0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000240)={&(0x7f0000000180)=[0xffff], 0x1, 0x8, 0x10001, 0x4, 0x80000000, 0x6, 0x48, {0x7, 0x40, 0x9, 0x161, 0x8, 0x1, 0x9, 0x9, 0x3bb7, 0x0, 0x2, 0x8, 0x3, 0x2a, "02c456bc68f13f11073430b431986c01b013749e08880fee2d3d0d9b3ee0a92d"}})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f0000000300)={&(0x7f00000001c0)=[0x2, 0x101, 0x1, 0x6, 0x2, 0x6a4, 0x7f, 0x7, 0xffffffe1, 0x6], &(0x7f00000002c0)=[0x0, 0x0], 0xa, 0x0, 0xc0c0c0c0})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0], 0x9})
ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f0000000340)={&(0x7f0000ffa000/0x4000)=nil, 0x0, 0x1, 0x21})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000140)={r3, 0x5, 0xd284, 0x3, 0xffff, 0xf2, 0x3, 0x7ff, 0x3f, 0x4bc, 0x4f6, 0x9})

05:55:08 executing program 0:
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000000)=0x3, 0x4)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x100000000000000, 0x103843)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f00000000c0)={0x31c2, 0x1f})
r1 = getpgid(0xffffffffffffffff)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000200)=r1, 0x12)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, 0x3f7, 0x300, 0x70bd25, 0x25dfdbfe, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x48e0}, 0x8040)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x2, 0x7, 0x1000, 0x7, 0xffff, 0xc5b, 0x5})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x10001, 0x81, 0x1000, 0xcbb, 0x121f], 0x5, 0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f00000001c0)={0x4, 0x86, 0x7})

05:55:08 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x71e, 0x7ef, 0x5, 0x3})

05:55:08 executing program 2:
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00')
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

[ 1543.788665] FAULT_INJECTION: forcing a failure.
[ 1543.788665] name failslab, interval 1, probability 0, space 0, times 0
[ 1543.810167] CPU: 1 PID: 26881 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1543.818083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1543.827446] Call Trace:
[ 1543.830040]  dump_stack+0x1b2/0x281
[ 1543.833675]  should_fail.cold+0x10a/0x149
05:55:08 executing program 2:
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00')
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:08 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x71e, 0x7ef, 0x5, 0x3})

[ 1543.838005]  should_failslab+0xd6/0x130
[ 1543.841988]  kmem_cache_alloc+0x28e/0x3c0
[ 1543.846143]  get_empty_filp+0x86/0x3e0
[ 1543.850031]  alloc_file+0x23/0x440
[ 1543.853575]  __shmem_file_setup.part.0+0x198/0x3c0
[ 1543.858500]  ? fs_reclaim_release+0xd0/0x110
[ 1543.863030]  ? shmem_create+0x30/0x30
[ 1543.866834]  ? __vgem_gem_create+0x44/0xe0
[ 1543.871068]  shmem_file_setup+0x4b/0x60
[ 1543.875041]  drm_gem_object_init+0x36/0xa0
[ 1543.879292]  __vgem_gem_create+0x6a/0xe0
[ 1543.883353]  vgem_gem_dumb_create+0xc5/0x210
05:55:09 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x71e, 0x7ef, 0x5, 0x3})

[ 1543.887767]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1543.893228]  ? __drm_printfn_debug+0x70/0x70
[ 1543.897638]  drm_ioctl_kernel+0x14c/0x200
[ 1543.901787]  drm_ioctl+0x419/0x870
[ 1543.905328]  ? __drm_printfn_debug+0x70/0x70
[ 1543.909734]  ? drm_getstats+0x20/0x20
[ 1543.913544]  ? fsnotify+0x974/0x11b0
[ 1543.917258]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1543.922189]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1543.927206]  ? SyS_write+0x1b7/0x210
[ 1543.930921]  ? drm_getstats+0x20/0x20
[ 1543.934719]  do_vfs_ioctl+0x75a/0xff0
[ 1543.938520]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1543.942930]  ? lock_downgrade+0x740/0x740
[ 1543.947085]  ? __fget+0x225/0x360
[ 1543.950542]  ? do_vfs_ioctl+0xff0/0xff0
[ 1543.954519]  ? security_file_ioctl+0x83/0xb0
[ 1543.958925]  SyS_ioctl+0x7f/0xb0
[ 1543.962290]  ? do_vfs_ioctl+0xff0/0xff0
[ 1543.966699]  do_syscall_64+0x1d5/0x640
[ 1543.970596]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1543.975779] RIP: 0033:0x45e219
[ 1543.978992] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
05:55:09 executing program 5 (fault-call:1 fault-nth:4):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:09 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYRESDEC=r3, @ANYRESDEC=r0, @ANYRES16], 0x4c}}, 0x40000)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd7000ffdbe2250a00000008003a0008000000140029000100000008003b000300000008003a0004000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x20040004)
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r4, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40c0040}, 0xc000)
sendmsg$BATADV_CMD_TP_METER(r5, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, r2, 0x800, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x40000)

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5, 0x3})

05:55:09 executing program 2:
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:09 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:09 executing program 1:
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x18}, 0x10)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x5, 0x67b081)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x3})

[ 1543.986700] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1543.993968] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1544.001290] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.008550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1544.015805] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
05:55:09 executing program 2:
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x0, 0x5, 0x3})

05:55:09 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_dccp_buf(r3, 0x21, 0x80, &(0x7f00000000c0)=""/26, &(0x7f0000000140)=0x1a)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000000)={0x0, <r4=>0x0})
ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000040)={r4})
r5 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x5, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0x1, 0x5})

05:55:09 executing program 2:
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:09 executing program 0:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x7, 0x401300)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0x3, 0xfffffffd, 0x7ffffe})

05:55:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xfffffffffffffffc, 0x18102)
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f0000000200)={0x1, 0x7, 0x4, 0x4d8})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{}, {<r1=>0x0}, {}]})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x8100, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f0000000440)={r1})
ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f00000000c0)={r1, 0x3})
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000140)={&(0x7f0000ffe000/0x1000)=nil, 0x100, 0x0, 0x2e})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000180)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000100)=0x8)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000004c0)={&(0x7f0000000480)=[0xec, 0x7], 0x2, 0x1800, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, 0xfffffffffffffffe)
ioctl$DRM_IOCTL_MODE_SETPLANE(r3, 0xc03064b7, &(0x7f00000001c0)={0x0, 0x6, 0x9, 0x1f, 0x1, 0x6, 0x9, 0x63, 0x3, 0xfffffff9, 0xeb, 0x8})
r5 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x5, 0x680001)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000380)={&(0x7f0000000280)=[0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000340)=[0x0], 0x5, 0x2, 0x4, 0x0, 0x8})

[ 1544.113976] FAULT_INJECTION: forcing a failure.
[ 1544.113976] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.168314] CPU: 0 PID: 26912 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1544.176242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1544.185610] Call Trace:
[ 1544.188204]  dump_stack+0x1b2/0x281
[ 1544.191842]  should_fail.cold+0x10a/0x149
[ 1544.195997]  should_failslab+0xd6/0x130
[ 1544.199975]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1544.204677]  apparmor_file_alloc_security+0x129/0x800
[ 1544.209852]  security_file_alloc+0x66/0xa0
[ 1544.214067]  ? selinux_is_enabled+0x5/0x50
[ 1544.218283]  get_empty_filp+0x15c/0x3e0
[ 1544.222240]  alloc_file+0x23/0x440
[ 1544.225879]  __shmem_file_setup.part.0+0x198/0x3c0
[ 1544.230914]  ? fs_reclaim_release+0xd0/0x110
[ 1544.235309]  ? shmem_create+0x30/0x30
[ 1544.239144]  ? __vgem_gem_create+0x44/0xe0
[ 1544.243372]  shmem_file_setup+0x4b/0x60
[ 1544.247332]  drm_gem_object_init+0x36/0xa0
[ 1544.251549]  __vgem_gem_create+0x6a/0xe0
[ 1544.255595]  vgem_gem_dumb_create+0xc5/0x210
[ 1544.260002]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1544.265008]  ? __drm_printfn_debug+0x70/0x70
[ 1544.269396]  drm_ioctl_kernel+0x14c/0x200
[ 1544.273524]  drm_ioctl+0x419/0x870
[ 1544.277096]  ? __drm_printfn_debug+0x70/0x70
[ 1544.281482]  ? drm_getstats+0x20/0x20
[ 1544.285283]  ? fsnotify+0x974/0x11b0
[ 1544.289025]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1544.293939]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1544.298945]  ? SyS_write+0x1b7/0x210
[ 1544.302641]  ? drm_getstats+0x20/0x20
[ 1544.306421]  do_vfs_ioctl+0x75a/0xff0
[ 1544.310202]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1544.314618]  ? lock_downgrade+0x740/0x740
[ 1544.318945]  ? __fget+0x225/0x360
[ 1544.322379]  ? do_vfs_ioctl+0xff0/0xff0
[ 1544.326335]  ? security_file_ioctl+0x83/0xb0
[ 1544.330722]  SyS_ioctl+0x7f/0xb0
[ 1544.334067]  ? do_vfs_ioctl+0xff0/0xff0
[ 1544.338048]  do_syscall_64+0x1d5/0x640
[ 1544.341920]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1544.347090] RIP: 0033:0x45e219
[ 1544.350258] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1544.357947] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
05:55:09 executing program 5 (fault-call:1 fault-nth:5):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x0, 0x5, 0x3})

05:55:09 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:09 executing program 4:
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000040)={&(0x7f00000006c0)="b67989d7f9e0cd00f64198a86e734271427f6fee8952de7fea6516e2c32a2f300a5bbc3311e820b4fdf0a6a643091133cfb084069e03c15383d81598143db478c6cb6b34f78e46b5cf43cd8003b911a3b0342596a2eb2f24a75e85de77f4670d29c6d5c681d8dc7725f120d666ea16b1d4cf358f6d0a8cfc535019b616aa627f950783c7d03f7ba1992dcfdfec133539df46282454131652cedfbbb76eba84d3a63cc095cbd4efda6b1edc89cc11a5e00fad6b9b3aec979a178e6d98629098029c8f1b4625246b83e8cfc15753345b65ccbde8ea090c1d685ce70a330346e931e1c844e013f43b192d472ca9dda60949deb65f809f62bbdaca7d5735b257b00ef78d5e699bb111d860f89ca88ba77b5e398801114000fba1655dce6e557699047c95f62e5a2da463190e8832de81d5ce378e066bf90e4f7f9e1feeec5be02a343852dfd496bd9009536abac4be1e8a944a16c3b3a588c70993bcc4dfe06aafac7857a1e8f3b7f1a33c9a0d73a920364eb54152264dd173f048d57455d37a4f6fc3cbfb8c1cc2fae65b3f6cbc419c950cb676e9a9ca5a0552c413e97274157357959ed77df0d94b5270e36b2a879037f42a6da0b5dd88e4cbeb048eac2a80ae0f1c033172c7dfee2cf2a24e956b04aa6b062156a12155bf8657374bfabd4ebf31607d2043e366acf2c475b6b23120b2808c2381c05eeca72543b3438356287f29175bde28c1fd32c57820857a046568d140fa61eb6b7c553054e7644a72dd5fd4eea5fb9d1aa7e2a891e67d784b84ec4f3d8ffba5d5d0f58324147e3de061b5e039ad981ec2936983114ace3d6e0cd7425c84b8cee620fc2f6fbfeaaa970369400dd3edbc947289be4b2c64325222dcf22ce7462a3bd237db09537dd09dd95141aa7275640f6e8670e0ef7bb75ee5ae1f2047d19a8fdd167dbf71d781f9f6145bd721abe137100fd4959294ed2b86b8248cbb3479681ffdf2b1f6c2e21fee9d61ba0033218db9ff0abd0cdbf497403283de52939f7c54dc417d0b586440cd84407289e827e09cf658b32617370ef2889e7889a17556fab87ad17f2c246db5f359bc4db84d954dc71344203c0f95fc098ed682f6191558974a53e5b8e70a9d6805615b418710d6ff3dff163fb77ecd422b92d79005aa380f3e8f9c1a80be34b6ce1882700f9911e923ca51be5be3e9aa9397992d38807e6e3301697f81941f1bcfcfbbee5480f7f85d270c6775521362a3c80fe52ebc8f14ee1c199abaa9ec2658872215a157e03551ea92855b5273a788cfb1dd6f735eed248fcedcd7988919e771001b675720e769e87935969f848a5e729ad4506aff19a3915a717457db32307c2ea4273159c33a8dbf696b02563d53a20c2781f300aa48df3161ae6fe7b0f54edadeaf62763a3781e9c79a00d6d93ab65c33b281e5eeba6c9d988b4d824a1d3c4f06924ea24c295e3caab3b4a4a91ec75d0295d57a19b318d2cc6690440b269208f5bdf8038589eca27a23ebb5086e26b7fd62dccf5c56754b11fc063effa3a8b31a746b562ad4b3464f4ba171b443f19a42cefc41362cd60dd415846313c2ee76c1ef35b343e65386e384e7fcf15bc930a759d0d5274d458c56d953b1e85149c4acffd59f37a5d49992e53f953b64e883c8eb714d63596568cf66bd0853e03668cfa002dce2ff6e5e0b4be370cb766b2ace0188544f5729d224cd9a08c498325f5769c2f3be64cff58dc49733cd5e17c258e0f96835cc8e0b9007445397e7c5177136f07a708a375be9c0941e06d03d20756d8d79f4f9a9596ac1911532b15b613d6ac391ba844c008ac41105a6d7d970c96fb24c95fe1f201ecaa25206641efb7f904fd485d6bff3c764a7c2c7ea7826a87212d54502944507bbf16ff57bf70fdeddffd2280f7d8c831fef8edc782c4928716e24d0fb54e06abc0194cb7190a9e7d81bc3557b4d131d6a128ef2e945e58fd747ccfd97cb0c6dee224f0252b70bb8b730d01327638444d5a796dd7a28d9c95637e5dec742ee1a511af56353e6589261fc5b712dab24c3b350689beb7a63a0501e700fe468eee0a06aff3f9b315a7e4ff981b17764904777e1fdac8da7178e14f8d7e1da7e6ab036b0be8c55812d63b0c02eb91f5f1366e37aecdc6798a287e495dd9e005913328249ad0578d05988cc8e75e2dc73def009451c74a44c30b1a76add344bdebe74e29f443623057d98fac8758723bd888c2120e0a5a971467c7390f91d650820a2374b57b816c557d50ae94c0cc7eb5cdf0791cbaaabd72bc260c3ed8c94ad1617d0a23aac18c733dc7713bb4d2e38fe941f61abb392ce933ebc5334766d4d197aadae1db485f23aa388dbcd56ea3a462f59a32abd290ab46e94878c26887274804b13a739852e434e34ac62ba920d913abbc3ce3855ee29268fa33388473b7f3a4716632a8a613b53d5036156636a4c72c79d5b5a09ccd9b34f2420cef604ba6a9b29c94ef552541764b4307db673114fefccec2274d94919d5fe24881f872e7a24ebcecd12cf684289c078dd0d5e655e16f2152470a29f5b1121decc0bae98ac8a120ab4a603a399749a284204416b820b156da24ee65e5e9163fe42152e4e90d174b8c86ac1e27c6ded008454c0f1e136555127f5373ac56383de46b621561d701dc37c050c159585f17e71d99438da29d64811868990a28ec4a9b96c4f57c93771670fd28e4d248e91d90b3661157d217075082dab9aadb55d21d0eb2f410221c998a5b538e9926d66b09ca314f59470d9f01f66cf56b4bc587d5e0e72784d3b508f3fc9fed5024252f8aed55b58e94cd6084c6f70f0139ba201f9226fd83a95169fae12148490e31f3848317b48901231064476cf1baa4f4992f8bfa58d636ae5304009cd6cab15306f5133444be2ca8c86b947766fb860fad05c45fb3f05c91531b155cb21ee5492d355309cf60f8d87bf985cbe92b8924b7c03c16ef2a233caa2c3237c4a0e1ec01d1da12995310bbd511f610d48c7124a8b01dd68f3732ae45ac9f84ebf0753d966bab9941160638d9167c836bebc006226ca5097091a7a6d0c6c1704218b6b034ccc77f5db78ea17171080180ac1b487ae3e1357034cc978288ccd8481a4970269e8bc480f4993ec73447de0fb49555af34449ba2cc636aa8609e69aabcec878a6ac960d0697aee603210e5d3d925576c966fcefd506986a8a8d3eaa1378ee68f9ec33699f32debfd3c9b8c78218187046c1baa6fc93a4b96b8c72b91d5057b103240650df4926381d852e32f3fb4e48b8b78db37f93f82db6111b83c945bcc25134c7926e06a225703a7d2f7e70137561c959eb07913857d5b4eab0d6f66cc2c83277d2bee16e1fec179d6d951f0d42493ca5d0a3b91cd98b64eec94fd1888b28986043c60a664008cb6c98aad12831a6726951419b736d41386b6cd0325729a42a0bbb1a1530e8105b527562b3ee694661fac585aceda2e081d1629478aeb50c03fe05383aa11aa01ec3084ae5287548200912658066576879519276803bd3cccdd98194559c7fbc0c92773c3a93713212fbeed63d0916f5d5af5c81cb242e82ffc7116df6760e73b839d958c9d50f39e51b746bc0fb77658801a159ef7fc80cead6b03a6c6d94d8d25bc96ddaa9d40f12977e9e1b99b578e7830434354d47f68d12e59dcc69017a26810b9665e8bdbb73a4a0cd031c42d3824f02c062904cbd9345a27c19c33f9b4c84065a2540febb88d8043628c69e5ff5e40918aa4f7c947d81f0b26e46a393d3db5e82b0cb58e86d949f48901f97f15e968d86fe63fb87d70f5f61cf2332059df7fe24627ed42c6699fe5e4ddfd2ac34d79c8480740b87e78b90f7906a3fc2418f1929a7c33ab6e96bf279621ffce4986d83109dbe8e3002b41b72c80df8bf31af0f4f76e3629e1c64e39c0ec3a9ebd410b403a83ddf3da907d767c055202675edba1d3653d36d9656cb5d366f9f9a413dba7defcc3ff8f52d2bbdffad6fbbe268fdebae4a720d56a402767017f39dbf6c079836524f80a61f9e164c019cd78645c1968aac17adf27ce7eb3536f38fb9d1958384cee1a9eedd44d2abc3f00b8b4ad11ad8d2d60d7839413520d32ecb0e05a256b1d64323c1d9b74e5c60e4248e28d70467f2083321310083ab9cfdb5ae56a4a43e721d8daf0002a5ebb590d26e8d15fe9a74c4c5e1c216f19a26f9e7f04ecdf490254706a33857dfcc6dcce949a16dbc91c3bd482cb82f49136af6a3b00bdfebb132ebd2162c32fce0a227c75031175439cf64019954f6b6e6364f302b9d7f42a69f888daad87ff8ccf7d3043e497268f1128441386f8d83556335a2f8d88232cbec5fd66b9c8f05ff500fbd5e49879fa665145f010893ac235616e80d75de7e2682163fe6d8385812efd3ff3037a9412ba784617b94f6db1f62f77187e2c68dbbb92f177403e9de6244aaacc892295f599407c6c5624804ce2228780d2ca3c199a1dfc0e32874ada2b4ab0127d7737cff86e656ba4077d2e712d9cca8925d0d52aee9964606cecdecad162336baed0a8cfb2e90314fcd06c12d891321704d778ee631580b833f30b5d9c2456bf6a8f2348fe0cfdea86e7fa66bcdc2cd52b9170c0e573aca1c6a9d8fb7feca7e0f8d8fb70a1a5967b675c31c7794865eddb816b835573b10f9b5c5da183ced2829c2e2c07acbee26a836cdd89ea307dcdbcef3dcfd996bccc8661eee94257631120129f605a349425e16f124fb34a82be159245d349516141c7b5bb91c1647981dc45562892132a4ca74471cbcdba710e43a527f0ae52e6952fbb63140896c5f42fffde18e26c56e4061204d01deebe98310192b988cfcf4f12047b23dde0be10a17520b0caf3564e69ee4c496526b6d2f6fa9cf4f068c755856c3d483ea5f116929e7ba6a5bdc122df20403e03cd0f4cc3e72d86ea51c6e752278c9b138155df38b264a64f4a9914cb85f03e4a4d04b0d4c5ac978b3a2a896f6cbe08b8f5ceaa556210a1442796bcb9f16398c6cad2023b3cb02d497ca59695b6079ac4a021373dc528a7dfa38fe26eb50ecd3002c3bf51d530708816e277e87033aa488eca8499760b69946c524fb127a88e538d68210fdb35ce1d8ba76745af6944cc385d9423692f4c2352e6a0ad36192094c41e5185f6bf4ea16cb0b23c2403fefc019f1834c2c64034b1d9ef6d6501966e28145e175cbe941659261fd4561705dbe3d357022b67e40f88e04879d439ec826eb81c0883ed5214c960d9c3fb1d4989682a217719b5153b082216b347626cbf57142d8f7e4a1e981d0dffc0c5449ad8c05631e2c9706df356a7fb67af09af12a454200b525c82a24d7d106fa5b14aee5cca8bf8a4ce1b0ce6de22069dddeb95837ee47b3a9cff4aa88803a988cc350b0a3670e2d3fc73065c91a266f1d8e02bf6c7361eb6a39bbd506bb3d56a029af196b22e4e852e2e8d7601796fe2e6f0867563f6261a36f0ed410e28f99a23187afb7e50fa0b5be763a3f70eb37766e29d222639159eec84bfd462720d0ae7acef6756aa7fa20e5c0d93d7341f19bdfe2f79df4c076282afd6f18e60514c5e53edd1494470b6bd18c8ba8f077ef6a5da505e91f8f9580eb13570caa7fe35760b410bf084515eac7f654f06082e45b6db040a667dd69f0a636821ad51c2265b6af3854b441d6d873c8aef010411c5955279975897437583093db295b9ffe2c2e78fd0c505a53c032776089be70eabff1661a53fb1869599be83c44c639e33d61c81969a1172f6d132bd0bdb6723f9c6c0021a56fa6", 0x1000})
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000680), 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x800000000000000, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x440503, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000000c0))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000240)="100364ed0bb11e6ad9af9f759536779b4d0812a89bbd5d0ab6495b14398a4f5634e688f9bdf8e0d76fb65680759c5d3b88d8adb18322ad882530ca3f9d512595988e309a10d0673b7b7ccc07014f7e9378e2c6846ab5faaeb7f044431fad195888fc775179fd604f393909b2775f26bc48e74d32abd6e2d733786d88d1b1cd60f33ee300c44441ef02b5761b59d6fe2247a5b70bd98f701aead9ea12e36d75449f48609a56b2c09e7e071c4189a5bd8942e471c3575b883558436a6b490be2b29ceb2e423a6ac7f2fd5c848d132eff23b583", 0xd2})

05:55:09 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f00000000c0)={0x1})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}]})

05:55:09 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x1c9b69955cf3f6db)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000200)={0x2, 0x5, 0x10000})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000540)='/dev/zero\x00', 0x28241, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000280)={0x20, 0x81, 0x80000001, 0x8, 0x2, 0x1, 0x80000000})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f00000000c0)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140)={r2})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000440)={&(0x7f00000003c0)="7962fca14066c1ea4f0bbbc08fdcf5f53b87b46f051fd1004248718dbc34cfc15f63163af3c5cd90e494139c9df94faabbcfd80ce11bad512b07083a76c6df91aab6010a1ef3cf55ee3129298e0407b5c24c6fe891e4879b35b852251d2f363c0b", 0x61, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f0000000500)={r3, 0x5a, &(0x7f0000000480)=""/90})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x200, <r4=>0x0, 0x10000})
r5 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x2042)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000340)={0x1, &(0x7f0000000300)=[{<r6=>0x0}]})
ioctl$DRM_IOCTL_SWITCH_CTX(r5, 0x40086424, &(0x7f0000000380)={r6})
r7 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0x7, 0x200840)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r7, 0xc00464be, &(0x7f00000001c0)={0x2})
ioctl$DRM_IOCTL_SG_ALLOC(0xffffffffffffffff, 0xc0106438, &(0x7f0000000040)={0x3ff, r4})

[ 1544.365217] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1544.372477] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.379835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1544.387104] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
05:55:09 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:09 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x0, 0x5, 0x3})

[ 1544.460772] FAULT_INJECTION: forcing a failure.
[ 1544.460772] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.483820] CPU: 0 PID: 26943 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1544.491736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1544.501096] Call Trace:
[ 1544.503718]  dump_stack+0x1b2/0x281
05:55:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x7fff, 0x92d})

[ 1544.509877]  should_fail.cold+0x10a/0x149
[ 1544.514046]  should_failslab+0xd6/0x130
[ 1544.518033]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1544.522712]  apparmor_file_alloc_security+0x129/0x800
[ 1544.527910]  security_file_alloc+0x66/0xa0
[ 1544.532153]  ? selinux_is_enabled+0x5/0x50
[ 1544.536405]  get_empty_filp+0x15c/0x3e0
[ 1544.540392]  alloc_file+0x23/0x440
[ 1544.543952]  __shmem_file_setup.part.0+0x198/0x3c0
[ 1544.548887]  ? fs_reclaim_release+0xd0/0x110
[ 1544.553297]  ? shmem_create+0x30/0x30
[ 1544.557103]  ? __vgem_gem_create+0x44/0xe0
05:55:09 executing program 0:
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000000)={0x5, 0xffffff3d, 0x1, 0x8, 0x1})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x9, 0x7fffffff, 0x6, 0x5], 0x4, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:09 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000000)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000040)={0xc103, 0x10001, 0x7f, 0x91f00, 0x8001, 0x9, 0x7a})
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f0000000080)={0x5, 0x0, 0x10000, 0x800, 0x80, 0x6, 0x2})

[ 1544.561344]  shmem_file_setup+0x4b/0x60
[ 1544.565325]  drm_gem_object_init+0x36/0xa0
[ 1544.569562]  __vgem_gem_create+0x6a/0xe0
[ 1544.573622]  vgem_gem_dumb_create+0xc5/0x210
[ 1544.578037]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1544.583061]  ? __drm_printfn_debug+0x70/0x70
[ 1544.587483]  drm_ioctl_kernel+0x14c/0x200
[ 1544.591640]  drm_ioctl+0x419/0x870
[ 1544.595187]  ? __drm_printfn_debug+0x70/0x70
[ 1544.599609]  ? drm_getstats+0x20/0x20
[ 1544.603428]  ? fsnotify+0x974/0x11b0
[ 1544.607151]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1544.612085]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1544.617104]  ? SyS_write+0x1b7/0x210
[ 1544.620825]  ? drm_getstats+0x20/0x20
[ 1544.624631]  do_vfs_ioctl+0x75a/0xff0
[ 1544.628443]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1544.632859]  ? lock_downgrade+0x740/0x740
[ 1544.637005]  ? __fget+0x225/0x360
[ 1544.640445]  ? do_vfs_ioctl+0xff0/0xff0
[ 1544.644405]  ? security_file_ioctl+0x83/0xb0
[ 1544.648807]  SyS_ioctl+0x7f/0xb0
[ 1544.652152]  ? do_vfs_ioctl+0xff0/0xff0
[ 1544.656129]  do_syscall_64+0x1d5/0x640
[ 1544.660005]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1544.665183] RIP: 0033:0x45e219
[ 1544.668354] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1544.676094] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1544.683345] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1544.690596] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1544.697855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
05:55:09 executing program 5 (fault-call:1 fault-nth:6):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:09 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000240)={0x2, &(0x7f00000000c0)=[{}, {<r2=>0x0}]})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000280)={r2})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000080)={0x1, 0xcd, &(0x7f0000000140)=""/205})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:09 executing program 4:
syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x2)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000040)={0x5, 0xddd, 0x1, 0x5b67, 0xd90f})

05:55:09 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x11})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x208101, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x2, 0x5, 0x9, 0x7, 0x3, 0x8, 0xe4d943d})

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x0, 0x3})

05:55:09 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

[ 1544.705127] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
05:55:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f0000000140)={0xfff, 0x9, 0x1000003, 0x200, 0x0, 0x9, 0x10000})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r2, 0x40086409, &(0x7f0000000180))
r3 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x7, 0x10300)
ioctl$DRM_IOCTL_GEM_CLOSE(r3, 0x40086409, &(0x7f0000000200))
openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2000, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MAP_BUFS(r4, 0xc0186419, &(0x7f0000000080)={0xfffffd20, 0x0, 0x0})

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x0, 0x3})

[ 1544.756251] FAULT_INJECTION: forcing a failure.
[ 1544.756251] name failslab, interval 1, probability 0, space 0, times 0
[ 1544.778132] CPU: 0 PID: 26972 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1544.786047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1544.795404] Call Trace:
[ 1544.798006]  dump_stack+0x1b2/0x281
[ 1544.801644]  should_fail.cold+0x10a/0x149
05:55:09 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, 0x0)

05:55:09 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=@getlink={0x84, 0x12, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, 0x8000}, [@IFLA_MAP={0x24, 0xe, {0x101, 0x1f, 0x3, 0x5, 0x8, 0x4}}, @IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @hsr={{0x8, 0x1, 'hsr\x00'}, {0x24, 0x2, 0x0, 0x1, [@IFLA_HSR_MULTICAST_SPEC={0x5, 0x3, 0xfd}, @IFLA_HSR_MULTICAST_SPEC={0x5, 0x3, 0x4}, @IFLA_HSR_SEQ_NR={0x6, 0x5, 0x5c35}, @IFLA_HSR_VERSION={0x5, 0x6, 0x20}]}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x3}, @IFLA_MASTER={0x8}]}, 0x84}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x9, 0x100)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0xfffffff3, 0xe9, 0x100005})

05:55:09 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x0, 0x3})

