack+0x1b2/0x281 [ 669.240127] should_fail.cold+0x10a/0x149 [ 669.244282] should_failslab+0xd6/0x130 [ 669.248259] kmem_cache_alloc_trace+0x29a/0x3d0 [ 669.252933] apparmor_file_alloc_security+0x129/0x800 [ 669.258129] security_file_alloc+0x66/0xa0 [ 669.262364] ? selinux_is_enabled+0x5/0x50 [ 669.266603] get_empty_filp+0x16b/0x3f0 [ 669.270579] alloc_file+0x23/0x440 [ 669.274124] anon_inode_getfile+0x163/0x2f0 [ 669.278445] ? compat_SyS_epoll_pwait+0x240/0x240 [ 669.283282] ? __alloc_fd+0x1be/0x490 [ 669.287085] kvm_dev_ioctl+0x50f/0x1450 [ 669.291062] ? fsnotify+0x974/0x11b0 [ 669.294771] ? kvm_put_kvm+0xab0/0xab0 [ 669.298656] ? SyS_write+0x1b7/0x210 [ 669.302366] ? kvm_put_kvm+0xab0/0xab0 [ 669.306247] do_vfs_ioctl+0x75a/0xff0 [ 669.310046] ? lock_acquire+0x170/0x3f0 [ 669.314017] ? ioctl_preallocate+0x1a0/0x1a0 [ 669.318439] ? __fget+0x265/0x3e0 [ 669.322000] ? do_vfs_ioctl+0xff0/0xff0 [ 669.325974] ? security_file_ioctl+0x83/0xb0 13:37:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20701, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 669.330380] SyS_ioctl+0x7f/0xb0 [ 669.333742] ? do_vfs_ioctl+0xff0/0xff0 [ 669.337715] do_syscall_64+0x1d5/0x640 [ 669.341608] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 669.346790] RIP: 0033:0x7fa37e383109 [ 669.350491] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 669.358198] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 669.365469] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 669.372912] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20701, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:45 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x0, 0x200, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x3ff}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0xc040}, 0x4000014) 13:37:45 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r0, 0x107, 0x2, &(0x7f0000000000)="a94c61f92c69a59f5f2998512b30c924dced2972cd305a0eb07bb200cb9325c474ec24c8d60c6ccd841eff3f3754cdab2ff4743e7e06", 0x36) (async) syz_open_dev$dri(&(0x7f0000000040), 0x6, 0x210000) [ 669.380179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 669.387454] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 14) 13:37:45 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x1000}, 0x4) 13:37:45 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) socketpair(0x2a, 0x4, 0x1, &(0x7f0000000000)) 13:37:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) ioctl$KVM_GET_TSC_KHZ(r6, 0xaea3) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x300, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x91}, 0x14894) ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f0000000040)={0x6, 0x7fffffff, 0x8}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xc400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:45 executing program 4: socketpair(0x2, 0x6, 0x80000000, 0x0) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x200, 0x70bd27, 0x3, {}, [@GTPA_LINK={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x44}}, 0x20000410) 13:37:45 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x1000}, 0x4) [ 669.542892] FAULT_INJECTION: forcing a failure. [ 669.542892] name failslab, interval 1, probability 0, space 0, times 0 [ 669.554986] device batadv0 entered promiscuous mode [ 669.581988] device batadv0 left promiscuous mode [ 669.585538] CPU: 0 PID: 10654 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 669.594645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.604001] Call Trace: [ 669.606593] dump_stack+0x1b2/0x281 [ 669.610232] should_fail.cold+0x10a/0x149 [ 669.614381] should_failslab+0xd6/0x130 [ 669.618362] kmem_cache_alloc+0x28e/0x3c0 [ 669.622523] __d_alloc+0x2a/0xa20 [ 669.626015] ? lock_downgrade+0x740/0x740 [ 669.630164] anon_inode_getfile+0x101/0x2f0 [ 669.634493] ? compat_SyS_epoll_pwait+0x240/0x240 [ 669.639339] ? __alloc_fd+0x1be/0x490 [ 669.643151] kvm_dev_ioctl+0x50f/0x1450 [ 669.647138] ? fsnotify+0x974/0x11b0 [ 669.650854] ? kvm_put_kvm+0xab0/0xab0 [ 669.654744] ? SyS_write+0x1b7/0x210 [ 669.658479] ? kvm_put_kvm+0xab0/0xab0 [ 669.662387] do_vfs_ioctl+0x75a/0xff0 [ 669.666199] ? lock_acquire+0x170/0x3f0 [ 669.670188] ? ioctl_preallocate+0x1a0/0x1a0 [ 669.674697] ? __fget+0x265/0x3e0 [ 669.678162] ? do_vfs_ioctl+0xff0/0xff0 [ 669.682147] ? security_file_ioctl+0x83/0xb0 [ 669.686567] SyS_ioctl+0x7f/0xb0 [ 669.689937] ? do_vfs_ioctl+0xff0/0xff0 [ 669.693920] do_syscall_64+0x1d5/0x640 [ 669.697817] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 669.703011] RIP: 0033:0x7fa37e383109 [ 669.706742] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 669.714539] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 669.721805] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 669.729066] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 669.736324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:37:45 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) socketpair(0x2a, 0x4, 0x1, &(0x7f0000000000)) socketpair(0x2, 0x1, 0x0, 0x0) (async) socketpair(0x2a, 0x4, 0x1, &(0x7f0000000000)) (async) 13:37:45 executing program 4: socketpair(0x2, 0x6, 0x80000000, 0x0) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x200, 0x70bd27, 0x3, {}, [@GTPA_LINK={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x44}}, 0x20000410) socketpair(0x2, 0x6, 0x80000000, 0x0) (async) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x200, 0x70bd27, 0x3, {}, [@GTPA_LINK={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x44}}, 0x20000410) (async) 13:37:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xc400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:45 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 15) 13:37:45 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) ioctl$KVM_GET_TSC_KHZ(r6, 0xaea3) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x300, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x91}, 0x14894) ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f0000000040)={0x6, 0x7fffffff, 0x8}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)) (async) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) (async) ioctl$KVM_GET_TSC_KHZ(r6, 0xaea3) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x300, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x91}, 0x14894) (async) ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f0000000040)={0x6, 0x7fffffff, 0x8}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) [ 669.743582] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:45 executing program 0: setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x8, 0x3}, 0x4) 13:37:45 executing program 4: socketpair(0x2, 0x6, 0x80000000, 0x0) (async) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x200, 0x70bd27, 0x3, {}, [@GTPA_LINK={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010100}, @GTPA_MS_ADDRESS={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x44}}, 0x20000410) 13:37:45 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0xc400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:45 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000000)={[0x1, 0x0, 0x7f, 0x558e, 0x0, 0xbf40, 0x1000, 0x58744d10, 0x8, 0x100, 0x7f, 0x1000, 0xf61, 0xb27, 0x2, 0x1, 0x6, 0x1, 0x1, 0x7, 0x1, 0x9, 0x70dd, 0x9e15, 0x1, 0xc0, 0x4, 0x8, 0x20, 0x1ff, 0x9c, 0x78d, 0x69a9, 0x400, 0x0, 0x8, 0xff, 0x6, 0x5e6, 0x4, 0x80000000, 0xffff1577, 0x4, 0x4, 0x7, 0x8000, 0x401, 0x5, 0x223, 0x67, 0x5, 0x3, 0x9, 0x2, 0x812e, 0x1, 0x1, 0x7fff, 0x849c, 0x5, 0xfffffff9, 0x80000001, 0x8, 0x3bc, 0x1ff, 0x7, 0x9, 0xff, 0x4e, 0x1, 0x6, 0x3, 0x71b4, 0x51, 0xd3, 0xfffffff8, 0x2, 0x400, 0x4, 0x7, 0x6, 0x8, 0x2b, 0x2, 0x7, 0x6, 0x1ff, 0x5, 0x8000, 0x7f, 0x1, 0x7f, 0x83f, 0x7, 0x40, 0x2, 0x10000, 0xffffffff, 0x5, 0x3, 0x101, 0x2, 0x81, 0x3, 0x7ff, 0xc784, 0x0, 0x2, 0x8, 0xffffd4be, 0x0, 0x3, 0x2, 0x1, 0x7fff, 0x7f, 0x0, 0x3ff, 0xfffffefb, 0x4000000, 0xa2e5, 0x4, 0xffff, 0x3085fbe9, 0x9, 0x7, 0x80, 0x7, 0x6, 0x3, 0x4, 0x821, 0x99c, 0xffff, 0x6, 0x6, 0x40, 0x4, 0x101, 0x1, 0x100, 0x400, 0x1, 0x18, 0x28b, 0x6, 0x2, 0x2, 0x81, 0x10000, 0x1f, 0x6, 0x9, 0x9, 0x1880, 0xffff, 0x0, 0x3, 0x7f, 0x7, 0x5, 0x1, 0x5, 0x80000001, 0x80000000, 0x1000, 0x8, 0x1, 0x9, 0x1ff, 0x1, 0x1, 0x6, 0x8001, 0x9efa, 0x4, 0x0, 0xe2a, 0xa1, 0x1, 0x7, 0x4, 0x10000, 0x3, 0x66d3ffbd, 0x3, 0x6, 0x80000000, 0x0, 0x305f, 0x0, 0x1ff, 0xffff, 0xe7, 0x5, 0x38, 0x80000001, 0x0, 0x4, 0x1, 0x1, 0x3037c6c7, 0x4, 0x5, 0x2, 0x0, 0x2, 0x80000000, 0x0, 0x5, 0x101, 0x9, 0x4, 0x1000, 0x9, 0xa24, 0x9, 0x31e, 0xff, 0x1, 0x3, 0x94c9, 0x9, 0x40, 0xffff, 0x5, 0x3, 0x7, 0x81, 0x6f8da19e, 0x4, 0x200, 0x5, 0x2, 0x9, 0xffffff01, 0x2, 0x1000, 0x6, 0x4, 0x2, 0xf7, 0x45, 0x1f, 0x1, 0x2b, 0x5, 0xffff0000, 0x80000000, 0x1, 0x101, 0x9, 0xffff0001, 0x3b, 0x1, 0x1, 0xb2, 0x80000000, 0xc3b7, 0x0, 0x8000, 0x1, 0x80000001, 0xffff, 0xffffff01, 0x2, 0x820d, 0x5, 0x5, 0xfffffffa, 0x7, 0x40, 0x3f, 0x6, 0x6, 0x9, 0x80, 0x2, 0x6cb, 0x9, 0x81, 0xd3, 0x101, 0x1, 0x63f, 0x3, 0x0, 0x9, 0xff, 0x8, 0x0, 0x9, 0x9, 0x8, 0x804d, 0x4, 0x8, 0x1000, 0x3, 0x8, 0x97, 0x886, 0x101, 0x7, 0x4000000, 0x7fff, 0x3ff, 0x8001, 0x20, 0x33, 0x1, 0x3f, 0x1f, 0x7, 0x5, 0x5840, 0x401, 0x1, 0xfffffc00, 0x8, 0x401, 0x9, 0x1ff, 0x5, 0xff, 0x1, 0x20, 0x200, 0x5, 0x100, 0x6, 0x2, 0x752, 0x5, 0x1f, 0x7fffffff, 0x7, 0x100, 0x9, 0x9, 0x8000, 0x1f, 0xffffffff, 0x200, 0x7, 0x4, 0x2, 0x6, 0x4, 0x9, 0x7, 0x7ff, 0x9, 0x1, 0x1, 0x0, 0x1, 0x3, 0xe8e, 0x9, 0x5, 0x17, 0x8001, 0xffffffff, 0x1, 0x4, 0x9, 0x80000001, 0xeb3, 0xf4, 0x9, 0x3f, 0x8001, 0x6, 0xffffffff, 0x3, 0x8, 0x9, 0x800, 0x9, 0xffff, 0x9, 0x1, 0x7fff, 0x9, 0x9, 0x81, 0x93, 0x200, 0x7ff, 0xb423, 0x9, 0x7fffffff, 0x95d9, 0x0, 0xffffffff, 0x70c1, 0xffff, 0x92d, 0xff, 0x8000, 0x2, 0x9, 0x0, 0x5, 0x5, 0x7, 0x9, 0x0, 0xfffffc00, 0x1, 0x0, 0xffff, 0x94, 0x7, 0x4, 0x7ff, 0x8, 0x7, 0x4, 0x2, 0x3, 0x53, 0x0, 0x59b, 0x7, 0x7, 0xfae8, 0x41da0000, 0x7, 0x401, 0x7, 0xe5, 0x200, 0x8001, 0x101, 0x7ff, 0x3, 0xffff7e2d, 0x1, 0x3, 0x1f, 0x1000, 0x7fffffff, 0x1, 0x8, 0x6, 0xf0, 0x3, 0x3, 0x1, 0x7, 0x5, 0x80000000, 0x0, 0x401, 0x9, 0x400, 0x1ff, 0xfff, 0x0, 0x1, 0x9, 0x4, 0x81, 0x430, 0x7, 0x80000001, 0x0, 0x80000001, 0x8, 0x1, 0x7d, 0x9, 0x9, 0x0, 0x5, 0x40, 0xaa84, 0xbca, 0x10001, 0x8, 0x10001, 0x0, 0x7fff, 0xf6e7, 0x7fffffff, 0x7ff, 0xcee00000, 0x7f, 0x10001, 0xa6f9, 0x8, 0x1, 0x3, 0x6, 0xffffff20, 0x1, 0x40, 0x80000000, 0x10001, 0x4, 0x9, 0x1, 0x6, 0x401, 0x7, 0x0, 0x2, 0xff2, 0x10000, 0x9, 0x3, 0xa9e, 0x11f, 0x5, 0xd9, 0x1, 0x20, 0x1, 0xcb7, 0x10001, 0x2, 0x0, 0xaae2, 0x6, 0x0, 0x6, 0x4, 0x7, 0x7fff, 0x6, 0x3, 0x3, 0x10000, 0x9, 0x9, 0x400, 0x80, 0x9, 0x91e4, 0x101, 0x1f, 0x0, 0x1ff, 0x81, 0xffffc0f9, 0x2, 0x81, 0x3f, 0x0, 0x0, 0x3, 0xfffffffa, 0x7fffffff, 0x0, 0x4, 0x9d5, 0x3a39, 0x1000, 0x3, 0xffffffff, 0x3, 0x59c, 0xffffff7f, 0x400, 0x4, 0x1ff, 0x8, 0x0, 0xffffffff, 0x2, 0x40, 0x4c, 0x7fff, 0x5, 0x6, 0x7f, 0x3, 0x1, 0x7, 0x2, 0x9, 0x7fffffff, 0xa18, 0x9, 0x0, 0x7745, 0xffff, 0x2b, 0x5, 0x37ef, 0x0, 0x7ff, 0xe6, 0x8001, 0x4, 0xffff8000, 0x1, 0xfffffffc, 0x4, 0x7, 0x1, 0x8, 0x10001, 0x4, 0x3f, 0x5, 0x1, 0x0, 0xab2e, 0x4, 0x0, 0xfffffffc, 0x3, 0xffffffff, 0x9, 0x0, 0x542, 0x8, 0xfff, 0x8, 0x4, 0x81, 0x80000000, 0x401, 0x2, 0x5, 0xf67b, 0x7, 0x80000000, 0x1, 0x55f, 0x101, 0x3, 0x6, 0x3ff, 0xffff0001, 0x1, 0x3800, 0x5, 0x5, 0x9, 0x1, 0x3f, 0x9, 0xc94f, 0x0, 0x7, 0x0, 0x6, 0x7f, 0x9, 0xffffffff, 0x1, 0x3, 0x3f, 0x8, 0x2, 0x6, 0xffffffff, 0x80, 0x0, 0x80000000, 0x6, 0x8, 0x598, 0x101, 0x80, 0x2, 0x6, 0x3, 0x2, 0x3, 0x1, 0x73, 0xffff0001, 0x3, 0x4, 0x9, 0x7, 0x10001, 0x2ea, 0x7ff, 0x7, 0x1ff, 0x9, 0x10000, 0xffffff00, 0x7f, 0x7fffffff, 0x8, 0x3f, 0x20, 0x3, 0x0, 0x4, 0x21, 0x0, 0x3d5b, 0xec3, 0xd0, 0xffff, 0x7fff, 0x6, 0x1f, 0x2, 0xda, 0x3be3, 0x6, 0x3, 0x7fff, 0x7, 0x5fef, 0x80000000, 0x4, 0x4, 0x0, 0x2, 0x3, 0x8000, 0x1, 0x0, 0xfffffff7, 0x70d0, 0xd7d5, 0x2, 0x7ff, 0x3832, 0x6, 0x3, 0x7ff, 0x8, 0x3d, 0xff, 0xffff, 0x8, 0xffffffeb, 0xfffffe01, 0x233b, 0x4, 0x4, 0x2, 0x54e13869, 0x7, 0xff, 0x8000, 0x888, 0x0, 0x88, 0x9c5, 0x8, 0x0, 0x401, 0x20, 0x3, 0x2, 0xfff, 0x657, 0x0, 0x9, 0x7, 0x9, 0x0, 0x3f, 0x80, 0x9, 0x2, 0x5, 0xfffffffb, 0x6, 0x7f, 0x80000001, 0x1, 0x865, 0x0, 0x8, 0x6, 0xf0f, 0x5c0, 0xffff8000, 0xffffffff, 0x6, 0x400, 0x2, 0xe9, 0x25d, 0x0, 0x4, 0x100, 0xffffff00, 0x6, 0x6, 0xa7fe, 0x6, 0x5, 0x63, 0xaa, 0xcf3, 0x81, 0x8, 0x8, 0x3db643d7, 0x80, 0x8, 0x81, 0x0, 0x9, 0x5, 0x7, 0x93f518b, 0x0, 0x1, 0x9, 0x6, 0x0, 0x2, 0xfffffffc, 0x800, 0x3f, 0x401, 0x2, 0x2, 0x2, 0xfffffff7, 0x20, 0x6, 0x80, 0x1000, 0xd956, 0x5, 0xfffffffe, 0x1f, 0x1, 0xe73, 0x36, 0x5, 0x4, 0x40, 0x6, 0x101, 0x1, 0x4, 0x9, 0x778, 0x81, 0x6d84, 0x9, 0x800, 0x5, 0x2, 0x3, 0x20, 0x0, 0x5e, 0xd1bc, 0x6, 0x8000, 0x0, 0x8001, 0xb5, 0x4, 0x8, 0x2, 0xe075, 0x6, 0x1, 0x115f, 0x1, 0x80000001, 0x3, 0x8, 0x7, 0x10000, 0x0, 0x3, 0xfffffff7, 0x2, 0x3, 0x0, 0x8, 0x3a, 0x1, 0xfffffe00, 0x9, 0x3, 0x1, 0x6, 0x1, 0x5, 0x7, 0x0, 0x0, 0x0, 0x9, 0x8001, 0xa4, 0x1, 0x10000, 0x0, 0x3, 0xa920000, 0x6, 0x9e4e, 0x0, 0x9, 0x1ff, 0x1, 0x1, 0x8a2, 0x1, 0x10000, 0x80000000, 0x4, 0x9, 0x7, 0x3, 0x3ff, 0x3ff, 0x7, 0x8, 0xe1b8, 0x8, 0x8, 0x4, 0x2a26, 0x400, 0x2, 0x4, 0x3ff, 0x73e4, 0x8, 0xff, 0x8, 0xc18a, 0x4, 0x4, 0x2ee, 0x200, 0x1, 0x1, 0x7fff, 0x9, 0x7, 0xdc2c, 0x9, 0x7, 0xffffff7e, 0x9, 0x6, 0x8, 0x4, 0x81, 0x6, 0x8, 0x4, 0x8001, 0x0, 0x18, 0x31b884b2, 0x7fff, 0x1, 0x7, 0x2, 0x8, 0x3, 0x6, 0x9, 0x7, 0x9131, 0x8, 0x5, 0x40, 0x8, 0x8, 0x3c, 0x3, 0x4, 0x7, 0x1, 0xb42, 0xffffffff, 0x400, 0x4, 0x3, 0x85, 0x5, 0x8, 0xe74, 0x0, 0x2, 0x9, 0x8001, 0x80000001, 0x40, 0x62, 0xdb45, 0xfffffffe, 0x800, 0x6, 0xfffff6e7, 0xfb4d, 0x16b, 0x2, 0xfbf, 0x254534f4, 0x1ff, 0xcaf0, 0x2, 0x9, 0x3, 0x380, 0x81, 0x0, 0x692, 0x4, 0x5, 0x8, 0x5, 0x6, 0x886, 0x0, 0x3f, 0xffff]}) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:45 executing program 0: setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x8, 0x3}, 0x4) [ 669.860054] FAULT_INJECTION: forcing a failure. [ 669.860054] name failslab, interval 1, probability 0, space 0, times 0 [ 669.860390] device batadv0 entered promiscuous mode 13:37:46 executing program 0: setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x8, 0x3}, 0x4) 13:37:46 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x511d063e3bd10eee, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x101000) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f00000000c0)={r3, 0x20}) [ 669.912714] CPU: 0 PID: 10692 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 669.920624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.929994] Call Trace: [ 669.932583] dump_stack+0x1b2/0x281 [ 669.936217] should_fail.cold+0x10a/0x149 [ 669.940366] should_failslab+0xd6/0x130 [ 669.944341] kmem_cache_alloc+0x28e/0x3c0 [ 669.948629] alloc_inode+0xa0/0x170 [ 669.952263] new_inode+0x1d/0xf0 [ 669.955803] debugfs_get_inode+0x1a/0x130 13:37:46 executing program 0: accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14, 0x800) ioctl$DRM_IOCTL_SG_ALLOC(0xffffffffffffffff, 0xc0106438, &(0x7f00000000c0)={0x100000001}) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x7}, 0xb589f42246e4fc9) [ 669.959949] debugfs_create_dir+0x63/0x420 [ 669.964191] kvm_dev_ioctl+0xb86/0x1450 [ 669.968166] ? fsnotify+0x974/0x11b0 [ 669.971884] ? kvm_put_kvm+0xab0/0xab0 [ 669.975773] ? kvm_put_kvm+0xab0/0xab0 [ 669.979665] do_vfs_ioctl+0x75a/0xff0 [ 669.983468] ? lock_acquire+0x170/0x3f0 [ 669.987437] ? ioctl_preallocate+0x1a0/0x1a0 [ 669.991847] ? __fget+0x265/0x3e0 [ 669.995303] ? do_vfs_ioctl+0xff0/0xff0 [ 669.999277] ? security_file_ioctl+0x83/0xb0 [ 670.003685] SyS_ioctl+0x7f/0xb0 [ 670.007050] ? do_vfs_ioctl+0xff0/0xff0 [ 670.011041] do_syscall_64+0x1d5/0x640 [ 670.014911] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 670.020100] RIP: 0033:0x7fa37e383109 [ 670.023807] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 670.031491] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 670.038749] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 670.045995] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 670.053243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:37:46 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) socketpair(0x2a, 0x4, 0x1, &(0x7f0000000000)) [ 670.060492] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:46 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x511d063e3bd10eee, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x101000) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f00000000c0)={r3, 0x20}) 13:37:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 16) 13:37:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) ioctl$KVM_GET_TSC_KHZ(r6, 0xaea3) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x300, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x91}, 0x14894) ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f0000000040)={0x6, 0x7fffffff, 0x8}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)) (async) setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) (async) ioctl$KVM_GET_TSC_KHZ(r6, 0xaea3) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r3, 0x300, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x91}, 0x14894) (async) ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f0000000040)={0x6, 0x7fffffff, 0x8}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:46 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000000)={[0x1, 0x0, 0x7f, 0x558e, 0x0, 0xbf40, 0x1000, 0x58744d10, 0x8, 0x100, 0x7f, 0x1000, 0xf61, 0xb27, 0x2, 0x1, 0x6, 0x1, 0x1, 0x7, 0x1, 0x9, 0x70dd, 0x9e15, 0x1, 0xc0, 0x4, 0x8, 0x20, 0x1ff, 0x9c, 0x78d, 0x69a9, 0x400, 0x0, 0x8, 0xff, 0x6, 0x5e6, 0x4, 0x80000000, 0xffff1577, 0x4, 0x4, 0x7, 0x8000, 0x401, 0x5, 0x223, 0x67, 0x5, 0x3, 0x9, 0x2, 0x812e, 0x1, 0x1, 0x7fff, 0x849c, 0x5, 0xfffffff9, 0x80000001, 0x8, 0x3bc, 0x1ff, 0x7, 0x9, 0xff, 0x4e, 0x1, 0x6, 0x3, 0x71b4, 0x51, 0xd3, 0xfffffff8, 0x2, 0x400, 0x4, 0x7, 0x6, 0x8, 0x2b, 0x2, 0x7, 0x6, 0x1ff, 0x5, 0x8000, 0x7f, 0x1, 0x7f, 0x83f, 0x7, 0x40, 0x2, 0x10000, 0xffffffff, 0x5, 0x3, 0x101, 0x2, 0x81, 0x3, 0x7ff, 0xc784, 0x0, 0x2, 0x8, 0xffffd4be, 0x0, 0x3, 0x2, 0x1, 0x7fff, 0x7f, 0x0, 0x3ff, 0xfffffefb, 0x4000000, 0xa2e5, 0x4, 0xffff, 0x3085fbe9, 0x9, 0x7, 0x80, 0x7, 0x6, 0x3, 0x4, 0x821, 0x99c, 0xffff, 0x6, 0x6, 0x40, 0x4, 0x101, 0x1, 0x100, 0x400, 0x1, 0x18, 0x28b, 0x6, 0x2, 0x2, 0x81, 0x10000, 0x1f, 0x6, 0x9, 0x9, 0x1880, 0xffff, 0x0, 0x3, 0x7f, 0x7, 0x5, 0x1, 0x5, 0x80000001, 0x80000000, 0x1000, 0x8, 0x1, 0x9, 0x1ff, 0x1, 0x1, 0x6, 0x8001, 0x9efa, 0x4, 0x0, 0xe2a, 0xa1, 0x1, 0x7, 0x4, 0x10000, 0x3, 0x66d3ffbd, 0x3, 0x6, 0x80000000, 0x0, 0x305f, 0x0, 0x1ff, 0xffff, 0xe7, 0x5, 0x38, 0x80000001, 0x0, 0x4, 0x1, 0x1, 0x3037c6c7, 0x4, 0x5, 0x2, 0x0, 0x2, 0x80000000, 0x0, 0x5, 0x101, 0x9, 0x4, 0x1000, 0x9, 0xa24, 0x9, 0x31e, 0xff, 0x1, 0x3, 0x94c9, 0x9, 0x40, 0xffff, 0x5, 0x3, 0x7, 0x81, 0x6f8da19e, 0x4, 0x200, 0x5, 0x2, 0x9, 0xffffff01, 0x2, 0x1000, 0x6, 0x4, 0x2, 0xf7, 0x45, 0x1f, 0x1, 0x2b, 0x5, 0xffff0000, 0x80000000, 0x1, 0x101, 0x9, 0xffff0001, 0x3b, 0x1, 0x1, 0xb2, 0x80000000, 0xc3b7, 0x0, 0x8000, 0x1, 0x80000001, 0xffff, 0xffffff01, 0x2, 0x820d, 0x5, 0x5, 0xfffffffa, 0x7, 0x40, 0x3f, 0x6, 0x6, 0x9, 0x80, 0x2, 0x6cb, 0x9, 0x81, 0xd3, 0x101, 0x1, 0x63f, 0x3, 0x0, 0x9, 0xff, 0x8, 0x0, 0x9, 0x9, 0x8, 0x804d, 0x4, 0x8, 0x1000, 0x3, 0x8, 0x97, 0x886, 0x101, 0x7, 0x4000000, 0x7fff, 0x3ff, 0x8001, 0x20, 0x33, 0x1, 0x3f, 0x1f, 0x7, 0x5, 0x5840, 0x401, 0x1, 0xfffffc00, 0x8, 0x401, 0x9, 0x1ff, 0x5, 0xff, 0x1, 0x20, 0x200, 0x5, 0x100, 0x6, 0x2, 0x752, 0x5, 0x1f, 0x7fffffff, 0x7, 0x100, 0x9, 0x9, 0x8000, 0x1f, 0xffffffff, 0x200, 0x7, 0x4, 0x2, 0x6, 0x4, 0x9, 0x7, 0x7ff, 0x9, 0x1, 0x1, 0x0, 0x1, 0x3, 0xe8e, 0x9, 0x5, 0x17, 0x8001, 0xffffffff, 0x1, 0x4, 0x9, 0x80000001, 0xeb3, 0xf4, 0x9, 0x3f, 0x8001, 0x6, 0xffffffff, 0x3, 0x8, 0x9, 0x800, 0x9, 0xffff, 0x9, 0x1, 0x7fff, 0x9, 0x9, 0x81, 0x93, 0x200, 0x7ff, 0xb423, 0x9, 0x7fffffff, 0x95d9, 0x0, 0xffffffff, 0x70c1, 0xffff, 0x92d, 0xff, 0x8000, 0x2, 0x9, 0x0, 0x5, 0x5, 0x7, 0x9, 0x0, 0xfffffc00, 0x1, 0x0, 0xffff, 0x94, 0x7, 0x4, 0x7ff, 0x8, 0x7, 0x4, 0x2, 0x3, 0x53, 0x0, 0x59b, 0x7, 0x7, 0xfae8, 0x41da0000, 0x7, 0x401, 0x7, 0xe5, 0x200, 0x8001, 0x101, 0x7ff, 0x3, 0xffff7e2d, 0x1, 0x3, 0x1f, 0x1000, 0x7fffffff, 0x1, 0x8, 0x6, 0xf0, 0x3, 0x3, 0x1, 0x7, 0x5, 0x80000000, 0x0, 0x401, 0x9, 0x400, 0x1ff, 0xfff, 0x0, 0x1, 0x9, 0x4, 0x81, 0x430, 0x7, 0x80000001, 0x0, 0x80000001, 0x8, 0x1, 0x7d, 0x9, 0x9, 0x0, 0x5, 0x40, 0xaa84, 0xbca, 0x10001, 0x8, 0x10001, 0x0, 0x7fff, 0xf6e7, 0x7fffffff, 0x7ff, 0xcee00000, 0x7f, 0x10001, 0xa6f9, 0x8, 0x1, 0x3, 0x6, 0xffffff20, 0x1, 0x40, 0x80000000, 0x10001, 0x4, 0x9, 0x1, 0x6, 0x401, 0x7, 0x0, 0x2, 0xff2, 0x10000, 0x9, 0x3, 0xa9e, 0x11f, 0x5, 0xd9, 0x1, 0x20, 0x1, 0xcb7, 0x10001, 0x2, 0x0, 0xaae2, 0x6, 0x0, 0x6, 0x4, 0x7, 0x7fff, 0x6, 0x3, 0x3, 0x10000, 0x9, 0x9, 0x400, 0x80, 0x9, 0x91e4, 0x101, 0x1f, 0x0, 0x1ff, 0x81, 0xffffc0f9, 0x2, 0x81, 0x3f, 0x0, 0x0, 0x3, 0xfffffffa, 0x7fffffff, 0x0, 0x4, 0x9d5, 0x3a39, 0x1000, 0x3, 0xffffffff, 0x3, 0x59c, 0xffffff7f, 0x400, 0x4, 0x1ff, 0x8, 0x0, 0xffffffff, 0x2, 0x40, 0x4c, 0x7fff, 0x5, 0x6, 0x7f, 0x3, 0x1, 0x7, 0x2, 0x9, 0x7fffffff, 0xa18, 0x9, 0x0, 0x7745, 0xffff, 0x2b, 0x5, 0x37ef, 0x0, 0x7ff, 0xe6, 0x8001, 0x4, 0xffff8000, 0x1, 0xfffffffc, 0x4, 0x7, 0x1, 0x8, 0x10001, 0x4, 0x3f, 0x5, 0x1, 0x0, 0xab2e, 0x4, 0x0, 0xfffffffc, 0x3, 0xffffffff, 0x9, 0x0, 0x542, 0x8, 0xfff, 0x8, 0x4, 0x81, 0x80000000, 0x401, 0x2, 0x5, 0xf67b, 0x7, 0x80000000, 0x1, 0x55f, 0x101, 0x3, 0x6, 0x3ff, 0xffff0001, 0x1, 0x3800, 0x5, 0x5, 0x9, 0x1, 0x3f, 0x9, 0xc94f, 0x0, 0x7, 0x0, 0x6, 0x7f, 0x9, 0xffffffff, 0x1, 0x3, 0x3f, 0x8, 0x2, 0x6, 0xffffffff, 0x80, 0x0, 0x80000000, 0x6, 0x8, 0x598, 0x101, 0x80, 0x2, 0x6, 0x3, 0x2, 0x3, 0x1, 0x73, 0xffff0001, 0x3, 0x4, 0x9, 0x7, 0x10001, 0x2ea, 0x7ff, 0x7, 0x1ff, 0x9, 0x10000, 0xffffff00, 0x7f, 0x7fffffff, 0x8, 0x3f, 0x20, 0x3, 0x0, 0x4, 0x21, 0x0, 0x3d5b, 0xec3, 0xd0, 0xffff, 0x7fff, 0x6, 0x1f, 0x2, 0xda, 0x3be3, 0x6, 0x3, 0x7fff, 0x7, 0x5fef, 0x80000000, 0x4, 0x4, 0x0, 0x2, 0x3, 0x8000, 0x1, 0x0, 0xfffffff7, 0x70d0, 0xd7d5, 0x2, 0x7ff, 0x3832, 0x6, 0x3, 0x7ff, 0x8, 0x3d, 0xff, 0xffff, 0x8, 0xffffffeb, 0xfffffe01, 0x233b, 0x4, 0x4, 0x2, 0x54e13869, 0x7, 0xff, 0x8000, 0x888, 0x0, 0x88, 0x9c5, 0x8, 0x0, 0x401, 0x20, 0x3, 0x2, 0xfff, 0x657, 0x0, 0x9, 0x7, 0x9, 0x0, 0x3f, 0x80, 0x9, 0x2, 0x5, 0xfffffffb, 0x6, 0x7f, 0x80000001, 0x1, 0x865, 0x0, 0x8, 0x6, 0xf0f, 0x5c0, 0xffff8000, 0xffffffff, 0x6, 0x400, 0x2, 0xe9, 0x25d, 0x0, 0x4, 0x100, 0xffffff00, 0x6, 0x6, 0xa7fe, 0x6, 0x5, 0x63, 0xaa, 0xcf3, 0x81, 0x8, 0x8, 0x3db643d7, 0x80, 0x8, 0x81, 0x0, 0x9, 0x5, 0x7, 0x93f518b, 0x0, 0x1, 0x9, 0x6, 0x0, 0x2, 0xfffffffc, 0x800, 0x3f, 0x401, 0x2, 0x2, 0x2, 0xfffffff7, 0x20, 0x6, 0x80, 0x1000, 0xd956, 0x5, 0xfffffffe, 0x1f, 0x1, 0xe73, 0x36, 0x5, 0x4, 0x40, 0x6, 0x101, 0x1, 0x4, 0x9, 0x778, 0x81, 0x6d84, 0x9, 0x800, 0x5, 0x2, 0x3, 0x20, 0x0, 0x5e, 0xd1bc, 0x6, 0x8000, 0x0, 0x8001, 0xb5, 0x4, 0x8, 0x2, 0xe075, 0x6, 0x1, 0x115f, 0x1, 0x80000001, 0x3, 0x8, 0x7, 0x10000, 0x0, 0x3, 0xfffffff7, 0x2, 0x3, 0x0, 0x8, 0x3a, 0x1, 0xfffffe00, 0x9, 0x3, 0x1, 0x6, 0x1, 0x5, 0x7, 0x0, 0x0, 0x0, 0x9, 0x8001, 0xa4, 0x1, 0x10000, 0x0, 0x3, 0xa920000, 0x6, 0x9e4e, 0x0, 0x9, 0x1ff, 0x1, 0x1, 0x8a2, 0x1, 0x10000, 0x80000000, 0x4, 0x9, 0x7, 0x3, 0x3ff, 0x3ff, 0x7, 0x8, 0xe1b8, 0x8, 0x8, 0x4, 0x2a26, 0x400, 0x2, 0x4, 0x3ff, 0x73e4, 0x8, 0xff, 0x8, 0xc18a, 0x4, 0x4, 0x2ee, 0x200, 0x1, 0x1, 0x7fff, 0x9, 0x7, 0xdc2c, 0x9, 0x7, 0xffffff7e, 0x9, 0x6, 0x8, 0x4, 0x81, 0x6, 0x8, 0x4, 0x8001, 0x0, 0x18, 0x31b884b2, 0x7fff, 0x1, 0x7, 0x2, 0x8, 0x3, 0x6, 0x9, 0x7, 0x9131, 0x8, 0x5, 0x40, 0x8, 0x8, 0x3c, 0x3, 0x4, 0x7, 0x1, 0xb42, 0xffffffff, 0x400, 0x4, 0x3, 0x85, 0x5, 0x8, 0xe74, 0x0, 0x2, 0x9, 0x8001, 0x80000001, 0x40, 0x62, 0xdb45, 0xfffffffe, 0x800, 0x6, 0xfffff6e7, 0xfb4d, 0x16b, 0x2, 0xfbf, 0x254534f4, 0x1ff, 0xcaf0, 0x2, 0x9, 0x3, 0x380, 0x81, 0x0, 0x692, 0x4, 0x5, 0x8, 0x5, 0x6, 0x886, 0x0, 0x3f, 0xffff]}) socketpair(0x2, 0x1, 0x0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000000)={[0x1, 0x0, 0x7f, 0x558e, 0x0, 0xbf40, 0x1000, 0x58744d10, 0x8, 0x100, 0x7f, 0x1000, 0xf61, 0xb27, 0x2, 0x1, 0x6, 0x1, 0x1, 0x7, 0x1, 0x9, 0x70dd, 0x9e15, 0x1, 0xc0, 0x4, 0x8, 0x20, 0x1ff, 0x9c, 0x78d, 0x69a9, 0x400, 0x0, 0x8, 0xff, 0x6, 0x5e6, 0x4, 0x80000000, 0xffff1577, 0x4, 0x4, 0x7, 0x8000, 0x401, 0x5, 0x223, 0x67, 0x5, 0x3, 0x9, 0x2, 0x812e, 0x1, 0x1, 0x7fff, 0x849c, 0x5, 0xfffffff9, 0x80000001, 0x8, 0x3bc, 0x1ff, 0x7, 0x9, 0xff, 0x4e, 0x1, 0x6, 0x3, 0x71b4, 0x51, 0xd3, 0xfffffff8, 0x2, 0x400, 0x4, 0x7, 0x6, 0x8, 0x2b, 0x2, 0x7, 0x6, 0x1ff, 0x5, 0x8000, 0x7f, 0x1, 0x7f, 0x83f, 0x7, 0x40, 0x2, 0x10000, 0xffffffff, 0x5, 0x3, 0x101, 0x2, 0x81, 0x3, 0x7ff, 0xc784, 0x0, 0x2, 0x8, 0xffffd4be, 0x0, 0x3, 0x2, 0x1, 0x7fff, 0x7f, 0x0, 0x3ff, 0xfffffefb, 0x4000000, 0xa2e5, 0x4, 0xffff, 0x3085fbe9, 0x9, 0x7, 0x80, 0x7, 0x6, 0x3, 0x4, 0x821, 0x99c, 0xffff, 0x6, 0x6, 0x40, 0x4, 0x101, 0x1, 0x100, 0x400, 0x1, 0x18, 0x28b, 0x6, 0x2, 0x2, 0x81, 0x10000, 0x1f, 0x6, 0x9, 0x9, 0x1880, 0xffff, 0x0, 0x3, 0x7f, 0x7, 0x5, 0x1, 0x5, 0x80000001, 0x80000000, 0x1000, 0x8, 0x1, 0x9, 0x1ff, 0x1, 0x1, 0x6, 0x8001, 0x9efa, 0x4, 0x0, 0xe2a, 0xa1, 0x1, 0x7, 0x4, 0x10000, 0x3, 0x66d3ffbd, 0x3, 0x6, 0x80000000, 0x0, 0x305f, 0x0, 0x1ff, 0xffff, 0xe7, 0x5, 0x38, 0x80000001, 0x0, 0x4, 0x1, 0x1, 0x3037c6c7, 0x4, 0x5, 0x2, 0x0, 0x2, 0x80000000, 0x0, 0x5, 0x101, 0x9, 0x4, 0x1000, 0x9, 0xa24, 0x9, 0x31e, 0xff, 0x1, 0x3, 0x94c9, 0x9, 0x40, 0xffff, 0x5, 0x3, 0x7, 0x81, 0x6f8da19e, 0x4, 0x200, 0x5, 0x2, 0x9, 0xffffff01, 0x2, 0x1000, 0x6, 0x4, 0x2, 0xf7, 0x45, 0x1f, 0x1, 0x2b, 0x5, 0xffff0000, 0x80000000, 0x1, 0x101, 0x9, 0xffff0001, 0x3b, 0x1, 0x1, 0xb2, 0x80000000, 0xc3b7, 0x0, 0x8000, 0x1, 0x80000001, 0xffff, 0xffffff01, 0x2, 0x820d, 0x5, 0x5, 0xfffffffa, 0x7, 0x40, 0x3f, 0x6, 0x6, 0x9, 0x80, 0x2, 0x6cb, 0x9, 0x81, 0xd3, 0x101, 0x1, 0x63f, 0x3, 0x0, 0x9, 0xff, 0x8, 0x0, 0x9, 0x9, 0x8, 0x804d, 0x4, 0x8, 0x1000, 0x3, 0x8, 0x97, 0x886, 0x101, 0x7, 0x4000000, 0x7fff, 0x3ff, 0x8001, 0x20, 0x33, 0x1, 0x3f, 0x1f, 0x7, 0x5, 0x5840, 0x401, 0x1, 0xfffffc00, 0x8, 0x401, 0x9, 0x1ff, 0x5, 0xff, 0x1, 0x20, 0x200, 0x5, 0x100, 0x6, 0x2, 0x752, 0x5, 0x1f, 0x7fffffff, 0x7, 0x100, 0x9, 0x9, 0x8000, 0x1f, 0xffffffff, 0x200, 0x7, 0x4, 0x2, 0x6, 0x4, 0x9, 0x7, 0x7ff, 0x9, 0x1, 0x1, 0x0, 0x1, 0x3, 0xe8e, 0x9, 0x5, 0x17, 0x8001, 0xffffffff, 0x1, 0x4, 0x9, 0x80000001, 0xeb3, 0xf4, 0x9, 0x3f, 0x8001, 0x6, 0xffffffff, 0x3, 0x8, 0x9, 0x800, 0x9, 0xffff, 0x9, 0x1, 0x7fff, 0x9, 0x9, 0x81, 0x93, 0x200, 0x7ff, 0xb423, 0x9, 0x7fffffff, 0x95d9, 0x0, 0xffffffff, 0x70c1, 0xffff, 0x92d, 0xff, 0x8000, 0x2, 0x9, 0x0, 0x5, 0x5, 0x7, 0x9, 0x0, 0xfffffc00, 0x1, 0x0, 0xffff, 0x94, 0x7, 0x4, 0x7ff, 0x8, 0x7, 0x4, 0x2, 0x3, 0x53, 0x0, 0x59b, 0x7, 0x7, 0xfae8, 0x41da0000, 0x7, 0x401, 0x7, 0xe5, 0x200, 0x8001, 0x101, 0x7ff, 0x3, 0xffff7e2d, 0x1, 0x3, 0x1f, 0x1000, 0x7fffffff, 0x1, 0x8, 0x6, 0xf0, 0x3, 0x3, 0x1, 0x7, 0x5, 0x80000000, 0x0, 0x401, 0x9, 0x400, 0x1ff, 0xfff, 0x0, 0x1, 0x9, 0x4, 0x81, 0x430, 0x7, 0x80000001, 0x0, 0x80000001, 0x8, 0x1, 0x7d, 0x9, 0x9, 0x0, 0x5, 0x40, 0xaa84, 0xbca, 0x10001, 0x8, 0x10001, 0x0, 0x7fff, 0xf6e7, 0x7fffffff, 0x7ff, 0xcee00000, 0x7f, 0x10001, 0xa6f9, 0x8, 0x1, 0x3, 0x6, 0xffffff20, 0x1, 0x40, 0x80000000, 0x10001, 0x4, 0x9, 0x1, 0x6, 0x401, 0x7, 0x0, 0x2, 0xff2, 0x10000, 0x9, 0x3, 0xa9e, 0x11f, 0x5, 0xd9, 0x1, 0x20, 0x1, 0xcb7, 0x10001, 0x2, 0x0, 0xaae2, 0x6, 0x0, 0x6, 0x4, 0x7, 0x7fff, 0x6, 0x3, 0x3, 0x10000, 0x9, 0x9, 0x400, 0x80, 0x9, 0x91e4, 0x101, 0x1f, 0x0, 0x1ff, 0x81, 0xffffc0f9, 0x2, 0x81, 0x3f, 0x0, 0x0, 0x3, 0xfffffffa, 0x7fffffff, 0x0, 0x4, 0x9d5, 0x3a39, 0x1000, 0x3, 0xffffffff, 0x3, 0x59c, 0xffffff7f, 0x400, 0x4, 0x1ff, 0x8, 0x0, 0xffffffff, 0x2, 0x40, 0x4c, 0x7fff, 0x5, 0x6, 0x7f, 0x3, 0x1, 0x7, 0x2, 0x9, 0x7fffffff, 0xa18, 0x9, 0x0, 0x7745, 0xffff, 0x2b, 0x5, 0x37ef, 0x0, 0x7ff, 0xe6, 0x8001, 0x4, 0xffff8000, 0x1, 0xfffffffc, 0x4, 0x7, 0x1, 0x8, 0x10001, 0x4, 0x3f, 0x5, 0x1, 0x0, 0xab2e, 0x4, 0x0, 0xfffffffc, 0x3, 0xffffffff, 0x9, 0x0, 0x542, 0x8, 0xfff, 0x8, 0x4, 0x81, 0x80000000, 0x401, 0x2, 0x5, 0xf67b, 0x7, 0x80000000, 0x1, 0x55f, 0x101, 0x3, 0x6, 0x3ff, 0xffff0001, 0x1, 0x3800, 0x5, 0x5, 0x9, 0x1, 0x3f, 0x9, 0xc94f, 0x0, 0x7, 0x0, 0x6, 0x7f, 0x9, 0xffffffff, 0x1, 0x3, 0x3f, 0x8, 0x2, 0x6, 0xffffffff, 0x80, 0x0, 0x80000000, 0x6, 0x8, 0x598, 0x101, 0x80, 0x2, 0x6, 0x3, 0x2, 0x3, 0x1, 0x73, 0xffff0001, 0x3, 0x4, 0x9, 0x7, 0x10001, 0x2ea, 0x7ff, 0x7, 0x1ff, 0x9, 0x10000, 0xffffff00, 0x7f, 0x7fffffff, 0x8, 0x3f, 0x20, 0x3, 0x0, 0x4, 0x21, 0x0, 0x3d5b, 0xec3, 0xd0, 0xffff, 0x7fff, 0x6, 0x1f, 0x2, 0xda, 0x3be3, 0x6, 0x3, 0x7fff, 0x7, 0x5fef, 0x80000000, 0x4, 0x4, 0x0, 0x2, 0x3, 0x8000, 0x1, 0x0, 0xfffffff7, 0x70d0, 0xd7d5, 0x2, 0x7ff, 0x3832, 0x6, 0x3, 0x7ff, 0x8, 0x3d, 0xff, 0xffff, 0x8, 0xffffffeb, 0xfffffe01, 0x233b, 0x4, 0x4, 0x2, 0x54e13869, 0x7, 0xff, 0x8000, 0x888, 0x0, 0x88, 0x9c5, 0x8, 0x0, 0x401, 0x20, 0x3, 0x2, 0xfff, 0x657, 0x0, 0x9, 0x7, 0x9, 0x0, 0x3f, 0x80, 0x9, 0x2, 0x5, 0xfffffffb, 0x6, 0x7f, 0x80000001, 0x1, 0x865, 0x0, 0x8, 0x6, 0xf0f, 0x5c0, 0xffff8000, 0xffffffff, 0x6, 0x400, 0x2, 0xe9, 0x25d, 0x0, 0x4, 0x100, 0xffffff00, 0x6, 0x6, 0xa7fe, 0x6, 0x5, 0x63, 0xaa, 0xcf3, 0x81, 0x8, 0x8, 0x3db643d7, 0x80, 0x8, 0x81, 0x0, 0x9, 0x5, 0x7, 0x93f518b, 0x0, 0x1, 0x9, 0x6, 0x0, 0x2, 0xfffffffc, 0x800, 0x3f, 0x401, 0x2, 0x2, 0x2, 0xfffffff7, 0x20, 0x6, 0x80, 0x1000, 0xd956, 0x5, 0xfffffffe, 0x1f, 0x1, 0xe73, 0x36, 0x5, 0x4, 0x40, 0x6, 0x101, 0x1, 0x4, 0x9, 0x778, 0x81, 0x6d84, 0x9, 0x800, 0x5, 0x2, 0x3, 0x20, 0x0, 0x5e, 0xd1bc, 0x6, 0x8000, 0x0, 0x8001, 0xb5, 0x4, 0x8, 0x2, 0xe075, 0x6, 0x1, 0x115f, 0x1, 0x80000001, 0x3, 0x8, 0x7, 0x10000, 0x0, 0x3, 0xfffffff7, 0x2, 0x3, 0x0, 0x8, 0x3a, 0x1, 0xfffffe00, 0x9, 0x3, 0x1, 0x6, 0x1, 0x5, 0x7, 0x0, 0x0, 0x0, 0x9, 0x8001, 0xa4, 0x1, 0x10000, 0x0, 0x3, 0xa920000, 0x6, 0x9e4e, 0x0, 0x9, 0x1ff, 0x1, 0x1, 0x8a2, 0x1, 0x10000, 0x80000000, 0x4, 0x9, 0x7, 0x3, 0x3ff, 0x3ff, 0x7, 0x8, 0xe1b8, 0x8, 0x8, 0x4, 0x2a26, 0x400, 0x2, 0x4, 0x3ff, 0x73e4, 0x8, 0xff, 0x8, 0xc18a, 0x4, 0x4, 0x2ee, 0x200, 0x1, 0x1, 0x7fff, 0x9, 0x7, 0xdc2c, 0x9, 0x7, 0xffffff7e, 0x9, 0x6, 0x8, 0x4, 0x81, 0x6, 0x8, 0x4, 0x8001, 0x0, 0x18, 0x31b884b2, 0x7fff, 0x1, 0x7, 0x2, 0x8, 0x3, 0x6, 0x9, 0x7, 0x9131, 0x8, 0x5, 0x40, 0x8, 0x8, 0x3c, 0x3, 0x4, 0x7, 0x1, 0xb42, 0xffffffff, 0x400, 0x4, 0x3, 0x85, 0x5, 0x8, 0xe74, 0x0, 0x2, 0x9, 0x8001, 0x80000001, 0x40, 0x62, 0xdb45, 0xfffffffe, 0x800, 0x6, 0xfffff6e7, 0xfb4d, 0x16b, 0x2, 0xfbf, 0x254534f4, 0x1ff, 0xcaf0, 0x2, 0x9, 0x3, 0x380, 0x81, 0x0, 0x692, 0x4, 0x5, 0x8, 0x5, 0x6, 0x886, 0x0, 0x3f, 0xffff]}) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) [ 670.090027] device batadv0 left promiscuous mode 13:37:46 executing program 0: accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14, 0x800) ioctl$DRM_IOCTL_SG_ALLOC(0xffffffffffffffff, 0xc0106438, &(0x7f00000000c0)={0x100000001}) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x7}, 0xb589f42246e4fc9) 13:37:46 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000140)=0x1, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x81, 0x167, 0x0], 0x3, 0x800}) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14200000140b037ca06754cabbd9a897", @ANYRES16=r3, @ANYBLOB="0100000000000000000004000000"], 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="100026bd7000ffdbdf250d00000006002800040000000a000900bbbbbbbbbbbb00000a000900ffffffffffff000005002f000100000005002900d56a000008002b000400000008003a000000000008003100040000000800340009000000"], 0x64}, 0x1, 0x0, 0x0, 0x20000001}, 0x48840) [ 670.158418] device batadv0 entered promiscuous mode 13:37:46 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000000)={[0x1, 0x0, 0x7f, 0x558e, 0x0, 0xbf40, 0x1000, 0x58744d10, 0x8, 0x100, 0x7f, 0x1000, 0xf61, 0xb27, 0x2, 0x1, 0x6, 0x1, 0x1, 0x7, 0x1, 0x9, 0x70dd, 0x9e15, 0x1, 0xc0, 0x4, 0x8, 0x20, 0x1ff, 0x9c, 0x78d, 0x69a9, 0x400, 0x0, 0x8, 0xff, 0x6, 0x5e6, 0x4, 0x80000000, 0xffff1577, 0x4, 0x4, 0x7, 0x8000, 0x401, 0x5, 0x223, 0x67, 0x5, 0x3, 0x9, 0x2, 0x812e, 0x1, 0x1, 0x7fff, 0x849c, 0x5, 0xfffffff9, 0x80000001, 0x8, 0x3bc, 0x1ff, 0x7, 0x9, 0xff, 0x4e, 0x1, 0x6, 0x3, 0x71b4, 0x51, 0xd3, 0xfffffff8, 0x2, 0x400, 0x4, 0x7, 0x6, 0x8, 0x2b, 0x2, 0x7, 0x6, 0x1ff, 0x5, 0x8000, 0x7f, 0x1, 0x7f, 0x83f, 0x7, 0x40, 0x2, 0x10000, 0xffffffff, 0x5, 0x3, 0x101, 0x2, 0x81, 0x3, 0x7ff, 0xc784, 0x0, 0x2, 0x8, 0xffffd4be, 0x0, 0x3, 0x2, 0x1, 0x7fff, 0x7f, 0x0, 0x3ff, 0xfffffefb, 0x4000000, 0xa2e5, 0x4, 0xffff, 0x3085fbe9, 0x9, 0x7, 0x80, 0x7, 0x6, 0x3, 0x4, 0x821, 0x99c, 0xffff, 0x6, 0x6, 0x40, 0x4, 0x101, 0x1, 0x100, 0x400, 0x1, 0x18, 0x28b, 0x6, 0x2, 0x2, 0x81, 0x10000, 0x1f, 0x6, 0x9, 0x9, 0x1880, 0xffff, 0x0, 0x3, 0x7f, 0x7, 0x5, 0x1, 0x5, 0x80000001, 0x80000000, 0x1000, 0x8, 0x1, 0x9, 0x1ff, 0x1, 0x1, 0x6, 0x8001, 0x9efa, 0x4, 0x0, 0xe2a, 0xa1, 0x1, 0x7, 0x4, 0x10000, 0x3, 0x66d3ffbd, 0x3, 0x6, 0x80000000, 0x0, 0x305f, 0x0, 0x1ff, 0xffff, 0xe7, 0x5, 0x38, 0x80000001, 0x0, 0x4, 0x1, 0x1, 0x3037c6c7, 0x4, 0x5, 0x2, 0x0, 0x2, 0x80000000, 0x0, 0x5, 0x101, 0x9, 0x4, 0x1000, 0x9, 0xa24, 0x9, 0x31e, 0xff, 0x1, 0x3, 0x94c9, 0x9, 0x40, 0xffff, 0x5, 0x3, 0x7, 0x81, 0x6f8da19e, 0x4, 0x200, 0x5, 0x2, 0x9, 0xffffff01, 0x2, 0x1000, 0x6, 0x4, 0x2, 0xf7, 0x45, 0x1f, 0x1, 0x2b, 0x5, 0xffff0000, 0x80000000, 0x1, 0x101, 0x9, 0xffff0001, 0x3b, 0x1, 0x1, 0xb2, 0x80000000, 0xc3b7, 0x0, 0x8000, 0x1, 0x80000001, 0xffff, 0xffffff01, 0x2, 0x820d, 0x5, 0x5, 0xfffffffa, 0x7, 0x40, 0x3f, 0x6, 0x6, 0x9, 0x80, 0x2, 0x6cb, 0x9, 0x81, 0xd3, 0x101, 0x1, 0x63f, 0x3, 0x0, 0x9, 0xff, 0x8, 0x0, 0x9, 0x9, 0x8, 0x804d, 0x4, 0x8, 0x1000, 0x3, 0x8, 0x97, 0x886, 0x101, 0x7, 0x4000000, 0x7fff, 0x3ff, 0x8001, 0x20, 0x33, 0x1, 0x3f, 0x1f, 0x7, 0x5, 0x5840, 0x401, 0x1, 0xfffffc00, 0x8, 0x401, 0x9, 0x1ff, 0x5, 0xff, 0x1, 0x20, 0x200, 0x5, 0x100, 0x6, 0x2, 0x752, 0x5, 0x1f, 0x7fffffff, 0x7, 0x100, 0x9, 0x9, 0x8000, 0x1f, 0xffffffff, 0x200, 0x7, 0x4, 0x2, 0x6, 0x4, 0x9, 0x7, 0x7ff, 0x9, 0x1, 0x1, 0x0, 0x1, 0x3, 0xe8e, 0x9, 0x5, 0x17, 0x8001, 0xffffffff, 0x1, 0x4, 0x9, 0x80000001, 0xeb3, 0xf4, 0x9, 0x3f, 0x8001, 0x6, 0xffffffff, 0x3, 0x8, 0x9, 0x800, 0x9, 0xffff, 0x9, 0x1, 0x7fff, 0x9, 0x9, 0x81, 0x93, 0x200, 0x7ff, 0xb423, 0x9, 0x7fffffff, 0x95d9, 0x0, 0xffffffff, 0x70c1, 0xffff, 0x92d, 0xff, 0x8000, 0x2, 0x9, 0x0, 0x5, 0x5, 0x7, 0x9, 0x0, 0xfffffc00, 0x1, 0x0, 0xffff, 0x94, 0x7, 0x4, 0x7ff, 0x8, 0x7, 0x4, 0x2, 0x3, 0x53, 0x0, 0x59b, 0x7, 0x7, 0xfae8, 0x41da0000, 0x7, 0x401, 0x7, 0xe5, 0x200, 0x8001, 0x101, 0x7ff, 0x3, 0xffff7e2d, 0x1, 0x3, 0x1f, 0x1000, 0x7fffffff, 0x1, 0x8, 0x6, 0xf0, 0x3, 0x3, 0x1, 0x7, 0x5, 0x80000000, 0x0, 0x401, 0x9, 0x400, 0x1ff, 0xfff, 0x0, 0x1, 0x9, 0x4, 0x81, 0x430, 0x7, 0x80000001, 0x0, 0x80000001, 0x8, 0x1, 0x7d, 0x9, 0x9, 0x0, 0x5, 0x40, 0xaa84, 0xbca, 0x10001, 0x8, 0x10001, 0x0, 0x7fff, 0xf6e7, 0x7fffffff, 0x7ff, 0xcee00000, 0x7f, 0x10001, 0xa6f9, 0x8, 0x1, 0x3, 0x6, 0xffffff20, 0x1, 0x40, 0x80000000, 0x10001, 0x4, 0x9, 0x1, 0x6, 0x401, 0x7, 0x0, 0x2, 0xff2, 0x10000, 0x9, 0x3, 0xa9e, 0x11f, 0x5, 0xd9, 0x1, 0x20, 0x1, 0xcb7, 0x10001, 0x2, 0x0, 0xaae2, 0x6, 0x0, 0x6, 0x4, 0x7, 0x7fff, 0x6, 0x3, 0x3, 0x10000, 0x9, 0x9, 0x400, 0x80, 0x9, 0x91e4, 0x101, 0x1f, 0x0, 0x1ff, 0x81, 0xffffc0f9, 0x2, 0x81, 0x3f, 0x0, 0x0, 0x3, 0xfffffffa, 0x7fffffff, 0x0, 0x4, 0x9d5, 0x3a39, 0x1000, 0x3, 0xffffffff, 0x3, 0x59c, 0xffffff7f, 0x400, 0x4, 0x1ff, 0x8, 0x0, 0xffffffff, 0x2, 0x40, 0x4c, 0x7fff, 0x5, 0x6, 0x7f, 0x3, 0x1, 0x7, 0x2, 0x9, 0x7fffffff, 0xa18, 0x9, 0x0, 0x7745, 0xffff, 0x2b, 0x5, 0x37ef, 0x0, 0x7ff, 0xe6, 0x8001, 0x4, 0xffff8000, 0x1, 0xfffffffc, 0x4, 0x7, 0x1, 0x8, 0x10001, 0x4, 0x3f, 0x5, 0x1, 0x0, 0xab2e, 0x4, 0x0, 0xfffffffc, 0x3, 0xffffffff, 0x9, 0x0, 0x542, 0x8, 0xfff, 0x8, 0x4, 0x81, 0x80000000, 0x401, 0x2, 0x5, 0xf67b, 0x7, 0x80000000, 0x1, 0x55f, 0x101, 0x3, 0x6, 0x3ff, 0xffff0001, 0x1, 0x3800, 0x5, 0x5, 0x9, 0x1, 0x3f, 0x9, 0xc94f, 0x0, 0x7, 0x0, 0x6, 0x7f, 0x9, 0xffffffff, 0x1, 0x3, 0x3f, 0x8, 0x2, 0x6, 0xffffffff, 0x80, 0x0, 0x80000000, 0x6, 0x8, 0x598, 0x101, 0x80, 0x2, 0x6, 0x3, 0x2, 0x3, 0x1, 0x73, 0xffff0001, 0x3, 0x4, 0x9, 0x7, 0x10001, 0x2ea, 0x7ff, 0x7, 0x1ff, 0x9, 0x10000, 0xffffff00, 0x7f, 0x7fffffff, 0x8, 0x3f, 0x20, 0x3, 0x0, 0x4, 0x21, 0x0, 0x3d5b, 0xec3, 0xd0, 0xffff, 0x7fff, 0x6, 0x1f, 0x2, 0xda, 0x3be3, 0x6, 0x3, 0x7fff, 0x7, 0x5fef, 0x80000000, 0x4, 0x4, 0x0, 0x2, 0x3, 0x8000, 0x1, 0x0, 0xfffffff7, 0x70d0, 0xd7d5, 0x2, 0x7ff, 0x3832, 0x6, 0x3, 0x7ff, 0x8, 0x3d, 0xff, 0xffff, 0x8, 0xffffffeb, 0xfffffe01, 0x233b, 0x4, 0x4, 0x2, 0x54e13869, 0x7, 0xff, 0x8000, 0x888, 0x0, 0x88, 0x9c5, 0x8, 0x0, 0x401, 0x20, 0x3, 0x2, 0xfff, 0x657, 0x0, 0x9, 0x7, 0x9, 0x0, 0x3f, 0x80, 0x9, 0x2, 0x5, 0xfffffffb, 0x6, 0x7f, 0x80000001, 0x1, 0x865, 0x0, 0x8, 0x6, 0xf0f, 0x5c0, 0xffff8000, 0xffffffff, 0x6, 0x400, 0x2, 0xe9, 0x25d, 0x0, 0x4, 0x100, 0xffffff00, 0x6, 0x6, 0xa7fe, 0x6, 0x5, 0x63, 0xaa, 0xcf3, 0x81, 0x8, 0x8, 0x3db643d7, 0x80, 0x8, 0x81, 0x0, 0x9, 0x5, 0x7, 0x93f518b, 0x0, 0x1, 0x9, 0x6, 0x0, 0x2, 0xfffffffc, 0x800, 0x3f, 0x401, 0x2, 0x2, 0x2, 0xfffffff7, 0x20, 0x6, 0x80, 0x1000, 0xd956, 0x5, 0xfffffffe, 0x1f, 0x1, 0xe73, 0x36, 0x5, 0x4, 0x40, 0x6, 0x101, 0x1, 0x4, 0x9, 0x778, 0x81, 0x6d84, 0x9, 0x800, 0x5, 0x2, 0x3, 0x20, 0x0, 0x5e, 0xd1bc, 0x6, 0x8000, 0x0, 0x8001, 0xb5, 0x4, 0x8, 0x2, 0xe075, 0x6, 0x1, 0x115f, 0x1, 0x80000001, 0x3, 0x8, 0x7, 0x10000, 0x0, 0x3, 0xfffffff7, 0x2, 0x3, 0x0, 0x8, 0x3a, 0x1, 0xfffffe00, 0x9, 0x3, 0x1, 0x6, 0x1, 0x5, 0x7, 0x0, 0x0, 0x0, 0x9, 0x8001, 0xa4, 0x1, 0x10000, 0x0, 0x3, 0xa920000, 0x6, 0x9e4e, 0x0, 0x9, 0x1ff, 0x1, 0x1, 0x8a2, 0x1, 0x10000, 0x80000000, 0x4, 0x9, 0x7, 0x3, 0x3ff, 0x3ff, 0x7, 0x8, 0xe1b8, 0x8, 0x8, 0x4, 0x2a26, 0x400, 0x2, 0x4, 0x3ff, 0x73e4, 0x8, 0xff, 0x8, 0xc18a, 0x4, 0x4, 0x2ee, 0x200, 0x1, 0x1, 0x7fff, 0x9, 0x7, 0xdc2c, 0x9, 0x7, 0xffffff7e, 0x9, 0x6, 0x8, 0x4, 0x81, 0x6, 0x8, 0x4, 0x8001, 0x0, 0x18, 0x31b884b2, 0x7fff, 0x1, 0x7, 0x2, 0x8, 0x3, 0x6, 0x9, 0x7, 0x9131, 0x8, 0x5, 0x40, 0x8, 0x8, 0x3c, 0x3, 0x4, 0x7, 0x1, 0xb42, 0xffffffff, 0x400, 0x4, 0x3, 0x85, 0x5, 0x8, 0xe74, 0x0, 0x2, 0x9, 0x8001, 0x80000001, 0x40, 0x62, 0xdb45, 0xfffffffe, 0x800, 0x6, 0xfffff6e7, 0xfb4d, 0x16b, 0x2, 0xfbf, 0x254534f4, 0x1ff, 0xcaf0, 0x2, 0x9, 0x3, 0x380, 0x81, 0x0, 0x692, 0x4, 0x5, 0x8, 0x5, 0x6, 0x886, 0x0, 0x3f, 0xffff]}) socketpair(0x2, 0x1, 0x0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000000)={[0x1, 0x0, 0x7f, 0x558e, 0x0, 0xbf40, 0x1000, 0x58744d10, 0x8, 0x100, 0x7f, 0x1000, 0xf61, 0xb27, 0x2, 0x1, 0x6, 0x1, 0x1, 0x7, 0x1, 0x9, 0x70dd, 0x9e15, 0x1, 0xc0, 0x4, 0x8, 0x20, 0x1ff, 0x9c, 0x78d, 0x69a9, 0x400, 0x0, 0x8, 0xff, 0x6, 0x5e6, 0x4, 0x80000000, 0xffff1577, 0x4, 0x4, 0x7, 0x8000, 0x401, 0x5, 0x223, 0x67, 0x5, 0x3, 0x9, 0x2, 0x812e, 0x1, 0x1, 0x7fff, 0x849c, 0x5, 0xfffffff9, 0x80000001, 0x8, 0x3bc, 0x1ff, 0x7, 0x9, 0xff, 0x4e, 0x1, 0x6, 0x3, 0x71b4, 0x51, 0xd3, 0xfffffff8, 0x2, 0x400, 0x4, 0x7, 0x6, 0x8, 0x2b, 0x2, 0x7, 0x6, 0x1ff, 0x5, 0x8000, 0x7f, 0x1, 0x7f, 0x83f, 0x7, 0x40, 0x2, 0x10000, 0xffffffff, 0x5, 0x3, 0x101, 0x2, 0x81, 0x3, 0x7ff, 0xc784, 0x0, 0x2, 0x8, 0xffffd4be, 0x0, 0x3, 0x2, 0x1, 0x7fff, 0x7f, 0x0, 0x3ff, 0xfffffefb, 0x4000000, 0xa2e5, 0x4, 0xffff, 0x3085fbe9, 0x9, 0x7, 0x80, 0x7, 0x6, 0x3, 0x4, 0x821, 0x99c, 0xffff, 0x6, 0x6, 0x40, 0x4, 0x101, 0x1, 0x100, 0x400, 0x1, 0x18, 0x28b, 0x6, 0x2, 0x2, 0x81, 0x10000, 0x1f, 0x6, 0x9, 0x9, 0x1880, 0xffff, 0x0, 0x3, 0x7f, 0x7, 0x5, 0x1, 0x5, 0x80000001, 0x80000000, 0x1000, 0x8, 0x1, 0x9, 0x1ff, 0x1, 0x1, 0x6, 0x8001, 0x9efa, 0x4, 0x0, 0xe2a, 0xa1, 0x1, 0x7, 0x4, 0x10000, 0x3, 0x66d3ffbd, 0x3, 0x6, 0x80000000, 0x0, 0x305f, 0x0, 0x1ff, 0xffff, 0xe7, 0x5, 0x38, 0x80000001, 0x0, 0x4, 0x1, 0x1, 0x3037c6c7, 0x4, 0x5, 0x2, 0x0, 0x2, 0x80000000, 0x0, 0x5, 0x101, 0x9, 0x4, 0x1000, 0x9, 0xa24, 0x9, 0x31e, 0xff, 0x1, 0x3, 0x94c9, 0x9, 0x40, 0xffff, 0x5, 0x3, 0x7, 0x81, 0x6f8da19e, 0x4, 0x200, 0x5, 0x2, 0x9, 0xffffff01, 0x2, 0x1000, 0x6, 0x4, 0x2, 0xf7, 0x45, 0x1f, 0x1, 0x2b, 0x5, 0xffff0000, 0x80000000, 0x1, 0x101, 0x9, 0xffff0001, 0x3b, 0x1, 0x1, 0xb2, 0x80000000, 0xc3b7, 0x0, 0x8000, 0x1, 0x80000001, 0xffff, 0xffffff01, 0x2, 0x820d, 0x5, 0x5, 0xfffffffa, 0x7, 0x40, 0x3f, 0x6, 0x6, 0x9, 0x80, 0x2, 0x6cb, 0x9, 0x81, 0xd3, 0x101, 0x1, 0x63f, 0x3, 0x0, 0x9, 0xff, 0x8, 0x0, 0x9, 0x9, 0x8, 0x804d, 0x4, 0x8, 0x1000, 0x3, 0x8, 0x97, 0x886, 0x101, 0x7, 0x4000000, 0x7fff, 0x3ff, 0x8001, 0x20, 0x33, 0x1, 0x3f, 0x1f, 0x7, 0x5, 0x5840, 0x401, 0x1, 0xfffffc00, 0x8, 0x401, 0x9, 0x1ff, 0x5, 0xff, 0x1, 0x20, 0x200, 0x5, 0x100, 0x6, 0x2, 0x752, 0x5, 0x1f, 0x7fffffff, 0x7, 0x100, 0x9, 0x9, 0x8000, 0x1f, 0xffffffff, 0x200, 0x7, 0x4, 0x2, 0x6, 0x4, 0x9, 0x7, 0x7ff, 0x9, 0x1, 0x1, 0x0, 0x1, 0x3, 0xe8e, 0x9, 0x5, 0x17, 0x8001, 0xffffffff, 0x1, 0x4, 0x9, 0x80000001, 0xeb3, 0xf4, 0x9, 0x3f, 0x8001, 0x6, 0xffffffff, 0x3, 0x8, 0x9, 0x800, 0x9, 0xffff, 0x9, 0x1, 0x7fff, 0x9, 0x9, 0x81, 0x93, 0x200, 0x7ff, 0xb423, 0x9, 0x7fffffff, 0x95d9, 0x0, 0xffffffff, 0x70c1, 0xffff, 0x92d, 0xff, 0x8000, 0x2, 0x9, 0x0, 0x5, 0x5, 0x7, 0x9, 0x0, 0xfffffc00, 0x1, 0x0, 0xffff, 0x94, 0x7, 0x4, 0x7ff, 0x8, 0x7, 0x4, 0x2, 0x3, 0x53, 0x0, 0x59b, 0x7, 0x7, 0xfae8, 0x41da0000, 0x7, 0x401, 0x7, 0xe5, 0x200, 0x8001, 0x101, 0x7ff, 0x3, 0xffff7e2d, 0x1, 0x3, 0x1f, 0x1000, 0x7fffffff, 0x1, 0x8, 0x6, 0xf0, 0x3, 0x3, 0x1, 0x7, 0x5, 0x80000000, 0x0, 0x401, 0x9, 0x400, 0x1ff, 0xfff, 0x0, 0x1, 0x9, 0x4, 0x81, 0x430, 0x7, 0x80000001, 0x0, 0x80000001, 0x8, 0x1, 0x7d, 0x9, 0x9, 0x0, 0x5, 0x40, 0xaa84, 0xbca, 0x10001, 0x8, 0x10001, 0x0, 0x7fff, 0xf6e7, 0x7fffffff, 0x7ff, 0xcee00000, 0x7f, 0x10001, 0xa6f9, 0x8, 0x1, 0x3, 0x6, 0xffffff20, 0x1, 0x40, 0x80000000, 0x10001, 0x4, 0x9, 0x1, 0x6, 0x401, 0x7, 0x0, 0x2, 0xff2, 0x10000, 0x9, 0x3, 0xa9e, 0x11f, 0x5, 0xd9, 0x1, 0x20, 0x1, 0xcb7, 0x10001, 0x2, 0x0, 0xaae2, 0x6, 0x0, 0x6, 0x4, 0x7, 0x7fff, 0x6, 0x3, 0x3, 0x10000, 0x9, 0x9, 0x400, 0x80, 0x9, 0x91e4, 0x101, 0x1f, 0x0, 0x1ff, 0x81, 0xffffc0f9, 0x2, 0x81, 0x3f, 0x0, 0x0, 0x3, 0xfffffffa, 0x7fffffff, 0x0, 0x4, 0x9d5, 0x3a39, 0x1000, 0x3, 0xffffffff, 0x3, 0x59c, 0xffffff7f, 0x400, 0x4, 0x1ff, 0x8, 0x0, 0xffffffff, 0x2, 0x40, 0x4c, 0x7fff, 0x5, 0x6, 0x7f, 0x3, 0x1, 0x7, 0x2, 0x9, 0x7fffffff, 0xa18, 0x9, 0x0, 0x7745, 0xffff, 0x2b, 0x5, 0x37ef, 0x0, 0x7ff, 0xe6, 0x8001, 0x4, 0xffff8000, 0x1, 0xfffffffc, 0x4, 0x7, 0x1, 0x8, 0x10001, 0x4, 0x3f, 0x5, 0x1, 0x0, 0xab2e, 0x4, 0x0, 0xfffffffc, 0x3, 0xffffffff, 0x9, 0x0, 0x542, 0x8, 0xfff, 0x8, 0x4, 0x81, 0x80000000, 0x401, 0x2, 0x5, 0xf67b, 0x7, 0x80000000, 0x1, 0x55f, 0x101, 0x3, 0x6, 0x3ff, 0xffff0001, 0x1, 0x3800, 0x5, 0x5, 0x9, 0x1, 0x3f, 0x9, 0xc94f, 0x0, 0x7, 0x0, 0x6, 0x7f, 0x9, 0xffffffff, 0x1, 0x3, 0x3f, 0x8, 0x2, 0x6, 0xffffffff, 0x80, 0x0, 0x80000000, 0x6, 0x8, 0x598, 0x101, 0x80, 0x2, 0x6, 0x3, 0x2, 0x3, 0x1, 0x73, 0xffff0001, 0x3, 0x4, 0x9, 0x7, 0x10001, 0x2ea, 0x7ff, 0x7, 0x1ff, 0x9, 0x10000, 0xffffff00, 0x7f, 0x7fffffff, 0x8, 0x3f, 0x20, 0x3, 0x0, 0x4, 0x21, 0x0, 0x3d5b, 0xec3, 0xd0, 0xffff, 0x7fff, 0x6, 0x1f, 0x2, 0xda, 0x3be3, 0x6, 0x3, 0x7fff, 0x7, 0x5fef, 0x80000000, 0x4, 0x4, 0x0, 0x2, 0x3, 0x8000, 0x1, 0x0, 0xfffffff7, 0x70d0, 0xd7d5, 0x2, 0x7ff, 0x3832, 0x6, 0x3, 0x7ff, 0x8, 0x3d, 0xff, 0xffff, 0x8, 0xffffffeb, 0xfffffe01, 0x233b, 0x4, 0x4, 0x2, 0x54e13869, 0x7, 0xff, 0x8000, 0x888, 0x0, 0x88, 0x9c5, 0x8, 0x0, 0x401, 0x20, 0x3, 0x2, 0xfff, 0x657, 0x0, 0x9, 0x7, 0x9, 0x0, 0x3f, 0x80, 0x9, 0x2, 0x5, 0xfffffffb, 0x6, 0x7f, 0x80000001, 0x1, 0x865, 0x0, 0x8, 0x6, 0xf0f, 0x5c0, 0xffff8000, 0xffffffff, 0x6, 0x400, 0x2, 0xe9, 0x25d, 0x0, 0x4, 0x100, 0xffffff00, 0x6, 0x6, 0xa7fe, 0x6, 0x5, 0x63, 0xaa, 0xcf3, 0x81, 0x8, 0x8, 0x3db643d7, 0x80, 0x8, 0x81, 0x0, 0x9, 0x5, 0x7, 0x93f518b, 0x0, 0x1, 0x9, 0x6, 0x0, 0x2, 0xfffffffc, 0x800, 0x3f, 0x401, 0x2, 0x2, 0x2, 0xfffffff7, 0x20, 0x6, 0x80, 0x1000, 0xd956, 0x5, 0xfffffffe, 0x1f, 0x1, 0xe73, 0x36, 0x5, 0x4, 0x40, 0x6, 0x101, 0x1, 0x4, 0x9, 0x778, 0x81, 0x6d84, 0x9, 0x800, 0x5, 0x2, 0x3, 0x20, 0x0, 0x5e, 0xd1bc, 0x6, 0x8000, 0x0, 0x8001, 0xb5, 0x4, 0x8, 0x2, 0xe075, 0x6, 0x1, 0x115f, 0x1, 0x80000001, 0x3, 0x8, 0x7, 0x10000, 0x0, 0x3, 0xfffffff7, 0x2, 0x3, 0x0, 0x8, 0x3a, 0x1, 0xfffffe00, 0x9, 0x3, 0x1, 0x6, 0x1, 0x5, 0x7, 0x0, 0x0, 0x0, 0x9, 0x8001, 0xa4, 0x1, 0x10000, 0x0, 0x3, 0xa920000, 0x6, 0x9e4e, 0x0, 0x9, 0x1ff, 0x1, 0x1, 0x8a2, 0x1, 0x10000, 0x80000000, 0x4, 0x9, 0x7, 0x3, 0x3ff, 0x3ff, 0x7, 0x8, 0xe1b8, 0x8, 0x8, 0x4, 0x2a26, 0x400, 0x2, 0x4, 0x3ff, 0x73e4, 0x8, 0xff, 0x8, 0xc18a, 0x4, 0x4, 0x2ee, 0x200, 0x1, 0x1, 0x7fff, 0x9, 0x7, 0xdc2c, 0x9, 0x7, 0xffffff7e, 0x9, 0x6, 0x8, 0x4, 0x81, 0x6, 0x8, 0x4, 0x8001, 0x0, 0x18, 0x31b884b2, 0x7fff, 0x1, 0x7, 0x2, 0x8, 0x3, 0x6, 0x9, 0x7, 0x9131, 0x8, 0x5, 0x40, 0x8, 0x8, 0x3c, 0x3, 0x4, 0x7, 0x1, 0xb42, 0xffffffff, 0x400, 0x4, 0x3, 0x85, 0x5, 0x8, 0xe74, 0x0, 0x2, 0x9, 0x8001, 0x80000001, 0x40, 0x62, 0xdb45, 0xfffffffe, 0x800, 0x6, 0xfffff6e7, 0xfb4d, 0x16b, 0x2, 0xfbf, 0x254534f4, 0x1ff, 0xcaf0, 0x2, 0x9, 0x3, 0x380, 0x81, 0x0, 0x692, 0x4, 0x5, 0x8, 0x5, 0x6, 0x886, 0x0, 0x3f, 0xffff]}) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) 13:37:46 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x511d063e3bd10eee, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x101000) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f00000000c0)={r3, 0x20}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x511d063e3bd10eee, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x101000) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)) (async) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f00000000c0)={r3, 0x20}) (async) [ 670.181090] FAULT_INJECTION: forcing a failure. [ 670.181090] name failslab, interval 1, probability 0, space 0, times 0 [ 670.220056] CPU: 0 PID: 10746 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 670.227961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.237353] Call Trace: [ 670.239950] dump_stack+0x1b2/0x281 [ 670.243583] should_fail.cold+0x10a/0x149 [ 670.247729] should_failslab+0xd6/0x130 [ 670.251791] __kmalloc+0x2c1/0x400 [ 670.255412] ? kvm_dev_ioctl+0xbf3/0x1450 [ 670.259564] kvm_dev_ioctl+0xbf3/0x1450 [ 670.263540] ? fsnotify+0x974/0x11b0 [ 670.267248] ? kvm_put_kvm+0xab0/0xab0 [ 670.271132] ? kvm_put_kvm+0xab0/0xab0 [ 670.275028] do_vfs_ioctl+0x75a/0xff0 [ 670.278829] ? lock_acquire+0x170/0x3f0 [ 670.282806] ? ioctl_preallocate+0x1a0/0x1a0 [ 670.287225] ? __fget+0x265/0x3e0 [ 670.290677] ? do_vfs_ioctl+0xff0/0xff0 [ 670.294658] ? security_file_ioctl+0x83/0xb0 [ 670.299066] SyS_ioctl+0x7f/0xb0 [ 670.302426] ? do_vfs_ioctl+0xff0/0xff0 [ 670.306396] do_syscall_64+0x1d5/0x640 [ 670.310315] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 670.315693] RIP: 0033:0x7fa37e383109 [ 670.319396] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:46 executing program 0: accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14, 0x800) (async) ioctl$DRM_IOCTL_SG_ALLOC(0xffffffffffffffff, 0xc0106438, &(0x7f00000000c0)={0x100000001}) (async) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x7}, 0xb589f42246e4fc9) 13:37:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 17) [ 670.327100] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 670.334365] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 670.341632] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 670.348897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 670.356164] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:46 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000140)=0x1, 0x4) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x81, 0x167, 0x0], 0x3, 0x800}) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)) (async) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14200000140b037ca06754cabbd9a897", @ANYRES16=r3, @ANYBLOB="0100000000000000000004000000"], 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="100026bd7000ffdbdf250d00000006002800040000000a000900bbbbbbbbbbbb00000a000900ffffffffffff000005002f000100000005002900d56a000008002b000400000008003a000000000008003100040000000800340009000000"], 0x64}, 0x1, 0x0, 0x0, 0x20000001}, 0x48840) [ 670.385760] device batadv0 left promiscuous mode 13:37:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200941, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/88, &(0x7f0000000200)=0x58) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000040)="780b9654057aeb025f3adbe8cc759e0b317dcfb111e27d3bf7dc3407ea4a5ab4c57d222ae41614dcbacd93631d966d992561a6383f28cb7ec03f7eaaf3acc45f6842c11808e054bfb8d3823c1312c959f34a4dceb989b142918dfdd2a207159ed834aebd5d809aa0f6e13c5610ea05b1ea5f99bb44682c8e043e38e90b0e2af847b41d3109f877bb6d0c8cb5166a342d247563e1e87a31f4a986f77f9407d480d4dcd92ec55060ce8272fc4b8035daf4df3981e2e36668e2984e8ac13e7274bae73e0115763ef7918044ef788b", 0xcd}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:46 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000640)) socketpair(0x2, 0x1, 0x0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000240)={0x3, 0x6}, 0x4) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000000300)={0x8100000000000000, 0x2000, 0x8, 0x2, 0x1}) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800c6088dbe57cac821bd000000f0ff00000000999a80f6c5ec4843bbb59f2791bd8cf347fd8801c4a4d02944bcf53758efe0e5c96821f17e18c5e8f7dfe3662124a12c59c3f9e579033e2178a8919ef9d8026837c3e8295840947a2784f113d2d30930a4d5a5465f7f45c0c6e388b20f61ed08d06478eb55512d2488a89e69f3ab4b61f8d38bb0951b73383e8bd215704ce6c88c8c5a307f3e7671e04bb822a37fd175d7e034e5bd39333943", @ANYRES16=0x0, @ANYBLOB="390b2bbd7000fbdbdf2503000000000011000000000002000d00020000000500050001000000"], 0x38}, 0x1, 0x0, 0x0, 0x20004081}, 0x4000) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYRESHEX=r1, @ANYRES16=0x0, @ANYBLOB="020026bd7000fedbdf250700000023000800000008000600000edada4378e83b5cae0a32f8dd3bdd345cacdb99851e299a1f1794441e5cdbcdb0f8281ddba84dc7aff9903e8279bae9782e56b05c88bf452204d45b1799914c40335b7a0bddb7d5a8d3dd787f95b90acaaf70fb0bd914fa3c79aac540214444dfc671f41af6b203dfdc2858e592e523309a0482b2de", @ANYBLOB="431a56c464891289c4cac9e64ef9c6f836c144fd8d331c26ed50e30593919aa81006a44a2e0f789aa53584adff79347ec552cc7a32ae6c22ecc8d17de08496a9de0c9a1664bc24f6f20fc0b8abd8725f6454ae8cf16b3bd5bcdddc08835dec72b64d817cf93f49d7dd7f9d34b7020c477670c04c53c1b841b235a90647e7b2820b84a85f4826beaddd6dedc86165d70e2d6902ccf0f8b6c7e6c9e9b5d60c31970110c6cc9cabffafc9af148e08307141d797f9773d26cc7ad29e25bae88b47e4ffa6c7241ba5dc9adf317f989e714de2d4124c07254ccb3223900554bcea2ae550d2ffd22d", @ANYBLOB="61058a5567ec82d8388b6036a63335b77bd8b28d97d6ad3d4586cbd4e2706bb0edee8316fe11ff04785fee1471cec8b3b0719f4b263d0073a81d231c5e373d04a29eda29f23b3380b143feac864798d7b297855c540b383c1bf575c6513615393f3fbf80ccf5f9758beea1e554e16b78"], 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000400)={&(0x7f0000000900)=ANY=[@ANYRES64=r4, @ANYRESDEC=r1, @ANYRESOCT=r0, @ANYBLOB="ab0741121b309b43f8d4effea2285307f8883c075cc25dbb9b1b08b6e56192dfc90ea19b729195d2ccaa65c1bc0806d98a7645769f9ba05a755ed944198e458dafb355c5da5b82e2b2f910a172186ac14b1d350c78dba69588690fcc16901fba3fef52c0ebf22a3727c8c096294173ab9bf3b050eb4f5c3d0ae005ad5e7e9976a4c0bc4347e548d3ee2cec0c98fb3208d23ece0e98c79b467bb44e71ccc88bb5ca5fbff118"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x1) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYRESOCT=r3], 0x14}}, 0x2) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x44, r6, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x8811}, 0x4040) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'ip6_vti0\x00', 0x0, 0x4, 0x81, 0x62, 0x8, 0x0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x700, 0x10, 0x3, 0x7}}) 13:37:46 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) ioctl$DRM_IOCTL_GEM_CLOSE(0xffffffffffffffff, 0x40086409, &(0x7f0000000000)) [ 670.460774] FAULT_INJECTION: forcing a failure. [ 670.460774] name failslab, interval 1, probability 0, space 0, times 0 [ 670.480162] CPU: 0 PID: 10811 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 670.488068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.497449] Call Trace: [ 670.500038] dump_stack+0x1b2/0x281 [ 670.503670] should_fail.cold+0x10a/0x149 [ 670.507821] should_failslab+0xd6/0x130 [ 670.511800] kmem_cache_alloc+0x28e/0x3c0 [ 670.515952] __d_alloc+0x2a/0xa20 [ 670.519402] ? d_lookup+0x172/0x220 [ 670.523028] d_alloc+0x46/0x240 [ 670.526308] __lookup_hash+0x101/0x270 [ 670.530195] ? __inode_permission+0xcd/0x2f0 [ 670.534600] lookup_one_len+0x279/0x3a0 [ 670.538577] ? lookup_one_len_unlocked+0x410/0x410 [ 670.543506] start_creating+0xb0/0x200 [ 670.547392] debugfs_create_dir+0x1f/0x420 [ 670.551624] kvm_dev_ioctl+0xb86/0x1450 [ 670.555598] ? fsnotify+0x974/0x11b0 [ 670.559316] ? kvm_put_kvm+0xab0/0xab0 [ 670.563211] ? kvm_put_kvm+0xab0/0xab0 [ 670.567086] do_vfs_ioctl+0x75a/0xff0 [ 670.570874] ? lock_acquire+0x170/0x3f0 [ 670.574827] ? ioctl_preallocate+0x1a0/0x1a0 [ 670.579214] ? __fget+0x265/0x3e0 [ 670.582655] ? do_vfs_ioctl+0xff0/0xff0 [ 670.586623] ? security_file_ioctl+0x83/0xb0 [ 670.591016] SyS_ioctl+0x7f/0xb0 [ 670.594372] ? do_vfs_ioctl+0xff0/0xff0 [ 670.598334] do_syscall_64+0x1d5/0x640 [ 670.602212] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 670.607381] RIP: 0033:0x7fa37e383109 13:37:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200941, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200941, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:46 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000640)) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000240)={0x3, 0x6}, 0x4) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000000300)={0x8100000000000000, 0x2000, 0x8, 0x2, 0x1}) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800c6088dbe57cac821bd000000f0ff00000000999a80f6c5ec4843bbb59f2791bd8cf347fd8801c4a4d02944bcf53758efe0e5c96821f17e18c5e8f7dfe3662124a12c59c3f9e579033e2178a8919ef9d8026837c3e8295840947a2784f113d2d30930a4d5a5465f7f45c0c6e388b20f61ed08d06478eb55512d2488a89e69f3ab4b61f8d38bb0951b73383e8bd215704ce6c88c8c5a307f3e7671e04bb822a37fd175d7e034e5bd39333943", @ANYRES16=0x0, @ANYBLOB="390b2bbd7000fbdbdf2503000000000011000000000002000d00020000000500050001000000"], 0x38}, 0x1, 0x0, 0x0, 0x20004081}, 0x4000) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYRESHEX=r1, @ANYRES16=0x0, @ANYBLOB="020026bd7000fedbdf250700000023000800000008000600000edada4378e83b5cae0a32f8dd3bdd345cacdb99851e299a1f1794441e5cdbcdb0f8281ddba84dc7aff9903e8279bae9782e56b05c88bf452204d45b1799914c40335b7a0bddb7d5a8d3dd787f95b90acaaf70fb0bd914fa3c79aac540214444dfc671f41af6b203dfdc2858e592e523309a0482b2de", @ANYBLOB="431a56c464891289c4cac9e64ef9c6f836c144fd8d331c26ed50e30593919aa81006a44a2e0f789aa53584adff79347ec552cc7a32ae6c22ecc8d17de08496a9de0c9a1664bc24f6f20fc0b8abd8725f6454ae8cf16b3bd5bcdddc08835dec72b64d817cf93f49d7dd7f9d34b7020c477670c04c53c1b841b235a90647e7b2820b84a85f4826beaddd6dedc86165d70e2d6902ccf0f8b6c7e6c9e9b5d60c31970110c6cc9cabffafc9af148e08307141d797f9773d26cc7ad29e25bae88b47e4ffa6c7241ba5dc9adf317f989e714de2d4124c07254ccb3223900554bcea2ae550d2ffd22d", @ANYBLOB="61058a5567ec82d8388b6036a63335b77bd8b28d97d6ad3d4586cbd4e2706bb0edee8316fe11ff04785fee1471cec8b3b0719f4b263d0073a81d231c5e373d04a29eda29f23b3380b143feac864798d7b297855c540b383c1bf575c6513615393f3fbf80ccf5f9758beea1e554e16b78"], 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000400)={&(0x7f0000000900)=ANY=[@ANYRES64=r4, @ANYRESDEC=r1, @ANYRESOCT=r0, @ANYBLOB="ab0741121b309b43f8d4effea2285307f8883c075cc25dbb9b1b08b6e56192dfc90ea19b729195d2ccaa65c1bc0806d98a7645769f9ba05a755ed944198e458dafb355c5da5b82e2b2f910a172186ac14b1d350c78dba69588690fcc16901fba3fef52c0ebf22a3727c8c096294173ab9bf3b050eb4f5c3d0ae005ad5e7e9976a4c0bc4347e548d3ee2cec0c98fb3208d23ece0e98c79b467bb44e71ccc88bb5ca5fbff118"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x1) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYRESOCT=r3], 0x14}}, 0x2) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x44, r6, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x8811}, 0x4040) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'ip6_vti0\x00', 0x0, 0x4, 0x81, 0x62, 0x8, 0x0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x700, 0x10, 0x3, 0x7}}) 13:37:46 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) ioctl$DRM_IOCTL_GEM_CLOSE(0xffffffffffffffff, 0x40086409, &(0x7f0000000000)) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) ioctl$DRM_IOCTL_GEM_CLOSE(0xffffffffffffffff, 0x40086409, &(0x7f0000000000)) (async) [ 670.611071] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 670.618771] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 670.626038] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 670.633457] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 670.640716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 670.647964] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:46 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000140)=0x1, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x81, 0x167, 0x0], 0x3, 0x800}) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14200000140b037ca06754cabbd9a897", @ANYRES16=r3, @ANYBLOB="0100000000000000000004000000"], 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="100026bd7000ffdbdf250d00000006002800040000000a000900bbbbbbbbbbbb00000a000900ffffffffffff000005002f000100000005002900d56a000008002b000400000008003a000000000008003100040000000800340009000000"], 0x64}, 0x1, 0x0, 0x0, 0x20000001}, 0x48840) socketpair(0x2, 0x1, 0x0, 0x0) (async) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000140)=0x1, 0x4) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x81, 0x167, 0x0], 0x3, 0x800}) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14200000140b037ca06754cabbd9a897", @ANYRES16=r3, @ANYBLOB="0100000000000000000004000000"], 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="100026bd7000ffdbdf250d00000006002800040000000a000900bbbbbbbbbbbb00000a000900ffffffffffff000005002f000100000005002900d56a000008002b000400000008003a000000000008003100040000000800340009000000"], 0x64}, 0x1, 0x0, 0x0, 0x20000001}, 0x48840) (async) 13:37:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200941, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:46 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) ioctl$DRM_IOCTL_GEM_CLOSE(0xffffffffffffffff, 0x40086409, &(0x7f0000000000)) 13:37:46 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 18) 13:37:46 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000640)) socketpair(0x2, 0x1, 0x0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000240)={0x3, 0x6}, 0x4) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000000300)={0x8100000000000000, 0x2000, 0x8, 0x2, 0x1}) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800c6088dbe57cac821bd000000f0ff00000000999a80f6c5ec4843bbb59f2791bd8cf347fd8801c4a4d02944bcf53758efe0e5c96821f17e18c5e8f7dfe3662124a12c59c3f9e579033e2178a8919ef9d8026837c3e8295840947a2784f113d2d30930a4d5a5465f7f45c0c6e388b20f61ed08d06478eb55512d2488a89e69f3ab4b61f8d38bb0951b73383e8bd215704ce6c88c8c5a307f3e7671e04bb822a37fd175d7e034e5bd39333943", @ANYRES16=0x0, @ANYBLOB="390b2bbd7000fbdbdf2503000000000011000000000002000d00020000000500050001000000"], 0x38}, 0x1, 0x0, 0x0, 0x20004081}, 0x4000) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYRESHEX=r1, @ANYRES16=0x0, @ANYBLOB="020026bd7000fedbdf250700000023000800000008000600000edada4378e83b5cae0a32f8dd3bdd345cacdb99851e299a1f1794441e5cdbcdb0f8281ddba84dc7aff9903e8279bae9782e56b05c88bf452204d45b1799914c40335b7a0bddb7d5a8d3dd787f95b90acaaf70fb0bd914fa3c79aac540214444dfc671f41af6b203dfdc2858e592e523309a0482b2de", @ANYBLOB="431a56c464891289c4cac9e64ef9c6f836c144fd8d331c26ed50e30593919aa81006a44a2e0f789aa53584adff79347ec552cc7a32ae6c22ecc8d17de08496a9de0c9a1664bc24f6f20fc0b8abd8725f6454ae8cf16b3bd5bcdddc08835dec72b64d817cf93f49d7dd7f9d34b7020c477670c04c53c1b841b235a90647e7b2820b84a85f4826beaddd6dedc86165d70e2d6902ccf0f8b6c7e6c9e9b5d60c31970110c6cc9cabffafc9af148e08307141d797f9773d26cc7ad29e25bae88b47e4ffa6c7241ba5dc9adf317f989e714de2d4124c07254ccb3223900554bcea2ae550d2ffd22d", @ANYBLOB="61058a5567ec82d8388b6036a63335b77bd8b28d97d6ad3d4586cbd4e2706bb0edee8316fe11ff04785fee1471cec8b3b0719f4b263d0073a81d231c5e373d04a29eda29f23b3380b143feac864798d7b297855c540b383c1bf575c6513615393f3fbf80ccf5f9758beea1e554e16b78"], 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000400)={&(0x7f0000000900)=ANY=[@ANYRES64=r4, @ANYRESDEC=r1, @ANYRESOCT=r0, @ANYBLOB="ab0741121b309b43f8d4effea2285307f8883c075cc25dbb9b1b08b6e56192dfc90ea19b729195d2ccaa65c1bc0806d98a7645769f9ba05a755ed944198e458dafb355c5da5b82e2b2f910a172186ac14b1d350c78dba69588690fcc16901fba3fef52c0ebf22a3727c8c096294173ab9bf3b050eb4f5c3d0ae005ad5e7e9976a4c0bc4347e548d3ee2cec0c98fb3208d23ece0e98c79b467bb44e71ccc88bb5ca5fbff118"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x1) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYRESOCT=r3], 0x14}}, 0x2) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x44, r6, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x8811}, 0x4040) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'ip6_vti0\x00', 0x0, 0x4, 0x81, 0x62, 0x8, 0x0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x700, 0x10, 0x3, 0x7}}) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000640)) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000240)={0x3, 0x6}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000000300)={0x8100000000000000, 0x2000, 0x8, 0x2, 0x1}) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800c6088dbe57cac821bd000000f0ff00000000999a80f6c5ec4843bbb59f2791bd8cf347fd8801c4a4d02944bcf53758efe0e5c96821f17e18c5e8f7dfe3662124a12c59c3f9e579033e2178a8919ef9d8026837c3e8295840947a2784f113d2d30930a4d5a5465f7f45c0c6e388b20f61ed08d06478eb55512d2488a89e69f3ab4b61f8d38bb0951b73383e8bd215704ce6c88c8c5a307f3e7671e04bb822a37fd175d7e034e5bd39333943", @ANYRES16=0x0, @ANYBLOB="390b2bbd7000fbdbdf2503000000000011000000000002000d00020000000500050001000000"], 0x38}, 0x1, 0x0, 0x0, 0x20004081}, 0x4000) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYRESHEX=r1, @ANYRES16=0x0, @ANYBLOB="020026bd7000fedbdf250700000023000800000008000600000edada4378e83b5cae0a32f8dd3bdd345cacdb99851e299a1f1794441e5cdbcdb0f8281ddba84dc7aff9903e8279bae9782e56b05c88bf452204d45b1799914c40335b7a0bddb7d5a8d3dd787f95b90acaaf70fb0bd914fa3c79aac540214444dfc671f41af6b203dfdc2858e592e523309a0482b2de", @ANYBLOB="431a56c464891289c4cac9e64ef9c6f836c144fd8d331c26ed50e30593919aa81006a44a2e0f789aa53584adff79347ec552cc7a32ae6c22ecc8d17de08496a9de0c9a1664bc24f6f20fc0b8abd8725f6454ae8cf16b3bd5bcdddc08835dec72b64d817cf93f49d7dd7f9d34b7020c477670c04c53c1b841b235a90647e7b2820b84a85f4826beaddd6dedc86165d70e2d6902ccf0f8b6c7e6c9e9b5d60c31970110c6cc9cabffafc9af148e08307141d797f9773d26cc7ad29e25bae88b47e4ffa6c7241ba5dc9adf317f989e714de2d4124c07254ccb3223900554bcea2ae550d2ffd22d", @ANYBLOB="61058a5567ec82d8388b6036a63335b77bd8b28d97d6ad3d4586cbd4e2706bb0edee8316fe11ff04785fee1471cec8b3b0719f4b263d0073a81d231c5e373d04a29eda29f23b3380b143feac864798d7b297855c540b383c1bf575c6513615393f3fbf80ccf5f9758beea1e554e16b78"], 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000400)={&(0x7f0000000900)=ANY=[@ANYRES64=r4, @ANYRESDEC=r1, @ANYRESOCT=r0, @ANYBLOB="ab0741121b309b43f8d4effea2285307f8883c075cc25dbb9b1b08b6e56192dfc90ea19b729195d2ccaa65c1bc0806d98a7645769f9ba05a755ed944198e458dafb355c5da5b82e2b2f910a172186ac14b1d350c78dba69588690fcc16901fba3fef52c0ebf22a3727c8c096294173ab9bf3b050eb4f5c3d0ae005ad5e7e9976a4c0bc4347e548d3ee2cec0c98fb3208d23ece0e98c79b467bb44e71ccc88bb5ca5fbff118"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x1) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES16=r6, @ANYRESOCT=r3], 0x14}}, 0x2) (async) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x44, r6, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x8811}, 0x4040) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'ip6_vti0\x00', 0x0, 0x4, 0x81, 0x62, 0x8, 0x0, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x700, 0x10, 0x3, 0x7}}) (async) 13:37:46 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$SNDCTL_TMR_TIMEBASE(r0, 0xc0045401, &(0x7f0000000000)=0x1a9) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:46 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/88, &(0x7f0000000200)=0x58) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000040)="780b9654057aeb025f3adbe8cc759e0b317dcfb111e27d3bf7dc3407ea4a5ab4c57d222ae41614dcbacd93631d966d992561a6383f28cb7ec03f7eaaf3acc45f6842c11808e054bfb8d3823c1312c959f34a4dceb989b142918dfdd2a207159ed834aebd5d809aa0f6e13c5610ea05b1ea5f99bb44682c8e043e38e90b0e2af847b41d3109f877bb6d0c8cb5166a342d247563e1e87a31f4a986f77f9407d480d4dcd92ec55060ce8272fc4b8035daf4df3981e2e36668e2984e8ac13e7274bae73e0115763ef7918044ef788b", 0xcd}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) (async) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/88, &(0x7f0000000200)=0x58) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000040)="780b9654057aeb025f3adbe8cc759e0b317dcfb111e27d3bf7dc3407ea4a5ab4c57d222ae41614dcbacd93631d966d992561a6383f28cb7ec03f7eaaf3acc45f6842c11808e054bfb8d3823c1312c959f34a4dceb989b142918dfdd2a207159ed834aebd5d809aa0f6e13c5610ea05b1ea5f99bb44682c8e043e38e90b0e2af847b41d3109f877bb6d0c8cb5166a342d247563e1e87a31f4a986f77f9407d480d4dcd92ec55060ce8272fc4b8035daf4df3981e2e36668e2984e8ac13e7274bae73e0115763ef7918044ef788b", 0xcd}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:46 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x1}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x69}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x48000) setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f0000000040)=[0x0, 0x3], 0x2) 13:37:46 executing program 0: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x881) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x0, 0x8, 0xfffffffffffffffa}) r1 = socket$packet(0x11, 0x3, 0x300) connect$packet(r1, &(0x7f0000000040)={0x11, 0x19, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x4, 0x3}, 0x4) 13:37:46 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$SNDCTL_TMR_TIMEBASE(r0, 0xc0045401, &(0x7f0000000000)=0x1a9) (async) socketpair(0x2, 0x1, 0x0, 0x0) [ 670.900292] FAULT_INJECTION: forcing a failure. [ 670.900292] name failslab, interval 1, probability 0, space 0, times 0 [ 670.929820] CPU: 0 PID: 10900 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 670.937871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.947224] Call Trace: [ 670.949907] dump_stack+0x1b2/0x281 [ 670.953542] should_fail.cold+0x10a/0x149 [ 670.957693] should_failslab+0xd6/0x130 [ 670.961668] kmem_cache_alloc+0x28e/0x3c0 [ 670.965821] alloc_inode+0xa0/0x170 [ 670.969459] new_inode+0x1d/0xf0 [ 670.972822] debugfs_get_inode+0x1a/0x130 [ 670.976967] debugfs_create_dir+0x63/0x420 [ 670.981206] kvm_dev_ioctl+0xb86/0x1450 [ 670.985202] ? fsnotify+0x974/0x11b0 [ 670.988943] ? kvm_put_kvm+0xab0/0xab0 [ 670.992832] ? kvm_put_kvm+0xab0/0xab0 [ 670.996716] do_vfs_ioctl+0x75a/0xff0 [ 671.000518] ? lock_acquire+0x170/0x3f0 [ 671.004488] ? ioctl_preallocate+0x1a0/0x1a0 [ 671.008896] ? __fget+0x265/0x3e0 [ 671.012348] ? do_vfs_ioctl+0xff0/0xff0 [ 671.016321] ? security_file_ioctl+0x83/0xb0 [ 671.020729] SyS_ioctl+0x7f/0xb0 [ 671.024093] ? do_vfs_ioctl+0xff0/0xff0 [ 671.028065] do_syscall_64+0x1d5/0x640 [ 671.031958] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 671.037142] RIP: 0033:0x7fa37e383109 [ 671.040845] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:47 executing program 4: syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff) socketpair(0x2, 0x3, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x6c6e00) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="480000ae0a00001b000004000000"], 0x14}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @random="9afade46ccce"}, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="00022cbd7000fbdbdf250e00000008000300", @ANYRES32=r4, @ANYBLOB="05002a0000000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 13:37:47 executing program 0: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x881) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x0, 0x8, 0xfffffffffffffffa}) (async) r1 = socket$packet(0x11, 0x3, 0x300) connect$packet(r1, &(0x7f0000000040)={0x11, 0x19, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x14) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x4, 0x3}, 0x4) 13:37:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/88, &(0x7f0000000200)=0x58) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000040)="780b9654057aeb025f3adbe8cc759e0b317dcfb111e27d3bf7dc3407ea4a5ab4c57d222ae41614dcbacd93631d966d992561a6383f28cb7ec03f7eaaf3acc45f6842c11808e054bfb8d3823c1312c959f34a4dceb989b142918dfdd2a207159ed834aebd5d809aa0f6e13c5610ea05b1ea5f99bb44682c8e043e38e90b0e2af847b41d3109f877bb6d0c8cb5166a342d247563e1e87a31f4a986f77f9407d480d4dcd92ec55060ce8272fc4b8035daf4df3981e2e36668e2984e8ac13e7274bae73e0115763ef7918044ef788b", 0xcd}) (rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:47 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$SNDCTL_TMR_TIMEBASE(r0, 0xc0045401, &(0x7f0000000000)=0x1a9) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:47 executing program 0: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x881) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x0, 0x8, 0xfffffffffffffffa}) r1 = socket$packet(0x11, 0x3, 0x300) connect$packet(r1, &(0x7f0000000040)={0x11, 0x19, 0x0, 0x1, 0x8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x14) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x4, 0x3}, 0x4) [ 671.048546] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 671.055826] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 671.063090] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 671.070126] device batadv0 entered promiscuous mode [ 671.070352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 671.076489] device batadv0 left promiscuous mode [ 671.082605] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 19) 13:37:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x1}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x69}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x48000) (async) setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f0000000040)=[0x0, 0x3], 0x2) 13:37:47 executing program 4: syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff) (async) socketpair(0x2, 0x3, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x6c6e00) (async, rerun: 64) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="480000ae0a00001b000004000000"], 0x14}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @random="9afade46ccce"}, 0x10) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="00022cbd7000fbdbdf250e00000008000300", @ANYRES32=r4, @ANYBLOB="05002a0000000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 13:37:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x0, 0x6, 0x80, 0x80000000}, {0x20, 0x20, 0x4, 0x1}, {0x9, 0x71, 0xfa, 0xffff7fff}, {0x1, 0x1, 0x1, 0x7ff}, {0x7f, 0x0, 0x0, 0x9}, {0x8, 0x2, 0x2, 0x3}]}, 0x10) 13:37:47 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_int(r0, 0x107, 0xb, &(0x7f00000000c0)=0x80, 0x4) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[0x7]}) 13:37:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_XSAVE(0xffffffffffffffff, 0x9000aea4, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 671.213169] FAULT_INJECTION: forcing a failure. [ 671.213169] name failslab, interval 1, probability 0, space 0, times 0 13:37:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x1}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x69}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x48000) setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f0000000040)=[0x0, 0x3], 0x2) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_SESSION_CREATE(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x0, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x1}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x69}]}, 0x38}, 0x1, 0x0, 0x0, 0x50}, 0x48000) (async) setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, &(0x7f0000000040)=[0x0, 0x3], 0x2) (async) [ 671.260731] device batadv0 entered promiscuous mode [ 671.279705] CPU: 0 PID: 10952 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 671.287664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 671.297011] Call Trace: [ 671.299601] dump_stack+0x1b2/0x281 [ 671.303236] should_fail.cold+0x10a/0x149 13:37:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_XSAVE(0xffffffffffffffff, 0x9000aea4, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_GET_XSAVE(0xffffffffffffffff, 0x9000aea4, &(0x7f0000000040)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) [ 671.307390] should_failslab+0xd6/0x130 [ 671.311364] kmem_cache_alloc+0x28e/0x3c0 [ 671.315512] alloc_inode+0xa0/0x170 [ 671.319184] new_inode+0x1d/0xf0 [ 671.322547] debugfs_get_inode+0x1a/0x130 [ 671.326689] __debugfs_create_file+0x93/0x440 [ 671.331178] ? debugfs_create_file+0x37/0x60 [ 671.335581] kvm_dev_ioctl+0xe7f/0x1450 [ 671.339555] ? fsnotify+0x974/0x11b0 [ 671.343265] ? kvm_put_kvm+0xab0/0xab0 [ 671.347155] ? kvm_put_kvm+0xab0/0xab0 [ 671.351041] do_vfs_ioctl+0x75a/0xff0 [ 671.354839] ? lock_acquire+0x170/0x3f0 13:37:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_XSAVE(0xffffffffffffffff, 0x9000aea4, &(0x7f0000000040)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 671.358809] ? ioctl_preallocate+0x1a0/0x1a0 [ 671.363216] ? __fget+0x265/0x3e0 [ 671.366664] ? do_vfs_ioctl+0xff0/0xff0 [ 671.370644] ? security_file_ioctl+0x83/0xb0 [ 671.375055] SyS_ioctl+0x7f/0xb0 [ 671.378503] ? do_vfs_ioctl+0xff0/0xff0 [ 671.382474] do_syscall_64+0x1d5/0x640 [ 671.386364] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 671.391539] RIP: 0033:0x7fa37e383109 [ 671.395239] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 671.402938] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 13:37:47 executing program 2: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="20002dbd6000ffdbdf25030000001400080076657468305f746f5f626f6e64000000"], 0x28}, 0x1, 0x0, 0x0, 0x80000}, 0x40) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000000), 0xee, 0x1) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 13:37:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x0, 0x6, 0x80, 0x80000000}, {0x20, 0x20, 0x4, 0x1}, {0x9, 0x71, 0xfa, 0xffff7fff}, {0x1, 0x1, 0x1, 0x7ff}, {0x7f, 0x0, 0x0, 0x9}, {0x8, 0x2, 0x2, 0x3}]}, 0x10) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x0, 0x6, 0x80, 0x80000000}, {0x20, 0x20, 0x4, 0x1}, {0x9, 0x71, 0xfa, 0xffff7fff}, {0x1, 0x1, 0x1, 0x7ff}, {0x7f, 0x0, 0x0, 0x9}, {0x8, 0x2, 0x2, 0x3}]}, 0x10) (async) 13:37:47 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_int(r0, 0x107, 0xb, &(0x7f00000000c0)=0x80, 0x4) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[0x7]}) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_int(r0, 0x107, 0xb, &(0x7f00000000c0)=0x80, 0x4) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[0x7]}) (async) [ 671.410201] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 671.417464] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 671.424726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 671.431987] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 [ 671.510445] device batadv0 left promiscuous mode 13:37:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 20) 13:37:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2b0c02, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) accept$packet(r2, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000580)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'sit0\x00', 0x0, 0x4, 0x4, 0xe2, 0x9, 0x48, @dev={0xfe, 0x80, '\x00', 0x3c}, @local, 0x10, 0x7, 0x2d9, 0x101}}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000005c0)={0x1, 0x0, [{0x1, 0x7fff, 0x3, 0x2, 0x6, 0x800, 0x73f}]}) sendmsg$nl_xfrm(r1, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000140)=@flushpolicy={0x35c, 0x1d, 0x10, 0x70bd26, 0x25dfdbfd, "", [@algo_aead={0x9e, 0x12, {{'morus640-generic\x00'}, 0x290, 0xc0, "a095131710429284f40cf5981a677f2d4cc5201a59b498c9080b729979fd4123d09c1f210df0e157dee6211a2268356ce9cdeea79a308f64235a91c1bc9360e5e3a6669762e5d7048589b19437651a8e8301"}}, @algo_auth_trunc={0xc8, 0x14, {{'cmac-aes-ce\x00'}, 0x3e0, 0xa0, "77013655dbc789b9adc39e77c45e22a801b2cee6a4c486d42df164adb2db962385c12cfbf2ef47274ed4eb2234ccce9a6c6e865eada47a96a9ac9cc74c79327750fd6bb26546b306b2b2abc5f8b501f3deaf525df1ddb8d9eb89d928fc6fe7a27f8049adb197ff2941f65ed71dcfb951ca86261fa625c12e9e7f6f45"}}, @address_filter={0x28, 0x1a, {@in6=@mcast1, @in6=@dev={0xfe, 0x80, '\x00', 0x28}, 0x2, 0x7, 0x97}}, @policy={0xac, 0x7, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@remote, 0x4e21, 0x0, 0x4e22, 0x9, 0x2, 0x30, 0x0, 0x0, r3, 0xee01}, {0x3, 0x9058, 0x5, 0x9a6, 0x6, 0x2, 0x9, 0x8000000000000001}, {0x100000001, 0x1, 0x7, 0x6}, 0x10000, 0x6e6bbb, 0x0, 0x1, 0x1, 0x2}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e22, 0x4e22, @in=@loopback}}, @algo_aead={0xeb, 0x12, {{'morus1280\x00'}, 0x4f8, 0x60, "cafd1ba1cbd0d3140d929fd4a4f60948eeac029d0e98eb01750117048220c7c4a2e86cf1a362b0b2e2f2b1372bb71000631d21bbafbffc13d59db811e6771939a0c832427738243f7b2227bcf9e7d34d1fce04fb5cac4dd8f55fb7c6e2e0640cd371b30d8ebc00c53dd63ca66dec47b9a001df0ff5ff55f21f722b3e029ba64ee98bcd78a2d6772e2f94c7c373b08c1304ef3b5aa689a856d5c1bf375e789d"}}, @proto={0x5, 0x19, 0x33}]}, 0x35c}, 0x1, 0x0, 0x0, 0x44880}, 0x4000100) 13:37:47 executing program 4: syz_genetlink_get_family_id$gtp(&(0x7f0000000000), 0xffffffffffffffff) (async) socketpair(0x2, 0x3, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x6c6e00) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="480000ae0a00001b000004000000"], 0x14}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @random="9afade46ccce"}, 0x10) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="00022cbd7000fbdbdf250e00000008000300", @ANYRES32=r4, @ANYBLOB="05002a0000000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 13:37:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x0, 0x6, 0x80, 0x80000000}, {0x20, 0x20, 0x4, 0x1}, {0x9, 0x71, 0xfa, 0xffff7fff}, {0x1, 0x1, 0x1, 0x7ff}, {0x7f, 0x0, 0x0, 0x9}, {0x8, 0x2, 0x2, 0x3}]}, 0x10) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x0, 0x6, 0x80, 0x80000000}, {0x20, 0x20, 0x4, 0x1}, {0x9, 0x71, 0xfa, 0xffff7fff}, {0x1, 0x1, 0x1, 0x7ff}, {0x7f, 0x0, 0x0, 0x9}, {0x8, 0x2, 0x2, 0x3}]}, 0x10) (async) 13:37:47 executing program 2: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="20002dbd6000ffdbdf25030000001400080076657468305f746f5f626f6e64000000"], 0x28}, 0x1, 0x0, 0x0, 0x80000}, 0x40) (async) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000000), 0xee, 0x1) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 13:37:47 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_int(r0, 0x107, 0xb, &(0x7f00000000c0)=0x80, 0x4) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[0x7]}) 13:37:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) setsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000280)="ff253b5d7d704db2150a400e19084958a229c5378b2cedb92d7739a7d20966ea3f06ca55d07ec21ec33a30e07b3807f8bf288b768ad568808f054b51ec847ce76ca156e620129277358e7e954b7b008c81d314120f0533f1d21e7e9a0ae74756f5b7f88b88fba8bcd2ee3df985c7b21a411c2d23d779dc9a3097a0ef745e7e1fd3916fd4c3e6225dc96e7717131078146f2aa4d443f1d574ff1aa950d76cd8e6f04c013ffa580492408834baa971fb668dd463082d7d106540f7a822deb1075e0025a9e66bfd3875", 0xc8) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) accept$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000000380)={'\x00', 0x0, 0x8001, 0x6, 0x0, 0x5, 0xf000, 0xf000, '\x00', 