[ 1544.805800]  should_failslab+0xd6/0x130
[ 1544.809778]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1544.814457]  drm_vma_node_allow+0x4e/0x2e0
[ 1544.818712]  drm_gem_handle_create_tail+0x1a1/0x330
[ 1544.823741]  ? drm_gem_destroy+0xa0/0xa0
[ 1544.827808]  vgem_gem_dumb_create+0xe7/0x210
[ 1544.832225]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1544.837289]  ? __drm_printfn_debug+0x70/0x70
[ 1544.841705]  drm_ioctl_kernel+0x14c/0x200
[ 1544.845854]  drm_ioctl+0x419/0x870
[ 1544.849400]  ? __drm_printfn_debug+0x70/0x70
05:55:09 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, 0x0)

[ 1544.853809]  ? drm_getstats+0x20/0x20
[ 1544.857612]  ? fsnotify+0x974/0x11b0
[ 1544.861322]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1544.866255]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1544.871271]  ? SyS_write+0x1b7/0x210
[ 1544.874994]  ? drm_getstats+0x20/0x20
[ 1544.879019]  do_vfs_ioctl+0x75a/0xff0
[ 1544.882824]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1544.887243]  ? lock_downgrade+0x740/0x740
[ 1544.891393]  ? __fget+0x225/0x360
[ 1544.894847]  ? do_vfs_ioctl+0xff0/0xff0
[ 1544.898821]  ? security_file_ioctl+0x83/0xb0
[ 1544.903233]  SyS_ioctl+0x7f/0xb0
[ 1544.906602]  ? do_vfs_ioctl+0xff0/0xff0
[ 1544.910584]  do_syscall_64+0x1d5/0x640
[ 1544.914481]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1544.919668] RIP: 0033:0x45e219
[ 1544.922859] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1544.930587] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1544.937856] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1544.945107] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
05:55:10 executing program 5 (fault-call:1 fault-nth:7):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:10 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, 0x0)

05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f00000000c0)={&(0x7f0000000000)="540a9a2dc08ec399a64e972b46260703657534d2161d36deb2bf76fd37099b5b8480d44a2239c857326c9b1886be5ac2df972abcd84ecfcd2eb381c918a92ea1a58e32c6af04aba95fb729a8402871f89e5a5aa74b4a4ae029469b5e07fb614b75c7c53fd4b7901192ce5741005462f598ba7656aa16f82b976901ef", 0x7c, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r1, 0xc00464be, &(0x7f0000000140)={r2})

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)={<r1=>0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000040)={r1, 0x24b1f63ded584349})

05:55:10 executing program 1:
getsockname$netlink(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0xc)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

[ 1544.952369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[ 1544.959623] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
05:55:10 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000)={0x7, 0x9})

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:10 executing program 1:
r0 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010027bd7000030000000100000008000500ac1414aa14008f4dfe80007da85d165ca95d9a407925daf42b2fe7357272150f171876000000002b08160500e0007d916043d4a0cea030562b5d371c0001080005000a01"], 0x5c}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)

05:55:10 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000)={0x7, 0x9})

05:55:10 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x20080)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0x80000000, 0x200100)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f00000002c0)={0xed, &(0x7f00000001c0)=""/237})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000140)={0x81, &(0x7f0000000040)=""/129})

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x24000)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x92642, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockname$packet(r2, &(0x7f00000000c0), &(0x7f0000000100)=0x14)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x3006}, 0x4)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0xfffeffff, 0xe9})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000001c0)={0x7fffffff, 0x0, 0x10001})
ioctl$DRM_IOCTL_SG_FREE(0xffffffffffffffff, 0x40106439, &(0x7f0000000180)={0x4edc})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000240))
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r5, 0xc01c64a3, &(0x7f0000000200)={0x2, 0x9, 0x80000000, 0xffffffff, 0x6, 0x6, 0xff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000140)=0x5, 0x4)

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000080)={0x1, 0x40, 0x14, 0x1000, 0x1f})

05:55:10 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x24000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x0, 0xfffffff8, 0x5})

05:55:10 executing program 4:
geteuid()
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x8, 0x4000)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:10 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000300))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040))
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000200)={&(0x7f00000001c0)=[0xffff, 0x2edc, 0x8], 0x3, 0x0, 0x9, 0x127c000, 0x7, 0x8, 0x4e, {0xffff4c1c, 0x7fff, 0x7f, 0x1200, 0x9, 0x6, 0x101, 0x6, 0x81, 0x0, 0x3, 0x101, 0x7, 0x5, "2954258ac8f87557d337d5793f424e39a37427c8c4b6cfcaf3548fbc47f6b720"}})
r1 = getpid()
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x2433f6d141413a1e, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_dccp_buf(r2, 0x21, 0xc, &(0x7f0000000280)=""/4, &(0x7f00000002c0)=0x4)
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000340)={&(0x7f00000000c0)={0x38, 0x3e9, 0x0, 0x70bd2c, 0x25dfdbfe, {0x10, 0x0, 0x1, r1, 0x5, 0x7fffffff, 0x0, 0x3, 0x0, 0x2}, ["", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4c}, 0x8000)

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x20080)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0x80000000, 0x200100)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f00000002c0)={0xed, &(0x7f00000001c0)=""/237})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000140)={0x81, &(0x7f0000000040)=""/129})

05:55:10 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x24000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x0, 0xfffffff8, 0x5})

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x40400)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000040))

05:55:10 executing program 0:
r0 = accept(0xffffffffffffffff, &(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast1}}, &(0x7f0000000040)=0x80)
r1 = syz_genetlink_get_family_id$net_dm(&(0x7f00000001c0)='NET_DM\x00')
sendmsg$AUDIT_SET(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x38, 0x3e9, 0x4, 0x70bd29, 0x25dfdbfe, {0x2, 0x0, 0x0, 0x0, 0x3, 0x7ff, 0x80, 0x401, 0x0, 0x3ff}, ["", "", "", "", "", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x4)
sendmsg$NET_DM_CMD_STOP(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r1, 0x10, 0x70bd26, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x24004000)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000000)={0x3ff, 0xb0d})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000300)='NET_DM\x00')
sendmsg$NET_DM_CMD_START(r3, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r4, 0x400, 0x70bd29, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x810)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f00000000c0)={0x3, 0x40, 0x9, 0x2, 0x1})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:10 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x7, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000140)=""/167)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:10 executing program 3 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:10 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000005c0)={&(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0], 0x4})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
setns(r0, 0x10000000)
accept$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000300)=0x14)
sendmsg$inet(r0, &(0x7f0000000540)={&(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000140)="973b53c87e61284ddafba41d8324e078d48e8c205aec415ae074b4fa5966cf7092afc97abc6bf899ae49aaf28c9bcc811ffecabf3c6656bbb26cdc9d88f8d5b153c3978fdfba6815ccb2aca89053b50c0e0b2c745279a1bf45065fa5a08f777126046855aa8709b7be465de0ee60867e48f8d45a563819ac9ca757af8a43fd5cb39bd6d5a5e42f15983ef473c11cb3b05c4e00b7fb0766d003b241a76fe99122419cd343f5f5c79c0751dc6d7a500b7eba6d7216c2f70acb8d76148008ab66b90c2ed5677cfb096338cc15772b76896c9415ebc7c1951908d81cbea10d66e2f713abfc741ccfe5e53af35183ea19a0b100281bfad4f17e642b3fe403ed8b", 0xfe}, {&(0x7f0000000040)="6be40ba4e056460d72eb44ec2270e9d7e03d4a5e3e3dfea15339aa21fcf78680f899e6b365a0f1ed1670eb1774f3e17d4458", 0x32}], 0x2, &(0x7f0000000340)=[@ip_ttl={{0x14, 0x0, 0x2, 0xfff}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @local, @multicast2}}}, @ip_retopts={{0x48, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0x40, [@remote]}, @generic={0x89, 0x5, "4e5bb7"}, @end, @noop, @generic={0xc0, 0xe, "bad69a00c599bbc79c65778f"}, @rr={0x7, 0xf, 0xc2, [@empty, @multicast1, @loopback]}, @timestamp_prespec={0x44, 0xc, 0xa9, 0x3, 0xf, [{@broadcast, 0x3f}]}]}}}, @ip_retopts={{0x90, 0x0, 0x7, {[@ssrr={0x89, 0x17, 0x49, [@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @dev={0xac, 0x14, 0x14, 0x14}, @private=0xa010102]}, @timestamp_prespec={0x44, 0x4c, 0xea, 0x3, 0xa, [{@remote, 0x7f}, {@remote, 0x8}, {@local, 0x5}, {@private=0xa010102, 0x80000000}, {@remote, 0x3dc94000}, {@private=0xa010100, 0x6}, {@rand_addr=0x64010100, 0x9}, {@dev={0xac, 0x14, 0x14, 0x40}, 0x7fffffff}, {@dev={0xac, 0x14, 0x14, 0x34}, 0xa0}]}, @lsrr={0x83, 0x13, 0x69, [@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @multicast1, @remote]}, @end, @ssrr={0x89, 0x7, 0xb5, [@multicast2]}, @end]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010100, @multicast2}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xa41}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x80}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @broadcast, @private=0xa010102}}}, @ip_retopts={{0x48, 0x0, 0x7, {[@generic={0x88, 0x11, "b406c547870a212da0bb8e82311c80"}, @timestamp_prespec={0x44, 0x24, 0x2b, 0x3, 0x6, [{@rand_addr=0x64010102, 0x832}, {@multicast1, 0x80000000}, {@local}, {@rand_addr=0x64010102, 0x7}]}]}}}], 0x1c8}, 0x24000000)
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000080)={0x1fe, 0x48, 0x5})

05:55:10 executing program 4:
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f00000002c0)={0x7fffffff, 0x7, 0x1, 0x8, 0x8})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x5, 0x141000)
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{}, {}, {}]})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000080)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[{}, {}, {}, {}], 0xf6e2, 0x0, [], 0x9, 0x4})

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r1, 0xc02064a4, &(0x7f0000000140)={0x4, 0x4, &(0x7f0000000040)=[0x6, 0xffff, 0xb153, 0x4], &(0x7f0000000080), &(0x7f00000000c0)=[0x993b, 0x8001, 0x1000, 0x9, 0xdad]})

05:55:10 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x24000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x0, 0xfffffff8, 0x5})

05:55:10 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x80, 0x20200)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000001500)=0x3)
ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000080)={0x0, 0x3})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r2 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xed60, 0x400000)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000180)={0x2, 0x5, &(0x7f0000000480)=[0xffc1, 0xffff, 0x7, 0x6, 0x1], &(0x7f00000000c0)=[0x18, 0x8, 0x22, 0x9], &(0x7f0000000140)})
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f0000000440)={0x2, &(0x7f00000001c0)=""/234, &(0x7f0000000400)=[{0x9, 0x96, 0x3, &(0x7f00000002c0)=""/150}, {0x401, 0x76, 0x8, &(0x7f0000000380)=""/118}]})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r5, 0xc01064ac, &(0x7f00000015c0)={0x2, 0x73, &(0x7f0000001540)=""/115})
ioctl$DRM_IOCTL_GET_UNIQUE(r4, 0xc0106401, &(0x7f00000014c0)={0x1000, &(0x7f00000004c0)=""/4096})

05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000140)=0x1)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{}, {<r2=>0x0}]})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f00000000c0)={r2, 0x3})

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x42, 0x0)
ioctl$DRM_IOCTL_SG_FREE(r1, 0x40106439, &(0x7f00000000c0)={0x9})

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r1, 0xc02064a4, &(0x7f0000000140)={0x8000, 0x7, &(0x7f0000000040)=[0x6, 0xb1, 0x4, 0x6, 0x6, 0x9, 0xff00], &(0x7f0000000080)=[0x1, 0x1, 0xfffa, 0x7, 0x7f, 0xea7, 0x3f], &(0x7f00000000c0)=[0x8, 0x1, 0x100, 0x0, 0x200, 0xdd, 0x1000]})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:10 executing program 2 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

[ 1545.383360] FAULT_INJECTION: forcing a failure.
[ 1545.383360] name failslab, interval 1, probability 0, space 0, times 0
[ 1545.407669] CPU: 1 PID: 27082 Comm: syz-executor.2 Not tainted 4.14.216-syzkaller #0
[ 1545.415587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1545.424947] Call Trace:
[ 1545.427547]  dump_stack+0x1b2/0x281
[ 1545.431184]  should_fail.cold+0x10a/0x149
[ 1545.435341]  should_failslab+0xd6/0x130
[ 1545.439326]  __kmalloc+0x2c1/0x400
[ 1545.442866]  ? drm_ioctl+0x361/0x870
[ 1545.446580]  drm_ioctl+0x361/0x870
[ 1545.450124]  ? drm_ioctl_kernel+0x200/0x200
[ 1545.454443]  ? drm_getstats+0x20/0x20
[ 1545.458245]  ? trace_hardirqs_on+0x10/0x10
[ 1545.462485]  ? fsnotify+0x974/0x11b0
[ 1545.466203]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1545.471142]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1545.476173]  ? SyS_write+0x1b7/0x210
[ 1545.479888]  ? drm_getstats+0x20/0x20
[ 1545.483689]  do_vfs_ioctl+0x75a/0xff0
[ 1545.487490]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1545.491897]  ? lock_downgrade+0x740/0x740
[ 1545.496046]  ? __fget+0x225/0x360
[ 1545.499503]  ? do_vfs_ioctl+0xff0/0xff0
[ 1545.503475]  ? security_file_ioctl+0x83/0xb0
[ 1545.507882]  SyS_ioctl+0x7f/0xb0
[ 1545.511248]  ? do_vfs_ioctl+0xff0/0xff0
[ 1545.515225]  do_syscall_64+0x1d5/0x640
[ 1545.519119]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1545.524328] RIP: 0033:0x45e219
05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r0, 0x40106437, &(0x7f0000000040)={0x0, 0x1})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x2000, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0xfffffffb, 0xe9, 0x5})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000000))

05:55:10 executing program 5:
sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x100, 0x70bd27, 0x25dfdbfb}, 0x14}}, 0x4000)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x5, 0x20881)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r3, 0x40106437, &(0x7f0000000240)={0x0, 0x1})
syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x8, 0x800)
ioctl$DRM_IOCTL_LOCK(r2, 0x4008642a, &(0x7f0000000140)={0x0, 0x1})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f00000000c0)={0x0, 0x4})

05:55:10 executing program 5:
syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x200, 0x200080)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x35f103)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000080)={0x3})

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0xec7b, 0x9ebc, 0x8], 0x3, 0x800, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x5e6, 0x2000000, 0x9})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000040))

05:55:10 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x800)

05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
sendmsg$AUDIT_USER_AVC(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x1010, 0x453, 0x4, 0x70bd28, 0x25dfdbfb, "800a224224d61e21683dc616207c42c3f7d1c12daecf54f4016e45e44cd36852f36ff9afa15363951da5899e62e6df9f1f60f76d70c0496cb349de34ba9ee6cf51e6cd21acbd1e0bd366a7b544623971830083f0d0604c43f9ef6c4eb3adaa09434750b8c07d6c35933581a1ca92202e4ee1276a8724e042c6e008088dafb61ecc9c792ecce1d86e353f4eb10575e57a449d623c6d9a4b894454c076e1c698f93c7e3a2f4397062f342e4924f49350ab2a18bcb85542f37ba0b843049fa2e53fe187960f515bb62122341e0db7dcb26afd568998a84ca0a3b613ad3f7f0c5b63230ad9a6d6e443dfc5b7c04a6bee00f75cdd718c17b94a73c83b35c1973366000f4ad543feedaba6471a5527b7b954acd8efbbde824defca625aa7ee720aab1c4ee5564dc90e7a6448664003986e821ac5b439cb312477755a9188f0a83400772e6754b7ad96d29a00c0aedcd7e5df87bef93809ce0ef750b4e85cd07629bc5949146107362449d08439cc6aafe1584af1c605be8c98c3fad812072b8e93a2c56e3adf1f644f41dbc4c253fdf5627d478a3fac281abf4ffc3e50e25af7676c1c2290c4590b3de2c6468c319225eab9a4774203561eafaf91d52497037af96809089e19799b41e70b15bd45e7232882abeac5c42d0e89bc777f80b3e70f78ae57abe84245f4cec65fdc5a27211d0ff75396279ae4915379906a22c2ac21dd77acbabce419246ea56e7404e53361ba7fc0ef003a8d37261fc6b6940e63a8a98a21625c66dd2f2a3160dd9261c6a146a7bc04bcfb17bb3bb09abb6b33e73e847c32abd9e927163e8f0ec2fdfc1c331b7839723b0a0372a0b25279abf7c5df9ffa6091e03b5ce0ed2f5f8e7afe7c4db8ecb32a0a4110d78a194b3fc91e193d17334bb9eb76a711f02ee19f61b169126d33c12565a74fe0adbcf424a3f70e9bdb32cf2d576058e538cb2363e50526bc30d9f01ca68095ba5881dbb6b2dbe53fcff4fdebc7fac3d48ae543c657c661959a28b6eb3009a19d7b83adec1dc5d397da474f4864f4910ee6f7f2b7cd32b95df4f3f2f50e25afdf40570bb49cd108e8b60833d1d157dd7c9782adbfb346b7407288a2c577753a5b18ea4527b70884d647f9604785108ce8ed4842fbd4a1c63f5a148877ebf40f2ad0cee8738ad1e0d2fcaacac7de62d1fbff1a76527bb59ed63e7bd90f1d6601e061b1584af7bf944f991c8783487f08f01d46fa6dced2ae7f344cd24f4dbfbda9d0b791ba35697186f8d43b9881580b1e51ee62b180ccb688c031f900f3b6a7cb8865897328525a9e12e46228791d55e6b348bdb4d37fcff37b63f0c865612e67dd897f0bbfb57c4f788a22047eaeb6b904290515831d8ac6981ae6c3f185865c9884bd55ce8354f5376096f1ca506df1de5748703f1bbb361521d18ef48c0e515de3364299272920c9111683b96730edc1079e97e62ef6f3a25a8075d427758d2c2958d156b7c1b1a87b9141def0107b4324ff036c9f2cac58f3e4250cb21f15a565c7c3aebcb13eeeb2c070ba30e9ddf12faa439baceeefca5040f262c2f425749084991528d77c4deb3695f4368b6f86d0265c2f2b214ecf590b88bdd5b62f10e4fd8e7c327a580a55ae2eb62beee7db3094231bfc0ab72eb4d9f894981446cfecaacde5680a3a04f3ddd3ea1acde65a97288670458575164b579e337d8ff69806c269ab985f6eeddbf4d103c2421b963d17fa0a3c02343c2cb52d458e8541d34f68cf339c5ba1fae4d3d13a9897768a79241f063895c228f985fc981a301badd37ceb674eb69768e44e29ee4d72461c80461b48bfe45afaba2ebc044e22886e9dbe5172cb6ec6e7a046476f98fb00736fefaf98b84c5cd95f66c14a808d8bfff0101dc9403706f4a73b481a9dc0050d981c95f56819a632e1a7ce9569102a35fce44614a495a4f8fe221149403f8ba8214f38e0cc684905f0b0ad0a2e92a359cbf7de65b30169472fa1919849bea47753dfd2304271d56d92cd9923c555beb5c3a41ff5fbce0761f87cb85b65931360463e2582833e49b6dd02fb39ebfb2f98b3e1204604951f929dcf9f1d3c6ead3c9273903b5a1793bac02a4190c16c12d228f74d637bc3fb0978c4378551add7303501e99ce9241bd3f4e5c687e2631fdc13ec4d7160d6a8a78b21ff19ee01e4646b874f6a364131fa59acb48a1db550d09c8b06d1c40f5ce51cbead6abb0826b274b2416efc9206e0cd6337cdf6f4948531c4be33ecad84bc6f503112b8716ce34861503884764c28c53530d528ee1de944dab5bc1f88e3b748646036c657d232d394cb750b9737fe7874f738bfcd6bb400f3a6efa27d11c496318f9e1aaad5c759cf647e9160595c2c55ad43b75f63093f168e8ee18060872d0387ca0da246ee60073fcce3eb9958a2ebde7a4f8a08a3e5df534d5a008c35ec73f732c45b81ffbf0f104b685264799e268c74d46b7e923a20efc3b6b321e868efe06c7ea94742674b12496e33f1afe37059cf99977cc3da02e651a724290eb1c7cfe155c8beb7049a5c92f7d6edf4fe29557da9e499ea26d433e8c9a52f0cef2ab077cd384b8de8979642d4f94c889a49043bf0fcdb751a44e5ddc99e8debb39e9ed0656c7f0da950cbf6c9afd67d426ce94c42d41f3f5f33c89eef1cdf3176ef247e476f0b9e2f602375a07a829de60568af584fc56ff0240697e3d17ed744c0e49034bf41daa4b08b5e3cfe56702b587c0f2ca6aac6d87798a4b598540197746f4b04bd6dfc26d40bf6a887b3412ffb99f0da37d843d3a71be36187e3977ab3341eb9db3229f31dc01fb6a3057ce59a7e26c468b54df79e74c44dd19a941b2fbfd63379e3d2710c5031358b20b4b50213a6c13d5f0be686400e187695ea2c9bcbbe63acf8c30100856a90f0da0711ac01bbdc8461719925e1602717688bc39e4791eb56212b5db7108e005d5ff03730ba71e3df0b738436fa1105cf02c44dd1cf55e8c72d117603e0cf02e57181d07a268034854893f9f6c22ccc7156629f4286d74d27388bc7ae9dffe0211638dd2b7a4133973fa82a3531e885fd5f9f5b937024b77e013a213192032aeab14c3b7c8eda85c844729f62e3780cc0bbc6c05c6a35819889f22828b01c1b02c01a36c749983922a6b2d7dc912b7f8c3ffca58f315f48ac69abd79e1c267b99865c0c72ecf4ec2590331c990c629cc7689cae753999d19a300e1c5b1c0625a62dc6eac8727636968323e8009b32b295124db73dcc2049082cbf12265224fab2ce37d50a161b496c50dea2554ddf6a1c25c77b09dec6165e842180aa7049b38b9007b150131cfd6ae85c4c4d7ac6412146c8e0189c391b2a2172bf977f6944f77fe635a6a168ed658b07145d5587f42bf42249a05c7c49f23c4d2d5688b902ba66558bf4bf2fbce6115f60fb9767a40f2d06628ea247797e24283fc07706e1d186f9e960ce612093f41c7e070f5ba1b8d565ebda4df34604d6eec26a59ac27e33efe32a9a8ad09a0d8e925f0c69f39fa3337095b45910745c0d612fa5132a5022925010e3e8aaf0d1c59d0dd3600f8fa71cb1cf00221b32dff34e3a7f84861f33793f52a84653f7b610886b400d29e7aa8c53b5a137634a493a9f7f4f743ba65d64149512ea658214bff672d0ab3acde4a49ea0a29d0f67c9543fb637403826f990b62f92fa32ecbab7bbff56fbd1a4e1fab3670274695e13c5a689d7faf5162d6fccaf3be5e767a3508f800a698dfd9e1ab8101650515e6288c0799c7e578cf3306ce4a5b3801aa64d5720eb7b0d06b452af3d286ab86de126f16708997c5040065361d00852685f1a95e3ad27dd6e496d4cbb8b5b7284ea46b1f5ed711411239a6e0125a81788f97cfe48597261e7d46de41b981f6d4422ca098c3f0a7c050331162839c782846edeb0b43e2d72f04a185b97232f608b1483e8b63e160eba946ad48abca87e9f89f9f97c72005091cb9f7ef5f5f06fec96e893137d11bd55e95df8c84f24d99db566a86891f76cff9617cd17ab07653c1cd239e8354854d333a56bbd7ff15f586b0b2dc08c511cbea0c47809b92003d5fdac8d6dcfb956448140a74a9e75ddd1804255a03d0324464b08e3997140867a33a472f4a24a04aae11b7b6971caf7165c4cbe1557931029e96ae0fad10719785cbe580e3586a3b6172f77a07ee83166e3a5fbd9137cbb90bcce07ed3561bb048f7b041dea3167455cacb7b6c21a21db355b9c875e6cb3c353583473c8ea374b5ddc5266d3f9ae084d3d1d200e93ddde6a18c9b2f2b95b6ee5695a005cb16f74d6f2cab834ac4a8b6fe8be588d35389fdcdc7469abf8218c00f3287959e118bbfe6620af07447e9481beca0980d69a7d6b3947af8d70a1608969f3ad216f99259b16864d8bbc478f91f638a10046084701b9d01d4844d7fbefe5746bef8b242f4bb945ad5512605027e01720500d27c9f67617cd6af990f0d0d4f64881f1c0270c2fc1951478a971aa6f9df673e6c29b3a2a17539fed07e95f8fbc2df67122c06a9c02e5659fca19ba9f9a73f503f3d42008bdaefa172b85b0ca968a14d846452c8a2fd3c40892d8f0797d43d32cd96e550efb0e77783f056014ccce172368846405d528f5a5e9a6f3b03cda275904dd88b4fd3dd1d100526afc7a459ac6f1bef55b8fc24c6f199b7548cb3a08af19be8f7cd667e0120a83f8ac9439b3ffca12e68ed251dab00955267ef44e11616a1238fcbe8a11692c52f265ca5218ee2abd3764b586b9f985a491af822d64a3e408044bdac47afebc91a7ed8d6bd060d11ccaea700e2356ff6c66b47021145e2abe293525b7ada5b43befa6d60d10cff9ceb2899984ef284f8a5ec9ad456d5b9f758da488538c81683f996777490de912ef6d64125cabf4b03b9ebb3d3c1f45d98dcb886c8f46824e7ade32a953a3f8e9e170ad768d58406bbcd6581524fff2b9d687823a6cd6e85edde1d412ee8459970d12d803ad588c232010eb7e4e890e39c4d1122b3ccc05cfc311e4ab1de140c1519bd0b332c485971781d29ce93dcc2dd554f124934f07ffc6697d26009bb3a39929938ac0a957676730b0636643e5db0f7e730620ce8e835cad6ae2bd3848bcc7ee8b538273bf7179801f95d8f5f6bc84d5f117a84005686b1dfbafdeeed418cafadf041f60c58a1c7a56460a9108f0bdf93f441bf644e3005f8f2dca022d1a191459d43cfc2c4a35eab9a066e3ab3d54f7fa3916f58088d8e44266ceb4f6812a8c13f2140fd4110a35d218879f062014a93d716aa173e0a02103271cb7437515370135b1a1a6d2665ae5530960cbc2d057987ae176f9413c81dca09726c019c60659175ed5706a094d7fca96c556e4c1373a3b939a506572afdd0964cfbbcea460d40790cc862f8a62bc589011d524f16a598fbd49f00b57e2186cb1c184115a6f84c4f8abd1e0e04fd6c0f92d752208a824a20238e85cc77bfd7e7a89bc7a3f0553ac0bd6a835870cea451a063d26357cdbc935637411dc65fa65209fe7a5b1e055c3641759a0ddb3d925a88df882a847d136e4217b4972c91e900a0a6b2be73ccb911edbff9a197f43dd4f3b7c4f4315c2d3f5a6287f3c9bb51bc9550e6864c9ad80e3007b352a88767fdb62990e957656d87d02cc65c8f7b33de8e87022fb0f194b94b190e0575491243b7ad1f1ae5a6cb8d36755e2c21d30f273c95a9a7569f11d5a09c683a0062f120de2b635a77a9eaca3e04db00370b4c8c87fe84642254996d7884a9c042ded1918ba99498a3ccd534e131af0fdbd0c000c9", [""]}, 0x1010}, 0x1, 0x0, 0x0, 0x4010}, 0x4000005)

05:55:10 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x1)
sendmsg$AUDIT_ADD_RULE(r0, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000640)={&(0x7f00000001c0)={0x444, 0x3f3, 0x400, 0x70bd29, 0x25dfdbfd, {0x10, 0x3686ebe629f3a5a5, 0x3e, [0x5e1, 0xd402, 0x7fff, 0x0, 0x8, 0x7, 0x5, 0x9, 0x7fff, 0xfff, 0x10001, 0x8, 0x24, 0x8, 0x1ff, 0xfffffffb, 0x9, 0xffffffff, 0x1f, 0xfffff536, 0x3, 0x7, 0x800, 0x665, 0x67f, 0x5, 0x6, 0x2, 0x2400000, 0x7fffffff, 0x400, 0x8000, 0x40, 0x7, 0x1f, 0x7fff, 0x7ff, 0x0, 0x40, 0xd6, 0x4, 0x3, 0x7fff, 0x9, 0x7, 0x3, 0x400, 0x15, 0xcae, 0x1, 0x40, 0x7, 0x5, 0x8, 0xae97, 0x1f, 0x7ff, 0x9, 0x7f, 0x8, 0x7, 0x8, 0x80, 0x3], [0x101, 0x1, 0x83, 0x4, 0x5f0, 0x0, 0x3, 0xfffffff7, 0x992b, 0x200, 0x6, 0x9, 0x1, 0x0, 0x101, 0x3f, 0x8, 0xaf, 0x6, 0x75, 0x1, 0xc48e, 0xffffffff, 0x3, 0x1, 0x100, 0x400, 0x859, 0x9, 0xfffffff8, 0x3, 0x1ff, 0x8, 0xffff, 0x10001, 0x401, 0x9, 0x6, 0x3, 0x8, 0x73e, 0x9087, 0x5, 0x3, 0x7, 0x0, 0x36, 0x0, 0x3, 0x8, 0x7, 0x3f, 0x5b3, 0x3, 0x7fff, 0x81, 0x6, 0x60000000, 0x7fff, 0x800, 0x0, 0x8081, 0xffff, 0x1], [0x5, 0x3, 0x8000, 0x6, 0x80000001, 0x20, 0x988, 0x4, 0x81, 0x5, 0x80, 0x9, 0x80000000, 0x8, 0x1, 0x200, 0x80000001, 0x7, 0x4, 0x0, 0x0, 0xfde, 0x100, 0x4, 0x1, 0x0, 0x6a7, 0x1, 0x6, 0x1, 0x7, 0x5, 0x7fff, 0x10001, 0x6000000, 0x5, 0x1, 0xfffffffc, 0x8, 0x2, 0x9, 0xffffffff, 0x1f, 0xff, 0x1, 0x3, 0x7fffffff, 0x3, 0x1000, 0x7ff, 0x1f, 0x8, 0x80000000, 0x6, 0x7, 0x7f, 0xeb0, 0x79c551ff, 0x5, 0x7fff, 0x400, 0x401, 0x5, 0x6], [0x5, 0x9, 0x4, 0x81, 0x7, 0x8000, 0x1, 0x8, 0x6, 0x7fff, 0xa1, 0x4, 0x5, 0x20, 0x3, 0x4, 0x7, 0x7fffffff, 0x6, 0x1, 0x6, 0x3, 0x5, 0xd7, 0xfffffffd, 0x1ff, 0x3, 0x6e, 0x401, 0x5a5b9e4e, 0x7ff, 0x7, 0x5, 0x1962, 0x3ff, 0x7, 0x7ff, 0x101, 0x5, 0x2, 0xc5b, 0x100, 0x8, 0x80000001, 0x7, 0x9, 0xe7, 0x82, 0x3ff, 0xd09, 0x2, 0x1ff, 0x8, 0x3, 0x8000, 0x800, 0x5f, 0x8, 0x3, 0xeb64, 0x5, 0xc1d, 0x4, 0x5180], 0x22, ['\'[\xe8\x00', '/dev/dri/card#\x00', '/dev/dri/card#\x00']}, ["", "", "", "", "", ""]}, 0x444}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800080}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xa1f2}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x37defc74}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0xf92b, 0x3c, 0x4})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

[ 1545.527604] RSP: 002b:00007f91740a9c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1545.535310] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1545.542579] RDX: 0000000020000000 RSI: 0000000080f86406 RDI: 0000000000000003
[ 1545.549849] RBP: 00007f91740a9ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1545.557118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1545.564404] R13: 00007ffd22d621af R14: 00007f91740aa9c0 R15: 000000000119bf8c
05:55:10 executing program 2 (fault-call:1 fault-nth:1):
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:10 executing program 0:
setsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0x80, &(0x7f0000000140)="da2ea4c0778c3714b4120806811967b476ba7f8265ac78ec206201e8dbb0a8ba3bf02e3a2fccdcd0aa304f9026c07200a4ad9e9c16c3191bc3bc291e04b88d28a232c84e3efd56aaa5a42fc5fad5f4c477462010597e8342dde795557a517920f5c218e01c011933e65e155c0e868e6431638555eaf8b6409648a6649328cd8e02f3dcddef1e92", 0x87)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:10 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000040)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000080)={r2})

05:55:10 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000200)={0x1, 0xa5, &(0x7f0000000140)=""/165})

05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000001400)={0x60, 0x0, &(0x7f0000001200)=[@clear_death, @transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, @enter_looper], 0x1, 0x0, &(0x7f0000001300)='t'})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000040)={0x1d, &(0x7f0000000000)=""/29})
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x2, 0x420002)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000140)=""/128)

05:55:10 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f0000000040)={0x3, 0x3, 0x40})

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x8000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYRES16], 0x4c}}, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r2, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xd102}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x2}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:10 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x9, 0xe9, 0x3})

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x123e02)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000080)={0xfffffc00, 0x6, 0x10001, 0x9})

05:55:10 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x4, 0x3, 0x10})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/188)

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x9, 0x8000)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ff9000/0x4000)=nil})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000080)={0x4, 0x8, 0x81})

05:55:10 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICLIST(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="0f0000006ebe3c72f17686cfaaf62018206fc866ffbb1d95cf2c649289dc8ff6155c21ef1f6d85e7a06e61315a1e02bddd6b914505da93d979603932beda48157c9ac00558bdd458ba326a1751a1570fece006ad1b5e002a57d6bc3d677b344abc5b6a2795bf6d3d9f10e53b7223b920712496b070e44033682e7eabf7a76860caa670f67f1691cf00267744cdca7f90b4cd1743ea6d76c2e3edb4e63924d9fc30bc906fb657960fac9330692c947ed533dcb7650e43920bc6e48da0bc5dd55f0c95fdcc0f962fa799df4e49aafc88507c4e224cce01461ebfe7f8f00a25c9becd8144929ecb746a6130fd9f28a140a4f5d37967ac32b87005a2dccbfb40b4a2ff8f0a91f6de02d089cc6e1fa7056c41423d1c", @ANYRES16=0x0, @ANYBLOB="00012abd7000fcdbdf2505000000"], 0x14}, 0x1, 0x0, 0x0, 0x4800}, 0x20000001)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x6})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000040)={<r3=>0x0, 0x0, r1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r3})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000380)='/dev/zero\x00', 0x80040, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000440)={&(0x7f00000003c0)=[0x81], 0x1, 0x80800})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000300)={&(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x4, 0x4, 0x0, 0x8})

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000480)='/dev/dri/card#\x00', 0xfffffffffffffffd, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000080)={0x4, 0x9, 0x9, 0x1, 0x7fff})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000440)={0x0, 0x0, r3})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000040)={0x0, 0x80000000000083})
ioctl$DRM_IOCTL_AGP_UNBIND(0xffffffffffffffff, 0x40106437, &(0x7f00000000c0)={0x0, 0xff})
sendmsg$NLBL_UNLABEL_C_STATICLIST(r1, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x44010644}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6c000600", @ANYRES16=0x0, @ANYBLOB="000125bd7000ffdbdf25050000002900070073797374656d5f753a6f626a6563745f723a67657474795f7661725f72756e5f743a73300000000014000300fc02000000000000000000000000000008000400ac1414aa08000400ac14141c08000400ffffffff"], 0x6c}, 0x1, 0x0, 0x0, 0x4000850}, 0xf0dfec4e9cc8fe60)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f00000001c0)={&(0x7f0000000140), &(0x7f0000000180)=[0x0, 0x0, 0x0], 0x0, 0x400, 0xe0e0e0e0})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000004c0)={&(0x7f0000000100)=[0x9, 0x81, 0x6], 0x3, 0xffff, 0x7, 0x0, 0x200, 0xfff, 0x53, {0x4, 0x101, 0x0, 0x101, 0x1, 0x5, 0x4, 0x6, 0x81, 0x9, 0x8000, 0x1ff, 0x7f, 0x4, "71269d5b8b913746a5dd388d53e247dd3a5a05727f84fd90124096e5576d7d63"}})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
sendmsg$AUDIT_GET(r4, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x10, 0x3e8, 0x400, 0x70bd2b, 0x5, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x24000080}, 0x40000)

05:55:10 executing program 0:
getsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0xd, &(0x7f0000000140)=""/194, &(0x7f0000000040)=0xc2)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x7, 0xc4ae01)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200000, 0x0)

05:55:10 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x400000)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:10 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r2})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:10 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x20003b2, 0x0, 0x7ef, 0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000040))

05:55:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000000)={0x0, 0x979})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0], 0x1})
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f00000000c0)=""/62)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x10200, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f0000000140)={0x7f, 0x7ff, 0x100})
ioctl$DRM_IOCTL_MODE_ADDFB(r2, 0xc01c64ae, &(0x7f0000000080)={0x80, 0x78f, 0x80000001, 0x0, 0x1, 0x7, 0x495b})

05:55:11 executing program 2:
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f00000003c0)={&(0x7f0000000440)="b44a0e9d2422d6ff2dbe752e208421768b14b90c4453a79f1ac74130f7b1d91b469f2f6864ac96a4e123e17ae71b660e5287dddf7437999616fa36153c7cd1b495bd3db4ff5983cd7faf8c963340aa79ccc6e75ccd4f644c3d1dad1a7cc597944ee288a1b6ecb3cf350a2d72bfb68c458e7cf0208f089122f356171ddc7926131c6ece1c57af725e0ec6ddba21db66c205ab9ad6deb9ef69365a30646dd28d5e", 0xa0})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{<r2=>0x0}]})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000180)={r2, 0x1})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x1, 0x20], 0x2, 0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000300))
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000340)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300), 0x9, 0x5, 0x4, 0x0, 0x101})
r4 = syz_open_dev$dri(&(0x7f0000000580)='/dev/dri/card#\x00', 0x3, 0x20100)
ioctl$DRM_IOCTL_SWITCH_CTX(r4, 0x40086424, &(0x7f00000005c0)={r2, 0x1})
r5 = syz_open_dev$dri(&(0x7f0000000500)='/dev/dri/card#\x00', 0x6, 0x60040)
ioctl$DRM_IOCTL_MODESET_CTL(r5, 0x40086408, &(0x7f0000000540)={0x4, 0x5})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f0000000040)={&(0x7f0000ffc000/0x1000)=nil, 0x3, 0x4, 0xd9})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:11 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x6, 0x200)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000080)={<r2=>0x0, 0x0, r0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000000c0)={r2, 0x80000})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = socket(0x17, 0x6, 0x6)
sendmsg$NLBL_UNLABEL_C_STATICLIST(r4, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast1}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000810}, 0x4c080)
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000040)={0x0, 0x9b7, 0x3b6, 0x8000000, 0x7ef, 0x5})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f00000000c0)={r1})

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f00000000c0)={0x2, 0x67, &(0x7f0000000140)=""/103})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f0000000000)={0x2, 0x7ff})

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000000))

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/174)
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x93, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000200)={&(0x7f0000000140)="4e96d0f9481e25b238c8cb0cfbbc85e26e394293af7ecf31191bc56ac0c4cac9b439fc4ebc23a05f31a2546863e53702e841f14d47f87ea2897247426d11a61b31f3070cfc30aa6358de1caf0b762860c98917080759856329d32fca8dfd8e5fb1bbf4d3eae6ed140a946b005cefd1db6a0a858cd1156fa865c541a806827dbeeafcb381127309a6", 0x88, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000340)={r2, 0xeb, &(0x7f0000000240)=""/235})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x2000000000000, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000080))

05:55:11 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmmsg$sock(r0, &(0x7f0000000780)=[{{&(0x7f0000000000)=@in={0x2, 0x4e23, @remote}, 0x80, &(0x7f0000000080)}}, {{&(0x7f00000000c0)=@l2tp6={0xa, 0x0, 0x1, @mcast2, 0x7, 0x3}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000240)="836b51c00072f3ea27093d390f38e10ae78742ac3e6e58b655aa988766434fa73a226755941a10e919a3ed16f8d87a696cd899f23c5dbf4259eb2f0fd11ac82e311d30063ea4f1368b5b03881a817adc2613cce17a6919d1e19a2b5acd84b4f56a9a9553622fb51d7d8125ff59ab66d840b102e89c6404d584de91e9577fd1169ec82eb2c0bd2274d9be036dd7ab792bf197731f3c7c63504271c301f897d576ff4c6887078cf072471a6a5393d9566d4ae6d7d7a47673fde0a3539296cd1942fcb6f0769f40d4402159f689572ad3e9d7b27612e29804ed3c809c070189edc8b13a3342f62d7ba9537b4497f0acd7bb6792cbec67d4080455", 0xf9}, {&(0x7f0000000340)="c02229ae743e9933b0d75c91a1e8e86cf1157a27f32a126207d94f8e0930a55c9da5feae07486504524058f143b63790803412e00ceb03c41d799ef68dd39d495010388b7549319157250a367ad5eb8422c5f07767214068f0f60ef1801e4cc261bb54eefa296ccade43a1d07b084bc8fb5fd878e39bc9363f5d414cc8176aab8b354b12f18ed57029ff465d84fbe696f6b6b3c334fb74666a3cc533c0675fc87d62d264b3a8c0e184dde335c9cb881aabfd369bfc5f11cbd7ccbb4cff39ed32d1a0ba74251a6e88453ea1502a0cd151bd8a2a459851ba3398c5686735fba9378815eff7c2c12dc9e00bb9b0fbf9530d7f3e28a2a8dfd54a0bdbb73fef70c9", 0xff}, {&(0x7f0000000140)="53519e39cddab51cb5e109a325c21ca2fc57da7328251046b8e5018b9d65cf97c38aa4e120e0b7710ecbccc6351405c8848814d3928de24afe3f3cd14048aa74879d8c3f4db041028d156e37e0c8257eb7c41f8447f7214bceced8d1497d52c7bf74e3b9e241dae4e136fabe575bfb43c53c763cd6ab3837f9f77b1390b20c4b06139b4af15e504f465bf0b52d6283069eb7eb8b8011cee942a048b30ab8b0bfe5e5e16501b20b5b72518fc3ef794af73ef9787f", 0xb4}], 0x3, &(0x7f0000000480)=[@timestamping={{0x14, 0x1, 0x25, 0x81}}, @mark={{0x14, 0x1, 0x24, 0x20}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x3ee}}, @txtime={{0x18, 0x1, 0x3d, 0x5}}], 0x78}}, {{&(0x7f0000000500)=@nfc_llcp={0x27, 0x1, 0x0, 0x1, 0x0, 0x1, "fc22befb4ba555b427ef1067ddd6fb4dfe5959c45c5790229d3875117251281995855c35bc8f36e4f80ecbe9c865e486d93ff715f490a2809b3d1bf30278bb", 0x32}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000580)="89ba5df351ba806931f48230ef30572bb5854906e2", 0x15}, {&(0x7f00000005c0)="a1ea4f2d2b02b9b8f7cf7ddd6fb7c03d3b93cceeb29ff51bea1a2a73ea669f1af400f9f2cd84db4128ec90283dadb2a410e71e2b12fe", 0x36}, {&(0x7f0000000600)="d7ef46d32e8eff7e73bc9214011d1d", 0xf}], 0x3, &(0x7f0000000680)=[@mark={{0x14, 0x1, 0x24, 0x6}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @mark={{0x14, 0x1, 0x24, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0x200}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}], 0xd8}}], 0x3, 0x10)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000840)={&(0x7f0000000080)=[0x9, 0xade6, 0x6, 0x10001, 0x10000000], 0x5, 0x80800, 0x0, <r1=>0xffffffffffffffff})
accept(r1, &(0x7f0000000880)=@tipc=@name, &(0x7f0000000900)=0x80)
ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x7, 0x82040)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f00000002c0)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000300)={r1, 0x80000})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r2 = syz_open_dev$dri(&(0x7f0000000340)='/dev/dri/card#\x00', 0x0, 0x280000)
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000400)={0x0, &(0x7f0000000380)=""/11, &(0x7f00000003c0)})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000280)={0x1, &(0x7f0000000140)=""/205, &(0x7f0000000240)=[{0x75, 0x94, 0x9, &(0x7f0000000040)=""/148}]})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r3, 0xc0286415, &(0x7f00000003c0)={&(0x7f0000fec000/0x11000)=nil, 0xffff, 0x3, 0xef})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0x81, <r2=>0x0})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000140)={r2, 0x70be575a})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000080)={0x0, 0x7f, 0x5, 0x87ac, 0x3, 0x9, 0x5, 0x10000000, 0x8001, 0x0, 0x8001, 0x200})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, &(0x7f0000000380)={0x7fffffff, 0xfffffffe, 0x1})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r4, 0xc0086420, &(0x7f0000000340))
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0x7ffb, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000000040)={0x9, 0x3f00, 0x4, 0x40, 0xfffffffa, 0x8bb5, 0x4})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache='cache=fscache'}, {@fscache='fscache'}, {@debug={'debug', 0x3d, 0x798d}}, {@noextend='noextend'}], [{@func={'func', 0x3d, 'FILE_CHECK'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@subj_user={'subj_user', 0x3d, '/dev/zero\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/dri/card#\x00'}}]}})

05:55:11 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x5, 0x610442)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x9, <r1=>0x0})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000080)={0x1ff, r1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x800000, 0x1, 0x3})

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x692, 0x40000)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f0000000040)=0x2319, 0x8)

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f00000000c0)={0xfffffffffffff800})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x80000000, 0x800)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000040)={0x401})