0x8}) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r4, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1074ef36cbeece62}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x6}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40000d0) [ 671.643814] device batadv0 entered promiscuous mode 13:37:47 executing program 3: socketpair(0xa, 0x3, 0x0, 0x0) 13:37:47 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2b0c02, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) accept$packet(r2, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000580)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'sit0\x00', 0x0, 0x4, 0x4, 0xe2, 0x9, 0x48, @dev={0xfe, 0x80, '\x00', 0x3c}, @local, 0x10, 0x7, 0x2d9, 0x101}}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000005c0)={0x1, 0x0, [{0x1, 0x7fff, 0x3, 0x2, 0x6, 0x800, 0x73f}]}) sendmsg$nl_xfrm(r1, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000140)=@flushpolicy={0x35c, 0x1d, 0x10, 0x70bd26, 0x25dfdbfd, "", [@algo_aead={0x9e, 0x12, {{'morus640-generic\x00'}, 0x290, 0xc0, "a095131710429284f40cf5981a677f2d4cc5201a59b498c9080b729979fd4123d09c1f210df0e157dee6211a2268356ce9cdeea79a308f64235a91c1bc9360e5e3a6669762e5d7048589b19437651a8e8301"}}, @algo_auth_trunc={0xc8, 0x14, {{'cmac-aes-ce\x00'}, 0x3e0, 0xa0, "77013655dbc789b9adc39e77c45e22a801b2cee6a4c486d42df164adb2db962385c12cfbf2ef47274ed4eb2234ccce9a6c6e865eada47a96a9ac9cc74c79327750fd6bb26546b306b2b2abc5f8b501f3deaf525df1ddb8d9eb89d928fc6fe7a27f8049adb197ff2941f65ed71dcfb951ca86261fa625c12e9e7f6f45"}}, @address_filter={0x28, 0x1a, {@in6=@mcast1, @in6=@dev={0xfe, 0x80, '\x00', 0x28}, 0x2, 0x7, 0x97}}, @policy={0xac, 0x7, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@remote, 0x4e21, 0x0, 0x4e22, 0x9, 0x2, 0x30, 0x0, 0x0, r3, 0xee01}, {0x3, 0x9058, 0x5, 0x9a6, 0x6, 0x2, 0x9, 0x8000000000000001}, {0x100000001, 0x1, 0x7, 0x6}, 0x10000, 0x6e6bbb, 0x0, 0x1, 0x1, 0x2}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e22, 0x4e22, @in=@loopback}}, @algo_aead={0xeb, 0x12, {{'morus1280\x00'}, 0x4f8, 0x60, "cafd1ba1cbd0d3140d929fd4a4f60948eeac029d0e98eb01750117048220c7c4a2e86cf1a362b0b2e2f2b1372bb71000631d21bbafbffc13d59db811e6771939a0c832427738243f7b2227bcf9e7d34d1fce04fb5cac4dd8f55fb7c6e2e0640cd371b30d8ebc00c53dd63ca66dec47b9a001df0ff5ff55f21f722b3e029ba64ee98bcd78a2d6772e2f94c7c373b08c1304ef3b5aa689a856d5c1bf375e789d"}}, @proto={0x5, 0x19, 0x33}]}, 0x35c}, 0x1, 0x0, 0x0, 0x44880}, 0x4000100) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2b0c02, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) accept$packet(r2, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000580)=0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'sit0\x00', 0x0, 0x4, 0x4, 0xe2, 0x9, 0x48, @dev={0xfe, 0x80, '\x00', 0x3c}, @local, 0x10, 0x7, 0x2d9, 0x101}}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) (async) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000005c0)={0x1, 0x0, [{0x1, 0x7fff, 0x3, 0x2, 0x6, 0x800, 0x73f}]}) (async) sendmsg$nl_xfrm(r1, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000140)=@flushpolicy={0x35c, 0x1d, 0x10, 0x70bd26, 0x25dfdbfd, "", [@algo_aead={0x9e, 0x12, {{'morus640-generic\x00'}, 0x290, 0xc0, "a095131710429284f40cf5981a677f2d4cc5201a59b498c9080b729979fd4123d09c1f210df0e157dee6211a2268356ce9cdeea79a308f64235a91c1bc9360e5e3a6669762e5d7048589b19437651a8e8301"}}, @algo_auth_trunc={0xc8, 0x14, {{'cmac-aes-ce\x00'}, 0x3e0, 0xa0, "77013655dbc789b9adc39e77c45e22a801b2cee6a4c486d42df164adb2db962385c12cfbf2ef47274ed4eb2234ccce9a6c6e865eada47a96a9ac9cc74c79327750fd6bb26546b306b2b2abc5f8b501f3deaf525df1ddb8d9eb89d928fc6fe7a27f8049adb197ff2941f65ed71dcfb951ca86261fa625c12e9e7f6f45"}}, @address_filter={0x28, 0x1a, {@in6=@mcast1, @in6=@dev={0xfe, 0x80, '\x00', 0x28}, 0x2, 0x7, 0x97}}, @policy={0xac, 0x7, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@remote, 0x4e21, 0x0, 0x4e22, 0x9, 0x2, 0x30, 0x0, 0x0, r3, 0xee01}, {0x3, 0x9058, 0x5, 0x9a6, 0x6, 0x2, 0x9, 0x8000000000000001}, {0x100000001, 0x1, 0x7, 0x6}, 0x10000, 0x6e6bbb, 0x0, 0x1, 0x1, 0x2}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e22, 0x4e22, @in=@loopback}}, @algo_aead={0xeb, 0x12, {{'morus1280\x00'}, 0x4f8, 0x60, "cafd1ba1cbd0d3140d929fd4a4f60948eeac029d0e98eb01750117048220c7c4a2e86cf1a362b0b2e2f2b1372bb71000631d21bbafbffc13d59db811e6771939a0c832427738243f7b2227bcf9e7d34d1fce04fb5cac4dd8f55fb7c6e2e0640cd371b30d8ebc00c53dd63ca66dec47b9a001df0ff5ff55f21f722b3e029ba64ee98bcd78a2d6772e2f94c7c373b08c1304ef3b5aa689a856d5c1bf375e789d"}}, @proto={0x5, 0x19, 0x33}]}, 0x35c}, 0x1, 0x0, 0x0, 0x44880}, 0x4000100) (async) 13:37:47 executing program 2: r0 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="20002dbd6000ffdbdf25030000001400080076657468305f746f5f626f6e64000000"], 0x28}, 0x1, 0x0, 0x0, 0x80000}, 0x40) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000000), 0xee, 0x1) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="20002dbd6000ffdbdf25030000001400080076657468305f746f5f626f6e64000000"], 0x28}, 0x1, 0x0, 0x0, 0x80000}, 0x40) (async) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) syz_open_dev$dri(&(0x7f0000000000), 0xee, 0x1) (async) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000040)) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) [ 671.718002] FAULT_INJECTION: forcing a failure. [ 671.718002] name failslab, interval 1, probability 0, space 0, times 0 [ 671.742129] CPU: 1 PID: 11057 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 671.743340] device batadv0 left promiscuous mode [ 671.750040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 671.750044] Call Trace: [ 671.750061] dump_stack+0x1b2/0x281 [ 671.750076] should_fail.cold+0x10a/0x149 [ 671.750095] should_failslab+0xd6/0x130 [ 671.750109] kmem_cache_alloc_trace+0x29a/0x3d0 [ 671.750119] ? debugfs_create_file+0x37/0x60 [ 671.750131] kvm_dev_ioctl+0xce6/0x1450 [ 671.750145] ? fsnotify+0x974/0x11b0 [ 671.750154] ? kvm_put_kvm+0xab0/0xab0 [ 671.750166] ? kvm_put_kvm+0xab0/0xab0 [ 671.750177] do_vfs_ioctl+0x75a/0xff0 [ 671.750188] ? lock_acquire+0x170/0x3f0 [ 671.750197] ? ioctl_preallocate+0x1a0/0x1a0 [ 671.750207] ? __fget+0x265/0x3e0 [ 671.750217] ? do_vfs_ioctl+0xff0/0xff0 [ 671.750228] ? security_file_ioctl+0x83/0xb0 [ 671.827177] SyS_ioctl+0x7f/0xb0 [ 671.830637] ? do_vfs_ioctl+0xff0/0xff0 [ 671.834620] do_syscall_64+0x1d5/0x640 [ 671.838509] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 671.843776] RIP: 0033:0x7fa37e383109 [ 671.847481] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 671.855186] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 13:37:47 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x324c1, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8c005}, 0x4004000) 13:37:47 executing program 3: socketpair(0xa, 0x3, 0x0, 0x0) socketpair(0xa, 0x3, 0x0, 0x0) (async) [ 671.862465] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 671.869800] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 671.877053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 671.884305] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 21) 13:37:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) setsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000280)="ff253b5d7d704db2150a400e19084958a229c5378b2cedb92d7739a7d20966ea3f06ca55d07ec21ec33a30e07b3807f8bf288b768ad568808f054b51ec847ce76ca156e620129277358e7e954b7b008c81d314120f0533f1d21e7e9a0ae74756f5b7f88b88fba8bcd2ee3df985c7b21a411c2d23d779dc9a3097a0ef745e7e1fd3916fd4c3e6225dc96e7717131078146f2aa4d443f1d574ff1aa950d76cd8e6f04c013ffa580492408834baa971fb668dd463082d7d106540f7a822deb1075e0025a9e66bfd3875", 0xc8) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) accept$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000000380)={'\x00', 0x0, 0x8001, 0x6, 0x0, 0x5, 0xf000, 0xf000, '\x00', 0x8}) (async) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r4, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1074ef36cbeece62}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x6}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40000d0) 13:37:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2b0c02, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) accept$packet(r2, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000580)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'sit0\x00', 0x0, 0x4, 0x4, 0xe2, 0x9, 0x48, @dev={0xfe, 0x80, '\x00', 0x3c}, @local, 0x10, 0x7, 0x2d9, 0x101}}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000005c0)={0x1, 0x0, [{0x1, 0x7fff, 0x3, 0x2, 0x6, 0x800, 0x73f}]}) sendmsg$nl_xfrm(r1, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000140)=@flushpolicy={0x35c, 0x1d, 0x10, 0x70bd26, 0x25dfdbfd, "", [@algo_aead={0x9e, 0x12, {{'morus640-generic\x00'}, 0x290, 0xc0, "a095131710429284f40cf5981a677f2d4cc5201a59b498c9080b729979fd4123d09c1f210df0e157dee6211a2268356ce9cdeea79a308f64235a91c1bc9360e5e3a6669762e5d7048589b19437651a8e8301"}}, @algo_auth_trunc={0xc8, 0x14, {{'cmac-aes-ce\x00'}, 0x3e0, 0xa0, "77013655dbc789b9adc39e77c45e22a801b2cee6a4c486d42df164adb2db962385c12cfbf2ef47274ed4eb2234ccce9a6c6e865eada47a96a9ac9cc74c79327750fd6bb26546b306b2b2abc5f8b501f3deaf525df1ddb8d9eb89d928fc6fe7a27f8049adb197ff2941f65ed71dcfb951ca86261fa625c12e9e7f6f45"}}, @address_filter={0x28, 0x1a, {@in6=@mcast1, @in6=@dev={0xfe, 0x80, '\x00', 0x28}, 0x2, 0x7, 0x97}}, @policy={0xac, 0x7, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@remote, 0x4e21, 0x0, 0x4e22, 0x9, 0x2, 0x30, 0x0, 0x0, r3, 0xee01}, {0x3, 0x9058, 0x5, 0x9a6, 0x6, 0x2, 0x9, 0x8000000000000001}, {0x100000001, 0x1, 0x7, 0x6}, 0x10000, 0x6e6bbb, 0x0, 0x1, 0x1, 0x2}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e22, 0x4e22, @in=@loopback}}, @algo_aead={0xeb, 0x12, {{'morus1280\x00'}, 0x4f8, 0x60, "cafd1ba1cbd0d3140d929fd4a4f60948eeac029d0e98eb01750117048220c7c4a2e86cf1a362b0b2e2f2b1372bb71000631d21bbafbffc13d59db811e6771939a0c832427738243f7b2227bcf9e7d34d1fce04fb5cac4dd8f55fb7c6e2e0640cd371b30d8ebc00c53dd63ca66dec47b9a001df0ff5ff55f21f722b3e029ba64ee98bcd78a2d6772e2f94c7c373b08c1304ef3b5aa689a856d5c1bf375e789d"}}, @proto={0x5, 0x19, 0x33}]}, 0x35c}, 0x1, 0x0, 0x0, 0x44880}, 0x4000100) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2b0c02, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) accept$packet(r2, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000580)=0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000080)={'sit0\x00', 0x0, 0x4, 0x4, 0xe2, 0x9, 0x48, @dev={0xfe, 0x80, '\x00', 0x3c}, @local, 0x10, 0x7, 0x2d9, 0x101}}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) (async) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000005c0)={0x1, 0x0, [{0x1, 0x7fff, 0x3, 0x2, 0x6, 0x800, 0x73f}]}) (async) sendmsg$nl_xfrm(r1, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000140)=@flushpolicy={0x35c, 0x1d, 0x10, 0x70bd26, 0x25dfdbfd, "", [@algo_aead={0x9e, 0x12, {{'morus640-generic\x00'}, 0x290, 0xc0, "a095131710429284f40cf5981a677f2d4cc5201a59b498c9080b729979fd4123d09c1f210df0e157dee6211a2268356ce9cdeea79a308f64235a91c1bc9360e5e3a6669762e5d7048589b19437651a8e8301"}}, @algo_auth_trunc={0xc8, 0x14, {{'cmac-aes-ce\x00'}, 0x3e0, 0xa0, "77013655dbc789b9adc39e77c45e22a801b2cee6a4c486d42df164adb2db962385c12cfbf2ef47274ed4eb2234ccce9a6c6e865eada47a96a9ac9cc74c79327750fd6bb26546b306b2b2abc5f8b501f3deaf525df1ddb8d9eb89d928fc6fe7a27f8049adb197ff2941f65ed71dcfb951ca86261fa625c12e9e7f6f45"}}, @address_filter={0x28, 0x1a, {@in6=@mcast1, @in6=@dev={0xfe, 0x80, '\x00', 0x28}, 0x2, 0x7, 0x97}}, @policy={0xac, 0x7, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, @in6=@remote, 0x4e21, 0x0, 0x4e22, 0x9, 0x2, 0x30, 0x0, 0x0, r3, 0xee01}, {0x3, 0x9058, 0x5, 0x9a6, 0x6, 0x2, 0x9, 0x8000000000000001}, {0x100000001, 0x1, 0x7, 0x6}, 0x10000, 0x6e6bbb, 0x0, 0x1, 0x1, 0x2}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e22, 0x4e22, @in=@loopback}}, @algo_aead={0xeb, 0x12, {{'morus1280\x00'}, 0x4f8, 0x60, "cafd1ba1cbd0d3140d929fd4a4f60948eeac029d0e98eb01750117048220c7c4a2e86cf1a362b0b2e2f2b1372bb71000631d21bbafbffc13d59db811e6771939a0c832427738243f7b2227bcf9e7d34d1fce04fb5cac4dd8f55fb7c6e2e0640cd371b30d8ebc00c53dd63ca66dec47b9a001df0ff5ff55f21f722b3e029ba64ee98bcd78a2d6772e2f94c7c373b08c1304ef3b5aa689a856d5c1bf375e789d"}}, @proto={0x5, 0x19, 0x33}]}, 0x35c}, 0x1, 0x0, 0x0, 0x44880}, 0x4000100) (async) 13:37:48 executing program 4: socketpair(0x2, 0x0, 0x0, 0x0) 13:37:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x324c1, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8c005}, 0x4004000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x324c1, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8c005}, 0x4004000) (async) 13:37:48 executing program 4: socketpair(0x2, 0x0, 0x0, 0x0) 13:37:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) setsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000280)="ff253b5d7d704db2150a400e19084958a229c5378b2cedb92d7739a7d20966ea3f06ca55d07ec21ec33a30e07b3807f8bf288b768ad568808f054b51ec847ce76ca156e620129277358e7e954b7b008c81d314120f0533f1d21e7e9a0ae74756f5b7f88b88fba8bcd2ee3df985c7b21a411c2d23d779dc9a3097a0ef745e7e1fd3916fd4c3e6225dc96e7717131078146f2aa4d443f1d574ff1aa950d76cd8e6f04c013ffa580492408834baa971fb668dd463082d7d106540f7a822deb1075e0025a9e66bfd3875", 0xc8) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) accept$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000000380)={'\x00', 0x0, 0x8001, 0x6, 0x0, 0x5, 0xf000, 0xf000, '\x00', 0x8}) r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r4, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1074ef36cbeece62}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x6}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40000d0) [ 672.019011] FAULT_INJECTION: forcing a failure. [ 672.019011] name failslab, interval 1, probability 0, space 0, times 0 [ 672.055308] CPU: 0 PID: 11106 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 13:37:48 executing program 3: socketpair(0xa, 0x3, 0x0, 0x0) [ 672.063211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.072562] Call Trace: [ 672.075165] dump_stack+0x1b2/0x281 [ 672.078802] should_fail.cold+0x10a/0x149 [ 672.082958] should_failslab+0xd6/0x130 [ 672.086936] kmem_cache_alloc+0x28e/0x3c0 [ 672.091098] __d_alloc+0x2a/0xa20 [ 672.094550] ? d_lookup+0x172/0x220 [ 672.098179] d_alloc+0x46/0x240 [ 672.101459] __lookup_hash+0x101/0x270 [ 672.105340] ? __inode_permission+0xcd/0x2f0 [ 672.109751] lookup_one_len+0x279/0x3a0 [ 672.113725] ? lookup_one_len_unlocked+0x410/0x410 13:37:48 executing program 4: socketpair(0x2, 0x0, 0x0, 0x0) 13:37:48 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x32000) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f0000000180)={0x2, 0xf9, &(0x7f0000000080)=""/249}) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getpeername$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14) r2 = perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x3, 0x0, 0x4, 0x5, 0x0, 0x3f, 0x18000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f00000003c0), 0x1}, 0x40000, 0xffe27d5, 0x2, 0x0, 0x1, 0x7, 0x8, 0x0, 0x9eb8, 0x0, 0x71}, 0xffffffffffffffff, 0xf, r1, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x40) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @mcast2}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x7f}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x44800) ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000000)=0x200) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000300)) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000001c0)={0x3c4, 0x100000001}) [ 672.118655] start_creating+0xb0/0x200 [ 672.122544] __debugfs_create_file+0x4f/0x440 [ 672.127038] ? debugfs_create_file+0x37/0x60 [ 672.131466] kvm_dev_ioctl+0xe7f/0x1450 [ 672.135441] ? fsnotify+0x974/0x11b0 [ 672.139154] ? kvm_put_kvm+0xab0/0xab0 [ 672.143039] ? kvm_put_kvm+0xab0/0xab0 [ 672.146928] do_vfs_ioctl+0x75a/0xff0 [ 672.150727] ? lock_acquire+0x170/0x3f0 [ 672.154696] ? ioctl_preallocate+0x1a0/0x1a0 [ 672.159100] ? __fget+0x265/0x3e0 [ 672.162548] ? do_vfs_ioctl+0xff0/0xff0 13:37:48 executing program 4: socketpair(0x21, 0x2, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x4400) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) r1 = accept$packet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x14) accept4$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14, 0x80000) [ 672.166519] ? security_file_ioctl+0x83/0xb0 [ 672.170925] SyS_ioctl+0x7f/0xb0 [ 672.174284] ? do_vfs_ioctl+0xff0/0xff0 [ 672.178254] do_syscall_64+0x1d5/0x640 [ 672.182141] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 672.187321] RIP: 0033:0x7fa37e383109 [ 672.191053] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 672.198766] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 672.206037] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:37:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x324c1, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8c005}, 0x4004000) [ 672.213331] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 672.220596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 672.227859] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 22) 13:37:48 executing program 4: socketpair(0x21, 0x2, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x4400) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) r1 = accept$packet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x14) accept4$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14, 0x80000) socketpair(0x21, 0x2, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x4400) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) (async) accept$packet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x14) (async) accept4$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14, 0x80000) (async) 13:37:48 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x32000) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f0000000180)={0x2, 0xf9, &(0x7f0000000080)=""/249}) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) getpeername$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14) (async) r2 = perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x3, 0x0, 0x4, 0x5, 0x0, 0x3f, 0x18000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f00000003c0), 0x1}, 0x40000, 0xffe27d5, 0x2, 0x0, 0x1, 0x7, 0x8, 0x0, 0x9eb8, 0x0, 0x71}, 0xffffffffffffffff, 0xf, r1, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x40) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @mcast2}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x7f}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x44800) ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000000)=0x200) (async) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000300)) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000001c0)={0x3c4, 0x100000001}) 13:37:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0) 13:37:48 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x151000) ioctl$SIOCPNDELRESOURCE(r2, 0x89ef, &(0x7f0000000200)=0x8) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="001225bd7000000100000000000008000700a7cae20cc608740bb1cf5187f72824aa352e27caf9a33b29bd19e550bf458d4bdb2d8daa11de8c40aacbeebf6086bc68b6376d1237f9f59799f456108ef319c7c8eaca46d3fa316e07d9e76d7fe0f10d1ac0633e7cd020b8ebde4cbf457e47d725c42b06a7ba43e37eecf9d726aedac6ac31c8ca0c489afccaf6c28be3862861241eda9b881798ce9fab38047b601c5b3ecf28234b3766b5ef85f60aedbdb0695c590d5a4bee6375e67da7e1d55f6c154ca47d0db47d607fc08be1caa4ab104c4145cc6cafadc32e5e23bd3c158c8f76c38e6694f330c17d7072565711b6bd94581bf7dd8211d4cec2f29a4f9eca3692cb751bc04d608eadf206399aa098643143fe1db6", @ANYRES32=r0, @ANYBLOB="060006000200000008000800000000000c000300020000000000000008000500ac1414aa080004007f0000010800020000000000080009000200000008000700", @ANYRES32=r1, @ANYBLOB="0800020000000000"], 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x20004082) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x638500, 0x0) 13:37:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async, rerun: 64) accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0) (rerun: 64) 13:37:48 executing program 4: socketpair(0x21, 0x2, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x4400) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) (async) r1 = accept$packet(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x14) accept4$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14, 0x80000) 13:37:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:48 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x151000) ioctl$SIOCPNDELRESOURCE(r2, 0x89ef, &(0x7f0000000200)=0x8) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="001225bd7000000100000000000008000700a7cae20cc608740bb1cf5187f72824aa352e27caf9a33b29bd19e550bf458d4bdb2d8daa11de8c40aacbeebf6086bc68b6376d1237f9f59799f456108ef319c7c8eaca46d3fa316e07d9e76d7fe0f10d1ac0633e7cd020b8ebde4cbf457e47d725c42b06a7ba43e37eecf9d726aedac6ac31c8ca0c489afccaf6c28be3862861241eda9b881798ce9fab38047b601c5b3ecf28234b3766b5ef85f60aedbdb0695c590d5a4bee6375e67da7e1d55f6c154ca47d0db47d607fc08be1caa4ab104c4145cc6cafadc32e5e23bd3c158c8f76c38e6694f330c17d7072565711b6bd94581bf7dd8211d4cec2f29a4f9eca3692cb751bc04d608eadf206399aa098643143fe1db6", @ANYRES32=r0, @ANYBLOB="060006000200000008000800000000000c000300020000000000000008000500ac1414aa080004007f0000010800020000000000080009000200000008000700", @ANYRES32=r1, @ANYBLOB="0800020000000000"], 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x20004082) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x638500, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x151000) (async) ioctl$SIOCPNDELRESOURCE(r2, 0x89ef, &(0x7f0000000200)=0x8) (async) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="001225bd7000000100000000000008000700a7cae20cc608740bb1cf5187f72824aa352e27caf9a33b29bd19e550bf458d4bdb2d8daa11de8c40aacbeebf6086bc68b6376d1237f9f59799f456108ef319c7c8eaca46d3fa316e07d9e76d7fe0f10d1ac0633e7cd020b8ebde4cbf457e47d725c42b06a7ba43e37eecf9d726aedac6ac31c8ca0c489afccaf6c28be3862861241eda9b881798ce9fab38047b601c5b3ecf28234b3766b5ef85f60aedbdb0695c590d5a4bee6375e67da7e1d55f6c154ca47d0db47d607fc08be1caa4ab104c4145cc6cafadc32e5e23bd3c158c8f76c38e6694f330c17d7072565711b6bd94581bf7dd8211d4cec2f29a4f9eca3692cb751bc04d608eadf206399aa098643143fe1db6", @ANYRES32=r0, @ANYBLOB="060006000200000008000800000000000c000300020000000000000008000500ac1414aa080004007f0000010800020000000000080009000200000008000700", @ANYRES32=r1, @ANYBLOB="0800020000000000"], 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x20004082) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x638500, 0x0) (async) [ 672.445955] FAULT_INJECTION: forcing a failure. [ 672.445955] name failslab, interval 1, probability 0, space 0, times 0 13:37:48 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x32000) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f0000000180)={0x2, 0xf9, &(0x7f0000000080)=""/249}) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getpeername$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14) (async) r2 = perf_event_open(&(0x7f0000000400)={0x3, 0x80, 0x3, 0x0, 0x4, 0x5, 0x0, 0x3f, 0x18000, 0x4, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f00000003c0), 0x1}, 0x40000, 0xffe27d5, 0x2, 0x0, 0x1, 0x7, 0x8, 0x0, 0x9eb8, 0x0, 0x71}, 0xffffffffffffffff, 0xf, r1, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x40) sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @mcast2}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x7f}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x44800) (async) ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000000)=0x200) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000300)) (async) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f00000001c0)={0x3c4, 0x100000001}) [ 672.497354] CPU: 0 PID: 11190 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 672.505258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.514608] Call Trace: [ 672.517211] dump_stack+0x1b2/0x281 [ 672.520847] should_fail.cold+0x10a/0x149 [ 672.524997] should_failslab+0xd6/0x130 [ 672.528975] kmem_cache_alloc+0x28e/0x3c0 [ 672.533216] alloc_inode+0xa0/0x170 [ 672.537040] new_inode+0x1d/0xf0 [ 672.540410] debugfs_get_inode+0x1a/0x130 13:37:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) [ 672.544555] __debugfs_create_file+0x93/0x440 [ 672.549062] ? debugfs_create_file+0x37/0x60 [ 672.553647] kvm_dev_ioctl+0xe7f/0x1450 [ 672.557622] ? fsnotify+0x974/0x11b0 [ 672.561330] ? kvm_put_kvm+0xab0/0xab0 [ 672.565220] ? kvm_put_kvm+0xab0/0xab0 [ 672.569103] do_vfs_ioctl+0x75a/0xff0 [ 672.572902] ? lock_acquire+0x170/0x3f0 [ 672.576872] ? ioctl_preallocate+0x1a0/0x1a0 [ 672.581364] ? __fget+0x265/0x3e0 [ 672.584817] ? do_vfs_ioctl+0xff0/0xff0 [ 672.588796] ? security_file_ioctl+0x83/0xb0 [ 672.593240] SyS_ioctl+0x7f/0xb0 [ 672.596602] ? do_vfs_ioctl+0xff0/0xff0 [ 672.600579] do_syscall_64+0x1d5/0x640 [ 672.604470] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 672.609747] RIP: 0033:0x7fa37e383109 [ 672.613447] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 672.621133] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 672.628401] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 672.635666] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:48 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 23) 13:37:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)={0xa, [0x5f4, 0x0, 0x9, 0x27f, 0x2, 0x2, 0x3, 0xf2d, 0x9, 0x41e7ac3d]}) 13:37:48 executing program 3: socketpair(0x29, 0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0xfd, 0x6, @remote}, 0x14) recvfrom$packet(r0, &(0x7f00000001c0)=""/29, 0x1d, 0x1, &(0x7f0000000200)={0x11, 0x1, r2, 0x1, 0xb6}, 0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) socketpair(0x10, 0x3, 0x4f5, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', 0x0}) connect$packet(r4, &(0x7f0000000180)={0x11, 0x6, r5, 0x1, 0x5, 0x6, @random="3e316cb3d747"}, 0x14) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xc, r3, 0x1, 0x2, 0x6, @local}, 0x14) 13:37:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0) 13:37:48 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x151000) ioctl$SIOCPNDELRESOURCE(r2, 0x89ef, &(0x7f0000000200)=0x8) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="001225bd7000000100000000000008000700a7cae20cc608740bb1cf5187f72824aa352e27caf9a33b29bd19e550bf458d4bdb2d8daa11de8c40aacbeebf6086bc68b6376d1237f9f59799f456108ef319c7c8eaca46d3fa316e07d9e76d7fe0f10d1ac0633e7cd020b8ebde4cbf457e47d725c42b06a7ba43e37eecf9d726aedac6ac31c8ca0c489afccaf6c28be3862861241eda9b881798ce9fab38047b601c5b3ecf28234b3766b5ef85f60aedbdb0695c590d5a4bee6375e67da7e1d55f6c154ca47d0db47d607fc08be1caa4ab104c4145cc6cafadc32e5e23bd3c158c8f76c38e6694f330c17d7072565711b6bd94581bf7dd8211d4cec2f29a4f9eca3692cb751bc04d608eadf206399aa098643143fe1db6", @ANYRES32=r0, @ANYBLOB="060006000200000008000800000000000c000300020000000000000008000500ac1414aa080004007f0000010800020000000000080009000200000008000700", @ANYRES32=r1, @ANYBLOB="0800020000000000"], 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x20004082) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x638500, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x151000) (async) ioctl$SIOCPNDELRESOURCE(r2, 0x89ef, &(0x7f0000000200)=0x8) (async) sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="001225bd7000000100000000000008000700a7cae20cc608740bb1cf5187f72824aa352e27caf9a33b29bd19e550bf458d4bdb2d8daa11de8c40aacbeebf6086bc68b6376d1237f9f59799f456108ef319c7c8eaca46d3fa316e07d9e76d7fe0f10d1ac0633e7cd020b8ebde4cbf457e47d725c42b06a7ba43e37eecf9d726aedac6ac31c8ca0c489afccaf6c28be3862861241eda9b881798ce9fab38047b601c5b3ecf28234b3766b5ef85f60aedbdb0695c590d5a4bee6375e67da7e1d55f6c154ca47d0db47d607fc08be1caa4ab104c4145cc6cafadc32e5e23bd3c158c8f76c38e6694f330c17d7072565711b6bd94581bf7dd8211d4cec2f29a4f9eca3692cb751bc04d608eadf206399aa098643143fe1db6", @ANYRES32=r0, @ANYBLOB="060006000200000008000800000000000c000300020000000000000008000500ac1414aa080004007f0000010800020000000000080009000200000008000700", @ANYRES32=r1, @ANYBLOB="0800020000000000"], 0x68}, 0x1, 0x0, 0x0, 0x81}, 0x20004082) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x638500, 0x0) (async) 13:37:48 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r0, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0xfffffffffffffe00}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @rand_addr=0x64010100}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x8}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x4}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x62}]}, 0x60}}, 0x20040080) [ 672.642928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 672.650192] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:48 executing program 3: socketpair(0x29, 0x1, 0x0, 0x0) (async) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0xfd, 0x6, @remote}, 0x14) (async) recvfrom$packet(r0, &(0x7f00000001c0)=""/29, 0x1d, 0x1, &(0x7f0000000200)={0x11, 0x1, r2, 0x1, 0xb6}, 0x14) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) socketpair(0x10, 0x3, 0x4f5, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', 0x0}) connect$packet(r4, &(0x7f0000000180)={0x11, 0x6, r5, 0x1, 0x5, 0x6, @random="3e316cb3d747"}, 0x14) (async) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xc, r3, 0x1, 0x2, 0x6, @local}, 0x14) 13:37:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getsockname$packet(r1, &(0x7f0000000000), &(0x7f0000000040)=0x14) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:48 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r0, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0xfffffffffffffe00}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @rand_addr=0x64010100}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x8}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x4}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x62}]}, 0x60}}, 0x20040080) socketpair(0x2, 0x1, 0x0, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r0, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0xfffffffffffffe00}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @rand_addr=0x64010100}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x8}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x4}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x62}]}, 0x60}}, 0x20040080) (async) 13:37:48 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)={0xa, [0x5f4, 0x0, 0x9, 0x27f, 0x2, 0x2, 0x3, 0xf2d, 0x9, 0x41e7ac3d]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) (async) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)={0xa, [0x5f4, 0x0, 0x9, 0x27f, 0x2, 0x2, 0x3, 0xf2d, 0x9, 0x41e7ac3d]}) (async) 13:37:48 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80283, 0x0) keyctl$set_timeout(0xf, 0x0, 0x5) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200001, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 672.779716] FAULT_INJECTION: forcing a failure. [ 672.779716] name failslab, interval 1, probability 0, space 0, times 0 [ 672.844422] CPU: 0 PID: 11258 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 672.852339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.861715] Call Trace: [ 672.864306] dump_stack+0x1b2/0x281 [ 672.867950] should_fail.cold+0x10a/0x149 [ 672.872126] should_failslab+0xd6/0x130 [ 672.876108] kmem_cache_alloc_trace+0x29a/0x3d0 [ 672.880776] ? debugfs_create_file+0x37/0x60 [ 672.885188] kvm_dev_ioctl+0xce6/0x1450 [ 672.889170] ? fsnotify+0x974/0x11b0 [ 672.892885] ? kvm_put_kvm+0xab0/0xab0 [ 672.896772] ? kvm_put_kvm+0xab0/0xab0 [ 672.900656] do_vfs_ioctl+0x75a/0xff0 [ 672.904458] ? lock_acquire+0x170/0x3f0 [ 672.908433] ? ioctl_preallocate+0x1a0/0x1a0 [ 672.912847] ? __fget+0x265/0x3e0 [ 672.916305] ? do_vfs_ioctl+0xff0/0xff0 [ 672.920285] ? security_file_ioctl+0x83/0xb0 [ 672.924699] SyS_ioctl+0x7f/0xb0 [ 672.928066] ? do_vfs_ioctl+0xff0/0xff0 [ 672.932047] do_syscall_64+0x1d5/0x640 [ 672.935947] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 672.941135] RIP: 0033:0x7fa37e383109 13:37:49 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r0, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0xfffffffffffffe00}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @rand_addr=0x64010100}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x8}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x4}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x62}]}, 0x60}}, 0x20040080) [ 672.944842] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 672.952547] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 672.959809] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 672.967076] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 672.974338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 672.981606] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 24) 13:37:49 executing program 3: socketpair(0x29, 0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0xfd, 0x6, @remote}, 0x14) recvfrom$packet(r0, &(0x7f00000001c0)=""/29, 0x1d, 0x1, &(0x7f0000000200)={0x11, 0x1, r2, 0x1, 0xb6}, 0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) socketpair(0x10, 0x3, 0x4f5, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', 0x0}) connect$packet(r4, &(0x7f0000000180)={0x11, 0x6, r5, 0x1, 0x5, 0x6, @random="3e316cb3d747"}, 0x14) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xc, r3, 0x1, 0x2, 0x6, @local}, 0x14) socketpair(0x29, 0x1, 0x0, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0xfd, 0x6, @remote}, 0x14) (async) recvfrom$packet(r0, &(0x7f00000001c0)=""/29, 0x1d, 0x1, &(0x7f0000000200)={0x11, 0x1, r2, 0x1, 0xb6}, 0x14) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) socketpair(0x10, 0x3, 0x4f5, &(0x7f0000000080)) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00'}) (async) connect$packet(r4, &(0x7f0000000180)={0x11, 0x6, r5, 0x1, 0x5, 0x6, @random="3e316cb3d747"}, 0x14) (async) connect$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0xc, r3, 0x1, 0x2, 0x6, @local}, 0x14) (async) 13:37:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80283, 0x0) keyctl$set_timeout(0xf, 0x0, 0x5) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200001, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80283, 0x0) (async) keyctl$set_timeout(0xf, 0x0, 0x5) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200001, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:49 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x6, @remote}, 0x10) 13:37:49 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async, rerun: 32) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) getsockname$packet(r1, &(0x7f0000000000), &(0x7f0000000040)=0x14) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f0000000040)={0xa, [0x5f4, 0x0, 0x9, 0x27f, 0x2, 0x2, 0x3, 0xf2d, 0x9, 0x41e7ac3d]}) 13:37:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80283, 0x0) keyctl$set_timeout(0xf, 0x0, 0x5) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200001, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80283, 0x0) (async) keyctl$set_timeout(0xf, 0x0, 0x5) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200001, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:49 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x6, @remote}, 0x10) [ 673.141717] FAULT_INJECTION: forcing a failure. [ 673.141717] name failslab, interval 1, probability 0, space 0, times 0 [ 673.187400] CPU: 0 PID: 11321 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 673.195311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.204665] Call Trace: [ 673.207267] dump_stack+0x1b2/0x281 [ 673.210909] should_fail.cold+0x10a/0x149 [ 673.215067] should_failslab+0xd6/0x130 [ 673.219040] kmem_cache_alloc+0x28e/0x3c0 [ 673.223190] __d_alloc+0x2a/0xa20 [ 673.226648] ? d_lookup+0x172/0x220 [ 673.230284] d_alloc+0x46/0x240 [ 673.233563] __lookup_hash+0x101/0x270 [ 673.237448] ? __inode_permission+0xcd/0x2f0 [ 673.241859] lookup_one_len+0x279/0x3a0 [ 673.245837] ? lookup_one_len_unlocked+0x410/0x410 [ 673.250768] start_creating+0xb0/0x200 [ 673.254659] __debugfs_create_file+0x4f/0x440 [ 673.259155] ? debugfs_create_file+0x37/0x60 [ 673.263563] kvm_dev_ioctl+0xe7f/0x1450 [ 673.267538] ? fsnotify+0x974/0x11b0 [ 673.271252] ? kvm_put_kvm+0xab0/0xab0 [ 673.275146] ? kvm_put_kvm+0xab0/0xab0 [ 673.279030] do_vfs_ioctl+0x75a/0xff0 [ 673.282831] ? lock_acquire+0x170/0x3f0 13:37:49 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) socketpair(0xa, 0x1, 0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) [ 673.286802] ? ioctl_preallocate+0x1a0/0x1a0 [ 673.291211] ? __fget+0x265/0x3e0 [ 673.294767] ? do_vfs_ioctl+0xff0/0xff0 [ 673.298833] ? security_file_ioctl+0x83/0xb0 [ 673.303240] SyS_ioctl+0x7f/0xb0 [ 673.306608] ? do_vfs_ioctl+0xff0/0xff0 [ 673.310580] do_syscall_64+0x1d5/0x640 [ 673.314476] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 673.319660] RIP: 0033:0x7fa37e383109 [ 673.323402] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:49 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) socketpair(0xa, 0x1, 0x0, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) socketpair(0xa, 0x1, 0x0, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) (async) 13:37:49 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x6, @remote}, 0x10) 13:37:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f0000000580), 0x4) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r4, 0xa10, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}}, 0x0) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000040)={"110b4b5033622e798fe3f6d53323cbc7098aa69b061ec79ab3718adc6dee8f633294495f162aef257a7b79b89ca57e71a3a485693bcfb946fb04e59b094eadb90f451d3d4408b7cb0c790628406e412434313976f0bc06d9de48308ee0d4c82e1e34300983be5248a4e27095c826f1c679b8031d2e82da3f16f82657797008bddcf17768b49882f5d9e5d8674de99ca0ab48a2519b3b1ca36f7fe62bd9b3df9ee0015ca709e6c93adc023f79458a6bacee9d3e9216cd36262f3471f8139aa6fbb6e29b0d900ff82d1f13f13ee81e768f33ad526c6c75ff29b99e5816c8f99eb54e66a33e42dc57dfdb50c484b2a48ec294ea5fe8fc33da60928440b671ab55c3b422092129a3403e274bbf4ed4786a035cc1b2f7e2985e5c83593bba8f2f614a99ca7319920155d78bda5be96ef46c5d50852606a4ebe2297d0df43537d200dbe7812a7b1e71293678b4a587f74cd33034699d9ad5816dee352d2c4b9291f6b380fa8859954e3814fc339d5e00c01023c894c19122c78bd3adbe1e1a22da5d23d36c72f6b9c185c96420639b9204663c2befa8c8ac43e36c74d5ea4cc58c1a0420ca8620216e346a3a7faf4115dcceddc5e1f70b0e448c68de67ca0308c204020c0d02f40ffc4edf9898827a7b56691abb79a14dd74bebf7486424cce61d666611b2c82175c4103ae75631376e201d3308271793c5b29267358b0c8f4f14361a681044921eb5fd554bffc1191cfea83dbd553f2bbe0a716286d7e6d587391d702bcdad5750a7ef28b3a0ec24fbce4da7fbf02c9796ee1023d2a0e67f20f4960d1124aab574d4ac42ef87a4f2e66ce46876ce20b9f2cb211659d83540ca136be43c80bad0fc03fbfdd12c02606e5e58ff3e26958f785de8ec8686100a4d8f2442b711f4d8bb12ec054f2676bbbfa14c01c859d6aec6720780ce49bc6ce940be7682492dedd1640ef0e57bfd2aba06b04e36594076dc284812b36a0d9016de0aec12f5ea7aca608c314a4efd932af9897dbb0f2b3077e93c65d8bef0fcea8314460c32e156e65940c4dc20cb71b582bd12aeb403635d916880b9ce820aeb4dbffd3565ce207a8fec6e697405511abac125b7a7a35a6054dc2c8abcf8d4b3c3f95e205962d03bb73891757715cff3fec9501e7d3a19cd50d0a9c60cb6b51e9a839c0d9f2e6f73eeceeb7496249924aeb62af7710da6e94e343fc72f3e159d3c30988b7ff04a5c3309496219270ab83416c8a6ef789c685b607e560ce6928fd0a9f2cab1402890cd3473c6e16f7efebaed74c7de1798c39e3b6913435cae8dc07c3383f2d4f41fefa8803574d1b4b9bd71f2e01fe3036f3f52441e12c690bbb1b93049bfb2d6c4153c444650c80d502602d381d4860d4255333aef6969206d881d5ce92e06e4f1fcb3a0863b5a820051c03f35b5fb8e99cac6b59ac76c91fdd087dd"}) getsockname$packet(r3, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000600)=0x14) [ 673.331105] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 673.338367] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 673.345659] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 673.352930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 673.360193] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 25) 13:37:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000040)={'\x00', 0x7ff, 0x0, 0x4, 0x0, 0x2b, 0x2000, 0x4, '\x00', 0x1ff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:49 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getsockname$packet(r1, &(0x7f0000000000), &(0x7f0000000040)=0x14) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) getsockname$packet(r1, &(0x7f0000000000), &(0x7f0000000040)=0x14) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) 13:37:49 executing program 3: openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async, rerun: 64) socketpair(0xa, 0x1, 0x0, 0x0) (async, rerun: 64) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) 13:37:49 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000000), 0x4) 13:37:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f0000000580), 0x4) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r4, 0xa10, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}}, 0x0) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000040)={"110b4b5033622e798fe3f6d53323cbc7098aa69b061ec79ab3718adc6dee8f633294495f162aef257a7b79b89ca57e71a3a485693bcfb946fb04e59b094eadb90f451d3d4408b7cb0c790628406e412434313976f0bc06d9de48308ee0d4c82e1e34300983be5248a4e27095c826f1c679b8031d2e82da3f16f82657797008bddcf17768b49882f5d9e5d8674de99ca0ab48a2519b3b1ca36f7fe62bd9b3df9ee0015ca709e6c93adc023f79458a6bacee9d3e9216cd36262f3471f8139aa6fbb6e29b0d900ff82d1f13f13ee81e768f33ad526c6c75ff29b99e5816c8f99eb54e66a33e42dc57dfdb50c484b2a48ec294ea5fe8fc33da60928440b671ab55c3b422092129a3403e274bbf4ed4786a035cc1b2f7e2985e5c83593bba8f2f614a99ca7319920155d78bda5be96ef46c5d50852606a4ebe2297d0df43537d200dbe7812a7b1e71293678b4a587f74cd33034699d9ad5816dee352d2c4b9291f6b380fa8859954e3814fc339d5e00c01023c894c19122c78bd3adbe1e1a22da5d23d36c72f6b9c185c96420639b9204663c2befa8c8ac43e36c74d5ea4cc58c1a0420ca8620216e346a3a7faf4115dcceddc5e1f70b0e448c68de67ca0308c204020c0d02f40ffc4edf9898827a7b56691abb79a14dd74bebf7486424cce61d666611b2c82175c4103ae75631376e201d3308271793c5b29267358b0c8f4f14361a681044921eb5fd554bffc1191cfea83dbd553f2bbe0a716286d7e6d587391d702bcdad5750a7ef28b3a0ec24fbce4da7fbf02c9796ee1023d2a0e67f20f4960d1124aab574d4ac42ef87a4f2e66ce46876ce20b9f2cb211659d83540ca136be43c80bad0fc03fbfdd12c02606e5e58ff3e26958f785de8ec8686100a4d8f2442b711f4d8bb12ec054f2676bbbfa14c01c859d6aec6720780ce49bc6ce940be7682492dedd1640ef0e57bfd2aba06b04e36594076dc284812b36a0d9016de0aec12f5ea7aca608c314a4efd932af9897dbb0f2b3077e93c65d8bef0fcea8314460c32e156e65940c4dc20cb71b582bd12aeb403635d916880b9ce820aeb4dbffd3565ce207a8fec6e697405511abac125b7a7a35a6054dc2c8abcf8d4b3c3f95e205962d03bb73891757715cff3fec9501e7d3a19cd50d0a9c60cb6b51e9a839c0d9f2e6f73eeceeb7496249924aeb62af7710da6e94e343fc72f3e159d3c30988b7ff04a5c3309496219270ab83416c8a6ef789c685b607e560ce6928fd0a9f2cab1402890cd3473c6e16f7efebaed74c7de1798c39e3b6913435cae8dc07c3383f2d4f41fefa8803574d1b4b9bd71f2e01fe3036f3f52441e12c690bbb1b93049bfb2d6c4153c444650c80d502602d381d4860d4255333aef6969206d881d5ce92e06e4f1fcb3a0863b5a820051c03f35b5fb8e99cac6b59ac76c91fdd087dd"}) getsockname$packet(r3, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000600)=0x14) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) setsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f0000000580), 0x4) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000480), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r4, 0xa10, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}}, 0x0) (async) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000040)={"110b4b5033622e798fe3f6d53323cbc7098aa69b061ec79ab3718adc6dee8f633294495f162aef257a7b79b89ca57e71a3a485693bcfb946fb04e59b094eadb90f451d3d4408b7cb0c790628406e412434313976f0bc06d9de48308ee0d4c82e1e34300983be5248a4e27095c826f1c679b8031d2e82da3f16f82657797008bddcf17768b49882f5d9e5d8674de99ca0ab48a2519b3b1ca36f7fe62bd9b3df9ee0015ca709e6c93adc023f79458a6bacee9d3e9216cd36262f3471f8139aa6fbb6e29b0d900ff82d1f13f13ee81e768f33ad526c6c75ff29b99e5816c8f99eb54e66a33e42dc57dfdb50c484b2a48ec294ea5fe8fc33da60928440b671ab55c3b422092129a3403e274bbf4ed4786a035cc1b2f7e2985e5c83593bba8f2f614a99ca7319920155d78bda5be96ef46c5d50852606a4ebe2297d0df43537d200dbe7812a7b1e71293678b4a587f74cd33034699d9ad5816dee352d2c4b9291f6b380fa8859954e3814fc339d5e00c01023c894c19122c78bd3adbe1e1a22da5d23d36c72f6b9c185c96420639b9204663c2befa8c8ac43e36c74d5ea4cc58c1a0420ca8620216e346a3a7faf4115dcceddc5e1f70b0e448c68de67ca0308c204020c0d02f40ffc4edf9898827a7b56691abb79a14dd74bebf7486424cce61d666611b2c82175c4103ae75631376e201d3308271793c5b29267358b0c8f4f14361a681044921eb5fd554bffc1191cfea83dbd553f2bbe0a716286d7e6d587391d702bcdad5750a7ef28b3a0ec24fbce4da7fbf02c9796ee1023d2a0e67f20f4960d1124aab574d4ac42ef87a4f2e66ce46876ce20b9f2cb211659d83540ca136be43c80bad0fc03fbfdd12c02606e5e58ff3e26958f785de8ec8686100a4d8f2442b711f4d8bb12ec054f2676bbbfa14c01c859d6aec6720780ce49bc6ce940be7682492dedd1640ef0e57bfd2aba06b04e36594076dc284812b36a0d9016de0aec12f5ea7aca608c314a4efd932af9897dbb0f2b3077e93c65d8bef0fcea8314460c32e156e65940c4dc20cb71b582bd12aeb403635d916880b9ce820aeb4dbffd3565ce207a8fec6e697405511abac125b7a7a35a6054dc2c8abcf8d4b3c3f95e205962d03bb73891757715cff3fec9501e7d3a19cd50d0a9c60cb6b51e9a839c0d9f2e6f73eeceeb7496249924aeb62af7710da6e94e343fc72f3e159d3c30988b7ff04a5c3309496219270ab83416c8a6ef789c685b607e560ce6928fd0a9f2cab1402890cd3473c6e16f7efebaed74c7de1798c39e3b6913435cae8dc07c3383f2d4f41fefa8803574d1b4b9bd71f2e01fe3036f3f52441e12c690bbb1b93049bfb2d6c4153c444650c80d502602d381d4860d4255333aef6969206d881d5ce92e06e4f1fcb3a0863b5a820051c03f35b5fb8e99cac6b59ac76c91fdd087dd"}) (async) getsockname$packet(r3, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000600)=0x14) (async) 13:37:49 executing program 0: r0 = socket$packet(0x11, 0x7, 0x300) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x7}, 0x4) 13:37:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000040)={'\x00', 0x7ff, 0x0, 0x4, 0x0, 0x2b, 0x2000, 0x4, '\x00', 0x1ff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:49 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 32) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000000), 0x4) (rerun: 32) [ 673.587058] FAULT_INJECTION: forcing a failure. [ 673.587058] name failslab, interval 1, probability 0, space 0, times 0 13:37:49 executing program 3: socketpair(0x2, 0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) [ 673.647364] CPU: 1 PID: 11413 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 673.655270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.664620] Call Trace: [ 673.667210] dump_stack+0x1b2/0x281 [ 673.670840] should_fail.cold+0x10a/0x149 [ 673.675000] should_failslab+0xd6/0x130 [ 673.678976] kmem_cache_alloc+0x28e/0x3c0 [ 673.683125] alloc_inode+0xa0/0x170 [ 673.686758] new_inode+0x1d/0xf0 [ 673.690128] debugfs_get_inode+0x1a/0x130 13:37:49 executing program 3: socketpair(0x2, 0x1, 0x5, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) 13:37:49 executing program 3: socketpair(0x2, 0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) [ 673.694279] __debugfs_create_file+0x93/0x440 [ 673.698784] ? debugfs_create_file+0x37/0x60 [ 673.703221] kvm_dev_ioctl+0xe7f/0x1450 [ 673.707200] ? fsnotify+0x974/0x11b0 [ 673.710910] ? kvm_put_kvm+0xab0/0xab0 [ 673.714809] ? kvm_put_kvm+0xab0/0xab0 [ 673.718705] do_vfs_ioctl+0x75a/0xff0 [ 673.722505] ? lock_acquire+0x170/0x3f0 [ 673.726479] ? ioctl_preallocate+0x1a0/0x1a0 [ 673.730888] ? __fget+0x265/0x3e0 [ 673.734345] ? do_vfs_ioctl+0xff0/0xff0 [ 673.738313] ? security_file_ioctl+0x83/0xb0 [ 673.742720] SyS_ioctl+0x7f/0xb0 [ 673.746080] ? do_vfs_ioctl+0xff0/0xff0 [ 673.750059] do_syscall_64+0x1d5/0x640 [ 673.753976] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 673.759161] RIP: 0033:0x7fa37e383109 [ 673.762869] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 673.770575] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 673.777841] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 673.785107] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 26) 13:37:49 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000000)={0x3}, 0x4) 13:37:49 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000000), 0x4) 13:37:49 executing program 0: r0 = socket$packet(0x11, 0x7, 0x300) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x7}, 0x4) socket$packet(0x11, 0x7, 0x300) (async) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x7}, 0x4) (async) 13:37:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) setsockopt$WPAN_SECURITY_LEVEL(r3, 0x0, 0x2, &(0x7f0000000580), 0x4) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x34, r4, 0xa10, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}}, 0x0) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000040)={"110b4b5033622e798fe3f6d53323cbc7098aa69b061ec79ab3718adc6dee8f633294495f162aef257a7b79b89ca57e71a3a485693bcfb946fb04e59b094eadb90f451d3d4408b7cb0c790628406e412434313976f0bc06d9de48308ee0d4c82e1e34300983be5248a4e27095c826f1c679b8031d2e82da3f16f82657797008bddcf17768b49882f5d9e5d8674de99ca0ab48a2519b3b1ca36f7fe62bd9b3df9ee0015ca709e6c93adc023f79458a6bacee9d3e9216cd36262f3471f8139aa6fbb6e29b0d900ff82d1f13f13ee81e768f33ad526c6c75ff29b99e5816c8f99eb54e66a33e42dc57dfdb50c484b2a48ec294ea5fe8fc33da60928440b671ab55c3b422092129a3403e274bbf4ed4786a035cc1b2f7e2985e5c83593bba8f2f614a99ca7319920155d78bda5be96ef46c5d50852606a4ebe2297d0df43537d200dbe7812a7b1e71293678b4a587f74cd33034699d9ad5816dee352d2c4b9291f6b380fa8859954e3814fc339d5e00c01023c894c19122c78bd3adbe1e1a22da5d23d36c72f6b9c185c96420639b9204663c2befa8c8ac43e36c74d5ea4cc58c1a0420ca8620216e346a3a7faf4115dcceddc5e1f70b0e448c68de67ca0308c204020c0d02f40ffc4edf9898827a7b56691abb79a14dd74bebf7486424cce61d666611b2c82175c4103ae75631376e201d3308271793c5b29267358b0c8f4f14361a681044921eb5fd554bffc1191cfea83dbd553f2bbe0a716286d7e6d587391d702bcdad5750a7ef28b3a0ec24fbce4da7fbf02c9796ee1023d2a0e67f20f4960d1124aab574d4ac42ef87a4f2e66ce46876ce20b9f2cb211659d83540ca136be43c80bad0fc03fbfdd12c02606e5e58ff3e26958f785de8ec8686100a4d8f2442b711f4d8bb12ec054f2676bbbfa14c01c859d6aec6720780ce49bc6ce940be7682492dedd1640ef0e57bfd2aba06b04e36594076dc284812b36a0d9016de0aec12f5ea7aca608c314a4efd932af9897dbb0f2b3077e93c65d8bef0fcea8314460c32e156e65940c4dc20cb71b582bd12aeb403635d916880b9ce820aeb4dbffd3565ce207a8fec6e697405511abac125b7a7a35a6054dc2c8abcf8d4b3c3f95e205962d03bb73891757715cff3fec9501e7d3a19cd50d0a9c60cb6b51e9a839c0d9f2e6f73eeceeb7496249924aeb62af7710da6e94e343fc72f3e159d3c30988b7ff04a5c3309496219270ab83416c8a6ef789c685b607e560ce6928fd0a9f2cab1402890cd3473c6e16f7efebaed74c7de1798c39e3b6913435cae8dc07c3383f2d4f41fefa8803574d1b4b9bd71f2e01fe3036f3f52441e12c690bbb1b93049bfb2d6c4153c444650c80d502602d381d4860d4255333aef6969206d881d5ce92e06e4f1fcb3a0863b5a820051c03f35b5fb8e99cac6b59ac76c91fdd087dd"}) getsockname$packet(r3, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000600)=0x14) 13:37:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000040)={'\x00', 0x7ff, 0x0, 0x4, 0x0, 0x2b, 0x2000, 0x4, '\x00', 0x1ff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000040)={'\x00', 0x7ff, 0x0, 0x4, 0x0, 0x2b, 0x2000, 0x4, '\x00', 0x1ff}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) [ 673.792375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 673.799639] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:50 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=@mpls_delroute={0xbc, 0x19, 0x110, 0x70bd2c, 0x25dfdbfd, {0x1c, 0x20, 0x80, 0x5, 0xff, 0x3, 0x0, 0x0, 0x1b00}, [@RTA_OIF={0x8}, @RTA_VIA={0x14, 0x12, {0x1d, "d34b4f67759498746eabdfc29489"}}, @RTA_NEWDST={0x84, 0x13, [{0x1}, {0x1, 0x0, 0x1}, {0x7}, {0x401}, {0x4, 0x0, 0x1}, {0x8}, {0x1ff, 0x0, 0x1}, {0x2}, {0x4091c, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x4}, {0x3, 0x0, 0x1}, {0x7}, {0x1000}, {0x80}, {}, {0x1000}, {}, {0x8, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0xfff, 0x0, 0x1}, {}, {0x7bf0}, {0x27}, {0xdf}, {0x1f, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x3ff, 0x0, 0x1}, {0x1ffc, 0x0, 0x1}, {0x5}, {0xffff9}, {0x200}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x24000000}, 0x2c005) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x29, 0x1, 0x7f, 0x40, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x10}, 0x7, 0x7800, 0x3, 0x2}}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000000)={'ip6tnl0\x00', r3, 0x3, 0xfa, 0x2, 0x2, 0x24, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x7800, 0x2, 0x9}}) 13:37:50 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000000)={0x3}, 0x4) [ 673.933054] FAULT_INJECTION: forcing a failure. [ 673.933054] name failslab, interval 1, probability 0, space 0, times 0 [ 673.956396] CPU: 1 PID: 11475 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 673.964290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.973642] Call Trace: [ 673.976229] dump_stack+0x1b2/0x281 [ 673.979872] should_fail.cold+0x10a/0x149 [ 673.984021] should_failslab+0xd6/0x130 [ 673.988001] kmem_cache_alloc_trace+0x29a/0x3d0 [ 673.992668] ? debugfs_create_file+0x37/0x60 [ 673.997078] kvm_dev_ioctl+0xce6/0x1450 [ 674.001059] ? fsnotify+0x974/0x11b0 [ 674.004775] ? kvm_put_kvm+0xab0/0xab0 [ 674.008660] ? kvm_put_kvm+0xab0/0xab0 [ 674.012531] do_vfs_ioctl+0x75a/0xff0 [ 674.016313] ? lock_acquire+0x170/0x3f0 [ 674.020270] ? ioctl_preallocate+0x1a0/0x1a0 [ 674.024663] ? __fget+0x265/0x3e0 [ 674.028116] ? do_vfs_ioctl+0xff0/0xff0 [ 674.032074] ? security_file_ioctl+0x83/0xb0 [ 674.036465] SyS_ioctl+0x7f/0xb0 [ 674.039818] ? do_vfs_ioctl+0xff0/0xff0 [ 674.043776] do_syscall_64+0x1d5/0x640 [ 674.047655] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 674.052839] RIP: 0033:0x7fa37e383109 [ 674.056538] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 674.064230] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 674.071481] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:37:50 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000000)={0x3}, 0x4) socketpair(0x2, 0x1, 0x0, 0x0) (async) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000000)={0x3}, 0x4) (async) 13:37:50 executing program 0: r0 = socket$packet(0x11, 0x7, 0x300) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x7}, 0x4) socket$packet(0x11, 0x7, 0x300) (async) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000000)) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x7}, 0x4) (async) 13:37:50 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) [ 674.078731] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 674.085983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 674.093234] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:50 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) (async) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=@mpls_delroute={0xbc, 0x19, 0x110, 0x70bd2c, 0x25dfdbfd, {0x1c, 0x20, 0x80, 0x5, 0xff, 0x3, 0x0, 0x0, 0x1b00}, [@RTA_OIF={0x8}, @RTA_VIA={0x14, 0x12, {0x1d, "d34b4f67759498746eabdfc29489"}}, @RTA_NEWDST={0x84, 0x13, [{0x1}, {0x1, 0x0, 0x1}, {0x7}, {0x401}, {0x4, 0x0, 0x1}, {0x8}, {0x1ff, 0x0, 0x1}, {0x2}, {0x4091c, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x4}, {0x3, 0x0, 0x1}, {0x7}, {0x1000}, {0x80}, {}, {0x1000}, {}, {0x8, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0xfff, 0x0, 0x1}, {}, {0x7bf0}, {0x27}, {0xdf}, {0x1f, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x3ff, 0x0, 0x1}, {0x1ffc, 0x0, 0x1}, {0x5}, {0xffff9}, {0x200}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x24000000}, 0x2c005) (async) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x29, 0x1, 0x7f, 0x40, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x10}, 0x7, 0x7800, 0x3, 0x2}}) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000000)={'ip6tnl0\x00', r3, 0x3, 0xfa, 0x2, 0x2, 0x24, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x7800, 0x2, 0x9}}) 13:37:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 27) 13:37:50 executing program 2: ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000240)={0x1000, 0x2, &(0x7f0000000180)=[0x20, 0xf6ff], &(0x7f00000001c0)=[0x9, 0x0, 0x480], &(0x7f0000000200)=[0x40]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x40) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x100) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'ip6_vti0\x00', 0x0, 0x4, 0x79, 0x7, 0x1, 0x28, @private0, @mcast1, 0x10, 0x8000, 0x9, 0x8000}}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f00000004c0)={0x0}) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) sendmsg$nl_xfrm(r0, &(0x7f0000000a80)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000840)=@newae={0x1c4, 0x1e, 0x20, 0x70bd27, 0x25dfdbff, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d2, 0x2, 0x6c}, @in=@loopback, 0x8e7, 0x3507}, [@policy_type={0xa, 0x10, {0x1}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xd0a}, @algo_auth_trunc={0xde, 0x14, {{'blake2s-256-arm\x00'}, 0x490, 0xc0, "6b9275a379fc139a587120257f299a9b2b14ee36512036b3506f39a84de54e9111671b60dd5d90adaad6e8e33788ea423b61572bcdf5a1b0a0d9c477013c7cc109cfe24284f2efb43da044a6684ca9f29afb7681386648c1790048e8a73c27762c28f7deb05536a506fb8d5aad6e8c0dee8284d50936258f2a9e6bca8917f1072d747aff1679b2d73ee8774032fc4424eaad"}}, @address_filter={0x28, 0x1a, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@dev={0xac, 0x14, 0x14, 0x2e}, 0x2, 0x40, 0x7}}, @replay_esn_val={0x3c, 0x17, {0x8, 0x70bd29, 0x70bd2c, 0x70bd26, 0x70bd25, 0x87f, [0x0, 0xffffffff, 0x5, 0x5, 0x1000, 0x7fffffff, 0x9, 0x1ff]}}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd28, 0x70bd2d, 0x70bd29, 0x70bd28, 0x2, [0xbbb794c7, 0x3, 0x2, 0x5]}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000400), r0) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4500000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x5c, r7, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_VERSION={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_LINK={0x8, 0x1, r2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) sendto$packet(r5, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'syztnl0\x00', r6, 0x29, 0xe7, 0x9, 0x1, 0x11, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, 0x8000, 0x7800, 0x5, 0x80}}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000000500)={r3}) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB="060000001efd6466acaf01c15e4e77dffd74f24c94f9ff33517aaa72801ef23f3c49704208f9b38a39ed5cbc41f638e2f837e4f8ea44edf1738fb293f6a0938447543850f62f175dd55bebbf1136403b52d49ecc488a3afb2027eee6ddcaf982e7176064dd8e9d0efa26ca4a2447e804248e032e485c854aeff9276cb7330b3ddb9814cee3d35c334e7626a3e71ffed5e9806ef91b850000", @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf251000000005002e000100000008000600", @ANYRES32=r2, @ANYBLOB="08003b00008000000600280001000000050038000100000005002d000100000008003c000400000008002b000001000005003800000000000500300001000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) r8 = openat$mice(0xffffffffffffff9c, &(0x7f0000000280), 0x200440) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) 13:37:50 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000000240)={{0x0, 0x0, 0x80}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0], 0x1, 0x0, 0x0, 0xffffffffffffffff}) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=@ipmr_delroute={0x9c, 0x19, 0x8, 0x70bd26, 0x25dfdbfc, {0x80, 0x10, 0x14, 0x8, 0xff, 0x3, 0xc8, 0x3, 0x2400}, [@RTA_METRICS={0x80, 0x8, 0x0, 0x1, "efc20e78cc46e05ba1b0b1b2bbde48cb4c8fc44fb62e3651532801c2e84fb781dfa41da8e70e6c79e80be31744eb21ace854086086fc553950a6d57659a3c96871f557d39c0534d08e07361940ae824fe43d2b4996c5568db16abd0a04747c918044cb7111cb89d41cb03cd6d79387855c18a5137f2b9619008450bd"}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40084}, 0x48004) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000002340)={'syztnl0\x00', &(0x7f00000022c0)={'syztnl2\x00', r4, 0x4, 0xaf, 0x7, 0x1d, 0x40, @empty, @mcast2, 0x7, 0x8, 0x7}}) 13:37:50 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$packet(0x11, 0x3, 0x300) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=@mpls_delroute={0xbc, 0x19, 0x110, 0x70bd2c, 0x25dfdbfd, {0x1c, 0x20, 0x80, 0x5, 0xff, 0x3, 0x0, 0x0, 0x1b00}, [@RTA_OIF={0x8}, @RTA_VIA={0x14, 0x12, {0x1d, "d34b4f67759498746eabdfc29489"}}, @RTA_NEWDST={0x84, 0x13, [{0x1}, {0x1, 0x0, 0x1}, {0x7}, {0x401}, {0x4, 0x0, 0x1}, {0x8}, {0x1ff, 0x0, 0x1}, {0x2}, {0x4091c, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x4}, {0x3, 0x0, 0x1}, {0x7}, {0x1000}, {0x80}, {}, {0x1000}, {}, {0x8, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0xfff, 0x0, 0x1}, {}, {0x7bf0}, {0x27}, {0xdf}, {0x1f, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x3ff, 0x0, 0x1}, {0x1ffc, 0x0, 0x1}, {0x5}, {0xffff9}, {0x200}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x24000000}, 0x2c005) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r2, 0x89f7, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x29, 0x1, 0x7f, 0x40, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @dev={0xfe, 0x80, '\x00', 0x10}, 0x7, 0x7800, 0x3, 0x2}}) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000000)={'ip6tnl0\x00', r3, 0x3, 0xfa, 0x2, 0x2, 0x24, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x7800, 0x2, 0x9}}) 13:37:50 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) 13:37:50 executing program 0: socketpair(0x22, 0x6, 0xfffeffff, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x4, 0x1000}, 0x4) [ 674.366574] FAULT_INJECTION: forcing a failure. [ 674.366574] name failslab, interval 1, probability 0, space 0, times 0 [ 674.410420] CPU: 0 PID: 11517 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 674.418322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.427669] Call Trace: [ 674.430253] dump_stack+0x1b2/0x281 [ 674.433891] should_fail.cold+0x10a/0x149 [ 674.438042] should_failslab+0xd6/0x130 [ 674.442017] kmem_cache_alloc+0x28e/0x3c0 [ 674.446162] __d_alloc+0x2a/0xa20 [ 674.449609] ? d_lookup+0x172/0x220 [ 674.453236] d_alloc+0x46/0x240 [ 674.456523] __lookup_hash+0x101/0x270 [ 674.460410] ? __inode_permission+0xcd/0x2f0 [ 674.464823] lookup_one_len+0x279/0x3a0 [ 674.468797] ? lookup_one_len_unlocked+0x410/0x410 [ 674.473732] start_creating+0xb0/0x200 [ 674.477618] __debugfs_create_file+0x4f/0x440 [ 674.482121] ? debugfs_create_file+0x37/0x60 [ 674.486531] kvm_dev_ioctl+0xe7f/0x1450 [ 674.490504] ? fsnotify+0x974/0x11b0 [ 674.494216] ? kvm_put_kvm+0xab0/0xab0 [ 674.498107] ? kvm_put_kvm+0xab0/0xab0 [ 674.501991] do_vfs_ioctl+0x75a/0xff0 [ 674.505792] ? lock_acquire+0x170/0x3f0 [ 674.509762] ? ioctl_preallocate+0x1a0/0x1a0 [ 674.514158] ? __fget+0x265/0x3e0 [ 674.517609] ? do_vfs_ioctl+0xff0/0xff0 [ 674.521694] ? security_file_ioctl+0x83/0xb0 [ 674.526081] SyS_ioctl+0x7f/0xb0 [ 674.529443] ? do_vfs_ioctl+0xff0/0xff0 [ 674.533395] do_syscall_64+0x1d5/0x640 [ 674.537263] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 674.542444] RIP: 0033:0x7fa37e383109 [ 674.546131] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 674.553818] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 13:37:50 executing program 2: ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000240)={0x1000, 0x2, &(0x7f0000000180)=[0x20, 0xf6ff], &(0x7f00000001c0)=[0x9, 0x0, 0x480], &(0x7f0000000200)=[0x40]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x40) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x100) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'ip6_vti0\x00', 0x0, 0x4, 0x79, 0x7, 0x1, 0x28, @private0, @mcast1, 0x10, 0x8000, 0x9, 0x8000}}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f00000004c0)={0x0}) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) sendmsg$nl_xfrm(r0, &(0x7f0000000a80)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000840)=@newae={0x1c4, 0x1e, 0x20, 0x70bd27, 0x25dfdbff, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d2, 0x2, 0x6c}, @in=@loopback, 0x8e7, 0x3507}, [@policy_type={0xa, 0x10, {0x1}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xd0a}, @algo_auth_trunc={0xde, 0x14, {{'blake2s-256-arm\x00'}, 0x490, 0xc0, "6b9275a379fc139a587120257f299a9b2b14ee36512036b3506f39a84de54e9111671b60dd5d90adaad6e8e33788ea423b61572bcdf5a1b0a0d9c477013c7cc109cfe24284f2efb43da044a6684ca9f29afb7681386648c1790048e8a73c27762c28f7deb05536a506fb8d5aad6e8c0dee8284d50936258f2a9e6bca8917f1072d747aff1679b2d73ee8774032fc4424eaad"}}, @address_filter={0x28, 0x1a, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@dev={0xac, 0x14, 0x14, 0x2e}, 0x2, 0x40, 0x7}}, @replay_esn_val={0x3c, 0x17, {0x8, 0x70bd29, 0x70bd2c, 0x70bd26, 0x70bd25, 0x87f, [0x0, 0xffffffff, 0x5, 0x5, 0x1000, 0x7fffffff, 0x9, 0x1ff]}}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd28, 0x70bd2d, 0x70bd29, 0x70bd28, 0x2, [0xbbb794c7, 0x3, 0x2, 0x5]}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000400), r0) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4500000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x5c, r7, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_VERSION={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_LINK={0x8, 0x1, r2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) sendto$packet(r5, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'syztnl0\x00', r6, 0x29, 0xe7, 0x9, 0x1, 0x11, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, 0x8000, 0x7800, 0x5, 0x80}}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000000500)={r3}) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB="060000001efd6466acaf01c15e4e77dffd74f24c94f9ff33517aaa72801ef23f3c49704208f9b38a39ed5cbc41f638e2f837e4f8ea44edf1738fb293f6a0938447543850f62f175dd55bebbf1136403b52d49ecc488a3afb2027eee6ddcaf982e7176064dd8e9d0efa26ca4a2447e804248e032e485c854aeff9276cb7330b3ddb9814cee3d35c334e7626a3e71ffed5e9806ef91b850000", @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf251000000005002e000100000008000600", @ANYRES32=r2, @ANYBLOB="08003b00008000000600280001000000050038000100000005002d000100000008003c000400000008002b000001000005003800000000000500300001000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) r8 = openat$mice(0xffffffffffffff9c, &(0x7f0000000280), 0x200440) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000240)={0x1000, 0x2, &(0x7f0000000180)=[0x20, 0xf6ff], &(0x7f00000001c0)=[0x9, 0x0, 0x480], &(0x7f0000000200)=[0x40]}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x40) (async) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)) (async) syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x100) (async) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'ip6_vti0\x00', 0x0, 0x4, 0x79, 0x7, 0x1, 0x28, @private0, @mcast1, 0x10, 0x8000, 0x9, 0x8000}}) (async) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f00000004c0)) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) sendmsg$nl_xfrm(r0, &(0x7f0000000a80)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000840)=@newae={0x1c4, 0x1e, 0x20, 0x70bd27, 0x25dfdbff, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d2, 0x2, 0x6c}, @in=@loopback, 0x8e7, 0x3507}, [@policy_type={0xa, 0x10, {0x1}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xd0a}, @algo_auth_trunc={0xde, 0x14, {{'blake2s-256-arm\x00'}, 0x490, 0xc0, "6b9275a379fc139a587120257f299a9b2b14ee36512036b3506f39a84de54e9111671b60dd5d90adaad6e8e33788ea423b61572bcdf5a1b0a0d9c477013c7cc109cfe24284f2efb43da044a6684ca9f29afb7681386648c1790048e8a73c27762c28f7deb05536a506fb8d5aad6e8c0dee8284d50936258f2a9e6bca8917f1072d747aff1679b2d73ee8774032fc4424eaad"}}, @address_filter={0x28, 0x1a, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@dev={0xac, 0x14, 0x14, 0x2e}, 0x2, 0x40, 0x7}}, @replay_esn_val={0x3c, 0x17, {0x8, 0x70bd29, 0x70bd2c, 0x70bd26, 0x70bd25, 0x87f, [0x0, 0xffffffff, 0x5, 0x5, 0x1000, 0x7fffffff, 0x9, 0x1ff]}}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd28, 0x70bd2d, 0x70bd29, 0x70bd28, 0x2, [0xbbb794c7, 0x3, 0x2, 0x5]}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000400), r0) (async) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4500000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x5c, r7, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_VERSION={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_LINK={0x8, 0x1, r2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async) sendto$packet(r5, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'syztnl0\x00', r6, 0x29, 0xe7, 0x9, 0x1, 0x11, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, 0x8000, 0x7800, 0x5, 0x80}}) (async) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000000500)={r3}) (async) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB="060000001efd6466acaf01c15e4e77dffd74f24c94f9ff33517aaa72801ef23f3c49704208f9b38a39ed5cbc41f638e2f837e4f8ea44edf1738fb293f6a0938447543850f62f175dd55bebbf1136403b52d49ecc488a3afb2027eee6ddcaf982e7176064dd8e9d0efa26ca4a2447e804248e032e485c854aeff9276cb7330b3ddb9814cee3d35c334e7626a3e71ffed5e9806ef91b850000", @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf251000000005002e000100000008000600", @ANYRES32=r2, @ANYBLOB="08003b00008000000600280001000000050038000100000005002d000100000008003c000400000008002b000001000005003800000000000500300001000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000280), 0x200440) (async) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) 13:37:50 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000000240)={{0x0, 0x0, 0x80}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0], 0x1, 0x0, 0x0, 0xffffffffffffffff}) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=@ipmr_delroute={0x9c, 0x19, 0x8, 0x70bd26, 0x25dfdbfc, {0x80, 0x10, 0x14, 0x8, 0xff, 0x3, 0xc8, 0x3, 0x2400}, [@RTA_METRICS={0x80, 0x8, 0x0, 0x1, "efc20e78cc46e05ba1b0b1b2bbde48cb4c8fc44fb62e3651532801c2e84fb781dfa41da8e70e6c79e80be31744eb21ace854086086fc553950a6d57659a3c96871f557d39c0534d08e07361940ae824fe43d2b4996c5568db16abd0a04747c918044cb7111cb89d41cb03cd6d79387855c18a5137f2b9619008450bd"}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40084}, 0x48004) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000002340)={'syztnl0\x00', &(0x7f00000022c0)={'syztnl2\x00', r4, 0x4, 0xaf, 0x7, 0x1d, 0x40, @empty, @mcast2, 0x7, 0x8, 0x7}}) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000000240)={{0x0, 0x0, 0x80}}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0], 0x1}) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) (async) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=@ipmr_delroute={0x9c, 0x19, 0x8, 0x70bd26, 0x25dfdbfc, {0x80, 0x10, 0x14, 0x8, 0xff, 0x3, 0xc8, 0x3, 0x2400}, [@RTA_METRICS={0x80, 0x8, 0x0, 0x1, "efc20e78cc46e05ba1b0b1b2bbde48cb4c8fc44fb62e3651532801c2e84fb781dfa41da8e70e6c79e80be31744eb21ace854086086fc553950a6d57659a3c96871f557d39c0534d08e07361940ae824fe43d2b4996c5568db16abd0a04747c918044cb7111cb89d41cb03cd6d79387855c18a5137f2b9619008450bd"}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40084}, 0x48004) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r3, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000002340)={'syztnl0\x00', &(0x7f00000022c0)={'syztnl2\x00', r4, 0x4, 0xaf, 0x7, 0x1d, 0x40, @empty, @mcast2, 0x7, 0x8, 0x7}}) (async) 13:37:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 28) 13:37:50 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) 13:37:50 executing program 0: socketpair(0x22, 0x6, 0xfffeffff, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x4, 0x1000}, 0x4) [ 674.561081] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 674.568325] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 674.575571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 674.582833] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:50 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000280)={r1, 0x1, 0x6}, 0x10) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0xb97}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}]}, 0x2c}}, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x32, 0x8, 0x6, 0x3, 0x6], 0x5, 0x800, 0x0, 0xffffffffffffffff}) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48840}, 0x4850) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:50 executing program 2: ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000240)={0x1000, 0x2, &(0x7f0000000180)=[0x20, 0xf6ff], &(0x7f00000001c0)=[0x9, 0x0, 0x480], &(0x7f0000000200)=[0x40]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x40) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x100) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'ip6_vti0\x00', 0x0, 0x4, 0x79, 0x7, 0x1, 0x28, @private0, @mcast1, 0x10, 0x8000, 0x9, 0x8000}}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f00000004c0)={0x0}) r4 = socket$inet6_udp(0xa, 0x2, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) sendmsg$nl_xfrm(r0, &(0x7f0000000a80)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000840)=@newae={0x1c4, 0x1e, 0x20, 0x70bd27, 0x25dfdbff, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d2, 0x2, 0x6c}, @in=@loopback, 0x8e7, 0x3507}, [@policy_type={0xa, 0x10, {0x1}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xd0a}, @algo_auth_trunc={0xde, 0x14, {{'blake2s-256-arm\x00'}, 0x490, 0xc0, "6b9275a379fc139a587120257f299a9b2b14ee36512036b3506f39a84de54e9111671b60dd5d90adaad6e8e33788ea423b61572bcdf5a1b0a0d9c477013c7cc109cfe24284f2efb43da044a6684ca9f29afb7681386648c1790048e8a73c27762c28f7deb05536a506fb8d5aad6e8c0dee8284d50936258f2a9e6bca8917f1072d747aff1679b2d73ee8774032fc4424eaad"}}, @address_filter={0x28, 0x1a, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@dev={0xac, 0x14, 0x14, 0x2e}, 0x2, 0x40, 0x7}}, @replay_esn_val={0x3c, 0x17, {0x8, 0x70bd29, 0x70bd2c, 0x70bd26, 0x70bd25, 0x87f, [0x0, 0xffffffff, 0x5, 0x5, 0x1000, 0x7fffffff, 0x9, 0x1ff]}}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd28, 0x70bd2d, 0x70bd29, 0x70bd28, 0x2, [0xbbb794c7, 0x3, 0x2, 0x5]}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000400), r0) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4500000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x5c, r7, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_VERSION={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_LINK={0x8, 0x1, r2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) sendto$packet(r5, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'syztnl0\x00', r6, 0x29, 0xe7, 0x9, 0x1, 0x11, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, 0x8000, 0x7800, 0x5, 0x80}}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000000500)={r3}) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB="060000001efd6466acaf01c15e4e77dffd74f24c94f9ff33517aaa72801ef23f3c49704208f9b38a39ed5cbc41f638e2f837e4f8ea44edf1738fb293f6a0938447543850f62f175dd55bebbf1136403b52d49ecc488a3afb2027eee6ddcaf982e7176064dd8e9d0efa26ca4a2447e804248e032e485c854aeff9276cb7330b3ddb9814cee3d35c334e7626a3e71ffed5e9806ef91b850000", @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf251000000005002e000100000008000600", @ANYRES32=r2, @ANYBLOB="08003b00008000000600280001000000050038000100000005002d000100000008003c000400000008002b000001000005003800000000000500300001000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) r8 = openat$mice(0xffffffffffffff9c, &(0x7f0000000280), 0x200440) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000240)={0x1000, 0x2, &(0x7f0000000180)=[0x20, 0xf6ff], &(0x7f00000001c0)=[0x9, 0x0, 0x480], &(0x7f0000000200)=[0x40]}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x40) (async) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)) (async) syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x100) (async) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'ip6_vti0\x00', 0x0, 0x4, 0x79, 0x7, 0x1, 0x28, @private0, @mcast1, 0x10, 0x8000, 0x9, 0x8000}}) (async) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f00000004c0)) (async) socket$inet6_udp(0xa, 0x2, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) sendmsg$nl_xfrm(r0, &(0x7f0000000a80)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000840)=@newae={0x1c4, 0x1e, 0x20, 0x70bd27, 0x25dfdbff, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d2, 0x2, 0x6c}, @in=@loopback, 0x8e7, 0x3507}, [@policy_type={0xa, 0x10, {0x1}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xd0a}, @algo_auth_trunc={0xde, 0x14, {{'blake2s-256-arm\x00'}, 0x490, 0xc0, "6b9275a379fc139a587120257f299a9b2b14ee36512036b3506f39a84de54e9111671b60dd5d90adaad6e8e33788ea423b61572bcdf5a1b0a0d9c477013c7cc109cfe24284f2efb43da044a6684ca9f29afb7681386648c1790048e8a73c27762c28f7deb05536a506fb8d5aad6e8c0dee8284d50936258f2a9e6bca8917f1072d747aff1679b2d73ee8774032fc4424eaad"}}, @address_filter={0x28, 0x1a, {@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in=@dev={0xac, 0x14, 0x14, 0x2e}, 0x2, 0x40, 0x7}}, @replay_esn_val={0x3c, 0x17, {0x8, 0x70bd29, 0x70bd2c, 0x70bd26, 0x70bd25, 0x87f, [0x0, 0xffffffff, 0x5, 0x5, 0x1000, 0x7fffffff, 0x9, 0x1ff]}}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd28, 0x70bd2d, 0x70bd29, 0x70bd28, 0x2, [0xbbb794c7, 0x3, 0x2, 0x5]}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000400), r0) (async) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f00000007c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4500000}, 0xc, &(0x7f0000000780)={&(0x7f0000000700)={0x5c, r7, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_VERSION={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @remote}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_LINK={0x8, 0x1, r2}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async) sendto$packet(r5, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'syztnl0\x00', r6, 0x29, 0xe7, 0x9, 0x1, 0x11, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, 0x8000, 0x7800, 0x5, 0x80}}) (async) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r0, 0xc01064c1, &(0x7f0000000500)={r3}) (async) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB="060000001efd6466acaf01c15e4e77dffd74f24c94f9ff33517aaa72801ef23f3c49704208f9b38a39ed5cbc41f638e2f837e4f8ea44edf1738fb293f6a0938447543850f62f175dd55bebbf1136403b52d49ecc488a3afb2027eee6ddcaf982e7176064dd8e9d0efa26ca4a2447e804248e032e485c854aeff9276cb7330b3ddb9814cee3d35c334e7626a3e71ffed5e9806ef91b850000", @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf251000000005002e000100000008000600", @ANYRES32=r2, @ANYBLOB="08003b00008000000600280001000000050038000100000005002d000100000008003c000400000008002b000001000005003800000000000500300001000000"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000280), 0x200440) (async) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async) 13:37:50 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000280)={r1, 0x1, 0x6}, 0x10) (async, rerun: 32) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0xb97}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}]}, 0x2c}}, 0x0) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x32, 0x8, 0x6, 0x3, 0x6], 0x5, 0x800, 0x0, 0xffffffffffffffff}) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48840}, 0x4850) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:50 executing program 0: socketpair(0x22, 0x6, 0xfffeffff, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x4, 0x1000}, 0x4) [ 674.722351] FAULT_INJECTION: forcing a failure. [ 674.722351] name failslab, interval 1, probability 0, space 0, times 0 [ 674.807784] CPU: 1 PID: 11575 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 674.815687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.825040] Call Trace: [ 674.827628] dump_stack+0x1b2/0x281 [ 674.831261] should_fail.cold+0x10a/0x149 [ 674.835424] should_failslab+0xd6/0x130 [ 674.839406] kmem_cache_alloc+0x28e/0x3c0 [ 674.843564] alloc_inode+0xa0/0x170 [ 674.847194] new_inode+0x1d/0xf0 [ 674.850563] debugfs_get_inode+0x1a/0x130 [ 674.854712] __debugfs_create_file+0x93/0x440 [ 674.859207] ? debugfs_create_file+0x37/0x60 [ 674.863615] kvm_dev_ioctl+0xe7f/0x1450 [ 674.867596] ? fsnotify+0x974/0x11b0 [ 674.871311] ? kvm_put_kvm+0xab0/0xab0 [ 674.875204] ? kvm_put_kvm+0xab0/0xab0 [ 674.879110] do_vfs_ioctl+0x75a/0xff0 [ 674.882913] ? lock_acquire+0x170/0x3f0 [ 674.886886] ? ioctl_preallocate+0x1a0/0x1a0 [ 674.891300] ? __fget+0x265/0x3e0 [ 674.894754] ? do_vfs_ioctl+0xff0/0xff0 [ 674.898728] ? security_file_ioctl+0x83/0xb0 [ 674.903135] SyS_ioctl+0x7f/0xb0 13:37:50 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x77c7, 0x200, 0x4, 0x3, 0xe446, 0x1, 0x7fffffff, 0x8, 0x1, 0x9], 0xa, 0x80800}) 13:37:50 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000000240)={{0x0, 0x0, 0x80}}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0], 0x1, 0x0, 0x0, 0xffffffffffffffff}) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=@ipmr_delroute={0x9c, 0x19, 0x8, 0x70bd26, 0x25dfdbfc, {0x80, 0x10, 0x14, 0x8, 0xff, 0x3, 0xc8, 0x3, 0x2400}, [@RTA_METRICS={0x80, 0x8, 0x0, 0x1, "efc20e78cc46e05ba1b0b1b2bbde48cb4c8fc44fb62e3651532801c2e84fb781dfa41da8e70e6c79e80be31744eb21ace854086086fc553950a6d57659a3c96871f557d39c0534d08e07361940ae824fe43d2b4996c5568db16abd0a04747c918044cb7111cb89d41cb03cd6d79387855c18a5137f2b9619008450bd"}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40084}, 0x48004) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r3, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000002340)={'syztnl0\x00', &(0x7f00000022c0)={'syztnl2\x00', r4, 0x4, 0xaf, 0x7, 0x1d, 0x40, @empty, @mcast2, 0x7, 0x8, 0x7}}) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_GET_NESTED_STATE(r0, 0xc080aebe, &(0x7f0000000240)={{0x0, 0x0, 0x80}}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0], 0x1}) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) (async) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=@ipmr_delroute={0x9c, 0x19, 0x8, 0x70bd26, 0x25dfdbfc, {0x80, 0x10, 0x14, 0x8, 0xff, 0x3, 0xc8, 0x3, 0x2400}, [@RTA_METRICS={0x80, 0x8, 0x0, 0x1, "efc20e78cc46e05ba1b0b1b2bbde48cb4c8fc44fb62e3651532801c2e84fb781dfa41da8e70e6c79e80be31744eb21ace854086086fc553950a6d57659a3c96871f557d39c0534d08e07361940ae824fe43d2b4996c5568db16abd0a04747c918044cb7111cb89d41cb03cd6d79387855c18a5137f2b9619008450bd"}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40084}, 0x48004) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r3, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000002340)={'syztnl0\x00', &(0x7f00000022c0)={'syztnl2\x00', r4, 0x4, 0xaf, 0x7, 0x1d, 0x40, @empty, @mcast2, 0x7, 0x8, 0x7}}) (async) 13:37:50 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7fff, 0x7], 0x2, 0x0, 0x0, 0xffffffffffffffff}) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r3, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xe5c1}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x8a503cfe5da6d270) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r5, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r5, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) 13:37:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000040)) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x8, 0x6, 0x5, 0x7, 0x3, 0xfffff218], 0x7, 0x80800, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x101], 0x1, 0x0, 0x0, 0xffffffffffffffff}) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x11, 0x80000000, 0x4, 0x0, 0x360, r1, 0x0, '\x00', 0x0, r2, 0x1, 0x2, 0x2}, 0x48) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) r7 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000540), 0x82842) socket$packet(0x11, 0x3, 0x300) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1d, 0x7fffffff, 0x4, 0x1, 0x21, 0xffffffffffffffff, 0x8, '\x00', 0x0, r7, 0x2, 0x3, 0x3}, 0x48) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x8, 0x200, 0x9, 0x80, 0x4, 0x1, 0x5, '\x00', 0x0, r2, 0x5, 0x1, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x9}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3ff}, @jmp={0x5, 0x1, 0x4, 0x9, 0xb, 0xffffffffffffffc0, 0xfffffffffffffff0}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x7f, &(0x7f0000000100)=""/127, 0x40f00, 0x4, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0xd, 0x8001, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r4, r2, r5, r6, r7, r8, r9]}, 0x80) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 674.906500] ? do_vfs_ioctl+0xff0/0xff0 [ 674.910586] do_syscall_64+0x1d5/0x640 [ 674.914476] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 674.919661] RIP: 0033:0x7fa37e383109 [ 674.923363] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 674.931066] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 674.938330] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 674.945594] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:51 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x77c7, 0x200, 0x4, 0x3, 0xe446, 0x1, 0x7fffffff, 0x8, 0x1, 0x9], 0xa, 0x80800}) [ 674.952861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 674.960128] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 29) 13:37:51 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000280)={r1, 0x1, 0x6}, 0x10) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0xb97}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}]}, 0x2c}}, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x32, 0x8, 0x6, 0x3, 0x6], 0x5, 0x800, 0x0, 0xffffffffffffffff}) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48840}, 0x4850) socketpair(0x2, 0x1, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000280)={r1, 0x1, 0x6}, 0x10) (async) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0xb97}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}]}, 0x2c}}, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x32, 0x8, 0x6, 0x3, 0x6], 0x5, 0x800}) (async) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48840}, 0x4850) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) 13:37:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000040)) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x8, 0x6, 0x5, 0x7, 0x3, 0xfffff218], 0x7, 0x80800, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x101], 0x1, 0x0, 0x0, 0xffffffffffffffff}) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x11, 0x80000000, 0x4, 0x0, 0x360, r1, 0x0, '\x00', 0x0, r2, 0x1, 0x2, 0x2}, 0x48) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) r7 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000540), 0x82842) socket$packet(0x11, 0x3, 0x300) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1d, 0x7fffffff, 0x4, 0x1, 0x21, 0xffffffffffffffff, 0x8, '\x00', 0x0, r7, 0x2, 0x3, 0x3}, 0x48) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x8, 0x200, 0x9, 0x80, 0x4, 0x1, 0x5, '\x00', 0x0, r2, 0x5, 0x1, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x9}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3ff}, @jmp={0x5, 0x1, 0x4, 0x9, 0xb, 0xffffffffffffffc0, 0xfffffffffffffff0}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x7f, &(0x7f0000000100)=""/127, 0x40f00, 0x4, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0xd, 0x8001, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r4, r2, r5, r6, r7, r8, r9]}, 0x80) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000040)) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x8, 0x6, 0x5, 0x7, 0x3, 0xfffff218], 0x7, 0x80800}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x101], 0x1}) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x11, 0x80000000, 0x4, 0x0, 0x360, r1, 0x0, '\x00', 0x0, r2, 0x1, 0x2, 0x2}, 0x48) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000540), 0x82842) (async) socket$packet(0x11, 0x3, 0x300) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1d, 0x7fffffff, 0x4, 0x1, 0x21, 0xffffffffffffffff, 0x8, '\x00', 0x0, r7, 0x2, 0x3, 0x3}, 0x48) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x8, 0x200, 0x9, 0x80, 0x4, 0x1, 0x5, '\x00', 0x0, r2, 0x5, 0x1, 0x5}, 0x48) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x9}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3ff}, @jmp={0x5, 0x1, 0x4, 0x9, 0xb, 0xffffffffffffffc0, 0xfffffffffffffff0}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x7f, &(0x7f0000000100)=""/127, 0x40f00, 0x4, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0xd, 0x8001, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r4, r2, r5, r6, r7, r8, r9]}, 0x80) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:51 executing program 3: ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0xaa000000, 0x5, 0x6, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00464b4, &(0x7f0000000040)={r0}) socketpair(0x29, 0x5, 0x802, 0x0) 13:37:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7fff, 0x7], 0x2, 0x0, 0x0, 0xffffffffffffffff}) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r3, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xe5c1}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x8a503cfe5da6d270) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r5, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r5, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7fff, 0x7], 0x2}) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r3, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xe5c1}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x8a503cfe5da6d270) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r5, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r5, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) (async) 13:37:51 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000000)=0x400, 0x4) 13:37:51 executing program 3: ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0xaa000000, 0x5, 0x6, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00464b4, &(0x7f0000000040)={r0}) (async) socketpair(0x29, 0x5, 0x802, 0x0) 13:37:51 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x77c7, 0x200, 0x4, 0x3, 0xe446, 0x1, 0x7fffffff, 0x8, 0x1, 0x9], 0xa, 0x80800}) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x77c7, 0x200, 0x4, 0x3, 0xe446, 0x1, 0x7fffffff, 0x8, 0x1, 0x9], 0xa, 0x80800}) (async) [ 675.102493] FAULT_INJECTION: forcing a failure. [ 675.102493] name failslab, interval 1, probability 0, space 0, times 0 [ 675.147252] CPU: 1 PID: 11658 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 675.155160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.164512] Call Trace: [ 675.167099] dump_stack+0x1b2/0x281 [ 675.170731] should_fail.cold+0x10a/0x149 [ 675.174882] should_failslab+0xd6/0x130 [ 675.178858] kmem_cache_alloc_trace+0x29a/0x3d0 [ 675.183525] ? debugfs_create_file+0x37/0x60 [ 675.187943] kvm_dev_ioctl+0xce6/0x1450 [ 675.191920] ? fsnotify+0x974/0x11b0 [ 675.195637] ? kvm_put_kvm+0xab0/0xab0 [ 675.199526] ? kvm_put_kvm+0xab0/0xab0 [ 675.203423] do_vfs_ioctl+0x75a/0xff0 [ 675.207231] ? lock_acquire+0x170/0x3f0 [ 675.211210] ? ioctl_preallocate+0x1a0/0x1a0 [ 675.215631] ? __fget+0x265/0x3e0 [ 675.219088] ? do_vfs_ioctl+0xff0/0xff0 [ 675.223059] ? security_file_ioctl+0x83/0xb0 [ 675.227472] SyS_ioctl+0x7f/0xb0 [ 675.230835] ? do_vfs_ioctl+0xff0/0xff0 [ 675.234818] do_syscall_64+0x1d5/0x640 [ 675.238709] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 675.243890] RIP: 0033:0x7fa37e383109 13:37:51 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000000)=0x400, 0x4) socketpair(0x2, 0x1, 0x0, 0x0) (async) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000000)=0x400, 0x4) (async) 13:37:51 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 64) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000040)) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x8, 0x6, 0x5, 0x7, 0x3, 0xfffff218], 0x7, 0x80800, 0x0, 0xffffffffffffffff}) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x101], 0x1, 0x0, 0x0, 0xffffffffffffffff}) (async) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x11, 0x80000000, 0x4, 0x0, 0x360, r1, 0x0, '\x00', 0x0, r2, 0x1, 0x2, 0x2}, 0x48) (async, rerun: 64) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) r7 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r7, 0xc008aeb0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000540), 0x82842) socket$packet(0x11, 0x3, 0x300) (async, rerun: 64) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1d, 0x7fffffff, 0x4, 0x1, 0x21, 0xffffffffffffffff, 0x8, '\x00', 0x0, r7, 0x2, 0x3, 0x3}, 0x48) (async, rerun: 64) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x8, 0x200, 0x9, 0x80, 0x4, 0x1, 0x5, '\x00', 0x0, r2, 0x5, 0x1, 0x5}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x9}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3ff}, @jmp={0x5, 0x1, 0x4, 0x9, 0xb, 0xffffffffffffffc0, 0xfffffffffffffff0}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7}]}, &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x7f, &(0x7f0000000100)=""/127, 0x40f00, 0x4, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000200)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0xd, 0x8001, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r4, r2, r5, r6, r7, r8, r9]}, 0x80) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 675.247593] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 675.255295] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 675.262589] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 675.269856] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 675.277116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 675.284382] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7fff, 0x7], 0x2, 0x0, 0x0, 0xffffffffffffffff}) r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r3, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xe5c1}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x8a503cfe5da6d270) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r5, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r5, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7fff, 0x7], 0x2}) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r3, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xe5c1}, @L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x8a503cfe5da6d270) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r5, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r5, 0x8, 0x70bd2c, 0x25dfdbfc, {}, [@L2TP_ATTR_L2SPEC_TYPE={0x5}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) (async) 13:37:51 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 64) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000000)=0x400, 0x4) (rerun: 64) 13:37:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 30) 13:37:51 executing program 3: ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0xaa000000, 0x5, 0x6, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00464b4, &(0x7f0000000040)={r0}) socketpair(0x29, 0x5, 0x802, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0xaa000000, 0x5, 0x6}) (async) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00464b4, &(0x7f0000000040)={r0}) (async) socketpair(0x29, 0x5, 0x802, 0x0) (async) 13:37:51 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x0, 0x400, 0x70bd2e, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x404400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:51 executing program 1: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000200)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000240)=""/4096) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r2}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001280)={&(0x7f0000001240)=[0x64b], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f00000001c0)={r1, 0x5, &(0x7f00000000c0)=[0x1a, 0x80000001, 0xfffffb0f, 0x0, 0x4], &(0x7f0000000100)=[0x80000001, 0x5, 0x20, 0x5, 0xff5c, 0x5], 0x40, 0x2, 0x71, &(0x7f0000000140)=[0x5, 0x1], &(0x7f0000000180)=[0x81, 0x4, 0x3d47]}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000012c0), 0x1b5600, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) 13:37:51 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x1000}, 0x4) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:51 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x0, 0x400, 0x70bd2e, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x0) (async) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) [ 675.512004] FAULT_INJECTION: forcing a failure. [ 675.512004] name failslab, interval 1, probability 0, space 0, times 0 13:37:51 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) 13:37:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x404400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 675.560670] CPU: 0 PID: 11775 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 675.568589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.577942] Call Trace: [ 675.580538] dump_stack+0x1b2/0x281 [ 675.584172] should_fail.cold+0x10a/0x149 [ 675.588324] should_failslab+0xd6/0x130 [ 675.592307] kmem_cache_alloc+0x28e/0x3c0 [ 675.596454] __d_alloc+0x2a/0xa20 [ 675.599905] ? d_lookup+0x172/0x220 [ 675.603532] d_alloc+0x46/0x240 [ 675.607171] __lookup_hash+0x101/0x270 13:37:51 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) 13:37:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x404400, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 675.611057] ? __inode_permission+0xcd/0x2f0 [ 675.615466] lookup_one_len+0x279/0x3a0 [ 675.619443] ? lookup_one_len_unlocked+0x410/0x410 [ 675.624377] start_creating+0xb0/0x200 [ 675.628264] __debugfs_create_file+0x4f/0x440 [ 675.632764] ? debugfs_create_file+0x37/0x60 [ 675.637174] kvm_dev_ioctl+0xe7f/0x1450 [ 675.641151] ? fsnotify+0x974/0x11b0 [ 675.644897] ? kvm_put_kvm+0xab0/0xab0 [ 675.648785] ? kvm_put_kvm+0xab0/0xab0 [ 675.652667] do_vfs_ioctl+0x75a/0xff0 [ 675.656476] ? lock_acquire+0x170/0x3f0 13:37:51 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) socketpair(0x2, 0x1, 0x0, 0x0) (async) [ 675.660450] ? ioctl_preallocate+0x1a0/0x1a0 [ 675.664858] ? __fget+0x265/0x3e0 [ 675.668311] ? do_vfs_ioctl+0xff0/0xff0 [ 675.672291] ? security_file_ioctl+0x83/0xb0 [ 675.676700] SyS_ioctl+0x7f/0xb0 [ 675.680063] ? do_vfs_ioctl+0xff0/0xff0 [ 675.684039] do_syscall_64+0x1d5/0x640 [ 675.687930] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 675.693142] RIP: 0033:0x7fa37e383109 [ 675.696846] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:51 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 31) 13:37:51 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000080)={0x800, {0x2, 0xf5a, 0x8, 0x46153ab, 0x6, 0x6}}) 13:37:51 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x800, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000008) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:51 executing program 1: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)={0x0}) (async, rerun: 32) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000200)={0x0, 0x80000, 0xffffffffffffffff}) (rerun: 32) ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000240)=""/4096) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r2}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001280)={&(0x7f0000001240)=[0x64b], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f00000001c0)={r1, 0x5, &(0x7f00000000c0)=[0x1a, 0x80000001, 0xfffffb0f, 0x0, 0x4], &(0x7f0000000100)=[0x80000001, 0x5, 0x20, 0x5, 0xff5c, 0x5], 0x40, 0x2, 0x71, &(0x7f0000000140)=[0x5, 0x1], &(0x7f0000000180)=[0x81, 0x4, 0x3d47]}) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000012c0), 0x1b5600, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) 13:37:51 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x0, 0x400, 0x70bd2e, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x50, 0x0, 0x400, 0x70bd2e, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x18}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x81}, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) 13:37:51 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x1000}, 0x4) (async) socketpair(0x2, 0x1, 0x0, 0x0) [ 675.704560] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 675.711829] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 675.719181] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 675.726446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 675.733717] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:51 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x1000}, 0x4) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:51 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000080)={0x800, {0x2, 0xf5a, 0x8, 0x46153ab, 0x6, 0x6}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000080)={0x800, {0x2, 0xf5a, 0x8, 0x46153ab, 0x6, 0x6}}) (async) 13:37:51 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x800, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000008) socketpair(0x2, 0x1, 0x0, 0x0) [ 675.871603] FAULT_INJECTION: forcing a failure. [ 675.871603] name failslab, interval 1, probability 0, space 0, times 0 13:37:51 executing program 0: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x8f2, 0x81, 0x4, 0x104c}, {0x101, 0x3, 0x1, 0x8}, {0x401, 0x80, 0xfb, 0x6351}, {0x6, 0xf8, 0x69, 0x1}]}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000080)={0x0, 0x1000, 0x3f}) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000000c0)={0x0, 0x86, 0x5}) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:52 executing program 1: ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)={0x0}) (async) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000200)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000240)=""/4096) (async, rerun: 32) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r2}) (rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001280)={&(0x7f0000001240)=[0x64b], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f00000001c0)={r1, 0x5, &(0x7f00000000c0)=[0x1a, 0x80000001, 0xfffffb0f, 0x0, 0x4], &(0x7f0000000100)=[0x80000001, 0x5, 0x20, 0x5, 0xff5c, 0x5], 0x40, 0x2, 0x71, &(0x7f0000000140)=[0x5, 0x1], &(0x7f0000000180)=[0x81, 0x4, 0x3d47]}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000012c0), 0x1b5600, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) [ 675.932848] CPU: 1 PID: 11816 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 675.940769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.950129] Call Trace: [ 675.952722] dump_stack+0x1b2/0x281 [ 675.956359] should_fail.cold+0x10a/0x149 [ 675.960513] should_failslab+0xd6/0x130 [ 675.964490] kmem_cache_alloc+0x28e/0x3c0 [ 675.968641] alloc_inode+0xa0/0x170 [ 675.972273] new_inode+0x1d/0xf0 [ 675.975642] debugfs_get_inode+0x1a/0x130 [ 675.979804] __debugfs_create_file+0x93/0x440 [ 675.984301] ? debugfs_create_file+0x37/0x60 [ 675.988712] kvm_dev_ioctl+0xe7f/0x1450 [ 675.992689] ? fsnotify+0x974/0x11b0 [ 675.996408] ? kvm_put_kvm+0xab0/0xab0 [ 676.000303] ? kvm_put_kvm+0xab0/0xab0 [ 676.004192] do_vfs_ioctl+0x75a/0xff0 [ 676.008026] ? lock_acquire+0x170/0x3f0 [ 676.012000] ? ioctl_preallocate+0x1a0/0x1a0 [ 676.016411] ? __fget+0x265/0x3e0 [ 676.019861] ? do_vfs_ioctl+0xff0/0xff0 [ 676.023833] ? security_file_ioctl+0x83/0xb0 [ 676.028246] SyS_ioctl+0x7f/0xb0 [ 676.031625] ? do_vfs_ioctl+0xff0/0xff0 [ 676.035597] do_syscall_64+0x1d5/0x640 [ 676.039490] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 676.044682] RIP: 0033:0x7fa37e383109 [ 676.048426] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 676.056132] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 676.063392] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 676.070656] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c5c3, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 32) 13:37:52 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x800, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000008) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:52 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000080)={0x800, {0x2, 0xf5a, 0x8, 0x46153ab, 0x6, 0x6}}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$UI_ABS_SETUP(0xffffffffffffffff, 0x401c5504, &(0x7f0000000080)={0x800, {0x2, 0xf5a, 0x8, 0x46153ab, 0x6, 0x6}}) (async) 13:37:52 executing program 3: syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff) socketpair(0xa, 0x2, 0x0, 0x0) 13:37:52 executing program 0: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x8f2, 0x81, 0x4, 0x104c}, {0x101, 0x3, 0x1, 0x8}, {0x401, 0x80, 0xfb, 0x6351}, {0x6, 0xf8, 0x69, 0x1}]}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000080)={0x0, 0x1000, 0x3f}) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000000c0)={0x0, 0x86, 0x5}) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x8f2, 0x81, 0x4, 0x104c}, {0x101, 0x3, 0x1, 0x8}, {0x401, 0x80, 0xfb, 0x6351}, {0x6, 0xf8, 0x69, 0x1}]}) (async) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000080)={0x0, 0x1000, 0x3f}) (async) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000000c0)={0x0, 0x86, 0x5}) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) [ 676.077924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 676.085365] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c5c3, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c5c3, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:52 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x400) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000040)={0x94, 0x3, {0xffffffffffffffff}, {0xee00}}) r1 = syz_open_dev$dri(&(0x7f0000000080), 0xfd, 0x40000) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x10000}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000100)={0x0, r2}) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:52 executing program 0: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x8f2, 0x81, 0x4, 0x104c}, {0x101, 0x3, 0x1, 0x8}, {0x401, 0x80, 0xfb, 0x6351}, {0x6, 0xf8, 0x69, 0x1}]}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000080)={0x0, 0x1000, 0x3f}) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000000c0)={0x0, 0x86, 0x5}) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:52 executing program 3: syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff) (async) socketpair(0xa, 0x2, 0x0, 0x0) [ 676.250169] FAULT_INJECTION: forcing a failure. [ 676.250169] name failslab, interval 1, probability 0, space 0, times 0 [ 676.303700] CPU: 0 PID: 11885 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 676.311617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.320966] Call Trace: [ 676.323553] dump_stack+0x1b2/0x281 [ 676.327185] should_fail.cold+0x10a/0x149 [ 676.331334] should_failslab+0xd6/0x130 [ 676.335307] kmem_cache_alloc+0x28e/0x3c0 [ 676.339458] alloc_inode+0xa0/0x170 [ 676.343083] new_inode+0x1d/0xf0 [ 676.346446] debugfs_get_inode+0x1a/0x130 [ 676.350591] __debugfs_create_file+0x93/0x440 [ 676.355083] ? debugfs_create_file+0x37/0x60 [ 676.359489] kvm_dev_ioctl+0xe7f/0x1450 [ 676.363639] ? fsnotify+0x974/0x11b0 [ 676.367348] ? kvm_put_kvm+0xab0/0xab0 [ 676.371238] ? kvm_put_kvm+0xab0/0xab0 [ 676.375131] do_vfs_ioctl+0x75a/0xff0 [ 676.378935] ? lock_acquire+0x170/0x3f0 [ 676.382905] ? ioctl_preallocate+0x1a0/0x1a0 [ 676.387309] ? __fget+0x265/0x3e0 [ 676.390760] ? do_vfs_ioctl+0xff0/0xff0 [ 676.394735] ? security_file_ioctl+0x83/0xb0 [ 676.399141] SyS_ioctl+0x7f/0xb0 13:37:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2c5c3, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 676.402499] ? do_vfs_ioctl+0xff0/0xff0 [ 676.406476] do_syscall_64+0x1d5/0x640 [ 676.410365] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 676.415542] RIP: 0033:0x7fa37e383109 [ 676.419236] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 676.426937] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 676.434203] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 676.441466] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:52 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x400) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000040)={0x94, 0x3, {0xffffffffffffffff}, {0xee00}}) (async) r1 = syz_open_dev$dri(&(0x7f0000000080), 0xfd, 0x40000) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x10000}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000100)={0x0, r2}) socketpair(0x2, 0x1, 0x0, 0x0) [ 676.448733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 676.455997] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 33) 13:37:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:52 executing program 3: syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), 0xffffffffffffffff) (async) socketpair(0xa, 0x2, 0x0, 0x0) 13:37:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000240)=0x2, 0x4) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vxcan1\x00', 0x0}) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)="649cf573d749910fe20a77df1ba05db817515a645def950961e10af138b2cbf359d4c61087363672102d80a09dd3b76768bb53590549b83cc1b7d2ca9ca27f4bad8823c6a207bda8dc2e96586b4f90f36b5375887cae14a7fe4c0a35ebc9d86868fde1b628c3354326ead18563d29c89959c6be1788e7c44e2896e5f76012b579c70404000baf529aefc202465df32f6d591722d65245a7d6e4bcef26fb10d4e8ce4f53e583b3b5f3066221aad0a061573780662a05abf", 0xb7, 0x204c0d0, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0xb7, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) getsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000001c0), &(0x7f0000000200)=0x4) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:52 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x400) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000040)={0x94, 0x3, {0xffffffffffffffff}, {0xee00}}) (async) r1 = syz_open_dev$dri(&(0x7f0000000080), 0xfd, 0x40000) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x10000}) ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000100)={0x0, r2}) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:52 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80102, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000240)=0x2, 0x4) (async) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async, rerun: 64) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vxcan1\x00', 0x0}) (rerun: 64) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)="649cf573d749910fe20a77df1ba05db817515a645def950961e10af138b2cbf359d4c61087363672102d80a09dd3b76768bb53590549b83cc1b7d2ca9ca27f4bad8823c6a207bda8dc2e96586b4f90f36b5375887cae14a7fe4c0a35ebc9d86868fde1b628c3354326ead18563d29c89959c6be1788e7c44e2896e5f76012b579c70404000baf529aefc202465df32f6d591722d65245a7d6e4bcef26fb10d4e8ce4f53e583b3b5f3066221aad0a061573780662a05abf", 0xb7, 0x204c0d0, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0xb7, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) (async, rerun: 32) getsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000001c0), &(0x7f0000000200)=0x4) (rerun: 32) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:52 executing program 4: setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x8, 0x20, 0x83, 0x81}, {0x9, 0x15, 0x3, 0x10000}, {0xf98, 0x0, 0xf9, 0x4}, {0x40, 0xff, 0x7f, 0x80000001}, {0x6, 0x1, 0x6, 0x6}, {0x3ff, 0x12, 0x8, 0x1}, {0x9, 0x6, 0x3f}, {0x8, 0x3f, 0x0, 0x631}]}, 0x10) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x7}, 0x4) socketpair(0x2, 0x1, 0x0, 0x0) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000000c0), &(0x7f0000000100)=0x4) [ 676.586663] FAULT_INJECTION: forcing a failure. [ 676.586663] name failslab, interval 1, probability 0, space 0, times 0 [ 676.621888] CPU: 0 PID: 11930 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 676.629799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.639154] Call Trace: [ 676.641741] dump_stack+0x1b2/0x281 [ 676.645373] should_fail.cold+0x10a/0x149 [ 676.649524] should_failslab+0xd6/0x130 [ 676.653501] kmem_cache_alloc+0x28e/0x3c0 [ 676.657653] alloc_inode+0xa0/0x170 [ 676.661277] new_inode+0x1d/0xf0 [ 676.664643] debugfs_get_inode+0x1a/0x130 [ 676.668792] __debugfs_create_file+0x93/0x440 [ 676.673287] ? debugfs_create_file+0x37/0x60 [ 676.677698] kvm_dev_ioctl+0xe7f/0x1450 [ 676.681679] ? fsnotify+0x974/0x11b0 [ 676.685392] ? kvm_put_kvm+0xab0/0xab0 [ 676.689291] ? kvm_put_kvm+0xab0/0xab0 [ 676.693183] do_vfs_ioctl+0x75a/0xff0 [ 676.696984] ? lock_acquire+0x170/0x3f0 [ 676.700959] ? ioctl_preallocate+0x1a0/0x1a0 [ 676.705365] ? __fget+0x265/0x3e0 [ 676.708820] ? do_vfs_ioctl+0xff0/0xff0 [ 676.712902] ? security_file_ioctl+0x83/0xb0 [ 676.717307] SyS_ioctl+0x7f/0xb0 [ 676.720668] ? do_vfs_ioctl+0xff0/0xff0 [ 676.724642] do_syscall_64+0x1d5/0x640 [ 676.728530] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 676.733713] RIP: 0033:0x7fa37e383109 13:37:52 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/24, &(0x7f00000001c0)=0x18) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) socketpair(0x2, 0x1, 0x0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'}) 13:37:52 executing program 4: setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x8, 0x20, 0x83, 0x81}, {0x9, 0x15, 0x3, 0x10000}, {0xf98, 0x0, 0xf9, 0x4}, {0x40, 0xff, 0x7f, 0x80000001}, {0x6, 0x1, 0x6, 0x6}, {0x3ff, 0x12, 0x8, 0x1}, {0x9, 0x6, 0x3f}, {0x8, 0x3f, 0x0, 0x631}]}, 0x10) (async) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x7}, 0x4) (async, rerun: 32) socketpair(0x2, 0x1, 0x0, 0x0) (rerun: 32) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000000c0), &(0x7f0000000100)=0x4) 13:37:52 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000240)=0x2, 0x4) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vxcan1\x00', 0x0}) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)="649cf573d749910fe20a77df1ba05db817515a645def950961e10af138b2cbf359d4c61087363672102d80a09dd3b76768bb53590549b83cc1b7d2ca9ca27f4bad8823c6a207bda8dc2e96586b4f90f36b5375887cae14a7fe4c0a35ebc9d86868fde1b628c3354326ead18563d29c89959c6be1788e7c44e2896e5f76012b579c70404000baf529aefc202465df32f6d591722d65245a7d6e4bcef26fb10d4e8ce4f53e583b3b5f3066221aad0a061573780662a05abf", 0xb7, 0x204c0d0, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0xb7, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) getsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000001c0), &(0x7f0000000200)=0x4) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000240)=0x2, 0x4) (async) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vxcan1\x00'}) (async) sendto$packet(0xffffffffffffffff, &(0x7f0000000000)="649cf573d749910fe20a77df1ba05db817515a645def950961e10af138b2cbf359d4c61087363672102d80a09dd3b76768bb53590549b83cc1b7d2ca9ca27f4bad8823c6a207bda8dc2e96586b4f90f36b5375887cae14a7fe4c0a35ebc9d86868fde1b628c3354326ead18563d29c89959c6be1788e7c44e2896e5f76012b579c70404000baf529aefc202465df32f6d591722d65245a7d6e4bcef26fb10d4e8ce4f53e583b3b5f3066221aad0a061573780662a05abf", 0xb7, 0x204c0d0, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0xb7, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) (async) getsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000001c0), &(0x7f0000000200)=0x4) (async) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) [ 676.737419] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 676.745123] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 676.752527] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 676.759890] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 676.767158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 676.774420] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 34) 13:37:52 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80102, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (rerun: 32) 13:37:53 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/24, &(0x7f00000001c0)=0x18) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) socketpair(0x2, 0x1, 0x0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'}) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) (async) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/24, &(0x7f00000001c0)=0x18) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'}) (async) 13:37:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) getpeername$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) connect$packet(r0, &(0x7f0000000100)={0x11, 0x2, r2, 0x1, 0x13, 0x6, @random="4fa5ce7dc9bb"}, 0x14) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000300)={&(0x7f00000002c0)=[0x1ff, 0x6, 0x4, 0x3, 0x5, 0x9], 0x6, 0x800, 0x0, 0xffffffffffffffff}) getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000380)=0x14) bind$packet(r0, &(0x7f0000000080)={0x11, 0x1a, r1, 0x1, 0x2, 0x6, @local}, 0x14) 13:37:53 executing program 4: setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x8, 0x20, 0x83, 0x81}, {0x9, 0x15, 0x3, 0x10000}, {0xf98, 0x0, 0xf9, 0x4}, {0x40, 0xff, 0x7f, 0x80000001}, {0x6, 0x1, 0x6, 0x6}, {0x3ff, 0x12, 0x8, 0x1}, {0x9, 0x6, 0x3f}, {0x8, 0x3f, 0x0, 0x631}]}, 0x10) (async, rerun: 32) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x7}, 0x4) (rerun: 32) socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 64) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000000c0), &(0x7f0000000100)=0x4) (rerun: 64) 13:37:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 676.920148] FAULT_INJECTION: forcing a failure. [ 676.920148] name failslab, interval 1, probability 0, space 0, times 0 [ 676.981191] CPU: 1 PID: 11984 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 676.989100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 676.998450] Call Trace: [ 677.001038] dump_stack+0x1b2/0x281 [ 677.004680] should_fail.cold+0x10a/0x149 [ 677.008831] should_failslab+0xd6/0x130 [ 677.012807] kmem_cache_alloc+0x28e/0x3c0 [ 677.016960] alloc_inode+0xa0/0x170 [ 677.020762] new_inode+0x1d/0xf0 [ 677.024126] debugfs_get_inode+0x1a/0x130 [ 677.028269] __debugfs_create_file+0x93/0x440 [ 677.032778] ? debugfs_create_file+0x37/0x60 [ 677.037183] kvm_dev_ioctl+0xe7f/0x1450 [ 677.041160] ? fsnotify+0x974/0x11b0 [ 677.044874] ? kvm_put_kvm+0xab0/0xab0 [ 677.048787] ? kvm_put_kvm+0xab0/0xab0 [ 677.052676] do_vfs_ioctl+0x75a/0xff0 [ 677.056477] ? lock_acquire+0x170/0x3f0 [ 677.060544] ? ioctl_preallocate+0x1a0/0x1a0 [ 677.064949] ? __fget+0x265/0x3e0 [ 677.068398] ? do_vfs_ioctl+0xff0/0xff0 [ 677.072379] ? security_file_ioctl+0x83/0xb0 [ 677.076784] SyS_ioctl+0x7f/0xb0 13:37:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:53 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x48, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@GTPA_FLOW={0x6, 0x6, 0x8001}, @GTPA_I_TEI={0x8, 0x8, 0x2}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8}, @GTPA_TID={0xc, 0x3, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = getuid() sendmsg$nl_xfrm(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=@report={0xec, 0x20, 0x4, 0x70bd27, 0x25dfdbfc, {0x33, {@in6=@mcast2, @in=@empty, 0x4e20, 0xffff, 0x4e23, 0x30c, 0x2, 0xa0, 0xb07012a239b76ce2, 0x88, 0x0, r2}}, [@policy_type={0xa, 0x10, {0x1}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e20, 0x4e20, @in6=@ipv4={'\x00', '\xff\xff', @empty}}}, @offload={0xc, 0x1c, {0x0, 0x2}}, @coaddr={0x14, 0xe, @in=@rand_addr=0x64010100}, @lifetime_val={0x24, 0x9, {0x9, 0x6, 0x1, 0x9}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xffffffff}, @user_kmaddress={0x2c, 0x13, {@in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x1c}, 0x0, 0xa}}]}, 0xec}, 0x1, 0x0, 0x0, 0x4}, 0x40805) 13:37:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 677.080144] ? do_vfs_ioctl+0xff0/0xff0 [ 677.084117] do_syscall_64+0x1d5/0x640 [ 677.088005] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 677.093189] RIP: 0033:0x7fa37e383109 [ 677.096902] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 677.104608] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 677.111870] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 677.119221] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:53 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x48, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@GTPA_FLOW={0x6, 0x6, 0x8001}, @GTPA_I_TEI={0x8, 0x8, 0x2}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8}, @GTPA_TID={0xc, 0x3, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) r2 = getuid() sendmsg$nl_xfrm(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=@report={0xec, 0x20, 0x4, 0x70bd27, 0x25dfdbfc, {0x33, {@in6=@mcast2, @in=@empty, 0x4e20, 0xffff, 0x4e23, 0x30c, 0x2, 0xa0, 0xb07012a239b76ce2, 0x88, 0x0, r2}}, [@policy_type={0xa, 0x10, {0x1}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e20, 0x4e20, @in6=@ipv4={'\x00', '\xff\xff', @empty}}}, @offload={0xc, 0x1c, {0x0, 0x2}}, @coaddr={0x14, 0xe, @in=@rand_addr=0x64010100}, @lifetime_val={0x24, 0x9, {0x9, 0x6, 0x1, 0x9}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xffffffff}, @user_kmaddress={0x2c, 0x13, {@in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x1c}, 0x0, 0xa}}]}, 0xec}, 0x1, 0x0, 0x0, 0x4}, 0x40805) 13:37:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) getpeername$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) (async) connect$packet(r0, &(0x7f0000000100)={0x11, 0x2, r2, 0x1, 0x13, 0x6, @random="4fa5ce7dc9bb"}, 0x14) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000300)={&(0x7f00000002c0)=[0x1ff, 0x6, 0x4, 0x3, 0x5, 0x9], 0x6, 0x800, 0x0, 0xffffffffffffffff}) getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000380)=0x14) (async) bind$packet(r0, &(0x7f0000000080)={0x11, 0x1a, r1, 0x1, 0x2, 0x6, @local}, 0x14) [ 677.126481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 677.133741] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:53 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 35) [ 677.410071] FAULT_INJECTION: forcing a failure. [ 677.410071] name failslab, interval 1, probability 0, space 0, times 0 [ 677.423634] CPU: 1 PID: 12124 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 677.431533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 677.440880] Call Trace: [ 677.443470] dump_stack+0x1b2/0x281 [ 677.447100] should_fail.cold+0x10a/0x149 [ 677.451251] should_failslab+0xd6/0x130 [ 677.455228] kmem_cache_alloc_trace+0x29a/0x3d0 13:37:53 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80102, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:53 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0) getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x6, &(0x7f0000000180)=""/24, &(0x7f00000001c0)=0x18) (async, rerun: 32) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) (async, rerun: 32) socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 64) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'}) 13:37:53 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x48, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@GTPA_FLOW={0x6, 0x6, 0x8001}, @GTPA_I_TEI={0x8, 0x8, 0x2}, @GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8}, @GTPA_TID={0xc, 0x3, 0x2}, @GTPA_O_TEI={0x8, 0x9, 0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = getuid() sendmsg$nl_xfrm(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=@report={0xec, 0x20, 0x4, 0x70bd27, 0x25dfdbfc, {0x33, {@in6=@mcast2, @in=@empty, 0x4e20, 0xffff, 0x4e23, 0x30c, 0x2, 0xa0, 0xb07012a239b76ce2, 0x88, 0x0, r2}}, [@policy_type={0xa, 0x10, {0x1}}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e20, 0x4e20, @in6=@ipv4={'\x00', '\xff\xff', @empty}}}, @offload={0xc, 0x1c, {0x0, 0x2}}, @coaddr={0x14, 0xe, @in=@rand_addr=0x64010100}, @lifetime_val={0x24, 0x9, {0x9, 0x6, 0x1, 0x9}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xffffffff}, @user_kmaddress={0x2c, 0x13, {@in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x1c}, 0x0, 0xa}}]}, 0xec}, 0x1, 0x0, 0x0, 0x4}, 0x40805) 13:37:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) getpeername$packet(r0, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000180)=0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', 0x0}) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) connect$packet(r0, &(0x7f0000000100)={0x11, 0x2, r2, 0x1, 0x13, 0x6, @random="4fa5ce7dc9bb"}, 0x14) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000300)={&(0x7f00000002c0)=[0x1ff, 0x6, 0x4, 0x3, 0x5, 0x9], 0x6, 0x800, 0x0, 0xffffffffffffffff}) getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000380)=0x14) bind$packet(r0, &(0x7f0000000080)={0x11, 0x1a, r1, 0x1, 0x2, 0x6, @local}, 0x14) 13:37:53 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) [ 677.459899] ? debugfs_create_file+0x37/0x60 [ 677.464312] kvm_dev_ioctl+0xce6/0x1450 [ 677.468292] ? fsnotify+0x974/0x11b0 [ 677.472004] ? kvm_put_kvm+0xab0/0xab0 [ 677.475896] ? kvm_put_kvm+0xab0/0xab0 [ 677.479782] do_vfs_ioctl+0x75a/0xff0 [ 677.483616] ? lock_acquire+0x170/0x3f0 [ 677.487585] ? ioctl_preallocate+0x1a0/0x1a0 [ 677.491998] ? __fget+0x265/0x3e0 [ 677.495450] ? do_vfs_ioctl+0xff0/0xff0 [ 677.499429] ? security_file_ioctl+0x83/0xb0 [ 677.503845] SyS_ioctl+0x7f/0xb0 [ 677.507209] ? do_vfs_ioctl+0xff0/0xff0 [ 677.511185] do_syscall_64+0x1d5/0x640 [ 677.515077] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 677.520268] RIP: 0033:0x7fa37e383109 [ 677.523971] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 677.531784] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 677.539049] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 677.546311] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 677.553572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:37:53 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'geneve1\x00'}) socket$inet6_udplite(0xa, 0x2, 0x88) [ 677.560849] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:53 executing program 1: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000380), 0x1) r1 = gettid() bind$l2tp(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, 0x10) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = gettid() ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0286405, &(0x7f0000000240)={0x2, 0x1, {r3}, {}, 0x101}) syz_open_procfs$namespace(r1, 0x0) accept$packet(r0, &(0x7f00000002c0), &(0x7f0000000180)=0x14) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4) r4 = socket$packet(0x11, 0x3, 0x300) r5 = accept$packet(r4, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000000c0)={0x8, 0x7f, {r1}, {}, 0x4, 0x581}) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) getsockopt$packet_buf(r5, 0x107, 0xd, &(0x7f0000000140)=""/3, &(0x7f00000003c0)=0x3) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)={r6}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) 13:37:53 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'geneve1\x00'}) socket$inet6_udplite(0xa, 0x2, 0x88) socketpair(0x2, 0x1, 0x0, 0x0) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'geneve1\x00'}) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) 13:37:53 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x5, &(0x7f0000000080)="d81e98905ec3635c279a5817f70088c9d88669b2ef63f6efe541ce10c8ce8f609c6c2747d73a89839e140ef51c45edb2a5a69a895141e127d99f4b67d91c25dd795bb2bb552143683c22183af975864237bec1cc2cf76a698eb6a85360687d3031f56583d2842e7989c1b60a0ec316cfc05ad61d", 0x74) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) accept4$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14, 0x800) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:53 executing program 1: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000380), 0x1) r1 = gettid() (async) bind$l2tp(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, 0x10) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = gettid() ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0286405, &(0x7f0000000240)={0x2, 0x1, {r3}, {}, 0x101}) (async) syz_open_procfs$namespace(r1, 0x0) accept$packet(r0, &(0x7f00000002c0), &(0x7f0000000180)=0x14) (async) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4) (async) r4 = socket$packet(0x11, 0x3, 0x300) r5 = accept$packet(r4, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000000c0)={0x8, 0x7f, {r1}, {}, 0x4, 0x581}) (async, rerun: 64) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async, rerun: 64) getsockopt$packet_buf(r5, 0x107, 0xd, &(0x7f0000000140)=""/3, &(0x7f00000003c0)=0x3) (async) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)={r6}) (async) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) 13:37:53 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 36) 13:37:53 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44010}, 0x1) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:53 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'geneve1\x00'}) socket$inet6_udplite(0xa, 0x2, 0x88) socketpair(0x2, 0x1, 0x0, 0x0) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'geneve1\x00'}) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) 13:37:53 executing program 3: socketpair(0x28, 0x1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)) 13:37:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x5, &(0x7f0000000080)="d81e98905ec3635c279a5817f70088c9d88669b2ef63f6efe541ce10c8ce8f609c6c2747d73a89839e140ef51c45edb2a5a69a895141e127d99f4b67d91c25dd795bb2bb552143683c22183af975864237bec1cc2cf76a698eb6a85360687d3031f56583d2842e7989c1b60a0ec316cfc05ad61d", 0x74) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) accept4$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14, 0x800) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:53 executing program 1: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000380), 0x1) r1 = gettid() bind$l2tp(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, 0x10) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = gettid() ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0286405, &(0x7f0000000240)={0x2, 0x1, {r3}, {}, 0x101}) syz_open_procfs$namespace(r1, 0x0) accept$packet(r0, &(0x7f00000002c0), &(0x7f0000000180)=0x14) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4) r4 = socket$packet(0x11, 0x3, 0x300) r5 = accept$packet(r4, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000000c0)={0x8, 0x7f, {r1}, {}, 0x4, 0x581}) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) getsockopt$packet_buf(r5, 0x107, 0xd, &(0x7f0000000140)=""/3, &(0x7f00000003c0)=0x3) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)={r6}) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000380), 0x1) (async) gettid() (async) bind$l2tp(r0, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, 0x10) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) gettid() (async) ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0286405, &(0x7f0000000240)={0x2, 0x1, {r3}, {}, 0x101}) (async) syz_open_procfs$namespace(r1, 0x0) (async) accept$packet(r0, &(0x7f00000002c0), &(0x7f0000000180)=0x14) (async) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4) (async) socket$packet(0x11, 0x3, 0x300) (async) accept$packet(r4, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14) (async) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000000c0)={0x8, 0x7f, {r1}, {}, 0x4, 0x581}) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) getsockopt$packet_buf(r5, 0x107, 0xd, &(0x7f0000000140)=""/3, &(0x7f00000003c0)=0x3) (async) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000040)) (async) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000080)={r6}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) (async) 13:37:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r1, 0x107, 0x5, &(0x7f0000000080)="d81e98905ec3635c279a5817f70088c9d88669b2ef63f6efe541ce10c8ce8f609c6c2747d73a89839e140ef51c45edb2a5a69a895141e127d99f4b67d91c25dd795bb2bb552143683c22183af975864237bec1cc2cf76a698eb6a85360687d3031f56583d2842e7989c1b60a0ec316cfc05ad61d", 0x74) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) accept4$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14, 0x800) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:53 executing program 3: socketpair(0x28, 0x1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)) socketpair(0x28, 0x1, 0x0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)) (async) 13:37:54 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) 13:37:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 32) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44010}, 0x1) (rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 677.891064] FAULT_INJECTION: forcing a failure. [ 677.891064] name failslab, interval 1, probability 0, space 0, times 0 [ 677.954258] CPU: 0 PID: 12225 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 677.962166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 677.971519] Call Trace: [ 677.974109] dump_stack+0x1b2/0x281 [ 677.978040] should_fail.cold+0x10a/0x149 [ 677.982191] should_failslab+0xd6/0x130 [ 677.986169] kmem_cache_alloc+0x28e/0x3c0 [ 677.990326] alloc_inode+0xa0/0x170 [ 677.993952] new_inode+0x1d/0xf0 [ 677.997320] debugfs_get_inode+0x1a/0x130 [ 678.001468] __debugfs_create_file+0x93/0x440 [ 678.005958] ? debugfs_create_file+0x37/0x60 [ 678.010428] kvm_dev_ioctl+0xe7f/0x1450 [ 678.014407] ? fsnotify+0x974/0x11b0 [ 678.018121] ? kvm_put_kvm+0xab0/0xab0 [ 678.022015] ? kvm_put_kvm+0xab0/0xab0 [ 678.025900] do_vfs_ioctl+0x75a/0xff0 [ 678.029705] ? lock_acquire+0x170/0x3f0 [ 678.033680] ? ioctl_preallocate+0x1a0/0x1a0 [ 678.038088] ? __fget+0x265/0x3e0 [ 678.041571] ? do_vfs_ioctl+0xff0/0xff0 [ 678.045547] ? security_file_ioctl+0x83/0xb0 [ 678.049958] SyS_ioctl+0x7f/0xb0 [ 678.053329] ? do_vfs_ioctl+0xff0/0xff0 [ 678.057302] do_syscall_64+0x1d5/0x640 [ 678.061196] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 678.066386] RIP: 0033:0x7fa37e383109 [ 678.070095] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 678.077801] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 678.085063] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 678.092327] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:54 executing program 0: socket$packet(0x11, 0x2, 0x300) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000380)=[0x8, 0x2cb, 0xffffffe1], 0x3, 0x40800}) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x5}, 0xfd31) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000400000069a02e67feb322e9a14f0113201a101f20e0bdf47744267e5c1555124fa15a6bf6f4442a96640bab247b08f75cd1eefc4ee7a1181f2758a4c7714cb07df8e209a575b500e988c489edaecfa88b8291592c66d0f73a677611c447c29a3a156be57a11d01a35e1b2d3b4cef2c8ffc634459e13"], 0x14}}, 0x0) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x18180) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r0) sendmsg$BATADV_CMD_GET_VLAN(r4, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x58, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x400}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80000001}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xa00000}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x8010) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, 0x0, 0x44) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000d84aa6c741c436f8ad89800352f6cc5a313180e4535f6e75910cf9c4296d9cfc21fc3f5d73431d5dd038e58faf409ad774fd6c6004f46085f06f67149c6b97e25042a6d40f928ad761a369d7d3a3c87eb24fa633b1aedbebe7d3ce5b71f98849accf3b0aae35d20085d990a005ce51b779e2216fb49845b9288d0942f8d7399b249161dd49259da010a58079cb728040dec81c40170856dfb10f7f4bce95", @ANYRES16=r3, @ANYBLOB="20002dbd7000ffdbdf250a00000008002b0001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004040) 13:37:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 678.099593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 678.106857] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 37) 13:37:54 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) (async) 13:37:54 executing program 3: socketpair(0x28, 0x1, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)) socketpair(0x28, 0x1, 0x0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000000)) (async) 13:37:54 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44010}, 0x1) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:54 executing program 0: socket$packet(0x11, 0x2, 0x300) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000380)=[0x8, 0x2cb, 0xffffffe1], 0x3, 0x40800}) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x5}, 0xfd31) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000400000069a02e67feb322e9a14f0113201a101f20e0bdf47744267e5c1555124fa15a6bf6f4442a96640bab247b08f75cd1eefc4ee7a1181f2758a4c7714cb07df8e209a575b500e988c489edaecfa88b8291592c66d0f73a677611c447c29a3a156be57a11d01a35e1b2d3b4cef2c8ffc634459e13"], 0x14}}, 0x0) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x18180) (async) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r0) sendmsg$BATADV_CMD_GET_VLAN(r4, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x58, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x400}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80000001}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xa00000}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x8010) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, 0x0, 0x44) (async) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000d84aa6c741c436f8ad89800352f6cc5a313180e4535f6e75910cf9c4296d9cfc21fc3f5d73431d5dd038e58faf409ad774fd6c6004f46085f06f67149c6b97e25042a6d40f928ad761a369d7d3a3c87eb24fa633b1aedbebe7d3ce5b71f98849accf3b0aae35d20085d990a005ce51b779e2216fb49845b9288d0942f8d7399b249161dd49259da010a58079cb728040dec81c40170856dfb10f7f4bce95", @ANYRES16=r3, @ANYBLOB="20002dbd7000ffdbdf250a00000008002b0001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004040) 13:37:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:54 executing program 0: socket$packet(0x11, 0x2, 0x300) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000380)=[0x8, 0x2cb, 0xffffffe1], 0x3, 0x40800}) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x5}, 0xfd31) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000400000069a02e67feb322e9a14f0113201a101f20e0bdf47744267e5c1555124fa15a6bf6f4442a96640bab247b08f75cd1eefc4ee7a1181f2758a4c7714cb07df8e209a575b500e988c489edaecfa88b8291592c66d0f73a677611c447c29a3a156be57a11d01a35e1b2d3b4cef2c8ffc634459e13"], 0x14}}, 0x0) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x18180) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r0) sendmsg$BATADV_CMD_GET_VLAN(r4, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x58, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x400}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x80000001}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xa00000}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x8010) (async) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, 0x0, 0x44) (async) sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000d84aa6c741c436f8ad89800352f6cc5a313180e4535f6e75910cf9c4296d9cfc21fc3f5d73431d5dd038e58faf409ad774fd6c6004f46085f06f67149c6b97e25042a6d40f928ad761a369d7d3a3c87eb24fa633b1aedbebe7d3ce5b71f98849accf3b0aae35d20085d990a005ce51b779e2216fb49845b9288d0942f8d7399b249161dd49259da010a58079cb728040dec81c40170856dfb10f7f4bce95", @ANYRES16=r3, @ANYBLOB="20002dbd7000ffdbdf250a00000008002b0001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004040) 13:37:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[], 0x70}}, 0x8000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x412040, 0x0) 13:37:54 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_buf(r0, 0x107, 0x6, &(0x7f0000000000)=""/170, &(0x7f00000000c0)=0xaa) [ 678.307388] FAULT_INJECTION: forcing a failure. [ 678.307388] name failslab, interval 1, probability 0, space 0, times 0 13:37:54 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) [ 678.348271] CPU: 1 PID: 12296 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 678.356177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.365963] Call Trace: [ 678.368549] dump_stack+0x1b2/0x281 [ 678.372182] should_fail.cold+0x10a/0x149 [ 678.376336] should_failslab+0xd6/0x130 [ 678.380314] kmem_cache_alloc+0x28e/0x3c0 [ 678.384470] alloc_inode+0xa0/0x170 [ 678.388097] new_inode+0x1d/0xf0 [ 678.391502] debugfs_get_inode+0x1a/0x130 13:37:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[], 0x70}}, 0x8000) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x412040, 0x0) [ 678.395648] __debugfs_create_file+0x93/0x440 [ 678.400139] ? debugfs_create_file+0x37/0x60 [ 678.404550] kvm_dev_ioctl+0xe7f/0x1450 [ 678.408529] ? fsnotify+0x974/0x11b0 [ 678.412241] ? kvm_put_kvm+0xab0/0xab0 [ 678.416130] ? kvm_put_kvm+0xab0/0xab0 [ 678.420017] do_vfs_ioctl+0x75a/0xff0 [ 678.423819] ? lock_acquire+0x170/0x3f0 [ 678.427797] ? ioctl_preallocate+0x1a0/0x1a0 [ 678.432205] ? __fget+0x265/0x3e0 [ 678.435661] ? do_vfs_ioctl+0xff0/0xff0 [ 678.439634] ? security_file_ioctl+0x83/0xb0 [ 678.444039] SyS_ioctl+0x7f/0xb0 [ 678.447403] ? do_vfs_ioctl+0xff0/0xff0 [ 678.451380] do_syscall_64+0x1d5/0x640 [ 678.455288] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 678.460472] RIP: 0033:0x7fa37e383109 [ 678.464176] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 678.471883] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 678.479150] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 678.486417] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:54 executing program 2: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[], 0x70}}, 0x8000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x412040, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[], 0x70}}, 0x8000) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x412040, 0x0) (async) 13:37:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 38) 13:37:54 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_buf(r0, 0x107, 0x6, &(0x7f0000000000)=""/170, &(0x7f00000000c0)=0xaa) [ 678.493689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 678.501045] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:54 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendto$packet(r0, &(0x7f0000000000)="294a6ef607e70300a34049ea65e6a13160fbc93f6ab83848dd254f7e3e85129c28261e100984d41bbcee", 0x2a, 0x20040044, &(0x7f0000000040)={0x11, 0x10, 0x0, 0x1, 0x1, 0x6, @random="4b22b9b62e28"}, 0x14) 13:37:54 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x80, 0x40, 0x6, 0x7ff}, {0x6, 0x2, 0x8, 0xffffffff}, {0x1, 0x6, 0x40, 0xac}, {0x2, 0x4, 0x20, 0x9}, {0x9, 0xab, 0x5}]}, 0x10) 13:37:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:54 executing program 2: socketpair(0x9, 0xa, 0x1ff, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x20}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x11) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x3bba40, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 13:37:54 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_buf(r0, 0x107, 0x6, &(0x7f0000000000)=""/170, &(0x7f00000000c0)=0xaa) 13:37:54 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendto$packet(r0, &(0x7f0000000000)="294a6ef607e70300a34049ea65e6a13160fbc93f6ab83848dd254f7e3e85129c28261e100984d41bbcee", 0x2a, 0x20040044, &(0x7f0000000040)={0x11, 0x10, 0x0, 0x1, 0x1, 0x6, @random="4b22b9b62e28"}, 0x14) [ 678.654182] FAULT_INJECTION: forcing a failure. [ 678.654182] name failslab, interval 1, probability 0, space 0, times 0 [ 678.685793] CPU: 0 PID: 12360 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 678.693740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 13:37:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r1, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x9}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x20}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r3}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x496}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x801}, 0x20008800) 13:37:54 executing program 2: socketpair(0x9, 0xa, 0x1ff, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x20}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x11) (async) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x3bba40, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) [ 678.703094] Call Trace: [ 678.705688] dump_stack+0x1b2/0x281 [ 678.709318] should_fail.cold+0x10a/0x149 [ 678.713472] should_failslab+0xd6/0x130 [ 678.717447] kmem_cache_alloc_trace+0x29a/0x3d0 [ 678.722198] ? debugfs_create_file+0x37/0x60 [ 678.726607] kvm_dev_ioctl+0xce6/0x1450 [ 678.730592] ? fsnotify+0x974/0x11b0 [ 678.734314] ? kvm_put_kvm+0xab0/0xab0 [ 678.738204] ? kvm_put_kvm+0xab0/0xab0 [ 678.742131] do_vfs_ioctl+0x75a/0xff0 [ 678.745946] ? lock_acquire+0x170/0x3f0 [ 678.749925] ? ioctl_preallocate+0x1a0/0x1a0 [ 678.754337] ? __fget+0x265/0x3e0 [ 678.757792] ? do_vfs_ioctl+0xff0/0xff0 [ 678.761768] ? security_file_ioctl+0x83/0xb0 [ 678.766183] SyS_ioctl+0x7f/0xb0 [ 678.769558] ? do_vfs_ioctl+0xff0/0xff0 [ 678.773540] do_syscall_64+0x1d5/0x640 [ 678.777435] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 678.782624] RIP: 0033:0x7fa37e383109 [ 678.786331] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 678.794044] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 13:37:54 executing program 2: socketpair(0x9, 0xa, 0x1ff, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x20}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x11) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x3bba40, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) socketpair(0x9, 0xa, 0x1ff, &(0x7f0000000140)) (async) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x20}, @SEG6_ATTR_SECRETLEN={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040}, 0x11) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x3bba40, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) 13:37:54 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x76282a8e5ba106f5}, 0x85) ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000340)={0x80000001, 0x3, &(0x7f0000000280)=[0x3, 0x8f, 0x8000], &(0x7f00000002c0)=[0x2, 0x49, 0xa29, 0x220c, 0xfb, 0x1], &(0x7f0000000300)=[0x200, 0xfffa]}) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0xfe}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x24004000) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000080)={0x0, 0x0, 0x4, 0xd, 0x6}) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f00000000c0)=ANY=[@ANYBLOB="06000000000000000d0000000000000060000000000000000004000000000000010001000000000002000000000000003f0000000000000009000000000000000800000000000000000000800000000000000400"/104]) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r0, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1}) 13:37:54 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 39) 13:37:54 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14) (async) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x80, 0x40, 0x6, 0x7ff}, {0x6, 0x2, 0x8, 0xffffffff}, {0x1, 0x6, 0x40, 0xac}, {0x2, 0x4, 0x20, 0x9}, {0x9, 0xab, 0x5}]}, 0x10) [ 678.801321] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 678.808589] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 678.815860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 678.823132] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:54 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r1, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x9}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x20}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r3}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x496}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x801}, 0x20008800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) (async) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r1, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x9}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x20}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r3}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x496}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x801}, 0x20008800) (async) 13:37:55 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendto$packet(r0, &(0x7f0000000000)="294a6ef607e70300a34049ea65e6a13160fbc93f6ab83848dd254f7e3e85129c28261e100984d41bbcee", 0x2a, 0x20040044, &(0x7f0000000040)={0x11, 0x10, 0x0, 0x1, 0x1, 0x6, @random="4b22b9b62e28"}, 0x14) 13:37:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f0000000040)={0xb6a, 0x56544943, 0x1, @stepwise={0x7f9f, 0x400, 0x3, 0x7, 0xf4, 0x800}}) ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000100)={0x4}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000080)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f00000000c0)={r3}) 13:37:55 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x76282a8e5ba106f5}, 0x85) ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000340)={0x80000001, 0x3, &(0x7f0000000280)=[0x3, 0x8f, 0x8000], &(0x7f00000002c0)=[0x2, 0x49, 0xa29, 0x220c, 0xfb, 0x1], &(0x7f0000000300)=[0x200, 0xfffa]}) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0xfe}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x24004000) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000080)={0x0, 0x0, 0x4, 0xd, 0x6}) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f00000000c0)=ANY=[@ANYBLOB="06000000000000000d0000000000000060000000000000000004000000000000010001000000000002000000000000003f0000000000000009000000000000000800000000000000000000800000000000000400"/104]) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r0, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1}) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x76282a8e5ba106f5}, 0x85) (async) ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000340)={0x80000001, 0x3, &(0x7f0000000280)=[0x3, 0x8f, 0x8000], &(0x7f00000002c0)=[0x2, 0x49, 0xa29, 0x220c, 0xfb, 0x1], &(0x7f0000000300)=[0x200, 0xfffa]}) (async) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0xfe}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x24004000) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000080)={0x0, 0x0, 0x4, 0xd, 0x6}) (async) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f00000000c0)=ANY=[@ANYBLOB="06000000000000000d0000000000000060000000000000000004000000000000010001000000000002000000000000003f0000000000000009000000000000000800000000000000000000800000000000000400"/104]) (async) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r0, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1}) (async) 13:37:55 executing program 4: socketpair(0x2, 0xa, 0x3, 0x0) 13:37:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x80, 0x40, 0x6, 0x7ff}, {0x6, 0x2, 0x8, 0xffffffff}, {0x1, 0x6, 0x40, 0xac}, {0x2, 0x4, 0x20, 0x9}, {0x9, 0xab, 0x5}]}, 0x10) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14) (async) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x80, 0x40, 0x6, 0x7ff}, {0x6, 0x2, 0x8, 0xffffffff}, {0x1, 0x6, 0x40, 0xac}, {0x2, 0x4, 0x20, 0x9}, {0x9, 0xab, 0x5}]}, 0x10) (async) [ 678.987940] FAULT_INJECTION: forcing a failure. [ 678.987940] name failslab, interval 1, probability 0, space 0, times 0 [ 679.039793] CPU: 1 PID: 12405 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 679.047704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 679.057064] Call Trace: [ 679.059654] dump_stack+0x1b2/0x281 [ 679.063284] should_fail.cold+0x10a/0x149 [ 679.067431] should_failslab+0xd6/0x130 [ 679.071407] kmem_cache_alloc+0x28e/0x3c0 [ 679.075564] __d_alloc+0x2a/0xa20 [ 679.079013] ? d_lookup+0x172/0x220 [ 679.082667] d_alloc+0x46/0x240 [ 679.083350] syz-executor.4 uses obsolete (PF_INET,SOCK_PACKET) [ 679.085944] __lookup_hash+0x101/0x270 [ 679.085953] ? __inode_permission+0xcd/0x2f0 [ 679.085964] lookup_one_len+0x279/0x3a0 [ 679.085977] ? lookup_one_len_unlocked+0x410/0x410 [ 679.085992] start_creating+0xb0/0x200 [ 679.086002] __debugfs_create_file+0x4f/0x440 [ 679.086009] ? debugfs_create_file+0x37/0x60 [ 679.086020] kvm_dev_ioctl+0xe7f/0x1450 [ 679.086034] ? fsnotify+0x974/0x11b0 [ 679.086042] ? kvm_put_kvm+0xab0/0xab0 [ 679.086052] ? kvm_put_kvm+0xab0/0xab0 [ 679.086065] do_vfs_ioctl+0x75a/0xff0 [ 679.141170] ? lock_acquire+0x170/0x3f0 [ 679.145148] ? ioctl_preallocate+0x1a0/0x1a0 [ 679.149562] ? __fget+0x265/0x3e0 [ 679.153021] ? do_vfs_ioctl+0xff0/0xff0 [ 679.156997] ? security_file_ioctl+0x83/0xb0 [ 679.161406] SyS_ioctl+0x7f/0xb0 [ 679.164810] ? do_vfs_ioctl+0xff0/0xff0 [ 679.168785] do_syscall_64+0x1d5/0x640 [ 679.172684] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 679.177957] RIP: 0033:0x7fa37e383109 [ 679.181662] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f0000000040)={0xb6a, 0x56544943, 0x1, @stepwise={0x7f9f, 0x400, 0x3, 0x7, 0xf4, 0x800}}) (async) ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000100)={0x4}) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000080)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f00000000c0)={r3}) 13:37:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 32) r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x400) sendmsg$L2TP_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, r1, 0x800, 0x70bd2b, 0x25dfdbfd, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x9}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x20}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r3}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x496}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x801}, 0x20008800) 13:37:55 executing program 4: socketpair(0x2, 0xa, 0x3, 0x0) socketpair(0x2, 0xa, 0x3, 0x0) (async) 13:37:55 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x76282a8e5ba106f5}, 0x85) ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000340)={0x80000001, 0x3, &(0x7f0000000280)=[0x3, 0x8f, 0x8000], &(0x7f00000002c0)=[0x2, 0x49, 0xa29, 0x220c, 0xfb, 0x1], &(0x7f0000000300)=[0x200, 0xfffa]}) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0xfe}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x24004000) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000080)={0x0, 0x0, 0x4, 0xd, 0x6}) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f00000000c0)=ANY=[@ANYBLOB="06000000000000000d0000000000000060000000000000000004000000000000010001000000000002000000000000003f0000000000000009000000000000000800000000000000000000800000000000000400"/104]) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r0, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1}) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x2c, 0x0, 0x300, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x76282a8e5ba106f5}, 0x85) (async) ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000340)={0x80000001, 0x3, &(0x7f0000000280)=[0x3, 0x8f, 0x8000], &(0x7f00000002c0)=[0x2, 0x49, 0xa29, 0x220c, 0xfb, 0x1], &(0x7f0000000300)=[0x200, 0xfffa]}) (async) sendmsg$L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r1, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0xfe}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x24004000) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000080)={0x0, 0x0, 0x4, 0xd, 0x6}) (async) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f00000000c0)=ANY=[@ANYBLOB="06000000000000000d0000000000000060000000000000000004000000000000010001000000000002000000000000003f0000000000000009000000000000000800000000000000000000800000000000000400"/104]) (async) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r0, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1}) (async) 13:37:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 40) 13:37:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x29, 0x1, 0x3f, 0x9, 0x40, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, 0x1, 0x7, 0x5, 0x7}}) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f00000000c0)={r1, 0x1, 0x6, @multicast}, 0x10) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) [ 679.189369] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 679.196634] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 679.203900] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 679.211172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 679.218442] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:55 executing program 4: socketpair(0x2, 0xa, 0x3, 0x0) socketpair(0x2, 0xa, 0x3, 0x0) (async) 13:37:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x29, 0x1, 0x3f, 0x9, 0x40, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, 0x1, 0x7, 0x5, 0x7}}) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f00000000c0)={r1, 0x1, 0x6, @multicast}, 0x10) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) [ 679.359361] FAULT_INJECTION: forcing a failure. [ 679.359361] name failslab, interval 1, probability 0, space 0, times 0 [ 679.396306] CPU: 1 PID: 12469 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 679.404216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 679.413606] Call Trace: [ 679.416194] dump_stack+0x1b2/0x281 [ 679.419825] should_fail.cold+0x10a/0x149 [ 679.423977] should_failslab+0xd6/0x130 [ 679.427951] kmem_cache_alloc+0x28e/0x3c0 [ 679.432102] alloc_inode+0xa0/0x170 [ 679.435727] new_inode+0x1d/0xf0 [ 679.439090] debugfs_get_inode+0x1a/0x130 [ 679.443238] __debugfs_create_file+0x93/0x440 [ 679.447736] ? debugfs_create_file+0x37/0x60 [ 679.452147] kvm_dev_ioctl+0xe7f/0x1450 [ 679.456126] ? fsnotify+0x974/0x11b0 [ 679.459834] ? kvm_put_kvm+0xab0/0xab0 [ 679.463721] ? kvm_put_kvm+0xab0/0xab0 [ 679.467600] do_vfs_ioctl+0x75a/0xff0 [ 679.471403] ? lock_acquire+0x170/0x3f0 [ 679.475415] ? ioctl_preallocate+0x1a0/0x1a0 [ 679.479820] ? __fget+0x265/0x3e0 [ 679.483273] ? do_vfs_ioctl+0xff0/0xff0 [ 679.487246] ? security_file_ioctl+0x83/0xb0 [ 679.491650] SyS_ioctl+0x7f/0xb0 [ 679.495014] ? do_vfs_ioctl+0xff0/0xff0 [ 679.498982] do_syscall_64+0x1d5/0x640 [ 679.502867] entry_SYSCALL_64_after_hwframe+0x46/0xbb 13:37:55 executing program 3: socketpair(0x26, 0x1, 0x28, 0x0) 13:37:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f0000000040)={0xb6a, 0x56544943, 0x1, @stepwise={0x7f9f, 0x400, 0x3, 0x7, 0xf4, 0x800}}) (async) ioctl$KVM_DIRTY_TLB(r1, 0x4010aeaa, &(0x7f0000000100)={0x4}) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000080)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f00000000c0)={r3}) [ 679.508045] RIP: 0033:0x7fa37e383109 [ 679.511747] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 679.519481] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 679.526748] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 679.534100] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 679.541372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 679.548635] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x29, 0x1, 0x3f, 0x9, 0x40, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, 0x1, 0x7, 0x5, 0x7}}) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f00000000c0)={r1, 0x1, 0x6, @multicast}, 0x10) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:55 executing program 3: socketpair(0x26, 0x1, 0x28, 0x0) 13:37:55 executing program 2: sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x4}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x90000, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4010}, 0x20000094) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:55 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x5, 0x7fff], 0x2, 0x80800}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x8800) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x587e81) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) 13:37:55 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000440), 0x571282) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), r0) sendmsg$BATADV_CMD_TP_METER_CANCEL(r3, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)={0x2c, r4, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x4}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r1, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0xc044) socketpair(0x2, 0x1, 0x0, 0x0) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x4c, 