05:55:11 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = getpid()
wait4(r2, 0x0, 0x20000002, 0x0)
getresuid(&(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0), &(0x7f0000000100))
mount$9p_fd(0x0, 0x0, 0x0, 0x2020021, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESDEC=r3, @ANYBLOB=',func=FILE_MMAP,euid>', @ANYRESDEC, @ANYBLOB=',\x00'])
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f00000000c0)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfc, 0x40000000}, 0xc, &(0x7f0000002e40)=[{&(0x7f0000000080)={0x10, 0x3b, 0x100, 0x70bd2b, 0x25dfdbfe}, 0x10}, {&(0x7f0000000140)={0x243c, 0x21, 0x800, 0x70bd2c, 0x25dfdbfe, "", [@nested={0x1391, 0x68, 0x0, 0x1, [@generic="04ca880ca575427aa6444c742437ebef039a4e6af211d3231a9bcee30cc16a1848e4a34e0a52a8c89c77ab1af0ab7218b8ff3fe85eeab0c685524a6d38c5be40a05d1baeeb042175981840e53e0a6f22d002d512f6199d22d367914d79639bb8623b00230036d13f604e92b5785c6f1a54157bc15d55af1e6ca4f3d452aab5644fb4c32dc4905f29b59688df44134ea9b3b144cbe705eb8349a9df0d2cc7a7860ea16229c14b69d1f7", @typed={0x14, 0x2f, 0x0, 0x0, @ipv6=@mcast1}, @generic="99c78b0f47015a63fa4b920162899f60ae8e1dd1faa50e88d3a832f709b1e3a02214872fa4a1261b2cdf917192119a823a328b8009b1d223631f60a14420ee7613c12504983d5609b84b7c1b09a46dd9a55cf83bf56805bff1dbd20c0cfd611251898d9182a6d1c114debfc84cb11e5f854dd9a3fcdf29109f32653526128bc7d945858416d5aac0db08280ec37947fcd300ea852123504494a4d3961e3b4a8ae907df857077706ec3dd5c6ccd273668facf2c7026e59de08a2e1f99bded", @generic="ba", @typed={0x8, 0x1, 0x0, 0x0, @ipv4=@private=0xa010101}, @generic="4c920d1b4576f5ae0ea31d54118729a5f51d518be29a3f33a51dbe1e9de1555f04b980c9202b7010059436ce463b9e5c38c084e4aa3bf825956e5c32a1a3ea82a258", @typed={0x14, 0x87, 0x0, 0x0, @ipv6=@mcast1}, @generic="7bc04f1c6e34e493d0aa600caf083f2a1dc5a58c48405fb02fd55b6eb1b59c4bb67d341f2444716711214a44b4008b8fe9ff1bea022b8aca2def35a7aab8c0a529a382b2bc53dc921c294492f39425e0a45710a0c1dc7d79935d9c136be7c40ea7bea22208d6476162bf0f08586040c0e5c5d902ed50ca281acda04a49d999e28ed75e2b16705f7b0abd2dcf6e40f041d136dddbedda3f2e8184d83971418589fdbf1baa2c7ee91df4c41af21d1d216daec8d1fdd14a182532a311ce476d08a534855b34b9", @generic="56e7991fbe924025f273e7b99641d5205a9d045695d5f8e118b2e0e96d74ae8be3c2fdfcb1e7dff1899d104bd04ad3abe665d0ae12018180938b7385d9552baeb2f4cfb6d0c312a46e5bcd7be416baf33533d4225819d937802136a6232c0171a0686907b3df155be57e094467269ed5625db44ba73da0ec3e781dece5a739139dd5212db15c9c61c83e2ab1575e79f7befbbab524042fa71bd6e290aa72afa1ddb3bd3d588cd63a2168e3a7ba462d5019ae3b2b11fdcd1a6642be14f755568a1af6a0ac56463aac331764efaebc42208fe97cf61b1f5e50c71f1081d8cd0450ceb4e90d6083cd4d6243459fc102", @generic="fcec29b697651e41aeb2571ef59a5db9d677a7ed82b7938f3c64e0a430ef33b2344306ece6c8a81fc2a058df7cdeb6aa89bd9d13825b0ce2d333ebbad26933bd77f66b589a435c554eaa9b23551f5b0ec9a71d411f1cc6f689398128f7a93d35db9ac4d3224ff43fad8e7299a23558d58b92d9dbd9e3f962f1323b3a5afa48ad3fc4a1c738c4c097dea39eb3c35840784cdf56a3733aa3807f3e246ee0a8ea176ca1f9bb0c211721175b99e63bf24aa21f086abd642f4c6cc0622ad10923de7638216ff2f5d88cb8568808ec2cae3f7164f2f02b9d8db61a812cc040821f8379509d4b6517ec644fb6ca20438a4f5e4ad47b6f8b400002a7d7bfd15e564798ad6ac855f52492740b05654e7608638b6908044589f7574ae41ab1a0a7e91db52a5921c0808664466aed687b5103acf9f1e003b246dd289adffd9d8e331fab603a83c32fdf990c59ccfd7d606aa3f05df8d76a14887907f224264b7ce53c7a51fe2097ee8a4ac4514c52bdf2ffeee50024cefa585714484268276625b46ec28ff5dae128aed3bafbac43da9fb0e8e6de0bab3b7589a7294d5ea82974e9866f3ea548fbf25825f3ce2ef3041779998e5adee72272bdceb19072ee923fafa12e277e77416084979baf6ea2668657d37bc347df3fd54e0750bd0ac29bf02e8a01109c25b09a2ecc89cb2e376e12677a95bd599b7d4ea70178b5a27a67217ebd810e59048a9f73bae81bd9896869440df7254b6ba720e1cc5fb4ddefad2094a4597c39a53416425711bd8ca22fa9f5fd7337abcb067707bb33985ecfdd163894243ce26dd61fd1a42defb9f07e765c386f7914249023b2ace76f9c119d3f62924dea5ae50020abed9849a1d77d69718099342875c8847142dd548db0336123ee22973468d4e73f20bd6704087f46a292256d19b378f5ab0ae09ccee02f9472191ca3550117930fcc037e9c08434cc908e17d074d653c1175ebea5868752d0e22d6c43679acf6940dc2f13e01612ce1e4f904b210501d3a6791fea0a0dea1e0521b29030b81070d12c8e89bae604eb387cb795c7b7c540d696f0a4a6d5cdcf31064ad29fa95395bc9199accfe134e5c7008242d626f4803a20654dc3bb43a7367ec6d5e6dda9915ba58170a65f8994d42e3cae12c955fb3cf0e2c3fb9626f2b1581ed8749166b8ff41f834e28ef20a187f26e105edd6260d2a7d5c779c2dccca3d01ce3dd7986474521f37502601348c51db6f35e2a8a1703387d63527725538f35c48e4935490bd6894841f52c8564d0e81378381a1ac467ba9c64a296b3654df360f0dce2578fb764ac994c4099386376147ac0169f0d17bf28a5e78529894459df9e9f3bf086d6c6373c155b751bf423fa9331d2030adc4f2a18a527159ba474efde9439fff1f4623d417b408e89c63026d53f810aae37602690c4224ad422c670c2576ed47901379efd4e84d575816b43954b6c52070d598b895f3dc2ef8b98869b6fc3f3df9f5274f643c20b0def2b334d9e4329a1667763d9a55527244f537ff091c6c32b3d9b3d64adcccae9c1d2da890597bd6d08a9c2fdb6496ede22954c739afd511c48ee805f30e306e9c3c91c888afd5b52a6f9fee22222f4b7a142575c27756de129c1c51f92fc6d23c6c6e18f94c13d043f6fe7171e0c6419880ccb814e57ecbff257748ce318f3ebd4c6078481ff9504762600be368ba32c854dd0f97ae0c18da66060002351f7aa237882556623ad33642a53e86f767f643d8c576367181124c744533398ebc9a8c0128da25689e40ad190301e7110b2a7a6698628ecd291d7b2b5fc2fd411ec52b6a0cebd28947f4a64eb8f07737c93f84b46a1bc4142015fc9fe978dea8b1fa7e8904a97eb8cfd5a709df315d5e4a25e28192e3ecea5503c694e13123af409aef0c8b0fb6ce6d42d9b47e5aac08abfdb4d6ffbd51e3ef38786a275c01104a6dfe646c3aee2e201f3239dcbbc136a566ed531278a63241315abbe0464dabc70379b6c2483f287293cf055007e82022782a4b44e2aa500503123c2bd0f073fadec0bf71c295eb0b8be67c71fed4ebfe497bcf1aae5fd0846da25699c031e4ad469493c402f2405f8c5c623c4b27748a486dfe707cb8baf2e83bcad6c4914f4db4f4d51048f7d82dc78df64a9f5ca4c51179b20036984ad199c6e7d2a7c5e0a49151ebae4463e8ce0a996db5be4b4fd9b31ac963e6df9181b56109c28a562e898881b46d9d38e454cdeaff4163cb40026c31bd76edfd0ea7df1bcaedf6f55646e698e4fee6dc0d954889d90dfd73584c82b74608b0869415fd5643a45342f95ff414691044742704500e1112bd4fdd3f332776ce23271d6c2a14698930f7f1f774699087ec5cd8cc6798d0f98aaba02e1bf8b1a5cb64ab6b267d72db9ae4a4dece9557f3d53c2636d58dae5c07459761ed082576ab727afcd01ade8274fd055a9a860d97a35e2585aedd4234cbe26130276aba09968a591e721868b4357aee56c6b4dc1779b8cc8b36ef2a4c58b55790d645b19d253e76942cfcf53f18c0ebd3726dda3a4846919b28fc36f3c61080136cf63efb45f27001a870af6db7e36aca7beaa2eeba490a64b80816484981ce24dd51472aa41eba06914220228af287ea8e6d5a87ac469b5f44e81edcc507f080b14d31578db4051b0073d99bfb3e922d67ecc431eb39ce98bc4c1f441b9b0c38e4b87e84d458a43d00efe799f165f1c7adcc2c203cdbe6e31333f39ad69f3217da05fc8474d6b1ec830c8a021d29ec3b0d1883b16c99c1ee34eaebdd87a380a283a5851555c92b6ebf3fb4fa6d179ff56041745054d9a29a3f09e78a53aba27c37fd98764dd59f66d06acd888277b964a9de2d0238befceced776870ac55ad66810209ceb1d9bddf9d730b0b3cdcb0266195b78433104a028aa97ef413f4cf354f4188888a18db0f3d8f95f725aabdd6a800ba41fd8641fc6e0aacea953c7da3287a6b1f97654bf2a082dedae998cf7319a27190227c3c8184878cbf8f2fb7a954307d811fe72825262ccab6a2b5bc91e2acfb75bb76721fa46e2987e74b1845383140ab018cbb7409c60e99aa4a2484ba99260bbdc8ad7217f0315b6541686e095b430a2d3b83b5feee11ea803cd628b0cf04e360726c0a665c0a778575766ef25321343800afbf34888f4f10710374b6ecb5c9997ccd7b6cc052624a3a46d31ce70f97777245ccae9893287245a326e5c88584d31692070fa15448242295d55d5b83e866e41a235a6053035551246c0bd905df0ae800836d4bdf0250c43e9d2e870c62f6ae0d1a1d592be3f1295f59bb4ce92bd6afae89dc8fb461e986dae531621a50cc46a4b404c6ced265838334680491d4d863f082d1dacf27903139a5c8db3fa6ce9910697e89c695807b033a173e6ab5d7a17251115d2080c732d92988119831783b881a8043dbd17b4205942fdb100af41bf1737c101e581b686ef1e601c3ca1a77cf4eb44822bc5dfd2be6cb63e2ef50b89ac89e1dbae6f280bd9765f2168297759d6c7e4ff7f5b61792ee5bb6851c6e06996c0b43cc9aea2ca9e83d25718a223da9de6b545a43c84c01f49f49174c635e5558f0923369b7b46d8d3cd25cfa6b84f3250389b37162005da2edd11cf07228c24f0e463ddab6d5f3a80180ee5b982646cfb312463c19e0c9aedea2d7614c99484c2404e38f9f9395875753c326f176168ee49a0836d9a2eb84b36e64430fb923823b7d377b3802ea043661d353ae86338df5ecd60bf440679b3b705f62b7189bab02fd7dda9a4fa0427b9fb6f4deb2b0bfd0b754462b8509712a425385c7ba27e6253d3e610de8f53e1e9afab770300e92065afaf7e0eadb88a46791e64656f943c640f7b1ec0596702748e4f2c678ddb0f558d46d9caf2290346177d209198531daa7c7ef40de6cdb1fac618699298a932209ed76d50eb1648153313f52dfafc1de9cbfbf8530aa1b5fd2433487e7045437128cc3a69ddd2e5c31c5bd7cc78f69810e0138e6d87f4ff60f0544f121e7f6c78d955e5bba5aaa94b75a77d86591b3800574807660b3d685ee3a4ed38265f6e4b72d55c542ca7b5fdce8963d937d163048d23c697f7848e04746db2729dc8de28e809cdc5c6ee5ed4c40de3bbf19a0d9d4ef26d032dd961247e35610b422b8f43ed16f03f9a96b9f64bb8da48d3c8d3f85194ddd066a4ae334932fdc6c7e3cacf41f93e4911d6d42a06fc31b60b2e06cd5828b391a809463e40e608f56c077dd9ce6882cef3fadae920ecca448c9ff1e15e9aba065c8aab1dca2e00d81341585a689332156629ca62fb755928aad06b34051f8df43f09766452d5ba7121e5409f1590dbca117757f32c193ed12bfa271f1f97f546425431062c46d330a340da98903c75089b6db068b1b735b9a8de34a94287f7b059287d016417cb572440d07ea594ccc8865432f9d2aad9d38db66891820e51a32cff75dacd7442b30c870afe3ba444cb7126619fd37c8f3f968eac420593762c0046076dba7d904827edcb31001091799e1bc38e9b92fef690056bde7be61029970f0cf628bbcf3bb0c112747cbf2e0c88b2da9578792d8ffeea9a9e46f47a6dea553cf15f41e595efeb8cd42d186dba0a5cc14b346b5792af1c3655b7780c7cd31bb3d6586ed7f55089aa6626c0530a9e6f2ed15626aaa25676952c417872c26848127a0d72795a12cb351ae4832d3badca4ff083b63a2a065e4a501b3350343214ebe6435881ccad3b50b465f862e770469b48844cd76c84c1eb561685495bd54c6876811b4acd62dbfed280b0d7e2c6a13eb0145945c554412a9b7a9de7d6693c52562d1b294a19d127915ebc782e7511c39236a541bba9a497ea11ca12ccc0718652f4228fadbf03078597eb4e1cd7aa927c153704ea6360ee237907779cb7067aa73288ca2555fe50deb4d83a3cd14c0cda808c95060c13c6a0984256259017b64f022bebcb57dd1283a713ba405c482900ff43fdd62ffc88dbc79a1c9a936c81408196779abd3f5f246ca7b7a6138c11ff8e32b6aabe2482fcfa0391b9af4ca2770353ec71862145d7267fc283983d7219763f28858918988d429715d645f30890d78caca632843718b89d01442f0dfe0bd30e9d0e6b9e1dae4f1fffbe711b6365768424ebaddd1c53ea499ab084a0af63ecda44f49dce1004f20ea517ec3d069185cfca66ab94e13f2b5568f94ec12f7e706bec544440f047285303ba83a618efd809d5e4fb843c282786d3ae3971d9380929dc378cf3ad490d8f9ba84455acf694e08f292a34de93b846cffef1e9004d510c5c58dbbe8fd3ed057b673c4727da4ec240a18d16110244dc0ec84cf1b789cc926a8259041f18161e40bb8763b6e47e8f8b25c3fb2d89ec5814bab657fb1cd2808c079f281ddb0b7dd14eb51f833abb5e6d666cd099ffbb290f196c8ae21af131e3eb5c20c08bcca0edacd8d52ed25a5cd5177115ecc6a6af522033063f3dfb2f1e5bc368d9ef91c41ad560e2e35679aa04ee981605436ea22a9d2da0ecba8b21277b61430a5dcc5d0b03f8971abdd5653556c0d3e8f4881f4952e23c2d8a47c0fad1c4f5e4fc737c899a0e39a773d7f237999094f556408a3b73011eef9c3cb0755aa6e6db53ad70e1a8fba2e75a5453f73e138ac62efae572614a8305c04fd9a5e36a54d058309f1d393a43402d687a567529034fee906534f078ffd95e7f907dea46250122cd56a8cf39d243abac5b402985618ab603653a186619e0cb1c8379ef85b11ea79164f5cbc130fe2ea59da5e2"]}, @generic="baa29bc2f903c750647a7a32713142124fa03122d9e546dcfc3bc86ea3679f86e149f502d52d1557320414faf1b461c24ae58db547c0d372cadb9b238c4696486b2d6272e271", @nested={0x1008, 0x5c, 0x0, 0x1, [@typed={0x1004, 0x2d, 0x0, 0x0, @binary="92ad9ca61a30dd8ee0a4406bb091fcfeeabe6e58612b8c9df68e45eacc0516f3672c55fc0e9c9a75c0b8a80c447b817401a338ad4344763f49ad8f64836520619b2338c23ac69c47216649aa05d3359848950d238fb83c9ffc5e9e50148b901a4051784c94fcae99996bfa6ac2b09954cf9bb51a4a78429320b79691efb2685474796e834d28a9a005e240120b4dd58893cc1d33aa97459e0d7f6d120f75acabaca3236444d6ed6063e6b4c17d4f3a02f681a095c3f4d72eadf6eac39c48c607f2f2918b35b50d50da9b91e8aca677b05f563fe887ba86df4268adabe654bda17cf6ff4183de0c757c013d88d21a40607a6a04b9fe97c36797214de5ac9ed0f796c293ab1bcf295719c764ccea0821f164eece5c32e6d1ca3bb8796f3e0bedd1165bd45b1f07dbdebe2a958427c834344f2b942eeb9f61b44a219b8b63be25866399ba3df1b1e6a0dc774d7b1e0f8648dcfc67421f0623a84a1afe6367db396aee0868f51717d885f1de9bccdb5c4c8aeb05465d4907783734a7a4a2dd99a3d1ee5f30ab708a037d0621d6852d2c62deaf1b6049d6fb998a490084276d60a0cdc7a657e361a47cb700570273d35f4f528f17f8f4bd75760b9a9e2af4efe5ca91772084ef8353590b1e26f6c3221bd844f1381892ae020cb520136ed5945901b7dae5b7c99f8b20c0f8a8818d7702d7369002a71ee8144301403d313bb678b8e6427f5a0b8bb1de7d0a33e346e973ef357210f505dc5de178f74bea3eb131e51d2c2d5d72c4d16db21430ba4f9d546220d62a55c61080c926c44bdfdc44fb3aff0feb4e217482e8cce2ac937efdedee7b4975b5cd3e38b1427bc647656b2c8819f679a38173fc94034d8b85aef564d923295d61ca21a3b5ce1436c968d1f150b4b7410255f9e37d39f0dcb4e91d5f0ea475270d73efe6c94c2b96855aeb4e8dfe01e7dd9a0f7342baf192aa89fba2f8e962d4cae69b9d4379169fa817ff637a8fa308648df06b0f10779408eca5883a992c2d3ace68c5e779c3b4b7e6768a704dbd60bb66bb57a21198602679226ae29584f7186260e5292e4065ba910323ae84dab466ecf5d675a6e8f5ffaf8bf07aae67e3151e0062df8b74f4f67f8faf7be127039c2abbeaaebb13893396e429e245746c15e42c4ab1b01ac1dca1a35af5df16d66bd9a41cf5462701d3b2f6855cb46914a44cb938e97fed2f92401ccde4853edd21d09c678fcb0adf93316e8c1dec08c4d6d56844c7d0bcc7fac4b9e236ef7ffeb980d1fc8274f9a9bbf0300626a0df4c6feef55b98c75a8c6718a843e5713e2f65fe25d687a6c37811a46972976afb682afca1331c8dd4f0f61264340de7f1cbcae1fd73233557b26b83744cee6695ea65ad9468a243b81c36e686495a29f95cd8aa596b43ed9b993ae512d8681f681eaa926154e2eb111c8794dac337aa3bdbdb7907dd9d2a8543d98ef152753e9bd2a823626be20f4412eaee955582f1ceebd298715a6efeb16ab8199b67f36d1a40954b2cc7a0cecf815ec8f0e6e1bc2a2c35b46f4d0ba9589c4f53a37b9086e2bef554eee81e3583593c892aae6b9f34c32030fe97b5f4b2d1767bb30b02579633e2fe2d7edf8717f41e456354aa491965369aa7d6f7db00771697181c020d1ad5c4c9009b2246bfd885ffeb6b05368b2e6de470dd287b74ed0a640596be2ee7f3fda336d618026c0bde7dd1f18c8de39eea9df9363669185a9eeb773e5837445395eb85b342376b201a3d75c400a6a7973f5f9112a1931f6c06534695edcf5006d0c79123b86f8420f32633a0d76a0746b9b906a40fd47ebca58336d2ac997f06c176174b56b3c92e5ad8f16be21946005f998e717b59a44dff8f77cfefae1f08ba3b5e58d431b369502ea30bb5b1cdd6a651a3cfd9382ef6fb8132d27b65b4438f9699997b4c0f132d527652006a3b48abea2b638e062b8208c87aa45dd28249e22093de2329e8a951052a2fed2a5a325e9de8dc3af3104b8b036e45991fb52f4a63e55986119cdc18baf10dfc19e385ae69e6f5e14a48938b7c8548206f4a307b271c5a5c15ab062d2631ea1cfc0c08c4990ac6a222e2ff3d4c0aeede9451b97453e2c006f331121e58ceae2ed835fed367e808273ce026114b449b64e0f2178635ba2ad9fc1f8684ae962c062cfeb504f59e18c97ce895c55d98ca0ad2d332435bec2231e3c474cf0ab844b99e6549e7bfea3b80ae6634b2ce24e0d27803acadf40131b43475da3385d8d1f8e80bf7b314a6a2466fcbed4e62070c2b1ed0776807a586bbeb54b68ad6446a7cb7408fbd967337c4018fe8a11ea5ec919c3de46c0d560d73d21915719e1dfc962bbd54e2537a01dcd594a0c2ec6d1e9c076af07e8b6589aa0a756f137be95001c44cebe4bab0f103dfadeb2fbc368194ded7d8da9c51042b65a3841db52bf0e754336a6079bfd24e0fe62181e1323441b230ee07f117ea4eb9170044a0a0b438f7f988541c2ad99b066a47a93675d1bb48aefac7d4030a4ee7146626fdb64ad1ef0f60fcf612e2a54de929ea8945555bee1ffb583bccb61a3587c613964e2457ee71becf3c91238c493e63604648117bfef1fa346d732d72eccf8172289325867910430b3f07a3c4d3a07b2e7a1ac6a149efdbbf44375f11ca8fbf138202de76336489316fabb45a39a8fa3ac1a8f004fbbd0205d4e2caeb8d2feac1938a8705d79c9d7dfb7fd266171f18a4e86d0cabb534789041ac4e338f3ee4ce66f823cf69dd1041215a3fc1d90071f0464e65b5b607db827e542c3d12f3db3ea60f36eccf2782c30500e00b57e8ac4d975988c2699e158af458e2fc37b93827ab101f5e9be58e8bf0ce52de5e04a204b3e53ad4ee2744ec3975b0eb38e382029b4471ea9fce5c64aecae455967aa0e3ab45d6b91b208a8719516ff8505317501c74615267f6e49563026ed9fd35c4121d842cb8a9a8e511b2fd9716bd5c5cbc2ef476e9b1fcc5611d759a695313e0ccb6c3f70679909678c669e09fe45a2529c4a621f29ffef3d05d5c00dcf960551cac4c0db14965a7e51e92dd981fae7705f205628f6945a5c1f00f627851c2e2b8e6745c00098449927e2c3406dbf1539e7dba66f4b6ade78c37e4f3bdfe7d8d47d5722441a0e14618e7a7162b16908b4734b0cb1df645c472f6b5182dccfb95fae393a0d22ab39390191273b2256c594b6a94f0b380be816905f535b790d77c2495caad27c88c6319f179785c54cd181eed03e7fe20d90bfe9d2b78909924123f381dd850c278a8f9b6b2f64af91b98550e9c2c2bec86800447eba07fdf72d5f98350b5138255fed5ad4e5028f0fe7a64b3d1bd24b232fd023c8c999e800506933100afbf97abc4996427c4827eba3ade820095e715d98d8c8aa90e2e890d45af6f1a010f129b572f9c14773663c073ec6bd0a4fc220735e476411f27d7820ebe4d03816180637a13341d824f47d2340a4c0cfbd6104d8f899922f108a6561fcdb8435bafe3926c2cc396f6be4dbe910f4ab4e858a52a12b5c49c024fd311ca4cf025b4c7dbf84b9954c0a0a65db7bc28846b98786fc7308e0feb798ad23d1142b8763fa5e8f94ec3155329c4f675a6e21cb89a1604d9cd8474303b525cc5bd5e6d53b99d06fc5c8953c9688b837562b94e6f0aa877443baefa96be4d32a6682faf965e96ca0111745d29e7d7381799810aa2af51f811e0eea3ff2caf2d93022e4aeea5ab4bf71e3677ec78d1810307a1d7a3eb4f8df4107264497d5bfd1e9de62359bab107a060a6defaa15f82a05e6223d06c6806f630bb310bed746b28d3917198894da40819e8e10e58dc83343e3db3c4ed325d46c59789cf86d562279eebce43127467a6c556f27ac1d562cb80e473da36fbaed763ca88c472f01fa3da3d5c586532bd4d0f3048a13421fe4b16bc5152b41d0c80ba3ba9b738f1693f70a39de16ba2fcb85aafbb44f1547c26db8efd1f6bf652d08585a80911284284bd7b5541f93af84bf1b42c8a5b51e2e70df10f3970afe2cb6e523f6bf63586186f454cee42345b0ad554c16d48e3b98cf1d3c39f4adf544c6a166a92e178afb43c2e4bb7c977dd5c2ad1671c5b807c46b2f03231ecc68457f6bb62f07d11f5944340bfb0f3adc735eec6255a9476779573ab825084a63788a5a8917e7981d15799e1b2d8e4efbd04ccde098234dd73e68d86622ebc3c80a10a55747bacd9e28ac76f3d638385de22df2abf4e52058f9d0621ec642a284df43350ff01a84be3a77befff75e94896060700de00fad6b0938f450e0054873af331857267c90ba30c0964c0d3b435818794ef592b0780c49e4abcaf99b77bef8c42f3d2ac4c98ab9cf494d258cf4f89bffc491b9ec85fe6d393082f3d999f640a01b6502ed92e62ac33fd17c4004ca72d64c313df1253ec4341f4b1e567b1fc8c99e4403af81b21cacfaa4a034432d8a20f806a9356d8ee559759e7e5cece50aae09f02a26eb8463aa51f43ebcef3c2e1e14985cb7b0186584e92afc9586af202e4e85ce4a7c71de0c52241e1e64ea748fd02d17956b1996bd8a4846129dd009ef270dd353162717514d77508d908339ed88242ec4c2edcea2b9f1329b21179ee9444743caa4f232d83297aa61532c8ae9a114ba1612bec41099ec06bddef3fc7c2390ccb7566ff832400dd984ef98f54db1293ca444c3fe249bd29ad06127b471e1ebee0016aa8638919ffc10d1e21b5e2346d9481af642b81676e08537e27ec89850e8e8fe802c111ef61957057ec733b4958854fd77a78698550cbe20dcc61690e7b4cd17b935ce7dfd51c88636a563c5529328e7542fd59ccc9b5f997025e27b78a7cbc995cabd1ec9ae120c61a425f0d295df4519f532cb459b49bb1be313420b57c00021af69e9a81f1fdb475c757a556a5c761530eb389c28bc03a9b125f6794b3f20566d59a245b4ed907392b705a8c39b6aea82365470962cf5e60295a3a72c0fe42c3202aeb4f06d6794768b5ba9e08b321e497d8057aff4c4dba6d562c90c42232838623bc77a45b9bf40ba5cbbb40a9e84d8d0a872e9ad4ce9a9aaa508e40a326d607528720ac33e5345b71de6c11e59107ae85757d2aea5b125406e23516df6457df1b80dd5851ea842eec688509653f7b91061fefb51caa4a1df9adb02191f3e484dc2a59040063946151c23a83cc9519de1896788d9878efac4a0e0175ca3a1236912b2499058257fea8435652dba26cf0b4012a338084d01bf8af3b038c56fdd3514379590043de23f547ffc7cfed465cea4f80e8a2fa400fac98df4fc0e92b22b8fd8c07be99ddaa92c9fbeb8ce05afe2e810a291c2ab11aca72fdfbf1fce84d43a932d855913f4173df06eec1859a11b2d9b4a770c87c2b50119e46d0d001aaba1ae6604ef496b76f28a5e676bb9e5c2aa71ea0825b39e67b8201eda21a5e6264809007a3086c731dec3cda6f801002a665b0d2beacd4c99fe61a166008be8ad8ff1c925db309ad6651839742cba6617ddbecba4890b14767f934fb7065c39f91e4b73eaeacff26308d78f46dd1d52e4105d85f167babb37f10a23bed74f9a3f7185885acba2dd2e0b8a383242e66939e003378172c6fe184b6d2e53add637de015969b8a6cf80b6451358adb06cf6759a10e5b67cda547317193d143634a2d3bc06c084b0d517d64d5ca6ec503e685ee82b3869ec0f805621d45b784e98c2cebc8622aef366c1127f3d0f14c915014019c5dce8913c37361285b06f1db7b38ac33cbb25ce690d4d1a7b666a723dfb5337ca6a69be906"}]}, @generic="8085f5f7a8bc86aa4108bbb79b4a3ec3a96ee25f660332c7ae8fad3a1d32a03aedf66b874c051589833defce3845a0978f52ff68e0172060", @typed={0x8, 0x8f, 0x0, 0x0, @pid=r2}, @typed={0x8, 0x69, 0x0, 0x0, @uid=0xee01}]}, 0x243c}, {&(0x7f0000002580)={0x3a0, 0x24, 0x200, 0x70bd26, 0x25dfdbfb, "", [@typed={0xc, 0xa, 0x0, 0x0, @u64}, @nested={0x313, 0x1c, 0x0, 0x1, [@typed={0x8, 0x3e, 0x0, 0x0, @fd=r0}, @generic="3aeadbe3fde95fa5175a2b0e961ee4a8408e", @typed={0x14, 0x45, 0x0, 0x0, @ipv6=@empty}, @typed={0x8, 0x17, 0x0, 0x0, @uid=r3}, @typed={0x4, 0x27}, @generic="346478c22bfc31b55d9c56001f6bb41d2814f87901b3571346cd8ac93a4edfab47d13eaf16c46c45156b9d537fa057c593f46047a8514f45a6884aa482036c0151b603fe4d105a6b6b0054b0abf92005c696ed7d6d8cb92f4aa3fc871afb2826bacfee4a9ea5cca5d3d91c0607afdff5cb8979d583515e1bc8cacb234bb01aa2804ab0f1ac3d2061639b196b6f847cc24f6a6ec2f9a2bf562181ba5e8fe187a1b37c37191cb137008c5e0cd509d051f37cadb09e00c2c69cdf1b522ad2e974c99b52d00a1a243c3d496534", @generic="1380e3107643dfcf389ca95af2dc7a27a5f1b62059374201ee8fd614914fe0e61c8adc396962c75b569f410e833c83f319ed3631f7c0e53572da6e373fa9", @generic="60be3f5f2d0566a48fea88c65c1e7a155b4ab2eda031563a810e1f723d9b85e996a051ce1b8278a312871ce077eae5847c9a70006e594e81b041d975472e565b9b00f68d33f1aaf42e429667ef588c6ddb2e2ffdf5520122674db711c3374bee5ff11562d06866eb0803a1691e6f0b975a5fe1fd559e522e231194994b3f09fb96c91d0faf41c1486738122552a420623b363061a435132bf227503a4d598794bb6a41fdfed4db4c468836d5ac90a0e3b46bac4be2ad6e6d23c1149db25797e21ea2f357f049aff182463d3ed4f6363805440cb2487892684efef94d66876bb15f0f1e3b2b47b9fa", @generic="071045c95705ed4696507700f02523ea258622c709b8e4a63408566c14841873c8f645fe7007beffe3112377e8003b6a7f2874711743626a66387edf1cfca98c46e0a2dbaecdd570d98a4f5540f08e8f0e9f152f15f5ca32370b0aaefe06c2fecd220520218fff79b9b82f226052cb9897865a0caa95f026a9fea8aa156834d7814b1116f735312fc47995d4ab0073a1f5e9bfc6d02b4fbf28a5a7ee97d5ab5c391b4eab0b4d4ccc1b5cc09c2db3678dc3d14bc52528d123aecf31ee43759624d7544981ae4e8a598b9ba4a0801f1fa43ddd5b7096ae3de581ce340c8a36ee8d38e96371"]}, @generic="2d6a10", @generic="a8ad5972f8876fb3ceaceb38e989cfb957dc470f0d65dc473858dd7fb9860362b910e197bdd3b29de597133e9ccf417515f7709691a40ab5b04f2d92aa5ee94c932534587f53173542c3e15b13915a2e46fa501963ce64bca1a93a6d6ef311", @typed={0xc, 0x46, 0x0, 0x0, @u64=0xd8}]}, 0x3a0}, {&(0x7f0000002940)={0x244, 0x1c, 0x201, 0x70bd2c, 0x25dfdbfb, "", [@typed={0x8, 0x41, 0x0, 0x0, @ipv4=@multicast2}, @nested={0x152, 0x3f, 0x0, 0x1, [@generic="cf43426b9c502d81f3289fd9af21a36771a9470b43da000c07b5ca6f4acf7c1b5eb9a05458ce1900d15455912da8e70fa038e19f63ec29f30190a984c189c3ace8f3cbf58f3a3a2020632f9bca87d878f35f08037f780227c575d2496843b24dcebbad2eb8d15804c0162a10da0907b164dbca77a6d9450c332ac541bcd80f4ab1c44b287ffd80930680615ee4df286c8f52b5349761a5fafe1e15f09c2720895b6c5ec460ca7ebb5549a9128ba794ce65017972eda0e8e9623412c5d7184b21f11ec453d19d8f4aa1d7cc196c2497ed599be702f25bc949895501a0e006f9", @typed={0x8, 0x72, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="ae1645ba71e0d5b0ce88b7f87fc88208608a9b9c312875c22bf32d0fe5390d9dd45b3730f12e61d77c44a98893394784fd922f2f67079608e156d728084e917a01cdc2abe6bd8a68aff4f826986d12cf2865bec8ad901c25b6728372b91e1a", @typed={0x8, 0x92, 0x0, 0x0, @u32=0x7}]}, @nested={0x6a, 0xd, 0x0, 0x1, [@generic, @generic="a189f2048cc135b15e5132122a54d03275eaadb449e4e6f9b66abb4872880d01ccb59f90b64feb1dc88bdec8b41f877d65d3640f74334f44d579fc54f4cd772f7669f33fd378cbe384dbdd726655ba25f8c5681cba152791292cb9aef177f0b635a2883ea60d"]}, @typed={0x8, 0x4b, 0x0, 0x0, @u32=0x7}, @generic="0c742276532549992f1cfb540a838ae81887005750b32864f10f8cf64f775e0acfc1db02704192b327868dbd865c2c3160cf90f19bb4b85e6c647fcae397087408a62bbbb104e1b2e227fd96584791fd966e42dc22a5d70a45317dcbc5f4d230f4121b"]}, 0x244}, {&(0x7f0000002bc0)={0x278, 0x33, 0x300, 0x70bd2b, 0x25dfdbfb, "", [@nested={0x267, 0x93, 0x0, 0x1, [@generic="b6b3483b4d6c6772dd4895ba691cc1ff8913b28e40f926777a56380a6daaa69e5e863e02c24821ed18cf2b80d7c496bcebe6cc34978aa42b493659dc760192a434a982ac9fcf3337801e50ad82d394e8b7a7ea0d2fff312cef2d5d77ee37dcdbf104d77175714a3b22e99d8becb7eeab593a1e", @typed={0x14, 0x2e, 0x0, 0x0, @ipv6=@remote}, @generic="f2decc9dce5b25d7b0caba0cfcfcd5b96feaba84c5ed3c0a5baee76d3cb1dc6d5025a4470dab204c1e7b1622432f24bb98d97af0b5593f735d6d17f38c4754bb18f4f1b9d9cf673de267bd71fc5c5c458588979385acba14b935c444bc5539559cb60b891f24a2d9656ba527ffc2c28fc61b69c4390f69654044f2a80ab38fedc100d74480236a545f2a707b0545c33d1a2e12599ad2fd695d15e797f62681b6a6b8ef240a735ec1e02d18587da1f4baa22a2fa651aa23847aebbabb973b9cd06d4d671e727030088bffa5981828d5124059263b0cdf85", @typed={0x14, 0x18, 0x0, 0x0, @ipv6=@private0}, @generic="734226e9cbd93988a9b543cd740e59a555b93102b88a247494e887fadc8e7107f34e5bd10b704727085b8ca72d7252b6fab13552d63fdb15ce348867965fb4a293a2f2ade2ee1b3aa26825ff016235e7c8658fb5aea4a046b29f8bb2e35699bb77316b1a3b5209ec6392edea475914e45d9dd53bc0f877bc460a09ad224f8c1714570cf89e3d46ab2f97ebc8d2596091528061d02223a574e82f24dbfb1c135abba97305b9f6624b68eab77101789cb3051a3cd3ea64e0047b352309b9c8eb389c26feae9e05b9e49c5622f4cd7d380cd7f37535dd373aa7beef8ebb26c6876a6d784ac5f5", @typed={0xc, 0x68, 0x0, 0x0, @u64=0x9}]}]}, 0x278}], 0x5, &(0x7f0000002ec0)=[@rights={{0x18, 0x1, 0x1, [r4, r0]}}, @rights={{0x2c, 0x1, 0x1, [r0, r0, r5, r0, r6, r7, r8]}}], 0x48, 0x10}, 0x40)

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000080)={0x1a, &(0x7f0000000040)=""/26})

05:55:11 executing program 5:
ioctl$EVIOCGBITSND(0xffffffffffffffff, 0x80404532, &(0x7f0000000080)=""/241)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x5aa, 0x10000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/181)

05:55:11 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000040)={0xffffffffffff0001, 0xe, 0x5})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:11 executing program 1:
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000001c0)={0x0, 0x9, &(0x7f00000000c0)=[0x3, 0x6, 0x9008, 0x401, 0x1, 0x8, 0x5, 0x73f9, 0x6], &(0x7f0000000140)=[0x8, 0x4, 0x4, 0x100], &(0x7f0000000180)=[0x800, 0x6, 0x800]})

05:55:11 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x101140, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{}, {}, {}, {}]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x7, 0x600c00)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x7, 0x4004)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000340)={0x22, &(0x7f0000000300)=""/34})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xfffffec3)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@delnexthop={0x38, 0x69, 0x10, 0x70bd28, 0x25dfdbfd, {}, [{0x8, 0x1, 0x1}, {0x8}, {0x8}, {0x8, 0x1, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r4, 0xc01064ac, &(0x7f0000000280)={0x1, 0x28, &(0x7f0000000240)=""/40})
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f00000000c0))
sendmsg$inet(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000440)="facf7ebf1fed3320d2dbad0045b5726df86ea63827b65843c9e001bdf87f11660bb8ec6cdf53a81c0fa43f83a477f5e52fea5f09edd73fab6c45f347ceb63a6de52cedbcba03a04d1548aebd49c7ab3108ddf59f8a867114c1a45175610ba38fd2645df9222ff5f06379d6eeec1465ca03f5fd85a6be09a1c6f3f7c7a1d04268c1e059420efc8f7b3d1bb7904d444af7b18a787b2a4524754d897e807a8b53e476c60b0f0f22e37c435110e74d72681f6e5052615a277b4d98c7363a77adc5", 0xbf}, {&(0x7f0000000380)="6b5bb729bd6a9ba6ee793aefd98382c0b26a9ab3aff92c22412038edd5e75da66615", 0x22}, {&(0x7f0000000500)="02206713731267653f999c91d681543ade02d4c41e25d09e9ea42d677871802bdfe8411ed9a35cbb23d23972567951906814dfeccc16ebeb4f9f15d5ed766f18d6a71a5db7ef91c1d1277766cb85b205ace72d4d06402815c5cec90ca54530727845728e933457e6f16c2ab0aeed7bebe31f30c943dd18d823dcf02bd176975318817b2c7c254980aaa18e3890811e8235bf06aee9f853882557b3f1825791d2075422061e54e4bff1bc43d01485", 0xae}, {&(0x7f00000003c0)="a93c056a069ceec3d9edc994c93a9110abb2431b0234090f006b059b8e5f10bb226d8e19", 0x24}], 0x4, &(0x7f0000000600)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x7ff}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}], 0x30}, 0x804)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000080)={0x6, 0x7ff, 0x8, 0x6, 0x40000000000000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa9})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000140)={&(0x7f0000ff9000/0x4000)=nil, 0x1f, 0x0, 0x1})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000180)={0x401, 0xffff, 0xffff, 0xffffff01, 0x7fff, 0x1f, 0x1})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x100000000, <r3=>0x0, 0x2})
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000000c0)={0x0, r3})

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000000)={0x0, 0x0, 0x0})

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
setns(r1, 0x10000000)

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x8, 0x248102)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:11 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000140)=[0x0, 0x9])
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_LIST_RULES(r1, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f00000000c0)={0x9})

05:55:11 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x1}]}, 0x24}}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000180)={0x20, 0xff, 0x8, 0x0, 0x400, 0x8000, 0x4})

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3ffffffc, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000000)={0xfffffc83, 0x0, 0x0})

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000011c0)='/dev/dri/card#\x00', 0x100000000000004, 0x9ce40)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000140)={0x81})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
syz_open_dev$mouse(&(0x7f0000001200)='/dev/input/mouse#\x00', 0x226, 0x80800)
ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000100)={0x1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r2, 0xc01064ac, &(0x7f0000001180)={0x2, 0x1000, &(0x7f0000000180)=""/4096})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x101402)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f00000000c0)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000100)={r2})

05:55:11 executing program 1:
r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x8001, 0x8080)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000280)={0x50, 0x0, &(0x7f00000001c0)=[@free_buffer, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000140)={@fd, @fda={0x66646185, 0x4, 0x2, 0x8}, @fd}, &(0x7f00000000c0)={0x0, 0x18, 0x38}}}], 0x3b, 0x0, &(0x7f0000000240)="f47e03dcad42d8e5a726905ff5cf9fbbd8257a3a7c0459eb28bc6eff81aef52b45db19d2b17f8fa103e70c268ea9349252c774289573a1f4381609"})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f00000002c0)={0x1, 0x5, 0x9, 0x5, 0x1, 0xedb, 0x7fff})

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000240)=""/173)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f00000001c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0), &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0], 0x0, 0x3, 0x4, 0x0, 0xffffffbd})

05:55:11 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x7, 0x2)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080))

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x4, 0xa400)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_MAP(r3, 0xc0286415, &(0x7f00000001c0)={&(0x7f0000fff000/0x1000)=nil, 0x7, 0x2, 0xc0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000080)={&(0x7f0000000000)=[0x0, 0x0], &(0x7f0000000040)=[{}], 0xf20, 0x0, [], 0x2, 0x1})

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x44100, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f0000000140)={0x1, 0x8, 0x101, 0x52dfce95, 0x40, 0x7, 0x2})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x60442)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
setns(r1, 0x2000000)

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0x6, 0x9, 0x4], 0x3, 0x8, 0x3ff, 0x4, 0x1, 0x3, 0x1, {0x7fffffff, 0x7, 0x40, 0x5, 0x0, 0x7, 0x0, 0x1, 0xfffc, 0x1f00, 0x7f, 0xd3a, 0x5, 0x2, "34b076f9072622f5d6739aece44a0687c90658f4a3cb8458ab9b14d4831b5958"}})
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xfffffffffffffe00, 0x200)
ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f00000000c0)={&(0x7f0000ffe000/0x1000)=nil, 0x81, 0x5, 0x2})

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x5, 0x80001)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:11 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x8, 0x40)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000040)={0x0, 0x2, 0x100, 0x10001})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = pkey_alloc(0x0, 0x0)
pkey_mprotect(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x1, r1)

05:55:11 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x10f02)

05:55:11 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x2, 0x0, 0x9, 0xfffffffc, 0x4, 0x9})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000240)={&(0x7f0000ffa000/0x3000)=nil, 0xfffffffffffffff9, 0x4, 0x2})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x2000c0, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000200)={0x1, 0x1000, 0x9c0c, 0x0, 0x2000005, 0x6})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000140)={&(0x7f00000000c0)=[0x8, 0x400], 0x2, 0x5, 0x1, 0x1ada69e4, 0x1, 0x3f, 0x0, {0x9, 0x6, 0x3f, 0x4, 0x0, 0x0, 0x1ff, 0x1, 0x8, 0x2, 0x6, 0xfff7, 0x3, 0x0, "4ecc852737a0059d7a136150c5174019886c7d9f1f1b91d68b4d195e6b22ab5a"}})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SWITCH_CTX(r3, 0x40086424, &(0x7f0000000080)={0x0, 0x2})

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0xe8d41)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x10000, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000003c0)={0x3, &(0x7f0000000380)=[{}, {}, {}]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{}]})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000140)={0x1f, 0xada})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x488000, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000240)=[0x1, 0x8, 0x1ff, 0x2, 0x1f, 0xffff, 0x59a, 0x0, 0x8], 0x9, 0x80800, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000340)={&(0x7f0000000440)=[0x3f, 0x7fffffff, 0x5, 0x50], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x400, 0xdededede})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r3, 0xc01c64ad, &(0x7f0000000200)={0xc8, 0x9, 0x7, 0x6538, 0x7, 0x2, 0x2})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)

05:55:11 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0xffff, <r1=>0x0, 0x10000})
ioctl$DRM_IOCTL_AGP_UNBIND(r0, 0x40106437, &(0x7f0000000040)={r1, 0x5})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x108540, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000140)={0x0, 0x400})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f00000000c0)={0x0, &(0x7f0000000080)=""/45})
r2 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x7, 0x2000)
syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x0, 0x22200)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x7, 0x8001})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040))

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000000)=0x13)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0xfffffff7, 0xe8, 0x5})

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x400000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f00000000c0)=""/221)

05:55:11 executing program 2:
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000280)={<r0=>0x0})
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f00000002c0)={r0, 0x2})
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x1000, 0x20440)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000180)=""/202)
r2 = syz_open_dev$dri(&(0x7f0000000300)='/dev/dri/card#\x00', 0xd713, 0x4000)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r3, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f00000000c0)={0x7, 0x0, 0x10001})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x388f, 0x2, 0x3, 0xfffffffb, 0xe5, 0x0, 0x6, 0x1], 0x8, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f00000000c0)={0xfffffff7, 0x4, 0x2, 0x13})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0], 0x3})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x777c43, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000040))

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000180)={&(0x7f0000ffc000/0x4000)=nil, 0x9, 0x5, 0x88})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
accept4$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0x14, 0x80800)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f0000000100)={'ip6gre0\x00', r2, 0x29, 0x0, 0x12, 0x29, 0x0, @empty, @local, 0x8, 0x700, 0x8, 0x1}})

05:55:11 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000140)=""/149)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/182)

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x13})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x82, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, <r3=>0x0, 0x0], 0x6})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f00000000c0)={r3, 0x7, 0x7, 0x3, 0xfff, 0x7fff, 0x10001, 0x0, 0x1, 0x80000001, 0xfffffc01, 0x9})

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000180)={<r1=>0x0})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f00000000c0)={r1, &(0x7f0000000040)=""/44})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{}, {}, {}, {}]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$NS_GET_USERNS(r2, 0xb701, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x2df503, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
syz_init_net_socket$nl_rdma(0xffffffffffffffff, 0x3, 0x14)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000080)={0xfffffff9, 0xe9, 0x1})
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000140)={0x6, 0x2})

05:55:11 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x1000, 0x400200)
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x9, 0x96981)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f00000000c0)={0x17, 0x0, 0x0})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000040)={0xcf, &(0x7f0000000140)=""/207})

05:55:11 executing program 3:
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x7fff, 0x10080)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080))
r2 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0xb78, 0x400001)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x22082, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f0000000380)={0x0, <r4=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r3, 0xc010640b, &(0x7f0000000340)={r4, <r5=>0x0})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000200)={0x7})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f00000000c0)={r5})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r2, 0xc01064ac, &(0x7f0000000100)={0x0, 0xe1, &(0x7f0000000240)=""/225})
syz_open_procfs$namespace(0x0, &(0x7f00000001c0)='ns/pid\x00')

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000140)=""/135)

05:55:11 executing program 5:
r0 = socket(0x25, 0x5, 0x0)
sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={0x0}}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000080)={0x0, 0x400, 0x1, 0x7fffffff, 0x81, 0x4fe, 0x3, 0x3, 0x0, 0x4, 0x1, 0x400})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000040))
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x5c6, 0xa0000)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000140)=""/202)

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/144)

05:55:11 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x121582, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000000c0)={0x4c, 0x0, &(0x7f0000000240)=[@transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/68, 0x44, 0x0, 0x2}, @fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000000040)={0x0, 0x28, 0x40}}}, @increfs], 0x71, 0x0, &(0x7f00000002c0)="e7819068602d7e2bc376dcee6a181e3acb572b15002a2a7dc85051d31b20883f6838ce0edc0aa46b6d667d542d2b122ef3333b82490262981238ba064d0aceb6cd91ba243947d3bec9f56606964f616c9b6c2beaf7669256d41b59ccaf57caf0576a627fa7ca908d2b3178fdcdd687ab1f"})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000380)={&(0x7f0000000340)=[0x3], 0x1, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000001840)={&(0x7f0000001800)=[0x9, 0x9, 0x401, 0x0, 0x8, 0x1f, 0xf0], 0x7, 0x80800, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f0000001bc0)={0x3, &(0x7f0000001880)=""/170, &(0x7f0000001b40)=[{0x6, 0xdc, 0x4, &(0x7f0000001940)=""/220}, {0x7, 0xaa, 0x0, &(0x7f0000001a40)=""/170}, {0xb2, 0xc, 0x5, &(0x7f0000001b00)=""/12}]})
r4 = syz_open_dev$binderN(&(0x7f00000003c0)='/dev/binder#\x00', 0x0, 0x1800)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f00000017c0)={0x2, 0x5}, 0x4)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000001780)={0xc8, 0x0, &(0x7f0000001600)=[@increfs, @release={0x40046306, 0x3}, @release={0x40046306, 0x3}, @transaction={0x40406300, {0x2, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x60, 0x18, &(0x7f0000001440)={@flat=@binder={0x73622a85, 0x1000, 0x2}, @fda={0x66646185, 0x2000a, 0x0, 0xa}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/4096, 0x1000, 0x0, 0x40}}, &(0x7f00000014c0)={0x0, 0x18, 0x38}}}, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f0000001540)={@ptr={0x70742a85, 0x1, &(0x7f0000001500)=""/50, 0x32, 0x2, 0x19}, @fd={0x66642a85, 0x0, r6}, @flat=@weak_binder={0x77622a85, 0x2181, 0x2}}, &(0x7f00000015c0)={0x0, 0x28, 0x40}}, 0x400}, @increfs_done={0x40106308, 0x3}, @register_looper, @increfs={0x40046304, 0x3}], 0x79, 0x0, &(0x7f0000001700)="aeb20da1ae12951b25bae0ef0a5c8eb66b9f0d496467765a4ff2d449b7e2f20cecc574a8f1154750c79bbd041ebd2cd5ee3dd7c1c11020a6ca21dd00f80551bd8b97a5b1905b4b4ca03a7ffb5fca5ad9e8df1e5cc2fb52eccd5bed56eb22d13c937cf8b2a5ad6142d4b273733315bb55425207316b9a7f1a1c"})
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f0000000000)={0x4, 0x4, 0x80, 0x2, 0x101, 0x91, 0x3ff})

05:55:11 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x88400, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x400, 0x0, 0x2})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x6, 0xf69, 0xef, 0x5, 0xffffff99, 0xf0, 0x5, 0x3], 0x8, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x7})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f00000000c0)={&(0x7f0000000040)=[0x7ff, 0x7f, 0x7], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x3, 0xcc, 0xe0e0e0e0})

05:55:11 executing program 2:
socket(0x9, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:11 executing program 4:
select(0x40, &(0x7f0000000000)={0x6, 0x2, 0x4, 0x2, 0x7f, 0x1000, 0x8, 0x1}, &(0x7f0000000040)={0x1, 0x3, 0x8000, 0x8000, 0x7, 0x8, 0x8cc9, 0x9}, &(0x7f0000000080)={0xb11a, 0x6, 0x5, 0xd5f, 0x2, 0x6, 0xde9, 0x40}, &(0x7f00000000c0))
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x58, 0x3728354d5607ad5a)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:11 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000080)={0x12})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f00000001c0)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0], 0x1, 0x3, 0x4, 0x0, 0x6})

05:55:11 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = getpgrp(0xffffffffffffffff)
getpgid(r1)

05:55:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x42201, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=""/57, &(0x7f00000000c0)=[{0x1c00, 0x3e, 0x8, &(0x7f0000000080)=""/62}, {0xfffffff8, 0x51, 0x324, &(0x7f0000000140)=""/81}]})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80200, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000000c0)={0x8, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}]})

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000001500)={0x3, &(0x7f00000002c0)=""/139, &(0x7f0000001480)=[{0xd09a, 0x96, 0x100, &(0x7f0000000380)=""/150}, {0x81, 0x1000, 0x800, &(0x7f0000000440)=""/4096}, {0x4, 0x23, 0x1, &(0x7f0000001440)=""/35}]})
r2 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x80)
ioctl$DRM_IOCTL_AGP_INFO(r2, 0x80386433, &(0x7f0000000080)=""/127)
syz_open_dev$mouse(&(0x7f0000001540)='/dev/input/mouse#\x00', 0xd661, 0x416541)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000140)=0x7, 0x4)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="4009000000000000950077e239e58cb3858646f6d006645bbac8934950c68aefdf86b7c754384985195a1dc5c2751d00000000edc6d036304ad8e213347f34be21c5abafff74dc493045f10ba2c14da514007e79bf1355163c99228dba686d72b6d55a74f7bb64151d405c75bca732b7c43d8dccaa40a73fda0a53090ec84600f580c272ade2ff47dd7312bee8f20809d4a03289d55ba8878efeb2be229b332d8fe49a1e05756c9d1930c7948d8078afdb2cc740ca9184747a3f623fdcd3e72a8f0f6434b6a4f1c8004a9edb2207abacfdb647333d9669fa000000"], 0x8)

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000180)={&(0x7f00000000c0)=[0x6, 0x3ff, 0x7ff, 0x9], &(0x7f0000000140)=[0x0, 0x0], 0x4, 0x1a})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x3, 0xf80000, 0x400000, 0x8, 0xfffffffe, 0x80, 0x3ff], 0x7, 0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000300)=""/136)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000400)={0x2, 0x2e, &(0x7f00000003c0)=""/46})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x549002, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000240)={&(0x7f0000000200)=[0x6, 0x7f, 0xbcdf, 0x8], 0x4, 0x1000})
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000440)={@hyper})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x8, 0x8000)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000000)={0x0, 0x0, 0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00')
sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x44, r2, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xb0c}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4010}, 0x4040)

05:55:12 executing program 5:
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0x0]})
ioctl$DRM_IOCTL_GET_UNIQUE(0xffffffffffffffff, 0xc0106401, &(0x7f0000000180)={0x6b, &(0x7f0000000100)=""/107})
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000080)={0x40008, 0x7f, 0x4})

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000040)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080)={r1})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f00000000c0)={0x1, 0xffffffff, 0x1, 0x1, 0x9, 0x6, 0x80000000})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x8000, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r2, 0x40046411, &(0x7f0000000080)=0x6)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000001c0)={&(0x7f0000000180)=[0x900, 0x346, 0x1, 0x0, 0xfffffffe, 0x7, 0x10000], 0x7, 0xffff, 0x5, 0x6, 0x80000001, 0xd3, 0x7, {0x8, 0x8000, 0x200, 0xf800, 0xc000, 0x5, 0x3, 0x1ff, 0x0, 0x800, 0x4, 0x200, 0x0, 0xfff, "20d6375f44a702665fab4158584c767e4938af03d649a1afcdf2b45ede41b90a"}})

05:55:12 executing program 4:
ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f00000000c0)={0x8, r1})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x9, 0x0, 0x20000})

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x200000)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r0})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000540)={0x4, &(0x7f0000000080)=""/129, &(0x7f00000004c0)=[{0x800, 0xe0, 0x6, &(0x7f0000000140)=""/224}, {0x7ff, 0xd0, 0x1, &(0x7f0000000240)=""/208}, {0x1, 0x93, 0x3, &(0x7f0000000340)=""/147}, {0x6, 0x93, 0x2, &(0x7f0000000400)=""/147}]})

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xafb8, 0x626200)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000400)={0x3, &(0x7f0000000140)=""/166, &(0x7f0000000380)=[{0x681a, 0xf8, 0x5, &(0x7f0000000200)=""/248}, {0xfffffffe, 0x71, 0xfffffff8, &(0x7f0000000080)=""/113}, {0x10000, 0x45, 0x44c1, &(0x7f0000000300)=""/69}]})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe5, 0x5})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x5, 0x602)
write$cgroup_devices(0xffffffffffffffff, &(0x7f00000000c0)={'a', ' *:* ', 'rm\x00'}, 0x9)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000140)="f5c1b95171df8ed8460d68e15007b5917cdf22b0235ea945fcd3afea1b528037a357cb0953ccf7a22c9e07dbd3ff4e73851cba30d555a7ba6394262f14e6c2c58516331d2de3a8d40ab51784f5edf090c0f5a87ddbaf71eda1c0036ae2d215adf422b5d2aa1f62de4e93bf627062e28c9585b64a275c0754f7151095e2f2326ae650e2bf6510f9a597ee78cbd0b7997d95a4a57c4f0e3b985ee08fc5f7d0a6c8ae31ca994d01ab8e4dc56fc07a4388411558476cf1", 0xb5})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000240)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000280))
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000040)={0x7, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000000)={0x800, 0x3209, 0x8, 0x3, 0xffffffff})

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000002c0)={0x40, 0x8, &(0x7f0000000200)=[0x8d, 0x5, 0x101, 0x400, 0x5, 0x800, 0xff, 0x6], &(0x7f0000000240)=[0x2, 0x0, 0x8001, 0x1], &(0x7f0000000280)=[0x9, 0x811, 0x9, 0x5, 0x1f, 0xf8e4, 0x5]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x940, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000140)=[0x800, 0x930], 0x2, 0x200, 0x3, 0x5, 0xffffffff, 0x79, 0x5, {0xa, 0x0, 0x4, 0x1ff, 0x4, 0x200, 0x1, 0x1, 0x9, 0x3, 0x40, 0x400, 0x9, 0x100, "870e809d87b32dcad79ae3b798e3395bbb29a872469ac8899bbde02620691a7e"}})

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000180)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0, 0x0], 0x6, 0x1, 0x4, 0x0, 0x8})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000040)=[0x0, 0x0, 0x0]})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x40000000000003d, 0x2000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x1, 0x3538, 0xa9e})

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000040)={0x0, 0xbbff, 0x7ff, 0xa44, 0x7, 0x0, 0x815, 0x8, 0x1, 0x8001, 0x1, 0xfffffffc})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x7, 0xb9, 0x1ff, 0xfffffffd})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x877, 0x40e041)
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000000)={0x2, 0x7, 0x477785e5, 0x3f, 0x5, 0x81, 0x101})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0xfffffff7, 0xe9, 0x4})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f00000001c0)={&(0x7f0000ffd000/0x2000)=nil})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x0, 0x410140)
ioctl$DRM_IOCTL_NEW_CTX(r3, 0x40086425, &(0x7f0000000140)={0x0, 0x3})
ioctl$DRM_IOCTL_GET_CAP(r2, 0xc010640c, &(0x7f0000000040)={0x1})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xc2c, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x7, 0x2541c0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000040)={0x3f, 0x0, 0x10001})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:12 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
accept4$packet(r0, 0x0, &(0x7f00000000c0), 0x0)
r1 = gettid()
r2 = getpgid(r1)
r3 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000080)={0x100, 0xff, 0x10f451b1})
sendmsg$AUDIT_SET(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, 0x3e9, 0x100, 0x70bd2c, 0x25dfdbfc, {0x8, 0x0, 0x1, r2, 0x42, 0x4, 0x200, 0x3, 0x0, 0x20}, ["", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x20048010}, 0x40005)

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3, 0x2)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000140)={0x5, &(0x7f00000000c0)=[{}, {}, {}, {}, {}]})

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000080)={0x0, 0x18, &(0x7f0000000040)=""/24})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:12 executing program 1:
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYRES16=0x0, @ANYBLOB="200026bd7000fedbdf2531000000080001001d00000008000300", @ANYRES32=0x0, @ANYBLOB="f03be46c9ca96cf15d11107c62ed0f26fbd174fe4c7049b2c6b45abbb6498789668d310a7e3ea482edfac53bed62cd154c4f018b64040000000000000096fa4464680e941bc26161bec79787fc943d75ed363bb6be9988e74bb55362fc09447439abab011ce25ac74ffdc5bf433f3d6bffdd326148bc9c9fcc3bc70ba940ddd9abc5959f82b346cab06ee9c248ce13567e56239585e462"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000000)=""/142)

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000000040)={0xda1, 0x0, 0x6, 0x0, 0x5, 0xffffffff, 0x8})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000040)=[0x2, 0x5, 0xd4b4, 0x9, 0x2], 0x5, 0x80000, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AUTH_MAGIC(r2, 0x40046411, &(0x7f0000000140)=0x197)
ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f0000000000)={0xa179})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x7, 0x50000)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x401400, 0x0)
r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x2, 0x20400)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000140)={0x800000000000000})
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x14})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000040)=[0x7, 0xea, 0x7, 0x4], 0x4, 0xcb, 0x2, 0x1, 0x5, 0x80, 0x7, {0x7, 0x1, 0x40, 0x3ff, 0xfea5, 0x8, 0xc9, 0x5, 0x9, 0x400, 0x6, 0x40, 0x7, 0x6, "3e77756e1b520bb42c221e8cbe553b55875782a442b62bfd2ff031ca68dccc66"}})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:12 executing program 2:
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x246422}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000041d50cc96397c1c23d79b5e50a2855ae55ae85c9164b11f7d045aefd1e952143f3", @ANYRES16=0x0, @ANYBLOB="010029bd7000fcdbdf250800000014000200fe88000000000000000000000000010114000300ff020000000000000000000000000001140003000000000000000000000000000000000014000200fc020000000000000000000000000001"], 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x24000090)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000040))

05:55:12 executing program 5:
r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
shmctl$IPC_SET(r0, 0x1, &(0x7f0000000100)={{0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff})
shmctl$IPC_SET(r0, 0x1, &(0x7f0000000080)={{0x0, 0xee00, 0xee01, 0xee00, 0xee01, 0x0, 0x7f}, 0x10000, 0xc4, 0x7f, 0x100, 0x0, 0xffffffffffffffff, 0x1d1})
shmctl$SHM_UNLOCK(r0, 0xc)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipmr_getroute={0x1c, 0x1a, 0x20, 0x70bd2d, 0x25dfdbfc, {0x80, 0x10, 0x0, 0x4d, 0x0, 0x2, 0xfe, 0xb, 0xe00}, [""]}, 0x1c}}, 0x5)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0x7fffffff, 0x5})

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x402000, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000180)={0x1, 0x0, &(0x7f0000000140)=[0x0]})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x412541)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x2, 0x20400)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x3, 0x410800)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f00000000c0)={0x36, 0x1f, 0x80})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x4, 0x402000)
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000140), 0x0, 0x25, 0x8, 0xd154, 0x9, 0x1, 0x7, {0x9, 0x9, 0x5, 0x3f, 0x9, 0x400, 0x0, 0x2687, 0xfc7b, 0x3, 0x0, 0xff, 0x80000001, 0xa0f0, "2fe4ffbc0ddd145c631b4e5bf6d1e6f015f4a6c7769a0914d7edd2ba903e0629"}})
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000080)=""/31)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f0000000140)=[0x7fff, 0x9, 0x100], 0x3, 0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_MAP(r3, 0xc0286415, &(0x7f0000000240)={&(0x7f0000fff000/0x1000)=nil, 0x3, 0x1, 0xc0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa5})

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00')
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000080))

05:55:12 executing program 0:
getsockname(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r0=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f00000000c0)=0x80)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r2, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x68, 0x0, 0x2, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7fff}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xffff}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r2}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffa52}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x982a}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7f}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}]}, 0x68}, 0x1, 0x0, 0x0, 0x24000000}, 0x1)
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:12 executing program 2:
r0 = getpgrp(0x0)
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x38, 0x3e9, 0x1, 0x70bd28, 0x25dfdbfe, {0x4, 0x0, 0x0, r0, 0x1000, 0x800, 0x1e, 0x6, 0x0, 0x7}, ["", "", "", "", "", "", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4048410}, 0x4000)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000002c0))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000140)={0x0, 0x0, <r3=>0xffffffffffffffff})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r6, 0xc0286415, &(0x7f0000000440)={&(0x7f0000ffb000/0x3000)=nil, 0x3f, 0x3, 0x80})
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x42003, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@privport='privport'}, {@nodevmap='nodevmap'}, {@access_user='access=user'}, {@privport='privport'}, {@privport='privport'}], [{@obj_type={'obj_type', 0x3d, '%\xc9$:'}}]}})
ioctl$DRM_IOCTL_AGP_UNBIND(r3, 0x40106437, &(0x7f0000000180)={0x0, 0x83c})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000})
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x1000000000000000, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[0x20], 0x1, 0x800, 0x0, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@dont_measure='dont_measure'}, {@obj_type={'obj_type', 0x3d, '\x01'}}, {@fsname={'fsname', 0x3d, '/dev/dri/card#\x00\xac{>\xf0\xb1\xa6O\x8d\x9f\xa3\xed\x8a\x9e\xdbt\x16\xe4~H\xc5\xff\xbf\x18\x81\x9b\x15\xdc\xd5\x0er\xa6^\x93\xe9\xb0\x1b\x90\xdc\xd0\x9f\xb4e\x13\x986\xb6\x9c\xb9\xb6\xc1\xdeETte\xcbQ\x06&.d\xca\xf4\xe4]\xbb\xbbW\xe7|\x98\xca}M\xe5\x04\xee\xec\xe0{\xd3\x17i\xb6P\xb3\xac\x10\xe0\x12\xd4\r\x92iT\xc5\x9b\xcdM\x84\xdaO9*\xf2m\xeb:\xd1\xe9\x12M\xf8\xe5h7\x7fM\xc6J0U\xb9\xfc\xa8\x94W\xaa\xd1g&\xd3\xf2\x8a?\x840\x8f'}}]}})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x301001, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000000)="d2948e226e240e5c9d874c4a4d56e6fd2051f80b34465689adfdedaf6155ec29d533a809068326aa683dc0198aaf932444f76fc2412acea6043fdcf4643948403e82977ce48193ab78", 0x49})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000140)={0x1, 0x3, 0x3, 0x100, 0x4, 0x3, 0x3f})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:12 executing program 3:
accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000003800)={&(0x7f00000037c0)=[0x1f, 0x9, 0xfffffeff], 0x3, 0x80000, 0x0, <r0=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'})
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180)='ethtool\x00')
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001340)={&(0x7f00000001c0)={0x1144, r1, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_MODES_OURS={0x10e8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x40, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, 'batadv_slave_1\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x20}, @ETHTOOL_A_BITSET_MASK={0x4d, 0x5, "9938fcd7613ecad390dc837e0b8fddaba3b142e265754ece087ac8584b4a8d956184ce5e09692ae8fc145622aebba58723d9101ab7ffb6b3b6542564cbbc90780b86b02b8243e2c979"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "430f23f7fed46ac5e7955da2e86d92a0c5c1274f80a14269ce5023d09d1863af3a67c2e33d062867aa03e123e6b20e812b0cffb777853ba8ebe62e2246ccdb6fe06d03128f95a4b1b5f6ef12ecd65a47e6720be673dba2995b1842eef2680abd127d28a623c01a385367d1ab3ec89dca171e072c41de407cb8ef445a2482a409c1ab7eaf608d588a9a36ae8c85a26d2d594d06d6bea0da30c46adf9ced800e979764820dcb44da6f17ba2a266eac30bee0792934dae962490ba5a5ebdbbb19f691b20576f662ea931ebd4a3d9b765d0e762c53dd8416d54953673714273502cb09c50d5ff400b21646130ee0145f32e0343c239ffc08abeb1afa8e3372cf8887518a431dc084d76e7362c378edd73aa93a2d00b7f1806ddbcb790f37fb8c82591d6c085625125dfe22e067bb8635ccb6077c5da8cb7e247dbd9be8b42058e7a4b921a6a6cdc09eece3cc17fef21a878df87cd755e9f8d4afc90891b63af00398d0a572cb46551a1970e898d271453e79e3c45aed4d22583d8767c64d49bfe7ddc65c834276bf0dc7d08d29ab7ec571174113629e85c62695e7c8e783fcdf7970ce31683e6b1c08c4993951d924e0df54d7b6205ab98150c873d3518f3520392f537d20a44b47f2a660e22d46f8524f9317c0109bdbd0872825c57f95c8019b15ec6f57424e9777b876812e6079c2822014a2fd0a36553f7de9d6f0915e20ee0f8cd8ee6582617df9ba2374578bbe19161db30e127bc9ed025670771a9b9c92df305d0610d1a97f248f81cd359bc74913d228f3b881a85540c89c71c2673e63422169a6e10f561f1b7797365cf454cdd41c657eea2554c4b6498cd72b3bbe21ca9c1b73d62a54bebb4427ab7923cc90c95af8f5f26d88bee96993b836ead5f479e1a6a898f3758a0341688bad00574012e9c513fac7b268f8adffaf6f785a3452844526f1342a77dc8cd6dbd459562760e2da18dc1a0eb664dcdc2743422e9ef1d2ff5c441ad3baa330457e9058d3ea504d5aa961828cc3aa96a53c52c99d5b113e966f7029345b225ed4510437362ef563f24616e228c73b23551e1be18859198497b0c94f11c4573713fd5e3d8fdecf89b50dc94ee5aa899f600e5013a5b4aac9222a0575665d0bbfa0ad1290f8aa080c833a8b26a7f2d38bc695f56a9e9252d8df88e7b934be9c54d67c86229a1f987f4409a2e9bb423a1506cba92b7ddc1e5f60833e6efdc338190d04c40376675cf89dd26456972f8935545ea706a526ad35624e1b05cb87e1cad14f3f6cb78bfbf53e4f731718f2479e291dac06e8fcf934906ce1ba669e4bc5c5fda18affe82dce5c9a0fea09d940e51d8d15c45deef70654a55e323428264c74ae998881a782b62dedaa677311410bf793c84f3fb0b0add19c202090539338bf50bb183bb49d25a134f53650ca43eb46574de4b1a6fc27cb30b233ebed6174742f42fcc0dd31cfa5f26a4a9fda382a88a3337e77bf324ca95a5810418c0b6bcda607a26239cc6bd9be05d5fd8e82d13e3576142c0d967863c689229e606955ba270fb7edbea7f5d6eabe3df9b1a8734468dba611a9ab706daa8c0367b5fc5d8a5d57674593f9d26d72ff085cff19a89027a061955597baffaea40dd5bbbe0a0289fa6f50b9f8d6281bd0c45a0b4f7d3b94b67ecffaad659c1f5fca36336aded5861200d3bd185eb27a91357f1ce8d79cf13960abca85484132c464a8c51e689097b0e2542749effc4713e6f01e92ba05aa996f7cfa89285ec5e01ff17652aa97a5931f8f529a76c0cc64d289890193e72fc8154d8d39e24b92691fae2c561ac71ab1a30c1188d73fa74ac0e94fc93d9cb871719ab2af312ce90d3d05420a7da919fb0669c80d8cf60bdde4d3eb22b1a81f70a4fd747862db49e83a311fed5622436dac42227088be7aa9b2ead983bf73d508981106423fa69f39cf0250e9bc70a2a66b85e033617e36f971aef1545d6cda70fc1cf05c1bfc72e8656568bfba55a3b8980b9d611bf58ad44b00a84784a0f8f39802a292d85e10d50583f66026fac1b6509e6879f26f3e091a0d704870aa7eb28fddf21c79e2f1e88ff8b736f5dc61f4afc708c2221ba6885c9332fa72c6379e5608025cac3e174cde6dd2e86309441651fb78f0c777d2dcf81238157cc743ac7c1b89872ae3a286ca70d44ec69189b9c8fe7a5b957c5b7d72f9ef1173a7ddde0e920318dd7c9ed97fe8109c3eec3640f2191c68dd1ed650804f464e021071683bb71975de29172c6e386723e2016338ab599a991997d1803804740b33ae70281e533f493cb970ad959f4b4ef8efb6d2c97642d6e83110ead8a93a7a725fa3211d2ab72dddbcd6463afeba5d2103747cd335e95b36da0248e5f4e839fdf0ccb7e5a6a216c5e17ead73ac6afe01abb0b0e056aa9868c21d4dceb62b69a48ed568c7fa49d9e69dfb4270cf0aced2ce01e6f723d6c589ebe1fa448e125fc61d7dc289055fc3c1d0bfb45d18523cfdfbc0a7ee0f01d885c70edca7eabd5023f7bfc3e64ba8de8ce6d79d132b7d17eb03da447f3934e73aa474d805e759aceab7cae9659283c39dc741bf26371757a20b57bf3336dcf314259084ca9d7acaa1e885a5bdeda245c7a2fef642f7a1f1e5a8a491f88e519036aa8ee9b5f739fb0b11ca798638937de4ac01f02e645a8ed24d5f143430dc1689e3043197e56889eab160286d7c267303d23e4def1bb4b8248b5ba98ae5374424e899bb1a25216b054174187a47ae4b367fc23c7905e13f5c415e78fa08172bd43f8b31974c2f2971d7b448c1e799e93e08fbed4f1ea0e8da473440eea82eab571c966df16124673bad3efd02e780f2c2fcd44760ac4ecdb56ad615ce27677ab84ca50bb4065fd7ddf5ef58a990a1d936969d145f9e4ae34be5ae10614fc49b4dcbeff2aa8474edc169b56a217255adca2c8d04d1bd1d4e894bab7ab16d55a5de43509e535832891dd9a9adc8359388322c726ef29d85ded3e6ffd7a036de6abd997ff6087a0d1eb9285420ac81157c73d831585a8a45ff8c95cb9377009328fa3f2973ea1e76ce35af2c6ea63848ba9327bd8319a781a67520f2534289e50391d922be9d3669b7c895f39660a35a156d3b1408f38249036d697a1f7214e0c7e30800fa40ed1014edcc6a7dcc395253e544ed20d0e39a281828a97ebf04be811a4ef2d4978a9912477d68516ba6d50b672d63d06babbe466baf291233eb43b6ccc445b93c48e64cbd8122bcbc703d2c5c37f918b81e0561838da5d0af5329099c53e46bca8b08ef71214e760bab28ab38480d60c2b55247bcc24fad8df838df99ac26d292e31de46c060d357f103117769ef7aeb6a5952f85de8197bcc90e185041081959b0eea9d693aae62249146a51943693228591f821936dd45ae1694f20e8b03740b33630b7567e3025fbc430f03bfe50ab017518d98c6e60a4832c5cdf23ac87219471228ffbc6b041e4cfaca690cf65b63f274e5f6d27ec24b23491c0fb25caff2d7d551537e300570592c473e4f82f5e9b7be2624ce19eada84fdb37e9768405396c84d9795016fae578c153589ce2ef4b42be9da326f237a2eaf9f301e97df68c16c487dfc7a359e1377a368e01bebf1e87428d1bfa1cc4d39c126ce7689064e848763837d667b8483c67129740348a6b73e236a5623c1e39567fc7ceb5fec2e61d8df4fac052950deafadc6ef3867fe1b0d34f431cdb5ce68be9631baaacb4167d722474372a285da244afed5568b8a493398e84a40b35e7e461354186e11796735361d7fd8e46b08f337baeec81f45e02c07b63d0309e7ba1a37440da51a8dd8b93f282393796370b5e8952929f25a67345098fd266e61f4f8c462687d8dfc35de077b38ed36d3a2ea869f1548054452c09eae1ca5b01eb2d8c049d58e34dd469b1928fba87d6f662e303f46d902c86e0e2a5cccd92a0dfe80a9b7617391958030b539139879691b858350809dcff4090842e02fe39b83aa91a82368942accf33750ff798c655162782575a073974ff10609fe2b5956b77c957b6056cd7be247dbb5f9ef7cde3f345bead2a9f21a9812c883c1e0df43ed8c3b7bf212730cf652d6e5571ffd84c9a13e7215d3462cbb9770000ca45e67d51673e98935820f3c093045addfbafb65d921daa43a1489669dd2f16b1848a867f8f29dfa1807f6511436fc789985040cf9317426cee90f73e0c1071731af500a4505b9f916beb4f135049d8b376f5affa8aa0207cb9a95e71bc7f74e488e8b5d6894f901a2895348b75e4606911f056c51b1ec802ed03e4c3ed423d01f05e0b02534206b07c8e249ea96fde6b7c0e776f8b8f9a6bdbce7841a763787a7d5e39ca2278545bd209097d95a6bc1102563f4bff1dfe7b65e8dd28b295c1f096466fa5f25e6bcdde0c73e184eadaf0f9b07be4381db052e75b2301e21a5e86912e6fcded38c096a895aec045b46804c166d67553f946c1e0e74e57a8ba8a4f8dc4ace9ac80cf89ee994a1430b038d731fd2ebab979d6d9c7e38b67a2caaabc1a19e90ddd59ec6041632eb3f7d12ad604199871796c97d328006016e492b2e365f536cbb9f633ec19a3a774b13185a89d4253a3e9ff48f5f92490e24cdfce7cbfabdc945cc0e1a65ed040d2c41e567173ce98450a04fd7d9b1cf3374bf1473199b06cf769905fa25496e16f56dfc5763886961661dc94994fa23597e3b2ffb1d2622ec7fbd2b52144bb92d6221e17064eeb9868728c69a8db264f36867f87876c03416dd703ba565eb3bd47d944257b786d3dd188f653d85d0b9353c329b6a7829a8f64eed493c78c01b4270c36ab980d27c027262340ca72a7d63f4473b6673e7aa17f90d530cf038cb681ccb7b22316e3dad36b03dad6c362985b75d093ee6d9d74f8116f7e42b1860708220269a28afd0d2ecc8a848b81ebe55b3c34f037ca42f25c28398dbf03f8658d843a03b2bcb2904ab3da54674fe55d1e75b1fbca8f1b94bae28292a115ede424e7a7bcc92c76096eb2070382eff53a1d01dacfdafcfa4d286eeaa67efc012e36a6137be081da80ff0fabfc4e324bd4ed80c852df6c382be671016e00859fb585e1bb6675a6825db8671c4f6ecba22c4e5596029fef04c221b703a6913e0fb1c41ae7e99978c3c95d8b9f05a85a4376aa8a174615da836f90138fa6d06781a93cc3a29533b5fa091bf388406f9605425b8a85b129f647f2e39f7a7e12d37c256be50185b8bd7dc5a09c8e5196b7e1b569168ea7486a8588cd32d7d0b9e336431c464fc08c9ee881ad15c1c2669ed487e9238188fad1facbfa678d202c2130ac2a0fa439b19ea1b746566efa6da651500e480f899176699b3cca826442009af98ecfad882dc7bdd54d33b95b5a85a05487ee9264d6e21683e7c89e6745e61ea931ef2cb1d4f4956bc79406bdcf7e5c1713c959f7e0d6b8a53af6429815f1dac0861f0571ef22bfdc15e5baf6672415820264af3725218216ba7948c3ad3e0b74f16cab08766e8849cc26b58042ae3146fdb662188249e4bb32edeb425a3f3bb3cd894f8e7e9c7099d16ca828f6729d198cefc2536795e4c105eda8a9842a28db6479a18b00148fb0656f0923593923b2aceb6c88f1bcfeea9da357e5af4974298fae3c0a20b5a75711c385b02ec4768a0646fcf643262d4c6f82a9894f6753fb9320ce1996229121f11ea85793d4f76ff19ec60c772c4020481b863dfefa5dd21dc5fb33a074513d0740a45928a499f56e5e629bf6ca3cb6e6bdb2fc0ce08ca977895734eed3ef4450714c"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x80000000}, @ETHTOOL_A_BITSET_MASK={0x26, 0x5, "c6c1c8e4ea9c4dcc0bb392660358144aaae7fb4ff835371acf000ab67abe97785c0b"}]}, @ETHTOOL_A_EEE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}]}, 0x1144}, 0x1, 0x0, 0x0, 0x48811}, 0x40000)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x80000, 0x4100)
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x7f, 0xe6, 0x3})