0x0, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x9}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20044001}, 0x40040d1) 13:37:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000000)="306bc416717a75be08ef8212a967b69692119cc57ed01ca9159a47398863f32789bb2aca083c57f5886288cd8f7c834b8062d30f06955cdcc746a915de1a9bb10ddeff820ed840808a687b72c6444c7336e8d9032b028e4d02626c271dc77f4842feaaa029060230a0d97fc96a3f8e7d0f50e12dd33bc97d8b115a7889c7f48c06024cb39d660ce47133c38a00f6775ffdfdc14bf5ddd597ee049d3e074f5944dfff5fba955692ce6069ca4417fdd87a823fef9e4c03b83ac139c25ae872048066305fbe3d709cee00129b3830b80f20992e204b99cfa46ae0be8a7339e148386d035d23bbac61cc660cecca0cb3292c30", 0xf1) 13:37:55 executing program 3: socketpair(0x26, 0x1, 0x28, 0x0) 13:37:55 executing program 2: sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x4}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x90000, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4010}, 0x20000094) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 41) 13:37:56 executing program 3: socketpair(0x28, 0x3, 0xfbffffff, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wg1\x00', 0x0}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendto$packet(r2, &(0x7f0000000040)="31ac5ddbf3de836b55b0e25160a965c9a72017864a0b6148c80cf2baeb26d5c65bade963b9d6c42c28534e1d737b946b06be195544cdce1fdc99db3d33e5ad3ca9a79f2468ff6d50da71434e1dd08c318cfedfad3b30d29f6be8f6551fc57f82ce3f2327e3954e7b2b0f468137672aa23cd51961b060a310d33f2abcd800706b3e7d0f062b58ee5972fb054ddf77931f4ad6b084953b318dcaac1c91609e3fe11395694c3419a19f39626c41eaae06fe48c07e59f0008fa0cff50157c7583d0ae300e9f32dde2a41", 0xc8, 0x20040000, &(0x7f0000000140)={0x11, 0xc, r1, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}}, 0x14) [ 679.932848] device batadv0 entered promiscuous mode 13:37:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x5, 0x7fff], 0x2, 0x80800}) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x8800) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x587e81) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) 13:37:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async, rerun: 32) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000000)="306bc416717a75be08ef8212a967b69692119cc57ed01ca9159a47398863f32789bb2aca083c57f5886288cd8f7c834b8062d30f06955cdcc746a915de1a9bb10ddeff820ed840808a687b72c6444c7336e8d9032b028e4d02626c271dc77f4842feaaa029060230a0d97fc96a3f8e7d0f50e12dd33bc97d8b115a7889c7f48c06024cb39d660ce47133c38a00f6775ffdfdc14bf5ddd597ee049d3e074f5944dfff5fba955692ce6069ca4417fdd87a823fef9e4c03b83ac139c25ae872048066305fbe3d709cee00129b3830b80f20992e204b99cfa46ae0be8a7339e148386d035d23bbac61cc660cecca0cb3292c30", 0xf1) 13:37:56 executing program 2: sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x4}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x90000, 0x0) sendmsg$BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4010}, 0x20000094) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:56 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) (async) r2 = socket$packet(0x11, 0x3, 0x300) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000440), 0x571282) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), r0) sendmsg$BATADV_CMD_TP_METER_CANCEL(r3, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)={0x2c, r4, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x4}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) (async) socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r1, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0xc044) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x4c, 0x0, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x9}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20044001}, 0x40040d1) [ 679.959105] device batadv0 left promiscuous mode [ 679.968202] FAULT_INJECTION: forcing a failure. [ 679.968202] name failslab, interval 1, probability 0, space 0, times 0 [ 680.007823] CPU: 0 PID: 12569 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 680.015734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.025083] Call Trace: [ 680.027676] dump_stack+0x1b2/0x281 [ 680.031306] should_fail.cold+0x10a/0x149 [ 680.035635] should_failslab+0xd6/0x130 [ 680.039630] kmem_cache_alloc_trace+0x29a/0x3d0 [ 680.044297] ? debugfs_create_file+0x37/0x60 [ 680.048714] kvm_dev_ioctl+0xce6/0x1450 [ 680.052692] ? fsnotify+0x974/0x11b0 13:37:56 executing program 2: ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000001c0)={0x4, &(0x7f0000000180)=[0x7fff, 0x9, 0x6, 0xfffffffb]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f0000000200)={0x100, 0x6, 0x5, 0x1000}) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) keyctl$describe(0x6, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x10, 0x70bd25, 0x25dfdbfb, {0x2, 0x10, 0x20, 0xc0, 0xfe, 0x2, 0xff, 0x6, 0x1b00}, [@RTA_MULTIPATH={0xc, 0x9, {0x2, 0x1, 0x1, r2}}, @RTA_MARK={0x8, 0x10, 0x647}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x10) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 680.056407] ? kvm_put_kvm+0xab0/0xab0 [ 680.060300] ? kvm_put_kvm+0xab0/0xab0 [ 680.064196] do_vfs_ioctl+0x75a/0xff0 [ 680.068001] ? lock_acquire+0x170/0x3f0 [ 680.071974] ? ioctl_preallocate+0x1a0/0x1a0 [ 680.076402] ? __fget+0x265/0x3e0 [ 680.079852] ? do_vfs_ioctl+0xff0/0xff0 [ 680.083855] ? security_file_ioctl+0x83/0xb0 [ 680.088269] SyS_ioctl+0x7f/0xb0 [ 680.091634] ? do_vfs_ioctl+0xff0/0xff0 [ 680.095616] do_syscall_64+0x1d5/0x640 [ 680.099509] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 680.104691] RIP: 0033:0x7fa37e383109 13:37:56 executing program 2: ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000001c0)={0x4, &(0x7f0000000180)=[0x7fff, 0x9, 0x6, 0xfffffffb]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f0000000200)={0x100, 0x6, 0x5, 0x1000}) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) keyctl$describe(0x6, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x10, 0x70bd25, 0x25dfdbfb, {0x2, 0x10, 0x20, 0xc0, 0xfe, 0x2, 0xff, 0x6, 0x1b00}, [@RTA_MULTIPATH={0xc, 0x9, {0x2, 0x1, 0x1, r2}}, @RTA_MARK={0x8, 0x10, 0x647}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x10) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000001c0)={0x4, &(0x7f0000000180)=[0x7fff, 0x9, 0x6, 0xfffffffb]}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f0000000200)={0x100, 0x6, 0x5, 0x1000}) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) keyctl$describe(0x6, 0x0, 0x0, 0x0) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x10, 0x70bd25, 0x25dfdbfb, {0x2, 0x10, 0x20, 0xc0, 0xfe, 0x2, 0xff, 0x6, 0x1b00}, [@RTA_MULTIPATH={0xc, 0x9, {0x2, 0x1, 0x1, r2}}, @RTA_MARK={0x8, 0x10, 0x647}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x10) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x5, 0x7fff], 0x2, 0x80800}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x8800) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x587e81) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x5, 0x7fff], 0x2, 0x80800}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x8800) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x587e81) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async) [ 680.108394] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 680.116096] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 680.123363] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 680.130628] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 680.137891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 680.145159] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:56 executing program 3: socketpair(0x28, 0x3, 0xfbffffff, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wg1\x00', 0x0}) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendto$packet(r2, &(0x7f0000000040)="31ac5ddbf3de836b55b0e25160a965c9a72017864a0b6148c80cf2baeb26d5c65bade963b9d6c42c28534e1d737b946b06be195544cdce1fdc99db3d33e5ad3ca9a79f2468ff6d50da71434e1dd08c318cfedfad3b30d29f6be8f6551fc57f82ce3f2327e3954e7b2b0f468137672aa23cd51961b060a310d33f2abcd800706b3e7d0f062b58ee5972fb054ddf77931f4ad6b084953b318dcaac1c91609e3fe11395694c3419a19f39626c41eaae06fe48c07e59f0008fa0cff50157c7583d0ae300e9f32dde2a41", 0xc8, 0x20040000, &(0x7f0000000140)={0x11, 0xc, r1, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}}, 0x14) 13:37:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000000)="306bc416717a75be08ef8212a967b69692119cc57ed01ca9159a47398863f32789bb2aca083c57f5886288cd8f7c834b8062d30f06955cdcc746a915de1a9bb10ddeff820ed840808a687b72c6444c7336e8d9032b028e4d02626c271dc77f4842feaaa029060230a0d97fc96a3f8e7d0f50e12dd33bc97d8b115a7889c7f48c06024cb39d660ce47133c38a00f6775ffdfdc14bf5ddd597ee049d3e074f5944dfff5fba955692ce6069ca4417fdd87a823fef9e4c03b83ac139c25ae872048066305fbe3d709cee00129b3830b80f20992e204b99cfa46ae0be8a7339e148386d035d23bbac61cc660cecca0cb3292c30", 0xf1) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000000)="306bc416717a75be08ef8212a967b69692119cc57ed01ca9159a47398863f32789bb2aca083c57f5886288cd8f7c834b8062d30f06955cdcc746a915de1a9bb10ddeff820ed840808a687b72c6444c7336e8d9032b028e4d02626c271dc77f4842feaaa029060230a0d97fc96a3f8e7d0f50e12dd33bc97d8b115a7889c7f48c06024cb39d660ce47133c38a00f6775ffdfdc14bf5ddd597ee049d3e074f5944dfff5fba955692ce6069ca4417fdd87a823fef9e4c03b83ac139c25ae872048066305fbe3d709cee00129b3830b80f20992e204b99cfa46ae0be8a7339e148386d035d23bbac61cc660cecca0cb3292c30", 0xf1) (async) [ 680.241977] device batadv0 entered promiscuous mode 13:37:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x6, 0x200, 0x0, 0x81], 0x4, 0x80800}) 13:37:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 42) 13:37:56 executing program 3: socketpair(0x28, 0x3, 0xfbffffff, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wg1\x00', 0x0}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async, rerun: 64) sendto$packet(r2, &(0x7f0000000040)="31ac5ddbf3de836b55b0e25160a965c9a72017864a0b6148c80cf2baeb26d5c65bade963b9d6c42c28534e1d737b946b06be195544cdce1fdc99db3d33e5ad3ca9a79f2468ff6d50da71434e1dd08c318cfedfad3b30d29f6be8f6551fc57f82ce3f2327e3954e7b2b0f468137672aa23cd51961b060a310d33f2abcd800706b3e7d0f062b58ee5972fb054ddf77931f4ad6b084953b318dcaac1c91609e3fe11395694c3419a19f39626c41eaae06fe48c07e59f0008fa0cff50157c7583d0ae300e9f32dde2a41", 0xc8, 0x20040000, &(0x7f0000000140)={0x11, 0xc, r1, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}}, 0x14) (rerun: 64) [ 680.263455] device batadv0 left promiscuous mode 13:37:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x6, 0x96, 0x7, 0x3, 0x27, 0xafd, 0x28000}, 0x1c) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x8, 0x0, 0x1e], 0x3, 0x400, 0x0, 0xffffffffffffffff}) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r2, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f00000000c0)}) 13:37:56 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000440), 0x571282) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), r0) sendmsg$BATADV_CMD_TP_METER_CANCEL(r3, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)={0x2c, r4, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x4}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000800) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000040)={r5, 0x1, 0x6, @random="9afade46ccce"}, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r1, 0x200, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x805}, 0xc044) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 64) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x4c, 0x0, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x9}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x8}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20044001}, 0x40040d1) 13:37:56 executing program 2: ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000001c0)={0x4, &(0x7f0000000180)=[0x7fff, 0x9, 0x6, 0xfffffffb]}) (async, rerun: 64) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 64) ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f0000000200)={0x100, 0x6, 0x5, 0x1000}) (async) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) keyctl$describe(0x6, 0x0, 0x0, 0x0) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_newroute={0x30, 0x18, 0x10, 0x70bd25, 0x25dfdbfb, {0x2, 0x10, 0x20, 0xc0, 0xfe, 0x2, 0xff, 0x6, 0x1b00}, [@RTA_MULTIPATH={0xc, 0x9, {0x2, 0x1, 0x1, r2}}, @RTA_MARK={0x8, 0x10, 0x647}]}, 0x30}, 0x1, 0x0, 0x0, 0x40}, 0x10) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:56 executing program 3: socketpair(0x2c, 0x1, 0x406, 0x0) 13:37:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x6, 0x96, 0x7, 0x3, 0x27, 0xafd, 0x28000}, 0x1c) (async, rerun: 64) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x8, 0x0, 0x1e], 0x3, 0x400, 0x0, 0xffffffffffffffff}) (rerun: 64) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r2, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f00000000c0)}) 13:37:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x6, 0x200, 0x0, 0x81], 0x4, 0x80800}) [ 680.401793] FAULT_INJECTION: forcing a failure. [ 680.401793] name failslab, interval 1, probability 0, space 0, times 0 [ 680.415826] device batadv0 entered promiscuous mode [ 680.435499] CPU: 0 PID: 12664 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 680.443396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.452745] Call Trace: [ 680.455333] dump_stack+0x1b2/0x281 [ 680.458965] should_fail.cold+0x10a/0x149 [ 680.463114] should_failslab+0xd6/0x130 [ 680.467093] kmem_cache_alloc+0x28e/0x3c0 [ 680.471259] __d_alloc+0x2a/0xa20 [ 680.474716] ? d_lookup+0x172/0x220 [ 680.478344] d_alloc+0x46/0x240 [ 680.481625] __lookup_hash+0x101/0x270 [ 680.485509] ? __inode_permission+0xcd/0x2f0 [ 680.489921] lookup_one_len+0x279/0x3a0 [ 680.493953] ? lookup_one_len_unlocked+0x410/0x410 [ 680.498883] start_creating+0xb0/0x200 [ 680.502770] __debugfs_create_file+0x4f/0x440 [ 680.507271] ? debugfs_create_file+0x37/0x60 [ 680.511681] kvm_dev_ioctl+0xe7f/0x1450 [ 680.515657] ? fsnotify+0x974/0x11b0 [ 680.519379] ? kvm_put_kvm+0xab0/0xab0 [ 680.523266] ? kvm_put_kvm+0xab0/0xab0 [ 680.527154] do_vfs_ioctl+0x75a/0xff0 [ 680.530963] ? lock_acquire+0x170/0x3f0 [ 680.534944] ? ioctl_preallocate+0x1a0/0x1a0 [ 680.539363] ? __fget+0x265/0x3e0 [ 680.542815] ? do_vfs_ioctl+0xff0/0xff0 [ 680.546786] ? security_file_ioctl+0x83/0xb0 [ 680.551196] SyS_ioctl+0x7f/0xb0 [ 680.554571] ? do_vfs_ioctl+0xff0/0xff0 [ 680.558544] do_syscall_64+0x1d5/0x640 [ 680.562434] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 680.567616] RIP: 0033:0x7fa37e383109 [ 680.571342] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 680.579043] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 680.586308] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 680.593573] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x6, 0x200, 0x0, 0x81], 0x4, 0x80800}) (rerun: 64) 13:37:56 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r2) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x4, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x24000011) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x5) [ 680.600847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 680.608112] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:56 executing program 3: socketpair(0x2c, 0x1, 0x406, 0x0) 13:37:56 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r2) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x4, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x24000011) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x5) [ 680.658254] device batadv0 left promiscuous mode 13:37:56 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 43) 13:37:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x6, 0x96, 0x7, 0x3, 0x27, 0xafd, 0x28000}, 0x1c) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x8, 0x0, 0x1e], 0x3, 0x400, 0x0, 0xffffffffffffffff}) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r2, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f00000000c0)}) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x6, 0x96, 0x7, 0x3, 0x27, 0xafd, 0x28000}, 0x1c) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x8, 0x0, 0x1e], 0x3, 0x400}) (async) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r2, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f00000000c0)}) (async) 13:37:56 executing program 4: socketpair(0x15, 0x1, 0x0, 0x0) 13:37:56 executing program 3: socketpair(0x2c, 0x1, 0x406, 0x0) 13:37:56 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), r2) sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x4, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x24000011) (async) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x5) 13:37:56 executing program 4: socketpair(0x15, 0x1, 0x0, 0x0) 13:37:56 executing program 3: socketpair(0x1, 0x6, 0x6, 0x0) 13:37:56 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getpeername$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @private}, &(0x7f0000000080)=0x10) [ 680.928194] FAULT_INJECTION: forcing a failure. [ 680.928194] name failslab, interval 1, probability 0, space 0, times 0 [ 680.955797] CPU: 1 PID: 12784 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 680.963799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.973154] Call Trace: [ 680.975743] dump_stack+0x1b2/0x281 [ 680.979379] should_fail.cold+0x10a/0x149 [ 680.983529] should_failslab+0xd6/0x130 [ 680.987512] kmem_cache_alloc+0x28e/0x3c0 [ 680.991668] __d_alloc+0x2a/0xa20 [ 680.995121] ? d_lookup+0x172/0x220 [ 680.998749] d_alloc+0x46/0x240 [ 681.002038] __lookup_hash+0x101/0x270 [ 681.005925] ? __inode_permission+0xcd/0x2f0 [ 681.010337] lookup_one_len+0x279/0x3a0 [ 681.014319] ? lookup_one_len_unlocked+0x410/0x410 [ 681.019252] start_creating+0xb0/0x200 [ 681.023141] __debugfs_create_file+0x4f/0x440 [ 681.027642] ? debugfs_create_file+0x37/0x60 [ 681.032059] kvm_dev_ioctl+0xe7f/0x1450 [ 681.036041] ? fsnotify+0x974/0x11b0 [ 681.039755] ? kvm_put_kvm+0xab0/0xab0 [ 681.043646] ? kvm_put_kvm+0xab0/0xab0 [ 681.047533] do_vfs_ioctl+0x75a/0xff0 [ 681.051334] ? lock_acquire+0x170/0x3f0 [ 681.055318] ? ioctl_preallocate+0x1a0/0x1a0 [ 681.059734] ? __fget+0x265/0x3e0 [ 681.063189] ? do_vfs_ioctl+0xff0/0xff0 [ 681.067164] ? security_file_ioctl+0x83/0xb0 [ 681.071669] SyS_ioctl+0x7f/0xb0 [ 681.075034] ? do_vfs_ioctl+0xff0/0xff0 [ 681.079008] do_syscall_64+0x1d5/0x640 [ 681.082906] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 681.088088] RIP: 0033:0x7fa37e383109 [ 681.091791] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 681.099494] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 681.106761] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 681.114033] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 681.122214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 681.129577] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r2, 0x1}, 0x14}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r1) sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x60, r4, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3f}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5a}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7ff}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5ca1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r2, 0x301, 0x70bd27, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_NET_NS_FD={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}, @GTPA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x4) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:57 executing program 4: socketpair(0x15, 0x1, 0x0, 0x0) 13:37:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x2}, 0x4) 13:37:57 executing program 3: socketpair(0x1, 0x6, 0x6, 0x0) 13:37:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getpeername$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @private}, &(0x7f0000000080)=0x10) 13:37:57 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 44) 13:37:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x2}, 0x4) 13:37:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) getpeername$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @private}, &(0x7f0000000080)=0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) getpeername$l2tp(r1, &(0x7f0000000040)={0x2, 0x0, @private}, &(0x7f0000000080)=0x10) (async) 13:37:57 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x8], 0x1, 0x80800, 0x0, 0xffffffffffffffff}) ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f0000000240)={0x3, 0xfffffff8, [{0x6, 0x0, 0x8001}, {0x4, 0x0, 0x5}, {0x5, 0x0, 0x5}]}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x3, 0x4}) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:57 executing program 3: socketpair(0x1, 0x6, 0x6, 0x0) 13:37:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 64) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r2, 0x1}, 0x14}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r1) sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x60, r4, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3f}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5a}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7ff}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5ca1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r2, 0x301, 0x70bd27, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_NET_NS_FD={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}, @GTPA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x4) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 681.614205] FAULT_INJECTION: forcing a failure. [ 681.614205] name failslab, interval 1, probability 0, space 0, times 0 13:37:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x2}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x2}, 0x4) (async) [ 681.689912] CPU: 1 PID: 12964 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 681.697819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 681.707172] Call Trace: [ 681.709766] dump_stack+0x1b2/0x281 [ 681.713400] should_fail.cold+0x10a/0x149 [ 681.717557] should_failslab+0xd6/0x130 [ 681.721538] kmem_cache_alloc_trace+0x29a/0x3d0 [ 681.726203] ? debugfs_create_file+0x37/0x60 [ 681.730614] kvm_dev_ioctl+0xce6/0x1450 [ 681.734592] ? fsnotify+0x974/0x11b0 [ 681.738302] ? kvm_put_kvm+0xab0/0xab0 [ 681.742189] ? kvm_put_kvm+0xab0/0xab0 [ 681.746071] do_vfs_ioctl+0x75a/0xff0 [ 681.749874] ? lock_acquire+0x170/0x3f0 [ 681.753847] ? ioctl_preallocate+0x1a0/0x1a0 [ 681.758253] ? __fget+0x265/0x3e0 [ 681.761709] ? do_vfs_ioctl+0xff0/0xff0 [ 681.765685] ? security_file_ioctl+0x83/0xb0 [ 681.770087] SyS_ioctl+0x7f/0xb0 [ 681.773446] ? do_vfs_ioctl+0xff0/0xff0 [ 681.777414] do_syscall_64+0x1d5/0x640 [ 681.781306] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 681.786487] RIP: 0033:0x7fa37e383109 13:37:57 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x8], 0x1, 0x80800, 0x0, 0xffffffffffffffff}) (rerun: 32) ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f0000000240)={0x3, 0xfffffff8, [{0x6, 0x0, 0x8001}, {0x4, 0x0, 0x5}, {0x5, 0x0, 0x5}]}) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x3, 0x4}) (rerun: 32) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:57 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14, 0x80000) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan1\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) recvfrom$packet(r0, &(0x7f00000001c0)=""/248, 0xf8, 0x0, &(0x7f00000002c0)={0x11, 0x3, r4, 0x1, 0x8, 0x6, @multicast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x2f, 0x3, 0x85, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x7, 0xf891, 0x5, 0xfffffe01}}) recvfrom$packet(r0, &(0x7f0000000080)=""/8, 0x8, 0x2, &(0x7f0000000180)={0x11, 0x2a, r5, 0x1, 0x8}, 0x14) 13:37:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x3}, 0x4) [ 681.790192] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 681.797899] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 681.805172] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 681.812441] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 681.819707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 681.826976] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:57 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 13:37:57 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r2, 0x1}, 0x14}}, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r1) sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x60, r4, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @local}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x3f}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5a}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7ff}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x5ca1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r2, 0x301, 0x70bd27, 0x25dfdbfb, {}, [@GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_NET_NS_FD={0x8}, @GTPA_VERSION={0x8}, @GTPA_O_TEI={0x8, 0x9, 0x2}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}, @GTPA_LINK={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x4) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 45) 13:37:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x3}, 0x4) (async) 13:37:58 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x8], 0x1, 0x80800, 0x0, 0xffffffffffffffff}) (rerun: 32) ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f0000000240)={0x3, 0xfffffff8, [{0x6, 0x0, 0x8001}, {0x4, 0x0, 0x5}, {0x5, 0x0, 0x5}]}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x3, 0x4}) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:37:58 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14, 0x80000) r1 = socket$packet(0x11, 0x3, 0x300) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan1\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) recvfrom$packet(r0, &(0x7f00000001c0)=""/248, 0xf8, 0x0, &(0x7f00000002c0)={0x11, 0x3, r4, 0x1, 0x8, 0x6, @multicast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x2f, 0x3, 0x85, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x7, 0xf891, 0x5, 0xfffffe01}}) recvfrom$packet(r0, &(0x7f0000000080)=""/8, 0x8, 0x2, &(0x7f0000000180)={0x11, 0x2a, r5, 0x1, 0x8}, 0x14) socketpair(0x2, 0x1, 0x0, 0x0) (async) accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14, 0x80000) (async) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan1\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) recvfrom$packet(r0, &(0x7f00000001c0)=""/248, 0xf8, 0x0, &(0x7f00000002c0)={0x11, 0x3, r4, 0x1, 0x8, 0x6, @multicast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x2f, 0x3, 0x85, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x7, 0xf891, 0x5, 0xfffffe01}}) (async) recvfrom$packet(r0, &(0x7f0000000080)=""/8, 0x8, 0x2, &(0x7f0000000180)={0x11, 0x2a, r5, 0x1, 0x8}, 0x14) (async) 13:37:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 13:37:58 executing program 1: ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000100)=[0x7, 0x8, 0xffffffff, 0x40000, 0x5, 0x8], 0x6, 0x800}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x60000) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) connect$802154_dgram(r0, &(0x7f00000000c0)={0x24, @short={0x2, 0xffff}}, 0x14) 13:37:58 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 64) r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14, 0x80000) (async, rerun: 64) r1 = socket$packet(0x11, 0x3, 0x300) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan1\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @broadcast}, 0x14) recvfrom$packet(r0, &(0x7f00000001c0)=""/248, 0xf8, 0x0, &(0x7f00000002c0)={0x11, 0x3, r4, 0x1, 0x8, 0x6, @multicast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x2f, 0x3, 0x85, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x7, 0xf891, 0x5, 0xfffffe01}}) recvfrom$packet(r0, &(0x7f0000000080)=""/8, 0x8, 0x2, &(0x7f0000000180)={0x11, 0x2a, r5, 0x1, 0x8}, 0x14) 13:37:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x2, 0x3}, 0x4) (async) 13:37:58 executing program 4: openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x280100, 0x0) socketpair(0x27, 0x1, 0x3, 0x0) [ 682.037161] FAULT_INJECTION: forcing a failure. [ 682.037161] name failslab, interval 1, probability 0, space 0, times 0 13:37:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) (async) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async) 13:37:58 executing program 4: openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x280100, 0x0) (async) socketpair(0x27, 0x1, 0x3, 0x0) [ 682.077977] CPU: 0 PID: 13053 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 682.085883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.095246] Call Trace: [ 682.097834] dump_stack+0x1b2/0x281 [ 682.101471] should_fail.cold+0x10a/0x149 [ 682.105619] should_failslab+0xd6/0x130 [ 682.109598] kmem_cache_alloc+0x28e/0x3c0 [ 682.113760] __d_alloc+0x2a/0xa20 [ 682.117213] ? d_lookup+0x172/0x220 [ 682.120846] d_alloc+0x46/0x240 [ 682.124132] __lookup_hash+0x101/0x270 13:37:58 executing program 4: openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x280100, 0x0) (async) socketpair(0x27, 0x1, 0x3, 0x0) [ 682.128015] ? __inode_permission+0xcd/0x2f0 [ 682.132423] lookup_one_len+0x279/0x3a0 [ 682.136396] ? lookup_one_len_unlocked+0x410/0x410 [ 682.141337] start_creating+0xb0/0x200 [ 682.145230] __debugfs_create_file+0x4f/0x440 [ 682.149725] ? debugfs_create_file+0x37/0x60 [ 682.154143] kvm_dev_ioctl+0xe7f/0x1450 [ 682.158121] ? fsnotify+0x974/0x11b0 [ 682.161830] ? kvm_put_kvm+0xab0/0xab0 [ 682.165809] ? kvm_put_kvm+0xab0/0xab0 [ 682.169701] do_vfs_ioctl+0x75a/0xff0 [ 682.173500] ? lock_acquire+0x170/0x3f0 [ 682.177471] ? ioctl_preallocate+0x1a0/0x1a0 [ 682.181881] ? __fget+0x265/0x3e0 [ 682.185366] ? do_vfs_ioctl+0xff0/0xff0 [ 682.189353] ? security_file_ioctl+0x83/0xb0 [ 682.193765] SyS_ioctl+0x7f/0xb0 [ 682.197134] ? do_vfs_ioctl+0xff0/0xff0 [ 682.201114] do_syscall_64+0x1d5/0x640 [ 682.205002] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 682.210192] RIP: 0033:0x7fa37e383109 [ 682.213982] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 46) 13:37:58 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 13:37:58 executing program 1: ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000100)=[0x7, 0x8, 0xffffffff, 0x40000, 0x5, 0x8], 0x6, 0x800}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x60000) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) connect$802154_dgram(r0, &(0x7f00000000c0)={0x24, @short={0x2, 0xffff}}, 0x14) [ 682.221694] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 682.228960] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 682.236373] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 682.243641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 682.251174] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:58 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x2, 0x1, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) 13:37:58 executing program 3: r0 = accept4$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14, 0x0) sendto$packet(r0, &(0x7f0000000140)="b2a0dbea98a398b5afccf1f130e1af7ccf13d20bd16e5b35559649fee832ae80ed1dc2126ffccf6b7765883ecf9d514f4fdae7a3da5bfe4cf3a979067af08b2803918474dfc8c5469d43ba5f78252d8c272565c44feb4ca2901614b31ab0ca5743cdf1f53b93c0be3895f50f33fd272f3df3707563511bbb11ad0f87fa69a093d85114f9db723998cf88cb1f3f9d2147fedfe61e30ea30a66787b37b3b3550e95d702345f2d56e84bb3569fb888adea16c02478f51ac6778199a1158705a692084f805000e3d5cd82114c87f4282e64b810f124a005269de1014354344bc6d2b77a379c8fe6fc475a61c897f7670dcc6b54ce97fb94a1a19353bec83835925e364e977f9007002b9a26dca6b165ac9bccce95520130246de6fbd2a470f8f8ab47eb6f569a51427345c922fcf0ad52865e0acd371f8b948ab2d12a877864c672455d15b496fd775865bbcb3a285863668aba68aa5918959e64511191b00c60179d7754076e9c4cca8984c98e723d81c92d7b4ff88143cbde3107c726acb77fd77a287314d657229507321696eb0bffac32f46a0c6406de142a26ddc3bcf2c6ee0b460389adfbe1cebc360159e6d08113ab679b5b7a343eb4d2ba36941501f5c6532d20a116ebb3037fb563bc30f0de0005e9c4032c1eb21b83cfea48b78682b7e27e326c02c1d4623dc93d2dc13f21cd119b063acfdf8849cdf1afc18662a7e00d98f3cc8af9a04dfcbd029789ca509c8e394806376d34cf589351c47a6298062668a8a48cf07758b1680d4c2a1cf7d315402774600da560cd2c40d18b44f1b458acffb11653a51ee8ef2d069e4f8ba1f275244cba76bf714fe40a1fb3e4d60e90887902248293e09b2370249fdaf43d08ca98111e545f9213ee24b811ad15809b09ac66f85e3a8354899ba42081cc74d528a2a0ba864be1cfaec28e35f3ce7fd55b4bb7f8e05b47f865ccd5461fcb996061a2588852b61ac01d714304f375f5508a86ff14b640123e220b39d3f774f9959a2486e62897641e50ade352cafa1b95172951ba5fb84f041081ee32899b02a5d0d0257ab5dc3aeaa8f0e0d1264db79423df656826c7c40d1481684a344cbea02201e8d7517131d7add299ad306c68dc1e9948ea1d3ab6d0a52b55eca8d74017178d48b9a38e585a04bc4187e0ffaf5d4cdcb75b6c450fc295b4383889016d091744fb55b805386297a7653c20adc1e099f4b443ba9249982c8acb75508092dd25ea7a3258f08aec6dd7f12d98764c187821227250d7a55b46db15556423739b6840cbe28cd8fd547f010418f6f411c1eadd39ae21eea19d8ad8ead6995a593a4e0594c09e7ebfa909f78cd1b6276900b46910f4c51d4f9f999bf37086bc937090830832d094712a0548b7e143deef1208af0ade08bdaea634e798ef42673d100f239d589863e265e1d43ed10977a648a96a7e115c848870ec02e7b15249e92f3f8f599996db9a7e33b8a66a4ffaafebd0d318c49a54f0e74b5a038a8b306242a011c567ac38ce86caedd2dc7f50b9be4983901a8e05bc1187227d70a9be114a6387ac86e3a6130162573aaad0791ef5fcd3cfe4f605f1f5752f312f9cbd2bfb28902c218879faece9e1053e0d66a6fb75da676aa9a1b1f2e9ba020e156b9b9c3fec813027b1a4c1ac18666a57187c209b29572f97abb1dc8185af53a498f686e62797b05d933e95a79a8cdfaca7ead1a3402a27648f19e3193e9757d5e3203398d577754457313db441ad909617579d2d077b667d63e8fab5b96939adc8a417c4b9599129fa7d4d78b32d9cbdc24c985bb71c7da3d05c4822c72a4eac92d807faf1e2d0d77744a5f22f07db27579a63a62e940fd9b919bc896d8caddf39903a1067b9416bfe7341952ebcce8496d5797bf1dc152feb3cef08a9206c6771f69a9e6efe55e6c8f0651277f3a3be61523519c8efc35ea7a33792da916ee79f1930f7e5bb116637edafc80ecc618bf5993a84717a496c4f5a90083fddae054d7dce88be841ae9020bb6af3b31e30dc4b8d868f747fd7527743a75d440ff6bb4218365867f1f24c00e5983e6c1dff16679808b9a7b4252a72b5b10631fed604f8510cc1d828317ff6b87cb0a6c2fde11fba854cb47d84ce9b28818d9a711b409a2cfdde8fa084f6ab8680bb9d2502dcf8a8ef50e677b7fcb9808166399c6e706fc8a9de087bafc6379664fafa8d07605a39c611be6b7fe2716ee31e59f9e97bad82ae6ae6174944ad31f05314ed07cce5ba8e91b45c1ff1aa4a8292e0e0f35c1a6d49d095a747902412eb3477a29d40dcaa0051c805ada7f39dc680a2955eda78081c4635286aef925e6e03944e169878afa1410aa4576572f28f9db9957a1fe38495c59d926722ad6158deb1c4d0ebefbc74218c90210a51392d92cbbeba11f1f1c50158e3b939828e681b08f21688aaa2e67257b751526c57378b5165e9d1d61a210a7cc03cc4d84154c15911d44174afaeb33883c34c9e25531cd18719b69be3b94e5fb6f89e1ab5e907f33fe3a302a3de9350881a3f14739edbb1d76f9145660b68cbeb51ebe513fa2a333466ed1e89fdab807ec4a065692a4d7077ec3a6393c61e8813b0f3f54db2fef8625a5ff57f5326214eed88d4588c86e6afc9910d6105232ac6fbc7c581d6b46bacbc17259f28bb9770e44d54a73e5dd9616ccbc15b5a1e7ed67c21f153c0b7fe540bd781b26b058733c3fb8a5bf446ce7241af9c19b51cd521643e998b447b69a1dee7767b43b386f0901bf09debeae5773bf05599a26407ebfdb010a360adcc07a4cf35428e53fd8dcd346cfcbc1231f66c081cba2041246d1ad02c69d824526a2443657f6139af1284316dd9c5519c3965ab1d5d3b97f4e613e3070919063b0164654422722dcd370970e1c2132e17eafa25bb38fb458442d51b25adb20af8b1eed62a4d1fb31cf016c3a0971a2b280a385e3f2a4bd5d4b2febb58e21ad0106e590bf4e8e07b9b0ce24b1b76da4c7014a3f48bf35ee2c7a545980e551429ace98cc13afdb1ec9be2c3b44847e70f50da1c2be0ce7e303746361ce4b8a239ebe0c1c604886c1989fdb8ee8fd5711ab0e7d0b85a301d521cd177712d7bae0934d53e26692aaa6979f5120e891c1d255b5dfdf954c04bd95ace80b52edcd2638d83b8179a55ea6b69b492f04ed72402432be11cd85189c47c677c6092da005060488fe4b7bdfc2be67bd38cc2bb0791b9cd8907c7fa44ffcb16343193c6b876166d255568927fc72716f1651c359be4c5f51355560923ca1087708cff4add1b212e72a5c8a2ab53fcd69442725d39046fe182c4f04b589c7359b5ee05f559743dfd4bad0eeede845897fe9ce0abfeeb582925f4efad363f3294abfc00057ece8c53b7a5986987af6be2e5590cac30c6011b7bd12745657dd8eccda8c843711b43b7c83ab5dd79ffaffbe69c850e0613b0d71a245acaa6f52c3af0ad3b42d46a7d0b46c638ad563ea009594cc9b90295b9fe664c876f4ed52f74bcd78f5fd189d1177523987d7ce3493f1cd55d6d3aabc4f94e7a73f5746941e6d584440f8e22574e0262cf445710f73f6307bb8721cec3a1f72cfd6cd9d14c4aba6d180637703398b500820baecbef5b3125cf7fb19ded525d7bee0af786b324c701087ce268eb69c54898e55d2058debcdc88bc5c0f118e368e60e8e3cfc017a6c1ab4b828c6e9324e844528507aef88b23c8ca46f6aea2a9690a4985d36b6b7a06a5f9b239edbc8e691662db03763b058cbf133496b9877973dd94ae0cf240fd0a07beb72877eff2a51e47f9826eeeb06e40e36f9a257c16076501b34eb1aeb73f7e9fde16820ae30e0d3a4641010e860c24168f447e20ffd2ba97901ee4e5a267a1dee3ae7f46bfa049395be9b7f229051f776e2263ed4355f117aeb329805b008effa6258b86c05202e00efe66fad4655ab62a3f0928075c92ec9673e16fb190826a9155a301c86156a8d652c65e584389352c92ce31910ac0cee4089a6f116001a1e23e20a669f8d1d876613a461516d82d7f2594cc869d9a21a9d988d43f4eb6880dbc57a172ee4c5c13c94b93a3697db2dd3c59f89bebe38851501de32a1fe980405d63d4f711fc8a11ade95cd0973b41de772f0012e573392deb8ae7c804d69d2e55c42c2d411588e7abe38783706740c3260afab4e3f177e36cdb23dcb6639957ac97712924f643850be5af4a98eb7d8b363fa7fed3bb437a78d6ac0b8611a3e41b9835c5983b4146fb00c93faf14d1a4e5cafa17e7e6afb733d6859bf2489192b2d92b28f9336b165daf101ce10f941356fda5ab1a1da8d53a3957a710a72e20a74a50ee400ae92b367d3bbb7a4a84004b530a4e50d1a47d05c78336e8a25bbffdaa43542a873cb12d47b6456ecd3c4ca7386e21dded4641b84810ca5926674fd774962f55e1f132a019ecdcfbd6d856d05e4fcd705b252e60140601bc70b42310d40ff81ef7915440ac4f08f99e9a1d2eafc04fe51cf410c4d2b15dd9141daac9e1f449aacad05a85ca47c350c133ac40e4fabb8d2af958a7c289482ebbe9cc31ba2ee2f935767e92656746a580aa90054e40db346e7b16f07760b6f0919eb779f3ce1115359647f1b4db39ca9a46399ea311a8a32cea4d393cfdd3466dcbfa1bd5bda0362fe031252287f3dbd5b82bb82ef0338dfae6b9c70b66509b81edaa9561e1b4b85563ead749bf64cc2637739ec84a23a8d79a070f1c20a35d592e337f9113ab988a2c8e34f8f188555f117d23ebee99454135f0dbada3b7d36e7361d82df9c023befc45a8b21d75251050a659ff7cf3c14277641410ca7c5e65682efad226b024193178f4be6c498af29c46f1426619b8eddb99eeb0bdaf0a9b81d93dd519b921be92554a0ae7c7360693433e956791e3cc73aae35a0a957ad9cef004e257e807e93ec3a43b66f3c5e198252629551ac58186c69c758f862f25c007f3d94652d8be8028004c48f7f1326f16e67a05b3844f6282d2d87cdf1068c99cfdcad053bd2c139630c0bf6e3b8730f2041589a091ad134d0d49ff3d57752c64c32a581429d080f29f7756fe3b180d24ea3d5fb570fbcfdcc0845445756f0b530cd38ee25eea1e9608d95bcfb72ffe13fe79a9fb9247416065b994e3d1e6f2c3574f13e7ccb158939fecca85c66781ca5f7dd813ddcb94377e005a2d1d5430f7f1aaeebcfdab6eaee250cc45c7e366b38104217681c896374078f455ece5b19af1359790a1f59e08e1a4f52c7c46e82811abf6f6a768004b9d5ad541ed9d566bb7d5c4bd73d4ff14c4cf36056c52309e4e53afc8432c179ed7aa3c22637905a9fa3521731156d6c673eb7d8925ca42efb6b4292b6eccce44fab1aa210b0fdd39f7dac3b07d54aae84d199bcda043140a80f8855d7db785bb58ba08ee29255462ac32f883d5082ca5b2758fa4be010532b304058c83a5e77069ff2d4790d9cf8617b84e75eb0743c1909bbe1fe0bba8a9f61d7c320f493757d206ada23d832919e8bb1ae02a72796782ecad70b88912abf24782a0e2b36a1f9f063c6607b412172b4132916940b56c803e64265354c7cec03bcd979498b27dca02f3299ff517e54595b0b900ae57cb2f310149b5fe63d485dfceddd2d6e57ab6855cc89af0a8c0560a6c19b5a3ada9fdbad0fa513e44af6a33c986ffeb3914248e4c956bd5802a717504d3e175a50c5d44f4c714ffc0f7eb604fda60ecf0c476309b8824a6a380c4d06d4bea0121194fe279e0289f521cce5f6ca77df1ff8d4257af15a66f3319ecd7e18c47bc7a", 0x1000, 0x20000000, &(0x7f0000001140)={0x11, 0x1, 0x0, 0x1, 0x4, 0x6, @random="f90bf956dd4a"}, 0x14) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000001240)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001200)={&(0x7f00000011c0)={0x1c, r3, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24048080}, 0x80) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x29, 0x7, 0x7, 0x1000, 0x38, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1, 0x20, 0x6, 0x2, 0x1}}) 13:37:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x50000) write$vhost_msg_v2(r1, &(0x7f00000001c0)={0x2, 0x0, {&(0x7f0000000040)=""/197, 0xc5, &(0x7f0000000180)=""/30, 0x3, 0x4}}, 0x48) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @loopback}}) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x3, 0x20, 0x400, 0x6ee, 0x5, 0x99, 0x557}, 0x1c) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:58 executing program 1: ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000100)=[0x7, 0x8, 0xffffffff, 0x40000, 0x5, 0x8], 0x6, 0x800}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x60000) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) connect$802154_dgram(r0, &(0x7f00000000c0)={0x24, @short={0x2, 0xffff}}, 0x14) 13:37:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x20000000) socketpair(0x10, 0x4, 0x1, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r3, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x43a}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x801) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipmr_getroute={0x1c, 0x1a, 0x1, 0x70bd2c, 0x25dfdbfe, {0x80, 0x0, 0x14, 0x9, 0x0, 0x0, 0x2, 0x0, 0x200}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41040c50a6378f2e}, 0x20000000) [ 682.354040] FAULT_INJECTION: forcing a failure. [ 682.354040] name failslab, interval 1, probability 0, space 0, times 0 [ 682.377470] CPU: 0 PID: 13112 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 682.385374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.394728] Call Trace: [ 682.397320] dump_stack+0x1b2/0x281 [ 682.400956] should_fail.cold+0x10a/0x149 [ 682.405112] should_failslab+0xd6/0x130 [ 682.409094] kmem_cache_alloc+0x28e/0x3c0 [ 682.413246] alloc_inode+0xa0/0x170 [ 682.416880] new_inode+0x1d/0xf0 [ 682.420249] debugfs_get_inode+0x1a/0x130 [ 682.424395] __debugfs_create_file+0x93/0x440 [ 682.428890] ? debugfs_create_file+0x37/0x60 [ 682.433300] kvm_dev_ioctl+0xe7f/0x1450 [ 682.437277] ? fsnotify+0x974/0x11b0 [ 682.440989] ? kvm_put_kvm+0xab0/0xab0 [ 682.444882] ? kvm_put_kvm+0xab0/0xab0 [ 682.448784] do_vfs_ioctl+0x75a/0xff0 13:37:58 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) 13:37:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x20000000) (async) socketpair(0x10, 0x4, 0x1, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r3, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x43a}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x801) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipmr_getroute={0x1c, 0x1a, 0x1, 0x70bd2c, 0x25dfdbfe, {0x80, 0x0, 0x14, 0x9, 0x0, 0x0, 0x2, 0x0, 0x200}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41040c50a6378f2e}, 0x20000000) [ 682.452586] ? lock_acquire+0x170/0x3f0 [ 682.456559] ? ioctl_preallocate+0x1a0/0x1a0 [ 682.460970] ? __fget+0x265/0x3e0 [ 682.464425] ? do_vfs_ioctl+0xff0/0xff0 [ 682.468400] ? security_file_ioctl+0x83/0xb0 [ 682.472808] SyS_ioctl+0x7f/0xb0 [ 682.476167] ? do_vfs_ioctl+0xff0/0xff0 [ 682.480155] do_syscall_64+0x1d5/0x640 [ 682.484052] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 682.489235] RIP: 0033:0x7fa37e383109 [ 682.492937] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:37:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x20000000) socketpair(0x10, 0x4, 0x1, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r3, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x43a}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x801) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipmr_getroute={0x1c, 0x1a, 0x1, 0x70bd2c, 0x25dfdbfe, {0x80, 0x0, 0x14, 0x9, 0x0, 0x0, 0x2, 0x0, 0x200}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41040c50a6378f2e}, 0x20000000) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x0, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_I_TEI={0x8, 0x8, 0x4}, @GTPA_NET_NS_FD={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x11}, 0x20000000) (async) socketpair(0x10, 0x4, 0x1, &(0x7f0000000240)) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r3, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x43a}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x801) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipmr_getroute={0x1c, 0x1a, 0x1, 0x70bd2c, 0x25dfdbfe, {0x80, 0x0, 0x14, 0x9, 0x0, 0x0, 0x2, 0x0, 0x200}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x41040c50a6378f2e}, 0x20000000) (async) 13:37:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x50000) write$vhost_msg_v2(r1, &(0x7f00000001c0)={0x2, 0x0, {&(0x7f0000000040)=""/197, 0xc5, &(0x7f0000000180)=""/30, 0x3, 0x4}}, 0x48) (async) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @loopback}}) (async) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x3, 0x20, 0x400, 0x6ee, 0x5, 0x99, 0x557}, 0x1c) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) [ 682.500639] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 682.507898] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 682.515160] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 682.522421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 682.529686] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 47) 13:37:58 executing program 2: ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x2f, 0x0, 0xff, 0x8, 0x2, @private1, @ipv4={'\x00', '\xff\xff', @empty}, 0x7, 0x7, 0x5567, 0xf88b}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r1, 0xc0086421, &(0x7f0000000140)={r2, 0x6}) 13:37:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4040, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:58 executing program 4: socketpair(0xf, 0x1, 0xfffffffd, 0x0) 13:37:58 executing program 3: r0 = accept4$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14, 0x0) sendto$packet(r0, &(0x7f0000000140)="b2a0dbea98a398b5afccf1f130e1af7ccf13d20bd16e5b35559649fee832ae80ed1dc2126ffccf6b7765883ecf9d514f4fdae7a3da5bfe4cf3a979067af08b2803918474dfc8c5469d43ba5f78252d8c272565c44feb4ca2901614b31ab0ca5743cdf1f53b93c0be3895f50f33fd272f3df3707563511bbb11ad0f87fa69a093d85114f9db723998cf88cb1f3f9d2147fedfe61e30ea30a66787b37b3b3550e95d702345f2d56e84bb3569fb888adea16c02478f51ac6778199a1158705a692084f805000e3d5cd82114c87f4282e64b810f124a005269de1014354344bc6d2b77a379c8fe6fc475a61c897f7670dcc6b54ce97fb94a1a19353bec83835925e364e977f9007002b9a26dca6b165ac9bccce95520130246de6fbd2a470f8f8ab47eb6f569a51427345c922fcf0ad52865e0acd371f8b948ab2d12a877864c672455d15b496fd775865bbcb3a285863668aba68aa5918959e64511191b00c60179d7754076e9c4cca8984c98e723d81c92d7b4ff88143cbde3107c726acb77fd77a287314d657229507321696eb0bffac32f46a0c6406de142a26ddc3bcf2c6ee0b460389adfbe1cebc360159e6d08113ab679b5b7a343eb4d2ba36941501f5c6532d20a116ebb3037fb563bc30f0de0005e9c4032c1eb21b83cfea48b78682b7e27e326c02c1d4623dc93d2dc13f21cd119b063acfdf8849cdf1afc18662a7e00d98f3cc8af9a04dfcbd029789ca509c8e394806376d34cf589351c47a6298062668a8a48cf07758b1680d4c2a1cf7d315402774600da560cd2c40d18b44f1b458acffb11653a51ee8ef2d069e4f8ba1f275244cba76bf714fe40a1fb3e4d60e90887902248293e09b2370249fdaf43d08ca98111e545f9213ee24b811ad15809b09ac66f85e3a8354899ba42081cc74d528a2a0ba864be1cfaec28e35f3ce7fd55b4bb7f8e05b47f865ccd5461fcb996061a2588852b61ac01d714304f375f5508a86ff14b640123e220b39d3f774f9959a2486e62897641e50ade352cafa1b95172951ba5fb84f041081ee32899b02a5d0d0257ab5dc3aeaa8f0e0d1264db79423df656826c7c40d1481684a344cbea02201e8d7517131d7add299ad306c68dc1e9948ea1d3ab6d0a52b55eca8d74017178d48b9a38e585a04bc4187e0ffaf5d4cdcb75b6c450fc295b4383889016d091744fb55b805386297a7653c20adc1e099f4b443ba9249982c8acb75508092dd25ea7a3258f08aec6dd7f12d98764c187821227250d7a55b46db15556423739b6840cbe28cd8fd547f010418f6f411c1eadd39ae21eea19d8ad8ead6995a593a4e0594c09e7ebfa909f78cd1b6276900b46910f4c51d4f9f999bf37086bc937090830832d094712a0548b7e143deef1208af0ade08bdaea634e798ef42673d100f239d589863e265e1d43ed10977a648a96a7e115c848870ec02e7b15249e92f3f8f599996db9a7e33b8a66a4ffaafebd0d318c49a54f0e74b5a038a8b306242a011c567ac38ce86caedd2dc7f50b9be4983901a8e05bc1187227d70a9be114a6387ac86e3a6130162573aaad0791ef5fcd3cfe4f605f1f5752f312f9cbd2bfb28902c218879faece9e1053e0d66a6fb75da676aa9a1b1f2e9ba020e156b9b9c3fec813027b1a4c1ac18666a57187c209b29572f97abb1dc8185af53a498f686e62797b05d933e95a79a8cdfaca7ead1a3402a27648f19e3193e9757d5e3203398d577754457313db441ad909617579d2d077b667d63e8fab5b96939adc8a417c4b9599129fa7d4d78b32d9cbdc24c985bb71c7da3d05c4822c72a4eac92d807faf1e2d0d77744a5f22f07db27579a63a62e940fd9b919bc896d8caddf39903a1067b9416bfe7341952ebcce8496d5797bf1dc152feb3cef08a9206c6771f69a9e6efe55e6c8f0651277f3a3be61523519c8efc35ea7a33792da916ee79f1930f7e5bb116637edafc80ecc618bf5993a84717a496c4f5a90083fddae054d7dce88be841ae9020bb6af3b31e30dc4b8d868f747fd7527743a75d440ff6bb4218365867f1f24c00e5983e6c1dff16679808b9a7b4252a72b5b10631fed604f8510cc1d828317ff6b87cb0a6c2fde11fba854cb47d84ce9b28818d9a711b409a2cfdde8fa084f6ab8680bb9d2502dcf8a8ef50e677b7fcb9808166399c6e706fc8a9de087bafc6379664fafa8d07605a39c611be6b7fe2716ee31e59f9e97bad82ae6ae6174944ad31f05314ed07cce5ba8e91b45c1ff1aa4a8292e0e0f35c1a6d49d095a747902412eb3477a29d40dcaa0051c805ada7f39dc680a2955eda78081c4635286aef925e6e03944e169878afa1410aa4576572f28f9db9957a1fe38495c59d926722ad6158deb1c4d0ebefbc74218c90210a51392d92cbbeba11f1f1c50158e3b939828e681b08f21688aaa2e67257b751526c57378b5165e9d1d61a210a7cc03cc4d84154c15911d44174afaeb33883c34c9e25531cd18719b69be3b94e5fb6f89e1ab5e907f33fe3a302a3de9350881a3f14739edbb1d76f9145660b68cbeb51ebe513fa2a333466ed1e89fdab807ec4a065692a4d7077ec3a6393c61e8813b0f3f54db2fef8625a5ff57f5326214eed88d4588c86e6afc9910d6105232ac6fbc7c581d6b46bacbc17259f28bb9770e44d54a73e5dd9616ccbc15b5a1e7ed67c21f153c0b7fe540bd781b26b058733c3fb8a5bf446ce7241af9c19b51cd521643e998b447b69a1dee7767b43b386f0901bf09debeae5773bf05599a26407ebfdb010a360adcc07a4cf35428e53fd8dcd346cfcbc1231f66c081cba2041246d1ad02c69d824526a2443657f6139af1284316dd9c5519c3965ab1d5d3b97f4e613e3070919063b0164654422722dcd370970e1c2132e17eafa25bb38fb458442d51b25adb20af8b1eed62a4d1fb31cf016c3a0971a2b280a385e3f2a4bd5d4b2febb58e21ad0106e590bf4e8e07b9b0ce24b1b76da4c7014a3f48bf35ee2c7a545980e551429ace98cc13afdb1ec9be2c3b44847e70f50da1c2be0ce7e303746361ce4b8a239ebe0c1c604886c1989fdb8ee8fd5711ab0e7d0b85a301d521cd177712d7bae0934d53e26692aaa6979f5120e891c1d255b5dfdf954c04bd95ace80b52edcd2638d83b8179a55ea6b69b492f04ed72402432be11cd85189c47c677c6092da005060488fe4b7bdfc2be67bd38cc2bb0791b9cd8907c7fa44ffcb16343193c6b876166d255568927fc72716f1651c359be4c5f51355560923ca1087708cff4add1b212e72a5c8a2ab53fcd69442725d39046fe182c4f04b589c7359b5ee05f559743dfd4bad0eeede845897fe9ce0abfeeb582925f4efad363f3294abfc00057ece8c53b7a5986987af6be2e5590cac30c6011b7bd12745657dd8eccda8c843711b43b7c83ab5dd79ffaffbe69c850e0613b0d71a245acaa6f52c3af0ad3b42d46a7d0b46c638ad563ea009594cc9b90295b9fe664c876f4ed52f74bcd78f5fd189d1177523987d7ce3493f1cd55d6d3aabc4f94e7a73f5746941e6d584440f8e22574e0262cf445710f73f6307bb8721cec3a1f72cfd6cd9d14c4aba6d180637703398b500820baecbef5b3125cf7fb19ded525d7bee0af786b324c701087ce268eb69c54898e55d2058debcdc88bc5c0f118e368e60e8e3cfc017a6c1ab4b828c6e9324e844528507aef88b23c8ca46f6aea2a9690a4985d36b6b7a06a5f9b239edbc8e691662db03763b058cbf133496b9877973dd94ae0cf240fd0a07beb72877eff2a51e47f9826eeeb06e40e36f9a257c16076501b34eb1aeb73f7e9fde16820ae30e0d3a4641010e860c24168f447e20ffd2ba97901ee4e5a267a1dee3ae7f46bfa049395be9b7f229051f776e2263ed4355f117aeb329805b008effa6258b86c05202e00efe66fad4655ab62a3f0928075c92ec9673e16fb190826a9155a301c86156a8d652c65e584389352c92ce31910ac0cee4089a6f116001a1e23e20a669f8d1d876613a461516d82d7f2594cc869d9a21a9d988d43f4eb6880dbc57a172ee4c5c13c94b93a3697db2dd3c59f89bebe38851501de32a1fe980405d63d4f711fc8a11ade95cd0973b41de772f0012e573392deb8ae7c804d69d2e55c42c2d411588e7abe38783706740c3260afab4e3f177e36cdb23dcb6639957ac97712924f643850be5af4a98eb7d8b363fa7fed3bb437a78d6ac0b8611a3e41b9835c5983b4146fb00c93faf14d1a4e5cafa17e7e6afb733d6859bf2489192b2d92b28f9336b165daf101ce10f941356fda5ab1a1da8d53a3957a710a72e20a74a50ee400ae92b367d3bbb7a4a84004b530a4e50d1a47d05c78336e8a25bbffdaa43542a873cb12d47b6456ecd3c4ca7386e21dded4641b84810ca5926674fd774962f55e1f132a019ecdcfbd6d856d05e4fcd705b252e60140601bc70b42310d40ff81ef7915440ac4f08f99e9a1d2eafc04fe51cf410c4d2b15dd9141daac9e1f449aacad05a85ca47c350c133ac40e4fabb8d2af958a7c289482ebbe9cc31ba2ee2f935767e92656746a580aa90054e40db346e7b16f07760b6f0919eb779f3ce1115359647f1b4db39ca9a46399ea311a8a32cea4d393cfdd3466dcbfa1bd5bda0362fe031252287f3dbd5b82bb82ef0338dfae6b9c70b66509b81edaa9561e1b4b85563ead749bf64cc2637739ec84a23a8d79a070f1c20a35d592e337f9113ab988a2c8e34f8f188555f117d23ebee99454135f0dbada3b7d36e7361d82df9c023befc45a8b21d75251050a659ff7cf3c14277641410ca7c5e65682efad226b024193178f4be6c498af29c46f1426619b8eddb99eeb0bdaf0a9b81d93dd519b921be92554a0ae7c7360693433e956791e3cc73aae35a0a957ad9cef004e257e807e93ec3a43b66f3c5e198252629551ac58186c69c758f862f25c007f3d94652d8be8028004c48f7f1326f16e67a05b3844f6282d2d87cdf1068c99cfdcad053bd2c139630c0bf6e3b8730f2041589a091ad134d0d49ff3d57752c64c32a581429d080f29f7756fe3b180d24ea3d5fb570fbcfdcc0845445756f0b530cd38ee25eea1e9608d95bcfb72ffe13fe79a9fb9247416065b994e3d1e6f2c3574f13e7ccb158939fecca85c66781ca5f7dd813ddcb94377e005a2d1d5430f7f1aaeebcfdab6eaee250cc45c7e366b38104217681c896374078f455ece5b19af1359790a1f59e08e1a4f52c7c46e82811abf6f6a768004b9d5ad541ed9d566bb7d5c4bd73d4ff14c4cf36056c52309e4e53afc8432c179ed7aa3c22637905a9fa3521731156d6c673eb7d8925ca42efb6b4292b6eccce44fab1aa210b0fdd39f7dac3b07d54aae84d199bcda043140a80f8855d7db785bb58ba08ee29255462ac32f883d5082ca5b2758fa4be010532b304058c83a5e77069ff2d4790d9cf8617b84e75eb0743c1909bbe1fe0bba8a9f61d7c320f493757d206ada23d832919e8bb1ae02a72796782ecad70b88912abf24782a0e2b36a1f9f063c6607b412172b4132916940b56c803e64265354c7cec03bcd979498b27dca02f3299ff517e54595b0b900ae57cb2f310149b5fe63d485dfceddd2d6e57ab6855cc89af0a8c0560a6c19b5a3ada9fdbad0fa513e44af6a33c986ffeb3914248e4c956bd5802a717504d3e175a50c5d44f4c714ffc0f7eb604fda60ecf0c476309b8824a6a380c4d06d4bea0121194fe279e0289f521cce5f6ca77df1ff8d4257af15a66f3319ecd7e18c47bc7a", 0x1000, 0x20000000, &(0x7f0000001140)={0x11, 0x1, 0x0, 0x1, 0x4, 0x6, @random="f90bf956dd4a"}, 0x14) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000001240)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001200)={&(0x7f00000011c0)={0x1c, r3, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24048080}, 0x80) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x29, 0x7, 0x7, 0x1000, 0x38, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1, 0x20, 0x6, 0x2, 0x1}}) 13:37:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x50000) write$vhost_msg_v2(r1, &(0x7f00000001c0)={0x2, 0x0, {&(0x7f0000000040)=""/197, 0xc5, &(0x7f0000000180)=""/30, 0x3, 0x4}}, 0x48) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000140)={'sit0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0, @loopback}}) (async) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x3, 0x20, 0x400, 0x6ee, 0x5, 0x99, 0x557}, 0x1c) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:37:58 executing program 4: socketpair(0xf, 0x1, 0xfffffffd, 0x0) 13:37:58 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4040, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4040, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:58 executing program 3: r0 = accept4$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14, 0x0) sendto$packet(r0, &(0x7f0000000140)="b2a0dbea98a398b5afccf1f130e1af7ccf13d20bd16e5b35559649fee832ae80ed1dc2126ffccf6b7765883ecf9d514f4fdae7a3da5bfe4cf3a979067af08b2803918474dfc8c5469d43ba5f78252d8c272565c44feb4ca2901614b31ab0ca5743cdf1f53b93c0be3895f50f33fd272f3df3707563511bbb11ad0f87fa69a093d85114f9db723998cf88cb1f3f9d2147fedfe61e30ea30a66787b37b3b3550e95d702345f2d56e84bb3569fb888adea16c02478f51ac6778199a1158705a692084f805000e3d5cd82114c87f4282e64b810f124a005269de1014354344bc6d2b77a379c8fe6fc475a61c897f7670dcc6b54ce97fb94a1a19353bec83835925e364e977f9007002b9a26dca6b165ac9bccce95520130246de6fbd2a470f8f8ab47eb6f569a51427345c922fcf0ad52865e0acd371f8b948ab2d12a877864c672455d15b496fd775865bbcb3a285863668aba68aa5918959e64511191b00c60179d7754076e9c4cca8984c98e723d81c92d7b4ff88143cbde3107c726acb77fd77a287314d657229507321696eb0bffac32f46a0c6406de142a26ddc3bcf2c6ee0b460389adfbe1cebc360159e6d08113ab679b5b7a343eb4d2ba36941501f5c6532d20a116ebb3037fb563bc30f0de0005e9c4032c1eb21b83cfea48b78682b7e27e326c02c1d4623dc93d2dc13f21cd119b063acfdf8849cdf1afc18662a7e00d98f3cc8af9a04dfcbd029789ca509c8e394806376d34cf589351c47a6298062668a8a48cf07758b1680d4c2a1cf7d315402774600da560cd2c40d18b44f1b458acffb11653a51ee8ef2d069e4f8ba1f275244cba76bf714fe40a1fb3e4d60e90887902248293e09b2370249fdaf43d08ca98111e545f9213ee24b811ad15809b09ac66f85e3a8354899ba42081cc74d528a2a0ba864be1cfaec28e35f3ce7fd55b4bb7f8e05b47f865ccd5461fcb996061a2588852b61ac01d714304f375f5508a86ff14b640123e220b39d3f774f9959a2486e62897641e50ade352cafa1b95172951ba5fb84f041081ee32899b02a5d0d0257ab5dc3aeaa8f0e0d1264db79423df656826c7c40d1481684a344cbea02201e8d7517131d7add299ad306c68dc1e9948ea1d3ab6d0a52b55eca8d74017178d48b9a38e585a04bc4187e0ffaf5d4cdcb75b6c450fc295b4383889016d091744fb55b805386297a7653c20adc1e099f4b443ba9249982c8acb75508092dd25ea7a3258f08aec6dd7f12d98764c187821227250d7a55b46db15556423739b6840cbe28cd8fd547f010418f6f411c1eadd39ae21eea19d8ad8ead6995a593a4e0594c09e7ebfa909f78cd1b6276900b46910f4c51d4f9f999bf37086bc937090830832d094712a0548b7e143deef1208af0ade08bdaea634e798ef42673d100f239d589863e265e1d43ed10977a648a96a7e115c848870ec02e7b15249e92f3f8f599996db9a7e33b8a66a4ffaafebd0d318c49a54f0e74b5a038a8b306242a011c567ac38ce86caedd2dc7f50b9be4983901a8e05bc1187227d70a9be114a6387ac86e3a6130162573aaad0791ef5fcd3cfe4f605f1f5752f312f9cbd2bfb28902c218879faece9e1053e0d66a6fb75da676aa9a1b1f2e9ba020e156b9b9c3fec813027b1a4c1ac18666a57187c209b29572f97abb1dc8185af53a498f686e62797b05d933e95a79a8cdfaca7ead1a3402a27648f19e3193e9757d5e3203398d577754457313db441ad909617579d2d077b667d63e8fab5b96939adc8a417c4b9599129fa7d4d78b32d9cbdc24c985bb71c7da3d05c4822c72a4eac92d807faf1e2d0d77744a5f22f07db27579a63a62e940fd9b919bc896d8caddf39903a1067b9416bfe7341952ebcce8496d5797bf1dc152feb3cef08a9206c6771f69a9e6efe55e6c8f0651277f3a3be61523519c8efc35ea7a33792da916ee79f1930f7e5bb116637edafc80ecc618bf5993a84717a496c4f5a90083fddae054d7dce88be841ae9020bb6af3b31e30dc4b8d868f747fd7527743a75d440ff6bb4218365867f1f24c00e5983e6c1dff16679808b9a7b4252a72b5b10631fed604f8510cc1d828317ff6b87cb0a6c2fde11fba854cb47d84ce9b28818d9a711b409a2cfdde8fa084f6ab8680bb9d2502dcf8a8ef50e677b7fcb9808166399c6e706fc8a9de087bafc6379664fafa8d07605a39c611be6b7fe2716ee31e59f9e97bad82ae6ae6174944ad31f05314ed07cce5ba8e91b45c1ff1aa4a8292e0e0f35c1a6d49d095a747902412eb3477a29d40dcaa0051c805ada7f39dc680a2955eda78081c4635286aef925e6e03944e169878afa1410aa4576572f28f9db9957a1fe38495c59d926722ad6158deb1c4d0ebefbc74218c90210a51392d92cbbeba11f1f1c50158e3b939828e681b08f21688aaa2e67257b751526c57378b5165e9d1d61a210a7cc03cc4d84154c15911d44174afaeb33883c34c9e25531cd18719b69be3b94e5fb6f89e1ab5e907f33fe3a302a3de9350881a3f14739edbb1d76f9145660b68cbeb51ebe513fa2a333466ed1e89fdab807ec4a065692a4d7077ec3a6393c61e8813b0f3f54db2fef8625a5ff57f5326214eed88d4588c86e6afc9910d6105232ac6fbc7c581d6b46bacbc17259f28bb9770e44d54a73e5dd9616ccbc15b5a1e7ed67c21f153c0b7fe540bd781b26b058733c3fb8a5bf446ce7241af9c19b51cd521643e998b447b69a1dee7767b43b386f0901bf09debeae5773bf05599a26407ebfdb010a360adcc07a4cf35428e53fd8dcd346cfcbc1231f66c081cba2041246d1ad02c69d824526a2443657f6139af1284316dd9c5519c3965ab1d5d3b97f4e613e3070919063b0164654422722dcd370970e1c2132e17eafa25bb38fb458442d51b25adb20af8b1eed62a4d1fb31cf016c3a0971a2b280a385e3f2a4bd5d4b2febb58e21ad0106e590bf4e8e07b9b0ce24b1b76da4c7014a3f48bf35ee2c7a545980e551429ace98cc13afdb1ec9be2c3b44847e70f50da1c2be0ce7e303746361ce4b8a239ebe0c1c604886c1989fdb8ee8fd5711ab0e7d0b85a301d521cd177712d7bae0934d53e26692aaa6979f5120e891c1d255b5dfdf954c04bd95ace80b52edcd2638d83b8179a55ea6b69b492f04ed72402432be11cd85189c47c677c6092da005060488fe4b7bdfc2be67bd38cc2bb0791b9cd8907c7fa44ffcb16343193c6b876166d255568927fc72716f1651c359be4c5f51355560923ca1087708cff4add1b212e72a5c8a2ab53fcd69442725d39046fe182c4f04b589c7359b5ee05f559743dfd4bad0eeede845897fe9ce0abfeeb582925f4efad363f3294abfc00057ece8c53b7a5986987af6be2e5590cac30c6011b7bd12745657dd8eccda8c843711b43b7c83ab5dd79ffaffbe69c850e0613b0d71a245acaa6f52c3af0ad3b42d46a7d0b46c638ad563ea009594cc9b90295b9fe664c876f4ed52f74bcd78f5fd189d1177523987d7ce3493f1cd55d6d3aabc4f94e7a73f5746941e6d584440f8e22574e0262cf445710f73f6307bb8721cec3a1f72cfd6cd9d14c4aba6d180637703398b500820baecbef5b3125cf7fb19ded525d7bee0af786b324c701087ce268eb69c54898e55d2058debcdc88bc5c0f118e368e60e8e3cfc017a6c1ab4b828c6e9324e844528507aef88b23c8ca46f6aea2a9690a4985d36b6b7a06a5f9b239edbc8e691662db03763b058cbf133496b9877973dd94ae0cf240fd0a07beb72877eff2a51e47f9826eeeb06e40e36f9a257c16076501b34eb1aeb73f7e9fde16820ae30e0d3a4641010e860c24168f447e20ffd2ba97901ee4e5a267a1dee3ae7f46bfa049395be9b7f229051f776e2263ed4355f117aeb329805b008effa6258b86c05202e00efe66fad4655ab62a3f0928075c92ec9673e16fb190826a9155a301c86156a8d652c65e584389352c92ce31910ac0cee4089a6f116001a1e23e20a669f8d1d876613a461516d82d7f2594cc869d9a21a9d988d43f4eb6880dbc57a172ee4c5c13c94b93a3697db2dd3c59f89bebe38851501de32a1fe980405d63d4f711fc8a11ade95cd0973b41de772f0012e573392deb8ae7c804d69d2e55c42c2d411588e7abe38783706740c3260afab4e3f177e36cdb23dcb6639957ac97712924f643850be5af4a98eb7d8b363fa7fed3bb437a78d6ac0b8611a3e41b9835c5983b4146fb00c93faf14d1a4e5cafa17e7e6afb733d6859bf2489192b2d92b28f9336b165daf101ce10f941356fda5ab1a1da8d53a3957a710a72e20a74a50ee400ae92b367d3bbb7a4a84004b530a4e50d1a47d05c78336e8a25bbffdaa43542a873cb12d47b6456ecd3c4ca7386e21dded4641b84810ca5926674fd774962f55e1f132a019ecdcfbd6d856d05e4fcd705b252e60140601bc70b42310d40ff81ef7915440ac4f08f99e9a1d2eafc04fe51cf410c4d2b15dd9141daac9e1f449aacad05a85ca47c350c133ac40e4fabb8d2af958a7c289482ebbe9cc31ba2ee2f935767e92656746a580aa90054e40db346e7b16f07760b6f0919eb779f3ce1115359647f1b4db39ca9a46399ea311a8a32cea4d393cfdd3466dcbfa1bd5bda0362fe031252287f3dbd5b82bb82ef0338dfae6b9c70b66509b81edaa9561e1b4b85563ead749bf64cc2637739ec84a23a8d79a070f1c20a35d592e337f9113ab988a2c8e34f8f188555f117d23ebee99454135f0dbada3b7d36e7361d82df9c023befc45a8b21d75251050a659ff7cf3c14277641410ca7c5e65682efad226b024193178f4be6c498af29c46f1426619b8eddb99eeb0bdaf0a9b81d93dd519b921be92554a0ae7c7360693433e956791e3cc73aae35a0a957ad9cef004e257e807e93ec3a43b66f3c5e198252629551ac58186c69c758f862f25c007f3d94652d8be8028004c48f7f1326f16e67a05b3844f6282d2d87cdf1068c99cfdcad053bd2c139630c0bf6e3b8730f2041589a091ad134d0d49ff3d57752c64c32a581429d080f29f7756fe3b180d24ea3d5fb570fbcfdcc0845445756f0b530cd38ee25eea1e9608d95bcfb72ffe13fe79a9fb9247416065b994e3d1e6f2c3574f13e7ccb158939fecca85c66781ca5f7dd813ddcb94377e005a2d1d5430f7f1aaeebcfdab6eaee250cc45c7e366b38104217681c896374078f455ece5b19af1359790a1f59e08e1a4f52c7c46e82811abf6f6a768004b9d5ad541ed9d566bb7d5c4bd73d4ff14c4cf36056c52309e4e53afc8432c179ed7aa3c22637905a9fa3521731156d6c673eb7d8925ca42efb6b4292b6eccce44fab1aa210b0fdd39f7dac3b07d54aae84d199bcda043140a80f8855d7db785bb58ba08ee29255462ac32f883d5082ca5b2758fa4be010532b304058c83a5e77069ff2d4790d9cf8617b84e75eb0743c1909bbe1fe0bba8a9f61d7c320f493757d206ada23d832919e8bb1ae02a72796782ecad70b88912abf24782a0e2b36a1f9f063c6607b412172b4132916940b56c803e64265354c7cec03bcd979498b27dca02f3299ff517e54595b0b900ae57cb2f310149b5fe63d485dfceddd2d6e57ab6855cc89af0a8c0560a6c19b5a3ada9fdbad0fa513e44af6a33c986ffeb3914248e4c956bd5802a717504d3e175a50c5d44f4c714ffc0f7eb604fda60ecf0c476309b8824a6a380c4d06d4bea0121194fe279e0289f521cce5f6ca77df1ff8d4257af15a66f3319ecd7e18c47bc7a", 0x1000, 0x20000000, &(0x7f0000001140)={0x11, 0x1, 0x0, 0x1, 0x4, 0x6, @random="f90bf956dd4a"}, 0x14) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000001240)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001200)={&(0x7f00000011c0)={0x1c, r3, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24048080}, 0x80) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'sit0\x00', 0x0, 0x29, 0x7, 0x7, 0x1000, 0x38, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1, 0x20, 0x6, 0x2, 0x1}}) 13:37:58 executing program 2: ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x2f, 0x0, 0xff, 0x8, 0x2, @private1, @ipv4={'\x00', '\xff\xff', @empty}, 0x7, 0x7, 0x5567, 0xf88b}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r1, 0xc0086421, &(0x7f0000000140)={r2, 0x6}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x2f, 0x0, 0xff, 0x8, 0x2, @private1, @ipv4={'\x00', '\xff\xff', @empty}, 0x7, 0x7, 0x5567, 0xf88b}}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)) (async) ioctl$DRM_IOCTL_RM_CTX(r1, 0xc0086421, &(0x7f0000000140)={r2, 0x6}) (async) [ 682.682866] FAULT_INJECTION: forcing a failure. [ 682.682866] name failslab, interval 1, probability 0, space 0, times 0 13:37:58 executing program 4: socketpair(0xf, 0x1, 0xfffffffd, 0x0) 13:37:58 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) r1 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r2, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000840}, 0x81) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r0) socketpair(0x0, 0x5, 0x4, &(0x7f0000000000)) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0) [ 682.727120] CPU: 0 PID: 13190 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 682.735068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.744418] Call Trace: [ 682.747152] dump_stack+0x1b2/0x281 [ 682.750785] should_fail.cold+0x10a/0x149 [ 682.754936] should_failslab+0xd6/0x130 [ 682.758911] kmem_cache_alloc_trace+0x29a/0x3d0 [ 682.763579] ? debugfs_create_file+0x37/0x60 [ 682.767984] kvm_dev_ioctl+0xce6/0x1450 [ 682.771962] ? fsnotify+0x974/0x11b0 [ 682.775675] ? kvm_put_kvm+0xab0/0xab0 [ 682.779569] ? kvm_put_kvm+0xab0/0xab0 [ 682.783460] do_vfs_ioctl+0x75a/0xff0 [ 682.787264] ? lock_acquire+0x170/0x3f0 [ 682.791238] ? ioctl_preallocate+0x1a0/0x1a0 [ 682.795672] ? __fget+0x265/0x3e0 [ 682.799127] ? do_vfs_ioctl+0xff0/0xff0 [ 682.803101] ? security_file_ioctl+0x83/0xb0 [ 682.807512] SyS_ioctl+0x7f/0xb0 [ 682.810880] ? do_vfs_ioctl+0xff0/0xff0 [ 682.814851] do_syscall_64+0x1d5/0x640 [ 682.818743] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 682.823925] RIP: 0033:0x7fa37e383109 13:37:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 48) 13:37:58 executing program 2: ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x2f, 0x0, 0xff, 0x8, 0x2, @private1, @ipv4={'\x00', '\xff\xff', @empty}, 0x7, 0x7, 0x5567, 0xf88b}}) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r1, 0xc0086421, &(0x7f0000000140)={r2, 0x6}) 13:37:58 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) r1 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r2, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000840}, 0x81) (async) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r0) (async) socketpair(0x0, 0x5, 0x4, &(0x7f0000000000)) (async) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0) 13:37:58 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x129202) getsockopt$packet_buf(r1, 0x107, 0x6, &(0x7f0000000300)=""/212, &(0x7f0000000400)=0xd4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) accept$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000001c0)=0x14) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f00000000c0)) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000280)={0xfffffff9, 0x2}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x7fd, 0xff, 0x4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x2, 0x800], 0xa, 0x400, 0x0, 0xffffffffffffffff}) setsockopt$WPAN_SECURITY_LEVEL(r4, 0x0, 0x2, &(0x7f0000000080)=0x7, 0x4) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x68, 0x0, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x10001}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}, @L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x6}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0xa010102}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x78}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x8084}, 0x40804) getsockname$packet(r5, &(0x7f0000000200), &(0x7f0000000240)=0x14) [ 682.827751] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 682.835458] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 682.842729] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 682.849996] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 682.857267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 682.864535] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x4040, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:59 executing program 3: socketpair(0x15, 0x1, 0x800000, 0x0) 13:37:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 682.939470] FAULT_INJECTION: forcing a failure. [ 682.939470] name failslab, interval 1, probability 0, space 0, times 0 [ 682.962887] CPU: 0 PID: 13246 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 682.970796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.980152] Call Trace: [ 682.982743] dump_stack+0x1b2/0x281 [ 682.986375] should_fail.cold+0x10a/0x149 [ 682.990536] should_failslab+0xd6/0x130 [ 682.994512] kmem_cache_alloc+0x28e/0x3c0 [ 682.998660] __d_alloc+0x2a/0xa20 [ 683.002111] ? d_lookup+0x172/0x220 [ 683.005739] d_alloc+0x46/0x240 [ 683.009019] __lookup_hash+0x101/0x270 [ 683.012906] ? __inode_permission+0xcd/0x2f0 [ 683.017312] lookup_one_len+0x279/0x3a0 [ 683.021288] ? lookup_one_len_unlocked+0x410/0x410 [ 683.026220] start_creating+0xb0/0x200 [ 683.030105] __debugfs_create_file+0x4f/0x440 [ 683.034599] ? debugfs_create_file+0x37/0x60 [ 683.039006] kvm_dev_ioctl+0xe7f/0x1450 [ 683.042987] ? fsnotify+0x974/0x11b0 [ 683.046721] ? kvm_put_kvm+0xab0/0xab0 [ 683.050609] ? kvm_put_kvm+0xab0/0xab0 [ 683.054500] do_vfs_ioctl+0x75a/0xff0 [ 683.058299] ? lock_acquire+0x170/0x3f0 [ 683.062279] ? ioctl_preallocate+0x1a0/0x1a0 [ 683.066684] ? __fget+0x265/0x3e0 [ 683.070151] ? do_vfs_ioctl+0xff0/0xff0 [ 683.074122] ? security_file_ioctl+0x83/0xb0 [ 683.078531] SyS_ioctl+0x7f/0xb0 [ 683.081893] ? do_vfs_ioctl+0xff0/0xff0 [ 683.085884] do_syscall_64+0x1d5/0x640 13:37:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:59 executing program 3: socketpair(0x15, 0x1, 0x800000, 0x0) socketpair(0x15, 0x1, 0x800000, 0x0) (async) 13:37:59 executing program 3: socketpair(0x15, 0x1, 0x800000, 0x0) socketpair(0x15, 0x1, 0x800000, 0x0) (async) [ 683.089772] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 683.094958] RIP: 0033:0x7fa37e383109 [ 683.098659] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 683.106374] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 683.113637] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 683.121163] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 683.128430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 13:37:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000180)="e699610f729f8fb52f870122bad19244d2514bfe17ee524229d7d39557be5917a5a9b4dd26bf0d9be306ef177cef74d2035c583cba2d4b9253774ec388bf86acbaa62d8c0250469d109d7257874451ce2fb5080d366adc44a59d69a2143081939aa485ad0bfc71ad8bd09f5d4585a59b55cfb22fa4bb9a0e3199a8f1db57b9ff32d5757bcdca815b92090fc38ddffa60152b0b4a56d0b05349167e40d2b7685804a60125a5c750ef02ae08da72b54c8635bc4bb90de12ce2cb5cc2d7af704f74cf5f1793cfa45dab84b027a6529237aaf6cef793fb8d853439ad03", 0xdb}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYRES16=r2, @ANYRESHEX=r0, @ANYRESDEC=r0], 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4095) [ 683.135809] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:59 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async, rerun: 32) r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) (async, rerun: 32) r1 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) (async, rerun: 64) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff) (rerun: 64) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r2, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MARK={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000840}, 0x81) (async) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r0) (async, rerun: 32) socketpair(0x0, 0x5, 0x4, &(0x7f0000000000)) (async, rerun: 32) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0) 13:37:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 49) 13:37:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:59 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x129202) getsockopt$packet_buf(r1, 0x107, 0x6, &(0x7f0000000300)=""/212, &(0x7f0000000400)=0xd4) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r2 = socket$packet(0x11, 0x3, 0x300) accept$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000001c0)=0x14) (async) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f00000000c0)) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000280)={0xfffffff9, 0x2}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x7fd, 0xff, 0x4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x2, 0x800], 0xa, 0x400, 0x0, 0xffffffffffffffff}) setsockopt$WPAN_SECURITY_LEVEL(r4, 0x0, 0x2, &(0x7f0000000080)=0x7, 0x4) (async) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x68, 0x0, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x10001}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}, @L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x6}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0xa010102}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x78}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x8084}, 0x40804) (async) getsockname$packet(r5, &(0x7f0000000200), &(0x7f0000000240)=0x14) 13:37:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000180)="e699610f729f8fb52f870122bad19244d2514bfe17ee524229d7d39557be5917a5a9b4dd26bf0d9be306ef177cef74d2035c583cba2d4b9253774ec388bf86acbaa62d8c0250469d109d7257874451ce2fb5080d366adc44a59d69a2143081939aa485ad0bfc71ad8bd09f5d4585a59b55cfb22fa4bb9a0e3199a8f1db57b9ff32d5757bcdca815b92090fc38ddffa60152b0b4a56d0b05349167e40d2b7685804a60125a5c750ef02ae08da72b54c8635bc4bb90de12ce2cb5cc2d7af704f74cf5f1793cfa45dab84b027a6529237aaf6cef793fb8d853439ad03", 0xdb}) (async) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYRES16=r2, @ANYRESHEX=r0, @ANYRESDEC=r0], 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4095) 13:37:59 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'syztnl1\x00', r1, 0x29, 0x80, 0x3f, 0x6, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, 0x10, 0x1, 0x0, 0x6}}) 13:37:59 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x129202) getsockopt$packet_buf(r1, 0x107, 0x6, &(0x7f0000000300)=""/212, &(0x7f0000000400)=0xd4) (async, rerun: 32) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async, rerun: 32) r2 = socket$packet(0x11, 0x3, 0x300) accept$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000001c0)=0x14) (async) ioctl$KVM_CAP_HYPERV_SYNIC(0xffffffffffffffff, 0x4068aea3, &(0x7f00000000c0)) (async, rerun: 32) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000280)={0xfffffff9, 0x2}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x7fd, 0xff, 0x4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x2, 0x800], 0xa, 0x400, 0x0, 0xffffffffffffffff}) setsockopt$WPAN_SECURITY_LEVEL(r4, 0x0, 0x2, &(0x7f0000000080)=0x7, 0x4) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x68, 0x0, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x10001}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}, @L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x6}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @private=0xa010102}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x78}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x68}, 0x1, 0x0, 0x0, 0x8084}, 0x40804) (async) getsockname$packet(r5, &(0x7f0000000200), &(0x7f0000000240)=0x14) 13:37:59 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'syztnl1\x00', r1, 0x29, 0x80, 0x3f, 0x6, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, 0x10, 0x1, 0x0, 0x6}}) 13:37:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x5, 0x5, 0x3, 0x1}]}) [ 683.228330] FAULT_INJECTION: forcing a failure. [ 683.228330] name failslab, interval 1, probability 0, space 0, times 0 13:37:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000180)="e699610f729f8fb52f870122bad19244d2514bfe17ee524229d7d39557be5917a5a9b4dd26bf0d9be306ef177cef74d2035c583cba2d4b9253774ec388bf86acbaa62d8c0250469d109d7257874451ce2fb5080d366adc44a59d69a2143081939aa485ad0bfc71ad8bd09f5d4585a59b55cfb22fa4bb9a0e3199a8f1db57b9ff32d5757bcdca815b92090fc38ddffa60152b0b4a56d0b05349167e40d2b7685804a60125a5c750ef02ae08da72b54c8635bc4bb90de12ce2cb5cc2d7af704f74cf5f1793cfa45dab84b027a6529237aaf6cef793fb8d853439ad03", 0xdb}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYRES16=r2, @ANYRESHEX=r0, @ANYRESDEC=r0], 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4095) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000180)="e699610f729f8fb52f870122bad19244d2514bfe17ee524229d7d39557be5917a5a9b4dd26bf0d9be306ef177cef74d2035c583cba2d4b9253774ec388bf86acbaa62d8c0250469d109d7257874451ce2fb5080d366adc44a59d69a2143081939aa485ad0bfc71ad8bd09f5d4585a59b55cfb22fa4bb9a0e3199a8f1db57b9ff32d5757bcdca815b92090fc38ddffa60152b0b4a56d0b05349167e40d2b7685804a60125a5c750ef02ae08da72b54c8635bc4bb90de12ce2cb5cc2d7af704f74cf5f1793cfa45dab84b027a6529237aaf6cef793fb8d853439ad03", 0xdb}) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYRES16=r2, @ANYRESHEX=r0, @ANYRESDEC=r0], 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4095) (async) [ 683.302085] CPU: 0 PID: 13302 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 683.309996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.319354] Call Trace: [ 683.321943] dump_stack+0x1b2/0x281 [ 683.325573] should_fail.cold+0x10a/0x149 [ 683.329723] should_failslab+0xd6/0x130 [ 683.333705] kmem_cache_alloc+0x28e/0x3c0 [ 683.337939] alloc_inode+0xa0/0x170 [ 683.341568] new_inode+0x1d/0xf0 [ 683.344931] debugfs_get_inode+0x1a/0x130 [ 683.349076] __debugfs_create_file+0x93/0x440 [ 683.353570] ? debugfs_create_file+0x37/0x60 [ 683.357987] kvm_dev_ioctl+0xe7f/0x1450 [ 683.361965] ? fsnotify+0x974/0x11b0 [ 683.365683] ? kvm_put_kvm+0xab0/0xab0 [ 683.369574] ? kvm_put_kvm+0xab0/0xab0 [ 683.373458] do_vfs_ioctl+0x75a/0xff0 [ 683.377257] ? lock_acquire+0x170/0x3f0 [ 683.381227] ? ioctl_preallocate+0x1a0/0x1a0 [ 683.385632] ? __fget+0x265/0x3e0 [ 683.389087] ? do_vfs_ioctl+0xff0/0xff0 [ 683.393074] ? security_file_ioctl+0x83/0xb0 [ 683.397482] SyS_ioctl+0x7f/0xb0 [ 683.400843] ? do_vfs_ioctl+0xff0/0xff0 [ 683.404818] do_syscall_64+0x1d5/0x640 [ 683.408794] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 683.413975] RIP: 0033:0x7fa37e383109 [ 683.417685] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 683.425387] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 683.432653] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 683.439921] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:37:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x2, &(0x7f0000000040)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x6}], &(0x7f0000000080)='GPL\x00', 0x80, 0x1d, &(0x7f00000000c0)=""/29, 0x41100, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x0, 0x3, 0x3, 0x8}, 0x10}, 0x80) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:37:59 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'syztnl1\x00', r1, 0x29, 0x80, 0x3f, 0x6, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @empty, 0x10, 0x1, 0x0, 0x6}}) [ 683.447185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 683.454450] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:37:59 executing program 4: socketpair(0x1, 0x1, 0x0, 0x0) 13:37:59 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x5, 0x5, 0x3, 0x1}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x5, 0x5, 0x3, 0x1}]}) (async) 13:37:59 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x2, 0x9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0x700, 0x6, 