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x8, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000040)=""/135)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffc000/0x2000)=nil})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000080)={0x0, 0x8001, 0x8a85, 0x400, 0xfffffff9, 0x75cc, 0x6})

05:55:12 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x220101)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x30240, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000000)={0x1})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000000)={0x65b, 0x401, 0x0, 0xfe})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:12 executing program 3:
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00')
syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x2000000040000400, 0x214641)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000100)={&(0x7f00000000c0)=[0x5, 0x8, 0x5, 0x7fffffff, 0xffff8001, 0x6, 0x6], 0x7, 0x0, 0x0, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x3, 0x0, 0x3b2, 0x0, 0x7ed, 0x7})

05:55:12 executing program 1:
r0 = socket(0x2b, 0x2, 0x5)
r1 = socket$netlink(0x10, 0x3, 0x12)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000140), 0x4)
getsockname$netlink(r0, &(0x7f0000000080), &(0x7f00000000c0)=0xc)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000040)={0x5, 0x0, 0x2})
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)='devices.allow\x00', 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_ADD_MAP(r3, 0xc0286415, &(0x7f0000000180)={&(0x7f0000ffe000/0x1000)=nil, 0x9, 0x4, 0x2})

05:55:12 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r1=>0x0})
r2 = accept(r0, 0x0, &(0x7f0000000340))
ioctl$SIOCGSTAMPNS(r2, 0x8907, &(0x7f00000004c0))
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f00000002c0)={&(0x7f0000000200)="d814fc050537f0aa05eb3a6296b13b22c0daf190dbc935bdf7775d368009e9a81c05293deb33b0b5932e4a104eedb0665c6c7e9549f37d179355920858268b723bf783de8a79ff97c4f40a2ff63e85ced17062cafb8fb809a63e6a6ae2083e0aeb1562859da10073fe7e6e2affe09cfde31be87c5234c195358fb3e5529ac3a9614de65528719444c76372b5a04844b49c103ef438e344792d54", 0x9a})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000000c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r1, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB="5a789081c1010bef111e33de05e575669395d06c22da1b67df60f305cb2c70a4b2dcdd19edc6b2eb698c75b153a3217a063dde51a1d934c7f709181e6dbeedbbd3b0ec409fbc1251ef1e0b0e0fa30fe8b2efd2a4c5bcd3f0538e0e4ca08299778adb2d32bcf79b07c66363695de81491e31bf1a41f0a6b033ad9b910316f15c0b79a0bacee7e7039e6af87cd642fc84461585087a4a26bdc52fb4116fb64f62130da10cfa7a8311fd7922b2f37ce0e3a6642d6ccca794cef9a92cf4f3c35e482868eaa565aad4fa29f68039098c712bd3d7c033ae711"], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x402800)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x80, 0x7f, 0x8})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
sendmsg$AUDIT_SET(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, 0x3e9, 0x372, 0x70bd29, 0x25dfdbfd, {0x50, 0x1, 0x2, 0xffffffffffffffff, 0x3, 0xfffeffff, 0x9, 0x8}, [""]}, 0x38}, 0x1, 0x0, 0x0, 0x400a001}, 0x2c040080)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x41, 0xed, 0x6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000280)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000002c0)=[<r4=>0x0, 0x0, 0x0], 0x3})
ioctl$DRM_IOCTL_MODE_SETPLANE(r3, 0xc03064b7, &(0x7f0000000340)={r4, 0x1, 0x101, 0xffff, 0x0, 0x55d2, 0x6, 0xdef, 0x3de40000, 0x2, 0x60, 0x53})
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000200)={<r5=>0x0})
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000240)={r5, 0x20})

05:55:12 executing program 4:
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000380)={0x0, 0x80000, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f00000003c0)={0x7fff})
r1 = syz_open_dev$dri(&(0x7f0000000440)='/dev/dri/card#\x00', 0x4, 0x200081)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000480)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000004c0)={r2, 0x80000})
r3 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x6, 0x1)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040)={0x0, <r4=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f0000000080)={r4})
r5 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f0000000240)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x5, 0x4, 0x0, 0x14800})
ioctl$DRM_IOCTL_MAP_BUFS(r5, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000002c0)={r2, 0x80000, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000300))
ioctl$DRM_IOCTL_GEM_FLINK(r7, 0xc008640a, &(0x7f0000000540)={r2, <r8=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r6, 0xc010640b, &(0x7f0000000580)={r8, <r9=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, &(0x7f0000000340)={r9, 0x80000})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x218000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x9, 0x141202)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080))

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1f, 0x129700)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000001c0)={&(0x7f0000000180)=[0x80, 0xff, 0x1, 0x81, 0x7], 0x5, 0x5, 0x7, 0x9, 0x9, 0x0, 0x4, {0x3, 0x22ea, 0x2, 0x100, 0x4, 0x1, 0x2, 0x0, 0x3, 0x3, 0x200, 0x0, 0x4, 0x40, "51c07b4bcc0eb196f1ab8501acfd7c781e21572080e98ba1ef1c475cafa631f7"}})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000140))
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3, 0x41cb80)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x100000000000, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0xfffffffa, 0x4, 0x7fffffff, 0x6, 0x6, 0x8, 0x1000, 0x3, 0x4], 0x9, 0x180000})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)={0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_ADDFB(r4, 0xc01c64ae, &(0x7f00000001c0)={0x4, 0x0, 0x3, 0xaa84, 0x3, 0x149, 0x400})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
socket$netlink(0x10, 0x3, 0x8)
ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000000)=""/123)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
accept$packet(r1, &(0x7f0000000240)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$BATADV_CMD_SET_MESH(r5, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r6}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x7ff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004804}, 0x40000)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$NS_GET_NSTYPE(r1, 0xb703, 0x0)

05:55:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000000c0)={0xde9b, 0x7, &(0x7f0000000000)=[0x8, 0x946, 0x5, 0x2, 0x25, 0x20, 0x81], &(0x7f0000000040)=[0x6a00, 0x0], &(0x7f0000000080)=[0x6, 0xffff, 0xff, 0x4, 0x0, 0xff]})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:12 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0xff, 0x10000000, 0x101, 0x5, 0x7fff})

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000300)={0x3, 0x0, &(0x7f00000002c0)=[0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000240)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x3, 0x2, 0x4, 0x0, 0x1})
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f00000000c0)={0x56ea, 0x1ff, 0xfffffff9, 0x7})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x1024c, 0xeb56, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x9, 0x8003)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}]})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x10140)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x3, 0xaa7})

05:55:12 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x109080)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0], 0x1, 0x80000, 0x0, <r1=>0xffffffffffffffff})
accept(r1, &(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast}, &(0x7f0000000180)=0x80)

05:55:12 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xfffffffffffffffa, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000140)={&(0x7f0000000100)=[0x80, 0x1], &(0x7f0000000100), 0x2, 0x80000001, 0xcccccccc})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:12 executing program 5:
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x3c, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x10000}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffff552}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c084}, 0x44001)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r2, 0x80386433, &(0x7f0000000180)=""/199)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
getsockopt$inet_dccp_buf(r1, 0x21, 0x1, &(0x7f0000000080)=""/130, &(0x7f0000000140)=0x82)

05:55:12 executing program 4:
socket$inet6_udp(0xa, 0x2, 0x0)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, &(0x7f0000000280)={0x8, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000001c0)={0x0, 0x80000})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x10800, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000140)=[0x0], 0x1})

05:55:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x2000000000000008, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0xffffffde, 0x0, 0x4})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:12 executing program 3:
r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
shmctl$IPC_SET(r0, 0x1, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x3}, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff})
r1 = shmget$private(0x0, 0x1000, 0x100, &(0x7f0000ffc000/0x1000)=nil)
shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x4000)
shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x3000)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:12 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r1, 0x40046205, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000300)="dd"})
r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000000c0)=0x14)
recvmsg(r2, &(0x7f0000002680)={&(0x7f0000000140)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast}, 0x80, &(0x7f0000002540)=[{&(0x7f00000001c0)=""/109, 0x6d}, {&(0x7f0000000240)=""/182, 0xb6}, {&(0x7f0000000340)=""/191, 0xbf}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000002440)=""/103, 0x67}, {&(0x7f00000024c0)=""/114, 0x72}], 0x7, &(0x7f00000025c0)=""/129, 0x81}, 0x2000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000002700)={&(0x7f00000026c0)=[0x8, 0xbeb], 0x2, 0x800, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000002740)={0x3, 0x0, 0x2, 0x1, 0x8, 0xffffffa3, 0x10001})

05:55:12 executing program 1:
socket(0x25, 0x5, 0x1)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:13 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f0000000340)={0x0, 0x2, 0x4})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000040)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=""/51, &(0x7f00000002c0)=[{0x81, 0x30, 0x1000000, &(0x7f0000000080)=""/48}, {0xffffdd32, 0xf6, 0xfff, &(0x7f0000000140)=""/246}, {0xfff, 0x57, 0x6, &(0x7f0000000240)=""/87}]})

05:55:13 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x40200)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000000c0))

05:55:13 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x1210c0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000100)={<r1=>0x0, 0x0, r0})
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000140)={r1})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)={0x0, <r2=>0x0}, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r2}, 0x4)
r3 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000001c0)={0x7ffe, 0x7f, 0xaa3})

05:55:13 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000000)={0x0, 0x0, 0x0})

[ 1547.871942] binder: 27617:27621 ioctl 40046205 0 returned -22
05:55:13 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040))

05:55:13 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x80002)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:13 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xa0, 0x2e8001)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000140)={&(0x7f00000000c0)=[0x5, 0xf61, 0xfffffffd, 0x20, 0x7351], &(0x7f0000000100)=[0x0, 0x0], 0x5, 0x4, 0xfbfbfbfb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:13 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x1], 0x1, 0x800, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, <r2=>0x0], 0x5})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000240)={r2, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})

05:55:13 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = socket(0x22, 0x5, 0x5)
sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000002c40)={&(0x7f0000002740)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000002c00)={&(0x7f0000002780)={0x45c, 0x3f3, 0x0, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x34, [0x8, 0x7f, 0x8, 0x9, 0x0, 0x5, 0x3, 0x8000, 0x1, 0x7ff, 0x3, 0x1, 0x1b321f8f, 0x5, 0xffffffff, 0x4862b08c, 0x3, 0x10a, 0x80000001, 0x7, 0x8, 0x401, 0x33, 0x1, 0x0, 0x8, 0x7, 0x1ff, 0x6, 0x9, 0x260d, 0xfffffffc, 0x10001, 0x5, 0x20, 0x5, 0x8000, 0x900000, 0x0, 0x2, 0x80000000, 0x3, 0x2, 0x0, 0x0, 0x1, 0x9, 0x0, 0x2, 0x1, 0xe7f, 0x9, 0x2, 0x6, 0x9, 0x1, 0x1, 0x8, 0x7ff, 0x101, 0x6d, 0x8, 0x81, 0x3], [0x2, 0xb5d7, 0x6175, 0x20, 0x7fff, 0x0, 0x4, 0x33, 0x0, 0x4082, 0x7, 0x5, 0xbc, 0xffff8000, 0x101, 0x2, 0xaf2, 0x7, 0x80000001, 0xfffffbff, 0x63, 0x0, 0x101, 0x2db, 0x9, 0xffffffc0, 0x777, 0x5, 0xfffffff9, 0xf8000000, 0x0, 0x6, 0x8, 0xac3, 0x8, 0x0, 0x1ff, 0x0, 0x60, 0x10000, 0x6, 0x80000000, 0x3, 0x3, 0xdd8, 0x3e8, 0x10001, 0x9, 0x0, 0x80000000, 0x3, 0xfffffff8, 0x6, 0x101, 0x1, 0x7, 0x9, 0x4, 0xfffffbff, 0x1000, 0x0, 0x5, 0x7d2, 0x4], [0x3, 0x7fff, 0x9, 0x5, 0x4, 0xffffffff, 0x4e, 0x7, 0x8, 0x0, 0x71e3, 0xc600, 0x9, 0x8, 0x1, 0x80000000, 0x8, 0x80, 0x8, 0x4, 0x18f9, 0x400, 0x40, 0x7, 0x9, 0x9, 0x8, 0x10001, 0x8, 0x3d1, 0x7, 0x10000, 0x6, 0x7fff, 0x3, 0x6, 0x3, 0x1f, 0x6, 0x232, 0x4, 0x3, 0x66, 0x2, 0x9, 0x200, 0x8, 0x4, 0x1, 0x6, 0x0, 0x7f, 0x1, 0xaad, 0x4, 0x1, 0x8, 0x9, 0x0, 0x3, 0x1f, 0x9, 0x21, 0x5], [0x1, 0x7031, 0xfffffff8, 0x1000, 0x61e, 0xc1, 0x7, 0x89, 0x2, 0xffff, 0x800, 0x820, 0x530, 0x7, 0x7fff, 0x0, 0x4, 0x8, 0xc4c7, 0x8, 0x7ef, 0x5, 0x1, 0x7cd0, 0x4, 0x401, 0x3ff, 0x9, 0x2f65, 0xb7e, 0x1f, 0x7, 0x6, 0x2, 0x9, 0x80, 0xd20, 0x80000000, 0x7, 0x200, 0x48390e7b, 0xfffff800, 0xc00000, 0x2, 0x5, 0x6, 0xfffffff8, 0x4, 0x44e2, 0x8001, 0x401, 0xfff, 0x4, 0x6, 0x9b04, 0xe28, 0x10001, 0x401, 0x2, 0x800, 0xfffffffc, 0x80000001, 0x8], 0x3a, ['/dev/dri/card#\x00', '\x00', '/dev/dri/card#\x00', '\x00', '$(((-*\x00', '\x00', '}}\x00', '/dev/dri/card#\x00']}, ["", "", ""]}, 0x45c}, 0x1, 0x0, 0x0, 0x10001}, 0x800)

05:55:13 executing program 2:
r0 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x94, r0, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @ipv4={[], [], @empty}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x13, 0x7, '/sbin/dhclient\x00'}, @NLBL_UNLABEL_A_SECCTX={0x20, 0x7, 'system_u:object_r:cert_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private2}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x1c}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan0\x00'}]}, 0x94}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:13 executing program 4:
ioctl$EVIOCGKEYCODE_V2(0xffffffffffffffff, 0x80284504, &(0x7f0000000000)=""/237)
ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:13 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x9, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000200)={0x4, 0x6}, 0x4)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x8003, 0x7f, 0xaa3})
r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1ff, 0x8000)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000300), 0x4095, 0x0, 0x0, <r2=>0xffffffffffffffff})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000280)={<r4=>0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(r3, 0x40086424, &(0x7f00000002c0)={r4, 0x1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000300)={'batadv_slave_0\x00'})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r2, 0xc01064ac, &(0x7f00000001c0)={0x2, 0x8b, &(0x7f0000000100)=""/139})

05:55:13 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3, 0x40182)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000080)={0x0, 0x3})

05:55:13 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_ADDFB(0xffffffffffffffff, 0xc01c64ae, &(0x7f00000000c0)={0x7, 0x3f, 0x5, 0x7, 0x3, 0x61f, 0x8})

05:55:13 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000340)={0x6d, 0x0, &(0x7f0000000280), &(0x7f00000002c0)=[0x7, 0x616, 0x2, 0x5, 0x1], &(0x7f0000000300)=[0x20, 0xc2, 0x8, 0x8, 0x128, 0xfe00, 0x1f]})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x80000000, 0x2)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000200)={<r4=>0x0, 0x0, r2})
ioctl$DRM_IOCTL_GEM_CLOSE(r3, 0x40086409, &(0x7f0000000240)={r4})
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x10, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',dfltuid=', @ANYRESHEX=0x0, @ANYBLOB="2c6c6f6f73652c6e6f6465766d61702c76657273696f6e3d3970323030352e4c2c6d736978653d3030303030303030383065766d61702c61636301feffffffffffff6e742c0000000000"])

05:55:13 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_SG_FREE(0xffffffffffffffff, 0x40106439, &(0x7f0000000000))

05:55:13 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000000)={0x0, 0x20})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)

05:55:13 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{}, {<r2=>0x0}, {}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={r2, &(0x7f0000000140)})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000080)={0xd3, 0x10, 0x0, 0x4, 0x1})

05:55:13 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x40043)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:13 executing program 3:
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0x14)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000180)={0x7, 0x200, 0xe5, 0xd2, 0x14, 0x5})
r2 = socket$l2tp6(0xa, 0x2, 0x73)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x810, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@privport='privport'}, {@msize={'msize', 0x3d, 0xfffffffffffffc01}}], [{@permit_directio='permit_directio'}, {@pcr={'pcr', 0x3d, 0x1e}}]}})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x7fff, 0x0, 0x2})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000040))

05:55:13 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x800000, 0x80)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000140)={0x7, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}]})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:13 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000240))
ioctl$DRM_IOCTL_MODE_GETFB(0xffffffffffffffff, 0xc01c64ad, &(0x7f0000000280)={0x6, 0x5, 0x4, 0x2, 0x2, 0x7, 0x3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r2 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x20, 0x80100)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x1})
r3 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x9, 0x103900)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r3, 0xc04064aa, &(0x7f0000000200)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[{}, {}], 0x200, 0x0, [], 0x4, 0x2})

05:55:13 executing program 4:
r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x5, 0x12000)
ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000100)={0x14, 0x0, 0x0})

05:55:13 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f00000000c0)={0x0, 0x3})

05:55:13 executing program 1:
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000040))
r0 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000080))
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000140)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_ACCEPT(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r1, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}, @NLBL_UNLABEL_A_SECCTX={0x2d, 0x7, 'system_u:object_r:public_content_rw_t:s0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x11)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x4, 0xfd, 0x8, 0xc35, 0xfffffffa], 0x5, 0x80800, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000300)=""/42)
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:13 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x10000000000000, 0x101000)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
getpgrp(0xffffffffffffffff)

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f00000000c0)={&(0x7f0000000140)="ce33a8b5ccc0b76751820f3903fc08a68ffff0d8a6082d3463a4b9fd802588637bfd1c61fec40f7f5e10de623a37707f40671037a916a12e2d16b0379e4a46eea34c51", 0x43})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f00000001c0)=""/58)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000200)=""/154)

05:55:14 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x3, 0x640)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r2})

05:55:14 executing program 3:
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000080))
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000040)={0x2, 0x0, 0x6, 0x0, 0x7ef, 0x5, 0x7})

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000000))

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, &(0x7f0000000000)={0xffff, 0x4, 0x8000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x1, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:14 executing program 1:
ioctl$DRM_IOCTL_SG_FREE(0xffffffffffffffff, 0x40106439, &(0x7f00000000c0)={0x8})
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f00000004c0))
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x100000000, 0x402440)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000080)={0x1, 0x97e0f7a, 0x1ff, 0x8, 0xa0, 0xff, 0x2728})
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000500)={0x40, 0x8, 0x401, 0x9ca, 0x20, 0x1ff})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000140)={0x0, <r2=>0x0})
r3 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x101, 0x171000)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000440)={0x9, <r4=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_UNBIND(r3, 0x40106437, &(0x7f0000000480)={r4})
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000200)={0x1, &(0x7f00000001c0)=[{<r6=>0x0}]})
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0x80, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, &(0x7f00000003c0)={r2, 0x0, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r8, 0x80f86406, &(0x7f00000002c0)=""/216)
ioctl$DRM_IOCTL_LOCK(r5, 0x4008642a, &(0x7f0000000240)={r6, 0x24})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000180)={r2})

05:55:14 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x9, 0x0, 0x2})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f00000000c0)=""/57)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000200)={0x6e0c8000, 0x58, 0x0, 0xff, 0x6, 0x8, 0xb9})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000140)=[0x40, 0x8000, 0x8, 0x3ff, 0x0], 0x5, 0x10001, 0x6, 0x4, 0xc4b0, 0x3ff, 0x6, {0x8, 0x2, 0x3, 0xffff, 0x6, 0x23, 0x2, 0x12, 0x0, 0x2, 0x800, 0x2c, 0x6, 0x0, "7a451f9b11812f83eed9f2161243d40afab249c9e786729504461c73a8c22c4b"}})

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000080)={0x0, 0x7f, 0xfffffffe, 0xff, 0x4, 0x3, 0x8, 0x4, 0x3, 0x8, 0x20, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x2, 0x3, 0x3b6, 0x0, 0x7ef, 0x5, 0x19cbdf98})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000140)={0x200, 0x4, 0x4, 0x80, 0x6})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000040)={0x1})

05:55:14 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00')
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r1, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xd1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x401}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40080)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1000000000000008, 0x602901)
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f00000000c0)=""/88)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000080)={0x9, 0x0, 0x7, 0x4, 0x9, 0x5, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0xfffffff7, 0x480, 0x9})

05:55:14 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
accept$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3, 0x200000)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000040)={0x0, 0x1f})

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x5, 0x103600)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000001340)=""/242)
r2 = timerfd_create(0x2, 0x181000)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000180)={0xffffffffffffffff}, 0x4)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001300)={0x4c, 0x0, &(0x7f0000000280)=[@reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x48, 0x18, &(0x7f00000001c0)={@fd={0x66642a85, 0x0, r2}, @fd={0x66642a85, 0x0, r3}, @flat=@binder={0x73622a85, 0x1001, 0x2}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}}], 0x1000, 0x0, &(0x7f0000000300)="d104f5442359b87dad3c284c0a59d6ba1ee9ed46dc69e0817cd3af0e276e51576b641a311649d1a5df34e79d2d71325d2d20d52656e033da579754295754e9f65c536e66bafa34192b08e03b86ef4009b932f4220112e7178a9e551c3165499071affad88f9d1431614f7150abc4239be3d0835c78e2a017ee0eaa3dee268de254ef522a45dbde9c8786d1a40f6496cfa5ea83b9512adaf8f1fa72c22cc947a879f9fc2008b8a4e3f8b67ecedd56c95945484645200ac33b3d05a5864761d2576be5d9770f24e9ba9c977d97d0374bb63e7194de9dd4d4680032654a7a3b49978a589601cef22bbdfd4bbc7e24fcc6a0619344d0473fb7b1505137775b4359de4dec686c04d85f9a00c19e1a5e54857763ba02bbaf5989f45e2d8139e295add989929a1f211d790ea142a52a95376b28c0a42a874c74f6861574642751a77e2b051944132a54510a90de4b9dc9fd11d2e84c123ccf7b03ac2ba1f271ace59e7efef1016f8e6fd034da4ec8353c866929dc43950aa06de52b0d850212a19b093df9f9f8126e3b833ed71ead9a38d6a754e06e2d61cae9f5098d1e07cf488c21a76d26c076e96b5c58bebb52054623160ecb3379ab3dc142210471867a14116ea78cd21ed825785bef7c645cfe863db205d97bad191d606ef39a834c09afc4a3610a30d577b3f34fd6ca7f6fe8707a7d7aa0d5c95ff02ad5b35d8c5cd660e7edddf5b3fdf71dd7e84e07fcbc9ef5541b567a41cdbfb71d029eb6d1fe4e995667eaa4c3afc1c8f4c3e5bfb335edc811c14e303bc7f278ebb8288742427e7dd67413836c225f4572ddc68d40b4c80628ac0a66b6cb5f8b332d056ed58353907693e2d7dd91359588f8b1e853edfdcb839fbc68ec37ded86ff04c07895defa38dddd48ef675ab547213c45ff4223084d4f8375ece204ff3a115dbd52b4804ee22cc04a74fd4e75bff0321116e598ebf8996dbda6249c288d183e6f713d8836b90b387bec50c094852f3a37075c2313e37ac51780f2e96bbc5904afe27a24b24142007f52ca6f3f4fbfdf6796b275c6d4594494b8de927a28deb41d03c419cb2b723f6749cf5d217950dce6adb5b3a2c294033263cf91d02e0122554ad8203ffc8ab873b53b8dde4a1d79e353369cf85e40da65c39a24c959d5dc41725feb02912a84ca7c73d95e4a4a8b67343c0667a4477d5a6c73d699ffc232e18c4b80f0b6007faf6ce22cf38eace2dc60df0e1a816eef79dd999408f1f7c56de6a8cd092785d294e030c58fb517d918eadb3f2270eb69e79b87ec1204bf82938c31b73d802fffd50a2e14aa344aca5ba21c9110100f5b551ba8ba3625fac2ec204df06735d0894ccdbd1d83158055d35bf48140ad4b990cb53d0ad762e7d0028738764cc4874a54b70229dd13e046768acc1db21cc680075228d71dcea048a15813a70e88fec02700c04d293fee5aafc234288bfc8c6ee2aed47339459b6123ff0556f4b9ad1cc0544151e965dd08f8ab0ac0941b2ce8502e86cd63d53947122823c1893294617d631b15540e5732743870d6e2aa68d482171262ebfb9580543cf19204d68216d88a4bf5b40884b2b2ad463ae6427b6813bc48edaec3a8884ffc55b89370f0193bb4c9b623552043c0a145855e154c78e6416f58444b47a04d3d02b31c99b21390b9b18c334fe11866aed8c229c850c66b41c026d7ed0491b7b3d75598895e3cc93e2ef202b5b109581af01ab8a1319708104b9aa4722a50ce792afeca2e7a9478740ff241f8af2ddf54ba40c38c57fd2746bbf153fe719da92b0b0affdeed1104f490ae970df0b16f96f0ffafa7e6ac664bace8ca316e4dcbed4a6ad19735084b337f7908687fd2687012194a7f7ec49dc34dad0e326a7cfb62cfbd11e62b9c3b2a9dc61d13a490ddc49deaa5d287391a5bf5953e22c2744648523c0264d9d01e517443dc3cd88c2e19e09464a8e9c48a981c2c13c53ad9fd9add8627610aef1d5f3a1737bc4d9beb86894e16e45b55ecc5d9931ff92161c6108c481678aa06e55a2abd929ed6aed489437a6754070c8014805b7c0582c2a4a22fd9782a37f0334d7ec3a574cfe10286b1e1d70778c80a52c237e3fa8b1ef000e809323e73c68738d5db5fbc4b433b99a84d6fb5886220005021f7018b32ba011bf7c0f38c2cf7556b66359eb8dd4fb5bc2b2b0f3a323cadaec6d481c0dcd1ad9768357021337a2369200e5a9741a9c07e9b182d3031cd783e56dbe0388269a0f65eedc1c9d37bafed1ac0ee78d107b77081d9d86622ee5401ab84cd6c55f8e17bac63a492ae39da992ec51c8d72368a60de389ec3cc8ef2d4bd89779dfc7b2360d55e11b5aa18cbea0581f0de2384f85b61a154495b1da41c9dfc60f35fb40f581280ab55c8b907db2da1673b95aa36f77ef28f5d3c2e07bd06a9381f2adbd61b4850f97adf96dc0a4453f0b8356feadd061bf3824bac7c3b1d974e0d1fdd584f5562d720a47cd408f58d144e4bb03586361e8ea75a17e6812a16975c98803e5cc4e711d9291be18c8361d829e1d192c335b011b9e77ec77c33433a307091171b54a4793bf3606bafb17c859b28f7d1c8400967173943b5ce0da228ab65bac4bf38b992b1b8a5cd6a804f8b1e17e713e1c9eb35bef11a37913109428c220c12b27060c6f97b278f0298b9857edbece9d11b445a5108f9e6c36360236a595f80f542757da70efffe6bdd16095a067c9d4cbb54dcd6537d6678e837ec7dc99654b56d57cce08485ab6a39b1a101c12451fa0de517d46024be9d095073db81ddfc72f9d3cc5f6b8da24b994381b44d44cc7a8fe13abe0577b2f82e098edaa5d03d71047726d2af9ae69362c9d4e9e8a666a65649be2d1d7a566718feae86146c3c8dacbec8859cb4329423b8ed463121c3b8c428fe2e593dac3d0888e49ace84016c4b5ff801fd34ed8b11a8132b32f752f8f26c2d414656329393bc07948b29dfdafa7e8d2d9e6219911dc9fd7bd70f63121eee41f4e1b905ef6181cabdd828f31bb2bd6762b646759dd6dfc21fcbe7b83ded8f9af92618d645d72a7a6240897442069b758dcb2c6306c1bdf7650419ce1c0d6fa5af64873e4547cd5e9bb3a772fc2a7d1ea051f35a7149d6b0cd857106d69f45bdffdee88746fef72e06fab2a00e5da287c61e4acddd5225ede6120c4edaab989788de5e625fd510e17e3f70b5a1c891a6d4d6c151b88a1ed7b25fae2baf1258c071e053b7849fd3cd349df7fe8937019f86e615458418803a44204b53ab702c0c04a39461494d5bd81822073d1c09bda3cdb53537e090f9412a0ab96117883ee243be796ffb126fa523089b46a85bc99cc1ce1a5f3810b80a4354c0a015f97925e73584f343b7b52695fc155c27f930b76b00c335995139abac9f7afc28dbc4775ed17dc2a8d1011042a0e2f31ce256bb9e6991c887c25cb5a35a1241c45b7da2aed180ea60b8fa595d1fc8d8f6d590215e5521f1ce94c2eb6672d7993cd7603c0fba89949b8a8c62d2c998338737564f29176deb2ff0747609f3e493cb52b7f380bff51e213d85803735a2f18140193fa688dcca4f75ee6af7faccbd60f69577fa523d4a49f0769ca148a46398f6ef4945079bbdf13630d59e68ffe1fc6e4ee60faba4b25ed48c6bbc221cce5d8f4c8b779255e00a9cdf10155cee81ccfd347ba935782d65fa1fd3e6fa382a758eaf1181ee950cd2c4e7499dc96f41acf219f6aa4c14817826cf3e1eaf914e5cd4b20ec29b782926fca50b57b7cfce2040e75f10a8ad003e1245d47a3090e73788c3d66483bef8d450f42c434a03dbe5890fa801e4ac256c43c9f130cd39fd4c32e89b4110fb22082aa666305c72dae7e5178503175b1153505f70c38f65e34bea4ec2e24630176b7b5c9c3eba81c62106c25f7541eda3c24a7ae6c6836836aa56c845cebd130bdfdf34ea845103cefee0f5c8942dc722021cd47a2eaf7db8e7de0545c9edacbe8420a13412224f7af2eeb4df283d8ed2bcf86437c04108fe4faef604f45a69721474b2628dc860f769e616d559c5f4a5c52b7e5d4f8602804a5ea419427a9730b774c1d2239525d74cde5f2101d5a629aca6821be795c7e878ae9190eccf81989a0851035e6a034cce78e0b6b2670cb17682d4bd3d6ef4dbc7edf4b51445e09d9137636fdf23a1a87f766b1784ddf3ba0b44062724ee80bc37bf15d1661c43d446144e1d56017d5fe6b568dfd0c6143ed9cd413c6245b8aad4189c8295d64ce4729cfc0c004e7b9ebf10519d946008e8f87c8b9f4d11bdaea877c260c9071a75762f001e30d8c53c82180977174fa783b4da38820a4d2a0aa49f12542db61f85b6c5083afcf638aa90580a0500437248390093840daa55d6b2492ddde68618bed3316e6e2ba4d4d440f79286c4f9688abf99f4f9a820b9e2378325bd6e2690342ba38666480c436386efc69e6b8fc4e1212e11731ad7f8cede2c27a4389d93a76fdd8c1084e787c456b794913c8171e07d16641d256b2860cc1af458490847175e4592ea1a1be0b1d90c599dea8c734687b10b4a6a074e17372e97fd0629ead68ef29da3e094302dae41b5b01d7a9dbbfb05425ccce75fca2498c42b6b48ef3b3b7ed8a8e43213d8fbbb77bd2b32e68b06b871764ca125b32782e6c6215358ed39eca8ced950fd9327b81fc445652c76b9402040eb7ad6117f7ab34a881261bfae6b3068de8d2811efcc14256b88d772d61645cbca62e97494ef1afc5b306aedb395acc24e9f7076dd8498932fd439daf95e1824f193db7f2b193d5133d7f54869e484894aabffb8d33d5bb9eb25589240f01db505b5c53b418c35908c183e4901d25233956a52ebad82fb4fd1b770409fc4154c618dd5c7634ccc98fba5f386652f78f1d596528256e2e05e2e3dbe1c32cc92d2702cac3b107d25ac1881bd2acb59833eef9fee8ae5865f99d2ac43878d111e7539b88ca8dc4fd2927faf1327b45c1890b6d0341e33055f7682780a55be003c0607d90debb6e0708bf30bd077b27a284099ee49953982aa7ba4151d64213003ddbd6a0d35523d8985e08949628af76d764258cabcd6d84a8400ac413b7cffa7a2ae9727fc3a8c4ea9fbb87d4a0fd222560a45f1a884f67cbf5c6419535a3f34f9e3fc3e28feafe561aa3a49bffa097c590dc6c06d87248054a0eb6bba1292668ec664a69447e58179700abb0f67493b1aab4e6055835b9135d40e507759a5566fedfb310534db60e1d5ea765371fe3240f1465226cef5c381825420b3206a1921129f889a157c905e84be71d9bfb932eaeec390331ae70b812bdd62ee48dccc9e06d85ebcb71d2a88377643a3650931935cc17ce36060d11f13f18f804e28694e0bef30f029375d987ed98f589b40fa4621f89ae6e8008e6b1876426838cdc48257e80570b3d18fa0958efb9c66bed3f471ed97ab7707fd96f07e454477cd542a6d9212ff559b03b5dcffd78cba45a88bd4b26023b7a23979ece233840281486ef73009292b7bbcae12b551534ff30e0e4ae19f55d11e642ac6c6b0f2f01a4a57c3d3d84fe84a6f0867029b1a2552fb451bfe8696506c0aed02577d8125ad15057d94c30534ae47fc764eec040d066794ff5e621e89dd7e80b61fc57fa19a2323e4ccb58d300c57075987ac9a97a4e363dd12486bc771268b73dd40b2d9dd6e48a0a3fed1bf507787a95a2674b0ab0061f859b40c4fa25cfc4fa7c6d3778a5593213298e0202d09dcb51787f4bfb71a3ed46e7197d319857bd62ce5c2253e236a72de23ab540dbc96ecd59"})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r4, 0x10e, 0x5, &(0x7f0000000000)=0x1000000, 0x4)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000140)={0x0, 0x10, 0x401, 0x0, 0xb426, 0x0, 0x80, 0x6, 0x7, 0xe905, 0x200000, 0x1})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x4, 0x143040)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000240)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], &(0x7f0000000200), 0x3, 0x1, 0x4, 0x0, 0x59})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000140)="4639261f05d69b9496614e4c937fbc3246cef5d4116c3a2bfe64facd660f025e2d33add36780c7482558ed726c2cd478fabd7119610e502497aec34c1a0dd44c25c906f3eeedd1b17624764f4b0edb0bd66e2aba83e0dd27e18d8d353fa6319b3123d3af5021b8203936e9044ac1c485f020bf392eccdbf85b8bd6f6ba894f9d2234ac01dce92b45b52990424efb12b619b0eccc83a5f791c760b54933aa99eb87951c88faba361a5f5cd7ec786b43bd0dfcbab0645853aaabab8efa4c7a124fb108c483fda19b820c8c2196270218426df33e0433dc05999407a6efc6e8a7dbdb1078ffd1", 0xe5})
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000040))

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xfffffffffffffffe, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:14 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x2c, 0x7f, 0x8})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r1=>0xffffffffffffffff})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$AUDIT_USER(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="44000000ed03010425bd7000fcdbdf25a5eb671b259e2d2692c8beff39b96deb7a7de720f078571ebcf4cfad4a5c588adea8c0f0c23a20beae56d46c41f192f8d9000000"], 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x4000010)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000240)={0x3, 0x3b2, 0x8759, 0x1000, 0x101, 0x7, 0x29})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
sendmsg$AUDIT_USER_TTY(r3, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x94, 0x464, 0x8, 0x70bd2b, 0x25dfdbfc, "ad640b811d572225ca5c0a902439b60eed582c96952627b16b76656c63e2132e70d19afecba6a8be8252256efd9542a694252f54644007742579f6f3b3182158268ec105aaca5d85de3c87f119869854f099d64837c9a83bf9783f8ab74a1ae3f5677b5fb884f0b87bd0e229ac632c35e61e8f4026787a02ad8fd1cc1c2c1f26ec", ["", "", "", "", ""]}, 0x94}, 0x1, 0x0, 0x0, 0x880}, 0x44008090)

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000000))

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000180)=""/177)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000000c0)=[0x0]})

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x6})

05:55:14 executing program 0:
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002cbd7000fedbdf251000000008002c0004000000050035004000000008000b00010000000500380001000000"], 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000180)={0xfffffffb, 0x0, 0x4})

05:55:14 executing program 3:
accept4$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14, 0x800)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x18, 0x1402, 0x300, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x440c4}, 0x5)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x2, 0xffffffff, 0x30, 0x20, 0xff, 0x7, 0x6], 0x7})

05:55:14 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x7fff, 0x7e, 0x1000aa3})

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x400000)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x145580)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0x2, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000040))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000140)=""/68)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0x5, 0x2, 0x81, 0x3})

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffffc, 0xc000)
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000080)={0xc7})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x5})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000040))

05:55:14 executing program 5:
r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x3, 0x80081)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000140)={'syztnl2\x00', &(0x7f00000000c0)={'syztnl2\x00', <r1=>0x0, 0x2f, 0x3, 0x1, 0x0, 0x8, @remote, @empty, 0x40, 0x7800, 0x6}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000500)={&(0x7f00000004c0)=[0x436, 0x7], 0x2, 0x800, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000001200)=""/106)
sendmmsg$sock(r0, &(0x7f0000001080)=[{{&(0x7f0000000180)=@ll={0x11, 0x17, r1, 0x1, 0x5, 0x6, @remote}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000200)="f6991a7145da408bab6a77e4d11814652020f26679929237ad2b042f10e158cbb41a68496e26b716d5bfbe118bfc7d7f7527e464f797ff7ba14d274b9b987dc0fb62752c2fcb0d703b1bfcb4eb19d97344efbd596bb46f6f2eec24c0becf2719397dab79dd944b88487102b2ab29cfd6781ca91286b069dfe943098a455905922c80e8046c40e042e3b0f768c2d1063fb035dfbcc32d7450b0bcbd50ef7638b98b09e698198ff63da417aa23f06fc06e0440dc595a60907bca8995e5102e9e66692e26c85f4024c1db6e291490460eeaa80ebb53c8fb12e5", 0xd8}, {&(0x7f0000000300)="ef1fb0821c0a19983d206205dd9c878e09765012856ab91702f1e736cd03d3e7b466604aa984a02c4859ed22e51de992d1", 0x31}, {&(0x7f0000000340)="6c2e7101ca73cd1650351db5d721a6b7e33d05d95fc3fb40f6432e495b5136abb5d6453fa2ff7c140f426c55e4383c67f4e4e28bc7782608d115a019cdf45a1acfe66a600b6ed55f339f90803cbc603e526938a3d67ac3dafd313496ef1d44ad64a12b96311131", 0x67}], 0x3}}, {{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000400)}, {&(0x7f0000000440)="1603d4f42c69a6d05a49fb8e7bfdd5d575552d4c30a227ffd224d76fe3c47f95107d510cdbea1ad51a09dc2910cc1c399ca1140aac8a82b51676afd01de5d15ca6fc7cdb818b58ea", 0x48}, {&(0x7f0000000e80)="47d36ee3030e2ec98aa881f469487635ac36ec48fd51157ab38aa8afdf9d303e287c5a73afc438c7e3fd69d44e18baf9ffb2683676278a2e4845a5bc30992825d309c96aa384d6f8", 0x48}, {&(0x7f0000000540)="0e79c04a55cd862425f34419c2578b53cd0d9b9f6cbf35a2380628bd5dddf71a57af11602ffeff5ef80190538fce114530ca226a2072b2c091d5becfe55d38a01d23c5989fc1a10133106900dba5e5af610b9d17745154d0c65f735c9f1d680dfb88293563a7d07610627e09740558c94759a51ca233c8d866986ffa67cc8b2ce5481e81949726f9bed038ea815d183e13631bced8c288bc37c485ced6bdc04b5a48c13fca9bf938e555b7471af19ef713cb271929", 0xb5}, {&(0x7f0000000600)="bb4a794f0f038bea6a412d7e5b8ea1d8000f84f63335cb88c4d7193fdff77e3c2cf93231d13ee1fff9609b5b802e9fb414ffb9aad1e173f4a77965c3deea6f73d63ab604e388a8d62086ba2f0e3602a82fd3d1ab9e57732577e9e8e95fe613950fce02006c8b529d39f323cc8e8c70b8be431fc1fa7e40fcf7f436a06aa64e11e362baa85581b64812349e0a1f86d3fc6a1676ea183f4a5b863a0c57699c71096d62826aca4f72fb00972853ee95f80bb303654cbb6218a8033eb67391b5dd7b2be6a7beac74826dd88ac6fa01da7030cd4b7afac1e0f294fdfae9384f88f141c8a43b98f5f0337872b2f39b0a", 0xed}, {&(0x7f0000000700)="0fa1fd29a551819b498b7d572ee7e0a79c87814e792c2323dd725cd0e584411d35d24d4e443b6c32bbc58a280cd78b76ae7564b24363d7f28896fcf0afc3bcfed23d76843dad28fbd5146a788591fabbeeb0a1cdb57d6cf6a9bdf01593fccf41cf7c3733df651400c095570376e1a4e6ac3d029a3647d9678ec0601d9696d35b9260e37cb4f734027cd72461f50ae6e367837be6a5f8e7154b10af30a01c0e84870bede9f09b267279ac5dc3dd294f3e9fefec6f1d19f459d546856225f0c097fcb27b45c156a2", 0xc7}], 0x6, &(0x7f0000000880)=[@mark={{0x14, 0x1, 0x24, 0xb22d}}, @mark={{0x14, 0x1, 0x24, 0x1a5}}, @mark={{0x14, 0x1, 0x24, 0x4a9}}, @mark={{0x14, 0x1, 0x24, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}], 0x78}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000900)="6057fa8010b8c29388faf08a245232a4163edb9f958310ca68ec", 0x1a}, {&(0x7f0000000940)="2682fe9c460e5e7c2373c0e1feff5ef1091b90f553d1f56b7d828ffe04ae5da7b6a4cdb51acf67527ada471fc033d04a47e660e60f5ba2ea55a365d5b3377ff4c2570c4c41fef88244965434147ec9e011a6f7bbbf53747fc2d1d6196f8ee98b8b49cc46376a4f7f42ee13b39117baa4f5303436d001cf9d3fa8ff401514d3ff55c491b4ba95f62d631832a58f94bffae3202d4cc718ec8e8eb0d38d1a0f90e5bf3e0fd071997146f933db6cfae0d17f12719b8bc7903f6c42bd30e5483885cf66feb2e8d014f3dc342c67c42183dcf674319ebb416aaf73648eb5098cc0a3f73938658fb84306cce7", 0xe9}, {&(0x7f0000000400)="7340b006187c70329fa255074ac41afd244bfaf8", 0x14}, {&(0x7f0000000a80)="6f65b1d7a02cac63b8fee40000000000000200b761bbda05aae75296dc7b8ad7b1d93d6ad53ecef5437c90d974de2af2309f8f950d64644d631296a8b17499ee827f56d643d3149d493e706ad7fe8e96bf81b19ec39a420ec1ee831cf426666792f470e7e27751f11ea1bc9db1ab1e5dd8971082a49d0b44cd171f8a1d8e681a5ae37899a7f358343c98af03d113a53ccb49cf42cd90b8378a4f", 0x9a}], 0x4, &(0x7f0000000b80)=[@mark={{0x14, 0x1, 0x24, 0x50dfce51}}, @txtime={{0x18, 0x1, 0x3d, 0x58}}, @mark={{0x14, 0x1, 0x24, 0x2}}, @timestamping={{0x14, 0x1, 0x25, 0xffffffff}}, @mark={{0x14, 0x1, 0x24, 0x100}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @mark={{0x14, 0x1, 0x24, 0x10000}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}], 0xc0}}, {{&(0x7f0000000c40)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x80, &(0x7f0000000fc0)=[{&(0x7f0000000cc0)="55269b442b022621552adeb67f78449ae33dbd7e50f505ec934c94fb2b4ed0263feee503f6aa021a5ec508f1e03b624177dc36157df5ad4ef96d7acf0f765ac058e3a9b2f84611e866fa238877c9ea29e9437577e4b60c91f789161d1c27e0ec0c8732d6c6cb9399bd3276d8572468b12bd0d0c12511945cc7c0fc3fbdb5cfa2ed827ae63081f8874742dd4df4d4801da66afa5861c32a8db2e0e9f617e58cedd7525a67d54f7b40f3d43c9249fb9a114ce683c6d5fd49188bce5a65d46296", 0xbf}, {&(0x7f0000000d80)="006a6054a240ad373eb3d168239736f57274dba92f3da9598505dd20ef04c96a0843bcaef24bdcd2a23e37762ce3f0db4e1be9ddc2ff35", 0x37}, {&(0x7f0000000dc0)="7988e6fe1ef18e024b64a73cdf5ca0b60dab57a1d964b680046912f793ef9b25afb354b094c40f3d91c19090b3248b013ee8", 0x32}, {&(0x7f0000000e00)="7773b569f55ceaea72b9e5250da32762fbb82d8aae94688f641cee349e2c644c1887a0eb30aba1a0a901ef704dcffe9729f47b8f612c3f319adf1e68e141dd1078812a5d9b6702fe6e091604038820af103be9aeb0e04e5a26775efa989d2139cafd04bee15b35f11d81ab43375010", 0x6f}, {&(0x7f0000001180)="254a9263ba23c0454e437bf8229588c7f35658ced11736a85130923a0a7c23e5115c957efab64e689d7496511a1d9a5d67d1f248122890ae90a4f009df35e7a191d2b44140bf4df791", 0x49}, {&(0x7f0000000f00)="0e8fe6f8705e17926ae584c6fa73740fdbe6c2eef458b5269161188ca17447199e35a8413dadd0538b06136b37038b71be2bc3b416e3fb", 0x37}, {&(0x7f0000000f40)="1989cd0101eaa6fe338b8cfaa6cd6263541c5a2de1c346318b0c8ce6b371c2c9ef892a997e9b00f66a62fca77a", 0x2d}, {&(0x7f0000000f80)="b8e31671485d818ae75db2a3125201cc7e5f8068b5e7b33c55a84470", 0x1c}], 0x8, &(0x7f0000001040)=[@timestamping={{0x14, 0x1, 0x25, 0x8000}}, @timestamping={{0x14, 0x1, 0x25, 0x7fffffff}}], 0x30}}], 0x4, 0x4000000)
r3 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa0})

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xa2180, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000700)={&(0x7f0000000640), 0xc, &(0x7f00000006c0)={&(0x7f0000000680)=@getroute={0x14, 0x1a, 0x300, 0x70bd29, 0x25dfdbff, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x28040010}, 0x4008000)
ioctl$DRM_IOCTL_GET_CAP(r2, 0xc010640c, &(0x7f0000000040)={0x10})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000080))
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:14 executing program 3:
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x3f91, 0x103100)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000040)={&(0x7f0000ffe000/0x2000)=nil, 0xfffe, 0x4, 0x94})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000100)=""/192)

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3, 0x4a0201)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x707183)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000080)={0xc1e, 0x7, 0x0, 0x7, 0x2})
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000000)=0x7)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0xff, 0x42581)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000300)={&(0x7f00000002c0)=[0x80000001, 0x6, 0x100, 0x2, 0x4], 0x5, 0x80800, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_OPEN(r3, 0xc010640b, &(0x7f0000000340))
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000140)={0x56, 0x0, 0x2})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000040)={0x1, 0x3, 0x9, 0x7ff, 0x101, 0x0, 0xffff})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x10, 0x10001, 0xff, 0x401, 0xfffff001, 0x7, 0xfffffff7, 0x27, 0x6, 0x36], 0xa, 0x800, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000280)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8})

05:55:14 executing program 5:
write$cgroup_devices(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="00eda6c524e937e6806beea1"], 0x9)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x80, 0xaa3})

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000040)=""/29)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x7, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f00000000c0)={0x13})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:14 executing program 2:
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)
sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="fc0000006404010025bd7000fedbdf253585a9a69492fafd806de52544a1e4254a73bf9291c9e859da8c33fcf5c74e89585994c25bde34a3828808783483ad9dc305e248ee1dec799fdeebc58544d51923f39df66b66ddbbb7b5a85c044259543c10bb3f65c674475d02a5debc0b67551ae98572ee88fd4297195c4366d70796409ff705adf3a78ff32ff617550f2424a7c419ae5cefc9d0768fe258d17dc068fc4a8ae892170f9005b9368db881d40a7a73d0b67f724814d9dfb15096a1edfc94531eec516a34967c12116b412fe3b160ab11316aecea3760b80672ed5011c88530a0e50195afadcba6f7d657a1190337e07d213bf88a9b00000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20000004}, 0x81)

05:55:14 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x20, 0x3fa, 0x800, 0x70bd2a, 0x25dfdbfe, {0x1, 0x0, 0x1, 0x1}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x880}, 0x4000000)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/zero\x00', 0x4000, 0x0)
ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000000300))
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f0000000140)={0x3cd, 0xfffffffe, 0x40, 0x0, 0x40, 0xc262})
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
sendmsg$AUDIT_SIGNAL_INFO(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3f2, 0x2, 0x70bd25, 0x25dfdbff, "", [""]}, 0x10}}, 0x0)

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)={<r2=>0x0})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000140)={0x1, &(0x7f00000000c0)=[{}]})
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000040)={r2, 0x3d})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x400, 0x9, 0x413, 0x200, 0x1000, 0x1, 0x9, 0xfffffffd, 0x3, 0x81], 0xa, 0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000200)={<r5=>0x0, 0x0, r1})
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000240)={r5})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:14 executing program 1:
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000140)={&(0x7f0000fff000/0x1000)=nil})
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x143001, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000080)={0x16, &(0x7f0000000040)=""/22})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x7ffe, 0x581402)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffffd, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x9, 0x80)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000002c0)={0x10001, <r1=>0x0})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000300)={0x8, r1})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x100000001, 0x100)
r4 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x3f, 0x400)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r4})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000), 0x0, 0x80000, 0x0, <r5=>0xffffffffffffffff})
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r6, 0x80386433, &(0x7f00000001c0)=""/169)
ioctl$DRM_IOCTL_ADD_BUFS(r5, 0xc0206416, &(0x7f00000000c0)={0x8, 0x916, 0x1, 0x6, 0xf, 0x9})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:14 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_getroute={0x1c, 0x1a, 0x400, 0x70bd2c, 0x25dfdbfe, {0x2, 0x80, 0xfc7f270afb3165e, 0x81, 0xfc, 0x2, 0xff, 0x2, 0x100}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x44080)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

[ 1549.421602] [drm:drm_mode_legacy_fb_format] *ERROR* bad bpp, assuming x8r8g8b8 pixel format
[ 1549.459276] [drm:drm_mode_legacy_fb_format] *ERROR* bad bpp, assuming x8r8g8b8 pixel format
05:55:14 executing program 4:
sendmsg$NET_DM_CMD_START(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x24004000)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000140)={0x0, 0x3ff, 0x80000001, 0x5})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x200, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:14 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x24880, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f00000000c0)={0x2, 0x9, 0x1f, 0x1, 0x0, 0xffff, 0x7fffffff})