0x5}}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x212a00) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0, 0x0, r2}) 13:37:59 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x2, &(0x7f0000000040)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x6}], &(0x7f0000000080)='GPL\x00', 0x80, 0x1d, &(0x7f00000000c0)=""/29, 0x41100, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x0, 0x3, 0x3, 0x8}, 0x10}, 0x80) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x2, &(0x7f0000000040)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x6}], &(0x7f0000000080)='GPL\x00', 0x80, 0x1d, &(0x7f00000000c0)=""/29, 0x41100, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x0, 0x3, 0x3, 0x8}, 0x10}, 0x80) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:37:59 executing program 3: socketpair(0xb, 0x1, 0x25b82485, 0x0) 13:37:59 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 50) 13:37:59 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x2, 0x9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0x700, 0x6, 0x5}}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x212a00) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0, 0x0, r2}) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x2, 0x9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0x700, 0x6, 0x5}}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x212a00) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0, 0x0, r2}) (async) 13:37:59 executing program 3: socketpair(0xb, 0x1, 0x25b82485, 0x0) socketpair(0xb, 0x1, 0x25b82485, 0x0) (async) [ 683.730259] FAULT_INJECTION: forcing a failure. [ 683.730259] name failslab, interval 1, probability 0, space 0, times 0 [ 683.762186] CPU: 0 PID: 13414 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 683.770095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.779463] Call Trace: [ 683.782054] dump_stack+0x1b2/0x281 [ 683.785690] should_fail.cold+0x10a/0x149 [ 683.789841] should_failslab+0xd6/0x130 [ 683.793816] kmem_cache_alloc_trace+0x29a/0x3d0 [ 683.798486] ? debugfs_create_file+0x37/0x60 [ 683.802933] kvm_dev_ioctl+0xce6/0x1450 [ 683.807003] ? fsnotify+0x974/0x11b0 [ 683.810717] ? kvm_put_kvm+0xab0/0xab0 [ 683.814606] ? kvm_put_kvm+0xab0/0xab0 [ 683.818494] do_vfs_ioctl+0x75a/0xff0 [ 683.822295] ? lock_acquire+0x170/0x3f0 [ 683.826281] ? ioctl_preallocate+0x1a0/0x1a0 13:37:59 executing program 4: socketpair(0x1, 0x1, 0x0, 0x0) 13:37:59 executing program 3: socketpair(0xb, 0x1, 0x25b82485, 0x0) socketpair(0xb, 0x1, 0x25b82485, 0x0) (async) 13:37:59 executing program 4: socketpair(0x1, 0x1, 0x0, 0x0) socketpair(0x1, 0x1, 0x0, 0x0) (async) [ 683.830691] ? __fget+0x265/0x3e0 [ 683.834146] ? do_vfs_ioctl+0xff0/0xff0 [ 683.838120] ? security_file_ioctl+0x83/0xb0 [ 683.842534] SyS_ioctl+0x7f/0xb0 [ 683.845899] ? do_vfs_ioctl+0xff0/0xff0 [ 683.849873] do_syscall_64+0x1d5/0x640 [ 683.853800] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 683.859005] RIP: 0033:0x7fa37e383109 [ 683.862707] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 683.870410] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 13:38:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 51) 13:38:00 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @multicast1}}, 0x24) [ 683.877672] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 683.884940] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 683.892342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 683.899636] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x5, 0x5, 0x3, 0x1}]}) 13:38:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4) (async) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000100)={'syztnl2\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x29, 0x9, 0x2, 0x9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0x700, 0x6, 0x5}}) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x212a00) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0, 0x0, r2}) 13:38:00 executing program 1: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x2, &(0x7f0000000040)=@raw=[@map_idx={0x18, 0x1, 0x5, 0x0, 0x6}], &(0x7f0000000080)='GPL\x00', 0x80, 0x1d, &(0x7f00000000c0)=""/29, 0x41100, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x0, 0x3, 0x3, 0x8}, 0x10}, 0x80) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:00 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], 0x3, 0x6, 0x4, 0x0, 0x80}) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:00 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @multicast1}}, 0x24) 13:38:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000000)={r2, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}}, 0x10) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0x4) [ 683.980606] FAULT_INJECTION: forcing a failure. [ 683.980606] name failslab, interval 1, probability 0, space 0, times 0 [ 684.022834] CPU: 0 PID: 13469 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 684.030758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.040112] Call Trace: [ 684.042703] dump_stack+0x1b2/0x281 [ 684.046334] should_fail.cold+0x10a/0x149 [ 684.050498] should_failslab+0xd6/0x130 [ 684.054471] kmem_cache_alloc+0x28e/0x3c0 [ 684.058623] alloc_inode+0xa0/0x170 [ 684.062254] new_inode+0x1d/0xf0 [ 684.065619] debugfs_get_inode+0x1a/0x130 [ 684.069764] __debugfs_create_file+0x93/0x440 [ 684.074258] ? debugfs_create_file+0x37/0x60 [ 684.078665] kvm_dev_ioctl+0xe7f/0x1450 [ 684.082641] ? fsnotify+0x974/0x11b0 [ 684.086355] ? kvm_put_kvm+0xab0/0xab0 [ 684.090247] ? kvm_put_kvm+0xab0/0xab0 [ 684.094133] do_vfs_ioctl+0x75a/0xff0 [ 684.097934] ? lock_acquire+0x170/0x3f0 [ 684.101920] ? ioctl_preallocate+0x1a0/0x1a0 [ 684.106340] ? __fget+0x265/0x3e0 [ 684.109791] ? do_vfs_ioctl+0xff0/0xff0 [ 684.113761] ? security_file_ioctl+0x83/0xb0 [ 684.118168] SyS_ioctl+0x7f/0xb0 13:38:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x28000) sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xfffffffffffffe70, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r1, 0x300, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1f}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x800) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x2f, 0x9, 0x80, 0x8, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x67f9adf0b13fb5f9, 0x10, 0x5, 0x170}}) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4008012) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) [ 684.121532] ? do_vfs_ioctl+0xff0/0xff0 [ 684.125503] do_syscall_64+0x1d5/0x640 [ 684.129393] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 684.134584] RIP: 0033:0x7fa37e383109 [ 684.138288] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 684.146026] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 684.153290] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 684.160553] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:38:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_MP_STATE(0xffffffffffffffff, 0x8004ae98, &(0x7f0000000040)) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000080)={0x3, 0x3f}) r1 = accept$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14) getpeername$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0) ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000300)=0x361) ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000280)={0x7fffffff, 0x2, &(0x7f00000001c0)=[0x7f, 0x8], &(0x7f0000000200)=[0x0], &(0x7f0000000240)=[0xea6]}) 13:38:00 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], 0x3, 0x6, 0x4, 0x0, 0x80}) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:00 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) connect$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @multicast1}}, 0x24) 13:38:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 52) 13:38:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000000)={r2, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}}, 0x10) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000000)={r2, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}}, 0x10) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0x4) (async) [ 684.167814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 684.175088] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x28000) sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xfffffffffffffe70, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r1, 0x300, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1f}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x800) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x2f, 0x9, 0x80, 0x8, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x67f9adf0b13fb5f9, 0x10, 0x5, 0x170}}) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4008012) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) 13:38:00 executing program 3: socketpair(0x26, 0x2, 0x0, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000080)={0x3, 0x0, [{0x80000008, 0x5, 0x400, 0x7, 0x4}, {0x2, 0x40, 0x7, 0x81, 0x7d}, {0xa, 0xc3, 0x3, 0x6, 0x5782}]}) 13:38:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async, rerun: 32) r1 = socket$packet(0x11, 0x3, 0x300) (rerun: 32) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000000)={r2, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}}, 0x10) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x3}, 0x4) 13:38:00 executing program 3: socketpair(0x26, 0x2, 0x0, 0x0) (async) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000080)={0x3, 0x0, [{0x80000008, 0x5, 0x400, 0x7, 0x4}, {0x2, 0x40, 0x7, 0x81, 0x7d}, {0xa, 0xc3, 0x3, 0x6, 0x5782}]}) 13:38:00 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x28000) sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xfffffffffffffe70, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r1, 0x300, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1f}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x800) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x2f, 0x9, 0x80, 0x8, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x67f9adf0b13fb5f9, 0x10, 0x5, 0x170}}) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4008012) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x28000) (async) sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xfffffffffffffe70, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r1, 0x300, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1f}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x800) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl2\x00', 0x0, 0x2f, 0x9, 0x80, 0x8, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x67f9adf0b13fb5f9, 0x10, 0x5, 0x170}}) (async) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4008012) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) 13:38:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_MP_STATE(0xffffffffffffffff, 0x8004ae98, &(0x7f0000000040)) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000080)={0x3, 0x3f}) r1 = accept$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14) getpeername$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0) ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000300)=0x361) ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000280)={0x7fffffff, 0x2, &(0x7f00000001c0)=[0x7f, 0x8], &(0x7f0000000200)=[0x0], &(0x7f0000000240)=[0xea6]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_GET_MP_STATE(0xffffffffffffffff, 0x8004ae98, &(0x7f0000000040)) (async) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000080)={0x3, 0x3f}) (async) accept$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14) (async) getpeername$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0) (async) ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000300)=0x361) (async) ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000280)={0x7fffffff, 0x2, &(0x7f00000001c0)=[0x7f, 0x8], &(0x7f0000000200)=[0x0], &(0x7f0000000240)=[0xea6]}) (async) 13:38:00 executing program 4: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], 0x3, 0x6, 0x4, 0x0, 0x80}) socketpair(0x2, 0x1, 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) (async) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0], 0x3, 0x6, 0x4, 0x0, 0x80}) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) [ 684.289632] FAULT_INJECTION: forcing a failure. [ 684.289632] name failslab, interval 1, probability 0, space 0, times 0 [ 684.329263] CPU: 0 PID: 13527 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 13:38:00 executing program 3: socketpair(0x26, 0x2, 0x0, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000080)={0x3, 0x0, [{0x80000008, 0x5, 0x400, 0x7, 0x4}, {0x2, 0x40, 0x7, 0x81, 0x7d}, {0xa, 0xc3, 0x3, 0x6, 0x5782}]}) socketpair(0x26, 0x2, 0x0, 0x0) (async) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000080)={0x3, 0x0, [{0x80000008, 0x5, 0x400, 0x7, 0x4}, {0x2, 0x40, 0x7, 0x81, 0x7d}, {0xa, 0xc3, 0x3, 0x6, 0x5782}]}) (async) [ 684.337168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.346518] Call Trace: [ 684.349106] dump_stack+0x1b2/0x281 [ 684.352737] should_fail.cold+0x10a/0x149 [ 684.356887] should_failslab+0xd6/0x130 [ 684.360867] kmem_cache_alloc_trace+0x29a/0x3d0 [ 684.365532] ? debugfs_create_file+0x37/0x60 [ 684.369974] kvm_dev_ioctl+0xce6/0x1450 [ 684.373957] ? fsnotify+0x974/0x11b0 [ 684.377666] ? kvm_put_kvm+0xab0/0xab0 [ 684.381549] ? kvm_put_kvm+0xab0/0xab0 [ 684.385609] do_vfs_ioctl+0x75a/0xff0 13:38:00 executing program 4: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000), 0x106, 0x5}}, 0x20) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001100)={'team_slave_1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000011c0)={'ip6tnl0\x00', &(0x7f0000001140)={'ip6_vti0\x00', r0, 0x2f, 0x2, 0x2, 0x60, 0x97, @dev={0xfe, 0x80, '\x00', 0x3d}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x0, 0xb0, 0xff}}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000001240)={0x2, 0x4}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000001200)={0xe080000000000000, 0x3000, 0x71, 0xe, 0x1f}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f00000010c0)={0x0, 0x8, 0x2}) sendto$l2tp(r1, &(0x7f0000000080)="20774edc620c0f08560105d8f1958e3239a84a2eeabaf9ec7198463664c08920731e2fd61d02447b4701174b3dcc8ed26bdb52451873c08d668f913afd6a4090c3ce6bb68d93617cd66102f2df72adcd32f01779506012459d69b89993e115fcdd0105dc580b6f3b985b62e69677f33bf8c0c64cdccf1a5f221291b8b56f1c05185b7019a0dfc2f786eab80aa99a9be464ffa082c2d1f7cabfb9f0e1b246d8c4604e267bd70888395bb1c64b82537f8c9ef6b35b98e2dd587d3bf496e226e619b5f9c26c8ac239b8b6dee5c8d3e65c5a7473913193cbf549a348ebae33056c2151ec2d6a1f337e7a3997f403d4a0c4b34f14b95b4d10ca9f836f118bcf17249624357f4e8e60c7b71ab26e10dac3783bdaa6aefe3756c832244a6acbd4de044ba9053a5fd53e4bff83713abfe5e1ef02a9651887cb7785ab5bd4b81381abfb5de127f58c4a5d28680e5005f950b7a584428c9b6e6d8ab35b364edb1414d3d064c8f50a60414f3633947a890d48ff72393c432c6dc7d6f09bf6c09848df45d8f752e396d9f807c7456943f191be37fcbcedeb2eef9a262f08328262de3ff68cbf730e0de24185d8fa3aa0f989c92f986e6aa53edcfc02858f4eb8c4b77b4fe46ade3c1f288c7ceb860932116919e0381b545fd63263cbbc4cfdaba2211d22e213d92af02e1821863fa90aa451eba4d74e884cb475bfcc24f9526fc3b47ff58f5a977c7298bc60ccce312a0c52c6c78b157ba1350ce0c212362638f1651e2157726bed36c6c4b9419611c32a913fa0d908ad6c2e99c696bf60dd8cdb229fb26ea9e7188aadee301e38f9ff4ad7b4dacac81ff165690a51cceeaff2fd2ecbb675c6fb9068fe7b7c930a5d3c27cda9a3050a0c1323f51a3a3ca7ccdbb0eeced21fe6586b1a49700c52389c0d0cd5146e1844d3a429ae4db9952ed4fb7deffbfec8bf8a58a2bb82fca2066934744251ecc4beb08a885d4254cb7663f23a8d6bdf2c756f6f8197e86b3e1deab19f5a2f6f8bdd2ba489fbf7a6dc0e999aebc6d835e65177c579771125c34236b6b64bbbb90647127aadb2ff10eb45f899eb5797c368389cafc88c7e480680aa19bb4608ff822e514bd70b7a99b8490a26c1ee78ade1410f3d0dc0ce197bc8150b00c44b7b7ccce5fc1eca91b902e4defc715e97abc12bf4dad74ecc4411f9f8d28fafc36465bdbda173d8beb8d0a1a70b8a1aeed971eefd9e40f4cad109e7a11d03d8f243f14f6caa8fa05443aeb854c708fbabaeefaf0f4673f933653ac018079b96cfbed4c84b71f3e5c1f5b8ad0c54208e8110cbf96cc831740b7621a37fdaf5cda6a0830a4c26c60f463657d9554548891521508db3bbeac9ad79875ff0edff838cde1968b99bdd486ed90635de83f97ea00867ddc1c17e8202bfeb46528a2ca9fdd4f2d33ca6b5149d412df5c59894f54247797a551f5cef38d70a25e6f223b5862f31d3dddb8bc48e03d854396ed13796ed6a606b707364886620c17c1b8fdacfb1c936a0e56f718b8a667974b72d1ee62e8e55f6d62a37ec18f8acef834d5c026ff94977a950971af03d6468bb870fa553befd3a303930398a8701ccb35d50e27aeeec8f33aa20b6dc072f1f928322fa49b55d3da371535995dac07b7e59479b84b69c1c3de03990f3c6174cf4293b493d67bce0d61ee116e02eb1ac562cd5684bd8ebebd2323bc6d864d1967d09c0831c667f9bb524418bda40b4167c12f22c1b2b5da1d7b10503ea20543ba1dccd56acc471d4d3e54d55c011a343ea590eedb84d3a81ea70cc3b97eec041cf7a27a8c5947c2bdf6237104048972a39dae5e207062904dd7d9f43034d6e1821808f94b2a5a1435e727330cd21c306d8c900a621ca9505f46b6b0a6474ba5c67e16710b50240fb195c81974fcd9c2f2b03e8d7ed76a1cfa4892a47d75df146dadae5206ba796f93f36cedf2171e87d23028f0e27810f49113bb3caf1d391278da2d5fec3bbfd299df3783a32a51c3a2056cf9e76169a595b6e020c5c7ab8bcecdcf0f25cafab76f48cac7ea1ecbeeadca4ed9faffb255d54afdc99e681d5bc36701aafda3ad6892bc6fc0ccfc005ee9a55fb03756cd3292b5578853a92957c1e78bda01bca3ba414d1e56a3daa395bd738ab8c2a750fe3c7b9a7430d6d1df86479db1eb9b1b903b35e7c425d3b6d9b379d21c82bcfe0a2f2eea96e68199ddc72c3f0063394bae5efa72b18cb633e5c17a50c6dad1b5e3d20a7e04c3702ff46ff5769090dff8b5784766e2bf6aac6448910df3c03893fe7b02dfac2c5449235c32146305167cbc12c94c10152fd44e46a906015523f85718403c4d2b875aa574f5a987d7888ec7fbd75c419eab350adb7687287c7f95ce3990f7f03a0ac1ad4683f3cfd2dcc0d7084925a1a0509693c0a49df5feca62755c68ba79dbc05557a71eb49405eac35559784e86620e84e891a8753959dc6ca09344c7dd914fedf9871bc5045b9d2a9769a7faf0e60fa0d13d566134257b7e679844d61d83055f72d851281e9f3e755e501a8d08771bf1a74243ae226f7a49d8c36ee2555a72ed2eba4f7213d2eaa6b95c7347a83af1d2f1aee64ef0b3290359296f4aa15391f9fe039e5fbb8311fef31226efca05edb45eaa00e442156488176c850b20619b7ec96bfb0b8a4d07fb51e49e83e3a0a5c6ecb0fa9034d367b6ca93ecbd7c54fc1156664f92412baf382e4e3f83391f37b7b83204f01ba470e8ee0eb2880288ea410b78e1e79288908f475401aa6ced03cdb45d850172974ce9cb1f9afda3178f7504416ef694a07829f668b946bc80fa483797c01fa71c16df647914b4ed93ab210dc2cf08616519bef67fdad86b07f313900ee405bc75b542c05e49d8c0c8919b7faf0c55870f2032dda0531cc03c5ef3fd3d272b230e41945aa94de42b609477c51e53fe9bc60cd2ec95333fbf415ad1d6c41a0fb97aa01d496eb40bab41544994e92ac050ad56e354a637b5fe8c0727b7618e471262e4102b7ebc9b20a0e7cd3a9637b2dfdd3104b34d544920f4187522333e078e474b122a70cf257a654a838e18f00b036e2f0605c506ae4a3298e1e2d0b7067d22d1930a38bc4456b94f3c27bda8a590fb9d2651257595377d355e999c86d5a7cb1c8f0a5a33adc6b1362719f671e8068913f8fc846bbb12c2fbddbbad47605bb898df3246a5067233db9fcd2d4157e72faadedb3bd5564398d8a5fc7449e774d0fad7e89777cb1275c9905a13f2b3e889368c5b1973eb89115f255c143d02545171958f466accf88091b69b1bf1bb210dd1a6edc2f7d45639f57d096d938d586822ad76215d10c0ff2f5458e2991e5b56953786e159b4f1aaf23586eb4a6ee5dc2bce7ba98c554903eb7a0018899ce650d83270460bb5123c928f0f8e345a224a1709c8122fa993a3e1372f61b551ea78fdf46eadb877606c384c327467e0be2c71882f750fb801dc3c86f5713062999f11d4a53128864a346d9dd62891eacaf583a492d62095f6d2ebfeca94a81122bfc66e7398ee174e7c8812e81486b6cb7e3fde9ce941d8000ee44233fb4f989bfaf0c71d71c9ee25a9fb93c1d22d6d0c580888ed8dc3e7ef3de9d42eee6bec701560423bea31d4a826338dfdef25655b256301abf607270318866376bb1ad1a2dc8b680e489d274df2c8c94e6b2b98d747dd36100277e568015b033fd875f4f26227292d4109c818c412cf534cf8458410996585d0ca1a7d833661e49340d17e160f097edec64c81a7f7e8a72743ac9b27e522ebce2a2725a6a457ad638cc0203f2cf39f0b41deeafe75b80b49617ecc8a96376322a953b8c4b5dd256d34b89e051fd62e672b0e4408f3e3e873b842d57daf3d5361cc492721f198341deb61c7fc0a36e1e72f519a1f580e31f8ac26586dc1f0ef42ce587c98f0063be81f8a24fa843593a3879c1a98f0c722eb01bcbb7d8dfaffc9b6209764d613417a77be58998e69ae5322fb55149c8370a5c413a78c946aac6f87f895de4d5d747fc72bfe6f2e6f9607a119f9fee64200ce2b769a4babbdbea34f0f5b298295f68fb312b87216b871f558cb8e40a7477789cfead5fd3a0fb0a51c1c3dd2646cd355f0e0cecaacf48f09bc433bdcb882861195a522efbb8e4fd99bbecd135e92f498e264ba6cded2f5d39270512b13bdc530f0d53852dca324fc1c12de1a42deaa9457ccc561c21d28ccd7aafebafa4cb87fdc2a84c9d38b7fbabc74122f83040c7210aea3adb02f735f16de75c9b1012668780dbbdf05d2591180c3058b56777ff75a86af5662309e97ba2ec4b4d5228a93c8cdb69672a3aaa36b8968472fe638535dab4bdd52333c285ff054f4f2bc4be35532b3dc4e114fdef919de4113571818b6e6c36dfb18038a76d6651df135720b2692aa2e3dcb58d7efb128de412a3d4056b7618b12b93f888164a946bd546813ecbf7ac0fb044635dd48096824c635e3663ff0463f65f9e289c4327160524bf8cb5c1631dc58ea9630cf6bc2402f4da0f34871ae57b9d6ecf0e9a195ecacfe2031c9bc97a2fed56dc90a71bc2e53863b25e3476f7c09f43eb424d6e0d9a61ba2e9ebed6ed757ede2d7552e352cded009414a4093c3426a35f73e2c1a083a3b402ebbc698d0abedad764c852a215e64a338983cd8d2a4dd9ae06bb17b4351b0e1661711358dd55347fb72e38a820a9fcf5c66d2d66ca11ad5a1af926c3b1869f0a62328fb1aa5a508617722569d26ca27551d3ebe133ff86f309339265f555fb44f1f54856eda5ad1e2f37f65242d1d81954b8d2e63d16ed063fa5a299564154efd1234ff861282e5a918c98f6a0ecedfd24559092aa9676931326c95eb957bf9f71dcc94a0ebd581eb1f928fced4d21324b9bb34a162609ba02abe520440ed69178d942d6c065d25ec5c03342bd32cb132ea3bc34014e43e39474b290395ed56160bd0816f3caf005ae2074b5dbd0c1c93b8b68a535661aa361331e6c7a2f075ae7439fc22132bf5f4b4517aacfcd31db4d928956bc67f702dd76798d7e68f558870eb197c0790e9bdce860459fdf618ae2b88d352b6923ae2fa2dedc74a7a6bf9e120b661ec5bc759c3df1560378a8a9f49d0d91a8df4bbe6e740e357b39f323500fc34806c418922361e8fadcf4caa4aee75b6b5fd720500b7a84497beb0e65f5be20fd21e74ca69dc417a1fddc762ea48ef8732b23ad2e5fe0dcc3ba5f224128621a71a6a8860830f837fed03ae32d0ba8bc7acb4765c68503d93c530eff8a5ced7f8fffa4a404cd8f90f7c418144208918a6d6ab8eee8a95a2c09883e71970adbb36d7864ac18632af6fff3989438616421fe7692f38c48d5367ada9a5c768a9fa92e33dec9269a1d572160553f3be202281a5f8f02cdfa64a3e17ab2d04e76160cb944134387aaf8385fc6e11b548cfd067236036551e94af5fba65a0e0049b8a502b40a97990112f4acca743bba63a74e3f8cc12530575ddd74f9b77b93665d2a175083b7b086c116231cc66c7ca71e9ded96e0731e4e3b161e16ea0a2c15c13f39c19456d77f4323a5f277e0d4d32225eb0ece42679fc387c8279de6d960343fa2cd7ba9c5a18549ae2f5dd4741414434d712d9c8f3bc25d2d53cc7ed52254fea920786594fd7c561c0e2c2753432ed4bda6edabe4aa6f29e7381808e565588aeb9599127f754250ccf6763c96ed9b6e5e03eef7c03e2c89b057b23706152baf2fbcceb1a48671d224c7fbcda7113ee9bf543c99cbd27f3d9c3036e7b81524d9e98031eec78e2ea6601446c5fef1334b0d0788", 0x1000, 0x90, &(0x7f0000001080)={0x2, 0x0, @broadcast, 0x2}, 0x10) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:00 executing program 3: sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x10040) socketpair(0x6, 0x4, 0x30000000, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3b773c32607ff9de}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7f}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) socketpair(0x2, 0x1, 0x0, 0x0) [ 684.389408] ? lock_acquire+0x170/0x3f0 [ 684.393380] ? ioctl_preallocate+0x1a0/0x1a0 [ 684.397786] ? __fget+0x265/0x3e0 [ 684.401239] ? do_vfs_ioctl+0xff0/0xff0 [ 684.405210] ? security_file_ioctl+0x83/0xb0 [ 684.409614] SyS_ioctl+0x7f/0xb0 [ 684.412973] ? do_vfs_ioctl+0xff0/0xff0 [ 684.416944] do_syscall_64+0x1d5/0x640 [ 684.420836] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 684.426018] RIP: 0033:0x7fa37e383109 [ 684.429719] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 53) 13:38:00 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_MP_STATE(0xffffffffffffffff, 0x8004ae98, &(0x7f0000000040)) (async) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000080)={0x3, 0x3f}) r1 = accept$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14) getpeername$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 32) r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x0) (rerun: 32) ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000300)=0x361) ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000280)={0x7fffffff, 0x2, &(0x7f00000001c0)=[0x7f, 0x8], &(0x7f0000000200)=[0x0], &(0x7f0000000240)=[0xea6]}) 13:38:00 executing program 4: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000), 0x106, 0x5}}, 0x20) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001100)={'team_slave_1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000011c0)={'ip6tnl0\x00', &(0x7f0000001140)={'ip6_vti0\x00', r0, 0x2f, 0x2, 0x2, 0x60, 0x97, @dev={0xfe, 0x80, '\x00', 0x3d}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x0, 0xb0, 0xff}}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000001240)={0x2, 0x4}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000001200)={0xe080000000000000, 0x3000, 0x71, 0xe, 0x1f}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f00000010c0)={0x0, 0x8, 0x2}) sendto$l2tp(r1, &(0x7f0000000080)="20774edc620c0f08560105d8f1958e3239a84a2eeabaf9ec7198463664c08920731e2fd61d02447b4701174b3dcc8ed26bdb52451873c08d668f913afd6a4090c3ce6bb68d93617cd66102f2df72adcd32f01779506012459d69b89993e115fcdd0105dc580b6f3b985b62e69677f33bf8c0c64cdccf1a5f221291b8b56f1c05185b7019a0dfc2f786eab80aa99a9be464ffa082c2d1f7cabfb9f0e1b246d8c4604e267bd70888395bb1c64b82537f8c9ef6b35b98e2dd587d3bf496e226e619b5f9c26c8ac239b8b6dee5c8d3e65c5a7473913193cbf549a348ebae33056c2151ec2d6a1f337e7a3997f403d4a0c4b34f14b95b4d10ca9f836f118bcf17249624357f4e8e60c7b71ab26e10dac3783bdaa6aefe3756c832244a6acbd4de044ba9053a5fd53e4bff83713abfe5e1ef02a9651887cb7785ab5bd4b81381abfb5de127f58c4a5d28680e5005f950b7a584428c9b6e6d8ab35b364edb1414d3d064c8f50a60414f3633947a890d48ff72393c432c6dc7d6f09bf6c09848df45d8f752e396d9f807c7456943f191be37fcbcedeb2eef9a262f08328262de3ff68cbf730e0de24185d8fa3aa0f989c92f986e6aa53edcfc02858f4eb8c4b77b4fe46ade3c1f288c7ceb860932116919e0381b545fd63263cbbc4cfdaba2211d22e213d92af02e1821863fa90aa451eba4d74e884cb475bfcc24f9526fc3b47ff58f5a977c7298bc60ccce312a0c52c6c78b157ba1350ce0c212362638f1651e2157726bed36c6c4b9419611c32a913fa0d908ad6c2e99c696bf60dd8cdb229fb26ea9e7188aadee301e38f9ff4ad7b4dacac81ff165690a51cceeaff2fd2ecbb675c6fb9068fe7b7c930a5d3c27cda9a3050a0c1323f51a3a3ca7ccdbb0eeced21fe6586b1a49700c52389c0d0cd5146e1844d3a429ae4db9952ed4fb7deffbfec8bf8a58a2bb82fca2066934744251ecc4beb08a885d4254cb7663f23a8d6bdf2c756f6f8197e86b3e1deab19f5a2f6f8bdd2ba489fbf7a6dc0e999aebc6d835e65177c579771125c34236b6b64bbbb90647127aadb2ff10eb45f899eb5797c368389cafc88c7e480680aa19bb4608ff822e514bd70b7a99b8490a26c1ee78ade1410f3d0dc0ce197bc8150b00c44b7b7ccce5fc1eca91b902e4defc715e97abc12bf4dad74ecc4411f9f8d28fafc36465bdbda173d8beb8d0a1a70b8a1aeed971eefd9e40f4cad109e7a11d03d8f243f14f6caa8fa05443aeb854c708fbabaeefaf0f4673f933653ac018079b96cfbed4c84b71f3e5c1f5b8ad0c54208e8110cbf96cc831740b7621a37fdaf5cda6a0830a4c26c60f463657d9554548891521508db3bbeac9ad79875ff0edff838cde1968b99bdd486ed90635de83f97ea00867ddc1c17e8202bfeb46528a2ca9fdd4f2d33ca6b5149d412df5c59894f54247797a551f5cef38d70a25e6f223b5862f31d3dddb8bc48e03d854396ed13796ed6a606b707364886620c17c1b8fdacfb1c936a0e56f718b8a667974b72d1ee62e8e55f6d62a37ec18f8acef834d5c026ff94977a950971af03d6468bb870fa553befd3a303930398a8701ccb35d50e27aeeec8f33aa20b6dc072f1f928322fa49b55d3da371535995dac07b7e59479b84b69c1c3de03990f3c6174cf4293b493d67bce0d61ee116e02eb1ac562cd5684bd8ebebd2323bc6d864d1967d09c0831c667f9bb524418bda40b4167c12f22c1b2b5da1d7b10503ea20543ba1dccd56acc471d4d3e54d55c011a343ea590eedb84d3a81ea70cc3b97eec041cf7a27a8c5947c2bdf6237104048972a39dae5e207062904dd7d9f43034d6e1821808f94b2a5a1435e727330cd21c306d8c900a621ca9505f46b6b0a6474ba5c67e16710b50240fb195c81974fcd9c2f2b03e8d7ed76a1cfa4892a47d75df146dadae5206ba796f93f36cedf2171e87d23028f0e27810f49113bb3caf1d391278da2d5fec3bbfd299df3783a32a51c3a2056cf9e76169a595b6e020c5c7ab8bcecdcf0f25cafab76f48cac7ea1ecbeeadca4ed9faffb255d54afdc99e681d5bc36701aafda3ad6892bc6fc0ccfc005ee9a55fb03756cd3292b5578853a92957c1e78bda01bca3ba414d1e56a3daa395bd738ab8c2a750fe3c7b9a7430d6d1df86479db1eb9b1b903b35e7c425d3b6d9b379d21c82bcfe0a2f2eea96e68199ddc72c3f0063394bae5efa72b18cb633e5c17a50c6dad1b5e3d20a7e04c3702ff46ff5769090dff8b5784766e2bf6aac6448910df3c03893fe7b02dfac2c5449235c32146305167cbc12c94c10152fd44e46a906015523f85718403c4d2b875aa574f5a987d7888ec7fbd75c419eab350adb7687287c7f95ce3990f7f03a0ac1ad4683f3cfd2dcc0d7084925a1a0509693c0a49df5feca62755c68ba79dbc05557a71eb49405eac35559784e86620e84e891a8753959dc6ca09344c7dd914fedf9871bc5045b9d2a9769a7faf0e60fa0d13d566134257b7e679844d61d83055f72d851281e9f3e755e501a8d08771bf1a74243ae226f7a49d8c36ee2555a72ed2eba4f7213d2eaa6b95c7347a83af1d2f1aee64ef0b3290359296f4aa15391f9fe039e5fbb8311fef31226efca05edb45eaa00e442156488176c850b20619b7ec96bfb0b8a4d07fb51e49e83e3a0a5c6ecb0fa9034d367b6ca93ecbd7c54fc1156664f92412baf382e4e3f83391f37b7b83204f01ba470e8ee0eb2880288ea410b78e1e79288908f475401aa6ced03cdb45d850172974ce9cb1f9afda3178f7504416ef694a07829f668b946bc80fa483797c01fa71c16df647914b4ed93ab210dc2cf08616519bef67fdad86b07f313900ee405bc75b542c05e49d8c0c8919b7faf0c55870f2032dda0531cc03c5ef3fd3d272b230e41945aa94de42b609477c51e53fe9bc60cd2ec95333fbf415ad1d6c41a0fb97aa01d496eb40bab41544994e92ac050ad56e354a637b5fe8c0727b7618e471262e4102b7ebc9b20a0e7cd3a9637b2dfdd3104b34d544920f4187522333e078e474b122a70cf257a654a838e18f00b036e2f0605c506ae4a3298e1e2d0b7067d22d1930a38bc4456b94f3c27bda8a590fb9d2651257595377d355e999c86d5a7cb1c8f0a5a33adc6b1362719f671e8068913f8fc846bbb12c2fbddbbad47605bb898df3246a5067233db9fcd2d4157e72faadedb3bd5564398d8a5fc7449e774d0fad7e89777cb1275c9905a13f2b3e889368c5b1973eb89115f255c143d02545171958f466accf88091b69b1bf1bb210dd1a6edc2f7d45639f57d096d938d586822ad76215d10c0ff2f5458e2991e5b56953786e159b4f1aaf23586eb4a6ee5dc2bce7ba98c554903eb7a0018899ce650d83270460bb5123c928f0f8e345a224a1709c8122fa993a3e1372f61b551ea78fdf46eadb877606c384c327467e0be2c71882f750fb801dc3c86f5713062999f11d4a53128864a346d9dd62891eacaf583a492d62095f6d2ebfeca94a81122bfc66e7398ee174e7c8812e81486b6cb7e3fde9ce941d8000ee44233fb4f989bfaf0c71d71c9ee25a9fb93c1d22d6d0c580888ed8dc3e7ef3de9d42eee6bec701560423bea31d4a826338dfdef25655b256301abf607270318866376bb1ad1a2dc8b680e489d274df2c8c94e6b2b98d747dd36100277e568015b033fd875f4f26227292d4109c818c412cf534cf8458410996585d0ca1a7d833661e49340d17e160f097edec64c81a7f7e8a72743ac9b27e522ebce2a2725a6a457ad638cc0203f2cf39f0b41deeafe75b80b49617ecc8a96376322a953b8c4b5dd256d34b89e051fd62e672b0e4408f3e3e873b842d57daf3d5361cc492721f198341deb61c7fc0a36e1e72f519a1f580e31f8ac26586dc1f0ef42ce587c98f0063be81f8a24fa843593a3879c1a98f0c722eb01bcbb7d8dfaffc9b6209764d613417a77be58998e69ae5322fb55149c8370a5c413a78c946aac6f87f895de4d5d747fc72bfe6f2e6f9607a119f9fee64200ce2b769a4babbdbea34f0f5b298295f68fb312b87216b871f558cb8e40a7477789cfead5fd3a0fb0a51c1c3dd2646cd355f0e0cecaacf48f09bc433bdcb882861195a522efbb8e4fd99bbecd135e92f498e264ba6cded2f5d39270512b13bdc530f0d53852dca324fc1c12de1a42deaa9457ccc561c21d28ccd7aafebafa4cb87fdc2a84c9d38b7fbabc74122f83040c7210aea3adb02f735f16de75c9b1012668780dbbdf05d2591180c3058b56777ff75a86af5662309e97ba2ec4b4d5228a93c8cdb69672a3aaa36b8968472fe638535dab4bdd52333c285ff054f4f2bc4be35532b3dc4e114fdef919de4113571818b6e6c36dfb18038a76d6651df135720b2692aa2e3dcb58d7efb128de412a3d4056b7618b12b93f888164a946bd546813ecbf7ac0fb044635dd48096824c635e3663ff0463f65f9e289c4327160524bf8cb5c1631dc58ea9630cf6bc2402f4da0f34871ae57b9d6ecf0e9a195ecacfe2031c9bc97a2fed56dc90a71bc2e53863b25e3476f7c09f43eb424d6e0d9a61ba2e9ebed6ed757ede2d7552e352cded009414a4093c3426a35f73e2c1a083a3b402ebbc698d0abedad764c852a215e64a338983cd8d2a4dd9ae06bb17b4351b0e1661711358dd55347fb72e38a820a9fcf5c66d2d66ca11ad5a1af926c3b1869f0a62328fb1aa5a508617722569d26ca27551d3ebe133ff86f309339265f555fb44f1f54856eda5ad1e2f37f65242d1d81954b8d2e63d16ed063fa5a299564154efd1234ff861282e5a918c98f6a0ecedfd24559092aa9676931326c95eb957bf9f71dcc94a0ebd581eb1f928fced4d21324b9bb34a162609ba02abe520440ed69178d942d6c065d25ec5c03342bd32cb132ea3bc34014e43e39474b290395ed56160bd0816f3caf005ae2074b5dbd0c1c93b8b68a535661aa361331e6c7a2f075ae7439fc22132bf5f4b4517aacfcd31db4d928956bc67f702dd76798d7e68f558870eb197c0790e9bdce860459fdf618ae2b88d352b6923ae2fa2dedc74a7a6bf9e120b661ec5bc759c3df1560378a8a9f49d0d91a8df4bbe6e740e357b39f323500fc34806c418922361e8fadcf4caa4aee75b6b5fd720500b7a84497beb0e65f5be20fd21e74ca69dc417a1fddc762ea48ef8732b23ad2e5fe0dcc3ba5f224128621a71a6a8860830f837fed03ae32d0ba8bc7acb4765c68503d93c530eff8a5ced7f8fffa4a404cd8f90f7c418144208918a6d6ab8eee8a95a2c09883e71970adbb36d7864ac18632af6fff3989438616421fe7692f38c48d5367ada9a5c768a9fa92e33dec9269a1d572160553f3be202281a5f8f02cdfa64a3e17ab2d04e76160cb944134387aaf8385fc6e11b548cfd067236036551e94af5fba65a0e0049b8a502b40a97990112f4acca743bba63a74e3f8cc12530575ddd74f9b77b93665d2a175083b7b086c116231cc66c7ca71e9ded96e0731e4e3b161e16ea0a2c15c13f39c19456d77f4323a5f277e0d4d32225eb0ece42679fc387c8279de6d960343fa2cd7ba9c5a18549ae2f5dd4741414434d712d9c8f3bc25d2d53cc7ed52254fea920786594fd7c561c0e2c2753432ed4bda6edabe4aa6f29e7381808e565588aeb9599127f754250ccf6763c96ed9b6e5e03eef7c03e2c89b057b23706152baf2fbcceb1a48671d224c7fbcda7113ee9bf543c99cbd27f3d9c3036e7b81524d9e98031eec78e2ea6601446c5fef1334b0d0788", 0x1000, 0x90, &(0x7f0000001080)={0x2, 0x0, @broadcast, 0x2}, 0x10) socketpair(0x2, 0x1, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000), 0x106, 0x5}}, 0x20) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001100)={'team_slave_1\x00'}) (async) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000011c0)={'ip6tnl0\x00', &(0x7f0000001140)={'ip6_vti0\x00', r0, 0x2f, 0x2, 0x2, 0x60, 0x97, @dev={0xfe, 0x80, '\x00', 0x3d}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x0, 0xb0, 0xff}}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000001240)={0x2, 0x4}) (async) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) (async) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000001200)={0xe080000000000000, 0x3000, 0x71, 0xe, 0x1f}) (async) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f00000010c0)={0x0, 0x8, 0x2}) (async) sendto$l2tp(r1, &(0x7f0000000080)="20774edc620c0f08560105d8f1958e3239a84a2eeabaf9ec7198463664c08920731e2fd61d02447b4701174b3dcc8ed26bdb52451873c08d668f913afd6a4090c3ce6bb68d93617cd66102f2df72adcd32f01779506012459d69b89993e115fcdd0105dc580b6f3b985b62e69677f33bf8c0c64cdccf1a5f221291b8b56f1c05185b7019a0dfc2f786eab80aa99a9be464ffa082c2d1f7cabfb9f0e1b246d8c4604e267bd70888395bb1c64b82537f8c9ef6b35b98e2dd587d3bf496e226e619b5f9c26c8ac239b8b6dee5c8d3e65c5a7473913193cbf549a348ebae33056c2151ec2d6a1f337e7a3997f403d4a0c4b34f14b95b4d10ca9f836f118bcf17249624357f4e8e60c7b71ab26e10dac3783bdaa6aefe3756c832244a6acbd4de044ba9053a5fd53e4bff83713abfe5e1ef02a9651887cb7785ab5bd4b81381abfb5de127f58c4a5d28680e5005f950b7a584428c9b6e6d8ab35b364edb1414d3d064c8f50a60414f3633947a890d48ff72393c432c6dc7d6f09bf6c09848df45d8f752e396d9f807c7456943f191be37fcbcedeb2eef9a262f08328262de3ff68cbf730e0de24185d8fa3aa0f989c92f986e6aa53edcfc02858f4eb8c4b77b4fe46ade3c1f288c7ceb860932116919e0381b545fd63263cbbc4cfdaba2211d22e213d92af02e1821863fa90aa451eba4d74e884cb475bfcc24f9526fc3b47ff58f5a977c7298bc60ccce312a0c52c6c78b157ba1350ce0c212362638f1651e2157726bed36c6c4b9419611c32a913fa0d908ad6c2e99c696bf60dd8cdb229fb26ea9e7188aadee301e38f9ff4ad7b4dacac81ff165690a51cceeaff2fd2ecbb675c6fb9068fe7b7c930a5d3c27cda9a3050a0c1323f51a3a3ca7ccdbb0eeced21fe6586b1a49700c52389c0d0cd5146e1844d3a429ae4db9952ed4fb7deffbfec8bf8a58a2bb82fca2066934744251ecc4beb08a885d4254cb7663f23a8d6bdf2c756f6f8197e86b3e1deab19f5a2f6f8bdd2ba489fbf7a6dc0e999aebc6d835e65177c579771125c34236b6b64bbbb90647127aadb2ff10eb45f899eb5797c368389cafc88c7e480680aa19bb4608ff822e514bd70b7a99b8490a26c1ee78ade1410f3d0dc0ce197bc8150b00c44b7b7ccce5fc1eca91b902e4defc715e97abc12bf4dad74ecc4411f9f8d28fafc36465bdbda173d8beb8d0a1a70b8a1aeed971eefd9e40f4cad109e7a11d03d8f243f14f6caa8fa05443aeb854c708fbabaeefaf0f4673f933653ac018079b96cfbed4c84b71f3e5c1f5b8ad0c54208e8110cbf96cc831740b7621a37fdaf5cda6a0830a4c26c60f463657d9554548891521508db3bbeac9ad79875ff0edff838cde1968b99bdd486ed90635de83f97ea00867ddc1c17e8202bfeb46528a2ca9fdd4f2d33ca6b5149d412df5c59894f54247797a551f5cef38d70a25e6f223b5862f31d3dddb8bc48e03d854396ed13796ed6a606b707364886620c17c1b8fdacfb1c936a0e56f718b8a667974b72d1ee62e8e55f6d62a37ec18f8acef834d5c026ff94977a950971af03d6468bb870fa553befd3a303930398a8701ccb35d50e27aeeec8f33aa20b6dc072f1f928322fa49b55d3da371535995dac07b7e59479b84b69c1c3de03990f3c6174cf4293b493d67bce0d61ee116e02eb1ac562cd5684bd8ebebd2323bc6d864d1967d09c0831c667f9bb524418bda40b4167c12f22c1b2b5da1d7b10503ea20543ba1dccd56acc471d4d3e54d55c011a343ea590eedb84d3a81ea70cc3b97eec041cf7a27a8c5947c2bdf6237104048972a39dae5e207062904dd7d9f43034d6e1821808f94b2a5a1435e727330cd21c306d8c900a621ca9505f46b6b0a6474ba5c67e16710b50240fb195c81974fcd9c2f2b03e8d7ed76a1cfa4892a47d75df146dadae5206ba796f93f36cedf2171e87d23028f0e27810f49113bb3caf1d391278da2d5fec3bbfd299df3783a32a51c3a2056cf9e76169a595b6e020c5c7ab8bcecdcf0f25cafab76f48cac7ea1ecbeeadca4ed9faffb255d54afdc99e681d5bc36701aafda3ad6892bc6fc0ccfc005ee9a55fb03756cd3292b5578853a92957c1e78bda01bca3ba414d1e56a3daa395bd738ab8c2a750fe3c7b9a7430d6d1df86479db1eb9b1b903b35e7c425d3b6d9b379d21c82bcfe0a2f2eea96e68199ddc72c3f0063394bae5efa72b18cb633e5c17a50c6dad1b5e3d20a7e04c3702ff46ff5769090dff8b5784766e2bf6aac6448910df3c03893fe7b02dfac2c5449235c32146305167cbc12c94c10152fd44e46a906015523f85718403c4d2b875aa574f5a987d7888ec7fbd75c419eab350adb7687287c7f95ce3990f7f03a0ac1ad4683f3cfd2dcc0d7084925a1a0509693c0a49df5feca62755c68ba79dbc05557a71eb49405eac35559784e86620e84e891a8753959dc6ca09344c7dd914fedf9871bc5045b9d2a9769a7faf0e60fa0d13d566134257b7e679844d61d83055f72d851281e9f3e755e501a8d08771bf1a74243ae226f7a49d8c36ee2555a72ed2eba4f7213d2eaa6b95c7347a83af1d2f1aee64ef0b3290359296f4aa15391f9fe039e5fbb8311fef31226efca05edb45eaa00e442156488176c850b20619b7ec96bfb0b8a4d07fb51e49e83e3a0a5c6ecb0fa9034d367b6ca93ecbd7c54fc1156664f92412baf382e4e3f83391f37b7b83204f01ba470e8ee0eb2880288ea410b78e1e79288908f475401aa6ced03cdb45d850172974ce9cb1f9afda3178f7504416ef694a07829f668b946bc80fa483797c01fa71c16df647914b4ed93ab210dc2cf08616519bef67fdad86b07f313900ee405bc75b542c05e49d8c0c8919b7faf0c55870f2032dda0531cc03c5ef3fd3d272b230e41945aa94de42b609477c51e53fe9bc60cd2ec95333fbf415ad1d6c41a0fb97aa01d496eb40bab41544994e92ac050ad56e354a637b5fe8c0727b7618e471262e4102b7ebc9b20a0e7cd3a9637b2dfdd3104b34d544920f4187522333e078e474b122a70cf257a654a838e18f00b036e2f0605c506ae4a3298e1e2d0b7067d22d1930a38bc4456b94f3c27bda8a590fb9d2651257595377d355e999c86d5a7cb1c8f0a5a33adc6b1362719f671e8068913f8fc846bbb12c2fbddbbad47605bb898df3246a5067233db9fcd2d4157e72faadedb3bd5564398d8a5fc7449e774d0fad7e89777cb1275c9905a13f2b3e889368c5b1973eb89115f255c143d02545171958f466accf88091b69b1bf1bb210dd1a6edc2f7d45639f57d096d938d586822ad76215d10c0ff2f5458e2991e5b56953786e159b4f1aaf23586eb4a6ee5dc2bce7ba98c554903eb7a0018899ce650d83270460bb5123c928f0f8e345a224a1709c8122fa993a3e1372f61b551ea78fdf46eadb877606c384c327467e0be2c71882f750fb801dc3c86f5713062999f11d4a53128864a346d9dd62891eacaf583a492d62095f6d2ebfeca94a81122bfc66e7398ee174e7c8812e81486b6cb7e3fde9ce941d8000ee44233fb4f989bfaf0c71d71c9ee25a9fb93c1d22d6d0c580888ed8dc3e7ef3de9d42eee6bec701560423bea31d4a826338dfdef25655b256301abf607270318866376bb1ad1a2dc8b680e489d274df2c8c94e6b2b98d747dd36100277e568015b033fd875f4f26227292d4109c818c412cf534cf8458410996585d0ca1a7d833661e49340d17e160f097edec64c81a7f7e8a72743ac9b27e522ebce2a2725a6a457ad638cc0203f2cf39f0b41deeafe75b80b49617ecc8a96376322a953b8c4b5dd256d34b89e051fd62e672b0e4408f3e3e873b842d57daf3d5361cc492721f198341deb61c7fc0a36e1e72f519a1f580e31f8ac26586dc1f0ef42ce587c98f0063be81f8a24fa843593a3879c1a98f0c722eb01bcbb7d8dfaffc9b6209764d613417a77be58998e69ae5322fb55149c8370a5c413a78c946aac6f87f895de4d5d747fc72bfe6f2e6f9607a119f9fee64200ce2b769a4babbdbea34f0f5b298295f68fb312b87216b871f558cb8e40a7477789cfead5fd3a0fb0a51c1c3dd2646cd355f0e0cecaacf48f09bc433bdcb882861195a522efbb8e4fd99bbecd135e92f498e264ba6cded2f5d39270512b13bdc530f0d53852dca324fc1c12de1a42deaa9457ccc561c21d28ccd7aafebafa4cb87fdc2a84c9d38b7fbabc74122f83040c7210aea3adb02f735f16de75c9b1012668780dbbdf05d2591180c3058b56777ff75a86af5662309e97ba2ec4b4d5228a93c8cdb69672a3aaa36b8968472fe638535dab4bdd52333c285ff054f4f2bc4be35532b3dc4e114fdef919de4113571818b6e6c36dfb18038a76d6651df135720b2692aa2e3dcb58d7efb128de412a3d4056b7618b12b93f888164a946bd546813ecbf7ac0fb044635dd48096824c635e3663ff0463f65f9e289c4327160524bf8cb5c1631dc58ea9630cf6bc2402f4da0f34871ae57b9d6ecf0e9a195ecacfe2031c9bc97a2fed56dc90a71bc2e53863b25e3476f7c09f43eb424d6e0d9a61ba2e9ebed6ed757ede2d7552e352cded009414a4093c3426a35f73e2c1a083a3b402ebbc698d0abedad764c852a215e64a338983cd8d2a4dd9ae06bb17b4351b0e1661711358dd55347fb72e38a820a9fcf5c66d2d66ca11ad5a1af926c3b1869f0a62328fb1aa5a508617722569d26ca27551d3ebe133ff86f309339265f555fb44f1f54856eda5ad1e2f37f65242d1d81954b8d2e63d16ed063fa5a299564154efd1234ff861282e5a918c98f6a0ecedfd24559092aa9676931326c95eb957bf9f71dcc94a0ebd581eb1f928fced4d21324b9bb34a162609ba02abe520440ed69178d942d6c065d25ec5c03342bd32cb132ea3bc34014e43e39474b290395ed56160bd0816f3caf005ae2074b5dbd0c1c93b8b68a535661aa361331e6c7a2f075ae7439fc22132bf5f4b4517aacfcd31db4d928956bc67f702dd76798d7e68f558870eb197c0790e9bdce860459fdf618ae2b88d352b6923ae2fa2dedc74a7a6bf9e120b661ec5bc759c3df1560378a8a9f49d0d91a8df4bbe6e740e357b39f323500fc34806c418922361e8fadcf4caa4aee75b6b5fd720500b7a84497beb0e65f5be20fd21e74ca69dc417a1fddc762ea48ef8732b23ad2e5fe0dcc3ba5f224128621a71a6a8860830f837fed03ae32d0ba8bc7acb4765c68503d93c530eff8a5ced7f8fffa4a404cd8f90f7c418144208918a6d6ab8eee8a95a2c09883e71970adbb36d7864ac18632af6fff3989438616421fe7692f38c48d5367ada9a5c768a9fa92e33dec9269a1d572160553f3be202281a5f8f02cdfa64a3e17ab2d04e76160cb944134387aaf8385fc6e11b548cfd067236036551e94af5fba65a0e0049b8a502b40a97990112f4acca743bba63a74e3f8cc12530575ddd74f9b77b93665d2a175083b7b086c116231cc66c7ca71e9ded96e0731e4e3b161e16ea0a2c15c13f39c19456d77f4323a5f277e0d4d32225eb0ece42679fc387c8279de6d960343fa2cd7ba9c5a18549ae2f5dd4741414434d712d9c8f3bc25d2d53cc7ed52254fea920786594fd7c561c0e2c2753432ed4bda6edabe4aa6f29e7381808e565588aeb9599127f754250ccf6763c96ed9b6e5e03eef7c03e2c89b057b23706152baf2fbcceb1a48671d224c7fbcda7113ee9bf543c99cbd27f3d9c3036e7b81524d9e98031eec78e2ea6601446c5fef1334b0d0788", 0x1000, 0x90, &(0x7f0000001080)={0x2, 0x0, @broadcast, 0x2}, 0x10) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) [ 684.437423] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 684.444693] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 684.451958] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 684.459229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 684.466496] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x12) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0xd3a86441641869fc, 0x1, 0x72, 0x7, 0x41, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x20, 0x7, 0x1000, 0xffffffff}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000240)={'syztnl0\x00', &(0x7f00000001c0)={'ip6gre0\x00', r2, 0x29, 0x5, 0x6, 0x0, 0x11, @loopback, @mcast1, 0x10, 0x700, 0x3, 0x1}}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_VLAN(r3, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8c}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="4565b5b57467"}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffff}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x4000081) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r4, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r5, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r5, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x660}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48010}, 0x40851) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000080)={0xa3, 0x0, &(0x7f0000000040)}) 13:38:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000000)="d1d3f37fd31269702017a3bf0df3d50966b1f56ff8837d84b94569a977395cc4ce6a51f9b4847059e21700617010734f23c9446a7b493cf1f84c39bc71110b9735efe465093174ef45fed5570be62866c18f018f978bcf9c44d33d75ac3b2052f332f26b5d1a4b73d926f8a5cb4503228b37b2cbb8c5f7684cf32147ad7d5f947aa741fa1db9efeeb1ff754b37df82f3a146b45c02e226dd560de774ed7d8bbe86167f1cbe5939cecf8f42fc4c788c51d0e55360ea72bbd54442494e698f44921674a0ca758d227b0c99b83729697ed7c2684dc138c5", 0xd6) 13:38:00 executing program 3: sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x10040) socketpair(0x6, 0x4, 0x30000000, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3b773c32607ff9de}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7f}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) socketpair(0x2, 0x1, 0x0, 0x0) sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x10040) (async) socketpair(0x6, 0x4, 0x30000000, &(0x7f0000000100)) (async) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3b773c32607ff9de}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7f}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) [ 684.529800] FAULT_INJECTION: forcing a failure. [ 684.529800] name failslab, interval 1, probability 0, space 0, times 0 13:38:00 executing program 3: sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x10040) socketpair(0x6, 0x4, 0x30000000, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3b773c32607ff9de}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7f}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) socketpair(0x2, 0x1, 0x0, 0x0) sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}]}, 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x10040) (async) socketpair(0x6, 0x4, 0x30000000, &(0x7f0000000100)) (async) sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3b773c32607ff9de}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7f}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) [ 684.598674] CPU: 0 PID: 13593 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 684.606582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.616019] Call Trace: [ 684.618614] dump_stack+0x1b2/0x281 [ 684.622244] should_fail.cold+0x10a/0x149 [ 684.626400] should_failslab+0xd6/0x130 [ 684.630382] kmem_cache_alloc_trace+0x29a/0x3d0 [ 684.635048] ? debugfs_create_file+0x37/0x60 [ 684.639543] kvm_dev_ioctl+0xce6/0x1450 [ 684.643519] ? fsnotify+0x974/0x11b0 13:38:00 executing program 3: ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000100)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x4, 0x0, 0x7}) socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080)) [ 684.647230] ? kvm_put_kvm+0xab0/0xab0 [ 684.651122] ? kvm_put_kvm+0xab0/0xab0 [ 684.655004] do_vfs_ioctl+0x75a/0xff0 [ 684.658800] ? lock_acquire+0x170/0x3f0 [ 684.662777] ? ioctl_preallocate+0x1a0/0x1a0 [ 684.667187] ? __fget+0x265/0x3e0 [ 684.670640] ? do_vfs_ioctl+0xff0/0xff0 [ 684.674614] ? security_file_ioctl+0x83/0xb0 [ 684.679025] SyS_ioctl+0x7f/0xb0 [ 684.682408] ? do_vfs_ioctl+0xff0/0xff0 [ 684.686386] do_syscall_64+0x1d5/0x640 [ 684.690278] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 684.695457] RIP: 0033:0x7fa37e383109 13:38:00 executing program 3: ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000100)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x4, 0x0, 0x7}) (async) socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080)) 13:38:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000000)="d1d3f37fd31269702017a3bf0df3d50966b1f56ff8837d84b94569a977395cc4ce6a51f9b4847059e21700617010734f23c9446a7b493cf1f84c39bc71110b9735efe465093174ef45fed5570be62866c18f018f978bcf9c44d33d75ac3b2052f332f26b5d1a4b73d926f8a5cb4503228b37b2cbb8c5f7684cf32147ad7d5f947aa741fa1db9efeeb1ff754b37df82f3a146b45c02e226dd560de774ed7d8bbe86167f1cbe5939cecf8f42fc4c788c51d0e55360ea72bbd54442494e698f44921674a0ca758d227b0c99b83729697ed7c2684dc138c5", 0xd6) [ 684.699157] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 684.706860] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 684.714124] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 684.721474] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 684.728739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 684.736007] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:00 executing program 4: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000), 0x106, 0x5}}, 0x20) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001100)={'team_slave_1\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000011c0)={'ip6tnl0\x00', &(0x7f0000001140)={'ip6_vti0\x00', r0, 0x2f, 0x2, 0x2, 0x60, 0x97, @dev={0xfe, 0x80, '\x00', 0x3d}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x10, 0x0, 0xb0, 0xff}}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000001240)={0x2, 0x4}) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_X86_SET_MCE(r4, 0x4040ae9e, &(0x7f0000001200)={0xe080000000000000, 0x3000, 0x71, 0xe, 0x1f}) (async) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f00000010c0)={0x0, 0x8, 0x2}) (async) sendto$l2tp(r1, &(0x7f0000000080)="20774edc620c0f08560105d8f1958e3239a84a2eeabaf9ec7198463664c08920731e2fd61d02447b4701174b3dcc8ed26bdb52451873c08d668f913afd6a4090c3ce6bb68d93617cd66102f2df72adcd32f01779506012459d69b89993e115fcdd0105dc580b6f3b985b62e69677f33bf8c0c64cdccf1a5f221291b8b56f1c05185b7019a0dfc2f786eab80aa99a9be464ffa082c2d1f7cabfb9f0e1b246d8c4604e267bd70888395bb1c64b82537f8c9ef6b35b98e2dd587d3bf496e226e619b5f9c26c8ac239b8b6dee5c8d3e65c5a7473913193cbf549a348ebae33056c2151ec2d6a1f337e7a3997f403d4a0c4b34f14b95b4d10ca9f836f118bcf17249624357f4e8e60c7b71ab26e10dac3783bdaa6aefe3756c832244a6acbd4de044ba9053a5fd53e4bff83713abfe5e1ef02a9651887cb7785ab5bd4b81381abfb5de127f58c4a5d28680e5005f950b7a584428c9b6e6d8ab35b364edb1414d3d064c8f50a60414f3633947a890d48ff72393c432c6dc7d6f09bf6c09848df45d8f752e396d9f807c7456943f191be37fcbcedeb2eef9a262f08328262de3ff68cbf730e0de24185d8fa3aa0f989c92f986e6aa53edcfc02858f4eb8c4b77b4fe46ade3c1f288c7ceb860932116919e0381b545fd63263cbbc4cfdaba2211d22e213d92af02e1821863fa90aa451eba4d74e884cb475bfcc24f9526fc3b47ff58f5a977c7298bc60ccce312a0c52c6c78b157ba1350ce0c212362638f1651e2157726bed36c6c4b9419611c32a913fa0d908ad6c2e99c696bf60dd8cdb229fb26ea9e7188aadee301e38f9ff4ad7b4dacac81ff165690a51cceeaff2fd2ecbb675c6fb9068fe7b7c930a5d3c27cda9a3050a0c1323f51a3a3ca7ccdbb0eeced21fe6586b1a49700c52389c0d0cd5146e1844d3a429ae4db9952ed4fb7deffbfec8bf8a58a2bb82fca2066934744251ecc4beb08a885d4254cb7663f23a8d6bdf2c756f6f8197e86b3e1deab19f5a2f6f8bdd2ba489fbf7a6dc0e999aebc6d835e65177c579771125c34236b6b64bbbb90647127aadb2ff10eb45f899eb5797c368389cafc88c7e480680aa19bb4608ff822e514bd70b7a99b8490a26c1ee78ade1410f3d0dc0ce197bc8150b00c44b7b7ccce5fc1eca91b902e4defc715e97abc12bf4dad74ecc4411f9f8d28fafc36465bdbda173d8beb8d0a1a70b8a1aeed971eefd9e40f4cad109e7a11d03d8f243f14f6caa8fa05443aeb854c708fbabaeefaf0f4673f933653ac018079b96cfbed4c84b71f3e5c1f5b8ad0c54208e8110cbf96cc831740b7621a37fdaf5cda6a0830a4c26c60f463657d9554548891521508db3bbeac9ad79875ff0edff838cde1968b99bdd486ed90635de83f97ea00867ddc1c17e8202bfeb46528a2ca9fdd4f2d33ca6b5149d412df5c59894f54247797a551f5cef38d70a25e6f223b5862f31d3dddb8bc48e03d854396ed13796ed6a606b707364886620c17c1b8fdacfb1c936a0e56f718b8a667974b72d1ee62e8e55f6d62a37ec18f8acef834d5c026ff94977a950971af03d6468bb870fa553befd3a303930398a8701ccb35d50e27aeeec8f33aa20b6dc072f1f928322fa49b55d3da371535995dac07b7e59479b84b69c1c3de03990f3c6174cf4293b493d67bce0d61ee116e02eb1ac562cd5684bd8ebebd2323bc6d864d1967d09c0831c667f9bb524418bda40b4167c12f22c1b2b5da1d7b10503ea20543ba1dccd56acc471d4d3e54d55c011a343ea590eedb84d3a81ea70cc3b97eec041cf7a27a8c5947c2bdf6237104048972a39dae5e207062904dd7d9f43034d6e1821808f94b2a5a1435e727330cd21c306d8c900a621ca9505f46b6b0a6474ba5c67e16710b50240fb195c81974fcd9c2f2b03e8d7ed76a1cfa4892a47d75df146dadae5206ba796f93f36cedf2171e87d23028f0e27810f49113bb3caf1d391278da2d5fec3bbfd299df3783a32a51c3a2056cf9e76169a595b6e020c5c7ab8bcecdcf0f25cafab76f48cac7ea1ecbeeadca4ed9faffb255d54afdc99e681d5bc36701aafda3ad6892bc6fc0ccfc005ee9a55fb03756cd3292b5578853a92957c1e78bda01bca3ba414d1e56a3daa395bd738ab8c2a750fe3c7b9a7430d6d1df86479db1eb9b1b903b35e7c425d3b6d9b379d21c82bcfe0a2f2eea96e68199ddc72c3f0063394bae5efa72b18cb633e5c17a50c6dad1b5e3d20a7e04c3702ff46ff5769090dff8b5784766e2bf6aac6448910df3c03893fe7b02dfac2c5449235c32146305167cbc12c94c10152fd44e46a906015523f85718403c4d2b875aa574f5a987d7888ec7fbd75c419eab350adb7687287c7f95ce3990f7f03a0ac1ad4683f3cfd2dcc0d7084925a1a0509693c0a49df5feca62755c68ba79dbc05557a71eb49405eac35559784e86620e84e891a8753959dc6ca09344c7dd914fedf9871bc5045b9d2a9769a7faf0e60fa0d13d566134257b7e679844d61d83055f72d851281e9f3e755e501a8d08771bf1a74243ae226f7a49d8c36ee2555a72ed2eba4f7213d2eaa6b95c7347a83af1d2f1aee64ef0b3290359296f4aa15391f9fe039e5fbb8311fef31226efca05edb45eaa00e442156488176c850b20619b7ec96bfb0b8a4d07fb51e49e83e3a0a5c6ecb0fa9034d367b6ca93ecbd7c54fc1156664f92412baf382e4e3f83391f37b7b83204f01ba470e8ee0eb2880288ea410b78e1e79288908f475401aa6ced03cdb45d850172974ce9cb1f9afda3178f7504416ef694a07829f668b946bc80fa483797c01fa71c16df647914b4ed93ab210dc2cf08616519bef67fdad86b07f313900ee405bc75b542c05e49d8c0c8919b7faf0c55870f2032dda0531cc03c5ef3fd3d272b230e41945aa94de42b609477c51e53fe9bc60cd2ec95333fbf415ad1d6c41a0fb97aa01d496eb40bab41544994e92ac050ad56e354a637b5fe8c0727b7618e471262e4102b7ebc9b20a0e7cd3a9637b2dfdd3104b34d544920f4187522333e078e474b122a70cf257a654a838e18f00b036e2f0605c506ae4a3298e1e2d0b7067d22d1930a38bc4456b94f3c27bda8a590fb9d2651257595377d355e999c86d5a7cb1c8f0a5a33adc6b1362719f671e8068913f8fc846bbb12c2fbddbbad47605bb898df3246a5067233db9fcd2d4157e72faadedb3bd5564398d8a5fc7449e774d0fad7e89777cb1275c9905a13f2b3e889368c5b1973eb89115f255c143d02545171958f466accf88091b69b1bf1bb210dd1a6edc2f7d45639f57d096d938d586822ad76215d10c0ff2f5458e2991e5b56953786e159b4f1aaf23586eb4a6ee5dc2bce7ba98c554903eb7a0018899ce650d83270460bb5123c928f0f8e345a224a1709c8122fa993a3e1372f61b551ea78fdf46eadb877606c384c327467e0be2c71882f750fb801dc3c86f5713062999f11d4a53128864a346d9dd62891eacaf583a492d62095f6d2ebfeca94a81122bfc66e7398ee174e7c8812e81486b6cb7e3fde9ce941d8000ee44233fb4f989bfaf0c71d71c9ee25a9fb93c1d22d6d0c580888ed8dc3e7ef3de9d42eee6bec701560423bea31d4a826338dfdef25655b256301abf607270318866376bb1ad1a2dc8b680e489d274df2c8c94e6b2b98d747dd36100277e568015b033fd875f4f26227292d4109c818c412cf534cf8458410996585d0ca1a7d833661e49340d17e160f097edec64c81a7f7e8a72743ac9b27e522ebce2a2725a6a457ad638cc0203f2cf39f0b41deeafe75b80b49617ecc8a96376322a953b8c4b5dd256d34b89e051fd62e672b0e4408f3e3e873b842d57daf3d5361cc492721f198341deb61c7fc0a36e1e72f519a1f580e31f8ac26586dc1f0ef42ce587c98f0063be81f8a24fa843593a3879c1a98f0c722eb01bcbb7d8dfaffc9b6209764d613417a77be58998e69ae5322fb55149c8370a5c413a78c946aac6f87f895de4d5d747fc72bfe6f2e6f9607a119f9fee64200ce2b769a4babbdbea34f0f5b298295f68fb312b87216b871f558cb8e40a7477789cfead5fd3a0fb0a51c1c3dd2646cd355f0e0cecaacf48f09bc433bdcb882861195a522efbb8e4fd99bbecd135e92f498e264ba6cded2f5d39270512b13bdc530f0d53852dca324fc1c12de1a42deaa9457ccc561c21d28ccd7aafebafa4cb87fdc2a84c9d38b7fbabc74122f83040c7210aea3adb02f735f16de75c9b1012668780dbbdf05d2591180c3058b56777ff75a86af5662309e97ba2ec4b4d5228a93c8cdb69672a3aaa36b8968472fe638535dab4bdd52333c285ff054f4f2bc4be35532b3dc4e114fdef919de4113571818b6e6c36dfb18038a76d6651df135720b2692aa2e3dcb58d7efb128de412a3d4056b7618b12b93f888164a946bd546813ecbf7ac0fb044635dd48096824c635e3663ff0463f65f9e289c4327160524bf8cb5c1631dc58ea9630cf6bc2402f4da0f34871ae57b9d6ecf0e9a195ecacfe2031c9bc97a2fed56dc90a71bc2e53863b25e3476f7c09f43eb424d6e0d9a61ba2e9ebed6ed757ede2d7552e352cded009414a4093c3426a35f73e2c1a083a3b402ebbc698d0abedad764c852a215e64a338983cd8d2a4dd9ae06bb17b4351b0e1661711358dd55347fb72e38a820a9fcf5c66d2d66ca11ad5a1af926c3b1869f0a62328fb1aa5a508617722569d26ca27551d3ebe133ff86f309339265f555fb44f1f54856eda5ad1e2f37f65242d1d81954b8d2e63d16ed063fa5a299564154efd1234ff861282e5a918c98f6a0ecedfd24559092aa9676931326c95eb957bf9f71dcc94a0ebd581eb1f928fced4d21324b9bb34a162609ba02abe520440ed69178d942d6c065d25ec5c03342bd32cb132ea3bc34014e43e39474b290395ed56160bd0816f3caf005ae2074b5dbd0c1c93b8b68a535661aa361331e6c7a2f075ae7439fc22132bf5f4b4517aacfcd31db4d928956bc67f702dd76798d7e68f558870eb197c0790e9bdce860459fdf618ae2b88d352b6923ae2fa2dedc74a7a6bf9e120b661ec5bc759c3df1560378a8a9f49d0d91a8df4bbe6e740e357b39f323500fc34806c418922361e8fadcf4caa4aee75b6b5fd720500b7a84497beb0e65f5be20fd21e74ca69dc417a1fddc762ea48ef8732b23ad2e5fe0dcc3ba5f224128621a71a6a8860830f837fed03ae32d0ba8bc7acb4765c68503d93c530eff8a5ced7f8fffa4a404cd8f90f7c418144208918a6d6ab8eee8a95a2c09883e71970adbb36d7864ac18632af6fff3989438616421fe7692f38c48d5367ada9a5c768a9fa92e33dec9269a1d572160553f3be202281a5f8f02cdfa64a3e17ab2d04e76160cb944134387aaf8385fc6e11b548cfd067236036551e94af5fba65a0e0049b8a502b40a97990112f4acca743bba63a74e3f8cc12530575ddd74f9b77b93665d2a175083b7b086c116231cc66c7ca71e9ded96e0731e4e3b161e16ea0a2c15c13f39c19456d77f4323a5f277e0d4d32225eb0ece42679fc387c8279de6d960343fa2cd7ba9c5a18549ae2f5dd4741414434d712d9c8f3bc25d2d53cc7ed52254fea920786594fd7c561c0e2c2753432ed4bda6edabe4aa6f29e7381808e565588aeb9599127f754250ccf6763c96ed9b6e5e03eef7c03e2c89b057b23706152baf2fbcceb1a48671d224c7fbcda7113ee9bf543c99cbd27f3d9c3036e7b81524d9e98031eec78e2ea6601446c5fef1334b0d0788", 0x1000, 0x90, &(0x7f0000001080)={0x2, 0x0, @broadcast, 0x2}, 0x10) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 64) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x12) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0xd3a86441641869fc, 0x1, 0x72, 0x7, 0x41, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x20, 0x7, 0x1000, 0xffffffff}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000240)={'syztnl0\x00', &(0x7f00000001c0)={'ip6gre0\x00', r2, 0x29, 0x5, 0x6, 0x0, 0x11, @loopback, @mcast1, 0x10, 0x700, 0x3, 0x1}}) (async, rerun: 32) r3 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) sendmsg$BATADV_CMD_GET_VLAN(r3, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8c}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="4565b5b57467"}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffff}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x4000081) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (rerun: 64) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r4, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r5, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r5, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x660}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48010}, 0x40851) (async) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000080)={0xa3, 0x0, &(0x7f0000000040)}) 13:38:00 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 54) [ 684.939447] FAULT_INJECTION: forcing a failure. [ 684.939447] name failslab, interval 1, probability 0, space 0, times 0 [ 684.999704] CPU: 1 PID: 13694 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 685.007598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.016964] Call Trace: [ 685.019549] dump_stack+0x1b2/0x281 [ 685.023179] should_fail.cold+0x10a/0x149 [ 685.027327] should_failslab+0xd6/0x130 [ 685.031306] kmem_cache_alloc_trace+0x29a/0x3d0 [ 685.035968] ? debugfs_create_file+0x37/0x60 [ 685.040378] kvm_dev_ioctl+0xce6/0x1450 [ 685.044354] ? fsnotify+0x974/0x11b0 [ 685.048068] ? kvm_put_kvm+0xab0/0xab0 [ 685.051965] ? kvm_put_kvm+0xab0/0xab0 [ 685.055861] do_vfs_ioctl+0x75a/0xff0 [ 685.059662] ? lock_acquire+0x170/0x3f0 [ 685.063635] ? ioctl_preallocate+0x1a0/0x1a0 [ 685.068043] ? __fget+0x265/0x3e0 [ 685.071491] ? do_vfs_ioctl+0xff0/0xff0 [ 685.075465] ? security_file_ioctl+0x83/0xb0 [ 685.079869] SyS_ioctl+0x7f/0xb0 [ 685.083239] ? do_vfs_ioctl+0xff0/0xff0 [ 685.087212] do_syscall_64+0x1d5/0x640 [ 685.091100] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 685.096281] RIP: 0033:0x7fa37e383109 13:38:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:01 executing program 3: ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000100)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x4, 0x0, 0x7}) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080)) 13:38:01 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000000)="d1d3f37fd31269702017a3bf0df3d50966b1f56ff8837d84b94569a977395cc4ce6a51f9b4847059e21700617010734f23c9446a7b493cf1f84c39bc71110b9735efe465093174ef45fed5570be62866c18f018f978bcf9c44d33d75ac3b2052f332f26b5d1a4b73d926f8a5cb4503228b37b2cbb8c5f7684cf32147ad7d5f947aa741fa1db9efeeb1ff754b37df82f3a146b45c02e226dd560de774ed7d8bbe86167f1cbe5939cecf8f42fc4c788c51d0e55360ea72bbd54442494e698f44921674a0ca758d227b0c99b83729697ed7c2684dc138c5", 0xd6) 13:38:01 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14, &(0x7f0000000140)={&(0x7f00000000c0)="583d9da843d835b6770edcea06b3a057c219aa6f190ff640f35fa70b802c430d9cdd6a341d896a4cadc40b86ec562f5d0fe5582af7988954e6fa1f5427eeab23e4b958da2fc569f2286819d24cb455107896b450fa2333a1279b43416ae581ceca93f938c5418c0880b83beba6ba485fd7466022c7348e21c3ff", 0x7a}, 0x1, 0x0, 0x0, 0x4}, 0x200080c0) ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x20000000, 0x2, 0xfe}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000040)) 13:38:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 64) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x12) (async, rerun: 64) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0xd3a86441641869fc, 0x1, 0x72, 0x7, 0x41, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x3f}, 0x20, 0x7, 0x1000, 0xffffffff}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000240)={'syztnl0\x00', &(0x7f00000001c0)={'ip6gre0\x00', r2, 0x29, 0x5, 0x6, 0x0, 0x11, @loopback, @mcast1, 0x10, 0x700, 0x3, 0x1}}) (async, rerun: 32) r3 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) sendmsg$BATADV_CMD_GET_VLAN(r3, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x38, 0x0, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8c}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="4565b5b57467"}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffff}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x881}, 0x4000081) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r4, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r5, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r5, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x660}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48010}, 0x40851) (async) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000080)={0xa3, 0x0, &(0x7f0000000040)}) [ 685.099981] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 685.107685] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 685.114947] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 685.122208] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 685.129481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 685.136764] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:01 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000000000)={0x0, 0x1, r1}) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:01 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x668, 0x800], 0x2, 0x80c00, 0x0, 0xffffffffffffffff}) accept4$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14, 0x0) 13:38:01 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14, &(0x7f0000000140)={&(0x7f00000000c0)="583d9da843d835b6770edcea06b3a057c219aa6f190ff640f35fa70b802c430d9cdd6a341d896a4cadc40b86ec562f5d0fe5582af7988954e6fa1f5427eeab23e4b958da2fc569f2286819d24cb455107896b450fa2333a1279b43416ae581ceca93f938c5418c0880b83beba6ba485fd7466022c7348e21c3ff", 0x7a}, 0x1, 0x0, 0x0, 0x4}, 0x200080c0) ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x20000000, 0x2, 0xfe}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000040)) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async) sendmsg$802154_dgram(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14, &(0x7f0000000140)={&(0x7f00000000c0)="583d9da843d835b6770edcea06b3a057c219aa6f190ff640f35fa70b802c430d9cdd6a341d896a4cadc40b86ec562f5d0fe5582af7988954e6fa1f5427eeab23e4b958da2fc569f2286819d24cb455107896b450fa2333a1279b43416ae581ceca93f938c5418c0880b83beba6ba485fd7466022c7348e21c3ff", 0x7a}, 0x1, 0x0, 0x0, 0x4}, 0x200080c0) (async) ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x20000000, 0x2, 0xfe}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000040)) (async) 13:38:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv6_getrule={0x1c, 0x22, 0x400, 0x70bd2a, 0x25dfdbfd, {0xa, 0x10, 0x4, 0x4, 0x0, 0x0, 0x0, 0x3, 0x2}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:01 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 64) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000000000)={0x0, 0x1, r1}) (async, rerun: 64) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 55) 13:38:01 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x668, 0x800], 0x2, 0x80c00, 0x0, 0xffffffffffffffff}) accept4$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14, 0x0) 13:38:01 executing program 4: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x24, @short={0x2, 0xffff, 0xaaa3}}, 0x14, &(0x7f0000000140)={&(0x7f00000000c0)="583d9da843d835b6770edcea06b3a057c219aa6f190ff640f35fa70b802c430d9cdd6a341d896a4cadc40b86ec562f5d0fe5582af7988954e6fa1f5427eeab23e4b958da2fc569f2286819d24cb455107896b450fa2333a1279b43416ae581ceca93f938c5418c0880b83beba6ba485fd7466022c7348e21c3ff", 0x7a}, 0x1, 0x0, 0x0, 0x4}, 0x200080c0) (async) ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x20000000, 0x2, 0xfe}) (async, rerun: 64) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000040)) 13:38:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv6_getrule={0x1c, 0x22, 0x400, 0x70bd2a, 0x25dfdbfd, {0xa, 0x10, 0x4, 0x4, 0x0, 0x0, 0x0, 0x3, 0x2}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:01 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r0, 0xc01064c2, &(0x7f0000000000)={0x0, 0x1, r1}) (async) socketpair(0x2, 0x1, 0x0, 0x0) [ 685.429785] FAULT_INJECTION: forcing a failure. [ 685.429785] name failslab, interval 1, probability 0, space 0, times 0 [ 685.452827] CPU: 1 PID: 13826 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 685.460732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.470083] Call Trace: [ 685.472692] dump_stack+0x1b2/0x281 [ 685.476328] should_fail.cold+0x10a/0x149 [ 685.480484] should_failslab+0xd6/0x130 [ 685.484464] kmem_cache_alloc+0x28e/0x3c0 [ 685.488617] alloc_inode+0xa0/0x170 [ 685.492244] new_inode+0x1d/0xf0 [ 685.495610] debugfs_get_inode+0x1a/0x130 [ 685.499760] __debugfs_create_file+0x93/0x440 [ 685.504253] ? debugfs_create_file+0x37/0x60 [ 685.508660] kvm_dev_ioctl+0xe7f/0x1450 [ 685.512722] ? fsnotify+0x974/0x11b0 [ 685.516432] ? kvm_put_kvm+0xab0/0xab0 [ 685.520321] ? kvm_put_kvm+0xab0/0xab0 [ 685.524215] do_vfs_ioctl+0x75a/0xff0 [ 685.528014] ? lock_acquire+0x170/0x3f0 [ 685.531986] ? ioctl_preallocate+0x1a0/0x1a0 [ 685.536392] ? __fget+0x265/0x3e0 [ 685.539843] ? do_vfs_ioctl+0xff0/0xff0 [ 685.543901] ? security_file_ioctl+0x83/0xb0 [ 685.548307] SyS_ioctl+0x7f/0xb0 [ 685.551673] ? do_vfs_ioctl+0xff0/0xff0 [ 685.555644] do_syscall_64+0x1d5/0x640 [ 685.559537] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 685.564724] RIP: 0033:0x7fa37e383109 [ 685.568426] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:01 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x668, 0x800], 0x2, 0x80c00, 0x0, 0xffffffffffffffff}) accept4$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14, 0x0) 13:38:01 executing program 3: socketpair(0x1, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000000)=0x3f) 13:38:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv6_getrule={0x1c, 0x22, 0x400, 0x70bd2a, 0x25dfdbfd, {0xa, 0x10, 0x4, 0x4, 0x0, 0x0, 0x0, 0x3, 0x2}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 685.576132] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 685.583397] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 685.590665] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 685.597934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 685.605298] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:01 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x2) 13:38:01 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000000c0)={0x2, 0x55, &(0x7f0000000040)=""/85}) 13:38:01 executing program 4: socketpair(0x29, 0x800, 0x10000, 0x0) 13:38:01 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 56) 13:38:01 executing program 3: socketpair(0x1, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000000)=0x3f) 13:38:01 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x2) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x2) (async) 13:38:01 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x7, 0x3f, 0x0, 0x4, 0xb], 0x5, 0x800, 0x0, 0xffffffffffffffff}) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082bbd7000fcdbdf250000000005000d0e398bbe91ae1ab40cf7e10001"], 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x20040880) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7fff}]}, 0x24}, 0x1, 0x0, 0x0, 0x8885}, 0x8010) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:01 executing program 4: socketpair(0x29, 0x800, 0x10000, 0x0) 13:38:01 executing program 3: socketpair(0x1, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000000)=0x3f) socketpair(0x1, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000000)=0x3f) (async) [ 685.747761] FAULT_INJECTION: forcing a failure. [ 685.747761] name failslab, interval 1, probability 0, space 0, times 0 [ 685.768709] CPU: 1 PID: 13868 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 685.776614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.785967] Call Trace: [ 685.788555] dump_stack+0x1b2/0x281 [ 685.792185] should_fail.cold+0x10a/0x149 [ 685.796341] should_failslab+0xd6/0x130 [ 685.800322] kmem_cache_alloc_trace+0x29a/0x3d0 [ 685.804985] ? debugfs_create_file+0x37/0x60 [ 685.809397] kvm_dev_ioctl+0xce6/0x1450 [ 685.813374] ? fsnotify+0x974/0x11b0 [ 685.817084] ? kvm_put_kvm+0xab0/0xab0 [ 685.820974] ? kvm_put_kvm+0xab0/0xab0 [ 685.824862] do_vfs_ioctl+0x75a/0xff0 [ 685.828659] ? lock_acquire+0x170/0x3f0 [ 685.832634] ? ioctl_preallocate+0x1a0/0x1a0 [ 685.837041] ? __fget+0x265/0x3e0 [ 685.840491] ? do_vfs_ioctl+0xff0/0xff0 [ 685.844466] ? security_file_ioctl+0x83/0xb0 [ 685.848874] SyS_ioctl+0x7f/0xb0 [ 685.852244] ? do_vfs_ioctl+0xff0/0xff0 [ 685.856233] do_syscall_64+0x1d5/0x640 [ 685.860125] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 685.865323] RIP: 0033:0x7fa37e383109 [ 685.869028] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 685.876821] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 685.884090] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:38:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000000c0)={0x2, 0x55, &(0x7f0000000040)=""/85}) 13:38:02 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x404c8b4) 13:38:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x2) 13:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 64) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x7, 0x3f, 0x0, 0x4, 0xb], 0x5, 0x800, 0x0, 0xffffffffffffffff}) (rerun: 64) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082bbd7000fcdbdf250000000005000d0e398bbe91ae1ab40cf7e10001"], 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x20040880) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7fff}]}, 0x24}, 0x1, 0x0, 0x0, 0x8885}, 0x8010) (async, rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (rerun: 32) 13:38:02 executing program 4: socketpair(0x29, 0x800, 0x10000, 0x0) [ 685.891361] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 685.898627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 685.905893] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 57) 13:38:02 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x404c8b4) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x404c8b4) (async) 13:38:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000000c0)={0x2, 0x55, &(0x7f0000000040)=""/85}) 13:38:02 executing program 4: socketpair(0x2, 0x80000, 0xfff, 0x0) 13:38:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00'}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x0, 0x4513, 0x800, 0x41, 0x1, 0xfff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x4, 0x2}, 0x48) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000240), 0x20000) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x2, 0x3a, 0x4, 0x1, r1, 0x400, '\x00', 0x0, r2, 0x3, 0x1, 0x1}, 0x48) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x13}}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_DST={0x14, 0x1, @mcast1}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x80081) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x7, 0x3f, 0x0, 0x4, 0xb], 0x5, 0x800, 0x0, 0xffffffffffffffff}) (rerun: 32) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082bbd7000fcdbdf250000000005000d0e398bbe91ae1ab40cf7e10001"], 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x20040880) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) (rerun: 32) sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x7fff}]}, 0x24}, 0x1, 0x0, 0x0, 0x8885}, 0x8010) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 686.014131] FAULT_INJECTION: forcing a failure. [ 686.014131] name failslab, interval 1, probability 0, space 0, times 0 [ 686.056369] CPU: 1 PID: 13913 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 686.064359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.073739] Call Trace: [ 686.076333] dump_stack+0x1b2/0x281 [ 686.079968] should_fail.cold+0x10a/0x149 [ 686.084124] should_failslab+0xd6/0x130 [ 686.088103] kmem_cache_alloc+0x28e/0x3c0 [ 686.092255] __d_alloc+0x2a/0xa20 [ 686.097822] ? d_lookup+0x172/0x220 [ 686.101540] d_alloc+0x46/0x240 [ 686.104842] __lookup_hash+0x101/0x270 [ 686.108734] ? __inode_permission+0xcd/0x2f0 [ 686.113143] lookup_one_len+0x279/0x3a0 [ 686.117120] ? lookup_one_len_unlocked+0x410/0x410 [ 686.122051] start_creating+0xb0/0x200 [ 686.125942] __debugfs_create_file+0x4f/0x440 [ 686.130434] ? debugfs_create_file+0x37/0x60 [ 686.134846] kvm_dev_ioctl+0xe7f/0x1450 [ 686.138831] ? fsnotify+0x974/0x11b0 [ 686.142545] ? kvm_put_kvm+0xab0/0xab0 [ 686.146433] ? kvm_put_kvm+0xab0/0xab0 [ 686.150406] do_vfs_ioctl+0x75a/0xff0 [ 686.154205] ? lock_acquire+0x170/0x3f0 [ 686.158178] ? ioctl_preallocate+0x1a0/0x1a0 [ 686.162588] ? __fget+0x265/0x3e0 [ 686.166216] ? do_vfs_ioctl+0xff0/0xff0 [ 686.170191] ? security_file_ioctl+0x83/0xb0 [ 686.174600] SyS_ioctl+0x7f/0xb0 [ 686.177962] ? do_vfs_ioctl+0xff0/0xff0 [ 686.181934] do_syscall_64+0x1d5/0x640 [ 686.185829] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 686.191015] RIP: 0033:0x7fa37e383109 [ 686.194716] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:02 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_TP_METER(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000080}, 0x404c8b4) 13:38:02 executing program 4: socketpair(0x2, 0x80000, 0xfff, 0x0) 13:38:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00'}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x0, 0x4513, 0x800, 0x41, 0x1, 0xfff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x4, 0x2}, 0x48) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000240), 0x20000) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x2, 0x3a, 0x4, 0x1, r1, 0x400, '\x00', 0x0, r2, 0x3, 0x1, 0x1}, 0x48) (async) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x13}}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_DST={0x14, 0x1, @mcast1}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x80081) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:02 executing program 1: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000080)={0x6, 0x0, [{0x40000000, 0x5, 0x6, 0x4, 0x6}, {0x40000000, 0x7fff, 0x0, 0x6, 0x4}, {0xd, 0xdf4, 0x401, 0xba7, 0x9}, {0xa, 0x1, 0x1, 0x80000000, 0x8}, {0xb, 0x7, 0x3954baeb, 0x1, 0x8}, {0xa, 0xfffffffe, 0x9, 0xff, 0x1000}]}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) 13:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x6], 0x1, 0x80000}) socket$inet6_icmp(0xa, 0x2, 0x3a) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0xa0840) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 686.202419] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 686.209684] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 686.216949] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 686.224313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 686.231580] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:02 executing program 3: socketpair(0x10, 0x6, 0x6, 0x0) 13:38:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 58) 13:38:02 executing program 4: socketpair(0x2, 0x80000, 0xfff, 0x0) 13:38:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00'}) (async, rerun: 32) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@bloom_filter={0x1e, 0x0, 0x4513, 0x800, 0x41, 0x1, 0xfff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x4, 0x2}, 0x48) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000000240), 0x20000) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x2, 0x3a, 0x4, 0x1, r1, 0x400, '\x00', 0x0, r2, 0x3, 0x1, 0x1}, 0x48) (async) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@SEG6_ATTR_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x13}}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_DST={0x14, 0x1, @mcast1}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x80081) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x6], 0x1, 0x80000}) socket$inet6_icmp(0xa, 0x2, 0x3a) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0xa0840) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x6], 0x1, 0x80000}) (async) socket$inet6_icmp(0xa, 0x2, 0x3a) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0xa0840) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:38:02 executing program 1: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000080)={0x6, 0x0, [{0x40000000, 0x5, 0x6, 0x4, 0x6}, {0x40000000, 0x7fff, 0x0, 0x6, 0x4}, {0xd, 0xdf4, 0x401, 0xba7, 0x9}, {0xa, 0x1, 0x1, 0x80000000, 0x8}, {0xb, 0x7, 0x3954baeb, 0x1, 0x8}, {0xa, 0xfffffffe, 0x9, 0xff, 0x1000}]}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000080)={0x6, 0x0, [{0x40000000, 0x5, 0x6, 0x4, 0x6}, {0x40000000, 0x7fff, 0x0, 0x6, 0x4}, {0xd, 0xdf4, 0x401, 0xba7, 0x9}, {0xa, 0x1, 0x1, 0x80000000, 0x8}, {0xb, 0x7, 0x3954baeb, 0x1, 0x8}, {0xa, 0xfffffffe, 0x9, 0xff, 0x1000}]}) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) 13:38:02 executing program 3: socketpair(0x10, 0x6, 0x6, 0x0) 13:38:02 executing program 3: socketpair(0x10, 0x6, 0x6, 0x0) socketpair(0x10, 0x6, 0x6, 0x0) (async) 13:38:02 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x14, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendto$packet(r0, &(0x7f0000000080)="c3057e5fbdf74fd34698ffa03b2d7f598b77694adbd74bc736fbac6f3f077db5b815f8d15532634f352028c959026975edab55c32209d73e1c1dae9bc30062ad3cb24e6a18bbf9f814a2e326111160942035d1fa49e8a79ce594d500e6319203a2505c5e68c4a03630fe74ebd7215f1fc83f529f51f578d09c4adeb784ca2ba409df2981a73eaa2df05610162e99849ae9a5251ffd454920431008734d7c1b63b344a99c26a76e8605242941d6ba233f3ca0fce79706ac2864670a41145df1f27e813247c2eac46ed09de7675a53e28dff74e6bca0c27c045dc8f166ea229fba1ce113", 0xe3, 0x48000, &(0x7f0000000180)={0x11, 0x18, r2, 0x1, 0xe3, 0x6, @remote}, 0x14) 13:38:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0]}) [ 686.404036] FAULT_INJECTION: forcing a failure. [ 686.404036] name failslab, interval 1, probability 0, space 0, times 0 [ 686.438369] CPU: 1 PID: 13990 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 686.446283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.455722] Call Trace: [ 686.458311] dump_stack+0x1b2/0x281 [ 686.461943] should_fail.cold+0x10a/0x149 [ 686.466094] should_failslab+0xd6/0x130 [ 686.470081] kmem_cache_alloc+0x28e/0x3c0 [ 686.474237] alloc_inode+0xa0/0x170 [ 686.477862] new_inode+0x1d/0xf0 [ 686.481226] debugfs_get_inode+0x1a/0x130 [ 686.485374] __debugfs_create_file+0x93/0x440 [ 686.489915] ? debugfs_create_file+0x37/0x60 [ 686.494322] kvm_dev_ioctl+0xe7f/0x1450 [ 686.498299] ? fsnotify+0x974/0x11b0 [ 686.502007] ? kvm_put_kvm+0xab0/0xab0 [ 686.505988] ? kvm_put_kvm+0xab0/0xab0 [ 686.509872] do_vfs_ioctl+0x75a/0xff0 [ 686.513669] ? lock_acquire+0x170/0x3f0 [ 686.517640] ? ioctl_preallocate+0x1a0/0x1a0 [ 686.522059] ? __fget+0x265/0x3e0 [ 686.525513] ? do_vfs_ioctl+0xff0/0xff0 [ 686.529515] ? security_file_ioctl+0x83/0xb0 [ 686.533923] SyS_ioctl+0x7f/0xb0 [ 686.537293] ? do_vfs_ioctl+0xff0/0xff0 [ 686.541275] do_syscall_64+0x1d5/0x640 [ 686.545171] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 686.550361] RIP: 0033:0x7fa37e383109 13:38:02 executing program 3: socketpair(0x2c, 0x1, 0x0, 0x0) 13:38:02 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x14, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) sendto$packet(r0, &(0x7f0000000080)="c3057e5fbdf74fd34698ffa03b2d7f598b77694adbd74bc736fbac6f3f077db5b815f8d15532634f352028c959026975edab55c32209d73e1c1dae9bc30062ad3cb24e6a18bbf9f814a2e326111160942035d1fa49e8a79ce594d500e6319203a2505c5e68c4a03630fe74ebd7215f1fc83f529f51f578d09c4adeb784ca2ba409df2981a73eaa2df05610162e99849ae9a5251ffd454920431008734d7c1b63b344a99c26a76e8605242941d6ba233f3ca0fce79706ac2864670a41145df1f27e813247c2eac46ed09de7675a53e28dff74e6bca0c27c045dc8f166ea229fba1ce113", 0xe3, 0x48000, &(0x7f0000000180)={0x11, 0x18, r2, 0x1, 0xe3, 0x6, @remote}, 0x14) socketpair(0x2, 0x1, 0x0, 0x0) (async) accept4$packet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x14, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) sendto$packet(r0, &(0x7f0000000080)="c3057e5fbdf74fd34698ffa03b2d7f598b77694adbd74bc736fbac6f3f077db5b815f8d15532634f352028c959026975edab55c32209d73e1c1dae9bc30062ad3cb24e6a18bbf9f814a2e326111160942035d1fa49e8a79ce594d500e6319203a2505c5e68c4a03630fe74ebd7215f1fc83f529f51f578d09c4adeb784ca2ba409df2981a73eaa2df05610162e99849ae9a5251ffd454920431008734d7c1b63b344a99c26a76e8605242941d6ba233f3ca0fce79706ac2864670a41145df1f27e813247c2eac46ed09de7675a53e28dff74e6bca0c27c045dc8f166ea229fba1ce113", 0xe3, 0x48000, &(0x7f0000000180)={0x11, 0x18, r2, 0x1, 0xe3, 0x6, @remote}, 0x14) (async) 13:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x6], 0x1, 0x80000}) socket$inet6_icmp(0xa, 0x2, 0x3a) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0xa0840) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 686.554063] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 686.561771] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 686.569129] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 686.576421] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 686.583692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 686.590964] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 59) 13:38:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x3}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0]}) 13:38:02 executing program 1: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async, rerun: 32) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f0000000080)={0x6, 0x0, [{0x40000000, 0x5, 0x6, 0x4, 0x6}, {0x40000000, 0x7fff, 0x0, 0x6, 0x4}, {0xd, 0xdf4, 0x401, 0xba7, 0x9}, {0xa, 0x1, 0x1, 0x80000000, 0x8}, {0xb, 0x7, 0x3954baeb, 0x1, 0x8}, {0xa, 0xfffffffe, 0x9, 0xff, 0x1000}]}) (rerun: 32) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) 13:38:02 executing program 3: socketpair(0x2c, 0x1, 0x0, 0x0) socketpair(0x2c, 0x1, 0x0, 0x0) (async) 13:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) socket$phonet(0x23, 0x2, 0x1) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0x8, 0x5, 0x200}) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x40, 0x5}) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(r3, 0xc010640b, &(0x7f0000000040)) 13:38:02 executing program 3: socketpair(0x2c, 0x1, 0x0, 0x0) 13:38:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0]}) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0xffff, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0]}) (async) 13:38:02 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0xfcaa, 0x697, 0x400, 0x2, 0xfffffff9, 0x0, 0x8000], 0x7, 0x400, 0x0, 0xffffffffffffffff}) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x9, 0x2, 0x1], 0x3}) openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 13:38:02 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x14, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) sendto$packet(r0, &(0x7f0000000080)="c3057e5fbdf74fd34698ffa03b2d7f598b77694adbd74bc736fbac6f3f077db5b815f8d15532634f352028c959026975edab55c32209d73e1c1dae9bc30062ad3cb24e6a18bbf9f814a2e326111160942035d1fa49e8a79ce594d500e6319203a2505c5e68c4a03630fe74ebd7215f1fc83f529f51f578d09c4adeb784ca2ba409df2981a73eaa2df05610162e99849ae9a5251ffd454920431008734d7c1b63b344a99c26a76e8605242941d6ba233f3ca0fce79706ac2864670a41145df1f27e813247c2eac46ed09de7675a53e28dff74e6bca0c27c045dc8f166ea229fba1ce113", 0xe3, 0x48000, &(0x7f0000000180)={0x11, 0x18, r2, 0x1, 0xe3, 0x6, @remote}, 0x14) 13:38:02 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) socket$phonet(0x23, 0x2, 0x1) (async) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0x8, 0x5, 0x200}) (async) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x40, 0x5}) (async, rerun: 64) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async, rerun: 64) ioctl$DRM_IOCTL_GEM_OPEN(r3, 0xc010640b, &(0x7f0000000040)) 13:38:02 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) socketpair(0x3, 0x6, 0xd3c9, &(0x7f0000000000)) [ 686.774659] FAULT_INJECTION: forcing a failure. [ 686.774659] name failslab, interval 1, probability 0, space 0, times 0 [ 686.812713] CPU: 1 PID: 14068 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 686.820626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.829976] Call Trace: [ 686.832567] dump_stack+0x1b2/0x281 [ 686.836197] should_fail.cold+0x10a/0x149 [ 686.840348] should_failslab+0xd6/0x130 [ 686.844324] kmem_cache_alloc+0x28e/0x3c0 [ 686.848470] __d_alloc+0x2a/0xa20 [ 686.851934] d_alloc+0x46/0x240 [ 686.855213] __lookup_hash+0x101/0x270 [ 686.859104] ? __inode_permission+0xcd/0x2f0 [ 686.863513] lookup_one_len+0x279/0x3a0 [ 686.867490] ? lookup_one_len_unlocked+0x410/0x410 [ 686.872431] start_creating+0xb0/0x200 [ 686.876321] __debugfs_create_file+0x4f/0x440 [ 686.881252] ? debugfs_create_file+0x37/0x60 [ 686.885662] kvm_dev_ioctl+0xe7f/0x1450 [ 686.889676] ? fsnotify+0x974/0x11b0 [ 686.893387] ? kvm_put_kvm+0xab0/0xab0 [ 686.897275] ? kvm_put_kvm+0xab0/0xab0 [ 686.901161] do_vfs_ioctl+0x75a/0xff0 [ 686.904957] ? lock_acquire+0x170/0x3f0 [ 686.908940] ? ioctl_preallocate+0x1a0/0x1a0 [ 686.913348] ? __fget+0x265/0x3e0 [ 686.916802] ? do_vfs_ioctl+0xff0/0xff0 [ 686.920778] ? security_file_ioctl+0x83/0xb0 [ 686.925182] SyS_ioctl+0x7f/0xb0 [ 686.928560] ? do_vfs_ioctl+0xff0/0xff0 [ 686.932926] do_syscall_64+0x1d5/0x640 [ 686.936818] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 686.942009] RIP: 0033:0x7fa37e383109 [ 686.945713] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 686.953449] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 686.960723] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 686.968083] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:38:02 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0xfcaa, 0x697, 0x400, 0x2, 0xfffffff9, 0x0, 0x8000], 0x7, 0x400, 0x0, 0xffffffffffffffff}) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x9, 0x2, 0x1], 0x3}) openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0xfcaa, 0x697, 0x400, 0x2, 0xfffffff9, 0x0, 0x8000], 0x7, 0x400}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x9, 0x2, 0x1], 0x3}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) [ 686.975359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 686.982611] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 60) 13:38:03 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000000)="73a23451b26a9e8f92607b06463ad9ffeb8161b3e41dd73b5653e14f2236633f22bd850ec64e529848a3ce8c8485265cb28577c1669ee286da8dd658d2f4aed24a6e483ff6b7f64b6aa6294f96782ad48700bed95cb6f3bfb967", 0x5a) 13:38:03 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0xfcaa, 0x697, 0x400, 0x2, 0xfffffff9, 0x0, 0x8000], 0x7, 0x400, 0x0, 0xffffffffffffffff}) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x9, 0x2, 0x1], 0x3}) openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) socket$inet6_udplite(0xa, 0x2, 0x88) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0xfcaa, 0x697, 0x400, 0x2, 0xfffffff9, 0x0, 0x8000], 0x7, 0x400}) (async) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x9, 0x2, 0x1], 0x3}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) 13:38:03 executing program 4: socketpair(0x10, 0xa, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000080)="fb612f6ed3bdf757b86a7f941cfa7a5fb653602e0ade8b0c9d062cf42c17a6bcdb426d0be6827f7e11c21981f8b0cf5e402520603b2d3628121f2ec3eea1bdbdb78405df372423958562f364550b00241bb0c481a7dde46fbc4c278105", 0x5d) 13:38:03 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) socketpair(0x3, 0x6, 0xd3c9, &(0x7f0000000000)) socketpair(0x2, 0x1, 0x0, 0x0) (async) socketpair(0x3, 0x6, 0xd3c9, &(0x7f0000000000)) (async) 13:38:03 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000000)="73a23451b26a9e8f92607b06463ad9ffeb8161b3e41dd73b5653e14f2236633f22bd850ec64e529848a3ce8c8485265cb28577c1669ee286da8dd658d2f4aed24a6e483ff6b7f64b6aa6294f96782ad48700bed95cb6f3bfb967", 0x5a) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000000)="73a23451b26a9e8f92607b06463ad9ffeb8161b3e41dd73b5653e14f2236633f22bd850ec64e529848a3ce8c8485265cb28577c1669ee286da8dd658d2f4aed24a6e483ff6b7f64b6aa6294f96782ad48700bed95cb6f3bfb967", 0x5a) (async) 13:38:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 13:38:03 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) socketpair(0x3, 0x6, 0xd3c9, &(0x7f0000000000)) socketpair(0x2, 0x1, 0x0, 0x0) (async) socketpair(0x3, 0x6, 0xd3c9, &(0x7f0000000000)) (async) 13:38:03 executing program 4: socketpair(0x10, 0xa, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000080)="fb612f6ed3bdf757b86a7f941cfa7a5fb653602e0ade8b0c9d062cf42c17a6bcdb426d0be6827f7e11c21981f8b0cf5e402520603b2d3628121f2ec3eea1bdbdb78405df372423958562f364550b00241bb0c481a7dde46fbc4c278105", 0x5d) 13:38:03 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (rerun: 64) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) socket$phonet(0x23, 0x2, 0x1) (async, rerun: 64) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0x8, 0x5, 0x200}) (rerun: 64) ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000080)={0x40, 0x5}) (async, rerun: 64) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async, rerun: 64) ioctl$DRM_IOCTL_GEM_OPEN(r3, 0xc010640b, &(0x7f0000000040)) [ 687.081345] FAULT_INJECTION: forcing a failure. [ 687.081345] name failslab, interval 1, probability 0, space 0, times 0 [ 687.118973] CPU: 0 PID: 14131 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 13:38:03 executing program 4: socketpair(0x10, 0xa, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000080)="fb612f6ed3bdf757b86a7f941cfa7a5fb653602e0ade8b0c9d062cf42c17a6bcdb426d0be6827f7e11c21981f8b0cf5e402520603b2d3628121f2ec3eea1bdbdb78405df372423958562f364550b00241bb0c481a7dde46fbc4c278105", 0x5d) [ 687.126927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.136282] Call Trace: [ 687.138878] dump_stack+0x1b2/0x281 [ 687.142511] should_fail.cold+0x10a/0x149 [ 687.146666] should_failslab+0xd6/0x130 [ 687.150666] kmem_cache_alloc+0x28e/0x3c0 [ 687.154856] __d_alloc+0x2a/0xa20 [ 687.158310] ? d_lookup+0x172/0x220 [ 687.161941] d_alloc+0x46/0x240 [ 687.165224] __lookup_hash+0x101/0x270 [ 687.169116] ? __inode_permission+0xcd/0x2f0 [ 687.173538] lookup_one_len+0x279/0x3a0 13:38:03 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f0000000000)={{0x0, 0x0, 0x80}}) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000002200)={0xa3, 0x0, &(0x7f00000021c0)}) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000002180)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x400014}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040828bd7000fedbdf25020000000500060005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x51) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000002080)={0x4000000000000000, 0x4, 0x6d7, 0xe32332a007fd2d1a, 0x1e}) [ 687.177518] ? lookup_one_len_unlocked+0x410/0x410 [ 687.182450] start_creating+0xb0/0x200 [ 687.186339] __debugfs_create_file+0x4f/0x440 [ 687.190857] ? debugfs_create_file+0x37/0x60 [ 687.195269] kvm_dev_ioctl+0xe7f/0x1450 [ 687.199246] ? fsnotify+0x974/0x11b0 [ 687.202960] ? kvm_put_kvm+0xab0/0xab0 [ 687.206862] ? kvm_put_kvm+0xab0/0xab0 [ 687.210754] do_vfs_ioctl+0x75a/0xff0 [ 687.214555] ? lock_acquire+0x170/0x3f0 [ 687.218529] ? ioctl_preallocate+0x1a0/0x1a0 [ 687.222968] ? __fget+0x265/0x3e0 [ 687.226421] ? do_vfs_ioctl+0xff0/0xff0 [ 687.230393] ? security_file_ioctl+0x83/0xb0 [ 687.234832] SyS_ioctl+0x7f/0xb0 [ 687.238196] ? do_vfs_ioctl+0xff0/0xff0 [ 687.242170] do_syscall_64+0x1d5/0x640 [ 687.246062] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 687.251243] RIP: 0033:0x7fa37e383109 [ 687.254949] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 687.262653] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 687.269930] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 687.277201] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 687.284469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 687.291883] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:03 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 61) 13:38:03 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f0000000000)={{0x0, 0x0, 0x80}}) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000002200)={0xa3, 0x0, &(0x7f00000021c0)}) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000002180)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x400014}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040828bd7000fedbdf25020000000500060005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x51) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000002080)={0x4000000000000000, 0x4, 0x6d7, 0xe32332a007fd2d1a, 0x1e}) socketpair(0x2, 0x1, 0x0, 0x0) (async) ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f0000000000)={{0x0, 0x0, 0x80}}) (async) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000002200)={0xa3, 0x0, &(0x7f00000021c0)}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000002180)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x400014}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040828bd7000fedbdf25020000000500060005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x51) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000002080)={0x4000000000000000, 0x4, 0x6d7, 0xe32332a007fd2d1a, 0x1e}) (async) 13:38:03 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000000)="73a23451b26a9e8f92607b06463ad9ffeb8161b3e41dd73b5653e14f2236633f22bd850ec64e529848a3ce8c8485265cb28577c1669ee286da8dd658d2f4aed24a6e483ff6b7f64b6aa6294f96782ad48700bed95cb6f3bfb967", 0x5a) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) setsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000000000)="73a23451b26a9e8f92607b06463ad9ffeb8161b3e41dd73b5653e14f2236633f22bd850ec64e529848a3ce8c8485265cb28577c1669ee286da8dd658d2f4aed24a6e483ff6b7f64b6aa6294f96782ad48700bed95cb6f3bfb967", 0x5a) (async) 13:38:03 executing program 3: bind$802154_dgram(0xffffffffffffffff, &(0x7f00000000c0)={0x24, @none={0x0, 0x3}}, 0x14) socketpair(0x2, 0x1, 0x1000, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl0\x00', r2, 0x29, 0x2, 0x39, 0x3, 0xd, @private2, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x7800, 0x7, 0x2, 0x9}}) 13:38:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) 13:38:03 executing program 3: bind$802154_dgram(0xffffffffffffffff, &(0x7f00000000c0)={0x24, @none={0x0, 0x3}}, 0x14) (async) socketpair(0x2, 0x1, 0x1000, 0x0) (async, rerun: 32) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async, rerun: 32) r1 = socket$packet(0x11, 0x3, 0x300) (rerun: 32) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async, rerun: 64) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl0\x00', r2, 0x29, 0x2, 0x39, 0x3, 0xd, @private2, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x7800, 0x7, 0x2, 0x9}}) (rerun: 64) 13:38:03 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f0000000000)={{0x0, 0x0, 0x80}}) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000002200)={0xa3, 0x0, &(0x7f00000021c0)}) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000002180)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x400014}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040828bd7000fedbdf25020000000500060005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x51) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000002080)={0x4000000000000000, 0x4, 0x6d7, 0xe32332a007fd2d1a, 0x1e}) socketpair(0x2, 0x1, 0x0, 0x0) (async) ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f0000000000)={{0x0, 0x0, 0x80}}) (async) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000002200)={0xa3, 0x0, &(0x7f00000021c0)}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) sendmsg$SEG6_CMD_DUMPHMAC(r0, &(0x7f0000002180)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x400014}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040828bd7000fedbdf25020000000500060005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x51) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000002080)={0x4000000000000000, 0x4, 0x6d7, 0xe32332a007fd2d1a, 0x1e}) (async) 13:38:03 executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = socket$nl_generic(0x10, 0x3, 0x10) accept4$packet(r0, 0x0, 0x0, 0x0) r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x10, 0x1004}, 0xffffffffffffff1f) 13:38:03 executing program 3: bind$802154_dgram(0xffffffffffffffff, &(0x7f00000000c0)={0x24, @none={0x0, 0x3}}, 0x14) (async) socketpair(0x2, 0x1, 0x1000, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl0\x00', r2, 0x29, 0x2, 0x39, 0x3, 0xd, @private2, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x7800, 0x7, 0x2, 0x9}}) [ 687.598924] FAULT_INJECTION: forcing a failure. [ 687.598924] name failslab, interval 1, probability 0, space 0, times 0 [ 687.677391] CPU: 1 PID: 14352 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 687.685296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.694653] Call Trace: [ 687.697254] dump_stack+0x1b2/0x281 [ 687.700946] should_fail.cold+0x10a/0x149 [ 687.705138] should_failslab+0xd6/0x130 [ 687.709119] kmem_cache_alloc+0x28e/0x3c0 [ 687.713276] alloc_inode+0xa0/0x170 [ 687.716942] new_inode+0x1d/0xf0 [ 687.720311] debugfs_get_inode+0x1a/0x130 [ 687.724466] __debugfs_create_file+0x93/0x440 [ 687.728968] ? debugfs_create_file+0x37/0x60 [ 687.733380] kvm_dev_ioctl+0xe7f/0x1450 [ 687.737365] ? fsnotify+0x974/0x11b0 [ 687.741088] ? kvm_put_kvm+0xab0/0xab0 [ 687.744986] ? kvm_put_kvm+0xab0/0xab0 [ 687.748878] do_vfs_ioctl+0x75a/0xff0 [ 687.752697] ? lock_acquire+0x170/0x3f0 [ 687.756796] ? ioctl_preallocate+0x1a0/0x1a0 [ 687.761214] ? __fget+0x265/0x3e0 [ 687.764677] ? do_vfs_ioctl+0xff0/0xff0 [ 687.768658] ? security_file_ioctl+0x83/0xb0 [ 687.773073] SyS_ioctl+0x7f/0xb0 [ 687.776442] ? do_vfs_ioctl+0xff0/0xff0 [ 687.780420] do_syscall_64+0x1d5/0x640 [ 687.784321] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 687.789509] RIP: 0033:0x7fa37e383109 [ 687.793214] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 687.800923] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 687.808194] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 687.815468] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 687.822746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 687.830019] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:04 executing program 3: socketpair(0x2c, 0x1, 0x0, 0x0) 13:38:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x52403, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)) 13:38:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 13:38:04 executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = socket$nl_generic(0x10, 0x3, 0x10) accept4$packet(r0, 0x0, 0x0, 0x0) (async) r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x10, 0x1004}, 0xffffffffffffff1f) 13:38:04 executing program 4: socketpair(0x18, 0x2, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000000c0)={0x2, 0xb0, &(0x7f0000000000)=""/176}) 13:38:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 62) 13:38:04 executing program 3: socketpair(0x2c, 0x1, 0x0, 0x0) socketpair(0x2c, 0x1, 0x0, 0x0) (async) 13:38:04 executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = socket$nl_generic(0x10, 0x3, 0x10) accept4$packet(r0, 0x0, 0x0, 0x0) r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x10, 0x1004}, 0xffffffffffffff1f) socket$packet(0x11, 0x3, 0x300) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) accept4$packet(r0, 0x0, 0x0, 0x0) (async) accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000140)={0x10, 0x1004}, 0xffffffffffffff1f) (async) 13:38:04 executing program 4: socketpair(0x18, 0x2, 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000000c0)={0x2, 0xb0, &(0x7f0000000000)=""/176}) 13:38:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) 13:38:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x52403, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x52403, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)) (async) 13:38:04 executing program 3: socketpair(0x2c, 0x1, 0x0, 0x0) socketpair(0x2c, 0x1, 0x0, 0x0) (async) [ 688.481618] FAULT_INJECTION: forcing a failure. [ 688.481618] name failslab, interval 1, probability 0, space 0, times 0 [ 688.534911] CPU: 1 PID: 14623 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 688.542905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.552259] Call Trace: [ 688.554848] dump_stack+0x1b2/0x281 [ 688.558499] should_fail.cold+0x10a/0x149 [ 688.562653] should_failslab+0xd6/0x130 [ 688.566638] kmem_cache_alloc_trace+0x29a/0x3d0 [ 688.571306] ? debugfs_create_file+0x37/0x60 [ 688.575721] kvm_dev_ioctl+0xce6/0x1450 [ 688.579699] ? fsnotify+0x974/0x11b0 [ 688.583415] ? kvm_put_kvm+0xab0/0xab0 [ 688.587307] ? kvm_put_kvm+0xab0/0xab0 [ 688.591191] do_vfs_ioctl+0x75a/0xff0 [ 688.594991] ? lock_acquire+0x170/0x3f0 [ 688.598969] ? ioctl_preallocate+0x1a0/0x1a0 [ 688.603380] ? __fget+0x265/0x3e0 [ 688.606833] ? do_vfs_ioctl+0xff0/0xff0 [ 688.610811] ? security_file_ioctl+0x83/0xb0 [ 688.615218] SyS_ioctl+0x7f/0xb0 [ 688.618578] ? do_vfs_ioctl+0xff0/0xff0 [ 688.622553] do_syscall_64+0x1d5/0x640 [ 688.626446] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 688.631635] RIP: 0033:0x7fa37e383109 13:38:04 executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) bind$packet(r0, &(0x7f0000000000)={0x11, 0xf8, 0x0, 0x1, 0x4}, 0x14) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x2000}, 0x60) 13:38:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) 13:38:04 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x52403, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)) 13:38:04 executing program 4: socketpair(0x18, 0x2, 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f00000000c0)={0x2, 0xb0, &(0x7f0000000000)=""/176}) 13:38:04 executing program 3: add_key$keyring(&(0x7f0000001500), &(0x7f0000001540)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="3b9df53a33786dab3b4e8a047fd681481e5c84eee78a2e8799de1d3fee0760cd46338bf41ae7f2ab33a46e5296157c3960d6d18837f3260349e51c228bcd5446ef29a4015965baa64e0de9b23b1a91b82ac619725f236d2bdb2712e28242e84859edfd87edb257d39dbe04dd81c518fbd723122ccad68ebe51310413c180d9d03b9fd4e9c9764102bde0f2e6b800436bcc8d261fbbba2e023a290b80986b", 0x9e, 0xfffffffffffffffa) r0 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)="82fed0d101abdb922c33869127a78ab60b1a6f931211318f99acc60eb444de3607b58bee91b52a9136f344049e35ee6ef3c6a80720f1b6e8641b88262de8af360bfc5e8067e1fb48b81ee29b29d0d7f5716a758a7209c62893193cdce9760cfb812815ed0002d9b571e1fe8f2a9f59cc4f8d01255fc13f4a2cc5f1f30bbda257b79ea9a6cfde538155837438d7fa9688172ae4c960c7e8b8850f0fb4f60057d80e9753c2139c3f0807cb00e7535465f7349ff7fdac19a23f0562152a26979c2dc37187572f01c11940365afed449", 0xce, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r1) add_key$user(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)="1b5d1d0afa7ad6402b09a50a8dde34a2d2a6d2e99ff29aabdde3fd36e12df3e3ac90233606bc03a648c92fd327519d89fa9c6b08a3a7b64d329beef19769582dbd3f21f558e4891f4b7ecd4e5191c273e921d1730cb67059b43e07299473923de453e9b57be959383f49e26ac4d2e35d1ba87862f7c7c1e9a9bf692c466a3921ff28e0cba2e0d3c260aeb246e581492a094a3cfe2f67fcd8325fd09767a05f7c5b1b37594f4fdceb54d75c2068fd2b2321b215c00c3788aa9bcf31ec45ee8bac2444be7b2f54b08a4c57061e5beb92f28e208dd81c17485e823924aef16c3dc4aeb419e2595b417c28b01e2b7d7e45252fd89b32aa53326771117ab0291172fe6b733b4df94c7f25954f4fa384a17407a795071f0194e1b1d244500e6c17118b8f8c9be6296ecf81125d84da2bb293ea97de858a88ea7a4946709f06f0897c648d7ca03ad17caa436b8fd18e7830e59e760526c717ae8202660ef10c3f18dc02ca3fb7f5db95f2ea83aadcbdb67918bf30bbbaed11b6f9bc83bcb710623c02635e76fb43b9104c5d44101bd6a50cdbda54f00cc2044b41d4c328af823b0bdafc6b2d0a92dfd63299abf7248cfdb28601d4975aa17bdc6c84ee542524e286fdcbfef2834cf1571c435fecfad153114f50003bb27825eb83e684c7fbf7140dbad65fbbb9de2d21ddbb824aa8a27fb3cc219ab277336b9615c14525f31a62e071660a20ae1827363a05bc691161a582e0624374425f9dd498ddb494384622094b5c65ac7b7cfdcdfa18afe8e869761715355982b189f0850c268a687f13c9834b6ca1faefccbf63774da3ae4ddcf026d994fa95770596da5401ca8a01d42f3e7a01fb94102142eeeeae0b0b187eea74baafa89c2957e87641d0ce81e0bdebaa5cc55054f1c1aa145c4285b28fde6200c6fd00ca7f9feb6f5d7ef83301b23ffd39991a75e665a78d6b8c5391770114fe7fc31d3ca016484f30e6d8b320b8ff90f06a55be4cd58bd415accdd0beeaf6c6e3187376547a13b241c602c918403b8d324e79e1065458f8ade394370de1785d38c4219bbae84529fa0f1a52e21042df30283cd20cc68347816a98a2455c188e0493191fe1ba4fb0e0d5d4ee565750312e05a601ef72b44e5fe434bab29431b4fcda7df2849794452c7c52d497d9d6b3dcc3ea72640ae5310135d6a893fc920ea97a443d2d9920f2cbe95e1e5e76ee6324450835e370511600e9501a2e8576a346229702b312b6249fc0f25c1a8595fcff493b448352c6b8f7532d525b0c6f7f95f3a3d5df79ab245da2b325b97f68df645479a004501c95b3c90ec9c17ae2259cb09f413dfe13298fd19a449db71af0004903d5327cac3b3ab390b471d732174f202610ab5d8b8591986884e02126f829428e6fba0d8a600f86d71d9fbe4c1767873f85a40ba09acd700c44b949ed525aa3f12b2e99bf78c3a6063fdee0c2c9e004bf977387a3f0cc6fbebec628e3155902859c6bd2126cf340c1cebfaa689f822f405979155d3734e3ab30b1c7a1ec8a5b9536d0b1b97101aec7fb76168da2d5767661a6d0a1fbf3475acac2f6dd0475b39bf35654d05af78753707f04f8cec568b94b958044eaf4b57e8960508ec200abce127fb0e0b03d4ea9dac6909dab3259ccedcd73d8d2de81bbac66248fbbeb36ee93a19fdd237101510002a9a642745fe9f0a69a2b71977d530f9ef0b85d269844b06280ec01d79bddb3c2872bd4a0a8e62d2c1af3ee0b083470725d818fdd9f7517d15572e8c7174bf8634321edf6290c0e0fa57de8de08b9d8cfdfbc86b182fc25ea4b990b2620028446ce476c1678df924177e9ef5e9b5a27f8dd70b23336c30c6dff5bb89c993f7da8bdeec62dcd78da177f855433f509da0ffb379bedfb1147aed20e0a1bc91ab8122a25dab0acf74f1f16dbb3801c00a90bb9f6bdca124982282a1823658ce9a027da84e1978ed37daea605b12fcc76a9c7cf3527d46c69a9bd4acfa3ce296f311d92058a9c7e9e52aa13f60c2c8f2241b49c44796f1ccb31f8b3a5da07b52a4fa9f833383530741b2dc291a90cd020b077f00cca877c95cd61f8b12c5be89882941594ff7fbd9bf8c218a48cc2caf8f83958842b1edcec697ff2d3ea41395a907ce2dc1683807554917c7ad08a7a3c0478cc2286416fca105f2b3b30b1ecd27b52b104583651c43a24fe7529ddc1659f3b60be48b6194d120feeb323a3ee50cbfe2af5bfd359476e6af984ec51051e209eceb61809bc3c32e8a2df95da0a12a9985c139f222c80b5524e6cdb7b280ed401ff7c7f7da2d726e9df8e9e5a875bde89ce82d7c28aa9bd09cb1ae493244ab0c90af0dde31c2b3f4fc113f9f1f19b3553306fb75714c6e3bf1a8203877a5921f8bf7e90e632b56f046384f8baf38a9958423e1af0e57e710199ae9921627fed4586fca8ebd124ca70fd1c89306041a0b570bed23341c82a4da5e2a5e1d971f8d223d794aa4ed01aa9a3c9e1da6ca4be89d603b684eac9badd58c5b26cfde5c1b40c9dc84d711417f36f9fecd2dc7b3eae1e0e97e62b6071ab8a9dd3ae05fc716b0b0f2bf17a0127ba10004cc5bb74272767355ff19c467a2d02dcbe2bd85fc2297fbad25f487118c4dce14b039dfe8264c0bcac4216ca4cd8668abe9d94e3e28854e2c5211f526b01eb5a93fc7dac54a2496c92f85d35199dd2cfed3ab4ae54bcf981b50d859617bc6584b77ed3a1f36db7d11daa5bf742bed51546eefbccaa318acc5cb2685b74b6cd259dcda2336b4b1e992f3cdd81d485e0170514bb9d95524e00092c3967a69b19bd14260b02a7c7c9679437bf4ed37075ae4c55a709096fea97923e9deb85751d49b1ce500a8f8bd8ae731348a07a2e9faff571fdae595acd5072d3501bc16e8332cc67964d8fbae744d3f8c18c41d98518acbcf28cf22ebae995137bf8c2695db6f8bb46879186ff0a8ee98c73c4405f9cc216bdb3ad7fab93533cde06c66d00ed1ef78668dba405953d53d49d03953ead6bc640a2774e8647fd1c0d27297813963cab6f0f36948cad1816e65a766976153754611de8b5619222ac466f440750f572db8a80ad7fb2b9540f55f401104152d5bd9cf43fc223d0dadae78ee0e49e6af05101a464074429ee89331eaec323a9a0c5db76356bc89e17d113036bb4147e728d709a2763d425c393d6f77072b6fd503870bbcbb1b8a74bb062fe9e94836ea03ef1dc5d39dfa2efa70480aaa0f720d02b2872034e0a6894a5c8b8a5deb39869e9fb96069c99e7405851c11c5b1c1d532ee7849215b79030a41c8bfd3ff50e490cfe924163ed8c1cd7dba646684b0297d12d3f5ab45d94b5dcb9a71c670940772fbb7b3c848362173e0598e41e32b2591cdd481de841cee2af68ec9172352b7f48427e50965c1d2d287c7ed3b415e64541a7e07a42a3b79e93170d14876ac3daf2c8894450ebc183bff3c09c47e40f214b3a4ca92c3985199d816eb9ddf18d5672bc1f58007ecf13f0a53367466f5d078434e42cb9e90a4b0edb9f1f9a1db6a51e7230197fd75b9675062ca13d8301b8263cc55721e48a33492aedb4d6f66e7b24d963288382d552a7a8a4bd73aaca5d9b0a9b0ee8063b555703793777c594ee735f93bd21e739a472279d3e85f6b8ac258791e8549ca3147abff85d361831435e318e4c5c7d4bc7eff3f0fc72ee4264f01607022cfb80cbb9c2611b63b1fcd0e8dcbccb3262d1a7fe7d34d5bc16ffb274dd15d60ad4f6366759c7066851ff19f0696c02052c14c6a43baac5168be2e872d534ac0b80f231a8203fe7306b0da28bc938677a4d31a02a07dc4d74232dda97a67609f0e33efd61c6b92e9d340207a8b416f1afc276d9ee3b8404f88b5d549615346ddf487beb2017cfab7addab0877936b78b96602203268520996af550a073b5ae57b11fa07dce54b34f133f6dd43a6e94409db399a883d2bfdf528cc2b181819254b545cb0393589895cde9b1b5f3f6fa35312f4c58975b23c5a21665ac9ea94ff86bfff0bb8769251520468461dbfaff5bd795f36eb71306a1433696ab419fc3f0403c8fc29ee928480e18e8055cd7441e1cfea27d03a6d0112848228f85ae00ad59af7766fb62313885480e9ae0be4b26ff2154e872976222385a52e0174fc82b9955db9e32f39e9bb25d5efe60416989a979dc90d4e66a7333203dfcfcb23edc40f020e5ad1234357b59b5c9612e2fa8d53fa7d03f9aad8614f8e1fe4f0d1fe327da52542daccf739230aa5961465cac9fd75a3689eea83c06122ecaf580ead1b710496383f7dd973598a48d39180aad13d94b9fb9d829218015541188f50157d8ff5d71bf6f709ef827e3fe837701aa31a674d556d9ccff8b9e61f50436c288c5d5e03a128954d5a10c685ccf90313d6e1567411e517d0d454bd8f82e216d1da47aca961d925066182af8e44174180c2d9566fa4ceab062f4a3f298bf1dc5c471d24412b4971e5c7a772f6878c1801f20e3f6a9e0cf4a80a4101a5703ff4384e12068f0e7f87ac3b55c8035f8fc15800055d4cadd32cabd8fd8ac606ed0743931a63568c6e69c9592f03ecbc8c96555096b6018c8fa7df5a5667103aace8edcf838962d6ca00122961697f8851f3d72b47444961eca0e2831c0b7d7acbc1704abb2e1ec4a7861befce03adb5e8c089fa4d122f9d148df1fda03321ef4a9a718d103af57fb4cb1fc61b08fef52f8000d8f469e3129ffaef944cd614541ca550621f068765241917ada3c15db3bbbb258f8f7d906bf3322bfcb01bcec127df7f24d0e932595c1a0904ca3200366b2620ac14e134e68dd71b2f2eaec8a65d3d8dd41e8a90a52e5707e4ca659e68fa942f6f3ce3adb7dd86cc062e013be01c8c9fc1f11af8e0305e47ad72871f642035b1b2ae49f2013eea9be0a5bf7c1d5bcfc55cc901863a4058ac8d667ddf947a2fe8127d423391fa707c4ddc58fc479c976bf0470c26b8afa23034db3f151c1e5e58dfe4d1118b4ded2498ce8f6af484d4ad6d880127799ad65b08580bf18191635b08e7853c6d2a4fb94df2aed379d9d58598fd5b6c00c158e4a699fdca34d24528c4888d3def2a8d2d6f553aeceec72eb37d7d1aacbede9734129ff26c29bae76e4dd8c36e2550a7da78cf9071b6c168d7969326b6cfe9cda58487f9ef6041d1b0bcb98ae4cfdbef320a590c4b908681a4b0a1ebfc2bde96c69dad6e97001778e1a73b6cdffe42fd4fc0cbeab5e2d423218dcd3f84d64c2ae1ddcdb4cd35e430628017662bdef801339c6a0209017bf10ff95f57aacb27454c1e903303945fdc919fb339a655e64687f6cc8f08d170d7770636bf6d7d03df3823c0d2e0895f9d897a30b2aa33ad57ad713580b0551057ac6ae674df9013fa297961d2eefab5ddd4b2cad5affba546ae58921e11df88d5f6756b3e12abd7f4a8e951de6a5f0f2e251b4effe7fca8a1b33a0ea938761dbf14ab4eea6308ef3cb78ed8d4c33ee29f59fbc2c77c985ec11a501e1c6c37ea2a312a7cf78716ac6b97a87c7d4659764b6324a8c2c3cb5cdacb46b8a8e93afbb25fc0f7ae09999bfbb54e1257027a118759991985fd9c25cd2b1374c1c2b3a567db00adc3d1031759aaf381289d719efab2b00b5dab7808772792f99c75f4156355336a49bf88f80205fecf6a3874289b9d24da943e37a242747acd59da61d2ecb0b02943ded4acee2b525c6bf80366a046b3e9e4764b04cfe66624fbb2fc15ff5f7b942993db91f50520f854e5d08ac1095bb4d8751e7baedace38def04ac97a3a9db35110ef54", 0x1000, r1) r2 = add_key(&(0x7f0000000240)='id_legacy\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)='|', 0x1, 0xfffffffffffffffd) keyctl$get_keyring_id(0x0, r2, 0x0) keyctl$dh_compute(0x17, &(0x7f00000002c0)={r2, r0, r2}, &(0x7f0000000440)=""/34, 0x22, &(0x7f0000000400)={&(0x7f0000000340)={'crc32c\x00'}, &(0x7f0000000380)="39740c0dbc5433cf99074c49a971e9e7620803ca165bd69726f2d9d5c913c2c6ad0bfc667bec737e09dc633a7242f02efa720c151da76bcbdcd4cbd022848bd2fd4974f077056bf7f51dcd7922eea2ee1262c972bfaf", 0x56}) socketpair(0x2, 0x1, 0x0, 0x0) [ 688.635344] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 688.643055] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 688.650332] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 688.657603] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 688.664876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 688.672150] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:04 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 63) 13:38:04 executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) bind$packet(r0, &(0x7f0000000000)={0x11, 0xf8, 0x0, 0x1, 0x4}, 0x14) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x2000}, 0x60) socket$packet(0x11, 0x3, 0x300) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) bind$packet(r0, &(0x7f0000000000)={0x11, 0xf8, 0x0, 0x1, 0x4}, 0x14) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x2000}, 0x60) (async) 13:38:04 executing program 2: getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000683000002221e95efbd83f26b5a18f831240f6f78b2839aa74721c2c2ff890155fac97fa5e4c000950959674065a1a52fec3c32d38bf004a4dcdd429e6d31b7d2140b6a08fb9e967356b25cfc38c6050dad8c68ab1a56211e94d06a75401f8b4655e76f7386742f3d775d5d318521973ec041781ada924867823da6dcf8411b51a1e6c8e13e9d5eacc439bdaed36412f2a6dc17cfda2491942889ba7028c29f12db609d5816f4000000052afaad9eb6fc7d853aaae02bb797fee3fc7145ddb486b9afabd95d8cc4a76faa411e60816156241cfef31923537356cbc4689aeec1f72266b38f1a2a06ff32bfeab71a2092efe93000000000000345e2f4495c2d48c8da120ec1c72b6ab6aa4487b5084d0cfc7aab345047a392fe07b65777a0fd348e882b7082c0b526a966328e3f0581a1af0ccf7a6b2d32a4d15c01d9d217ca8069e67f4e29f8e467cc98d383d5c885617ca4cb43e8de03fcab40d7e87f429e09acd96268e59ea009c4732c4f0699758aabdd88b95aab2e1445cdfd3a160c1f1cc1da200cd8417d1037f73"]) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='^.&^\xad\x00') 13:38:04 executing program 3: add_key$keyring(&(0x7f0000001500), &(0x7f0000001540)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="3b9df53a33786dab3b4e8a047fd681481e5c84eee78a2e8799de1d3fee0760cd46338bf41ae7f2ab33a46e5296157c3960d6d18837f3260349e51c228bcd5446ef29a4015965baa64e0de9b23b1a91b82ac619725f236d2bdb2712e28242e84859edfd87edb257d39dbe04dd81c518fbd723122ccad68ebe51310413c180d9d03b9fd4e9c9764102bde0f2e6b800436bcc8d261fbbba2e023a290b80986b", 0x9e, 0xfffffffffffffffa) r0 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)="82fed0d101abdb922c33869127a78ab60b1a6f931211318f99acc60eb444de3607b58bee91b52a9136f344049e35ee6ef3c6a80720f1b6e8641b88262de8af360bfc5e8067e1fb48b81ee29b29d0d7f5716a758a7209c62893193cdce9760cfb812815ed0002d9b571e1fe8f2a9f59cc4f8d01255fc13f4a2cc5f1f30bbda257b79ea9a6cfde538155837438d7fa9688172ae4c960c7e8b8850f0fb4f60057d80e9753c2139c3f0807cb00e7535465f7349ff7fdac19a23f0562152a26979c2dc37187572f01c11940365afed449", 0xce, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r1) add_key$user(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)="1b5d1d0afa7ad6402b09a50a8dde34a2d2a6d2e99ff29aabdde3fd36e12df3e3ac90233606bc03a648c92fd327519d89fa9c6b08a3a7b64d329beef19769582dbd3f21f558e4891f4b7ecd4e5191c273e921d1730cb67059b43e07299473923de453e9b57be959383f49e26ac4d2e35d1ba87862f7c7c1e9a9bf692c466a3921ff28e0cba2e0d3c260aeb246e581492a094a3cfe2f67fcd8325fd09767a05f7c5b1b37594f4fdceb54d75c2068fd2b2321b215c00c3788aa9bcf31ec45ee8bac2444be7b2f54b08a4c57061e5beb92f28e208dd81c17485e823924aef16c3dc4aeb419e2595b417c28b01e2b7d7e45252fd89b32aa53326771117ab0291172fe6b733b4df94c7f25954f4fa384a17407a795071f0194e1b1d244500e6c17118b8f8c9be6296ecf81125d84da2bb293ea97de858a88ea7a4946709f06f0897c648d7ca03ad17caa436b8fd18e7830e59e760526c717ae8202660ef10c3f18dc02ca3fb7f5db95f2ea83aadcbdb67918bf30bbbaed11b6f9bc83bcb710623c02635e76fb43b9104c5d44101bd6a50cdbda54f00cc2044b41d4c328af823b0bdafc6b2d0a92dfd63299abf7248cfdb28601d4975aa17bdc6c84ee542524e286fdcbfef2834cf1571c435fecfad153114f50003bb27825eb83e684c7fbf7140dbad65fbbb9de2d21ddbb824aa8a27fb3cc219ab277336b9615c14525f31a62e071660a20ae1827363a05bc691161a582e0624374425f9dd498ddb494384622094b5c65ac7b7cfdcdfa18afe8e869761715355982b189f0850c268a687f13c9834b6ca1faefccbf63774da3ae4ddcf026d994fa95770596da5401ca8a01d42f3e7a01fb94102142eeeeae0b0b187eea74baafa89c2957e87641d0ce81e0bdebaa5cc55054f1c1aa145c4285b28fde6200c6fd00ca7f9feb6f5d7ef83301b23ffd39991a75e665a78d6b8c5391770114fe7fc31d3ca016484f30e6d8b320b8ff90f06a55be4cd58bd415accdd0beeaf6c6e3187376547a13b241c602c918403b8d324e79e1065458f8ade394370de1785d38c4219bbae84529fa0f1a52e21042df30283cd20cc68347816a98a2455c188e0493191fe1ba4fb0e0d5d4ee565750312e05a601ef72b44e5fe434bab29431b4fcda7df2849794452c7c52d497d9d6b3dcc3ea72640ae5310135d6a893fc920ea97a443d2d9920f2cbe95e1e5e76ee6324450835e370511600e9501a2e8576a346229702b312b6249fc0f25c1a8595fcff493b448352c6b8f7532d525b0c6f7f95f3a3d5df79ab245da2b325b97f68df645479a004501c95b3c90ec9c17ae2259cb09f413dfe13298fd19a449db71af0004903d5327cac3b3ab390b471d732174f202610ab5d8b8591986884e02126f829428e6fba0d8a600f86d71d9fbe4c1767873f85a40ba09acd700c44b949ed525aa3f12b2e99bf78c3a6063fdee0c2c9e004bf977387a3f0cc6fbebec628e3155902859c6bd2126cf340c1cebfaa689f822f405979155d3734e3ab30b1c7a1ec8a5b9536d0b1b97101aec7fb76168da2d5767661a6d0a1fbf3475acac2f6dd0475b39bf35654d05af78753707f04f8cec568b94b958044eaf4b57e8960508ec200abce127fb0e0b03d4ea9dac6909dab3259ccedcd73d8d2de81bbac66248fbbeb36ee93a19fdd237101510002a9a642745fe9f0a69a2b71977d530f9ef0b85d269844b06280ec01d79bddb3c2872bd4a0a8e62d2c1af3ee0b083470725d818fdd9f7517d15572e8c7174bf8634321edf6290c0e0fa57de8de08b9d8cfdfbc86b182fc25ea4b990b2620028446ce476c1678df924177e9ef5e9b5a27f8dd70b23336c30c6dff5bb89c993f7da8bdeec62dcd78da177f855433f509da0ffb379bedfb1147aed20e0a1bc91ab8122a25dab0acf74f1f16dbb3801c00a90bb9f6bdca124982282a1823658ce9a027da84e1978ed37daea605b12fcc76a9c7cf3527d46c69a9bd4acfa3ce296f311d92058a9c7e9e52aa13f60c2c8f2241b49c44796f1ccb31f8b3a5da07b52a4fa9f833383530741b2dc291a90cd020b077f00cca877c95cd61f8b12c5be89882941594ff7fbd9bf8c218a48cc2caf8f83958842b1edcec697ff2d3ea41395a907ce2dc1683807554917c7ad08a7a3c0478cc2286416fca105f2b3b30b1ecd27b52b104583651c43a24fe7529ddc1659f3b60be48b6194d120feeb323a3ee50cbfe2af5bfd359476e6af984ec51051e209eceb61809bc3c32e8a2df95da0a12a9985c139f222c80b5524e6cdb7b280ed401ff7c7f7da2d726e9df8e9e5a875bde89ce82d7c28aa9bd09cb1ae493244ab0c90af0dde31c2b3f4fc113f9f1f19b3553306fb75714c6e3bf1a8203877a5921f8bf7e90e632b56f046384f8baf38a9958423e1af0e57e710199ae9921627fed4586fca8ebd124ca70fd1c89306041a0b570bed23341c82a4da5e2a5e1d971f8d223d794aa4ed01aa9a3c9e1da6ca4be89d603b684eac9badd58c5b26cfde5c1b40c9dc84d711417f36f9fecd2dc7b3eae1e0e97e62b6071ab8a9dd3ae05fc716b0b0f2bf17a0127ba10004cc5bb74272767355ff19c467a2d02dcbe2bd85fc2297fbad25f487118c4dce14b039dfe8264c0bcac4216ca4cd8668abe9d94e3e28854e2c5211f526b01eb5a93fc7dac54a2496c92f85d35199dd2cfed3ab4ae54bcf981b50d859617bc6584b77ed3a1f36db7d11daa5bf742bed51546eefbccaa318acc5cb2685b74b6cd259dcda2336b4b1e992f3cdd81d485e0170514bb9d95524e00092c3967a69b19bd14260b02a7c7c9679437bf4ed37075ae4c55a709096fea97923e9deb85751d49b1ce500a8f8bd8ae731348a07a2e9faff571fdae595acd5072d3501bc16e8332cc67964d8fbae744d3f8c18c41d98518acbcf28cf22ebae995137bf8c2695db6f8bb46879186ff0a8ee98c73c4405f9cc216bdb3ad7fab93533cde06c66d00ed1ef78668dba405953d53d49d03953ead6bc640a2774e8647fd1c0d27297813963cab6f0f36948cad1816e65a766976153754611de8b5619222ac466f440750f572db8a80ad7fb2b9540f55f401104152d5bd9cf43fc223d0dadae78ee0e49e6af05101a464074429ee89331eaec323a9a0c5db76356bc89e17d113036bb4147e728d709a2763d425c393d6f77072b6fd503870bbcbb1b8a74bb062fe9e94836ea03ef1dc5d39dfa2efa70480aaa0f720d02b2872034e0a6894a5c8b8a5deb39869e9fb96069c99e7405851c11c5b1c1d532ee7849215b79030a41c8bfd3ff50e490cfe924163ed8c1cd7dba646684b0297d12d3f5ab45d94b5dcb9a71c670940772fbb7b3c848362173e0598e41e32b2591cdd481de841cee2af68ec9172352b7f48427e50965c1d2d287c7ed3b415e64541a7e07a42a3b79e93170d14876ac3daf2c8894450ebc183bff3c09c47e40f214b3a4ca92c3985199d816eb9ddf18d5672bc1f58007ecf13f0a53367466f5d078434e42cb9e90a4b0edb9f1f9a1db6a51e7230197fd75b9675062ca13d8301b8263cc55721e48a33492aedb4d6f66e7b24d963288382d552a7a8a4bd73aaca5d9b0a9b0ee8063b555703793777c594ee735f93bd21e739a472279d3e85f6b8ac258791e8549ca3147abff85d361831435e318e4c5c7d4bc7eff3f0fc72ee4264f01607022cfb80cbb9c2611b63b1fcd0e8dcbccb3262d1a7fe7d34d5bc16ffb274dd15d60ad4f6366759c7066851ff19f0696c02052c14c6a43baac5168be2e872d534ac0b80f231a8203fe7306b0da28bc938677a4d31a02a07dc4d74232dda97a67609f0e33efd61c6b92e9d340207a8b416f1afc276d9ee3b8404f88b5d549615346ddf487beb2017cfab7addab0877936b78b96602203268520996af550a073b5ae57b11fa07dce54b34f133f6dd43a6e94409db399a883d2bfdf528cc2b181819254b545cb0393589895cde9b1b5f3f6fa35312f4c58975b23c5a21665ac9ea94ff86bfff0bb8769251520468461dbfaff5bd795f36eb71306a1433696ab419fc3f0403c8fc29ee928480e18e8055cd7441e1cfea27d03a6d0112848228f85ae00ad59af7766fb62313885480e9ae0be4b26ff2154e872976222385a52e0174fc82b9955db9e32f39e9bb25d5efe60416989a979dc90d4e66a7333203dfcfcb23edc40f020e5ad1234357b59b5c9612e2fa8d53fa7d03f9aad8614f8e1fe4f0d1fe327da52542daccf739230aa5961465cac9fd75a3689eea83c06122ecaf580ead1b710496383f7dd973598a48d39180aad13d94b9fb9d829218015541188f50157d8ff5d71bf6f709ef827e3fe837701aa31a674d556d9ccff8b9e61f50436c288c5d5e03a128954d5a10c685ccf90313d6e1567411e517d0d454bd8f82e216d1da47aca961d925066182af8e44174180c2d9566fa4ceab062f4a3f298bf1dc5c471d24412b4971e5c7a772f6878c1801f20e3f6a9e0cf4a80a4101a5703ff4384e12068f0e7f87ac3b55c8035f8fc15800055d4cadd32cabd8fd8ac606ed0743931a63568c6e69c9592f03ecbc8c96555096b6018c8fa7df5a5667103aace8edcf838962d6ca00122961697f8851f3d72b47444961eca0e2831c0b7d7acbc1704abb2e1ec4a7861befce03adb5e8c089fa4d122f9d148df1fda03321ef4a9a718d103af57fb4cb1fc61b08fef52f8000d8f469e3129ffaef944cd614541ca550621f068765241917ada3c15db3bbbb258f8f7d906bf3322bfcb01bcec127df7f24d0e932595c1a0904ca3200366b2620ac14e134e68dd71b2f2eaec8a65d3d8dd41e8a90a52e5707e4ca659e68fa942f6f3ce3adb7dd86cc062e013be01c8c9fc1f11af8e0305e47ad72871f642035b1b2ae49f2013eea9be0a5bf7c1d5bcfc55cc901863a4058ac8d667ddf947a2fe8127d423391fa707c4ddc58fc479c976bf0470c26b8afa23034db3f151c1e5e58dfe4d1118b4ded2498ce8f6af484d4ad6d880127799ad65b08580bf18191635b08e7853c6d2a4fb94df2aed379d9d58598fd5b6c00c158e4a699fdca34d24528c4888d3def2a8d2d6f553aeceec72eb37d7d1aacbede9734129ff26c29bae76e4dd8c36e2550a7da78cf9071b6c168d7969326b6cfe9cda58487f9ef6041d1b0bcb98ae4cfdbef320a590c4b908681a4b0a1ebfc2bde96c69dad6e97001778e1a73b6cdffe42fd4fc0cbeab5e2d423218dcd3f84d64c2ae1ddcdb4cd35e430628017662bdef801339c6a0209017bf10ff95f57aacb27454c1e903303945fdc919fb339a655e64687f6cc8f08d170d7770636bf6d7d03df3823c0d2e0895f9d897a30b2aa33ad57ad713580b0551057ac6ae674df9013fa297961d2eefab5ddd4b2cad5affba546ae58921e11df88d5f6756b3e12abd7f4a8e951de6a5f0f2e251b4effe7fca8a1b33a0ea938761dbf14ab4eea6308ef3cb78ed8d4c33ee29f59fbc2c77c985ec11a501e1c6c37ea2a312a7cf78716ac6b97a87c7d4659764b6324a8c2c3cb5cdacb46b8a8e93afbb25fc0f7ae09999bfbb54e1257027a118759991985fd9c25cd2b1374c1c2b3a567db00adc3d1031759aaf381289d719efab2b00b5dab7808772792f99c75f4156355336a49bf88f80205fecf6a3874289b9d24da943e37a242747acd59da61d2ecb0b02943ded4acee2b525c6bf80366a046b3e9e4764b04cfe66624fbb2fc15ff5f7b942993db91f50520f854e5d08ac1095bb4d8751e7baedace38def04ac97a3a9db35110ef54", 0x1000, r1) r2 = add_key(&(0x7f0000000240)='id_legacy\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)='|', 0x1, 0xfffffffffffffffd) keyctl$get_keyring_id(0x0, r2, 0x0) keyctl$dh_compute(0x17, &(0x7f00000002c0)={r2, r0, r2}, &(0x7f0000000440)=""/34, 0x22, &(0x7f0000000400)={&(0x7f0000000340)={'crc32c\x00'}, &(0x7f0000000380)="39740c0dbc5433cf99074c49a971e9e7620803ca165bd69726f2d9d5c913c2c6ad0bfc667bec737e09dc633a7242f02efa720c151da76bcbdcd4cbd022848bd2fd4974f077056bf7f51dcd7922eea2ee1262c972bfaf", 0x56}) socketpair(0x2, 0x1, 0x0, 0x0) add_key$keyring(&(0x7f0000001500), &(0x7f0000001540)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) (async) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="3b9df53a33786dab3b4e8a047fd681481e5c84eee78a2e8799de1d3fee0760cd46338bf41ae7f2ab33a46e5296157c3960d6d18837f3260349e51c228bcd5446ef29a4015965baa64e0de9b23b1a91b82ac619725f236d2bdb2712e28242e84859edfd87edb257d39dbe04dd81c518fbd723122ccad68ebe51310413c180d9d03b9fd4e9c9764102bde0f2e6b800436bcc8d261fbbba2e023a290b80986b", 0x9e, 0xfffffffffffffffa) (async) add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)="82fed0d101abdb922c33869127a78ab60b1a6f931211318f99acc60eb444de3607b58bee91b52a9136f344049e35ee6ef3c6a80720f1b6e8641b88262de8af360bfc5e8067e1fb48b81ee29b29d0d7f5716a758a7209c62893193cdce9760cfb812815ed0002d9b571e1fe8f2a9f59cc4f8d01255fc13f4a2cc5f1f30bbda257b79ea9a6cfde538155837438d7fa9688172ae4c960c7e8b8850f0fb4f60057d80e9753c2139c3f0807cb00e7535465f7349ff7fdac19a23f0562152a26979c2dc37187572f01c11940365afed449", 0xce, 0xfffffffffffffffd) (async) add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) (async) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r1) (async) add_key$user(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)="1b5d1d0afa7ad6402b09a50a8dde34a2d2a6d2e99ff29aabdde3fd36e12df3e3ac90233606bc03a648c92fd327519d89fa9c6b08a3a7b64d329beef19769582dbd3f21f558e4891f4b7ecd4e5191c273e921d1730cb67059b43e07299473923de453e9b57be959383f49e26ac4d2e35d1ba87862f7c7c1e9a9bf692c466a3921ff28e0cba2e0d3c260aeb246e581492a094a3cfe2f67fcd8325fd09767a05f7c5b1b37594f4fdceb54d75c2068fd2b2321b215c00c3788aa9bcf31ec45ee8bac2444be7b2f54b08a4c57061e5beb92f28e208dd81c17485e823924aef16c3dc4aeb419e2595b417c28b01e2b7d7e45252fd89b32aa53326771117ab0291172fe6b733b4df94c7f25954f4fa384a17407a795071f0194e1b1d244500e6c17118b8f8c9be6296ecf81125d84da2bb293ea97de858a88ea7a4946709f06f0897c648d7ca03ad17caa436b8fd18e7830e59e760526c717ae8202660ef10c3f18dc02ca3fb7f5db95f2ea83aadcbdb67918bf30bbbaed11b6f9bc83bcb710623c02635e76fb43b9104c5d44101bd6a50cdbda54f00cc2044b41d4c328af823b0bdafc6b2d0a92dfd63299abf7248cfdb28601d4975aa17bdc6c84ee542524e286fdcbfef2834cf1571c435fecfad153114f50003bb27825eb83e684c7fbf7140dbad65fbbb9de2d21ddbb824aa8a27fb3cc219ab277336b9615c14525f31a62e071660a20ae1827363a05bc691161a582e0624374425f9dd498ddb494384622094b5c65ac7b7cfdcdfa18afe8e869761715355982b189f0850c268a687f13c9834b6ca1faefccbf63774da3ae4ddcf026d994fa95770596da5401ca8a01d42f3e7a01fb94102142eeeeae0b0b187eea74baafa89c2957e87641d0ce81e0bdebaa5cc55054f1c1aa145c4285b28fde6200c6fd00ca7f9feb6f5d7ef83301b23ffd39991a75e665a78d6b8c5391770114fe7fc31d3ca016484f30e6d8b320b8ff90f06a55be4cd58bd415accdd0beeaf6c6e3187376547a13b241c602c918403b8d324e79e1065458f8ade394370de1785d38c4219bbae84529fa0f1a52e21042df30283cd20cc68347816a98a2455c188e0493191fe1ba4fb0e0d5d4ee565750312e05a601ef72b44e5fe434bab29431b4fcda7df2849794452c7c52d497d9d6b3dcc3ea72640ae5310135d6a893fc920ea97a443d2d9920f2cbe95e1e5e76ee6324450835e370511600e9501a2e8576a346229702b312b6249fc0f25c1a8595fcff493b448352c6b8f7532d525b0c6f7f95f3a3d5df79ab245da2b325b97f68df645479a004501c95b3c90ec9c17ae2259cb09f413dfe13298fd19a449db71af0004903d5327cac3b3ab390b471d732174f202610ab5d8b8591986884e02126f829428e6fba0d8a600f86d71d9fbe4c1767873f85a40ba09acd700c44b949ed525aa3f12b2e99bf78c3a6063fdee0c2c9e004bf977387a3f0cc6fbebec628e3155902859c6bd2126cf340c1cebfaa689f822f405979155d3734e3ab30b1c7a1ec8a5b9536d0b1b97101aec7fb76168da2d5767661a6d0a1fbf3475acac2f6dd0475b39bf35654d05af78753707f04f8cec568b94b958044eaf4b57e8960508ec200abce127fb0e0b03d4ea9dac6909dab3259ccedcd73d8d2de81bbac66248fbbeb36ee93a19fdd237101510002a9a642745fe9f0a69a2b71977d530f9ef0b85d269844b06280ec01d79bddb3c2872bd4a0a8e62d2c1af3ee0b083470725d818fdd9f7517d15572e8c7174bf8634321edf6290c0e0fa57de8de08b9d8cfdfbc86b182fc25ea4b990b2620028446ce476c1678df924177e9ef5e9b5a27f8dd70b23336c30c6dff5bb89c993f7da8bdeec62dcd78da177f855433f509da0ffb379bedfb1147aed20e0a1bc91ab8122a25dab0acf74f1f16dbb3801c00a90bb9f6bdca124982282a1823658ce9a027da84e1978ed37daea605b12fcc76a9c7cf3527d46c69a9bd4acfa3ce296f311d92058a9c7e9e52aa13f60c2c8f2241b49c44796f1ccb31f8b3a5da07b52a4fa9f833383530741b2dc291a90cd020b077f00cca877c95cd61f8b12c5be89882941594ff7fbd9bf8c218a48cc2caf8f83958842b1edcec697ff2d3ea41395a907ce2dc1683807554917c7ad08a7a3c0478cc2286416fca105f2b3b30b1ecd27b52b104583651c43a24fe7529ddc1659f3b60be48b6194d120feeb323a3ee50cbfe2af5bfd359476e6af984ec51051e209eceb61809bc3c32e8a2df95da0a12a9985c139f222c80b5524e6cdb7b280ed401ff7c7f7da2d726e9df8e9e5a875bde89ce82d7c28aa9bd09cb1ae493244ab0c90af0dde31c2b3f4fc113f9f1f19b3553306fb75714c6e3bf1a8203877a5921f8bf7e90e632b56f046384f8baf38a9958423e1af0e57e710199ae9921627fed4586fca8ebd124ca70fd1c89306041a0b570bed23341c82a4da5e2a5e1d971f8d223d794aa4ed01aa9a3c9e1da6ca4be89d603b684eac9badd58c5b26cfde5c1b40c9dc84d711417f36f9fecd2dc7b3eae1e0e97e62b6071ab8a9dd3ae05fc716b0b0f2bf17a0127ba10004cc5bb74272767355ff19c467a2d02dcbe2bd85fc2297fbad25f487118c4dce14b039dfe8264c0bcac4216ca4cd8668abe9d94e3e28854e2c5211f526b01eb5a93fc7dac54a2496c92f85d35199dd2cfed3ab4ae54bcf981b50d859617bc6584b77ed3a1f36db7d11daa5bf742bed51546eefbccaa318acc5cb2685b74b6cd259dcda2336b4b1e992f3cdd81d485e0170514bb9d95524e00092c3967a69b19bd14260b02a7c7c9679437bf4ed37075ae4c55a709096fea97923e9deb85751d49b1ce500a8f8bd8ae731348a07a2e9faff571fdae595acd5072d3501bc16e8332cc67964d8fbae744d3f8c18c41d98518acbcf28cf22ebae995137bf8c2695db6f8bb46879186ff0a8ee98c73c4405f9cc216bdb3ad7fab93533cde06c66d00ed1ef78668dba405953d53d49d03953ead6bc640a2774e8647fd1c0d27297813963cab6f0f36948cad1816e65a766976153754611de8b5619222ac466f440750f572db8a80ad7fb2b9540f55f401104152d5bd9cf43fc223d0dadae78ee0e49e6af05101a464074429ee89331eaec323a9a0c5db76356bc89e17d113036bb4147e728d709a2763d425c393d6f77072b6fd503870bbcbb1b8a74bb062fe9e94836ea03ef1dc5d39dfa2efa70480aaa0f720d02b2872034e0a6894a5c8b8a5deb39869e9fb96069c99e7405851c11c5b1c1d532ee7849215b79030a41c8bfd3ff50e490cfe924163ed8c1cd7dba646684b0297d12d3f5ab45d94b5dcb9a71c670940772fbb7b3c848362173e0598e41e32b2591cdd481de841cee2af68ec9172352b7f48427e50965c1d2d287c7ed3b415e64541a7e07a42a3b79e93170d14876ac3daf2c8894450ebc183bff3c09c47e40f214b3a4ca92c3985199d816eb9ddf18d5672bc1f58007ecf13f0a53367466f5d078434e42cb9e90a4b0edb9f1f9a1db6a51e7230197fd75b9675062ca13d8301b8263cc55721e48a33492aedb4d6f66e7b24d963288382d552a7a8a4bd73aaca5d9b0a9b0ee8063b555703793777c594ee735f93bd21e739a472279d3e85f6b8ac258791e8549ca3147abff85d361831435e318e4c5c7d4bc7eff3f0fc72ee4264f01607022cfb80cbb9c2611b63b1fcd0e8dcbccb3262d1a7fe7d34d5bc16ffb274dd15d60ad4f6366759c7066851ff19f0696c02052c14c6a43baac5168be2e872d534ac0b80f231a8203fe7306b0da28bc938677a4d31a02a07dc4d74232dda97a67609f0e33efd61c6b92e9d340207a8b416f1afc276d9ee3b8404f88b5d549615346ddf487beb2017cfab7addab0877936b78b96602203268520996af550a073b5ae57b11fa07dce54b34f133f6dd43a6e94409db399a883d2bfdf528cc2b181819254b545cb0393589895cde9b1b5f3f6fa35312f4c58975b23c5a21665ac9ea94ff86bfff0bb8769251520468461dbfaff5bd795f36eb71306a1433696ab419fc3f0403c8fc29ee928480e18e8055cd7441e1cfea27d03a6d0112848228f85ae00ad59af7766fb62313885480e9ae0be4b26ff2154e872976222385a52e0174fc82b9955db9e32f39e9bb25d5efe60416989a979dc90d4e66a7333203dfcfcb23edc40f020e5ad1234357b59b5c9612e2fa8d53fa7d03f9aad8614f8e1fe4f0d1fe327da52542daccf739230aa5961465cac9fd75a3689eea83c06122ecaf580ead1b710496383f7dd973598a48d39180aad13d94b9fb9d829218015541188f50157d8ff5d71bf6f709ef827e3fe837701aa31a674d556d9ccff8b9e61f50436c288c5d5e03a128954d5a10c685ccf90313d6e1567411e517d0d454bd8f82e216d1da47aca961d925066182af8e44174180c2d9566fa4ceab062f4a3f298bf1dc5c471d24412b4971e5c7a772f6878c1801f20e3f6a9e0cf4a80a4101a5703ff4384e12068f0e7f87ac3b55c8035f8fc15800055d4cadd32cabd8fd8ac606ed0743931a63568c6e69c9592f03ecbc8c96555096b6018c8fa7df5a5667103aace8edcf838962d6ca00122961697f8851f3d72b47444961eca0e2831c0b7d7acbc1704abb2e1ec4a7861befce03adb5e8c089fa4d122f9d148df1fda03321ef4a9a718d103af57fb4cb1fc61b08fef52f8000d8f469e3129ffaef944cd614541ca550621f068765241917ada3c15db3bbbb258f8f7d906bf3322bfcb01bcec127df7f24d0e932595c1a0904ca3200366b2620ac14e134e68dd71b2f2eaec8a65d3d8dd41e8a90a52e5707e4ca659e68fa942f6f3ce3adb7dd86cc062e013be01c8c9fc1f11af8e0305e47ad72871f642035b1b2ae49f2013eea9be0a5bf7c1d5bcfc55cc901863a4058ac8d667ddf947a2fe8127d423391fa707c4ddc58fc479c976bf0470c26b8afa23034db3f151c1e5e58dfe4d1118b4ded2498ce8f6af484d4ad6d880127799ad65b08580bf18191635b08e7853c6d2a4fb94df2aed379d9d58598fd5b6c00c158e4a699fdca34d24528c4888d3def2a8d2d6f553aeceec72eb37d7d1aacbede9734129ff26c29bae76e4dd8c36e2550a7da78cf9071b6c168d7969326b6cfe9cda58487f9ef6041d1b0bcb98ae4cfdbef320a590c4b908681a4b0a1ebfc2bde96c69dad6e97001778e1a73b6cdffe42fd4fc0cbeab5e2d423218dcd3f84d64c2ae1ddcdb4cd35e430628017662bdef801339c6a0209017bf10ff95f57aacb27454c1e903303945fdc919fb339a655e64687f6cc8f08d170d7770636bf6d7d03df3823c0d2e0895f9d897a30b2aa33ad57ad713580b0551057ac6ae674df9013fa297961d2eefab5ddd4b2cad5affba546ae58921e11df88d5f6756b3e12abd7f4a8e951de6a5f0f2e251b4effe7fca8a1b33a0ea938761dbf14ab4eea6308ef3cb78ed8d4c33ee29f59fbc2c77c985ec11a501e1c6c37ea2a312a7cf78716ac6b97a87c7d4659764b6324a8c2c3cb5cdacb46b8a8e93afbb25fc0f7ae09999bfbb54e1257027a118759991985fd9c25cd2b1374c1c2b3a567db00adc3d1031759aaf381289d719efab2b00b5dab7808772792f99c75f4156355336a49bf88f80205fecf6a3874289b9d24da943e37a242747acd59da61d2ecb0b02943ded4acee2b525c6bf80366a046b3e9e4764b04cfe66624fbb2fc15ff5f7b942993db91f50520f854e5d08ac1095bb4d8751e7baedace38def04ac97a3a9db35110ef54", 0x1000, r1) (async) add_key(&(0x7f0000000240)='id_legacy\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)='|', 0x1, 0xfffffffffffffffd) (async) keyctl$get_keyring_id(0x0, r2, 0x0) (async) keyctl$dh_compute(0x17, &(0x7f00000002c0)={r2, r0, r2}, &(0x7f0000000440)=""/34, 0x22, &(0x7f0000000400)={&(0x7f0000000340)={'crc32c\x00'}, &(0x7f0000000380)="39740c0dbc5433cf99074c49a971e9e7620803ca165bd69726f2d9d5c913c2c6ad0bfc667bec737e09dc633a7242f02efa720c151da76bcbdcd4cbd022848bd2fd4974f077056bf7f51dcd7922eea2ee1262c972bfaf", 0x56}) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) 13:38:04 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) 13:38:04 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000001080)={0x0, 0x0, r0}) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendto$packet(r0, &(0x7f0000000000)="746e088b43ce6a153cb0802182a3358f8207a79cf93a3c761b1c1e4d525c1a3937f478c09f53a0b8834407d7693551a08a4918630b407acdcde8c02896c86d36df022ecc8a643e86cc4c5e3a6add5881c85731477c5c77dec0b04c378676d75698368513528d2a90017e7d6ad45653ffcfee78a02dc9273e53898a4a1643233b2d0dfd84a7b87e16033fbf7f26e14419fe51dfe4e9266b0b4ee542a0af7e213f0b3cecba20e14bf559b3bf2144bcb6c5f7b27dbe894d8a4e27e4d37c50d382b8933a9c31c56441f34218b22453528daf4a2eea1d5c7db63f32cddc2d8065f0527c33b28a9668d4b39a44994cfb06f195195b7dc614f78eac4c77e16348acf7e8d0cc322dda0de510ed9e58c3c651017157ac61c9c19863ee76dc07a407809e54e193ed111c4696b4a17f7fb5b2951d98f42a12b6ef15ed2c3a90131b7efaff2e4723170c19b5ea276b6674ad4f0ee94f79083d601ff22199c02e1740b5b389b73ece60581636cfa4df43f6a2bd60b07fa1f2d9beeaa21c8e60da5a1173b91b957adb83504b5781aaa38e90b2a9200a782e2234bce3907d614462ce00540ea2b09632c6fbd6cc318d75300c992679c22ed8edf4a6423113a0ed68e13d0a1254434a3382d3c8dbb8171962243c9025e63097158b07a05648397904f64fd820722873f25f4d9a0811e796e6ac4ceb33a9a21cf7142d2daddfb93bbd3fee77119f1a66e2df6aea97bfa23019660aff5dc05fb305d4290b7303f0eab276302bbde37be1533ff99eb7d1b7975e7ed72ff0715a13bc921b99bbdb22d1cb6b33836ae197fe634461b37edb5468881779d03fc282839e27425fc61db40cc95d8d9a6da95ebd8294812f8a075e4941509ae3ea430cbee56b5a9353adeac1fe9149fed899e7731ab278118b5aa0d268b1c347c459a5de923e8e91c5254e9263b7277a1756e97b5cefbf21221649ada39c38ddac906a07c77a43574eaaf23ec1679310fdd05a655d0047336dc1151f6bd2b5945d112431c2d4af9def1a0ba1a4ac3a7fb360143d949a32c01e6d4b7838831c311d3a707953d7487306145fccd8875bca0d72b4df09b1350e78a3386dfbdf83aa2dd697cce3a068b775e6e6860395b7de8116539a5037998d4c6646099dd6c982b96c2daacc719b7755f70485748bff3d1f42ed8dc64628836d6e75676a1866397500faf37b295958422b27cb49ec5f25c728934fb5cb024f44d70a52648c23de9cde010a1f4c551992797e3a51e5581b823e259fabf687a02a084e6a40b443de1c708e1285d0a28effb79530e58330bd47f3a1c8f69f57447bed91b5071107356467d0f2b9bd0fb242bbd778c5e352eb6763ce38681f917926f28a36346425f4c17c724d3e1ceae950fb22ef797c466eaff28cffb5131f061e99be9a3156565b8a2c8f3672517dc33d7fb1ae4639d72bd3ced0a3404ead15a5948990d971add58d3b4aa1d4aff466211990a04e38e995ff7021ca4fb768446f8dff49ab3f26dcc4b2ae692558d7f0d686df4affedafeaf4e1e02009190ba4883c8deb32c07633e6c15ee5a2f374d56327aa33a7589078d98f66dcd2e614f018e45b413254ebbde627dc9923ded6755335c2bdc895b8e0c118c0544919eb0deb4a10ddb92814488cdc52e131c790437c4cda1ad67338aebfb36ef157e6842169531f1d475f547080c9773ff038ff1e612ff95a1294ac74dfc22453863aec99baa00518c85fc73c2f7322b4a3c2b2e42611b489c77e62fe8da9ef8c00b72d7544f0ce8aa13dc40bc854d01e3d43a4e42b6d2c225258d16eb173a7eb2631729fd9872d554b7f1783bc3dd5981e83a5fbc097d24bf86d82aba6e7a0a8a21be361283739fb7304cc47a723a2e39ffe55585f7b2ea3f5e6bfda3dd9ef43035818f65d21fe18cd1c1ecc24655b33f7528c12b8e80965728d8a83a59aa16796d801ec789b94a5132a03be4e705c4a7c3b9d89d6fe6b5ed7e9336dd43ac12cd0bc6c23dc993e5f939218714defc28cc5e5904004f0d08468b965338a796a18275a4afeb2f2b444333dadadaebaa7ea1ab03fc74c911e6909a7851c9813182d0bf28744f66c815ee736734853e0cc449fdc537f1238db56fe207a497b5413ceab2b63dced757bf43d0b5d7e6f1cbb755da2452c2dd921b40ed2fb0bff691dc7be958820d1bc223433598e35d5826560a835e3b55ab1fff3389d6b7fe78a753db7affcccee4bcd07af1d6144271834dec48d04335d4a26b278b9727b39332357f6be0573f21d1660fa4c414906cc106194811b56760fcf4552a547f19bf4099b81a46831a64278e3d7206317bef03c75178b3f2306093ce2defdc0022e703bab01e5800d16d547169efec5f71f82a3e784a7ac42aabbe43e4c427c0d522e0fcca6d189187d92db0245deec4cf5e95e0d0b9b30ad255c265c9dc3b5873c14967ad02fa057aba8d350bef5656b4374ad3b0be267db79b8294af39f1734611435165d8aea3fc92315947f13680725cd3545953b6edf29c790516875b91d32de0d125ce1c4ae804cf7691362427bd476a90effbeb4e94fcb1735c8e0cd6ef8fad5ec9a95ce9d5560cac75300d99af3093e19006a9423dda2d49585121cefed17a43495f20249242cd5c8f03cc43bd00a52609b9aa331e11e3f68b9cbbaf2bdaeb836920620f5dda4641ac56a28032f708c271e279f29c9798e705059cb09ff5f98de90faed675a3f05afe7ab446725d053daaa573ee08945793dfc5ed803d10fc6a73f9d9d0a64a8d4b25a6b0fa073ae61061f32e4420087f74e90cf6292e69751f5e50c88a849ba023986a08104f7995f13b56eb877561707aa3af1623aa505a17df878064375b817bcdc0c10642423a1fbfbedcbee2f99a77e4de547f3818fe65d9fe03a20d1de0cc48e152367d7d9c828c39ca911409eb60111997fdb8feca3b5008702aa56d12afe6b3b28214ec53e74c8ee14e0d631b6c8e8cd4955ee06d7ea4463478199589611a0e2918b0ba98d01d7da1f302246e1e39aeb47c3a5eed111f623ba75ee035273c148018f75230e616b76bc7ba6dc979db730e9108ea4ae44d71bf38e7497803e8eb19df321343d5d6c952d4bb281f27d695a267e9b48284a99b0ca30fd9fa6748a3ea8dfcfe2705a285bf3141934ee2657a15daa957c49e2ab87648b84796ace6ff3e72082230c6881252f8eb2859de13747a2b074324561f9367ccf4d9e2ea6a800e982bc48ed2625a5bbb0ff59f664ff5919629233f047cd850548810a9bec5c3a313ddce09df1f8cf8d607df83aa987439c607c6d53995764f355b913ef75f67604c34f3d28af9768627b637f1c1e9d82708a3584dc9bffb22ede03ebc535dc50d56f23244b6d25b242714929aafe875900c46918bbe9e39c899f7d1aaff546dd671c3a4ffcd1cfab0d0a4105381b538fb6fa8a4a0fa9f63a1311db70a3ea9d91cbdc19cdbeafaf6b3fd030482c0550aaa08b0bc669d34f6fde52778749e2ba2e95f789eda9c3e43de1ac4e3d075f3f4531658d881803614850d0b87e4fb49080a58c1b22a4670a4bb12e0412eaba283bfde6801b029d626e8d89ceb735848c7bafc881c70defb837160515c7db2b058103bb9182ef2dc3c3af1f59d30b50cf0ff98c11f43a0f7ab1c706cf78592cbcbecc18d42dd582fe8178d71a7f31c149094794f9db80090810db4a6cc1bd296659b0a9c9f1ba21279dacd7337b3cf82aade794aed67fd888caa15d78ab6a131a234356ff0981ea4d60d2144f55ed3814aac1d79e32407f858cadc93e331bc08ec5b8f708dd04fd58d15663dc6c03a4577cb005bfc8bfd8980b1be94291398bb8e7e7bae3f1b70212f6edd829c75acce8e236ac3499c740ae6e9f0198586ae4ce02f23be65bfea0e69fb2d0b0a1b0c8a741d5a6899ce984791dc4f6ac4f1b06e47a903331ca677b83fdd925c58450796cc62e1f1abe796e3290b93f0bc0359fdeb3fa4a11a911a69f836714a4bb3b6669ad60d39d02dd1788b6d7c95448fa63f22cb98f095ad7e697de3d4c803a46c81fa3df4f3be19556a82d102a5db7616809ecbabbc73e3c7a4084df28e89b68662950db6df2b617e0c6e34dab312adf3c5144107ac89e1e4c5d8e1322681398c64d4b6120369cfb7abadbc04f0c8afe757cb10a3d45f2cc98e379e167dd2ea8113792880834318d9b65ba4db9e3f88aa126c706e6899b64bf8bc6e91fd508c716dc8d570ade2f5eddb455683602d4c6e226e8a69fc4f083abdc380d1c1b484db1c2361e2c8ae22cce4bf3aaf4d5e9bd03575e3b5ff09846e0be8d2f9f67503ab998b057a901ef7916e7c2ce0a6ef18aa1230d513ae58391c8dd10e230c754a3f0ce74ab8338bb6cf6e4812fb651ab1a7bab9a13ee5bb5063e60d8878f47a3fc8be397b9d5b1adc2e131480c415e6af46f031d8a606a3e7ef8c435b7dee2933bede4b8b53b83d42ef4b1578af4efc4c66de72d0b6df0e2e3daa37603a67f3c7aaf4b4bd0216e02ad98fe2595e39bc24054851a64354d0c1ff9fb32b2dacf3e4c487fc4460419c5fcd5a8bfc44e289b570f6ae83b51f9ef52b5391192803420f1b54e0e5cb4bd0973ed8a2c2461cb3f1ce13a20e456146019ac3d8769b88bf00ddb8de7c045d2056f09388a024c4f3708db767a2e270a8ee0849fa1578660d98d147f0863fb27b071deecda767231a1dcf3a17f6a3a9bb8f18b0dd49bf8d2c9be738459b985d4adc440367c117b89323972f2c0af91de375c53969751df580174c2bc80419d8b453a805c24cf34df63aae10573cbea9f192945df0b6dd2c5afe36135323ca41ee3adb0887e75c29e18321aa0de03c7e5957bce77186b2eb02b2a301b4800a870cefa6b917a3f57ef79a06cdc05dbd97c45e944763b71161de18a60f865699f16e362c7260c5d0f9230a755343a800d4255403c5987e7ade99001815f46562e0811cf199887bcc3ab145c43f95f882452db55d17b9d4f8d7563056a2d9b411af30fdbd487fed776428a66898c972505379e9d528319f1df7af848406eff836358972a453fec5b3b7feb7bb4dc85efec968b6ffca5d5f94b7af8b8b980f88a4969fa95a6e0750a9dcc98abe45c2bf97e755758a17844982dc3d7e3fba811ed3a740b05a847418b27c91505cc20f8df3136d125f90d8bc437851a1d42915c1dccd9182f1008ae16dcc35051076e866d2228afac8ac16baf3c174208018e4b613c83528b5f4fa7cebddacaa6d6cb2f365c5e760d5a43180a86faeb04830495da8d873e271a8c837cd08012518e7d82c5d4de95dc27fddeea3fa2ce1e8b0eea7504e2704af194e47cd771b0fde9ae6bb34710ebeb738f9b2e3c0025c3a88eca81f627007354f61181ea4fb6b88b8491d08f261208d70639d8a7b58fd2e64ed29b3ecb337345114768197ad208b329a9517d52ab4c6357d16d8f5b70a0c9c2393aacf50a79f929c937c48a97daf2da654f9eaa83a6d32d4a2d968ed97338cb1c70cb83e560902b7a91e864ccb25a76d638f8c85490a54a9ec8eb01562a84d483f307e2a7af11d384fdf6d9610dbec2fc97b884caa43de4a3a6e8a582c3d661280c41d0edf0e307d3e6386f51b4fbc13edd4073dfa522f6a18726bf4e8d63560cccc1a199f7697f134de9eaa4cc09f6cf7f7aa6b0840626fa55427f647386c0ba27e3b88b4564a672a08957d5e8bf6912b15b995d3fc20a00132c039ce01931af1424150a577deecff21db5a092a0ad69a4fd3c1045ea8f67279eccd916b1f0ed30e77289da2fe363496bd75ce50720cee0de940b70", 0x1000, 0x4000010, 0x0, 0x0) socketpair(0x1a, 0x1, 0xffffffff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001040)={&(0x7f0000001000)=[0x8, 0x9, 0x43b, 0x8, 0x2, 0x7b62, 0x5, 0x7fffffff], 0x8}) [ 688.811016] FAULT_INJECTION: forcing a failure. [ 688.811016] name failslab, interval 1, probability 0, space 0, times 0 [ 688.859861] CPU: 1 PID: 14677 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 688.867777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.877132] Call Trace: [ 688.879727] dump_stack+0x1b2/0x281 [ 688.883362] should_fail.cold+0x10a/0x149 [ 688.887516] should_failslab+0xd6/0x130 [ 688.891493] kmem_cache_alloc+0x28e/0x3c0 [ 688.895646] __d_alloc+0x2a/0xa20 [ 688.899100] ? d_lookup+0x172/0x220 [ 688.902754] d_alloc+0x46/0x240 [ 688.906039] __lookup_hash+0x101/0x270 [ 688.909923] ? __inode_permission+0xcd/0x2f0 [ 688.914452] lookup_one_len+0x279/0x3a0 [ 688.918431] ? lookup_one_len_unlocked+0x410/0x410 [ 688.923367] start_creating+0xb0/0x200 [ 688.927256] __debugfs_create_file+0x4f/0x440 [ 688.931754] ? debugfs_create_file+0x37/0x60 [ 688.936169] kvm_dev_ioctl+0xe7f/0x1450 [ 688.940242] ? fsnotify+0x974/0x11b0 [ 688.943983] ? kvm_put_kvm+0xab0/0xab0 [ 688.947877] ? kvm_put_kvm+0xab0/0xab0 [ 688.951767] do_vfs_ioctl+0x75a/0xff0 [ 688.955569] ? lock_acquire+0x170/0x3f0 [ 688.959546] ? ioctl_preallocate+0x1a0/0x1a0 [ 688.963963] ? __fget+0x265/0x3e0 [ 688.967416] ? do_vfs_ioctl+0xff0/0xff0 [ 688.971394] ? security_file_ioctl+0x83/0xb0 [ 688.975800] SyS_ioctl+0x7f/0xb0 [ 688.979162] ? do_vfs_ioctl+0xff0/0xff0 [ 688.983141] do_syscall_64+0x1d5/0x640 [ 688.987033] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 688.992218] RIP: 0033:0x7fa37e383109 [ 688.995925] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:05 executing program 3: add_key$keyring(&(0x7f0000001500), &(0x7f0000001540)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa) (async, rerun: 64) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="3b9df53a33786dab3b4e8a047fd681481e5c84eee78a2e8799de1d3fee0760cd46338bf41ae7f2ab33a46e5296157c3960d6d18837f3260349e51c228bcd5446ef29a4015965baa64e0de9b23b1a91b82ac619725f236d2bdb2712e28242e84859edfd87edb257d39dbe04dd81c518fbd723122ccad68ebe51310413c180d9d03b9fd4e9c9764102bde0f2e6b800436bcc8d261fbbba2e023a290b80986b", 0x9e, 0xfffffffffffffffa) (rerun: 64) r0 = add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)="82fed0d101abdb922c33869127a78ab60b1a6f931211318f99acc60eb444de3607b58bee91b52a9136f344049e35ee6ef3c6a80720f1b6e8641b88262de8af360bfc5e8067e1fb48b81ee29b29d0d7f5716a758a7209c62893193cdce9760cfb812815ed0002d9b571e1fe8f2a9f59cc4f8d01255fc13f4a2cc5f1f30bbda257b79ea9a6cfde538155837438d7fa9688172ae4c960c7e8b8850f0fb4f60057d80e9753c2139c3f0807cb00e7535465f7349ff7fdac19a23f0562152a26979c2dc37187572f01c11940365afed449", 0xce, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb) add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='8', 0x1, r1) (async) add_key$user(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)="1b5d1d0afa7ad6402b09a50a8dde34a2d2a6d2e99ff29aabdde3fd36e12df3e3ac90233606bc03a648c92fd327519d89fa9c6b08a3a7b64d329beef19769582dbd3f21f558e4891f4b7ecd4e5191c273e921d1730cb67059b43e07299473923de453e9b57be959383f49e26ac4d2e35d1ba87862f7c7c1e9a9bf692c466a3921ff28e0cba2e0d3c260aeb246e581492a094a3cfe2f67fcd8325fd09767a05f7c5b1b37594f4fdceb54d75c2068fd2b2321b215c00c3788aa9bcf31ec45ee8bac2444be7b2f54b08a4c57061e5beb92f28e208dd81c17485e823924aef16c3dc4aeb419e2595b417c28b01e2b7d7e45252fd89b32aa53326771117ab0291172fe6b733b4df94c7f25954f4fa384a17407a795071f0194e1b1d244500e6c17118b8f8c9be6296ecf81125d84da2bb293ea97de858a88ea7a4946709f06f0897c648d7ca03ad17caa436b8fd18e7830e59e760526c717ae8202660ef10c3f18dc02ca3fb7f5db95f2ea83aadcbdb67918bf30bbbaed11b6f9bc83bcb710623c02635e76fb43b9104c5d44101bd6a50cdbda54f00cc2044b41d4c328af823b0bdafc6b2d0a92dfd63299abf7248cfdb28601d4975aa17bdc6c84ee542524e286fdcbfef2834cf1571c435fecfad153114f50003bb27825eb83e684c7fbf7140dbad65fbbb9de2d21ddbb824aa8a27fb3cc219ab277336b9615c14525f31a62e071660a20ae1827363a05bc691161a582e0624374425f9dd498ddb494384622094b5c65ac7b7cfdcdfa18afe8e869761715355982b189f0850c268a687f13c9834b6ca1faefccbf63774da3ae4ddcf026d994fa95770596da5401ca8a01d42f3e7a01fb94102142eeeeae0b0b187eea74baafa89c2957e87641d0ce81e0bdebaa5cc55054f1c1aa145c4285b28fde6200c6fd00ca7f9feb6f5d7ef83301b23ffd39991a75e665a78d6b8c5391770114fe7fc31d3ca016484f30e6d8b320b8ff90f06a55be4cd58bd415accdd0beeaf6c6e3187376547a13b241c602c918403b8d324e79e1065458f8ade394370de1785d38c4219bbae84529fa0f1a52e21042df30283cd20cc68347816a98a2455c188e0493191fe1ba4fb0e0d5d4ee565750312e05a601ef72b44e5fe434bab29431b4fcda7df2849794452c7c52d497d9d6b3dcc3ea72640ae5310135d6a893fc920ea97a443d2d9920f2cbe95e1e5e76ee6324450835e370511600e9501a2e8576a346229702b312b6249fc0f25c1a8595fcff493b448352c6b8f7532d525b0c6f7f95f3a3d5df79ab245da2b325b97f68df645479a004501c95b3c90ec9c17ae2259cb09f413dfe13298fd19a449db71af0004903d5327cac3b3ab390b471d732174f202610ab5d8b8591986884e02126f829428e6fba0d8a600f86d71d9fbe4c1767873f85a40ba09acd700c44b949ed525aa3f12b2e99bf78c3a6063fdee0c2c9e004bf977387a3f0cc6fbebec628e3155902859c6bd2126cf340c1cebfaa689f822f405979155d3734e3ab30b1c7a1ec8a5b9536d0b1b97101aec7fb76168da2d5767661a6d0a1fbf3475acac2f6dd0475b39bf35654d05af78753707f04f8cec568b94b958044eaf4b57e8960508ec200abce127fb0e0b03d4ea9dac6909dab3259ccedcd73d8d2de81bbac66248fbbeb36ee93a19fdd237101510002a9a642745fe9f0a69a2b71977d530f9ef0b85d269844b06280ec01d79bddb3c2872bd4a0a8e62d2c1af3ee0b083470725d818fdd9f7517d15572e8c7174bf8634321edf6290c0e0fa57de8de08b9d8cfdfbc86b182fc25ea4b990b2620028446ce476c1678df924177e9ef5e9b5a27f8dd70b23336c30c6dff5bb89c993f7da8bdeec62dcd78da177f855433f509da0ffb379bedfb1147aed20e0a1bc91ab8122a25dab0acf74f1f16dbb3801c00a90bb9f6bdca124982282a1823658ce9a027da84e1978ed37daea605b12fcc76a9c7cf3527d46c69a9bd4acfa3ce296f311d92058a9c7e9e52aa13f60c2c8f2241b49c44796f1ccb31f8b3a5da07b52a4fa9f833383530741b2dc291a90cd020b077f00cca877c95cd61f8b12c5be89882941594ff7fbd9bf8c218a48cc2caf8f83958842b1edcec697ff2d3ea41395a907ce2dc1683807554917c7ad08a7a3c0478cc2286416fca105f2b3b30b1ecd27b52b104583651c43a24fe7529ddc1659f3b60be48b6194d120feeb323a3ee50cbfe2af5bfd359476e6af984ec51051e209eceb61809bc3c32e8a2df95da0a12a9985c139f222c80b5524e6cdb7b280ed401ff7c7f7da2d726e9df8e9e5a875bde89ce82d7c28aa9bd09cb1ae493244ab0c90af0dde31c2b3f4fc113f9f1f19b3553306fb75714c6e3bf1a8203877a5921f8bf7e90e632b56f046384f8baf38a9958423e1af0e57e710199ae9921627fed4586fca8ebd124ca70fd1c89306041a0b570bed23341c82a4da5e2a5e1d971f8d223d794aa4ed01aa9a3c9e1da6ca4be89d603b684eac9badd58c5b26cfde5c1b40c9dc84d711417f36f9fecd2dc7b3eae1e0e97e62b6071ab8a9dd3ae05fc716b0b0f2bf17a0127ba10004cc5bb74272767355ff19c467a2d02dcbe2bd85fc2297fbad25f487118c4dce14b039dfe8264c0bcac4216ca4cd8668abe9d94e3e28854e2c5211f526b01eb5a93fc7dac54a2496c92f85d35199dd2cfed3ab4ae54bcf981b50d859617bc6584b77ed3a1f36db7d11daa5bf742bed51546eefbccaa318acc5cb2685b74b6cd259dcda2336b4b1e992f3cdd81d485e0170514bb9d95524e00092c3967a69b19bd14260b02a7c7c9679437bf4ed37075ae4c55a709096fea97923e9deb85751d49b1ce500a8f8bd8ae731348a07a2e9faff571fdae595acd5072d3501bc16e8332cc67964d8fbae744d3f8c18c41d98518acbcf28cf22ebae995137bf8c2695db6f8bb46879186ff0a8ee98c73c4405f9cc216bdb3ad7fab93533cde06c66d00ed1ef78668dba405953d53d49d03953ead6bc640a2774e8647fd1c0d27297813963cab6f0f36948cad1816e65a766976153754611de8b5619222ac466f440750f572db8a80ad7fb2b9540f55f401104152d5bd9cf43fc223d0dadae78ee0e49e6af05101a464074429ee89331eaec323a9a0c5db76356bc89e17d113036bb4147e728d709a2763d425c393d6f77072b6fd503870bbcbb1b8a74bb062fe9e94836ea03ef1dc5d39dfa2efa70480aaa0f720d02b2872034e0a6894a5c8b8a5deb39869e9fb96069c99e7405851c11c5b1c1d532ee7849215b79030a41c8bfd3ff50e490cfe924163ed8c1cd7dba646684b0297d12d3f5ab45d94b5dcb9a71c670940772fbb7b3c848362173e0598e41e32b2591cdd481de841cee2af68ec9172352b7f48427e50965c1d2d287c7ed3b415e64541a7e07a42a3b79e93170d14876ac3daf2c8894450ebc183bff3c09c47e40f214b3a4ca92c3985199d816eb9ddf18d5672bc1f58007ecf13f0a53367466f5d078434e42cb9e90a4b0edb9f1f9a1db6a51e7230197fd75b9675062ca13d8301b8263cc55721e48a33492aedb4d6f66e7b24d963288382d552a7a8a4bd73aaca5d9b0a9b0ee8063b555703793777c594ee735f93bd21e739a472279d3e85f6b8ac258791e8549ca3147abff85d361831435e318e4c5c7d4bc7eff3f0fc72ee4264f01607022cfb80cbb9c2611b63b1fcd0e8dcbccb3262d1a7fe7d34d5bc16ffb274dd15d60ad4f6366759c7066851ff19f0696c02052c14c6a43baac5168be2e872d534ac0b80f231a8203fe7306b0da28bc938677a4d31a02a07dc4d74232dda97a67609f0e33efd61c6b92e9d340207a8b416f1afc276d9ee3b8404f88b5d549615346ddf487beb2017cfab7addab0877936b78b96602203268520996af550a073b5ae57b11fa07dce54b34f133f6dd43a6e94409db399a883d2bfdf528cc2b181819254b545cb0393589895cde9b1b5f3f6fa35312f4c58975b23c5a21665ac9ea94ff86bfff0bb8769251520468461dbfaff5bd795f36eb71306a1433696ab419fc3f0403c8fc29ee928480e18e8055cd7441e1cfea27d03a6d0112848228f85ae00ad59af7766fb62313885480e9ae0be4b26ff2154e872976222385a52e0174fc82b9955db9e32f39e9bb25d5efe60416989a979dc90d4e66a7333203dfcfcb23edc40f020e5ad1234357b59b5c9612e2fa8d53fa7d03f9aad8614f8e1fe4f0d1fe327da52542daccf739230aa5961465cac9fd75a3689eea83c06122ecaf580ead1b710496383f7dd973598a48d39180aad13d94b9fb9d829218015541188f50157d8ff5d71bf6f709ef827e3fe837701aa31a674d556d9ccff8b9e61f50436c288c5d5e03a128954d5a10c685ccf90313d6e1567411e517d0d454bd8f82e216d1da47aca961d925066182af8e44174180c2d9566fa4ceab062f4a3f298bf1dc5c471d24412b4971e5c7a772f6878c1801f20e3f6a9e0cf4a80a4101a5703ff4384e12068f0e7f87ac3b55c8035f8fc15800055d4cadd32cabd8fd8ac606ed0743931a63568c6e69c9592f03ecbc8c96555096b6018c8fa7df5a5667103aace8edcf838962d6ca00122961697f8851f3d72b47444961eca0e2831c0b7d7acbc1704abb2e1ec4a7861befce03adb5e8c089fa4d122f9d148df1fda03321ef4a9a718d103af57fb4cb1fc61b08fef52f8000d8f469e3129ffaef944cd614541ca550621f068765241917ada3c15db3bbbb258f8f7d906bf3322bfcb01bcec127df7f24d0e932595c1a0904ca3200366b2620ac14e134e68dd71b2f2eaec8a65d3d8dd41e8a90a52e5707e4ca659e68fa942f6f3ce3adb7dd86cc062e013be01c8c9fc1f11af8e0305e47ad72871f642035b1b2ae49f2013eea9be0a5bf7c1d5bcfc55cc901863a4058ac8d667ddf947a2fe8127d423391fa707c4ddc58fc479c976bf0470c26b8afa23034db3f151c1e5e58dfe4d1118b4ded2498ce8f6af484d4ad6d880127799ad65b08580bf18191635b08e7853c6d2a4fb94df2aed379d9d58598fd5b6c00c158e4a699fdca34d24528c4888d3def2a8d2d6f553aeceec72eb37d7d1aacbede9734129ff26c29bae76e4dd8c36e2550a7da78cf9071b6c168d7969326b6cfe9cda58487f9ef6041d1b0bcb98ae4cfdbef320a590c4b908681a4b0a1ebfc2bde96c69dad6e97001778e1a73b6cdffe42fd4fc0cbeab5e2d423218dcd3f84d64c2ae1ddcdb4cd35e430628017662bdef801339c6a0209017bf10ff95f57aacb27454c1e903303945fdc919fb339a655e64687f6cc8f08d170d7770636bf6d7d03df3823c0d2e0895f9d897a30b2aa33ad57ad713580b0551057ac6ae674df9013fa297961d2eefab5ddd4b2cad5affba546ae58921e11df88d5f6756b3e12abd7f4a8e951de6a5f0f2e251b4effe7fca8a1b33a0ea938761dbf14ab4eea6308ef3cb78ed8d4c33ee29f59fbc2c77c985ec11a501e1c6c37ea2a312a7cf78716ac6b97a87c7d4659764b6324a8c2c3cb5cdacb46b8a8e93afbb25fc0f7ae09999bfbb54e1257027a118759991985fd9c25cd2b1374c1c2b3a567db00adc3d1031759aaf381289d719efab2b00b5dab7808772792f99c75f4156355336a49bf88f80205fecf6a3874289b9d24da943e37a242747acd59da61d2ecb0b02943ded4acee2b525c6bf80366a046b3e9e4764b04cfe66624fbb2fc15ff5f7b942993db91f50520f854e5d08ac1095bb4d8751e7baedace38def04ac97a3a9db35110ef54", 0x1000, r1) r2 = add_key(&(0x7f0000000240)='id_legacy\x00', &(0x7f0000000300)={'syz', 0x2}, &(0x7f0000000340)='|', 0x1, 0xfffffffffffffffd) keyctl$get_keyring_id(0x0, r2, 0x0) (async) keyctl$dh_compute(0x17, &(0x7f00000002c0)={r2, r0, r2}, &(0x7f0000000440)=""/34, 0x22, &(0x7f0000000400)={&(0x7f0000000340)={'crc32c\x00'}, &(0x7f0000000380)="39740c0dbc5433cf99074c49a971e9e7620803ca165bd69726f2d9d5c913c2c6ad0bfc667bec737e09dc633a7242f02efa720c151da76bcbdcd4cbd022848bd2fd4974f077056bf7f51dcd7922eea2ee1262c972bfaf", 0x56}) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 64) [ 689.003635] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 689.010900] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 689.018170] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 689.025439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 689.032709] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:05 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000001080)={0x0, 0x0, r0}) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendto$packet(r0, &(0x7f0000000000)="746e088b43ce6a153cb0802182a3358f8207a79cf93a3c761b1c1e4d525c1a3937f478c09f53a0b8834407d7693551a08a4918630b407acdcde8c02896c86d36df022ecc8a643e86cc4c5e3a6add5881c85731477c5c77dec0b04c378676d75698368513528d2a90017e7d6ad45653ffcfee78a02dc9273e53898a4a1643233b2d0dfd84a7b87e16033fbf7f26e14419fe51dfe4e9266b0b4ee542a0af7e213f0b3cecba20e14bf559b3bf2144bcb6c5f7b27dbe894d8a4e27e4d37c50d382b8933a9c31c56441f34218b22453528daf4a2eea1d5c7db63f32cddc2d8065f0527c33b28a9668d4b39a44994cfb06f195195b7dc614f78eac4c77e16348acf7e8d0cc322dda0de510ed9e58c3c651017157ac61c9c19863ee76dc07a407809e54e193ed111c4696b4a17f7fb5b2951d98f42a12b6ef15ed2c3a90131b7efaff2e4723170c19b5ea276b6674ad4f0ee94f79083d601ff22199c02e1740b5b389b73ece60581636cfa4df43f6a2bd60b07fa1f2d9beeaa21c8e60da5a1173b91b957adb83504b5781aaa38e90b2a9200a782e2234bce3907d614462ce00540ea2b09632c6fbd6cc318d75300c992679c22ed8edf4a6423113a0ed68e13d0a1254434a3382d3c8dbb8171962243c9025e63097158b07a05648397904f64fd820722873f25f4d9a0811e796e6ac4ceb33a9a21cf7142d2daddfb93bbd3fee77119f1a66e2df6aea97bfa23019660aff5dc05fb305d4290b7303f0eab276302bbde37be1533ff99eb7d1b7975e7ed72ff0715a13bc921b99bbdb22d1cb6b33836ae197fe634461b37edb5468881779d03fc282839e27425fc61db40cc95d8d9a6da95ebd8294812f8a075e4941509ae3ea430cbee56b5a9353adeac1fe9149fed899e7731ab278118b5aa0d268b1c347c459a5de923e8e91c5254e9263b7277a1756e97b5cefbf21221649ada39c38ddac906a07c77a43574eaaf23ec1679310fdd05a655d0047336dc1151f6bd2b5945d112431c2d4af9def1a0ba1a4ac3a7fb360143d949a32c01e6d4b7838831c311d3a707953d7487306145fccd8875bca0d72b4df09b1350e78a3386dfbdf83aa2dd697cce3a068b775e6e6860395b7de8116539a5037998d4c6646099dd6c982b96c2daacc719b7755f70485748bff3d1f42ed8dc64628836d6e75676a1866397500faf37b295958422b27cb49ec5f25c728934fb5cb024f44d70a52648c23de9cde010a1f4c551992797e3a51e5581b823e259fabf687a02a084e6a40b443de1c708e1285d0a28effb79530e58330bd47f3a1c8f69f57447bed91b5071107356467d0f2b9bd0fb242bbd778c5e352eb6763ce38681f917926f28a36346425f4c17c724d3e1ceae950fb22ef797c466eaff28cffb5131f061e99be9a3156565b8a2c8f3672517dc33d7fb1ae4639d72bd3ced0a3404ead15a5948990d971add58d3b4aa1d4aff466211990a04e38e995ff7021ca4fb768446f8dff49ab3f26dcc4b2ae692558d7f0d686df4affedafeaf4e1e02009190ba4883c8deb32c07633e6c15ee5a2f374d56327aa33a7589078d98f66dcd2e614f018e45b413254ebbde627dc9923ded6755335c2bdc895b8e0c118c0544919eb0deb4a10ddb92814488cdc52e131c790437c4cda1ad67338aebfb36ef157e6842169531f1d475f547080c9773ff038ff1e612ff95a1294ac74dfc22453863aec99baa00518c85fc73c2f7322b4a3c2b2e42611b489c77e62fe8da9ef8c00b72d7544f0ce8aa13dc40bc854d01e3d43a4e42b6d2c225258d16eb173a7eb2631729fd9872d554b7f1783bc3dd5981e83a5fbc097d24bf86d82aba6e7a0a8a21be361283739fb7304cc47a723a2e39ffe55585f7b2ea3f5e6bfda3dd9ef43035818f65d21fe18cd1c1ecc24655b33f7528c12b8e80965728d8a83a59aa16796d801ec789b94a5132a03be4e705c4a7c3b9d89d6fe6b5ed7e9336dd43ac12cd0bc6c23dc993e5f939218714defc28cc5e5904004f0d08468b965338a796a18275a4afeb2f2b444333dadadaebaa7ea1ab03fc74c911e6909a7851c9813182d0bf28744f66c815ee736734853e0cc449fdc537f1238db56fe207a497b5413ceab2b63dced757bf43d0b5d7e6f1cbb755da2452c2dd921b40ed2fb0bff691dc7be958820d1bc223433598e35d5826560a835e3b55ab1fff3389d6b7fe78a753db7affcccee4bcd07af1d6144271834dec48d04335d4a26b278b9727b39332357f6be0573f21d1660fa4c414906cc106194811b56760fcf4552a547f19bf4099b81a46831a64278e3d7206317bef03c75178b3f2306093ce2defdc0022e703bab01e5800d16d547169efec5f71f82a3e784a7ac42aabbe43e4c427c0d522e0fcca6d189187d92db0245deec4cf5e95e0d0b9b30ad255c265c9dc3b5873c14967ad02fa057aba8d350bef5656b4374ad3b0be267db79b8294af39f1734611435165d8aea3fc92315947f13680725cd3545953b6edf29c790516875b91d32de0d125ce1c4ae804cf7691362427bd476a90effbeb4e94fcb1735c8e0cd6ef8fad5ec9a95ce9d5560cac75300d99af3093e19006a9423dda2d49585121cefed17a43495f20249242cd5c8f03cc43bd00a52609b9aa331e11e3f68b9cbbaf2bdaeb836920620f5dda4641ac56a28032f708c271e279f29c9798e705059cb09ff5f98de90faed675a3f05afe7ab446725d053daaa573ee08945793dfc5ed803d10fc6a73f9d9d0a64a8d4b25a6b0fa073ae61061f32e4420087f74e90cf6292e69751f5e50c88a849ba023986a08104f7995f13b56eb877561707aa3af1623aa505a17df878064375b817bcdc0c10642423a1fbfbedcbee2f99a77e4de547f3818fe65d9fe03a20d1de0cc48e152367d7d9c828c39ca911409eb60111997fdb8feca3b5008702aa56d12afe6b3b28214ec53e74c8ee14e0d631b6c8e8cd4955ee06d7ea4463478199589611a0e2918b0ba98d01d7da1f302246e1e39aeb47c3a5eed111f623ba75ee035273c148018f75230e616b76bc7ba6dc979db730e9108ea4ae44d71bf38e7497803e8eb19df321343d5d6c952d4bb281f27d695a267e9b48284a99b0ca30fd9fa6748a3ea8dfcfe2705a285bf3141934ee2657a15daa957c49e2ab87648b84796ace6ff3e72082230c6881252f8eb2859de13747a2b074324561f9367ccf4d9e2ea6a800e982bc48ed2625a5bbb0ff59f664ff5919629233f047cd850548810a9bec5c3a313ddce09df1f8cf8d607df83aa987439c607c6d53995764f355b913ef75f67604c34f3d28af9768627b637f1c1e9d82708a3584dc9bffb22ede03ebc535dc50d56f23244b6d25b242714929aafe875900c46918bbe9e39c899f7d1aaff546dd671c3a4ffcd1cfab0d0a4105381b538fb6fa8a4a0fa9f63a1311db70a3ea9d91cbdc19cdbeafaf6b3fd030482c0550aaa08b0bc669d34f6fde52778749e2ba2e95f789eda9c3e43de1ac4e3d075f3f4531658d881803614850d0b87e4fb49080a58c1b22a4670a4bb12e0412eaba283bfde6801b029d626e8d89ceb735848c7bafc881c70defb837160515c7db2b058103bb9182ef2dc3c3af1f59d30b50cf0ff98c11f43a0f7ab1c706cf78592cbcbecc18d42dd582fe8178d71a7f31c149094794f9db80090810db4a6cc1bd296659b0a9c9f1ba21279dacd7337b3cf82aade794aed67fd888caa15d78ab6a131a234356ff0981ea4d60d2144f55ed3814aac1d79e32407f858cadc93e331bc08ec5b8f708dd04fd58d15663dc6c03a4577cb005bfc8bfd8980b1be94291398bb8e7e7bae3f1b70212f6edd829c75acce8e236ac3499c740ae6e9f0198586ae4ce02f23be65bfea0e69fb2d0b0a1b0c8a741d5a6899ce984791dc4f6ac4f1b06e47a903331ca677b83fdd925c58450796cc62e1f1abe796e3290b93f0bc0359fdeb3fa4a11a911a69f836714a4bb3b6669ad60d39d02dd1788b6d7c95448fa63f22cb98f095ad7e697de3d4c803a46c81fa3df4f3be19556a82d102a5db7616809ecbabbc73e3c7a4084df28e89b68662950db6df2b617e0c6e34dab312adf3c5144107ac89e1e4c5d8e1322681398c64d4b6120369cfb7abadbc04f0c8afe757cb10a3d45f2cc98e379e167dd2ea8113792880834318d9b65ba4db9e3f88aa126c706e6899b64bf8bc6e91fd508c716dc8d570ade2f5eddb455683602d4c6e226e8a69fc4f083abdc380d1c1b484db1c2361e2c8ae22cce4bf3aaf4d5e9bd03575e3b5ff09846e0be8d2f9f67503ab998b057a901ef7916e7c2ce0a6ef18aa1230d513ae58391c8dd10e230c754a3f0ce74ab8338bb6cf6e4812fb651ab1a7bab9a13ee5bb5063e60d8878f47a3fc8be397b9d5b1adc2e131480c415e6af46f031d8a606a3e7ef8c435b7dee2933bede4b8b53b83d42ef4b1578af4efc4c66de72d0b6df0e2e3daa37603a67f3c7aaf4b4bd0216e02ad98fe2595e39bc24054851a64354d0c1ff9fb32b2dacf3e4c487fc4460419c5fcd5a8bfc44e289b570f6ae83b51f9ef52b5391192803420f1b54e0e5cb4bd0973ed8a2c2461cb3f1ce13a20e456146019ac3d8769b88bf00ddb8de7c045d2056f09388a024c4f3708db767a2e270a8ee0849fa1578660d98d147f0863fb27b071deecda767231a1dcf3a17f6a3a9bb8f18b0dd49bf8d2c9be738459b985d4adc440367c117b89323972f2c0af91de375c53969751df580174c2bc80419d8b453a805c24cf34df63aae10573cbea9f192945df0b6dd2c5afe36135323ca41ee3adb0887e75c29e18321aa0de03c7e5957bce77186b2eb02b2a301b4800a870cefa6b917a3f57ef79a06cdc05dbd97c45e944763b71161de18a60f865699f16e362c7260c5d0f9230a755343a800d4255403c5987e7ade99001815f46562e0811cf199887bcc3ab145c43f95f882452db55d17b9d4f8d7563056a2d9b411af30fdbd487fed776428a66898c972505379e9d528319f1df7af848406eff836358972a453fec5b3b7feb7bb4dc85efec968b6ffca5d5f94b7af8b8b980f88a4969fa95a6e0750a9dcc98abe45c2bf97e755758a17844982dc3d7e3fba811ed3a740b05a847418b27c91505cc20f8df3136d125f90d8bc437851a1d42915c1dccd9182f1008ae16dcc35051076e866d2228afac8ac16baf3c174208018e4b613c83528b5f4fa7cebddacaa6d6cb2f365c5e760d5a43180a86faeb04830495da8d873e271a8c837cd08012518e7d82c5d4de95dc27fddeea3fa2ce1e8b0eea7504e2704af194e47cd771b0fde9ae6bb34710ebeb738f9b2e3c0025c3a88eca81f627007354f61181ea4fb6b88b8491d08f261208d70639d8a7b58fd2e64ed29b3ecb337345114768197ad208b329a9517d52ab4c6357d16d8f5b70a0c9c2393aacf50a79f929c937c48a97daf2da654f9eaa83a6d32d4a2d968ed97338cb1c70cb83e560902b7a91e864ccb25a76d638f8c85490a54a9ec8eb01562a84d483f307e2a7af11d384fdf6d9610dbec2fc97b884caa43de4a3a6e8a582c3d661280c41d0edf0e307d3e6386f51b4fbc13edd4073dfa522f6a18726bf4e8d63560cccc1a199f7697f134de9eaa4cc09f6cf7f7aa6b0840626fa55427f647386c0ba27e3b88b4564a672a08957d5e8bf6912b15b995d3fc20a00132c039ce01931af1424150a577deecff21db5a092a0ad69a4fd3c1045ea8f67279eccd916b1f0ed30e77289da2fe363496bd75ce50720cee0de940b70", 0x1000, 0x4000010, 0x0, 0x0) socketpair(0x1a, 0x1, 0xffffffff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001040)={&(0x7f0000001000)=[0x8, 0x9, 0x43b, 0x8, 0x2, 0x7b62, 0x5, 0x7fffffff], 0x8}) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000001080)={0x0, 0x0, r0}) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendto$packet(r0, &(0x7f0000000000)="746e088b43ce6a153cb0802182a3358f8207a79cf93a3c761b1c1e4d525c1a3937f478c09f53a0b8834407d7693551a08a4918630b407acdcde8c02896c86d36df022ecc8a643e86cc4c5e3a6add5881c85731477c5c77dec0b04c378676d75698368513528d2a90017e7d6ad45653ffcfee78a02dc9273e53898a4a1643233b2d0dfd84a7b87e16033fbf7f26e14419fe51dfe4e9266b0b4ee542a0af7e213f0b3cecba20e14bf559b3bf2144bcb6c5f7b27dbe894d8a4e27e4d37c50d382b8933a9c31c56441f34218b22453528daf4a2eea1d5c7db63f32cddc2d8065f0527c33b28a9668d4b39a44994cfb06f195195b7dc614f78eac4c77e16348acf7e8d0cc322dda0de510ed9e58c3c651017157ac61c9c19863ee76dc07a407809e54e193ed111c4696b4a17f7fb5b2951d98f42a12b6ef15ed2c3a90131b7efaff2e4723170c19b5ea276b6674ad4f0ee94f79083d601ff22199c02e1740b5b389b73ece60581636cfa4df43f6a2bd60b07fa1f2d9beeaa21c8e60da5a1173b91b957adb83504b5781aaa38e90b2a9200a782e2234bce3907d614462ce00540ea2b09632c6fbd6cc318d75300c992679c22ed8edf4a6423113a0ed68e13d0a1254434a3382d3c8dbb8171962243c9025e63097158b07a05648397904f64fd820722873f25f4d9a0811e796e6ac4ceb33a9a21cf7142d2daddfb93bbd3fee77119f1a66e2df6aea97bfa23019660aff5dc05fb305d4290b7303f0eab276302bbde37be1533ff99eb7d1b7975e7ed72ff0715a13bc921b99bbdb22d1cb6b33836ae197fe634461b37edb5468881779d03fc282839e27425fc61db40cc95d8d9a6da95ebd8294812f8a075e4941509ae3ea430cbee56b5a9353adeac1fe9149fed899e7731ab278118b5aa0d268b1c347c459a5de923e8e91c5254e9263b7277a1756e97b5cefbf21221649ada39c38ddac906a07c77a43574eaaf23ec1679310fdd05a655d0047336dc1151f6bd2b5945d112431c2d4af9def1a0ba1a4ac3a7fb360143d949a32c01e6d4b7838831c311d3a707953d7487306145fccd8875bca0d72b4df09b1350e78a3386dfbdf83aa2dd697cce3a068b775e6e6860395b7de8116539a5037998d4c6646099dd6c982b96c2daacc719b7755f70485748bff3d1f42ed8dc64628836d6e75676a1866397500faf37b295958422b27cb49ec5f25c728934fb5cb024f44d70a52648c23de9cde010a1f4c551992797e3a51e5581b823e259fabf687a02a084e6a40b443de1c708e1285d0a28effb79530e58330bd47f3a1c8f69f57447bed91b5071107356467d0f2b9bd0fb242bbd778c5e352eb6763ce38681f917926f28a36346425f4c17c724d3e1ceae950fb22ef797c466eaff28cffb5131f061e99be9a3156565b8a2c8f3672517dc33d7fb1ae4639d72bd3ced0a3404ead15a5948990d971add58d3b4aa1d4aff466211990a04e38e995ff7021ca4fb768446f8dff49ab3f26dcc4b2ae692558d7f0d686df4affedafeaf4e1e02009190ba4883c8deb32c07633e6c15ee5a2f374d56327aa33a7589078d98f66dcd2e614f018e45b413254ebbde627dc9923ded6755335c2bdc895b8e0c118c0544919eb0deb4a10ddb92814488cdc52e131c790437c4cda1ad67338aebfb36ef157e6842169531f1d475f547080c9773ff038ff1e612ff95a1294ac74dfc22453863aec99baa00518c85fc73c2f7322b4a3c2b2e42611b489c77e62fe8da9ef8c00b72d7544f0ce8aa13dc40bc854d01e3d43a4e42b6d2c225258d16eb173a7eb2631729fd9872d554b7f1783bc3dd5981e83a5fbc097d24bf86d82aba6e7a0a8a21be361283739fb7304cc47a723a2e39ffe55585f7b2ea3f5e6bfda3dd9ef43035818f65d21fe18cd1c1ecc24655b33f7528c12b8e80965728d8a83a59aa16796d801ec789b94a5132a03be4e705c4a7c3b9d89d6fe6b5ed7e9336dd43ac12cd0bc6c23dc993e5f939218714defc28cc5e5904004f0d08468b965338a796a18275a4afeb2f2b444333dadadaebaa7ea1ab03fc74c911e6909a7851c9813182d0bf28744f66c815ee736734853e0cc449fdc537f1238db56fe207a497b5413ceab2b63dced757bf43d0b5d7e6f1cbb755da2452c2dd921b40ed2fb0bff691dc7be958820d1bc223433598e35d5826560a835e3b55ab1fff3389d6b7fe78a753db7affcccee4bcd07af1d6144271834dec48d04335d4a26b278b9727b39332357f6be0573f21d1660fa4c414906cc106194811b56760fcf4552a547f19bf4099b81a46831a64278e3d7206317bef03c75178b3f2306093ce2defdc0022e703bab01e5800d16d547169efec5f71f82a3e784a7ac42aabbe43e4c427c0d522e0fcca6d189187d92db0245deec4cf5e95e0d0b9b30ad255c265c9dc3b5873c14967ad02fa057aba8d350bef5656b4374ad3b0be267db79b8294af39f1734611435165d8aea3fc92315947f13680725cd3545953b6edf29c790516875b91d32de0d125ce1c4ae804cf7691362427bd476a90effbeb4e94fcb1735c8e0cd6ef8fad5ec9a95ce9d5560cac75300d99af3093e19006a9423dda2d49585121cefed17a43495f20249242cd5c8f03cc43bd00a52609b9aa331e11e3f68b9cbbaf2bdaeb836920620f5dda4641ac56a28032f708c271e279f29c9798e705059cb09ff5f98de90faed675a3f05afe7ab446725d053daaa573ee08945793dfc5ed803d10fc6a73f9d9d0a64a8d4b25a6b0fa073ae61061f32e4420087f74e90cf6292e69751f5e50c88a849ba023986a08104f7995f13b56eb877561707aa3af1623aa505a17df878064375b817bcdc0c10642423a1fbfbedcbee2f99a77e4de547f3818fe65d9fe03a20d1de0cc48e152367d7d9c828c39ca911409eb60111997fdb8feca3b5008702aa56d12afe6b3b28214ec53e74c8ee14e0d631b6c8e8cd4955ee06d7ea4463478199589611a0e2918b0ba98d01d7da1f302246e1e39aeb47c3a5eed111f623ba75ee035273c148018f75230e616b76bc7ba6dc979db730e9108ea4ae44d71bf38e7497803e8eb19df321343d5d6c952d4bb281f27d695a267e9b48284a99b0ca30fd9fa6748a3ea8dfcfe2705a285bf3141934ee2657a15daa957c49e2ab87648b84796ace6ff3e72082230c6881252f8eb2859de13747a2b074324561f9367ccf4d9e2ea6a800e982bc48ed2625a5bbb0ff59f664ff5919629233f047cd850548810a9bec5c3a313ddce09df1f8cf8d607df83aa987439c607c6d53995764f355b913ef75f67604c34f3d28af9768627b637f1c1e9d82708a3584dc9bffb22ede03ebc535dc50d56f23244b6d25b242714929aafe875900c46918bbe9e39c899f7d1aaff546dd671c3a4ffcd1cfab0d0a4105381b538fb6fa8a4a0fa9f63a1311db70a3ea9d91cbdc19cdbeafaf6b3fd030482c0550aaa08b0bc669d34f6fde52778749e2ba2e95f789eda9c3e43de1ac4e3d075f3f4531658d881803614850d0b87e4fb49080a58c1b22a4670a4bb12e0412eaba283bfde6801b029d626e8d89ceb735848c7bafc881c70defb837160515c7db2b058103bb9182ef2dc3c3af1f59d30b50cf0ff98c11f43a0f7ab1c706cf78592cbcbecc18d42dd582fe8178d71a7f31c149094794f9db80090810db4a6cc1bd296659b0a9c9f1ba21279dacd7337b3cf82aade794aed67fd888caa15d78ab6a131a234356ff0981ea4d60d2144f55ed3814aac1d79e32407f858cadc93e331bc08ec5b8f708dd04fd58d15663dc6c03a4577cb005bfc8bfd8980b1be94291398bb8e7e7bae3f1b70212f6edd829c75acce8e236ac3499c740ae6e9f0198586ae4ce02f23be65bfea0e69fb2d0b0a1b0c8a741d5a6899ce984791dc4f6ac4f1b06e47a903331ca677b83fdd925c58450796cc62e1f1abe796e3290b93f0bc0359fdeb3fa4a11a911a69f836714a4bb3b6669ad60d39d02dd1788b6d7c95448fa63f22cb98f095ad7e697de3d4c803a46c81fa3df4f3be19556a82d102a5db7616809ecbabbc73e3c7a4084df28e89b68662950db6df2b617e0c6e34dab312adf3c5144107ac89e1e4c5d8e1322681398c64d4b6120369cfb7abadbc04f0c8afe757cb10a3d45f2cc98e379e167dd2ea8113792880834318d9b65ba4db9e3f88aa126c706e6899b64bf8bc6e91fd508c716dc8d570ade2f5eddb455683602d4c6e226e8a69fc4f083abdc380d1c1b484db1c2361e2c8ae22cce4bf3aaf4d5e9bd03575e3b5ff09846e0be8d2f9f67503ab998b057a901ef7916e7c2ce0a6ef18aa1230d513ae58391c8dd10e230c754a3f0ce74ab8338bb6cf6e4812fb651ab1a7bab9a13ee5bb5063e60d8878f47a3fc8be397b9d5b1adc2e131480c415e6af46f031d8a606a3e7ef8c435b7dee2933bede4b8b53b83d42ef4b1578af4efc4c66de72d0b6df0e2e3daa37603a67f3c7aaf4b4bd0216e02ad98fe2595e39bc24054851a64354d0c1ff9fb32b2dacf3e4c487fc4460419c5fcd5a8bfc44e289b570f6ae83b51f9ef52b5391192803420f1b54e0e5cb4bd0973ed8a2c2461cb3f1ce13a20e456146019ac3d8769b88bf00ddb8de7c045d2056f09388a024c4f3708db767a2e270a8ee0849fa1578660d98d147f0863fb27b071deecda767231a1dcf3a17f6a3a9bb8f18b0dd49bf8d2c9be738459b985d4adc440367c117b89323972f2c0af91de375c53969751df580174c2bc80419d8b453a805c24cf34df63aae10573cbea9f192945df0b6dd2c5afe36135323ca41ee3adb0887e75c29e18321aa0de03c7e5957bce77186b2eb02b2a301b4800a870cefa6b917a3f57ef79a06cdc05dbd97c45e944763b71161de18a60f865699f16e362c7260c5d0f9230a755343a800d4255403c5987e7ade99001815f46562e0811cf199887bcc3ab145c43f95f882452db55d17b9d4f8d7563056a2d9b411af30fdbd487fed776428a66898c972505379e9d528319f1df7af848406eff836358972a453fec5b3b7feb7bb4dc85efec968b6ffca5d5f94b7af8b8b980f88a4969fa95a6e0750a9dcc98abe45c2bf97e755758a17844982dc3d7e3fba811ed3a740b05a847418b27c91505cc20f8df3136d125f90d8bc437851a1d42915c1dccd9182f1008ae16dcc35051076e866d2228afac8ac16baf3c174208018e4b613c83528b5f4fa7cebddacaa6d6cb2f365c5e760d5a43180a86faeb04830495da8d873e271a8c837cd08012518e7d82c5d4de95dc27fddeea3fa2ce1e8b0eea7504e2704af194e47cd771b0fde9ae6bb34710ebeb738f9b2e3c0025c3a88eca81f627007354f61181ea4fb6b88b8491d08f261208d70639d8a7b58fd2e64ed29b3ecb337345114768197ad208b329a9517d52ab4c6357d16d8f5b70a0c9c2393aacf50a79f929c937c48a97daf2da654f9eaa83a6d32d4a2d968ed97338cb1c70cb83e560902b7a91e864ccb25a76d638f8c85490a54a9ec8eb01562a84d483f307e2a7af11d384fdf6d9610dbec2fc97b884caa43de4a3a6e8a582c3d661280c41d0edf0e307d3e6386f51b4fbc13edd4073dfa522f6a18726bf4e8d63560cccc1a199f7697f134de9eaa4cc09f6cf7f7aa6b0840626fa55427f647386c0ba27e3b88b4564a672a08957d5e8bf6912b15b995d3fc20a00132c039ce01931af1424150a577deecff21db5a092a0ad69a4fd3c1045ea8f67279eccd916b1f0ed30e77289da2fe363496bd75ce50720cee0de940b70", 0x1000, 0x4000010, 0x0, 0x0) (async) socketpair(0x1a, 0x1, 0xffffffff, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001040)={&(0x7f0000001000)=[0x8, 0x9, 0x43b, 0x8, 0x2, 0x7b62, 0x5, 0x7fffffff], 0x8}) (async) 13:38:05 executing program 0: socket$packet(0x11, 0x3, 0x300) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) bind$packet(r0, &(0x7f0000000000)={0x11, 0xf8, 0x0, 0x1, 0x4}, 0x14) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x2000}, 0x60) 13:38:05 executing program 2: getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000683000002221e95efbd83f26b5a18f831240f6f78b2839aa74721c2c2ff890155fac97fa5e4c000950959674065a1a52fec3c32d38bf004a4dcdd429e6d31b7d2140b6a08fb9e967356b25cfc38c6050dad8c68ab1a56211e94d06a75401f8b4655e76f7386742f3d775d5d318521973ec041781ada924867823da6dcf8411b51a1e6c8e13e9d5eacc439bdaed36412f2a6dc17cfda2491942889ba7028c29f12db609d5816f4000000052afaad9eb6fc7d853aaae02bb797fee3fc7145ddb486b9afabd95d8cc4a76faa411e60816156241cfef31923537356cbc4689aeec1f72266b38f1a2a06ff32bfeab71a2092efe93000000000000345e2f4495c2d48c8da120ec1c72b6ab6aa4487b5084d0cfc7aab345047a392fe07b65777a0fd348e882b7082c0b526a966328e3f0581a1af0ccf7a6b2d32a4d15c01d9d217ca8069e67f4e29f8e467cc98d383d5c885617ca4cb43e8de03fcab40d7e87f429e09acd96268e59ea009c4732c4f0699758aabdd88b95aab2e1445cdfd3a160c1f1cc1da200cd8417d1037f73"]) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='^.&^\xad\x00') getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000683000002221e95efbd83f26b5a18f831240f6f78b2839aa74721c2c2ff890155fac97fa5e4c000950959674065a1a52fec3c32d38bf004a4dcdd429e6d31b7d2140b6a08fb9e967356b25cfc38c6050dad8c68ab1a56211e94d06a75401f8b4655e76f7386742f3d775d5d318521973ec041781ada924867823da6dcf8411b51a1e6c8e13e9d5eacc439bdaed36412f2a6dc17cfda2491942889ba7028c29f12db609d5816f4000000052afaad9eb6fc7d853aaae02bb797fee3fc7145ddb486b9afabd95d8cc4a76faa411e60816156241cfef31923537356cbc4689aeec1f72266b38f1a2a06ff32bfeab71a2092efe93000000000000345e2f4495c2d48c8da120ec1c72b6ab6aa4487b5084d0cfc7aab345047a392fe07b65777a0fd348e882b7082c0b526a966328e3f0581a1af0ccf7a6b2d32a4d15c01d9d217ca8069e67f4e29f8e467cc98d383d5c885617ca4cb43e8de03fcab40d7e87f429e09acd96268e59ea009c4732c4f0699758aabdd88b95aab2e1445cdfd3a160c1f1cc1da200cd8417d1037f73"]) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='^.&^\xad\x00') (async) 13:38:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:05 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, r0, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xffffdd93}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xff}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9bf}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) write$vhost_msg(r1, &(0x7f00000000c0)={0x1, {&(0x7f0000000000)=""/66, 0x42, &(0x7f0000000080)=""/53, 0x2, 0x2}}, 0x48) [ 689.114415] FAULT_INJECTION: forcing a failure. [ 689.114415] name failslab, interval 1, probability 0, space 0, times 0 [ 689.137488] CPU: 1 PID: 14720 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 689.145407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.154762] Call Trace: [ 689.157349] dump_stack+0x1b2/0x281 [ 689.160979] should_fail.cold+0x10a/0x149 [ 689.165133] should_failslab+0xd6/0x130 [ 689.169112] kmem_cache_alloc+0x28e/0x3c0 [ 689.173260] alloc_inode+0xa0/0x170 [ 689.176889] new_inode+0x1d/0xf0 [ 689.180253] debugfs_get_inode+0x1a/0x130 [ 689.184402] __debugfs_create_file+0x93/0x440 [ 689.188896] ? debugfs_create_file+0x37/0x60 [ 689.193303] kvm_dev_ioctl+0xe7f/0x1450 [ 689.197280] ? fsnotify+0x974/0x11b0 [ 689.200991] ? kvm_put_kvm+0xab0/0xab0 [ 689.204876] ? kvm_put_kvm+0xab0/0xab0 [ 689.208762] do_vfs_ioctl+0x75a/0xff0 [ 689.212559] ? lock_acquire+0x170/0x3f0 [ 689.216535] ? ioctl_preallocate+0x1a0/0x1a0 [ 689.220942] ? __fget+0x265/0x3e0 [ 689.224396] ? do_vfs_ioctl+0xff0/0xff0 [ 689.228372] ? security_file_ioctl+0x83/0xb0 [ 689.232781] SyS_ioctl+0x7f/0xb0 [ 689.236141] ? do_vfs_ioctl+0xff0/0xff0 [ 689.240113] do_syscall_64+0x1d5/0x640 [ 689.244006] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 689.249194] RIP: 0033:0x7fa37e383109 [ 689.252898] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:05 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000001080)={0x0, 0x0, r0}) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendto$packet(r0, &(0x7f0000000000)="746e088b43ce6a153cb0802182a3358f8207a79cf93a3c761b1c1e4d525c1a3937f478c09f53a0b8834407d7693551a08a4918630b407acdcde8c02896c86d36df022ecc8a643e86cc4c5e3a6add5881c85731477c5c77dec0b04c378676d75698368513528d2a90017e7d6ad45653ffcfee78a02dc9273e53898a4a1643233b2d0dfd84a7b87e16033fbf7f26e14419fe51dfe4e9266b0b4ee542a0af7e213f0b3cecba20e14bf559b3bf2144bcb6c5f7b27dbe894d8a4e27e4d37c50d382b8933a9c31c56441f34218b22453528daf4a2eea1d5c7db63f32cddc2d8065f0527c33b28a9668d4b39a44994cfb06f195195b7dc614f78eac4c77e16348acf7e8d0cc322dda0de510ed9e58c3c651017157ac61c9c19863ee76dc07a407809e54e193ed111c4696b4a17f7fb5b2951d98f42a12b6ef15ed2c3a90131b7efaff2e4723170c19b5ea276b6674ad4f0ee94f79083d601ff22199c02e1740b5b389b73ece60581636cfa4df43f6a2bd60b07fa1f2d9beeaa21c8e60da5a1173b91b957adb83504b5781aaa38e90b2a9200a782e2234bce3907d614462ce00540ea2b09632c6fbd6cc318d75300c992679c22ed8edf4a6423113a0ed68e13d0a1254434a3382d3c8dbb8171962243c9025e63097158b07a05648397904f64fd820722873f25f4d9a0811e796e6ac4ceb33a9a21cf7142d2daddfb93bbd3fee77119f1a66e2df6aea97bfa23019660aff5dc05fb305d4290b7303f0eab276302bbde37be1533ff99eb7d1b7975e7ed72ff0715a13bc921b99bbdb22d1cb6b33836ae197fe634461b37edb5468881779d03fc282839e27425fc61db40cc95d8d9a6da95ebd8294812f8a075e4941509ae3ea430cbee56b5a9353adeac1fe9149fed899e7731ab278118b5aa0d268b1c347c459a5de923e8e91c5254e9263b7277a1756e97b5cefbf21221649ada39c38ddac906a07c77a43574eaaf23ec1679310fdd05a655d0047336dc1151f6bd2b5945d112431c2d4af9def1a0ba1a4ac3a7fb360143d949a32c01e6d4b7838831c311d3a707953d7487306145fccd8875bca0d72b4df09b1350e78a3386dfbdf83aa2dd697cce3a068b775e6e6860395b7de8116539a5037998d4c6646099dd6c982b96c2daacc719b7755f70485748bff3d1f42ed8dc64628836d6e75676a1866397500faf37b295958422b27cb49ec5f25c728934fb5cb024f44d70a52648c23de9cde010a1f4c551992797e3a51e5581b823e259fabf687a02a084e6a40b443de1c708e1285d0a28effb79530e58330bd47f3a1c8f69f57447bed91b5071107356467d0f2b9bd0fb242bbd778c5e352eb6763ce38681f917926f28a36346425f4c17c724d3e1ceae950fb22ef797c466eaff28cffb5131f061e99be9a3156565b8a2c8f3672517dc33d7fb1ae4639d72bd3ced0a3404ead15a5948990d971add58d3b4aa1d4aff466211990a04e38e995ff7021ca4fb768446f8dff49ab3f26dcc4b2ae692558d7f0d686df4affedafeaf4e1e02009190ba4883c8deb32c07633e6c15ee5a2f374d56327aa33a7589078d98f66dcd2e614f018e45b413254ebbde627dc9923ded6755335c2bdc895b8e0c118c0544919eb0deb4a10ddb92814488cdc52e131c790437c4cda1ad67338aebfb36ef157e6842169531f1d475f547080c9773ff038ff1e612ff95a1294ac74dfc22453863aec99baa00518c85fc73c2f7322b4a3c2b2e42611b489c77e62fe8da9ef8c00b72d7544f0ce8aa13dc40bc854d01e3d43a4e42b6d2c225258d16eb173a7eb2631729fd9872d554b7f1783bc3dd5981e83a5fbc097d24bf86d82aba6e7a0a8a21be361283739fb7304cc47a723a2e39ffe55585f7b2ea3f5e6bfda3dd9ef43035818f65d21fe18cd1c1ecc24655b33f7528c12b8e80965728d8a83a59aa16796d801ec789b94a5132a03be4e705c4a7c3b9d89d6fe6b5ed7e9336dd43ac12cd0bc6c23dc993e5f939218714defc28cc5e5904004f0d08468b965338a796a18275a4afeb2f2b444333dadadaebaa7ea1ab03fc74c911e6909a7851c9813182d0bf28744f66c815ee736734853e0cc449fdc537f1238db56fe207a497b5413ceab2b63dced757bf43d0b5d7e6f1cbb755da2452c2dd921b40ed2fb0bff691dc7be958820d1bc223433598e35d5826560a835e3b55ab1fff3389d6b7fe78a753db7affcccee4bcd07af1d6144271834dec48d04335d4a26b278b9727b39332357f6be0573f21d1660fa4c414906cc106194811b56760fcf4552a547f19bf4099b81a46831a64278e3d7206317bef03c75178b3f2306093ce2defdc0022e703bab01e5800d16d547169efec5f71f82a3e784a7ac42aabbe43e4c427c0d522e0fcca6d189187d92db0245deec4cf5e95e0d0b9b30ad255c265c9dc3b5873c14967ad02fa057aba8d350bef5656b4374ad3b0be267db79b8294af39f1734611435165d8aea3fc92315947f13680725cd3545953b6edf29c790516875b91d32de0d125ce1c4ae804cf7691362427bd476a90effbeb4e94fcb1735c8e0cd6ef8fad5ec9a95ce9d5560cac75300d99af3093e19006a9423dda2d49585121cefed17a43495f20249242cd5c8f03cc43bd00a52609b9aa331e11e3f68b9cbbaf2bdaeb836920620f5dda4641ac56a28032f708c271e279f29c9798e705059cb09ff5f98de90faed675a3f05afe7ab446725d053daaa573ee08945793dfc5ed803d10fc6a73f9d9d0a64a8d4b25a6b0fa073ae61061f32e4420087f74e90cf6292e69751f5e50c88a849ba023986a08104f7995f13b56eb877561707aa3af1623aa505a17df878064375b817bcdc0c10642423a1fbfbedcbee2f99a77e4de547f3818fe65d9fe03a20d1de0cc48e152367d7d9c828c39ca911409eb60111997fdb8feca3b5008702aa56d12afe6b3b28214ec53e74c8ee14e0d631b6c8e8cd4955ee06d7ea4463478199589611a0e2918b0ba98d01d7da1f302246e1e39aeb47c3a5eed111f623ba75ee035273c148018f75230e616b76bc7ba6dc979db730e9108ea4ae44d71bf38e7497803e8eb19df321343d5d6c952d4bb281f27d695a267e9b48284a99b0ca30fd9fa6748a3ea8dfcfe2705a285bf3141934ee2657a15daa957c49e2ab87648b84796ace6ff3e72082230c6881252f8eb2859de13747a2b074324561f9367ccf4d9e2ea6a800e982bc48ed2625a5bbb0ff59f664ff5919629233f047cd850548810a9bec5c3a313ddce09df1f8cf8d607df83aa987439c607c6d53995764f355b913ef75f67604c34f3d28af9768627b637f1c1e9d82708a3584dc9bffb22ede03ebc535dc50d56f23244b6d25b242714929aafe875900c46918bbe9e39c899f7d1aaff546dd671c3a4ffcd1cfab0d0a4105381b538fb6fa8a4a0fa9f63a1311db70a3ea9d91cbdc19cdbeafaf6b3fd030482c0550aaa08b0bc669d34f6fde52778749e2ba2e95f789eda9c3e43de1ac4e3d075f3f4531658d881803614850d0b87e4fb49080a58c1b22a4670a4bb12e0412eaba283bfde6801b029d626e8d89ceb735848c7bafc881c70defb837160515c7db2b058103bb9182ef2dc3c3af1f59d30b50cf0ff98c11f43a0f7ab1c706cf78592cbcbecc18d42dd582fe8178d71a7f31c149094794f9db80090810db4a6cc1bd296659b0a9c9f1ba21279dacd7337b3cf82aade794aed67fd888caa15d78ab6a131a234356ff0981ea4d60d2144f55ed3814aac1d79e32407f858cadc93e331bc08ec5b8f708dd04fd58d15663dc6c03a4577cb005bfc8bfd8980b1be94291398bb8e7e7bae3f1b70212f6edd829c75acce8e236ac3499c740ae6e9f0198586ae4ce02f23be65bfea0e69fb2d0b0a1b0c8a741d5a6899ce984791dc4f6ac4f1b06e47a903331ca677b83fdd925c58450796cc62e1f1abe796e3290b93f0bc0359fdeb3fa4a11a911a69f836714a4bb3b6669ad60d39d02dd1788b6d7c95448fa63f22cb98f095ad7e697de3d4c803a46c81fa3df4f3be19556a82d102a5db7616809ecbabbc73e3c7a4084df28e89b68662950db6df2b617e0c6e34dab312adf3c5144107ac89e1e4c5d8e1322681398c64d4b6120369cfb7abadbc04f0c8afe757cb10a3d45f2cc98e379e167dd2ea8113792880834318d9b65ba4db9e3f88aa126c706e6899b64bf8bc6e91fd508c716dc8d570ade2f5eddb455683602d4c6e226e8a69fc4f083abdc380d1c1b484db1c2361e2c8ae22cce4bf3aaf4d5e9bd03575e3b5ff09846e0be8d2f9f67503ab998b057a901ef7916e7c2ce0a6ef18aa1230d513ae58391c8dd10e230c754a3f0ce74ab8338bb6cf6e4812fb651ab1a7bab9a13ee5bb5063e60d8878f47a3fc8be397b9d5b1adc2e131480c415e6af46f031d8a606a3e7ef8c435b7dee2933bede4b8b53b83d42ef4b1578af4efc4c66de72d0b6df0e2e3daa37603a67f3c7aaf4b4bd0216e02ad98fe2595e39bc24054851a64354d0c1ff9fb32b2dacf3e4c487fc4460419c5fcd5a8bfc44e289b570f6ae83b51f9ef52b5391192803420f1b54e0e5cb4bd0973ed8a2c2461cb3f1ce13a20e456146019ac3d8769b88bf00ddb8de7c045d2056f09388a024c4f3708db767a2e270a8ee0849fa1578660d98d147f0863fb27b071deecda767231a1dcf3a17f6a3a9bb8f18b0dd49bf8d2c9be738459b985d4adc440367c117b89323972f2c0af91de375c53969751df580174c2bc80419d8b453a805c24cf34df63aae10573cbea9f192945df0b6dd2c5afe36135323ca41ee3adb0887e75c29e18321aa0de03c7e5957bce77186b2eb02b2a301b4800a870cefa6b917a3f57ef79a06cdc05dbd97c45e944763b71161de18a60f865699f16e362c7260c5d0f9230a755343a800d4255403c5987e7ade99001815f46562e0811cf199887bcc3ab145c43f95f882452db55d17b9d4f8d7563056a2d9b411af30fdbd487fed776428a66898c972505379e9d528319f1df7af848406eff836358972a453fec5b3b7feb7bb4dc85efec968b6ffca5d5f94b7af8b8b980f88a4969fa95a6e0750a9dcc98abe45c2bf97e755758a17844982dc3d7e3fba811ed3a740b05a847418b27c91505cc20f8df3136d125f90d8bc437851a1d42915c1dccd9182f1008ae16dcc35051076e866d2228afac8ac16baf3c174208018e4b613c83528b5f4fa7cebddacaa6d6cb2f365c5e760d5a43180a86faeb04830495da8d873e271a8c837cd08012518e7d82c5d4de95dc27fddeea3fa2ce1e8b0eea7504e2704af194e47cd771b0fde9ae6bb34710ebeb738f9b2e3c0025c3a88eca81f627007354f61181ea4fb6b88b8491d08f261208d70639d8a7b58fd2e64ed29b3ecb337345114768197ad208b329a9517d52ab4c6357d16d8f5b70a0c9c2393aacf50a79f929c937c48a97daf2da654f9eaa83a6d32d4a2d968ed97338cb1c70cb83e560902b7a91e864ccb25a76d638f8c85490a54a9ec8eb01562a84d483f307e2a7af11d384fdf6d9610dbec2fc97b884caa43de4a3a6e8a582c3d661280c41d0edf0e307d3e6386f51b4fbc13edd4073dfa522f6a18726bf4e8d63560cccc1a199f7697f134de9eaa4cc09f6cf7f7aa6b0840626fa55427f647386c0ba27e3b88b4564a672a08957d5e8bf6912b15b995d3fc20a00132c039ce01931af1424150a577deecff21db5a092a0ad69a4fd3c1045ea8f67279eccd916b1f0ed30e77289da2fe363496bd75ce50720cee0de940b70", 0x1000, 0x4000010, 0x0, 0x0) (async) socketpair(0x1a, 0x1, 0xffffffff, 0x0) (async, rerun: 64) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001040)={&(0x7f0000001000)=[0x8, 0x9, 0x43b, 0x8, 0x2, 0x7b62, 0x5, 0x7fffffff], 0x8}) (rerun: 64) [ 689.260603] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 689.267871] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 689.275138] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 689.282408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 689.289683] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:05 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x3}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0xa2, 0x8, 0xae, 0x4}, {0x2, 0x4, 0x20, 0x7f}, {0x8fa, 0x1, 0x80, 0x81}, {0xe07, 0x9e, 0x2, 0x4}]}, 0x10) 13:38:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 65) 13:38:05 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, r0, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xffffdd93}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xff}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9bf}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) write$vhost_msg(r1, &(0x7f00000000c0)={0x1, {&(0x7f0000000000)=""/66, 0x42, &(0x7f0000000080)=""/53, 0x2, 0x2}}, 0x48) 13:38:05 executing program 2: getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000683000002221e95efbd83f26b5a18f831240f6f78b2839aa74721c2c2ff890155fac97fa5e4c000950959674065a1a52fec3c32d38bf004a4dcdd429e6d31b7d2140b6a08fb9e967356b25cfc38c6050dad8c68ab1a56211e94d06a75401f8b4655e76f7386742f3d775d5d318521973ec041781ada924867823da6dcf8411b51a1e6c8e13e9d5eacc439bdaed36412f2a6dc17cfda2491942889ba7028c29f12db609d5816f4000000052afaad9eb6fc7d853aaae02bb797fee3fc7145ddb486b9afabd95d8cc4a76faa411e60816156241cfef31923537356cbc4689aeec1f72266b38f1a2a06ff32bfeab71a2092efe93000000000000345e2f4495c2d48c8da120ec1c72b6ab6aa4487b5084d0cfc7aab345047a392fe07b65777a0fd348e882b7082c0b526a966328e3f0581a1af0ccf7a6b2d32a4d15c01d9d217ca8069e67f4e29f8e467cc98d383d5c885617ca4cb43e8de03fcab40d7e87f429e09acd96268e59ea009c4732c4f0699758aabdd88b95aab2e1445cdfd3a160c1f1cc1da200cd8417d1037f73"]) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='^.&^\xad\x00') 13:38:05 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:38:05 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x3}, 0x4) (async, rerun: 32) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0xa2, 0x8, 0xae, 0x4}, {0x2, 0x4, 0x20, 0x7f}, {0x8fa, 0x1, 0x80, 0x81}, {0xe07, 0x9e, 0x2, 0x4}]}, 0x10) (rerun: 32) 13:38:05 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0xc7, 0x1, 0x80000000, 0x1003, r0, 0x6, '\x00', 0x0, r1, 0x1, 0x0, 0x2}, 0x48) 13:38:05 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x5c, r0, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x4}, @BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xffffdd93}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xff}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9bf}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) write$vhost_msg(r1, &(0x7f00000000c0)={0x1, {&(0x7f0000000000)=""/66, 0x42, &(0x7f0000000080)=""/53, 0x2, 0x2}}, 0x48) [ 689.410407] FAULT_INJECTION: forcing a failure. [ 689.410407] name failslab, interval 1, probability 0, space 0, times 0 [ 689.468496] CPU: 1 PID: 14762 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 689.476414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.485768] Call Trace: [ 689.488367] dump_stack+0x1b2/0x281 [ 689.492007] should_fail.cold+0x10a/0x149 [ 689.496162] should_failslab+0xd6/0x130 [ 689.500144] kmem_cache_alloc_trace+0x29a/0x3d0 [ 689.504816] ? debugfs_create_file+0x37/0x60 [ 689.509230] kvm_dev_ioctl+0xce6/0x1450 [ 689.513210] ? fsnotify+0x974/0x11b0 [ 689.516928] ? kvm_put_kvm+0xab0/0xab0 [ 689.520822] ? kvm_put_kvm+0xab0/0xab0 [ 689.524737] do_vfs_ioctl+0x75a/0xff0 [ 689.528548] ? lock_acquire+0x170/0x3f0 [ 689.532532] ? ioctl_preallocate+0x1a0/0x1a0 [ 689.536945] ? __fget+0x265/0x3e0 [ 689.540403] ? do_vfs_ioctl+0xff0/0xff0 [ 689.544378] ? security_file_ioctl+0x83/0xb0 [ 689.548795] SyS_ioctl+0x7f/0xb0 [ 689.552168] ? do_vfs_ioctl+0xff0/0xff0 [ 689.556155] do_syscall_64+0x1d5/0x640 [ 689.560057] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 689.565398] RIP: 0033:0x7fa37e383109 13:38:05 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x3, 0x3}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0xa2, 0x8, 0xae, 0x4}, {0x2, 0x4, 0x20, 0x7f}, {0x8fa, 0x1, 0x80, 0x81}, {0xe07, 0x9e, 0x2, 0x4}]}, 0x10) 13:38:05 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x5a3043, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x414080) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)) 13:38:05 executing program 3: socketpair(0x3, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x101082) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@mpls_delroute={0x38, 0x19, 0x100, 0x70bd29, 0x25dfdbff, {0x1c, 0x20, 0x14, 0x2, 0x0, 0x7, 0xff, 0x1, 0x2000}, [@RTA_VIA={0x14, 0x12, {0xb, "4de3b5dbff8fed442034ecafe4ad"}}, @RTA_OIF={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x24008080}, 0x440408c4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000140)={0x6000000000000000, 0x2, 0x2, 0xc, 0x3}) 13:38:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x480) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) getsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01fffffff2008e165ca6e13cdcb2813fb91c6428c20000000001000000"], 0x14}}, 0x0) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r4, 0x6, 0x70bd25, 0x25dfdbfc, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010102}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_VERSION={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44018}, 0x440c0) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x2c}}, 0x24008890) [ 689.569090] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 689.576779] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 689.584028] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 689.591277] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 689.598528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 689.605777] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 66) 13:38:05 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0xc7, 0x1, 0x80000000, 0x1003, r0, 0x6, '\x00', 0x0, r1, 0x1, 0x0, 0x2}, 0x48) 13:38:05 executing program 3: socketpair(0x3, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x101082) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@mpls_delroute={0x38, 0x19, 0x100, 0x70bd29, 0x25dfdbff, {0x1c, 0x20, 0x14, 0x2, 0x0, 0x7, 0xff, 0x1, 0x2000}, [@RTA_VIA={0x14, 0x12, {0xb, "4de3b5dbff8fed442034ecafe4ad"}}, @RTA_OIF={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x24008080}, 0x440408c4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000140)={0x6000000000000000, 0x2, 0x2, 0xc, 0x3}) socketpair(0x3, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x101082) (async) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@mpls_delroute={0x38, 0x19, 0x100, 0x70bd29, 0x25dfdbff, {0x1c, 0x20, 0x14, 0x2, 0x0, 0x7, 0xff, 0x1, 0x2000}, [@RTA_VIA={0x14, 0x12, {0xb, "4de3b5dbff8fed442034ecafe4ad"}}, @RTA_OIF={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x24008080}, 0x440408c4) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000140)={0x6000000000000000, 0x2, 0x2, 0xc, 0x3}) (async) 13:38:05 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x2, 0x2005}, 0x4) r1 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000000)) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14) 13:38:05 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x5a3043, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x414080) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async, rerun: 32) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)) (rerun: 32) 13:38:05 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0xc7, 0x1, 0x80000000, 0x1003, r0, 0x6, '\x00', 0x0, r1, 0x1, 0x0, 0x2}, 0x48) 13:38:05 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x480) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) getsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01fffffff2008e165ca6e13cdcb2813fb91c6428c20000000001000000"], 0x14}}, 0x0) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r4, 0x6, 0x70bd25, 0x25dfdbfc, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010102}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_VERSION={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44018}, 0x440c0) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x2c}}, 0x24008890) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x480) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) getsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) (async) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01fffffff2008e165ca6e13cdcb2813fb91c6428c20000000001000000"], 0x14}}, 0x0) (async) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r4, 0x6, 0x70bd25, 0x25dfdbfc, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010102}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_VERSION={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44018}, 0x440c0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) (async) sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x2c}}, 0x24008890) (async) [ 689.708120] FAULT_INJECTION: forcing a failure. [ 689.708120] name failslab, interval 1, probability 0, space 0, times 0 [ 689.765779] CPU: 1 PID: 14805 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 689.773860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.783212] Call Trace: [ 689.785803] dump_stack+0x1b2/0x281 [ 689.789434] should_fail.cold+0x10a/0x149 [ 689.793583] should_failslab+0xd6/0x130 [ 689.797558] kmem_cache_alloc+0x28e/0x3c0 [ 689.801707] __d_alloc+0x2a/0xa20 [ 689.805171] ? d_lookup+0x172/0x220 [ 689.808801] d_alloc+0x46/0x240 [ 689.812083] __lookup_hash+0x101/0x270 [ 689.815971] ? __inode_permission+0xcd/0x2f0 [ 689.820386] lookup_one_len+0x279/0x3a0 [ 689.824366] ? lookup_one_len_unlocked+0x410/0x410 [ 689.829311] start_creating+0xb0/0x200 [ 689.833197] __debugfs_create_file+0x4f/0x440 [ 689.837692] ? debugfs_create_file+0x37/0x60 [ 689.842108] kvm_dev_ioctl+0xe7f/0x1450 [ 689.846084] ? fsnotify+0x974/0x11b0 [ 689.849794] ? kvm_put_kvm+0xab0/0xab0 [ 689.853681] ? kvm_put_kvm+0xab0/0xab0 [ 689.857566] do_vfs_ioctl+0x75a/0xff0 [ 689.861363] ? lock_acquire+0x170/0x3f0 [ 689.865338] ? ioctl_preallocate+0x1a0/0x1a0 [ 689.869754] ? __fget+0x265/0x3e0 [ 689.873208] ? do_vfs_ioctl+0xff0/0xff0 [ 689.877186] ? security_file_ioctl+0x83/0xb0 [ 689.881597] SyS_ioctl+0x7f/0xb0 [ 689.884975] ? do_vfs_ioctl+0xff0/0xff0 [ 689.888956] do_syscall_64+0x1d5/0x640 [ 689.892921] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 689.898107] RIP: 0033:0x7fa37e383109 [ 689.901810] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:06 executing program 4: sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000fddbdf2506000000ff0022000100000005001400030000000800110000000000140008007767310000010000000000000000000008000c000000000005000d000100000005000d00010000000500040006000600"], 0x60}, 0x1, 0x0, 0x0, 0x2c000081}, 0x24040800) socketpair(0x1f, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x60, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="11b1a98df670"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004040}, 0x40000) 13:38:06 executing program 3: socketpair(0x3, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x101082) sendmsg$nl_route(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@mpls_delroute={0x38, 0x19, 0x100, 0x70bd29, 0x25dfdbff, {0x1c, 0x20, 0x14, 0x2, 0x0, 0x7, 0xff, 0x1, 0x2000}, [@RTA_VIA={0x14, 0x12, {0xb, "4de3b5dbff8fed442034ecafe4ad"}}, @RTA_OIF={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x24008080}, 0x440408c4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000140)={0x6000000000000000, 0x2, 0x2, 0xc, 0x3}) 13:38:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x480) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) getsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01fffffff2008e165ca6e13cdcb2813fb91c6428c20000000001000000"], 0x14}}, 0x0) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r4, 0x6, 0x70bd25, 0x25dfdbfc, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010102}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_VERSION={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44018}, 0x440c0) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x2c}}, 0x24008890) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000140), 0x480) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) getsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f00000002c0), &(0x7f0000000300)=0x4) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff) (async) sendmsg$GTP_CMD_DELPDP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01fffffff2008e165ca6e13cdcb2813fb91c6428c20000000001000000"], 0x14}}, 0x0) (async) sendmsg$GTP_CMD_DELPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x4c, r4, 0x6, 0x70bd25, 0x25dfdbfc, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010102}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_O_TEI={0x8, 0x9, 0x4}, @GTPA_VERSION={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44018}, 0x440c0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r6, 0xc008aeb0, 0x0) (async) sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x2c}}, 0x24008890) (async) 13:38:06 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x5a3043, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x414080) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x5a3043, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x414080) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)) (async) 13:38:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x2, 0x2005}, 0x4) (async) r1 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000000)) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14) [ 689.909555] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 689.916820] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 689.924087] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 689.931351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 689.938626] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 67) 13:38:06 executing program 3: socket$packet(0x11, 0x3, 0x300) pkey_free(0xffffffffffffffff) ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil}) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:06 executing program 4: sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000fddbdf2506000000ff0022000100000005001400030000000800110000000000140008007767310000010000000000000000000008000c000000000005000d000100000005000d00010000000500040006000600"], 0x60}, 0x1, 0x0, 0x0, 0x2c000081}, 0x24040800) socketpair(0x1f, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x60, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="11b1a98df670"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004040}, 0x40000) sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000fddbdf2506000000ff0022000100000005001400030000000800110000000000140008007767310000010000000000000000000008000c000000000005000d000100000005000d00010000000500040006000600"], 0x60}, 0x1, 0x0, 0x0, 0x2c000081}, 0x24040800) (async) socketpair(0x1f, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x60, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="11b1a98df670"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004040}, 0x40000) (async) 13:38:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x2, 0x2005}, 0x4) (async) r1 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000000)) getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000080)=0x14) 13:38:06 executing program 3: socket$packet(0x11, 0x3, 0x300) pkey_free(0xffffffffffffffff) ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil}) socketpair(0x2, 0x1, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) (async) pkey_free(0xffffffffffffffff) (async) ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil}) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) 13:38:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000080)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000240)={0x2, 0x81}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x1, 0x5, 0x9, 0x1}, {0x0, 0x80, 0x0, 0xd5}, {0x800, 0x1, 0x9, 0x101}, {0x4b93, 0x1, 0x3, 0x7}, {0x6, 0x20, 0x2e, 0x80000000}]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r5, 0xc01064c1, &(0x7f0000000280)={0x0, 0x0, 0xffffffffffffffff}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000140)={0x0, 0x2, r6, 0x18fd, 0x80000}) 13:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x181407, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 690.063327] FAULT_INJECTION: forcing a failure. [ 690.063327] name failslab, interval 1, probability 0, space 0, times 0 13:38:06 executing program 4: sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002abd7000fddbdf2506000000ff0022000100000005001400030000000800110000000000140008007767310000010000000000000000000008000c000000000005000d000100000005000d00010000000500040006000600"], 0x60}, 0x1, 0x0, 0x0, 0x2c000081}, 0x24040800) (async, rerun: 64) socketpair(0x1f, 0x1, 0x0, 0x0) (async, rerun: 64) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x60, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="11b1a98df670"}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004040}, 0x40000) [ 690.134181] CPU: 1 PID: 14892 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 690.142092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.151448] Call Trace: [ 690.154046] dump_stack+0x1b2/0x281 [ 690.157681] should_fail.cold+0x10a/0x149 [ 690.161837] should_failslab+0xd6/0x130 [ 690.165817] kmem_cache_alloc+0x28e/0x3c0 [ 690.169965] alloc_inode+0xa0/0x170 [ 690.173593] new_inode+0x1d/0xf0 [ 690.176957] debugfs_get_inode+0x1a/0x130 [ 690.181107] __debugfs_create_file+0x93/0x440 [ 690.185602] ? debugfs_create_file+0x37/0x60 [ 690.190012] kvm_dev_ioctl+0xe7f/0x1450 [ 690.193993] ? fsnotify+0x974/0x11b0 [ 690.197707] ? kvm_put_kvm+0xab0/0xab0 [ 690.201598] ? kvm_put_kvm+0xab0/0xab0 [ 690.205491] do_vfs_ioctl+0x75a/0xff0 [ 690.209295] ? lock_acquire+0x170/0x3f0 [ 690.213267] ? ioctl_preallocate+0x1a0/0x1a0 [ 690.217674] ? __fget+0x265/0x3e0 [ 690.221130] ? do_vfs_ioctl+0xff0/0xff0 [ 690.225102] ? security_file_ioctl+0x83/0xb0 [ 690.229509] SyS_ioctl+0x7f/0xb0 [ 690.232878] ? do_vfs_ioctl+0xff0/0xff0 [ 690.236858] do_syscall_64+0x1d5/0x640 [ 690.240750] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 690.245935] RIP: 0033:0x7fa37e383109 [ 690.249644] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 690.257351] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 690.264619] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 690.271888] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:38:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000080)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000240)={0x2, 0x81}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x1, 0x5, 0x9, 0x1}, {0x0, 0x80, 0x0, 0xd5}, {0x800, 0x1, 0x9, 0x101}, {0x4b93, 0x1, 0x3, 0x7}, {0x6, 0x20, 0x2e, 0x80000000}]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r5, 0xc01064c1, &(0x7f0000000280)={0x0, 0x0, 0xffffffffffffffff}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000140)={0x0, 0x2, r6, 0x18fd, 0x80000}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}) (async) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000080)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000240)={0x2, 0x81}) (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x1, 0x5, 0x9, 0x1}, {0x0, 0x80, 0x0, 0xd5}, {0x800, 0x1, 0x9, 0x101}, {0x4b93, 0x1, 0x3, 0x7}, {0x6, 0x20, 0x2e, 0x80000000}]}) (async) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000}) (async) ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0]}) (async) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r5, 0xc01064c1, &(0x7f0000000280)) (async) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000140)={0x0, 0x2, r6, 0x18fd, 0x80000}) (async) 13:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x181407, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x181407, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:38:06 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x80c5) bind$packet(r0, &(0x7f0000000040)={0x11, 0x18, r2, 0x1, 0x0, 0x6, @random="928716d32aab"}, 0x14) [ 690.279158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 690.286429] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x4}, 0x4) 13:38:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 68) 13:38:06 executing program 3: socket$packet(0x11, 0x3, 0x300) (async) pkey_free(0xffffffffffffffff) ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffb000/0x3000)=nil}) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:06 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x80c5) bind$packet(r0, &(0x7f0000000040)={0x11, 0x18, r2, 0x1, 0x0, 0x6, @random="928716d32aab"}, 0x14) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x80c5) (async) bind$packet(r0, &(0x7f0000000040)={0x11, 0x18, r2, 0x1, 0x0, 0x6, @random="928716d32aab"}, 0x14) (async) 13:38:06 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000080)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000240)={0x2, 0x81}) (async) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0x1, 0x5, 0x9, 0x1}, {0x0, 0x80, 0x0, 0xd5}, {0x800, 0x1, 0x9, 0x101}, {0x4b93, 0x1, 0x3, 0x7}, {0x6, 0x20, 0x2e, 0x80000000}]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0]}) (async) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r5, 0xc01064c1, &(0x7f0000000280)={0x0, 0x0, 0xffffffffffffffff}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000140)={0x0, 0x2, r6, 0x18fd, 0x80000}) 13:38:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x4}, 0x4) 13:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x181407, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x181407, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:38:06 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{}, {}, {}, {}]}) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:06 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x80c5) bind$packet(r0, &(0x7f0000000040)={0x11, 0x18, r2, 0x1, 0x0, 0x6, @random="928716d32aab"}, 0x14) socketpair(0x2, 0x1, 0x0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00'}) (async) sendto$packet(r1, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x80c5) (async) bind$packet(r0, &(0x7f0000000040)={0x11, 0x18, r2, 0x1, 0x0, 0x6, @random="928716d32aab"}, 0x14) (async) [ 690.452412] FAULT_INJECTION: forcing a failure. [ 690.452412] name failslab, interval 1, probability 0, space 0, times 0 13:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x20000) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000040)={0x8}) [ 690.498443] CPU: 0 PID: 14983 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 690.506359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.515715] Call Trace: [ 690.518299] dump_stack+0x1b2/0x281 [ 690.521925] should_fail.cold+0x10a/0x149 [ 690.526077] should_failslab+0xd6/0x130 [ 690.530054] kmem_cache_alloc_trace+0x29a/0x3d0 [ 690.534728] ? debugfs_create_file+0x37/0x60 [ 690.539137] kvm_dev_ioctl+0xce6/0x1450 [ 690.543116] ? fsnotify+0x974/0x11b0 [ 690.546864] ? kvm_put_kvm+0xab0/0xab0 [ 690.550749] ? kvm_put_kvm+0xab0/0xab0 [ 690.554619] do_vfs_ioctl+0x75a/0xff0 [ 690.558419] ? lock_acquire+0x170/0x3f0 [ 690.562545] ? ioctl_preallocate+0x1a0/0x1a0 [ 690.566951] ? __fget+0x265/0x3e0 [ 690.570388] ? do_vfs_ioctl+0xff0/0xff0 [ 690.574345] ? security_file_ioctl+0x83/0xb0 [ 690.578768] SyS_ioctl+0x7f/0xb0 [ 690.582128] ? do_vfs_ioctl+0xff0/0xff0 [ 690.586097] do_syscall_64+0x1d5/0x640 [ 690.590000] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 690.595185] RIP: 0033:0x7fa37e383109 13:38:06 executing program 2: r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000180)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x800, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x1) 13:38:06 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x4}, 0x4) [ 690.598881] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 690.606580] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 690.613834] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 690.621084] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 690.628338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 690.635687] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x20000) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000040)={0x8}) 13:38:06 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 69) 13:38:06 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x63}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x90}, 0x200080c0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x480900) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x4c0, 0x7, 0x331, 0xe5, 0x480000, 0x6], 0x6, 0x80800}) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='dax_writeback_one\x00', r1}, 0x10) 13:38:06 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000000), 0x3ff, 0x282) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r1}) 13:38:06 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{}, {}, {}, {}]}) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:06 executing program 2: r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000180)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x800, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x1) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000180)) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x800, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x1) (async) 13:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x20000) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000040)={0x8}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x20000) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000040)={0x8}) (async) 13:38:06 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = syz_open_dev$dri(&(0x7f0000000000), 0x3ff, 0x282) (async) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r1}) 13:38:06 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{}, {}, {}, {}]}) (async) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:06 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x63}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x90}, 0x200080c0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x480900) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x4c0, 0x7, 0x331, 0xe5, 0x480000, 0x6], 0x6, 0x80800}) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='dax_writeback_one\x00', r1}, 0x10) 13:38:06 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x6040, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x113380, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7afa, 0x9, 0xcfe], 0x3, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000100)={0x1100000000000000, 0xc004, 0x20, 0xc, 0x15}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x9], 0x1, 0x800}) [ 690.830063] FAULT_INJECTION: forcing a failure. [ 690.830063] name failslab, interval 1, probability 0, space 0, times 0 [ 690.862166] CPU: 0 PID: 15065 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 690.870078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.879470] Call Trace: [ 690.882062] dump_stack+0x1b2/0x281 [ 690.885697] should_fail.cold+0x10a/0x149 [ 690.889938] should_failslab+0xd6/0x130 [ 690.893925] kmem_cache_alloc+0x28e/0x3c0 [ 690.898080] __d_alloc+0x2a/0xa20 [ 690.901533] ? d_lookup+0x172/0x220 [ 690.905164] d_alloc+0x46/0x240 [ 690.908455] __lookup_hash+0x101/0x270 [ 690.912351] ? __inode_permission+0xcd/0x2f0 [ 690.916766] lookup_one_len+0x279/0x3a0 [ 690.920750] ? lookup_one_len_unlocked+0x410/0x410 [ 690.925687] start_creating+0xb0/0x200 [ 690.929579] __debugfs_create_file+0x4f/0x440 [ 690.934505] ? debugfs_create_file+0x37/0x60 [ 690.938915] kvm_dev_ioctl+0xe7f/0x1450 [ 690.942893] ? fsnotify+0x974/0x11b0 [ 690.946609] ? kvm_put_kvm+0xab0/0xab0 [ 690.950500] ? kvm_put_kvm+0xab0/0xab0 [ 690.954392] do_vfs_ioctl+0x75a/0xff0 [ 690.958203] ? lock_acquire+0x170/0x3f0 [ 690.962189] ? ioctl_preallocate+0x1a0/0x1a0 [ 690.966780] ? __fget+0x265/0x3e0 [ 690.970248] ? do_vfs_ioctl+0xff0/0xff0 [ 690.974230] ? security_file_ioctl+0x83/0xb0 [ 690.978644] SyS_ioctl+0x7f/0xb0 [ 690.982014] ? do_vfs_ioctl+0xff0/0xff0 [ 690.985996] do_syscall_64+0x1d5/0x640 [ 690.989892] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 690.995081] RIP: 0033:0x7fa37e383109 [ 690.998788] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 691.006500] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 691.013781] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 691.021053] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:38:07 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x63}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x90}, 0x200080c0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x480900) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x4c0, 0x7, 0x331, 0xe5, 0x480000, 0x6], 0x6, 0x80800}) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='dax_writeback_one\x00', r1}, 0x10) socket$packet(0x11, 0x2, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x10, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x63}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x6}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x6}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x90}, 0x200080c0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f00000001c0), 0x480900) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x4c0, 0x7, 0x331, 0xe5, 0x480000, 0x6], 0x6, 0x80800}) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='dax_writeback_one\x00', r1}, 0x10) (async) 13:38:07 executing program 4: socketpair(0x2, 0x1, 0x0, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000000), 0x3ff, 0x282) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040)={0x0, 0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r1}) socketpair(0x2, 0x1, 0x0, 0x0) (async) syz_open_dev$dri(&(0x7f0000000000), 0x3ff, 0x282) (async) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040)) (async) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r1}) (async) [ 691.028325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 691.035596] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 70) 13:38:07 executing program 2: r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000180)) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x800, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x1) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000000180)) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x0, 0x800, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x1) (async) 13:38:07 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, &(0x7f0000000200)={0x1, 0x0, &(0x7f00000001c0)=[0x0]}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(0xffffffffffffffff, 0xc00464c9, &(0x7f0000000240)={r0}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_kthread_stop_ret\x00', r1}, 0x10) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r1, 0x4068aea3, &(0x7f0000000300)={0xbe, 0x0, 0x1}) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="74085afd53599a7467", @ANYRES16=r2, @ANYBLOB="00012cbd7000fbdbdf2500000000080011000100000008001900640101021400080070696d726567310000000000000000000600020000000000"], 0x40}}, 0x40021) 13:38:07 executing program 4: ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x6], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000080)={'\x00', 0x0, 0x7, 0x6, 0x0, 0x7, 0x0, 0x2000, '\x00', 0x8}) socketpair(0x1e, 0x1, 0x2, 0x0) 13:38:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x6040, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x113380, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7afa, 0x9, 0xcfe], 0x3, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000100)={0x1100000000000000, 0xc004, 0x20, 0xc, 0x15}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x9], 0x1, 0x800}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x6040, 0x0) (async) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x113380, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7afa, 0x9, 0xcfe], 0x3, 0x800}) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000100)={0x1100000000000000, 0xc004, 0x20, 0xc, 0x15}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x9], 0x1, 0x800}) (async) 13:38:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7, 0x9, 0x3, 0x0, 0x5]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3941}]}, 0x44}, 0x1, 0x0, 0x0, 0x4011}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4018040}, 0x800) 13:38:07 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, &(0x7f0000000200)={0x1, 0x0, &(0x7f00000001c0)=[0x0]}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(0xffffffffffffffff, 0xc00464c9, &(0x7f0000000240)={r0}) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_kthread_stop_ret\x00', r1}, 0x10) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r1, 0x4068aea3, &(0x7f0000000300)={0xbe, 0x0, 0x1}) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="74085afd53599a7467", @ANYRES16=r2, @ANYBLOB="00012cbd7000fbdbdf2500000000080011000100000008001900640101021400080070696d726567310000000000000000000600020000000000"], 0x40}}, 0x40021) 13:38:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7, 0x9, 0x3, 0x0, 0x5]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3941}]}, 0x44}, 0x1, 0x0, 0x0, 0x4011}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4018040}, 0x800) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7, 0x9, 0x3, 0x0, 0x5]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3941}]}, 0x44}, 0x1, 0x0, 0x0, 0x4011}, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4018040}, 0x800) (async) 13:38:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x6040, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x113380, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7afa, 0x9, 0xcfe], 0x3, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000100)={0x1100000000000000, 0xc004, 0x20, 0xc, 0x15}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x9], 0x1, 0x800}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x6040, 0x0) (async) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x113380, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7afa, 0x9, 0xcfe], 0x3, 0x800}) (async) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000100)={0x1100000000000000, 0xc004, 0x20, 0xc, 0x15}) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x9], 0x1, 0x800}) (async) 13:38:07 executing program 4: ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x6], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000080)={'\x00', 0x0, 0x7, 0x6, 0x0, 0x7, 0x0, 0x2000, '\x00', 0x8}) socketpair(0x1e, 0x1, 0x2, 0x0) [ 691.199904] FAULT_INJECTION: forcing a failure. [ 691.199904] name failslab, interval 1, probability 0, space 0, times 0 [ 691.249387] CPU: 0 PID: 15143 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 691.257304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.266665] Call Trace: [ 691.269259] dump_stack+0x1b2/0x281 [ 691.272895] should_fail.cold+0x10a/0x149 [ 691.277054] should_failslab+0xd6/0x130 [ 691.281034] kmem_cache_alloc+0x28e/0x3c0 [ 691.285191] alloc_inode+0xa0/0x170 [ 691.288825] new_inode+0x1d/0xf0 [ 691.292196] debugfs_get_inode+0x1a/0x130 [ 691.296349] __debugfs_create_file+0x93/0x440 [ 691.300845] ? debugfs_create_file+0x37/0x60 [ 691.305256] kvm_dev_ioctl+0xe7f/0x1450 [ 691.309419] ? fsnotify+0x974/0x11b0 [ 691.313131] ? kvm_put_kvm+0xab0/0xab0 [ 691.317028] ? kvm_put_kvm+0xab0/0xab0 [ 691.320916] do_vfs_ioctl+0x75a/0xff0 [ 691.324717] ? lock_acquire+0x170/0x3f0 [ 691.328699] ? ioctl_preallocate+0x1a0/0x1a0 [ 691.333253] ? __fget+0x265/0x3e0 [ 691.336710] ? do_vfs_ioctl+0xff0/0xff0 [ 691.340697] ? security_file_ioctl+0x83/0xb0 [ 691.345108] SyS_ioctl+0x7f/0xb0 [ 691.348477] ? do_vfs_ioctl+0xff0/0xff0 [ 691.352454] do_syscall_64+0x1d5/0x640 [ 691.356351] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 691.361544] RIP: 0033:0x7fa37e383109 [ 691.365264] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 691.373058] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 691.380309] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 691.387569] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:38:07 executing program 4: ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x6], 0x1, 0x80000, 0x0, 0xffffffffffffffff}) ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000080)={'\x00', 0x0, 0x7, 0x6, 0x0, 0x7, 0x0, 0x2000, '\x00', 0x8}) (async) socketpair(0x1e, 0x1, 0x2, 0x0) 13:38:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 71) 13:38:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x9, 0xffffffffffffffff) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='afs_make_fs_calli\x00'}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0xbc, 0x5, 0xe0, 0x1d, 0x0, 0x2, 0x800, 0x9, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000140), 0x1}, 0x52481, 0x2, 0x8, 0x3, 0x20, 0xffffffff, 0x5, 0x0, 0x1, 0x0, 0x9}, 0x0, 0x3, r1, 0x8) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_TSC_KHZ(0xffffffffffffffff, 0xaea3) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x663b}, @BATADV_ATTR_VLANID={0x6}]}, 0x24}}, 0x0) 13:38:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7, 0x9, 0x3, 0x0, 0x5]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3941}]}, 0x44}, 0x1, 0x0, 0x0, 0x4011}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4018040}, 0x800) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7, 0x9, 0x3, 0x0, 0x5]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3941}]}, 0x44}, 0x1, 0x0, 0x0, 0x4011}, 0x0) (async) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) (async) sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4018040}, 0x800) (async) [ 691.394874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 691.402239] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:07 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, &(0x7f0000000200)={0x1, 0x0, &(0x7f00000001c0)=[0x0]}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(0xffffffffffffffff, 0xc00464c9, &(0x7f0000000240)={r0}) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_kthread_stop_ret\x00', r1}, 0x10) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r1, 0x4068aea3, &(0x7f0000000300)={0xbe, 0x0, 0x1}) (async) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_NOOP(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="74085afd53599a7467", @ANYRES16=r2, @ANYBLOB="00012cbd7000fbdbdf2500000000080011000100000008001900640101021400080070696d726567310000000000000000000600020000000000"], 0x40}}, 0x40021) 13:38:07 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', 0x0}) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$802154_dgram(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)="ef67a13dc4c7774090451adbf426942a7c8363d179187dde89b9507931f55f1f84ec2d4c0b1530dff7ab4349c4f42c1fdda0b2781591ed9b1997448780a0d80fcecb5dc2c513fb3d8a97239c2078df28e05637b87e51a1d804a7a9670d8c46108f59309823a79030e3a8e4f7a17e63675e84f23fb4e2cef6124b7f96295d6a5b0091f72e744c8ca2ee47b3d398b890da7a35b22e96dbaa1c6e60882deff0e18472977ab6b7f52a2a99434819fd79854e7de6c23b9028de2aab1693922b86586219905aa07c9396390a6066f80cfdc881feac791e740509272fb71db13e45", 0xde}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048004) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) getsockname$packet(r5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000400)={'syztnl0\x00', r1, 0x2f, 0x6, 0x8, 0x8, 0x2, @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0x36}, 0x8, 0x20, 0x2, 0x5}}) sendmsg$nl_route(r4, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="440000001900100029bd7000fedbdf2580001407fd00fd060008000008000200ac1414aa08000300", @ANYRES32=r1, @ANYBLOB="faf8be296b0d2c3adf4817df66e4a932841850749348672e33b93c794465a416ebce33e767a1fdedcecf2246b0fab8009a0d58af2fc28de26047a4bd11", @ANYRES32=r6, @ANYBLOB="06001c004e21000008000700ac1e0001"], 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x4000001) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000200)={'syztnl0\x00', &(0x7f0000000180)={'syztnl2\x00', r7, 0x2f, 0x5, 0x9, 0x100, 0x32, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00', 0x80, 0x8000, 0x7, 0x2}}) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'ip6_vti0\x00', r1, 0x29, 0x7, 0xc1, 0x10000, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, @private2, 0x1, 0x8, 0x6}}) socketpair(0x9, 0x1, 0x0, 0x0) 13:38:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x9, 0xffffffffffffffff) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='afs_make_fs_calli\x00'}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0xbc, 0x5, 0xe0, 0x1d, 0x0, 0x2, 0x800, 0x9, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000140), 0x1}, 0x52481, 0x2, 0x8, 0x3, 0x20, 0xffffffff, 0x5, 0x0, 0x1, 0x0, 0x9}, 0x0, 0x3, r1, 0x8) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_TSC_KHZ(0xffffffffffffffff, 0xaea3) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x663b}, @BATADV_ATTR_VLANID={0x6}]}, 0x24}}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x9, 0xffffffffffffffff) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='afs_make_fs_calli\x00'}, 0x10) (async) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0xbc, 0x5, 0xe0, 0x1d, 0x0, 0x2, 0x800, 0x9, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000140), 0x1}, 0x52481, 0x2, 0x8, 0x3, 0x20, 0xffffffff, 0x5, 0x0, 0x1, 0x0, 0x9}, 0x0, 0x3, r1, 0x8) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_GET_TSC_KHZ(0xffffffffffffffff, 0xaea3) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x663b}, @BATADV_ATTR_VLANID={0x6}]}, 0x24}}, 0x0) (async) 13:38:07 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) [ 691.497919] FAULT_INJECTION: forcing a failure. [ 691.497919] name failslab, interval 1, probability 0, space 0, times 0 [ 691.547870] CPU: 1 PID: 15185 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 691.555772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.565120] Call Trace: [ 691.567708] dump_stack+0x1b2/0x281 [ 691.571336] should_fail.cold+0x10a/0x149 [ 691.575487] should_failslab+0xd6/0x130 [ 691.579495] kmem_cache_alloc_trace+0x29a/0x3d0 [ 691.584185] ? debugfs_create_file+0x37/0x60 [ 691.588600] kvm_dev_ioctl+0xce6/0x1450 [ 691.592580] ? fsnotify+0x974/0x11b0 [ 691.596319] ? kvm_put_kvm+0xab0/0xab0 [ 691.600213] ? kvm_put_kvm+0xab0/0xab0 [ 691.604108] do_vfs_ioctl+0x75a/0xff0 [ 691.607908] ? lock_acquire+0x170/0x3f0 [ 691.611882] ? ioctl_preallocate+0x1a0/0x1a0 [ 691.616289] ? __fget+0x265/0x3e0 [ 691.619744] ? do_vfs_ioctl+0xff0/0xff0 [ 691.623719] ? security_file_ioctl+0x83/0xb0 [ 691.628127] SyS_ioctl+0x7f/0xb0 [ 691.631490] ? do_vfs_ioctl+0xff0/0xff0 [ 691.635464] do_syscall_64+0x1d5/0x640 [ 691.639361] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 691.644543] RIP: 0033:0x7fa37e383109 13:38:07 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) 13:38:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x418900) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000080)={0x9, [0x5, 0x8, 0x80000000, 0x7, 0x30000000, 0x1, 0x1, 0x8, 0x7]}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:07 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', 0x0}) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$802154_dgram(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)="ef67a13dc4c7774090451adbf426942a7c8363d179187dde89b9507931f55f1f84ec2d4c0b1530dff7ab4349c4f42c1fdda0b2781591ed9b1997448780a0d80fcecb5dc2c513fb3d8a97239c2078df28e05637b87e51a1d804a7a9670d8c46108f59309823a79030e3a8e4f7a17e63675e84f23fb4e2cef6124b7f96295d6a5b0091f72e744c8ca2ee47b3d398b890da7a35b22e96dbaa1c6e60882deff0e18472977ab6b7f52a2a99434819fd79854e7de6c23b9028de2aab1693922b86586219905aa07c9396390a6066f80cfdc881feac791e740509272fb71db13e45", 0xde}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048004) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) (async) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) getsockname$packet(r5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000400)={'syztnl0\x00', r1, 0x2f, 0x6, 0x8, 0x8, 0x2, @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0x36}, 0x8, 0x20, 0x2, 0x5}}) sendmsg$nl_route(r4, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="440000001900100029bd7000fedbdf2580001407fd00fd060008000008000200ac1414aa08000300", @ANYRES32=r1, @ANYBLOB="faf8be296b0d2c3adf4817df66e4a932841850749348672e33b93c794465a416ebce33e767a1fdedcecf2246b0fab8009a0d58af2fc28de26047a4bd11", @ANYRES32=r6, @ANYBLOB="06001c004e21000008000700ac1e0001"], 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x4000001) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async, rerun: 64) getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14) (rerun: 64) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000200)={'syztnl0\x00', &(0x7f0000000180)={'syztnl2\x00', r7, 0x2f, 0x5, 0x9, 0x100, 0x32, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00', 0x80, 0x8000, 0x7, 0x2}}) (async, rerun: 64) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'ip6_vti0\x00', r1, 0x29, 0x7, 0xc1, 0x10000, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, @private2, 0x1, 0x8, 0x6}}) (async, rerun: 64) socketpair(0x9, 0x1, 0x0, 0x0) 13:38:07 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) [ 691.648247] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 691.655953] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 691.663216] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 691.670481] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 691.677738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 691.684986] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:07 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) pkey_mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x9, 0xffffffffffffffff) (async, rerun: 32) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='afs_make_fs_calli\x00'}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0xbc, 0x5, 0xe0, 0x1d, 0x0, 0x2, 0x800, 0x9, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000140), 0x1}, 0x52481, 0x2, 0x8, 0x3, 0x20, 0xffffffff, 0x5, 0x0, 0x1, 0x0, 0x9}, 0x0, 0x3, r1, 0x8) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_GET_TSC_KHZ(0xffffffffffffffff, 0xaea3) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x663b}, @BATADV_ATTR_VLANID={0x6}]}, 0x24}}, 0x0) 13:38:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 72) 13:38:07 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) 13:38:07 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x418900) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000080)={0x9, [0x5, 0x8, 0x80000000, 0x7, 0x30000000, 0x1, 0x1, 0x8, 0x7]}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:07 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) [ 691.794338] FAULT_INJECTION: forcing a failure. [ 691.794338] name failslab, interval 1, probability 0, space 0, times 0 [ 691.811087] CPU: 1 PID: 15244 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 691.818987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.828453] Call Trace: [ 691.831049] dump_stack+0x1b2/0x281 [ 691.834680] should_fail.cold+0x10a/0x149 [ 691.838916] should_failslab+0xd6/0x130 [ 691.842893] kmem_cache_alloc+0x28e/0x3c0 [ 691.847047] __d_alloc+0x2a/0xa20 [ 691.850494] ? d_lookup+0x172/0x220 [ 691.854121] d_alloc+0x46/0x240 [ 691.857399] __lookup_hash+0x101/0x270 [ 691.861287] ? __inode_permission+0xcd/0x2f0 [ 691.865691] lookup_one_len+0x279/0x3a0 [ 691.869669] ? lookup_one_len_unlocked+0x410/0x410 [ 691.874603] start_creating+0xb0/0x200 [ 691.878495] __debugfs_create_file+0x4f/0x440 [ 691.882992] ? debugfs_create_file+0x37/0x60 [ 691.887400] kvm_dev_ioctl+0xe7f/0x1450 [ 691.891379] ? fsnotify+0x974/0x11b0 [ 691.895087] ? kvm_put_kvm+0xab0/0xab0 [ 691.898973] ? kvm_put_kvm+0xab0/0xab0 [ 691.902858] do_vfs_ioctl+0x75a/0xff0 [ 691.906655] ? lock_acquire+0x170/0x3f0 [ 691.910625] ? ioctl_preallocate+0x1a0/0x1a0 [ 691.915030] ? __fget+0x265/0x3e0 [ 691.918486] ? do_vfs_ioctl+0xff0/0xff0 [ 691.922660] ? security_file_ioctl+0x83/0xb0 [ 691.927071] SyS_ioctl+0x7f/0xb0 [ 691.930438] ? do_vfs_ioctl+0xff0/0xff0 [ 691.934414] do_syscall_64+0x1d5/0x640 [ 691.938306] entry_SYSCALL_64_after_hwframe+0x46/0xbb 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4) 13:38:08 executing program 3: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="913693c1a354d38fe65efc1e66", 0xd, r0) 13:38:08 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', 0x0}) (async, rerun: 32) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) sendmsg$802154_dgram(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)="ef67a13dc4c7774090451adbf426942a7c8363d179187dde89b9507931f55f1f84ec2d4c0b1530dff7ab4349c4f42c1fdda0b2781591ed9b1997448780a0d80fcecb5dc2c513fb3d8a97239c2078df28e05637b87e51a1d804a7a9670d8c46108f59309823a79030e3a8e4f7a17e63675e84f23fb4e2cef6124b7f96295d6a5b0091f72e744c8ca2ee47b3d398b890da7a35b22e96dbaa1c6e60882deff0e18472977ab6b7f52a2a99434819fd79854e7de6c23b9028de2aab1693922b86586219905aa07c9396390a6066f80cfdc881feac791e740509272fb71db13e45", 0xde}, 0x1, 0x0, 0x0, 0x4000000}, 0x20048004) (async, rerun: 32) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async, rerun: 32) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, 0x0) r5 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r5, 0xc008aeb0, 0x0) (async) getsockname$packet(r5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14) (async, rerun: 32) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000480)={'ip6tnl0\x00', &(0x7f0000000400)={'syztnl0\x00', r1, 0x2f, 0x6, 0x8, 0x8, 0x2, @ipv4={'\x00', '\xff\xff', @remote}, @dev={0xfe, 0x80, '\x00', 0x36}, 0x8, 0x20, 0x2, 0x5}}) (rerun: 32) sendmsg$nl_route(r4, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="440000001900100029bd7000fedbdf2580001407fd00fd060008000008000200ac1414aa08000300", @ANYRES32=r1, @ANYBLOB="faf8be296b0d2c3adf4817df66e4a932841850749348672e33b93c794465a416ebce33e767a1fdedcecf2246b0fab8009a0d58af2fc28de26047a4bd11", @ANYRES32=r6, @ANYBLOB="06001c004e21000008000700ac1e0001"], 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x4000001) (async) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000200)={'syztnl0\x00', &(0x7f0000000180)={'syztnl2\x00', r7, 0x2f, 0x5, 0x9, 0x100, 0x32, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00', 0x80, 0x8000, 0x7, 0x2}}) (async, rerun: 64) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000040)={'ip6_vti0\x00', r1, 0x29, 0x7, 0xc1, 0x10000, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, @private2, 0x1, 0x8, 0x6}}) (async, rerun: 64) socketpair(0x9, 0x1, 0x0, 0x0) 13:38:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x109000, 0x0) 13:38:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x418900) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, &(0x7f0000000080)={0x9, [0x5, 0x8, 0x80000000, 0x7, 0x30000000, 0x1, 0x1, 0x8, 0x7]}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 691.943492] RIP: 0033:0x7fa37e383109 [ 691.947193] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 691.954900] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 691.962173] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 691.969485] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 691.976752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 691.984021] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 73) 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x200002) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x7fffffff, 0x10001, 0x6, 0x10c2, r1, 0x2, '\x00', r3, r4, 0x5, 0x3, 0x2}, 0x48) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:08 executing program 3: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="913693c1a354d38fe65efc1e66", 0xd, r0) add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) (async) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="913693c1a354d38fe65efc1e66", 0xd, r0) (async) 13:38:08 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) 13:38:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x109000, 0x0) [ 692.077210] FAULT_INJECTION: forcing a failure. [ 692.077210] name failslab, interval 1, probability 0, space 0, times 0 13:38:08 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) [ 692.135436] CPU: 0 PID: 15287 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 692.143338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.152687] Call Trace: [ 692.155279] dump_stack+0x1b2/0x281 [ 692.158914] should_fail.cold+0x10a/0x149 [ 692.163064] should_failslab+0xd6/0x130 [ 692.167035] kmem_cache_alloc+0x28e/0x3c0 [ 692.171188] alloc_inode+0xa0/0x170 [ 692.174813] new_inode+0x1d/0xf0 [ 692.178175] debugfs_get_inode+0x1a/0x130 [ 692.182318] __debugfs_create_file+0x93/0x440 [ 692.186805] ? debugfs_create_file+0x37/0x60 [ 692.191213] kvm_dev_ioctl+0xe7f/0x1450 [ 692.195190] ? fsnotify+0x974/0x11b0 [ 692.198906] ? kvm_put_kvm+0xab0/0xab0 [ 692.202821] ? kvm_put_kvm+0xab0/0xab0 [ 692.206706] do_vfs_ioctl+0x75a/0xff0 [ 692.210535] ? lock_acquire+0x170/0x3f0 [ 692.214510] ? ioctl_preallocate+0x1a0/0x1a0 [ 692.218947] ? __fget+0x265/0x3e0 [ 692.222403] ? do_vfs_ioctl+0xff0/0xff0 [ 692.226374] ? security_file_ioctl+0x83/0xb0 [ 692.230785] SyS_ioctl+0x7f/0xb0 [ 692.234146] ? do_vfs_ioctl+0xff0/0xff0 [ 692.238120] do_syscall_64+0x1d5/0x640 [ 692.242012] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 692.247199] RIP: 0033:0x7fa37e383109 [ 692.250905] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 692.258611] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 692.265879] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 692.273147] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 13:38:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x109000, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x109000, 0x0) (async) 13:38:08 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0) 13:38:08 executing program 3: r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9) add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="913693c1a354d38fe65efc1e66", 0xd, r0) 13:38:08 executing program 4: socket$inet6_udplite(0xa, 0x2, 0x88) socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000000), 0x4) 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x200002) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x7fffffff, 0x10001, 0x6, 0x10c2, r1, 0x2, '\x00', r3, r4, 0x5, 0x3, 0x2}, 0x48) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 74) [ 692.280415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 692.287681] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:08 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r1, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_FLOW={0x6}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_TID={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000800}, 0x4008050) socketpair(0x9, 0x80000, 0x2, 0x0) socket$phonet(0x23, 0x2, 0x1) 13:38:08 executing program 4: socket$inet6_udplite(0xa, 0x2, 0x88) (async, rerun: 32) socketpair(0x2, 0x1, 0x0, 0x0) (rerun: 32) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000000), 0x4) 13:38:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x81, 0x6, 0x9, 0x2, 0x0, 0x5, 0x6], 0x7, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x200002) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x5, 0x7fffffff, 0x10001, 0x6, 0x10c2, r1, 0x2, '\x00', r3, r4, 0x5, 0x3, 0x2}, 0x48) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getuid() ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)='/dev/kvm\x00') ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x3f, 0x8fa, 0x1, 0x80000000, 0x1, 0x4, 0x50], 0x7, 0x800, 0x0, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) r4 = getuid() ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000340)={&(0x7f0000000300)=[0xd48], 0x1, 0x800, 0x0, 0xffffffffffffffff}) r6 = syz_genetlink_get_family_id$gtp(&(0x7f00000003c0), r1) sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r6, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_I_TEI={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}]}, 0x34}, 0x1, 0x0, 0x0, 0x20001}, 0x48040) sendmsg$nl_xfrm(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)=@expire={0x110, 0x18, 0x10, 0x70bd29, 0x25dfdbfb, {{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e23, 0x3, 0x4e20, 0x8, 0x2, 0xa0, 0x0, 0x0, r3, r4}, {@in=@private=0xa010101, 0x4d2, 0x2b}, @in=@private=0xa010101, {0x2, 0x4, 0x1, 0xffffffffffffffff, 0x600000000, 0x800, 0x7, 0x4}, {0x4, 0x100, 0x200, 0x4}, {0x1f, 0x0, 0x200}, 0x70bd27, 0x3505, 0x2, 0x0, 0x1d, 0xb0}, 0x5}, [@mark={0xc, 0x15, {0x35075b, 0x1}}, @mark={0xc, 0x15, {0x8, 0xfff}}]}, 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000000)=[0x8, 0x9, 0x6, 0x7f, 0x7, 0x68b], 0x6, 0x800}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r1) [ 692.403530] FAULT_INJECTION: forcing a failure. [ 692.403530] name failslab, interval 1, probability 0, space 0, times 0 [ 692.452016] CPU: 0 PID: 15336 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 692.459923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.469373] Call Trace: [ 692.471966] dump_stack+0x1b2/0x281 [ 692.475598] should_fail.cold+0x10a/0x149 [ 692.479759] should_failslab+0xd6/0x130 [ 692.483737] kmem_cache_alloc_trace+0x29a/0x3d0 [ 692.488402] ? debugfs_create_file+0x37/0x60 [ 692.492813] kvm_dev_ioctl+0xce6/0x1450 [ 692.496792] ? fsnotify+0x974/0x11b0 [ 692.500504] ? kvm_put_kvm+0xab0/0xab0 [ 692.504407] ? kvm_put_kvm+0xab0/0xab0 [ 692.508384] do_vfs_ioctl+0x75a/0xff0 [ 692.512186] ? lock_acquire+0x170/0x3f0 [ 692.516162] ? ioctl_preallocate+0x1a0/0x1a0 [ 692.520573] ? __fget+0x265/0x3e0 [ 692.524023] ? do_vfs_ioctl+0xff0/0xff0 [ 692.527996] ? security_file_ioctl+0x83/0xb0 [ 692.532402] SyS_ioctl+0x7f/0xb0 [ 692.535761] ? do_vfs_ioctl+0xff0/0xff0 [ 692.539736] do_syscall_64+0x1d5/0x640 [ 692.543627] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 692.548814] RIP: 0033:0x7fa37e383109 13:38:08 executing program 4: socket$inet6_udplite(0xa, 0x2, 0x88) socketpair(0x2, 0x1, 0x0, 0x0) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000000), 0x4) socket$inet6_udplite(0xa, 0x2, 0x88) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) setsockopt$RXRPC_MIN_SECURITY_LEVEL(0xffffffffffffffff, 0x110, 0x4, &(0x7f0000000000), 0x4) (async) 13:38:08 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r1, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_FLOW={0x6}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_TID={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000800}, 0x4008050) (async) socketpair(0x9, 0x80000, 0x2, 0x0) socket$phonet(0x23, 0x2, 0x1) 13:38:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x81, 0x6, 0x9, 0x2, 0x0, 0x5, 0x6], 0x7, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 692.552513] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 692.560200] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 692.567455] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 692.574797] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 692.582065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 692.589562] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000000)=[0x8, 0x9, 0x6, 0x7f, 0x7, 0x68b], 0x6, 0x800}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r1) 13:38:08 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x81, 0x6, 0x9, 0x2, 0x0, 0x5, 0x6], 0x7, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 75) 13:38:08 executing program 3: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r1, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_FLOW={0x6}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_TID={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000800}, 0x4008050) (async) socketpair(0x9, 0x80000, 0x2, 0x0) (async) socket$phonet(0x23, 0x2, 0x1) 13:38:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getuid() (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)='/dev/kvm\x00') (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x3f, 0x8fa, 0x1, 0x80000000, 0x1, 0x4, 0x50], 0x7, 0x800, 0x0, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) r4 = getuid() (async, rerun: 64) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000340)={&(0x7f0000000300)=[0xd48], 0x1, 0x800, 0x0, 0xffffffffffffffff}) (async, rerun: 64) r6 = syz_genetlink_get_family_id$gtp(&(0x7f00000003c0), r1) sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r6, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_I_TEI={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}]}, 0x34}, 0x1, 0x0, 0x0, 0x20001}, 0x48040) (async, rerun: 32) sendmsg$nl_xfrm(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)=@expire={0x110, 0x18, 0x10, 0x70bd29, 0x25dfdbfb, {{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e23, 0x3, 0x4e20, 0x8, 0x2, 0xa0, 0x0, 0x0, r3, r4}, {@in=@private=0xa010101, 0x4d2, 0x2b}, @in=@private=0xa010101, {0x2, 0x4, 0x1, 0xffffffffffffffff, 0x600000000, 0x800, 0x7, 0x4}, {0x4, 0x100, 0x200, 0x4}, {0x1f, 0x0, 0x200}, 0x70bd27, 0x3505, 0x2, 0x0, 0x1d, 0xb0}, 0x5}, [@mark={0xc, 0x15, {0x35075b, 0x1}}, @mark={0xc, 0x15, {0x8, 0xfff}}]}, 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (rerun: 32) 13:38:08 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r1, 0x431, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1f}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x2}, 0x0) socketpair(0x2, 0x1, 0x80, 0x0) 13:38:08 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x500, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfff}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040001}, 0x20008000) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x2, 0x5], 0x2, 0x0, 0x0, 0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r2, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x4080) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$nl_generic(0x10, 0x3, 0x10) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000000)=[0x8, 0x9, 0x6, 0x7f, 0x7, 0x68b], 0x6, 0x800}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r1) socket$packet(0x11, 0x3, 0x300) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000000)=[0x8, 0x9, 0x6, 0x7f, 0x7, 0x68b], 0x6, 0x800}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r1) (async) 13:38:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) getuid() ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000040)='/dev/kvm\x00') (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x3f, 0x8fa, 0x1, 0x80000000, 0x1, 0x4, 0x50], 0x7, 0x800, 0x0, 0xffffffffffffffff}) (async) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000000)="bc83e9e161c0ace09e0b94117c04bcdf91d6467d6118afdc90ef2b24390bd3e49d4dbb8e9e85ee724b19b7e3e36e6d8c90ecb5165ef324e9a8a09dcb65d06679e9bbbc354516e17f3f0182f59e", 0x4d, 0x0, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @broadcast}, 0x14) r4 = getuid() (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000340)={&(0x7f0000000300)=[0xd48], 0x1, 0x800, 0x0, 0xffffffffffffffff}) r6 = syz_genetlink_get_family_id$gtp(&(0x7f00000003c0), r1) sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, r6, 0x4, 0x70bd2d, 0x25dfdbff, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r1}, @GTPA_I_TEI={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}]}, 0x34}, 0x1, 0x0, 0x0, 0x20001}, 0x48040) sendmsg$nl_xfrm(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)=@expire={0x110, 0x18, 0x10, 0x70bd29, 0x25dfdbfb, {{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e23, 0x3, 0x4e20, 0x8, 0x2, 0xa0, 0x0, 0x0, r3, r4}, {@in=@private=0xa010101, 0x4d2, 0x2b}, @in=@private=0xa010101, {0x2, 0x4, 0x1, 0xffffffffffffffff, 0x600000000, 0x800, 0x7, 0x4}, {0x4, 0x100, 0x200, 0x4}, {0x1f, 0x0, 0x200}, 0x70bd27, 0x3505, 0x2, 0x0, 0x1d, 0xb0}, 0x5}, [@mark={0xc, 0x15, {0x35075b, 0x1}}, @mark={0xc, 0x15, {0x8, 0xfff}}]}, 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 13:38:08 executing program 3: socketpair(0x22, 0x1, 0x2, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendto$rxrpc(r0, &(0x7f0000000180)="6b84484d45e6c1d2a0e2eb6fc8154ad59a9d518b5b14e7b1842dc1761514f4446cabcbbff97a6dffd011dc9514d0eebd3c08af3f29bb0917825e2900ae1f5787ea2d037cd01944a7a92be6869f3e5708199cf679c1088c77b06cad2012ef4fcf2af2449ca03470b25a75cb562b713c5c2182a2d7", 0x74, 0x40004, &(0x7f0000000200)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e24, @empty}}, 0x24) ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000000)={0x2, 0x800, {0x53, 0x1000, 0x4, {0x7ff, 0x6}, {0x8, 0x80}, @const={0x1000, {0x8, 0x40, 0x2}}}, {0x56, 0x3, 0xcc23, {0x5, 0x6}, {0x35, 0x7}, @rumble={0x8, 0x8}}}) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[0x10001, 0x7, 0x7f, 0x80, 0x6, 0x6, 0x1ff]}) r1 = perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x81, 0x2, 0x6, 0x3f, 0x0, 0x61, 0x27000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={&(0x7f00000002c0), 0x4}, 0x4490, 0x8000000000000000, 0xffffffc1, 0x6, 0x6, 0x65fc81f3, 0xcdd, 0x0, 0x21, 0x0, 0x9e}, 0xffffffffffffffff, 0x1, r0, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x1) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x80200) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000240)={0x3, 0x9, {0x54, 0x9, 0x6, {0x200, 0x9}, {0x2, 0xc8}, @ramp={0xfff7, 0x92b, {0x80, 0x7ff, 0x7}}}, {0x57, 0x7fff, 0x1d76, {0x7f, 0x40}, {0x2, 0x5cf}, @ramp={0xfff, 0x7, {0x9, 0x4, 0xe5, 0xf801}}}}) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000480)={0x6, "561e54d8aaab071f6d8230ddf8d165db1e8592fdbc45f986cb5e06c8580e6e24"}) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000140)={0x2, r3}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f00000003c0), 0x400203) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000540)='/dev/input/mice\x00') sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d9342982e0c27e76cc217731c108d3f9b770ed067d3ee7518fa4a910515f3c2e36ac3cbaf8", @ANYRES16=0x0, @ANYBLOB="000827bd7000fbdbdf25090000000800340000000080050030000100000008003b000100008005002e00010000000600280003000000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80c0) 13:38:08 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x500, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfff}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040001}, 0x20008000) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x2, 0x5], 0x2, 0x0, 0x0, 0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r2, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x4080) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x500, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfff}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040001}, 0x20008000) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x2, 0x5], 0x2}) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r2, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x4080) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) 13:38:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x3f, 0x2, 0x3, &(0x7f0000000000)={0xffffffffffffffff}) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x800) setsockopt$packet_buf(r2, 0x107, 0x5, &(0x7f0000000180)="df81c37b0ad4dfe6a9cf66d1bc1ae68f1720f0ae04a8821cd8527f8ca6f928d776939090a575613c4b82859ec49835bec275535127997c99ebf6e40f7f192b6edf4b91266407e4eaf819", 0x4a) connect$packet(r1, &(0x7f0000000040)={0x11, 0xf5, 0x0, 0x1, 0x7, 0x6, @random="a66710997f7c"}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:08 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xa0481, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_VERSION(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x36}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000180)={0x7fffffffffffffff}) 13:38:08 executing program 3: socketpair(0x22, 0x1, 0x2, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendto$rxrpc(r0, &(0x7f0000000180)="6b84484d45e6c1d2a0e2eb6fc8154ad59a9d518b5b14e7b1842dc1761514f4446cabcbbff97a6dffd011dc9514d0eebd3c08af3f29bb0917825e2900ae1f5787ea2d037cd01944a7a92be6869f3e5708199cf679c1088c77b06cad2012ef4fcf2af2449ca03470b25a75cb562b713c5c2182a2d7", 0x74, 0x40004, &(0x7f0000000200)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e24, @empty}}, 0x24) ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000000)={0x2, 0x800, {0x53, 0x1000, 0x4, {0x7ff, 0x6}, {0x8, 0x80}, @const={0x1000, {0x8, 0x40, 0x2}}}, {0x56, 0x3, 0xcc23, {0x5, 0x6}, {0x35, 0x7}, @rumble={0x8, 0x8}}}) (async) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[0x10001, 0x7, 0x7f, 0x80, 0x6, 0x6, 0x1ff]}) r1 = perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x81, 0x2, 0x6, 0x3f, 0x0, 0x61, 0x27000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={&(0x7f00000002c0), 0x4}, 0x4490, 0x8000000000000000, 0xffffffc1, 0x6, 0x6, 0x65fc81f3, 0xcdd, 0x0, 0x21, 0x0, 0x9e}, 0xffffffffffffffff, 0x1, r0, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x1) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x80200) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000240)={0x3, 0x9, {0x54, 0x9, 0x6, {0x200, 0x9}, {0x2, 0xc8}, @ramp={0xfff7, 0x92b, {0x80, 0x7ff, 0x7}}}, {0x57, 0x7fff, 0x1d76, {0x7f, 0x40}, {0x2, 0x5cf}, @ramp={0xfff, 0x7, {0x9, 0x4, 0xe5, 0xf801}}}}) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000480)={0x6, "561e54d8aaab071f6d8230ddf8d165db1e8592fdbc45f986cb5e06c8580e6e24"}) (async) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000140)={0x2, r3}) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f00000003c0), 0x400203) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000540)='/dev/input/mice\x00') (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d9342982e0c27e76cc217731c108d3f9b770ed067d3ee7518fa4a910515f3c2e36ac3cbaf8", @ANYRES16=0x0, @ANYBLOB="000827bd7000fbdbdf25090000000800340000000080050030000100000008003b000100008005002e00010000000600280003000000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80c0) [ 692.800053] FAULT_INJECTION: forcing a failure. [ 692.800053] name failslab, interval 1, probability 0, space 0, times 0 [ 692.866848] CPU: 1 PID: 15407 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 692.874790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.884144] Call Trace: [ 692.886746] dump_stack+0x1b2/0x281 [ 692.890376] should_fail.cold+0x10a/0x149 [ 692.894526] should_failslab+0xd6/0x130 [ 692.898502] kmem_cache_alloc+0x28e/0x3c0 [ 692.902662] __d_alloc+0x2a/0xa20 [ 692.906117] ? d_lookup+0x172/0x220 [ 692.909749] d_alloc+0x46/0x240 [ 692.913041] __lookup_hash+0x101/0x270 [ 692.916928] ? __inode_permission+0xcd/0x2f0 [ 692.921338] lookup_one_len+0x279/0x3a0 [ 692.925317] ? lookup_one_len_unlocked+0x410/0x410 [ 692.930252] start_creating+0xb0/0x200 [ 692.934238] __debugfs_create_file+0x4f/0x440 [ 692.938739] ? debugfs_create_file+0x37/0x60 [ 692.943148] kvm_dev_ioctl+0xe7f/0x1450 [ 692.947351] ? fsnotify+0x974/0x11b0 [ 692.951068] ? kvm_put_kvm+0xab0/0xab0 [ 692.954959] ? kvm_put_kvm+0xab0/0xab0 [ 692.958846] do_vfs_ioctl+0x75a/0xff0 [ 692.962649] ? lock_acquire+0x170/0x3f0 [ 692.966622] ? ioctl_preallocate+0x1a0/0x1a0 [ 692.971031] ? __fget+0x265/0x3e0 [ 692.974490] ? do_vfs_ioctl+0xff0/0xff0 [ 692.978465] ? security_file_ioctl+0x83/0xb0 [ 692.982876] SyS_ioctl+0x7f/0xb0 [ 692.986244] ? do_vfs_ioctl+0xff0/0xff0 [ 692.990220] do_syscall_64+0x1d5/0x640 [ 692.994112] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 692.999301] RIP: 0033:0x7fa37e383109 [ 693.003003] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.010709] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 693.018009] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 693.025273] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 693.032544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 693.039792] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 76) 13:38:09 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r1, 0x431, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1f}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x2}, 0x0) socketpair(0x2, 0x1, 0x80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r1, 0x431, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1f}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x2}, 0x0) (async) socketpair(0x2, 0x1, 0x80, 0x0) (async) 13:38:09 executing program 3: socketpair(0x22, 0x1, 0x2, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendto$rxrpc(r0, &(0x7f0000000180)="6b84484d45e6c1d2a0e2eb6fc8154ad59a9d518b5b14e7b1842dc1761514f4446cabcbbff97a6dffd011dc9514d0eebd3c08af3f29bb0917825e2900ae1f5787ea2d037cd01944a7a92be6869f3e5708199cf679c1088c77b06cad2012ef4fcf2af2449ca03470b25a75cb562b713c5c2182a2d7", 0x74, 0x40004, &(0x7f0000000200)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e24, @empty}}, 0x24) ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000000)={0x2, 0x800, {0x53, 0x1000, 0x4, {0x7ff, 0x6}, {0x8, 0x80}, @const={0x1000, {0x8, 0x40, 0x2}}}, {0x56, 0x3, 0xcc23, {0x5, 0x6}, {0x35, 0x7}, @rumble={0x8, 0x8}}}) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[0x10001, 0x7, 0x7f, 0x80, 0x6, 0x6, 0x1ff]}) r1 = perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x81, 0x2, 0x6, 0x3f, 0x0, 0x61, 0x27000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={&(0x7f00000002c0), 0x4}, 0x4490, 0x8000000000000000, 0xffffffc1, 0x6, 0x6, 0x65fc81f3, 0xcdd, 0x0, 0x21, 0x0, 0x9e}, 0xffffffffffffffff, 0x1, r0, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x1) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x80200) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000240)={0x3, 0x9, {0x54, 0x9, 0x6, {0x200, 0x9}, {0x2, 0xc8}, @ramp={0xfff7, 0x92b, {0x80, 0x7ff, 0x7}}}, {0x57, 0x7fff, 0x1d76, {0x7f, 0x40}, {0x2, 0x5cf}, @ramp={0xfff, 0x7, {0x9, 0x4, 0xe5, 0xf801}}}}) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000480)={0x6, "561e54d8aaab071f6d8230ddf8d165db1e8592fdbc45f986cb5e06c8580e6e24"}) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000140)={0x2, r3}) r4 = openat$mice(0xffffffffffffff9c, &(0x7f00000003c0), 0x400203) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000540)='/dev/input/mice\x00') sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d9342982e0c27e76cc217731c108d3f9b770ed067d3ee7518fa4a910515f3c2e36ac3cbaf8", @ANYRES16=0x0, @ANYBLOB="000827bd7000fbdbdf25090000000800340000000080050030000100000008003b000100008005002e00010000000600280003000000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80c0) socketpair(0x22, 0x1, 0x2, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendto$rxrpc(r0, &(0x7f0000000180)="6b84484d45e6c1d2a0e2eb6fc8154ad59a9d518b5b14e7b1842dc1761514f4446cabcbbff97a6dffd011dc9514d0eebd3c08af3f29bb0917825e2900ae1f5787ea2d037cd01944a7a92be6869f3e5708199cf679c1088c77b06cad2012ef4fcf2af2449ca03470b25a75cb562b713c5c2182a2d7", 0x74, 0x40004, &(0x7f0000000200)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e24, @empty}}, 0x24) (async) ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000000)={0x2, 0x800, {0x53, 0x1000, 0x4, {0x7ff, 0x6}, {0x8, 0x80}, @const={0x1000, {0x8, 0x40, 0x2}}}, {0x56, 0x3, 0xcc23, {0x5, 0x6}, {0x35, 0x7}, @rumble={0x8, 0x8}}}) (async) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[0x10001, 0x7, 0x7f, 0x80, 0x6, 0x6, 0x1ff]}) (async) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x81, 0x2, 0x6, 0x3f, 0x0, 0x61, 0x27000, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={&(0x7f00000002c0), 0x4}, 0x4490, 0x8000000000000000, 0xffffffc1, 0x6, 0x6, 0x65fc81f3, 0xcdd, 0x0, 0x21, 0x0, 0x9e}, 0xffffffffffffffff, 0x1, r0, 0x1) (async) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x1) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x80200) (async) ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000240)={0x3, 0x9, {0x54, 0x9, 0x6, {0x200, 0x9}, {0x2, 0xc8}, @ramp={0xfff7, 0x92b, {0x80, 0x7ff, 0x7}}}, {0x57, 0x7fff, 0x1d76, {0x7f, 0x40}, {0x2, 0x5cf}, @ramp={0xfff, 0x7, {0x9, 0x4, 0xe5, 0xf801}}}}) (async) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000480)={0x6, "561e54d8aaab071f6d8230ddf8d165db1e8592fdbc45f986cb5e06c8580e6e24"}) (async) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000140)={0x2, r3}) (async) openat$mice(0xffffffffffffff9c, &(0x7f00000003c0), 0x400203) (async) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000540)='/dev/input/mice\x00') (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(r3, &(0x7f0000000440)={&(0x7f0000000380), 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d9342982e0c27e76cc217731c108d3f9b770ed067d3ee7518fa4a910515f3c2e36ac3cbaf8", @ANYRES16=0x0, @ANYBLOB="000827bd7000fbdbdf25090000000800340000000080050030000100000008003b000100008005002e00010000000600280003000000"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x80c0) (async) 13:38:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x3f, 0x2, 0x3, &(0x7f0000000000)={0xffffffffffffffff}) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x800) setsockopt$packet_buf(r2, 0x107, 0x5, &(0x7f0000000180)="df81c37b0ad4dfe6a9cf66d1bc1ae68f1720f0ae04a8821cd8527f8ca6f928d776939090a575613c4b82859ec49835bec275535127997c99ebf6e40f7f192b6edf4b91266407e4eaf819", 0x4a) connect$packet(r1, &(0x7f0000000040)={0x11, 0xf5, 0x0, 0x1, 0x7, 0x6, @random="a66710997f7c"}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) socketpair(0x3f, 0x2, 0x3, &(0x7f0000000000)) (async) accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x800) (async) setsockopt$packet_buf(r2, 0x107, 0x5, &(0x7f0000000180)="df81c37b0ad4dfe6a9cf66d1bc1ae68f1720f0ae04a8821cd8527f8ca6f928d776939090a575613c4b82859ec49835bec275535127997c99ebf6e40f7f192b6edf4b91266407e4eaf819", 0x4a) (async) connect$packet(r1, &(0x7f0000000040)={0x11, 0xf5, 0x0, 0x1, 0x7, 0x6, @random="a66710997f7c"}, 0x14) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) 13:38:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xa0481, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_VERSION(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x36}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) (async) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000180)={0x7fffffffffffffff}) 13:38:09 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x500, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfff}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040001}, 0x20008000) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x2, 0x5], 0x2, 0x0, 0x0, 0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_NOOP(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r2, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x4080) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x500, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x1}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfff}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040001}, 0x20008000) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x2, 0x5], 0x2}) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$L2TP_CMD_NOOP(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x1, 0x0, 0x0, {}, [@L2TP_ATTR_SEND_SEQ={0x5}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @broadcast}]}, 0x24}}, 0x0) (async) sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r2, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x4080) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) (async) 13:38:09 executing program 3: socketpair(0x23, 0x80000, 0x8000, 0x0) 13:38:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x3f, 0x2, 0x3, &(0x7f0000000000)={0xffffffffffffffff}) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x800) setsockopt$packet_buf(r2, 0x107, 0x5, &(0x7f0000000180)="df81c37b0ad4dfe6a9cf66d1bc1ae68f1720f0ae04a8821cd8527f8ca6f928d776939090a575613c4b82859ec49835bec275535127997c99ebf6e40f7f192b6edf4b91266407e4eaf819", 0x4a) connect$packet(r1, &(0x7f0000000040)={0x11, 0xf5, 0x0, 0x1, 0x7, 0x6, @random="a66710997f7c"}, 0x14) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$packet(0x11, 0x3, 0x300) (async) socketpair(0x3f, 0x2, 0x3, &(0x7f0000000000)) (async) accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14, 0x800) (async) setsockopt$packet_buf(r2, 0x107, 0x5, &(0x7f0000000180)="df81c37b0ad4dfe6a9cf66d1bc1ae68f1720f0ae04a8821cd8527f8ca6f928d776939090a575613c4b82859ec49835bec275535127997c99ebf6e40f7f192b6edf4b91266407e4eaf819", 0x4a) (async) connect$packet(r1, &(0x7f0000000040)={0x11, 0xf5, 0x0, 0x1, 0x7, 0x6, @random="a66710997f7c"}, 0x14) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) 13:38:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000040)={0x4, 0x3}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0xa000) ioctl$SNDCTL_TMR_SELECT(r1, 0x40045408) 13:38:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xa0481, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_VERSION(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x36}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000180)={0x7fffffffffffffff}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xa0481, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$NLBL_MGMT_C_VERSION(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x36}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000180)={0x7fffffffffffffff}) (async) [ 693.167465] FAULT_INJECTION: forcing a failure. [ 693.167465] name failslab, interval 1, probability 0, space 0, times 0 [ 693.240526] CPU: 0 PID: 15476 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 693.248433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.257787] Call Trace: [ 693.260375] dump_stack+0x1b2/0x281 [ 693.264006] should_fail.cold+0x10a/0x149 [ 693.268158] should_failslab+0xd6/0x130 [ 693.272135] kmem_cache_alloc+0x28e/0x3c0 [ 693.276285] alloc_inode+0xa0/0x170 [ 693.279912] new_inode+0x1d/0xf0 [ 693.283279] debugfs_get_inode+0x1a/0x130 13:38:09 executing program 3: socketpair(0x23, 0x80000, 0x8000, 0x0) socketpair(0x23, 0x80000, 0x8000, 0x0) (async) [ 693.287426] __debugfs_create_file+0x93/0x440 [ 693.291916] ? debugfs_create_file+0x37/0x60 [ 693.296323] kvm_dev_ioctl+0xe7f/0x1450 [ 693.300295] ? fsnotify+0x974/0x11b0 [ 693.304006] ? kvm_put_kvm+0xab0/0xab0 [ 693.307892] ? kvm_put_kvm+0xab0/0xab0 [ 693.311777] do_vfs_ioctl+0x75a/0xff0 [ 693.315583] ? lock_acquire+0x170/0x3f0 [ 693.319556] ? ioctl_preallocate+0x1a0/0x1a0 [ 693.323963] ? __fget+0x265/0x3e0 [ 693.327418] ? do_vfs_ioctl+0xff0/0xff0 [ 693.331477] ? security_file_ioctl+0x83/0xb0 [ 693.335880] SyS_ioctl+0x7f/0xb0 13:38:09 executing program 3: socketpair(0x23, 0x80000, 0x8000, 0x0) [ 693.339248] ? do_vfs_ioctl+0xff0/0xff0 [ 693.343231] do_syscall_64+0x1d5/0x640 [ 693.347122] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 693.352307] RIP: 0033:0x7fa37e383109 [ 693.356009] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.363714] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 693.370980] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 693.378253] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 693.385536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 693.392801] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 77) 13:38:09 executing program 3: connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) socketpair(0x2, 0x2, 0x4, 0x0) 13:38:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000040)={0x4, 0x3}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0xa000) ioctl$SNDCTL_TMR_SELECT(r1, 0x40045408) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000040)={0x4, 0x3}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0xa000) (async) ioctl$SNDCTL_TMR_SELECT(r1, 0x40045408) (async) 13:38:09 executing program 0: openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[0xffffffff]}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$l2tp(0x2, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) 13:38:09 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r1, 0x1}, 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r1, 0x431, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1f}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x2}, 0x0) socketpair(0x2, 0x1, 0x80, 0x0) 13:38:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x402c02, 0x0) 13:38:09 executing program 0: openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[0xffffffff]}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) socket$l2tp(0x2, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) 13:38:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x402c02, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x402c02, 0x0) (async) [ 693.529068] FAULT_INJECTION: forcing a failure. [ 693.529068] name failslab, interval 1, probability 0, space 0, times 0 [ 693.569028] CPU: 0 PID: 15588 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 693.577025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.586375] Call Trace: [ 693.588962] dump_stack+0x1b2/0x281 [ 693.592597] should_fail.cold+0x10a/0x149 [ 693.596754] should_failslab+0xd6/0x130 [ 693.600741] kmem_cache_alloc_trace+0x29a/0x3d0 [ 693.605416] ? debugfs_create_file+0x37/0x60 [ 693.609832] kvm_dev_ioctl+0xce6/0x1450 [ 693.613811] ? fsnotify+0x974/0x11b0 [ 693.617526] ? kvm_put_kvm+0xab0/0xab0 [ 693.621419] ? kvm_put_kvm+0xab0/0xab0 [ 693.625307] do_vfs_ioctl+0x75a/0xff0 [ 693.629142] ? lock_acquire+0x170/0x3f0 [ 693.633119] ? ioctl_preallocate+0x1a0/0x1a0 [ 693.637533] ? __fget+0x265/0x3e0 [ 693.640990] ? do_vfs_ioctl+0xff0/0xff0 [ 693.644970] ? security_file_ioctl+0x83/0xb0 [ 693.649390] SyS_ioctl+0x7f/0xb0 [ 693.652754] ? do_vfs_ioctl+0xff0/0xff0 [ 693.656732] do_syscall_64+0x1d5/0x640 [ 693.660634] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 693.665820] RIP: 0033:0x7fa37e383109 [ 693.669524] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20001, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x402c02, 0x0) 13:38:09 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000040)={0x4, 0x3}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0xa000) ioctl$SNDCTL_TMR_SELECT(r1, 0x40045408) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_DIRTY_TLB(0xffffffffffffffff, 0x4010aeaa, &(0x7f0000000040)={0x4, 0x3}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0xa000) (async) ioctl$SNDCTL_TMR_SELECT(r1, 0x40045408) (async) 13:38:09 executing program 3: connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) (async) socketpair(0x2, 0x2, 0x4, 0x0) 13:38:09 executing program 0: openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[0xffffffff]}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socket$l2tp(0x2, 0x2, 0x73) (async) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) 13:38:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 78) 13:38:09 executing program 4: socketpair(0x5, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000040)) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) connect$l2tp(r1, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010101, 0x1}, 0x10) [ 693.677233] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 693.684498] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 693.691762] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 693.699050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 693.706311] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x1ff, 0x3fc000, 0x4, 0x0, 0x62, 0x1, 0x3], 0x7, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r2, 0x4068aea3, &(0x7f00000000c0)) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x200, 0x101, 0x80, 0x0, 0x9, 0x6000, 0x4000, '\x00', 0x6}) openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x400) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req={0x40, 0x3, 0x101, 0x17}, 0x10) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x40180) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r3, 0xc01064c2, &(0x7f00000001c0)={0x0, 0x1, r4}) 13:38:09 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x3, 0xe49c, 0x69a4, 0xfa8, 0x4], 0x6, 0x0, 0x0, 0xffffffffffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='afs_flock_op\x00', r1}, 0x10) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:09 executing program 2: sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)=@getneightbl={0x14, 0x42, 0x200, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}}, 0x44805) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)) ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000200)={[0xf90, 0x2, 0x1, 0x3e, 0x0, 0xffff0000, 0x8, 0x134, 0x3, 0xcfec, 0x6, 0x8, 0x697, 0x673, 0x1, 0x1, 0x9, 0xfffffffa, 0x4, 0x5, 0x5, 0x8000, 0x8905, 0xfffffff9, 0x1, 0x1ff, 0x1, 0x4, 0x5, 0x5, 0x5, 0x0, 0x9, 0x10000, 0x6, 0x1f, 0x2, 0x6e53604c, 0xde73, 0x5, 0x9, 0x1, 0x5, 0x5, 0x7, 0x80000000, 0x65b, 0xe79, 0x1, 0x8, 0x40, 0xfffffe00, 0x3, 0x1f, 0x6, 0x80, 0x7984, 0x8, 0x7fff, 0x28, 0x7, 0x9, 0x0, 0x10001, 0x2, 0x9, 0x266, 0x9, 0x9, 0x8001, 0x5, 0x3, 0x9, 0x8, 0x1bc8, 0x3, 0xd6f, 0x5, 0x5, 0x9d1d, 0xc000, 0x7, 0x80, 0x16d, 0xffffffff, 0x10000, 0x3f5, 0xcc6, 0xfc93, 0x0, 0x8, 0x1, 0x1, 0x3, 0x25, 0x800, 0x80000001, 0x1, 0x6, 0x7, 0x8, 0x8512, 0x7, 0xe0b, 0xfd4, 0x9, 0x7, 0x101, 0x9, 0x7, 0x80000000, 0x9, 0x3f, 0x3, 0x1, 0x6, 0x7fff, 0x8001, 0x521, 0x8, 0x2, 0x2, 0x1, 0x8, 0xf, 0x400, 0xfffff000, 0x1ff, 0x9, 0x8, 0x20, 0x3, 0x8, 0x3ff, 0x3f, 0x7, 0x1000, 0x5, 0x7a5b, 0xffffff80, 0x0, 0x5, 0x7, 0x90000000, 0x5, 0x7, 0x401, 0x3e, 0x27d4406d, 0x1, 0x8, 0xfffffff8, 0x1, 0x3, 0x80, 0x1000, 0x80000000, 0x0, 0x7fffffff, 0x7f, 0x5, 0x2, 0x6, 0x200, 0x3, 0x9, 0x8, 0x80000001, 0xeb9a, 0x3ff, 0x3f, 0xfff, 0x6, 0x5, 0xffffff80, 0x7, 0x2, 0x200, 0x8, 0x1, 0xfffffffc, 0x400, 0x4, 0x6, 0x20, 0x9, 0x6fe4, 0x5, 0x8a, 0x9, 0xffffffff, 0x200, 0x8, 0x0, 0x7, 0x390, 0x80, 0x5b96, 0x100, 0x1, 0xb16, 0x335, 0x6, 0x5, 0x2, 0x2, 0x8, 0x5, 0x2, 0x0, 0x1, 0x6, 0x800, 0x1, 0x80000001, 0x3, 0x9, 0x81, 0x7, 0x3, 0x7, 0x838, 0x3ff, 0x6, 0x2, 0x80000001, 0x10000, 0x0, 0x0, 0x3, 0x1, 0x7, 0xf5e, 0x0, 0x3ff, 0x7fff, 0x6, 0x9, 0xfff, 0xffffffff, 0xd7df, 0x7ff80, 0x0, 0x3, 0x3, 0x4, 0x7ff, 0x10000, 0x248, 0x1ff, 0x100, 0x1, 0x88, 0x3, 0xa1, 0xffff9914, 0xf8bd, 0x7, 0x2, 0xffffffff, 0x9, 0x400, 0x0, 0x6, 0x7ff, 0x81, 0x5, 0x200, 0x8, 0x7, 0x5, 0x8001, 0x3bbd, 0x8000, 0x5, 0x7c0bb197, 0x101, 0x0, 0x0, 0x80000000, 0xffffffff, 0x3, 0x8, 0x4912, 0x3, 0x2, 0x4, 0x81, 0x2, 0x6, 0x3, 0x4, 0x9, 0x8, 0x2ab7, 0x4, 0x2, 0x7ff, 0x7ff, 0x800, 0x3f, 0x5, 0xcbd4, 0x8000, 0x341, 0x0, 0x9, 0x9, 0x3, 0x1f, 0xd84, 0x9, 0x4, 0x44, 0xfffffffe, 0x7, 0x7f, 0x6, 0x311d84f8, 0x1, 0x37, 0x3ff, 0x46655a9b, 0x100, 0x3, 0x8000, 0x3, 0xfe23, 0x87, 0x20, 0x1, 0x9, 0x7, 0x100, 0xff, 0x800, 0x2, 0x34d, 0x4, 0x5, 0x40, 0x7276591d, 0x4, 0x72, 0x6, 0x0, 0x2, 0x5, 0x1, 0xfd, 0x1d21, 0x5, 0x401, 0x8, 0x7fffffff, 0x8, 0x4, 0x3ff, 0x9, 0x5, 0x5, 0x3, 0x1d57, 0x8f44, 0xd44, 0x0, 0x8, 0x80000001, 0x3, 0x5, 0x8, 0x101, 0x8, 0x9, 0x1ff, 0x3, 0x1, 0x81, 0x0, 0x8000, 0x8ba, 0xfffffff8, 0x9, 0x7ff, 0x3, 0x6, 0x0, 0x7, 0x6f, 0x3f, 0x1, 0x93ea, 0xffffff00, 0x4, 0x1, 0x3, 0xb8, 0x0, 0x8, 0x0, 0xc24, 0x400, 0x1, 0x1ff, 0x3, 0x3, 0x5, 0x8, 0x23, 0x80000001, 0x4, 0xff, 0xa1, 0x1f, 0x0, 0x2, 0x1000, 0x7fff, 0x80000000, 0xfff, 0x3, 0x80, 0x5, 0xffffffff, 0xff, 0x3, 0x10001, 0xffff, 0xcdd9, 0x7, 0xb16b, 0x0, 0x6, 0x5, 0x36, 0x7, 0xa6e, 0xdd7e, 0x3ff, 0x5, 0xcd, 0x5, 0x62, 0x10000, 0x9, 0x5, 0x7, 0x7, 0x0, 0x0, 0x5, 0xfffffff9, 0xfffffffc, 0xe6aa, 0x1000, 0x3ff, 0xffffffff, 0xb1f, 0x1f, 0x7, 0x0, 0x10000, 0x7, 0x0, 0x81, 0x7f, 0x4, 0x0, 0x1000, 0x80000001, 0x49ae, 0x80000000, 0x1, 0x2, 0x5, 0x9, 0x7, 0x7, 0x0, 0x2a4, 0x4, 0xc962, 0x9, 0x5, 0x6a, 0xfff80000, 0x101, 0x7, 0x0, 0x20, 0xfffffffc, 0x4, 0x1, 0x9, 0x5, 0x0, 0xfffff000, 0x59, 0x8, 0xbf, 0x3, 0x5, 0x4, 0xffffffff, 0x20, 0x2, 0x1000, 0x5, 0x2bc6d14d, 0x8, 0x401, 0x7, 0xfffffff8, 0x7ff, 0x2, 0x9, 0x804, 0x2, 0x6, 0x1000, 0x4, 0x800, 0x800, 0x200, 0x93, 0x2, 0x5, 0x88a, 0xff, 0x3, 0x3, 0x6, 0x0, 0x4, 0x4, 0x3, 0x81, 0x0, 0xc7, 0x2, 0xffff, 0x7, 0x59b15d52, 0x40, 0x20, 0x100, 0x7b0d, 0x4, 0x0, 0xfffff801, 0x100, 0xffffffff, 0x6, 0x5, 0x1, 0xa8c0, 0xb1b, 0x3f, 0xd4bb, 0xffffffff, 0x7d, 0xffffffff, 0x3, 0x3ff, 0xfff, 0xfffffffe, 0x8, 0x3, 0x0, 0x3ff, 0x9, 0xfffffff9, 0x81, 0x101, 0x401, 0x1, 0x1, 0x0, 0xfffffffd, 0x101, 0x4, 0x2, 0xffffff54, 0x0, 0x4, 0x0, 0x7, 0x3, 0x3, 0x40f7, 0x1, 0x5, 0x5, 0x8, 0x7, 0x8, 0x6, 0x8, 0x5, 0xcf62, 0x1000, 0x7f, 0xfffff606, 0x8000, 0xfffffeff, 0x9, 0xf030, 0x2, 0x1, 0x200, 0x0, 0xe40, 0x3, 0x1, 0x9, 0x7, 0x9, 0x1, 0x4, 0x1, 0xef, 0x8, 0x1000, 0x100, 0x3, 0x400, 0xffff, 0x80, 0x4, 0x2c, 0x80000001, 0x3, 0xffffffc1, 0xbe1, 0x6, 0xff, 0xffffff05, 0x3f, 0x3, 0x570d2465, 0x3, 0x9, 0x1634, 0x1, 0x4, 0xfffffffe, 0x40, 0x35f, 0x5, 0x1f, 0x2, 0x9a79, 0x2, 0xffff, 0xfc000000, 0x1, 0x24a6bc23, 0x2, 0x7b0, 0x3, 0x0, 0x0, 0x80000001, 0xe3, 0xd34, 0x8, 0x7fff, 0x0, 0x0, 0x3, 0x9, 0x2, 0x3, 0x80000001, 0xfa6, 0x200, 0x0, 0x207, 0x5, 0x7, 0x8, 0x3, 0x5, 0x0, 0x6, 0x81, 0x1, 0x8, 0x53000, 0x7b63, 0x6, 0x80000000, 0x3, 0x893952b, 0x70f, 0x6, 0xe0000, 0x8, 0x1, 0x5, 0x9, 0x4, 0x8, 0xfffffff9, 0x8000, 0x7fff, 0x6, 0x7, 0x8, 0x101, 0x7, 0x10000, 0xffffffff, 0x401, 0xfff, 0x7, 0x2, 0x101, 0x6, 0x4, 0x1, 0x7fff, 0xffffffff, 0xcca, 0x5, 0x5, 0xa068, 0x630, 0x0, 0x934, 0x1, 0x7fff, 0xb195, 0x9774, 0x40, 0x0, 0x1, 0x7, 0x9, 0x9, 0xff, 0x7f, 0x56, 0x4, 0x0, 0x1000, 0x7, 0x94, 0x8, 0x20, 0x6, 0x1, 0x0, 0x2, 0x20, 0xd3, 0x400, 0x9, 0x641, 0xfffffffd, 0xfffff000, 0x1, 0x7fff, 0x79000, 0x1, 0x80000001, 0xfff, 0x80, 0x8, 0x80000001, 0x6, 0xff, 0xfffffeff, 0x2, 0x8, 0x2, 0xed0f, 0x6, 0x6, 0xffffffff, 0x80000001, 0x3ff, 0x8, 0xa0000000, 0x400, 0x6f58, 0x3ff, 0x1, 0x8211, 0x7f, 0x7, 0x7e, 0x882, 0xffffffff, 0x8, 0x81, 0x6, 0x1000, 0x189374ba, 0x9, 0x6, 0x3f, 0x0, 0xff, 0x7, 0x3, 0xef, 0x1ff, 0xfff, 0xffff, 0x4, 0x6a, 0xba, 0x3, 0x6, 0xe8ad, 0xfd, 0x3, 0x5, 0x100, 0x20, 0x10001, 0x0, 0x80, 0x3, 0x4, 0x5, 0x6, 0x9, 0x7, 0x20, 0xfff, 0xb90, 0x5, 0x8, 0xffff, 0x100, 0xfffffff7, 0xffffff31, 0xa1, 0x4, 0x5, 0x7f, 0x5, 0x0, 0xfdd, 0x6, 0x0, 0x7f20df30, 0x80, 0x5, 0xfffffd3b, 0x4, 0x3, 0x1357d124, 0x1, 0x7ff, 0x5, 0xfffffff7, 0x3, 0x2, 0x5, 0x400, 0x8, 0x3, 0x3, 0xffffff15, 0x0, 0x3, 0x3, 0x6, 0x5, 0x4, 0x43, 0x80000000, 0x7fff, 0x5, 0x101, 0xfa, 0xfffffff8, 0x5c, 0x6, 0x10000, 0x101, 0x1, 0x4, 0x80000001, 0x2bed, 0x3, 0x400, 0x0, 0x0, 0x3, 0x10001, 0x1, 0x0, 0x800, 0x80000001, 0x2f6, 0x9d8d, 0x1, 0x6, 0x37f5, 0x20, 0x10001, 0x0, 0x3ff, 0x30be, 0x10001, 0x101, 0x1, 0x81, 0xffffffff, 0x8629, 0x1000, 0x3a, 0xff, 0x1, 0x6, 0x6, 0x0, 0x6, 0x2, 0x3, 0x18, 0x3, 0x101, 0x1, 0xfffff001, 0x1, 0x0, 0x8, 0x9, 0x80000000, 0x9, 0x7, 0x6, 0xfffffffe, 0x5, 0xbe, 0x7f, 0x14, 0x400, 0x6, 0xff, 0x6, 0xffffffff, 0xfb, 0x1, 0x1e, 0x2, 0x6, 0x53, 0x2, 0x7, 0x9, 0xfffffff8, 0x2, 0xffffffff, 0x0, 0x9, 0x80000000, 0xd06c, 0x80, 0x5, 0x400, 0xc963, 0x2, 0x2e1, 0x8, 0x7, 0xffff, 0x5, 0x6, 0xf1, 0xa4e4, 0x7, 0x3, 0x81, 0xffffffff, 0x1000, 0xdd47, 0x7fff, 0x7, 0xfffffbff, 0xeb, 0x20, 0xffff, 0x6, 0x80, 0x8, 0x1, 0x7, 0x10001, 0x4, 0x6, 0x8, 0x7fff, 0x401, 0x40, 0x417, 0x5, 0xa090, 0xffff, 0x2, 0x9, 0x0, 0x0, 0x9, 0x9, 0x8, 0x6, 0x8000, 0x10000, 0x6, 0x0, 0xa7, 0x927d, 0x92, 0x7f, 0x6, 0x3, 0xaf, 0xaa7e]}) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f0000000100)}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000140), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xffffffff, 0x1}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:09 executing program 4: socketpair(0x5, 0x1, 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000040)) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) connect$l2tp(r1, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010101, 0x1}, 0x10) 13:38:09 executing program 3: connect$l2tp(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x10) (async) socketpair(0x2, 0x2, 0x4, 0x0) 13:38:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x1ff, 0x3fc000, 0x4, 0x0, 0x62, 0x1, 0x3], 0x7, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r2, 0x4068aea3, &(0x7f00000000c0)) (async) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x200, 0x101, 0x80, 0x0, 0x9, 0x6000, 0x4000, '\x00', 0x6}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x400) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req={0x40, 0x3, 0x101, 0x17}, 0x10) (async, rerun: 32) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 32) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x40180) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r3, 0xc01064c2, &(0x7f00000001c0)={0x0, 0x1, r4}) [ 693.843376] FAULT_INJECTION: forcing a failure. [ 693.843376] name failslab, interval 1, probability 0, space 0, times 0 [ 693.887252] CPU: 0 PID: 15644 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 693.900455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.910340] Call Trace: [ 693.912934] dump_stack+0x1b2/0x281 [ 693.916570] should_fail.cold+0x10a/0x149 [ 693.920719] should_failslab+0xd6/0x130 [ 693.924693] kmem_cache_alloc+0x28e/0x3c0 [ 693.928843] __d_alloc+0x2a/0xa20 [ 693.932292] ? d_lookup+0x172/0x220 [ 693.935918] d_alloc+0x46/0x240 [ 693.939203] __lookup_hash+0x101/0x270 [ 693.943086] ? __inode_permission+0xcd/0x2f0 [ 693.947498] lookup_one_len+0x279/0x3a0 [ 693.951472] ? lookup_one_len_unlocked+0x410/0x410 [ 693.956405] start_creating+0xb0/0x200 [ 693.960288] __debugfs_create_file+0x4f/0x440 [ 693.964778] ? debugfs_create_file+0x37/0x60 [ 693.969186] kvm_dev_ioctl+0xe7f/0x1450 [ 693.973166] ? fsnotify+0x974/0x11b0 [ 693.976877] ? kvm_put_kvm+0xab0/0xab0 [ 693.980768] ? kvm_put_kvm+0xab0/0xab0 [ 693.984648] do_vfs_ioctl+0x75a/0xff0 [ 693.988451] ? lock_acquire+0x170/0x3f0 [ 693.992421] ? ioctl_preallocate+0x1a0/0x1a0 [ 693.996826] ? __fget+0x265/0x3e0 [ 694.000275] ? do_vfs_ioctl+0xff0/0xff0 [ 694.004247] ? security_file_ioctl+0x83/0xb0 [ 694.008654] SyS_ioctl+0x7f/0xb0 [ 694.012018] ? do_vfs_ioctl+0xff0/0xff0 [ 694.015991] do_syscall_64+0x1d5/0x640 [ 694.019883] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 694.025070] RIP: 0033:0x7fa37e383109 [ 694.028781] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 694.036484] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 694.043748] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 694.051021] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 694.058286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 694.066257] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x3, 0xe49c, 0x69a4, 0xfa8, 0x4], 0x6, 0x0, 0x0, 0xffffffffffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='afs_flock_op\x00', r1}, 0x10) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 79) 13:38:10 executing program 2: sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)=@getneightbl={0x14, 0x42, 0x200, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}}, 0x44805) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)) (async) ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000200)={[0xf90, 0x2, 0x1, 0x3e, 0x0, 0xffff0000, 0x8, 0x134, 0x3, 0xcfec, 0x6, 0x8, 0x697, 0x673, 0x1, 0x1, 0x9, 0xfffffffa, 0x4, 0x5, 0x5, 0x8000, 0x8905, 0xfffffff9, 0x1, 0x1ff, 0x1, 0x4, 0x5, 0x5, 0x5, 0x0, 0x9, 0x10000, 0x6, 0x1f, 0x2, 0x6e53604c, 0xde73, 0x5, 0x9, 0x1, 0x5, 0x5, 0x7, 0x80000000, 0x65b, 0xe79, 0x1, 0x8, 0x40, 0xfffffe00, 0x3, 0x1f, 0x6, 0x80, 0x7984, 0x8, 0x7fff, 0x28, 0x7, 0x9, 0x0, 0x10001, 0x2, 0x9, 0x266, 0x9, 0x9, 0x8001, 0x5, 0x3, 0x9, 0x8, 0x1bc8, 0x3, 0xd6f, 0x5, 0x5, 0x9d1d, 0xc000, 0x7, 0x80, 0x16d, 0xffffffff, 0x10000, 0x3f5, 0xcc6, 0xfc93, 0x0, 0x8, 0x1, 0x1, 0x3, 0x25, 0x800, 0x80000001, 0x1, 0x6, 0x7, 0x8, 0x8512, 0x7, 0xe0b, 0xfd4, 0x9, 0x7, 0x101, 0x9, 0x7, 0x80000000, 0x9, 0x3f, 0x3, 0x1, 0x6, 0x7fff, 0x8001, 0x521, 0x8, 0x2, 0x2, 0x1, 0x8, 0xf, 0x400, 0xfffff000, 0x1ff, 0x9, 0x8, 0x20, 0x3, 0x8, 0x3ff, 0x3f, 0x7, 0x1000, 0x5, 0x7a5b, 0xffffff80, 0x0, 0x5, 0x7, 0x90000000, 0x5, 0x7, 0x401, 0x3e, 0x27d4406d, 0x1, 0x8, 0xfffffff8, 0x1, 0x3, 0x80, 0x1000, 0x80000000, 0x0, 0x7fffffff, 0x7f, 0x5, 0x2, 0x6, 0x200, 0x3, 0x9, 0x8, 0x80000001, 0xeb9a, 0x3ff, 0x3f, 0xfff, 0x6, 0x5, 0xffffff80, 0x7, 0x2, 0x200, 0x8, 0x1, 0xfffffffc, 0x400, 0x4, 0x6, 0x20, 0x9, 0x6fe4, 0x5, 0x8a, 0x9, 0xffffffff, 0x200, 0x8, 0x0, 0x7, 0x390, 0x80, 0x5b96, 0x100, 0x1, 0xb16, 0x335, 0x6, 0x5, 0x2, 0x2, 0x8, 0x5, 0x2, 0x0, 0x1, 0x6, 0x800, 0x1, 0x80000001, 0x3, 0x9, 0x81, 0x7, 0x3, 0x7, 0x838, 0x3ff, 0x6, 0x2, 0x80000001, 0x10000, 0x0, 0x0, 0x3, 0x1, 0x7, 0xf5e, 0x0, 0x3ff, 0x7fff, 0x6, 0x9, 0xfff, 0xffffffff, 0xd7df, 0x7ff80, 0x0, 0x3, 0x3, 0x4, 0x7ff, 0x10000, 0x248, 0x1ff, 0x100, 0x1, 0x88, 0x3, 0xa1, 0xffff9914, 0xf8bd, 0x7, 0x2, 0xffffffff, 0x9, 0x400, 0x0, 0x6, 0x7ff, 0x81, 0x5, 0x200, 0x8, 0x7, 0x5, 0x8001, 0x3bbd, 0x8000, 0x5, 0x7c0bb197, 0x101, 0x0, 0x0, 0x80000000, 0xffffffff, 0x3, 0x8, 0x4912, 0x3, 0x2, 0x4, 0x81, 0x2, 0x6, 0x3, 0x4, 0x9, 0x8, 0x2ab7, 0x4, 0x2, 0x7ff, 0x7ff, 0x800, 0x3f, 0x5, 0xcbd4, 0x8000, 0x341, 0x0, 0x9, 0x9, 0x3, 0x1f, 0xd84, 0x9, 0x4, 0x44, 0xfffffffe, 0x7, 0x7f, 0x6, 0x311d84f8, 0x1, 0x37, 0x3ff, 0x46655a9b, 0x100, 0x3, 0x8000, 0x3, 0xfe23, 0x87, 0x20, 0x1, 0x9, 0x7, 0x100, 0xff, 0x800, 0x2, 0x34d, 0x4, 0x5, 0x40, 0x7276591d, 0x4, 0x72, 0x6, 0x0, 0x2, 0x5, 0x1, 0xfd, 0x1d21, 0x5, 0x401, 0x8, 0x7fffffff, 0x8, 0x4, 0x3ff, 0x9, 0x5, 0x5, 0x3, 0x1d57, 0x8f44, 0xd44, 0x0, 0x8, 0x80000001, 0x3, 0x5, 0x8, 0x101, 0x8, 0x9, 0x1ff, 0x3, 0x1, 0x81, 0x0, 0x8000, 0x8ba, 0xfffffff8, 0x9, 0x7ff, 0x3, 0x6, 0x0, 0x7, 0x6f, 0x3f, 0x1, 0x93ea, 0xffffff00, 0x4, 0x1, 0x3, 0xb8, 0x0, 0x8, 0x0, 0xc24, 0x400, 0x1, 0x1ff, 0x3, 0x3, 0x5, 0x8, 0x23, 0x80000001, 0x4, 0xff, 0xa1, 0x1f, 0x0, 0x2, 0x1000, 0x7fff, 0x80000000, 0xfff, 0x3, 0x80, 0x5, 0xffffffff, 0xff, 0x3, 0x10001, 0xffff, 0xcdd9, 0x7, 0xb16b, 0x0, 0x6, 0x5, 0x36, 0x7, 0xa6e, 0xdd7e, 0x3ff, 0x5, 0xcd, 0x5, 0x62, 0x10000, 0x9, 0x5, 0x7, 0x7, 0x0, 0x0, 0x5, 0xfffffff9, 0xfffffffc, 0xe6aa, 0x1000, 0x3ff, 0xffffffff, 0xb1f, 0x1f, 0x7, 0x0, 0x10000, 0x7, 0x0, 0x81, 0x7f, 0x4, 0x0, 0x1000, 0x80000001, 0x49ae, 0x80000000, 0x1, 0x2, 0x5, 0x9, 0x7, 0x7, 0x0, 0x2a4, 0x4, 0xc962, 0x9, 0x5, 0x6a, 0xfff80000, 0x101, 0x7, 0x0, 0x20, 0xfffffffc, 0x4, 0x1, 0x9, 0x5, 0x0, 0xfffff000, 0x59, 0x8, 0xbf, 0x3, 0x5, 0x4, 0xffffffff, 0x20, 0x2, 0x1000, 0x5, 0x2bc6d14d, 0x8, 0x401, 0x7, 0xfffffff8, 0x7ff, 0x2, 0x9, 0x804, 0x2, 0x6, 0x1000, 0x4, 0x800, 0x800, 0x200, 0x93, 0x2, 0x5, 0x88a, 0xff, 0x3, 0x3, 0x6, 0x0, 0x4, 0x4, 0x3, 0x81, 0x0, 0xc7, 0x2, 0xffff, 0x7, 0x59b15d52, 0x40, 0x20, 0x100, 0x7b0d, 0x4, 0x0, 0xfffff801, 0x100, 0xffffffff, 0x6, 0x5, 0x1, 0xa8c0, 0xb1b, 0x3f, 0xd4bb, 0xffffffff, 0x7d, 0xffffffff, 0x3, 0x3ff, 0xfff, 0xfffffffe, 0x8, 0x3, 0x0, 0x3ff, 0x9, 0xfffffff9, 0x81, 0x101, 0x401, 0x1, 0x1, 0x0, 0xfffffffd, 0x101, 0x4, 0x2, 0xffffff54, 0x0, 0x4, 0x0, 0x7, 0x3, 0x3, 0x40f7, 0x1, 0x5, 0x5, 0x8, 0x7, 0x8, 0x6, 0x8, 0x5, 0xcf62, 0x1000, 0x7f, 0xfffff606, 0x8000, 0xfffffeff, 0x9, 0xf030, 0x2, 0x1, 0x200, 0x0, 0xe40, 0x3, 0x1, 0x9, 0x7, 0x9, 0x1, 0x4, 0x1, 0xef, 0x8, 0x1000, 0x100, 0x3, 0x400, 0xffff, 0x80, 0x4, 0x2c, 0x80000001, 0x3, 0xffffffc1, 0xbe1, 0x6, 0xff, 0xffffff05, 0x3f, 0x3, 0x570d2465, 0x3, 0x9, 0x1634, 0x1, 0x4, 0xfffffffe, 0x40, 0x35f, 0x5, 0x1f, 0x2, 0x9a79, 0x2, 0xffff, 0xfc000000, 0x1, 0x24a6bc23, 0x2, 0x7b0, 0x3, 0x0, 0x0, 0x80000001, 0xe3, 0xd34, 0x8, 0x7fff, 0x0, 0x0, 0x3, 0x9, 0x2, 0x3, 0x80000001, 0xfa6, 0x200, 0x0, 0x207, 0x5, 0x7, 0x8, 0x3, 0x5, 0x0, 0x6, 0x81, 0x1, 0x8, 0x53000, 0x7b63, 0x6, 0x80000000, 0x3, 0x893952b, 0x70f, 0x6, 0xe0000, 0x8, 0x1, 0x5, 0x9, 0x4, 0x8, 0xfffffff9, 0x8000, 0x7fff, 0x6, 0x7, 0x8, 0x101, 0x7, 0x10000, 0xffffffff, 0x401, 0xfff, 0x7, 0x2, 0x101, 0x6, 0x4, 0x1, 0x7fff, 0xffffffff, 0xcca, 0x5, 0x5, 0xa068, 0x630, 0x0, 0x934, 0x1, 0x7fff, 0xb195, 0x9774, 0x40, 0x0, 0x1, 0x7, 0x9, 0x9, 0xff, 0x7f, 0x56, 0x4, 0x0, 0x1000, 0x7, 0x94, 0x8, 0x20, 0x6, 0x1, 0x0, 0x2, 0x20, 0xd3, 0x400, 0x9, 0x641, 0xfffffffd, 0xfffff000, 0x1, 0x7fff, 0x79000, 0x1, 0x80000001, 0xfff, 0x80, 0x8, 0x80000001, 0x6, 0xff, 0xfffffeff, 0x2, 0x8, 0x2, 0xed0f, 0x6, 0x6, 0xffffffff, 0x80000001, 0x3ff, 0x8, 0xa0000000, 0x400, 0x6f58, 0x3ff, 0x1, 0x8211, 0x7f, 0x7, 0x7e, 0x882, 0xffffffff, 0x8, 0x81, 0x6, 0x1000, 0x189374ba, 0x9, 0x6, 0x3f, 0x0, 0xff, 0x7, 0x3, 0xef, 0x1ff, 0xfff, 0xffff, 0x4, 0x6a, 0xba, 0x3, 0x6, 0xe8ad, 0xfd, 0x3, 0x5, 0x100, 0x20, 0x10001, 0x0, 0x80, 0x3, 0x4, 0x5, 0x6, 0x9, 0x7, 0x20, 0xfff, 0xb90, 0x5, 0x8, 0xffff, 0x100, 0xfffffff7, 0xffffff31, 0xa1, 0x4, 0x5, 0x7f, 0x5, 0x0, 0xfdd, 0x6, 0x0, 0x7f20df30, 0x80, 0x5, 0xfffffd3b, 0x4, 0x3, 0x1357d124, 0x1, 0x7ff, 0x5, 0xfffffff7, 0x3, 0x2, 0x5, 0x400, 0x8, 0x3, 0x3, 0xffffff15, 0x0, 0x3, 0x3, 0x6, 0x5, 0x4, 0x43, 0x80000000, 0x7fff, 0x5, 0x101, 0xfa, 0xfffffff8, 0x5c, 0x6, 0x10000, 0x101, 0x1, 0x4, 0x80000001, 0x2bed, 0x3, 0x400, 0x0, 0x0, 0x3, 0x10001, 0x1, 0x0, 0x800, 0x80000001, 0x2f6, 0x9d8d, 0x1, 0x6, 0x37f5, 0x20, 0x10001, 0x0, 0x3ff, 0x30be, 0x10001, 0x101, 0x1, 0x81, 0xffffffff, 0x8629, 0x1000, 0x3a, 0xff, 0x1, 0x6, 0x6, 0x0, 0x6, 0x2, 0x3, 0x18, 0x3, 0x101, 0x1, 0xfffff001, 0x1, 0x0, 0x8, 0x9, 0x80000000, 0x9, 0x7, 0x6, 0xfffffffe, 0x5, 0xbe, 0x7f, 0x14, 0x400, 0x6, 0xff, 0x6, 0xffffffff, 0xfb, 0x1, 0x1e, 0x2, 0x6, 0x53, 0x2, 0x7, 0x9, 0xfffffff8, 0x2, 0xffffffff, 0x0, 0x9, 0x80000000, 0xd06c, 0x80, 0x5, 0x400, 0xc963, 0x2, 0x2e1, 0x8, 0x7, 0xffff, 0x5, 0x6, 0xf1, 0xa4e4, 0x7, 0x3, 0x81, 0xffffffff, 0x1000, 0xdd47, 0x7fff, 0x7, 0xfffffbff, 0xeb, 0x20, 0xffff, 0x6, 0x80, 0x8, 0x1, 0x7, 0x10001, 0x4, 0x6, 0x8, 0x7fff, 0x401, 0x40, 0x417, 0x5, 0xa090, 0xffff, 0x2, 0x9, 0x0, 0x0, 0x9, 0x9, 0x8, 0x6, 0x8000, 0x10000, 0x6, 0x0, 0xa7, 0x927d, 0x92, 0x7f, 0x6, 0x3, 0xaf, 0xaa7e]}) (async, rerun: 64) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f0000000100)}) (async, rerun: 64) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) r1 = syz_open_dev$dri(&(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xffffffff, 0x1}) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:10 executing program 4: socketpair(0x5, 0x1, 0x0, 0x0) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000040)) (async) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) connect$l2tp(r1, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010101, 0x1}, 0x10) 13:38:10 executing program 3: ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(0xffffffffffffffff, 0xc00464c9, &(0x7f0000000180)) socketpair(0x2, 0x1, 0xfffffffb, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000040000007d89b17e95cdfb8e888e534f1b11e00b145508f37e3afdfed80cf6fe5224453f4977b67ce83a170c7bde3f168bb032c720c6f90e7752e971689e048698addeda67287bd91ae7c0fcd6f8c7789301318ca2430bfab11300f8e52617a2d906d54699179b430d6688c2feb316f447de4000feb79e96af6fe762df8bda9991d20c05e275677866933786b3417479c21231181bbe256cf795353eee7a5fe9eaf0ee13b29d4eeb9586b1559a0aea79cecfedc4c351c77f511e73a41dc948a20d2b63526b02a075fafbf19ea7d4e94d44a7f84f5bf23d6e82581e07c65908d838e5b481810c8d93db64fe8d2b57839d56927b15ee1902"], 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="8007010d", @ANYRES16=r2, @ANYBLOB="00012cbd7000ffdbdf25060000000500290001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) 13:38:10 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) (async, rerun: 64) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (rerun: 64) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x1ff, 0x3fc000, 0x4, 0x0, 0x62, 0x1, 0x3], 0x7, 0x800, 0x0, 0xffffffffffffffff}) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r2, 0x4068aea3, &(0x7f00000000c0)) (async, rerun: 64) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x200, 0x101, 0x80, 0x0, 0x9, 0x6000, 0x4000, '\x00', 0x6}) (async, rerun: 64) openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x400) (async) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req={0x40, 0x3, 0x101, 0x17}, 0x10) (async) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r3, 0xc008aeb0, 0x0) (async) r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000180), 0x40180) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r3, 0xc01064c2, &(0x7f00000001c0)={0x0, 0x1, r4}) 13:38:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x3, 0xe49c, 0x69a4, 0xfa8, 0x4], 0x6, 0x0, 0x0, 0xffffffffffffffff}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='afs_flock_op\x00', r1}, 0x10) (async, rerun: 32) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (rerun: 32) 13:38:10 executing program 3: ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(0xffffffffffffffff, 0xc00464c9, &(0x7f0000000180)) socketpair(0x2, 0x1, 0xfffffffb, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000040000007d89b17e95cdfb8e888e534f1b11e00b145508f37e3afdfed80cf6fe5224453f4977b67ce83a170c7bde3f168bb032c720c6f90e7752e971689e048698addeda67287bd91ae7c0fcd6f8c7789301318ca2430bfab11300f8e52617a2d906d54699179b430d6688c2feb316f447de4000feb79e96af6fe762df8bda9991d20c05e275677866933786b3417479c21231181bbe256cf795353eee7a5fe9eaf0ee13b29d4eeb9586b1559a0aea79cecfedc4c351c77f511e73a41dc948a20d2b63526b02a075fafbf19ea7d4e94d44a7f84f5bf23d6e82581e07c65908d838e5b481810c8d93db64fe8d2b57839d56927b15ee1902"], 0x14}}, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="8007010d", @ANYRES16=r2, @ANYBLOB="00012cbd7000ffdbdf25060000000500290001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(0xffffffffffffffff, 0xc00464c9, &(0x7f0000000180)) (async) socketpair(0x2, 0x1, 0xfffffffb, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000040000007d89b17e95cdfb8e888e534f1b11e00b145508f37e3afdfed80cf6fe5224453f4977b67ce83a170c7bde3f168bb032c720c6f90e7752e971689e048698addeda67287bd91ae7c0fcd6f8c7789301318ca2430bfab11300f8e52617a2d906d54699179b430d6688c2feb316f447de4000feb79e96af6fe762df8bda9991d20c05e275677866933786b3417479c21231181bbe256cf795353eee7a5fe9eaf0ee13b29d4eeb9586b1559a0aea79cecfedc4c351c77f511e73a41dc948a20d2b63526b02a075fafbf19ea7d4e94d44a7f84f5bf23d6e82581e07c65908d838e5b481810c8d93db64fe8d2b57839d56927b15ee1902"], 0x14}}, 0x0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="8007010d", @ANYRES16=r2, @ANYBLOB="00012cbd7000ffdbdf25060000000500290001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) (async) [ 694.178835] FAULT_INJECTION: forcing a failure. [ 694.178835] name failslab, interval 1, probability 0, space 0, times 0 [ 694.215379] CPU: 1 PID: 15707 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 694.223721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.233077] Call Trace: [ 694.235673] dump_stack+0x1b2/0x281 [ 694.239312] should_fail.cold+0x10a/0x149 [ 694.243465] should_failslab+0xd6/0x130 [ 694.247441] kmem_cache_alloc+0x28e/0x3c0 [ 694.251598] alloc_inode+0xa0/0x170 [ 694.255227] new_inode+0x1d/0xf0 [ 694.258592] debugfs_get_inode+0x1a/0x130 [ 694.262743] __debugfs_create_file+0x93/0x440 [ 694.268541] ? debugfs_create_file+0x37/0x60 [ 694.272954] kvm_dev_ioctl+0xe7f/0x1450 [ 694.276932] ? fsnotify+0x974/0x11b0 [ 694.280746] ? kvm_put_kvm+0xab0/0xab0 [ 694.284639] ? kvm_put_kvm+0xab0/0xab0 [ 694.288528] do_vfs_ioctl+0x75a/0xff0 [ 694.292332] ? lock_acquire+0x170/0x3f0 [ 694.296400] ? ioctl_preallocate+0x1a0/0x1a0 [ 694.300818] ? __fget+0x265/0x3e0 [ 694.304276] ? do_vfs_ioctl+0xff0/0xff0 [ 694.308253] ? security_file_ioctl+0x83/0xb0 [ 694.312758] SyS_ioctl+0x7f/0xb0 [ 694.316127] ? do_vfs_ioctl+0xff0/0xff0 [ 694.320142] do_syscall_64+0x1d5/0x640 [ 694.324041] entry_SYSCALL_64_after_hwframe+0x46/0xbb 13:38:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:10 executing program 2: sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)=@getneightbl={0x14, 0x42, 0x200, 0x70bd28, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}}, 0x44805) (async) ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)) (async) ioctl$KVM_SET_XSAVE(0xffffffffffffffff, 0x5000aea5, &(0x7f0000000200)={[0xf90, 0x2, 0x1, 0x3e, 0x0, 0xffff0000, 0x8, 0x134, 0x3, 0xcfec, 0x6, 0x8, 0x697, 0x673, 0x1, 0x1, 0x9, 0xfffffffa, 0x4, 0x5, 0x5, 0x8000, 0x8905, 0xfffffff9, 0x1, 0x1ff, 0x1, 0x4, 0x5, 0x5, 0x5, 0x0, 0x9, 0x10000, 0x6, 0x1f, 0x2, 0x6e53604c, 0xde73, 0x5, 0x9, 0x1, 0x5, 0x5, 0x7, 0x80000000, 0x65b, 0xe79, 0x1, 0x8, 0x40, 0xfffffe00, 0x3, 0x1f, 0x6, 0x80, 0x7984, 0x8, 0x7fff, 0x28, 0x7, 0x9, 0x0, 0x10001, 0x2, 0x9, 0x266, 0x9, 0x9, 0x8001, 0x5, 0x3, 0x9, 0x8, 0x1bc8, 0x3, 0xd6f, 0x5, 0x5, 0x9d1d, 0xc000, 0x7, 0x80, 0x16d, 0xffffffff, 0x10000, 0x3f5, 0xcc6, 0xfc93, 0x0, 0x8, 0x1, 0x1, 0x3, 0x25, 0x800, 0x80000001, 0x1, 0x6, 0x7, 0x8, 0x8512, 0x7, 0xe0b, 0xfd4, 0x9, 0x7, 0x101, 0x9, 0x7, 0x80000000, 0x9, 0x3f, 0x3, 0x1, 0x6, 0x7fff, 0x8001, 0x521, 0x8, 0x2, 0x2, 0x1, 0x8, 0xf, 0x400, 0xfffff000, 0x1ff, 0x9, 0x8, 0x20, 0x3, 0x8, 0x3ff, 0x3f, 0x7, 0x1000, 0x5, 0x7a5b, 0xffffff80, 0x0, 0x5, 0x7, 0x90000000, 0x5, 0x7, 0x401, 0x3e, 0x27d4406d, 0x1, 0x8, 0xfffffff8, 0x1, 0x3, 0x80, 0x1000, 0x80000000, 0x0, 0x7fffffff, 0x7f, 0x5, 0x2, 0x6, 0x200, 0x3, 0x9, 0x8, 0x80000001, 0xeb9a, 0x3ff, 0x3f, 0xfff, 0x6, 0x5, 0xffffff80, 0x7, 0x2, 0x200, 0x8, 0x1, 0xfffffffc, 0x400, 0x4, 0x6, 0x20, 0x9, 0x6fe4, 0x5, 0x8a, 0x9, 0xffffffff, 0x200, 0x8, 0x0, 0x7, 0x390, 0x80, 0x5b96, 0x100, 0x1, 0xb16, 0x335, 0x6, 0x5, 0x2, 0x2, 0x8, 0x5, 0x2, 0x0, 0x1, 0x6, 0x800, 0x1, 0x80000001, 0x3, 0x9, 0x81, 0x7, 0x3, 0x7, 0x838, 0x3ff, 0x6, 0x2, 0x80000001, 0x10000, 0x0, 0x0, 0x3, 0x1, 0x7, 0xf5e, 0x0, 0x3ff, 0x7fff, 0x6, 0x9, 0xfff, 0xffffffff, 0xd7df, 0x7ff80, 0x0, 0x3, 0x3, 0x4, 0x7ff, 0x10000, 0x248, 0x1ff, 0x100, 0x1, 0x88, 0x3, 0xa1, 0xffff9914, 0xf8bd, 0x7, 0x2, 0xffffffff, 0x9, 0x400, 0x0, 0x6, 0x7ff, 0x81, 0x5, 0x200, 0x8, 0x7, 0x5, 0x8001, 0x3bbd, 0x8000, 0x5, 0x7c0bb197, 0x101, 0x0, 0x0, 0x80000000, 0xffffffff, 0x3, 0x8, 0x4912, 0x3, 0x2, 0x4, 0x81, 0x2, 0x6, 0x3, 0x4, 0x9, 0x8, 0x2ab7, 0x4, 0x2, 0x7ff, 0x7ff, 0x800, 0x3f, 0x5, 0xcbd4, 0x8000, 0x341, 0x0, 0x9, 0x9, 0x3, 0x1f, 0xd84, 0x9, 0x4, 0x44, 0xfffffffe, 0x7, 0x7f, 0x6, 0x311d84f8, 0x1, 0x37, 0x3ff, 0x46655a9b, 0x100, 0x3, 0x8000, 0x3, 0xfe23, 0x87, 0x20, 0x1, 0x9, 0x7, 0x100, 0xff, 0x800, 0x2, 0x34d, 0x4, 0x5, 0x40, 0x7276591d, 0x4, 0x72, 0x6, 0x0, 0x2, 0x5, 0x1, 0xfd, 0x1d21, 0x5, 0x401, 0x8, 0x7fffffff, 0x8, 0x4, 0x3ff, 0x9, 0x5, 0x5, 0x3, 0x1d57, 0x8f44, 0xd44, 0x0, 0x8, 0x80000001, 0x3, 0x5, 0x8, 0x101, 0x8, 0x9, 0x1ff, 0x3, 0x1, 0x81, 0x0, 0x8000, 0x8ba, 0xfffffff8, 0x9, 0x7ff, 0x3, 0x6, 0x0, 0x7, 0x6f, 0x3f, 0x1, 0x93ea, 0xffffff00, 0x4, 0x1, 0x3, 0xb8, 0x0, 0x8, 0x0, 0xc24, 0x400, 0x1, 0x1ff, 0x3, 0x3, 0x5, 0x8, 0x23, 0x80000001, 0x4, 0xff, 0xa1, 0x1f, 0x0, 0x2, 0x1000, 0x7fff, 0x80000000, 0xfff, 0x3, 0x80, 0x5, 0xffffffff, 0xff, 0x3, 0x10001, 0xffff, 0xcdd9, 0x7, 0xb16b, 0x0, 0x6, 0x5, 0x36, 0x7, 0xa6e, 0xdd7e, 0x3ff, 0x5, 0xcd, 0x5, 0x62, 0x10000, 0x9, 0x5, 0x7, 0x7, 0x0, 0x0, 0x5, 0xfffffff9, 0xfffffffc, 0xe6aa, 0x1000, 0x3ff, 0xffffffff, 0xb1f, 0x1f, 0x7, 0x0, 0x10000, 0x7, 0x0, 0x81, 0x7f, 0x4, 0x0, 0x1000, 0x80000001, 0x49ae, 0x80000000, 0x1, 0x2, 0x5, 0x9, 0x7, 0x7, 0x0, 0x2a4, 0x4, 0xc962, 0x9, 0x5, 0x6a, 0xfff80000, 0x101, 0x7, 0x0, 0x20, 0xfffffffc, 0x4, 0x1, 0x9, 0x5, 0x0, 0xfffff000, 0x59, 0x8, 0xbf, 0x3, 0x5, 0x4, 0xffffffff, 0x20, 0x2, 0x1000, 0x5, 0x2bc6d14d, 0x8, 0x401, 0x7, 0xfffffff8, 0x7ff, 0x2, 0x9, 0x804, 0x2, 0x6, 0x1000, 0x4, 0x800, 0x800, 0x200, 0x93, 0x2, 0x5, 0x88a, 0xff, 0x3, 0x3, 0x6, 0x0, 0x4, 0x4, 0x3, 0x81, 0x0, 0xc7, 0x2, 0xffff, 0x7, 0x59b15d52, 0x40, 0x20, 0x100, 0x7b0d, 0x4, 0x0, 0xfffff801, 0x100, 0xffffffff, 0x6, 0x5, 0x1, 0xa8c0, 0xb1b, 0x3f, 0xd4bb, 0xffffffff, 0x7d, 0xffffffff, 0x3, 0x3ff, 0xfff, 0xfffffffe, 0x8, 0x3, 0x0, 0x3ff, 0x9, 0xfffffff9, 0x81, 0x101, 0x401, 0x1, 0x1, 0x0, 0xfffffffd, 0x101, 0x4, 0x2, 0xffffff54, 0x0, 0x4, 0x0, 0x7, 0x3, 0x3, 0x40f7, 0x1, 0x5, 0x5, 0x8, 0x7, 0x8, 0x6, 0x8, 0x5, 0xcf62, 0x1000, 0x7f, 0xfffff606, 0x8000, 0xfffffeff, 0x9, 0xf030, 0x2, 0x1, 0x200, 0x0, 0xe40, 0x3, 0x1, 0x9, 0x7, 0x9, 0x1, 0x4, 0x1, 0xef, 0x8, 0x1000, 0x100, 0x3, 0x400, 0xffff, 0x80, 0x4, 0x2c, 0x80000001, 0x3, 0xffffffc1, 0xbe1, 0x6, 0xff, 0xffffff05, 0x3f, 0x3, 0x570d2465, 0x3, 0x9, 0x1634, 0x1, 0x4, 0xfffffffe, 0x40, 0x35f, 0x5, 0x1f, 0x2, 0x9a79, 0x2, 0xffff, 0xfc000000, 0x1, 0x24a6bc23, 0x2, 0x7b0, 0x3, 0x0, 0x0, 0x80000001, 0xe3, 0xd34, 0x8, 0x7fff, 0x0, 0x0, 0x3, 0x9, 0x2, 0x3, 0x80000001, 0xfa6, 0x200, 0x0, 0x207, 0x5, 0x7, 0x8, 0x3, 0x5, 0x0, 0x6, 0x81, 0x1, 0x8, 0x53000, 0x7b63, 0x6, 0x80000000, 0x3, 0x893952b, 0x70f, 0x6, 0xe0000, 0x8, 0x1, 0x5, 0x9, 0x4, 0x8, 0xfffffff9, 0x8000, 0x7fff, 0x6, 0x7, 0x8, 0x101, 0x7, 0x10000, 0xffffffff, 0x401, 0xfff, 0x7, 0x2, 0x101, 0x6, 0x4, 0x1, 0x7fff, 0xffffffff, 0xcca, 0x5, 0x5, 0xa068, 0x630, 0x0, 0x934, 0x1, 0x7fff, 0xb195, 0x9774, 0x40, 0x0, 0x1, 0x7, 0x9, 0x9, 0xff, 0x7f, 0x56, 0x4, 0x0, 0x1000, 0x7, 0x94, 0x8, 0x20, 0x6, 0x1, 0x0, 0x2, 0x20, 0xd3, 0x400, 0x9, 0x641, 0xfffffffd, 0xfffff000, 0x1, 0x7fff, 0x79000, 0x1, 0x80000001, 0xfff, 0x80, 0x8, 0x80000001, 0x6, 0xff, 0xfffffeff, 0x2, 0x8, 0x2, 0xed0f, 0x6, 0x6, 0xffffffff, 0x80000001, 0x3ff, 0x8, 0xa0000000, 0x400, 0x6f58, 0x3ff, 0x1, 0x8211, 0x7f, 0x7, 0x7e, 0x882, 0xffffffff, 0x8, 0x81, 0x6, 0x1000, 0x189374ba, 0x9, 0x6, 0x3f, 0x0, 0xff, 0x7, 0x3, 0xef, 0x1ff, 0xfff, 0xffff, 0x4, 0x6a, 0xba, 0x3, 0x6, 0xe8ad, 0xfd, 0x3, 0x5, 0x100, 0x20, 0x10001, 0x0, 0x80, 0x3, 0x4, 0x5, 0x6, 0x9, 0x7, 0x20, 0xfff, 0xb90, 0x5, 0x8, 0xffff, 0x100, 0xfffffff7, 0xffffff31, 0xa1, 0x4, 0x5, 0x7f, 0x5, 0x0, 0xfdd, 0x6, 0x0, 0x7f20df30, 0x80, 0x5, 0xfffffd3b, 0x4, 0x3, 0x1357d124, 0x1, 0x7ff, 0x5, 0xfffffff7, 0x3, 0x2, 0x5, 0x400, 0x8, 0x3, 0x3, 0xffffff15, 0x0, 0x3, 0x3, 0x6, 0x5, 0x4, 0x43, 0x80000000, 0x7fff, 0x5, 0x101, 0xfa, 0xfffffff8, 0x5c, 0x6, 0x10000, 0x101, 0x1, 0x4, 0x80000001, 0x2bed, 0x3, 0x400, 0x0, 0x0, 0x3, 0x10001, 0x1, 0x0, 0x800, 0x80000001, 0x2f6, 0x9d8d, 0x1, 0x6, 0x37f5, 0x20, 0x10001, 0x0, 0x3ff, 0x30be, 0x10001, 0x101, 0x1, 0x81, 0xffffffff, 0x8629, 0x1000, 0x3a, 0xff, 0x1, 0x6, 0x6, 0x0, 0x6, 0x2, 0x3, 0x18, 0x3, 0x101, 0x1, 0xfffff001, 0x1, 0x0, 0x8, 0x9, 0x80000000, 0x9, 0x7, 0x6, 0xfffffffe, 0x5, 0xbe, 0x7f, 0x14, 0x400, 0x6, 0xff, 0x6, 0xffffffff, 0xfb, 0x1, 0x1e, 0x2, 0x6, 0x53, 0x2, 0x7, 0x9, 0xfffffff8, 0x2, 0xffffffff, 0x0, 0x9, 0x80000000, 0xd06c, 0x80, 0x5, 0x400, 0xc963, 0x2, 0x2e1, 0x8, 0x7, 0xffff, 0x5, 0x6, 0xf1, 0xa4e4, 0x7, 0x3, 0x81, 0xffffffff, 0x1000, 0xdd47, 0x7fff, 0x7, 0xfffffbff, 0xeb, 0x20, 0xffff, 0x6, 0x80, 0x8, 0x1, 0x7, 0x10001, 0x4, 0x6, 0x8, 0x7fff, 0x401, 0x40, 0x417, 0x5, 0xa090, 0xffff, 0x2, 0x9, 0x0, 0x0, 0x9, 0x9, 0x8, 0x6, 0x8000, 0x10000, 0x6, 0x0, 0xa7, 0x927d, 0x92, 0x7f, 0x6, 0x3, 0xaf, 0xaa7e]}) (async) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0xa3, 0x0, &(0x7f0000000100)}) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000140), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xffffffff, 0x1}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:10 executing program 3: ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(0xffffffffffffffff, 0xc00464c9, &(0x7f0000000180)) socketpair(0x2, 0x1, 0xfffffffb, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) (async) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000040000007d89b17e95cdfb8e888e534f1b11e00b145508f37e3afdfed80cf6fe5224453f4977b67ce83a170c7bde3f168bb032c720c6f90e7752e971689e048698addeda67287bd91ae7c0fcd6f8c7789301318ca2430bfab11300f8e52617a2d906d54699179b430d6688c2feb316f447de4000feb79e96af6fe762df8bda9991d20c05e275677866933786b3417479c21231181bbe256cf795353eee7a5fe9eaf0ee13b29d4eeb9586b1559a0aea79cecfedc4c351c77f511e73a41dc948a20d2b63526b02a075fafbf19ea7d4e94d44a7f84f5bf23d6e82581e07c65908d838e5b481810c8d93db64fe8d2b57839d56927b15ee1902"], 0x14}}, 0x0) (async, rerun: 64) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="8007010d", @ANYRES16=r2, @ANYBLOB="00012cbd7000ffdbdf25060000000500290001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) (rerun: 64) 13:38:10 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000000)={0xd61, 0x3, {}, {0xffffffffffffffff}, 0x80000001, 0x5}) socketpair(0x2, 0x1, 0x0, 0x0) [ 694.329316] RIP: 0033:0x7fa37e383109 [ 694.333018] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 694.340727] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 694.348003] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 694.355357] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 694.362638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 694.369910] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:10 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1000005, 0x12200) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x2], 0x1, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r0, 0xc00464c9, &(0x7f00000000c0)={r1}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:10 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000000)={0xd61, 0x3, {}, {0xffffffffffffffff}, 0x80000001, 0x5}) socketpair(0x2, 0x1, 0x0, 0x0) 13:38:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 80) 13:38:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, r1, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00'}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x48e}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}]}, 0x60}, 0x1, 0x0, 0x0, 0x5011}, 0x800) 13:38:10 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) 13:38:10 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1000005, 0x12200) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x2], 0x1, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r0, 0xc00464c9, &(0x7f00000000c0)={r1}) (async) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) 13:38:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000040)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 13:38:10 executing program 4: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000000)={0xd61, 0x3, {}, {0xffffffffffffffff}, 0x80000001, 0x5}) socketpair(0x2, 0x1, 0x0, 0x0) openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) (async) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, 0x0) (async) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000000)={0xd61, 0x3, {}, {0xffffffffffffffff}, 0x80000001, 0x5}) (async) socketpair(0x2, 0x1, 0x0, 0x0) (async) 13:38:10 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) socketpair(0x2, 0x1, 0x0, 0x0) (async) socket$rxrpc(0x21, 0x2, 0x2) (async) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) (async) 13:38:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, r1, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00'}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x48e}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}]}, 0x60}, 0x1, 0x0, 0x0, 0x5011}, 0x800) 13:38:10 executing program 0: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1000005, 0x12200) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x2], 0x1, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_REVOKE_LEASE(r0, 0xc00464c9, &(0x7f00000000c0)={r1}) (async) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) [ 694.546020] FAULT_INJECTION: forcing a failure. [ 694.546020] name failslab, interval 1, probability 0, space 0, times 0 [ 694.592335] CPU: 1 PID: 15786 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 694.600255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.609606] Call Trace: [ 694.612202] dump_stack+0x1b2/0x281 [ 694.615837] should_fail.cold+0x10a/0x149 [ 694.619984] should_failslab+0xd6/0x130 [ 694.623959] kmem_cache_alloc+0x28e/0x3c0 [ 694.628121] __d_alloc+0x2a/0xa20 [ 694.631574] ? d_lookup+0x172/0x220 [ 694.636242] d_alloc+0x46/0x240 [ 694.639523] __lookup_hash+0x101/0x270 [ 694.643411] ? __inode_permission+0xcd/0x2f0 [ 694.647854] lookup_one_len+0x279/0x3a0 [ 694.651829] ? lookup_one_len_unlocked+0x410/0x410 [ 694.656758] start_creating+0xb0/0x200 [ 694.660642] __debugfs_create_file+0x4f/0x440 [ 694.665133] ? debugfs_create_file+0x37/0x60 [ 694.669541] kvm_dev_ioctl+0xe7f/0x1450 [ 694.673519] ? fsnotify+0x974/0x11b0 [ 694.677227] ? kvm_put_kvm+0xab0/0xab0 [ 694.681116] ? kvm_put_kvm+0xab0/0xab0 [ 694.685003] do_vfs_ioctl+0x75a/0xff0 [ 694.688804] ? lock_acquire+0x170/0x3f0 [ 694.692778] ? ioctl_preallocate+0x1a0/0x1a0 [ 694.697187] ? __fget+0x265/0x3e0 [ 694.700641] ? do_vfs_ioctl+0xff0/0xff0 [ 694.704611] ? security_file_ioctl+0x83/0xb0 [ 694.709015] SyS_ioctl+0x7f/0xb0 [ 694.712387] ? do_vfs_ioctl+0xff0/0xff0 [ 694.716360] do_syscall_64+0x1d5/0x640 [ 694.720254] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 694.725439] RIP: 0033:0x7fa37e383109 [ 694.729143] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:38:10 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, r1, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00'}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x48e}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}]}, 0x60}, 0x1, 0x0, 0x0, 0x5011}, 0x800) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$SEG6_CMD_DUMPHMAC(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, r1, 0x20, 0x70bd25, 0x25dfdbfb, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x3f}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr=' \x01\x00'}, @SEG6_ATTR_HMACKEYID={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x48e}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x9}]}, 0x60}, 0x1, 0x0, 0x0, 0x5011}, 0x800) (async) 13:38:10 executing program 0: socket$packet(0x11, 0x3, 0x300) 13:38:10 executing program 4: socketpair(0x1d, 0x0, 0x40, 0x0) [ 694.736853] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 694.744122] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 694.751386] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 694.758649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 694.765912] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 13:38:10 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (fail_nth: 81) 13:38:10 executing program 0: socket$packet(0x11, 0x3, 0x300) 13:38:10 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000040)) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) 13:38:10 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) (async) r0 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3) 13:38:10 executing program 4: socketpair(0x1d, 0x0, 0x40, 0x0) 13:38:10 executing program 2: openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x5, 0x8001], 0x2, 0x800, 0x0, 0xffffffffffffffff}) write$sysctl(r0, &(0x7f0000000200)='6\x00', 0x2) ioctl$KVM_X86_SET_MCE(0xffffffffffffffff, 0x4040ae9e, &(0x7f0000000040)={0x5c00000000000000, 0x2, 0x401, 0x0, 0x5}) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) ioctl$KVM_GET_REG_LIST(r1, 0xc008aeb0, 0x0) r2 = openat$mice(0xffffffffffffff9c, &(0x7f0000005900), 0x0) r3 = syz_open_dev$dri(&(0x7f0000000240), 0x8001, 0x4000) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000380)={&(0x7f0000000280)=[0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0], 0x2, 0x2, 0x7, 0x3}) ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, 0x0) sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x4, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x8000}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x2000000) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) 13:38:10 executing program 0: socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x3, 0x300) (async) 13:38:11 executing program 3: socketpair(0x2, 0x1, 0x0, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$vhost_msg(r0, &(0x7f0000000180)={0x1, {&(0x7f0000000040)=""/106, 0x6a, &(0x7f00000000c0)=""/139, 0x1, 0x3}}, 0x48) 13:38:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4120c0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x31a, 0x9f], 0x2, 0x0, 0x0, 0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x9, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x400}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}, @generic={0x2, 0xf, 0x0, 0x5a53, 0x1c}, @func, @exit]}, &(0x7f00000000c0)='GPL\x00', 0xffff, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000180)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0x1, 0x6, 0x7}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[0xffffffffffffffff]}, 0x80) [ 694.922945] FAULT_INJECTION: forcing a failure. [ 694.922945] name failslab, interval 1, probability 0, space 0, times 0 13:38:11 executing program 4: socketpair(0x1d, 0x0, 0x40, 0x0) [ 694.979830] CPU: 1 PID: 15845 Comm: syz-executor.5 Not tainted 4.14.284-syzkaller #0 [ 694.987734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.997085] Call Trace: [ 694.999680] dump_stack+0x1b2/0x281 [ 695.003311] should_fail.cold+0x10a/0x149 [ 695.007551] should_failslab+0xd6/0x130 [ 695.011523] kmem_cache_alloc+0x28e/0x3c0 [ 695.015668] __d_alloc+0x2a/0xa20 [ 695.019163] ? d_lookup+0x172/0x220 [ 695.022790] d_alloc+0x46/0x240 [ 695.026066] __lookup_hash+0x101/0x270 [ 695.029959] ? __inode_permission+0xcd/0x2f0 [ 695.034368] lookup_one_len+0x279/0x3a0 [ 695.038345] ? lookup_one_len_unlocked+0x410/0x410 [ 695.038480] kasan: CONFIG_KASAN_INLINE enabled [ 695.043271] start_creating+0xb0/0x200 [ 695.043284] __debugfs_create_file+0x4f/0x440 [ 695.043293] ? debugfs_create_file+0x37/0x60 [ 695.043304] kvm_dev_ioctl+0xe7f/0x1450 [ 695.043317] ? fsnotify+0x974/0x11b0 [ 695.043325] ? kvm_put_kvm+0xab0/0xab0 [ 695.043335] ? kvm_put_kvm+0xab0/0xab0 [ 695.043345] do_vfs_ioctl+0x75a/0xff0 [ 695.043356] ? lock_acquire+0x170/0x3f0 [ 695.043364] ? ioctl_preallocate+0x1a0/0x1a0 [ 695.043376] ? __fget+0x265/0x3e0 [ 695.043385] ? do_vfs_ioctl+0xff0/0xff0 [ 695.043395] ? security_file_ioctl+0x83/0xb0 [ 695.043406] SyS_ioctl+0x7f/0xb0 [ 695.053774] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 695.056475] ? do_vfs_ioctl+0xff0/0xff0 [ 695.056490] do_syscall_64+0x1d5/0x640 [ 695.056506] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 695.068678] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 695.072501] RIP: 0033:0x7fa37e383109 [ 695.076360] Modules linked in: [ 695.080135] RSP: 002b:00007fa37ccf8168 EFLAGS: 00000246 [ 695.088458] ORIG_RAX: 0000000000000010 [ 695.091887] CPU: 0 PID: 15870 Comm: syz-executor.3 Not tainted 4.14.284-syzkaller #0 [ 695.095838] RAX: ffffffffffffffda RBX: 00007fa37e495f60 RCX: 00007fa37e383109 [ 695.100219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 695.103566] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 13:38:11 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4120c0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x31a, 0x9f], 0x2, 0x0, 0x0, 0xffffffffffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x9, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x400}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x3}, @generic={0x2, 0xf, 0x0, 0x5a53, 0x1c}, @func, @exit]}, &(0x7f00000000c0)='GPL\x00', 0xffff, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000180)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0x1, 0x6, 0x7}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[0xffffffffffffffff]}, 0x80) 13:38:11 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x3}, 0x4) socketpair(0xb, 0x2, 0xffff, &(0x7f0000000000)={0xffffffffffffffff}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x78d503e847923c6b}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, r2, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x81}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1ff}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) [ 695.111247] task: ffff88809d4b6100 task.stack: ffff888098f68000 [ 695.115192] RBP: 00007fa37ccf81d0 R08: 0000000000000000 R09: 0000000000000000 [ 695.119060] RIP: 0010:vhost_chr_write_iter+0x873/0x1100 [ 695.124285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 695.130500] RSP: 0018:ffff888098f6fc00 EFLAGS: 00010246 [ 695.134189] R13: 00007fff6ed9c63f R14: 00007fa37ccf8300 R15: 0000000000022000 [ 695.216813] RAX: dffffc0000000000 RBX: ffff888086583400 RCX: 0000000000000000 [ 695.224059] RDX: 0000000000000002 RSI: ffffffff857edff5 RDI: ffff8880865834c0 [ 695.231306] RBP: ffffed1010cb0691 R08: 0000000000000000 R09: 0000000000040689 [ 695.238566] R10: ffff88809d4b69d8 R11: ffff88809d4b6100 R12: 0000000000000002 [ 695.245811] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff110131edf87 [ 695.253061] FS: 00007fb27c9ab700(0000) GS:ffff8880ba400000(0000) knlGS:0000000000000000 [ 695.261267] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 695.267124] CR2: 000056481e15fe88 CR3: 00000000b3507000 CR4: 00000000003426f0 [ 695.274374] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 695.281624] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 695.288869] Call Trace: [ 695.291440] ? log_write_hva+0x310/0x310 [ 695.295483] ? lock_downgrade+0x740/0x740 [ 695.299630] ? iov_iter_init+0xa6/0x1c0 [ 695.303581] __vfs_write+0x44c/0x630 [ 695.307286] ? kernel_read+0x110/0x110 [ 695.311156] ? rw_verify_area+0xe1/0x2a0 [ 695.315192] vfs_write+0x17f/0x4d0 [ 695.318709] SyS_write+0xf2/0x210 [ 695.322154] ? SyS_read+0x210/0x210 [ 695.325762] ? __do_page_fault+0x159/0xad0 [ 695.329989] ? do_syscall_64+0x4c/0x640 [ 695.333966] ? SyS_read+0x210/0x210 [ 695.337571] do_syscall_64+0x1d5/0x640 [ 695.341439] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 695.346605] RIP: 0033:0x7fb27e036109 [ 695.350640] RSP: 002b:00007fb27c9ab168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 695.358324] RAX: ffffffffffffffda RBX: 00007fb27e148f60 RCX: 00007fb27e036109 [ 695.365578] RDX: 0000000000000048 RSI: 0000000020000180 RDI: 0000000000000003 [ 695.372834] RBP: 00007fb27e09005d R08: 0000000000000000 R09: 0000000000000000 [ 695.380082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.387330] R13: 00007ffff13769cf R14: 00007fb27c9ab300 R15: 0000000000022000 [ 695.394580] Code: ff df 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 c6 06 00 00 4c 8b ab c0 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e9 48 c1 e9 03 <80> 3c 01 00 0f 85 8f 06 00 00 49 8b 6d 00 48 85 ed 0f 84 e4 03 [ 695.413689] RIP: vhost_chr_write_iter+0x873/0x1100 RSP: ffff888098f6fc00 [ 695.430573] ---[ end trace 47b74f2d07bc563e ]--- [ 695.443396] Kernel panic - not syncing: Fatal exception [ 695.448974] Kernel Offset: disabled [ 695.452672] Rebooting in 86400 seconds..