05:55:14 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0xcaa83, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f0000000380)={&(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000240)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x7, 0x0, [], 0x2, 0x8})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0)='l2tp\x00')
sendmsg$L2TP_CMD_TUNNEL_GET(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="24006d4c6669e8da9e488d7350f1ad853e52", @ANYRES16=r4, @ANYBLOB="000326bd7000fbdbdf250400000005000d000100000006001a004e240000"], 0x24}, 0x1, 0x0, 0x0, 0x4048040}, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000000))

05:55:14 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xab3})

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_congestion_control\x00', 0x1, 0x0)

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=""/214})

05:55:14 executing program 0:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000040)=[<r1=>0x0, 0x0, 0x0, 0x0], 0x4})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000200)={r1, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000000c0)={&(0x7f0000000140)=[0x3], &(0x7f0000000080)=[0x0, 0x0], 0x1, 0x400, 0xdededede})

05:55:14 executing program 4:
ioctl$DRM_IOCTL_MODE_GETPROPERTY(0xffffffffffffffff, 0xc04064aa, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[{}, {}, {}, {}], 0x5, 0x0, [], 0x4, 0x4})
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000000180)={0x2, 0x9, 0x80000000, 0x7, 0xd8c, 0x7, 0x5})
r1 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x1, 0x2241)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000280)={&(0x7f0000000240)=[0x8000], 0x1, 0xfffffffd, 0x1, 0x3, 0x1, 0x0, 0x9, {0x4, 0x20, 0x9, 0x3ff0, 0x100, 0x233, 0x3, 0x3, 0x4, 0x6, 0x0, 0xa9, 0x4, 0xe018, "ace0b775bbd018adbacc0c532feda1f7f50cdc179663584c32a77db9e080e8ce"}})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000300)='/dev/zero\x00', 0x644281, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000340)='tasks\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:14 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f00000000c0)={0x1, 0xffff0001, 0x8001, 0x3d5, 0x315e, 0x200, 0x8})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100)={0x0, 0x80000, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000140)={0x0, <r3=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000180)={r3})

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x10c, 0x3ed, 0x200, 0x70bd2c, 0x25dfdbff, "c05c82a7653b7145241d16a690d2abcc56c28b54a687c2851a550b009f9b3112d33ecab7ad9e88b415e34f3677fce7fa8f543f857fdeeea2af1612016bede3ba0e91c151c9d7b1f9e4215a2f82b84660470ce0b7b658e4b6e33268b6713f681308aef9696948309a053dd576f0730716404ed517822a5737159332f2921b3154b0990efb9de82f4494cafc265f883bc95d63f2108420f62929db5c7233b6d9f0603c563a36592309d01eb6f9993bf62adbd86dcdfb4842bb2dad7b2b6b0da3c91774a10a821aad905e33d8a40478025b49e786c6b03626b702f25495494a80a0d9ea4802e94e5362f30f6cbee0af3b2f34dedd99d6910e0a350b", ["", ""]}, 0x10c}, 0x1, 0x0, 0x0, 0x41}, 0x1)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
sendmsg$AUDIT_LIST_RULES(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x10, 0x3f5, 0x10, 0x70bd29, 0x25dfdbff, "", ["", "", "", ""]}, 0x10}}, 0x20000040)

05:55:14 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x602040)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000280)={&(0x7f0000000100)=[0x0, 0x0], &(0x7f0000000040), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140), 0x1, 0x7, 0x0, 0x0, 0xfffffff9})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000180)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[{}, {}, {}, {}], 0x1, 0x0, [], 0x5, 0x4})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)={<r3=>0x0})
ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000040)={r3, 0x1})
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000200)={0xffffffffffffffff}, 0x4)

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x1, 0x1, 0x3b6, 0x10000, 0x5, 0x3, 0xffffffff})

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
accept(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3, &(0x7f00000000c0)=0x80)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000140)=0x7)
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f00000001c0)={0x8, &(0x7f0000000180)="8781f5c66ddc4b38"})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000200)={0x0, 0x0, r0})

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000080)={0x2, 0x0, &(0x7f0000000040)=[0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000000)={0x1})

05:55:14 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x240)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x6, 0x83, 0xaa3})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080))

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f00000000c0)={0x11})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000001c0)={0x98dc, <r1=>0x0, 0x10000})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000240)={r1, 0x3})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000200)={0x1000, 0xa, &(0x7f0000000140)=[0x3, 0x8, 0x1, 0x8f, 0xc2, 0x4, 0x454, 0x4, 0x2, 0x3], &(0x7f0000000180)=[0x3, 0x9, 0x77], &(0x7f00000001c0)})

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$AUDIT_ADD_RULE(r2, &(0x7f00000003c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000440)={0x458, 0x3f3, 0x400, 0x70bd28, 0x25dfdbfe, {0x3, 0x1, 0x21, [0x9, 0x8ffe, 0x6, 0xffffffff, 0x401, 0x1f, 0x8, 0xfffffff9, 0x3f, 0x6, 0x400, 0x2, 0x0, 0x7, 0x6, 0x1000, 0x1, 0x80000000, 0x5, 0x1, 0x3, 0x7fff, 0x1, 0x8, 0x7, 0x39, 0x1, 0x40, 0xe7aa, 0x200, 0x8, 0x20, 0x10, 0x2, 0x7fffffff, 0x0, 0x5, 0x2, 0x9, 0x8, 0x400, 0x3f, 0x8, 0x0, 0x6, 0x8, 0x5, 0x3, 0x0, 0x57688283, 0x9, 0xffff, 0x800, 0x9, 0x3, 0x8, 0x7, 0x20, 0x1, 0x30e3, 0x803, 0x1, 0x3, 0x400], [0xec2, 0x401, 0x9, 0x6, 0x6, 0xffffffff, 0xe18, 0x23e3, 0x302c, 0x8000, 0x7fffffff, 0x9, 0x81, 0xfffffeff, 0x8, 0x0, 0x66d, 0xfff, 0x4, 0x7, 0x2, 0xfffffff7, 0x1, 0x24b, 0x3f, 0x56, 0x3ff, 0xe4, 0x40, 0x2, 0x1, 0xffffff81, 0x0, 0x9, 0x7, 0x1, 0x0, 0x3, 0x4763, 0x2000000, 0x4, 0x53bc, 0x3ff, 0xffffffff, 0x7fff, 0x1f7, 0x0, 0x0, 0x5, 0x4, 0x80000000, 0x201, 0x7, 0x1, 0x8, 0xfffffff7, 0x0, 0x3, 0x8, 0x1000, 0x1, 0x200, 0x44, 0x3800000], [0x10001, 0xfffffffb, 0x80, 0x1, 0x10000, 0x6, 0x1, 0x8, 0x7fff, 0x81, 0x3, 0x8, 0x1000, 0x400, 0x3ff, 0xe1, 0x1, 0x5, 0x0, 0x1, 0x1cec, 0x3ff, 0x4, 0x6, 0x5, 0xff, 0xffffffe0, 0x0, 0xf5, 0x1, 0xda50, 0x6, 0x9, 0x6, 0x1ff, 0x400, 0x3, 0x0, 0x0, 0x8, 0x3ff, 0x3, 0x8, 0x41d, 0x1, 0x9, 0x7f, 0x9f, 0x5, 0x1, 0x1000, 0x5, 0x4, 0x40, 0xfffffffa, 0x20, 0x3, 0x100, 0x1, 0xec3, 0x8, 0x13f, 0x2, 0x8], [0x3e4e, 0x7e55, 0xfffffffc, 0x80, 0x8, 0x6b34, 0x1000000, 0x2, 0x42f5, 0x80, 0x8001, 0x5, 0x40, 0x5, 0x7, 0x3, 0xffff, 0x844, 0x2, 0x10001, 0x1, 0x8677297, 0x3, 0x800, 0x9, 0x2, 0x3, 0x16, 0x8001, 0x2, 0xfff, 0x7, 0x3, 0x6, 0x2, 0x8, 0x200, 0x29cf, 0x0, 0x3, 0x7, 0x2, 0xff, 0x5, 0x8a0, 0x4, 0xfffeffff, 0x4, 0x9, 0x600000, 0x9, 0x8001, 0x0, 0xffffff01, 0x5, 0x8000, 0x7, 0x5, 0x7f, 0x23, 0x10000, 0x200, 0x7, 0x80000000], 0x35, ['#\x00', '^\x00', '/dev/zero\x00', '-#\\#!\x00', '/dev/dri/card#\x00', '&\x00', '/dev/dri/card#\x00', '\x00']}, ["", "", "", ""]}, 0x458}, 0x1, 0x0, 0x0, 0x800}, 0x18894)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f00000000c0)={0x4, &(0x7f0000000000)=""/44, &(0x7f00000002c0)=[{0x800, 0x76, 0x1, &(0x7f0000000140)=""/118}, {0x9, 0x2e, 0xf7a, &(0x7f0000000040)=""/46}, {0x8000, 0x5b, 0x8001, &(0x7f00000001c0)=""/91}, {0x1, 0x77, 0x7fff, &(0x7f0000000240)=""/119}]})

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r1, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000040)={0x10}, 0x10}}, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f00000000c0))

05:55:14 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000040)={0x1, 0x5, 0x9, 0x6, 0x6, 0x3f})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x4c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={[], [], @loopback}}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'ip6erspan0\x00'}, @L2TP_ATTR_MRU={0x6}, @L2TP_ATTR_UDP_CSUM={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40005}, 0x4000000)

05:55:14 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, <r1=>0xffffffffffffffff})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f00000001c0)={0x0, 0x2})
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000180)={0x5, 0x9, 0xc669, 0xa35})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f00000000c0)={0x56, &(0x7f0000000000)="607e053d2090f7c26fd2549ae793b94b9e84bfa38876a3d3cd4a2963f6d7a10d4709ec2bdcf2e125639175b59c87d3cf60468f489ae312dc124c10575b39809ec1651ee58f15ace0b8226cad1e408616cc9804c7eb85"})

05:55:14 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f00000000c0)={0x3, 0x0, 0x2, 0xaf, 0x80000001})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000001c0)={0x3, &(0x7f0000000180)=[{}, {}, {<r1=>0x0}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000080)={r1, &(0x7f0000000340)=""/196})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000140))

05:55:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000001240)=""/229)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000013c0)={&(0x7f0000001380)=[0x0, 0x0, 0x0, <r3=>0x0, 0x0, 0x0], 0x6})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000001440)={r3, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000001400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000001340)={0x110000})
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000000)={0x1000, &(0x7f0000000240)=""/4096})
r4 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x55b6, 0x141000)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r4, 0x4010641c, &(0x7f0000000080)={0x0, &(0x7f0000000140)=""/173})
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r5, 0xc0106438, &(0x7f00000000c0)={0x2})

05:55:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000000c0)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000140)={r1})

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x5, 0x80, 0x93, 0x400, 0x0, 0x66ec, 0xe4a0, 0x3, 0x6, 0x5], 0xa, 0x80000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f00000000c0))
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000079c7c25800", @ANYRES16=0x0, @ANYBLOB="00022bbd7000fddbdf2506000000080004000a010101"], 0x1c}, 0x1, 0x0, 0x0, 0x810}, 0x0)

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000140)={&(0x7f0000000200)=[0x5, 0x8001, 0x401, 0x401], 0x4, 0x8c3, 0xe59, 0x3, 0xffffffff, 0x7, 0x1, {0xa96, 0x20, 0x4, 0x0, 0x200, 0x1000, 0x0, 0xff12, 0xad71, 0x5, 0x8, 0x4860, 0x2, 0x5, "87189ebf1012a2927e65ea012ea4d8dc374bbdfd52a14f08e2c37abcffc68461"}})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000040)={0xfff})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f00000001c0)=0x9f, 0x4)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000080)=0x5)

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffffc, 0x549200)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AUTH_MAGIC(0xffffffffffffffff, 0x40046411, &(0x7f0000000000)=0x5)

05:55:15 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000080)={0x4f0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x202100, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000180)={0x6, <r3=>0x0, 0x2})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000100)={0x100, r3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x2, 0x1000080, 0xaa3})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000140)={0x1})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x7, <r1=>0x0, 0x10000})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000240)=[0x2, 0x2, 0xfb1], 0x3, 0x180000, 0x0, <r2=>0xffffffffffffffff})
r3 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x97, 0x200)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r3})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000000c0)={0x0, r1})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000140)="6a10a2f39dc0d591ce9fd01d8e22c7bb0db4f97be940f2364c060f7d8a3b3366c4e9efe8ecd32d8b35b8e4f02934db6aa839e393701005d8bbed801c6abb6fbe18452aefde974f27ab8dfe1b78c9a3ae28a3bec34e79a13d097e6058b074143c56b5a3b38c7e86c6c871e28b6d7fdfb39249257cdf665744556842d840c423641a6ddf0f369d814e43d18772814a6995d40e669a109d83dbc58014b739b1ec362380addaa841cfa1d3f94653756982f418d67c25d156c27a0163fdc2421fa9b368f41722d3aa33a006f19a79887fa5f679d878b43e3b621e0ef287d77efe717439ad4bd14655f3de3145be7c02a6d2ac19", 0xf1})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:15 executing program 3:
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000080)={0x0, &(0x7f0000000040)})
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x18000, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f00000000c0))

05:55:15 executing program 2:
wait4(0x0, &(0x7f00000000c0), 0x4, &(0x7f0000000140))
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:15 executing program 4:
ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000040)={&(0x7f0000fff000/0x1000)=nil})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x3, 0x22200)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000000c0)={0x2, 0x0, &(0x7f0000000080)=[0x0, 0x0]})

05:55:15 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, 0x3fa, 0x200, 0x70bd28, 0x25dfdbfe, {0x1, 0x1, 0x1}, ["", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x2040004)
r1 = socket(0x6, 0x4, 0xf955)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
r3 = syz_init_net_socket$nl_rdma(0xffffffffffffffff, 0x3, 0x14)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x13)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000240)=@proc={0x10, 0x0, 0x25dfdbfd, 0x400000}, 0xc, &(0x7f0000000840)=[{&(0x7f0000000440)={0x1fc, 0x10, 0x8, 0x70bd29, 0x25dfdbfd, "", [@nested={0x195, 0x8a, 0x0, 0x1, [@generic="4a3603e114c6835479d80f672b7ae838b09c9dc26f875e27138f88e1a2763ac01f656db2d46c8c10ce8e1dc15ed9120143cf319fc06f38cf30c337407e6c55d26e3cbcc83010a262c5c8d0d4d0baa2e69d4a523ec52478d7026db6432084dd9e90c376ea3798393eef5fbe8a5fff9e249f7f2259e0347c03a13ba7f8d7a60fdb725b5af41d7f04030756ff98d22254fa7cb18a6566d754591819ba8e72dd3e03c9192213657129a21e82343c60342b08d2ca1dde099e08291302a8c5b592e1cb", @generic="6f4dafa82f3e564ddd982a63ad29d16654c9c80063272cb026a62b56cb8850", @generic="f07d77643e8be14f3a7213d7b2d15a88bc493050b52a8705b5e7f483088ff77a804da1e3d0bb867660e054fbdfe98b92c31c27ce64e4c07e62bc5efebb8ca0c832875846f5209cb7b538309c", @generic="691514497838f709c2b074d015d18884f59518fcbcd8354ed625d3489508d835b81f5d32f907cfa91ab5b027cf8704d25715f612be27aca7d6dfcac288e169e0450a8d29d99873bf0d1ab566fcbb6f21ae4a", @typed={0x8, 0x5e, 0x0, 0x0, @uid}, @generic, @typed={0xc, 0x2d, 0x0, 0x0, @u64=0x8}]}, @typed={0x14, 0x35, 0x0, 0x0, @ipv6=@local}, @typed={0x13, 0x8, 0x0, 0x0, @str='/dev/dri/card#\x00'}, @typed={0x14, 0x6a, 0x0, 0x0, @ipv6=@remote}, @typed={0xe, 0x81, 0x0, 0x0, @str='/dev/zero\x00'}, @typed={0x8, 0x78, 0x0, 0x0, @pid}]}, 0x1fc}, {&(0x7f0000000280)={0x16c, 0x19, 0x10, 0x70bd27, 0x25dfdbfb, "", [@typed={0x8, 0x15, 0x0, 0x0, @u32=0x3}, @typed={0x8, 0x60, 0x0, 0x0, @uid}, @typed={0x8, 0x68, 0x0, 0x0, @fd=r2}, @generic="36fbab771d39da9bc3ca004eeadfbd517b64059637605a70c6d246c8a1653e0c5c8e9d49889ab528ec0303fd297a855d0eb332386c35334a5e87bc982abb6bbabf47ad", @generic="af23954403e24691a1574ffb46d76bb2915c191ac0809d185636b1bb2f1fc73beede60109d7605f5021e9923f5f31bb7f7ce1a84787d2a0624b310b1809af5636dd823225147dba9f30f7d0072d96a75904a2754d95115d396", @generic="633581779c7782ca925ec0749f6be5a741fbf894cf7c52df1d5a4f8e83f4a00a255c42b0e6ca961d32c4b6ed83a1c89b30aabe0933c7c6c115ea313ce79b1d1c9fb01360aad22d3003bf8a91da718cc59c2d69b703d709c92582f915c1ad7d31c99dfa92e3d2042505648b3871827ea72c2c700dde55ad2249ce1633bebfacdb0e705f5029593d3b251c9d094bc5d5a61a2d9243eb4a0f7af411a4ab200f970b1e2336f3ff99"]}, 0x16c}, {&(0x7f0000000640)={0x1e8, 0x33, 0x8, 0x70bd25, 0x25dfdbfc, "", [@generic="a7e207f78d0cf47203f687a49b18cad789645c7d559f82399c858b7157161aea94c95ef2ee8a9d63db013a39ba6a5a0741e25d17e02f1147f6e5d0ef5ea152d707d2d05f716d68b4808fde0c9f167d8130a90a053f3b148b451c647f340642626ab0b6745b968b02bcede2b6634a67d43d3e75de6b25f9e86a752b569c55c69140834f678b2d4492354f5e4049f2c8a98b1b3892d8500d449119c25d9aede268667c3ad02c2eb73f23ce1904122fff0a465d9e7b2aa904d59a6a9f9ac741820f46727fb46033e578a2853c617faf5de601ac703ccca3c4ce090c956c00be", @typed={0x8, 0x5b, 0x0, 0x0, @ipv4=@empty}, @nested={0x1c, 0x48, 0x0, 0x1, [@typed={0xc, 0x3e, 0x0, 0x0, @u64=0xdb}, @typed={0xa, 0x28, 0x0, 0x0, @str='-F!+-\x00'}]}, @generic="7108bbbfbbb59dd783bf85c9adadd24af2ed5bea5d50af5de98873fe6f2f2b581f6198624c78bc1258a4ea2796222997d348caccea00261bf7359e0c23d95f0a7f60d45b4e4e8bbbe095b6da276c470b9db2504f8f876cb81b19e768eee9266cc2d4eabba1c4a99fe25656e6c832d4a7c8b7c6fab7ccbd5b074b8fd8fdbef84f408aad91d9edcdffc3b60abdc4cc39dc9b667fffcea94d32cefc4a211cf344357f5874d2618e0297fa77af66507e508528b6e6e633", @nested={0xc, 0x5d, 0x0, 0x1, [@typed={0x8, 0x7f, 0x0, 0x0, @u32=0x7f}]}, @nested={0x14, 0x7c, 0x0, 0x1, [@typed={0xe, 0x7a, 0x0, 0x0, @str='/dev/zero\x00'}]}]}, 0x1e8}], 0x3, &(0x7f0000000940)=[@rights={{0x20, 0x1, 0x1, [r2, 0xffffffffffffffff, r2, r0]}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r2, r2]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x34, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, r3, r4, r1, r5, r0, r6]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee01, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [r7]}}], 0x108, 0x4004041}, 0x8b0c3022018f1702)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_dccp_buf(r2, 0x21, 0xd, &(0x7f0000000140)=""/30, &(0x7f0000000040)=0xfffffdc0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00'})
r8 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x30001, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000140)={0x8, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r2 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000001c0)={<r3=>0x0, 0x0, r0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000200)={r3, 0x80000})

05:55:15 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x12, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18220000", @ANYRES32=0x1, @ANYBLOB="000000000600000003aafeff0400001d441b180008000000a7075000000000001800000000040000000000000700000000b30002ff070000039206000600000018000000000000000000000009000000"], &(0x7f0000000700)='GPL\x00', 0x10001, 0x6d, &(0x7f0000000740)=""/109, 0x41100, 0x17, [], 0x0, 0xc, 0xffffffffffffffff, 0x8, &(0x7f00000007c0)={0x6, 0x4}, 0x8, 0x10, &(0x7f0000000800)={0x5, 0x5, 0x2, 0x9cc}, 0x10}, 0x78)
r1 = getegid()
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000008c0)=<r2=>0x0)
mount$9p_fd(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000000640)='9p\x00', 0x304020, &(0x7f0000000900)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_L='version=9p2000.L'}, {@dfltgid={'dfltgid', 0x3d, r1}}, {@version_u='version=9p2000.u'}, {@noextend='noextend'}, {@debug={'debug', 0x3d, 0x2}}, {@version_u='version=9p2000.u'}, {@uname={'uname', 0x3d, '/dev/zero\x00'}}], [{@dont_appraise='dont_appraise'}, {@obj_role={'obj_role', 0x3d, '+\'[}*,'}}, {@appraise='appraise'}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@subj_type={'subj_type', 0x3d, '\x00'}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/dri/card#\x00'}}, {@uid_lt={'uid<', r2}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}})
r3 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r4, 0x80386433, &(0x7f00000000c0)=""/118)
r5 = syz_open_dev$mouse(&(0x7f0000000b00)='/dev/input/mouse#\x00', 0x80, 0x94080)
getresuid(&(0x7f0000000080)=<r6=>0x0, &(0x7f00000000c0), &(0x7f0000000100))
mount$9p_fd(0x0, 0x0, 0x0, 0x2020021, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESDEC=r6, @ANYBLOB=',func=FILE_MMAP,euid>', @ANYRESDEC, @ANYBLOB=',\x00'])
mount$9p_fd(0x0, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='9p\x00', 0x12010, &(0x7f0000000b40)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@dfltuid={'dfltuid', 0x3d, r6}}, {@cachetag={'cachetag', 0x3d, '#!-\''}}, {@cache_mmap='cache=mmap'}], [{@smackfsroot={'smackfsroot', 0x3d, '9p\x00'}}, {@audit='audit'}, {@subj_user={'subj_user'}}]}})
syz_open_dev$mouse(&(0x7f0000000c00)='/dev/input/mouse#\x00', 0x1, 0x440)
sendmsg$ETHTOOL_MSG_EEE_SET(r4, &(0x7f00000005c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000180)={0x3dc, 0x0, 0x20b, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5, 0x6, 0x1}, @ETHTOOL_A_EEE_MODES_OURS={0x3a8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x97, 0x4, "6ee7dc0ff99480daf5e7e28085600acc6bbe81cef28fa2d319966aec241279d2bb01359b02fc13a4b0189485b5d62187fca4824ed6683c5dd7d899454e7af9c07b0af7b3432b142e0feae5b02c216dfc7e2ab673d14d587ca2434f762a9c5b46b0df44ad3805ec2306c97bfa134b75afdb21522f9a4b872178efce42894bc7f3c3d89c1c52de08bff636d98866ba2db3fc4971"}, @ETHTOOL_A_BITSET_MASK={0xc2, 0x5, "bb79e0f56af74568010e6095fc1c8ca986896daf9234e46633a0f4d8efd045cb07176a56c07bfe02f7dda8d148781d70ba9618c53d1a7526d8940c69f124773842fde0f9b9266726b538f045c7727393d7a513626a71c3eac2b8250894e5fae6318ec7bd901d545b03909febece8216895be6d37fac6cc85cf7f8f2e2a72431297cb3e5b7e02c4c41c784c9d36ef1dedd66e6ab440aa000cf192b9b3d8eb497f17c9db5d845e1204de549cc7b5db2822e3caac6ba5baa1d2f424543effc4"}, @ETHTOOL_A_BITSET_MASK={0xb3, 0x5, "6487fbfbd8cbf9dd417e2cea3167debfbe0a67acf6499e5ec49a05d43940f943e084eb0903c0a4f05f80ebba7d79854a6ed580843bbf32089d0c71a0384ebe78d63dc0e55c2bf2eb9f45d93ffccc5f433f6cb5af8fa1a4ba3124f154ffeed23d80d6e5753d7a8a9292d283eb2a9d0df504c71decfbc7b6beac7f699d1ff538614dec6dc7856c46743f9294f774677435a2d6b1dab8f69ffbe41ba8fd370b73eeb708da03fa6d6b7dc92d8f027ef7aa"}, @ETHTOOL_A_BITSET_BITS={0x148, 0x3, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ',#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '[+/*\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffb}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '/dev/zero\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7ff}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff7d22}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '/dev/zero\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '/dev/zero\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x20}]}]}, @ETHTOOL_A_BITSET_MASK={0x49, 0x5, "56cbef57740a19adf5e719d6e5f140b9bc3b36942a68da7a5c6df75abef7083f32475b02eb509690df5f037df50e32ca44f5789e026e30bfd2cb9b399db7fb9a442586bbe8"}]}, @ETHTOOL_A_EEE_ENABLED={0x5}]}, 0x3dc}, 0x1, 0x0, 0x0, 0x20008080}, 0x2000000)

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5, 0x100})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000140)={0x0, &(0x7f00000000c0)})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1})

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1, 0x200102)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x200000, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
sendmsg$L2TP_CMD_TUNNEL_GET(r1, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x60, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @private2={0xfc, 0x2, [], 0x1}}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @initdev={0xac, 0x1e, 0x1, 0x0}}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @local}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x5}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x40}]}, 0x60}}, 0x8090)

05:55:15 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x4000, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
getsockname$netlink(r0, &(0x7f0000000000), &(0x7f0000000040)=0xc)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x15, <r1=>0x0, 0x10000})
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40844}, 0x40000)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000040)={r1, 0x8})

05:55:15 executing program 5:
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000100)={&(0x7f0000ffa000/0x4000)=nil, 0x7fff, 0x3, 0x80})
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x12, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x4, 0xaa0})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000080)={<r1=>0x0, 0x0, r0})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f00000000c0)={r1})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x8})

05:55:15 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = getpgid(0xffffffffffffffff)
sendmsg$netlink(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000240)={0x1040, 0x24, 0x100, 0x70bd26, 0x25dfdbfd, "", [@typed={0xc, 0x4d, 0x0, 0x0, @u64=0x7ff}, @typed={0x8, 0x4b, 0x0, 0x0, @fd}, @typed={0x13, 0xf, 0x0, 0x0, @str='/dev/dri/card#\x00'}, @generic="af506d71d0b86d67d0f6249af90a2be82f46abfcab18b41d212d4c3e4081599fd356a7ab44d01a276f39590f175762cc0aae974315ba149e24e8e1d635fc979881de970e506b0380c33a9ccfa5bbc551c61f57e7d59fcb113a846d09c57be8223a4176a548faa5ac3eb25f61c36b5d010772ca060236a3bef8aa5d17af5630bf617fcad1c3d5d099812ed764e2bfab9d5880bdf3341fce531b778a4f69311fc3824ff8bd062fc478d9c8496f5c910cbfe0ee015190d977513e6779dfad2efa48afbf8682f045c7fa36dee68427c06d5207e40d21f4db2b377e8e7ef3f320217c63b51b291db1e2129dd7592dc965e281625b994f4d3911b85abddf0e478f4dd8a33a4b13a40c9451dd038be586c4cc86732edc7e3cce990488976d9c9d6ee0b55ba054076a1ebb119c82621ae57ecb9bd8aa0783b0454b15718919757b20abaac1a3acc59fd588d428b5363da598bc9ef1cd5abea615fc0c65cca9212fd55d0b46a67ed1618d9e79cb32141d6696223e5c8dc2d83e5045f9d185d85dcd17ad5d9e56edab5de30c84d83384092ecb678b8a9c3eaf061f4a9cee85a9715323f86dd62b5f4351da3d2d2ff8ccc7937f83fb76c66d0ec1aac8a0786de08d2ab97fb90921143e6ddc3bbcb2aa729b62921f2340e0c59fc5372fabefac110df7866554ea82f41a6cc815284cc8e83dac57087091fe0cc386781370b8e4d06a1a00d2bdaa9c97e5d0c29fabbbd1bd80fd22ce5f7ae9d028db7b2f277aaa290476264443bf5c580a95e2a1dcf0f00a57da02353b9b1a54f1830dbbefb85e4cce6a1c78fa1868a9cc9b43359971424218feacc671a54c6c3524b5c0011a01f87638b3916bef5f3e2b76147ccd038966a32c5abd8d52f1a329e916abbfa61771559ebf35f594043806a85978b4322b94f0b42fe4b70b359a03667181316dba09b905c563e96922ab8f1a0a9f0dd68b554e2c1875bf8d2e1334e21deb78b19c0292427ba2bd3ded6bb60966560653d8cfa3f988ba872cd3271675119b33660fc222f1925181a30bb2887595d0b1dac610f3cca224bed5a875293a3b1c309fd717526fcc1b8bc089bb13f34af1ec3901532dfc26c0b3abaced28be4814dd1335b16aaef86b7e1f016cc16da3766506612f50c4e4794b27cc7d4ce5c11a1f6b6fe4fe78fb7e99f0b64472a2652059c7118c16344c9ddb56b1b8f606adfc8f5650518aa84c856aacf0601041b9079e04a6e67e3a043a049acbde7bfa10180565702504110c0f192da6f80d47a5274741093257d36a5b0ea09b87e94bf46ee93e4ca00f1060daa65ab7fa39d9ee46aae7a3f8af52c26455b6c4e151a4171704d980ad84248a23bb660bff75c28197b7abc5ba692965b9ff4bffc5aa064e5f288c2b359dbba6e558de197e85fa82957366eb18f0ee591edc1de1bbb9a7bf32be3684376317c510faea34ebc70377684b296c9faad2f2c892512e987dbdbbeb695a198f7ee67ce0c9d4c0eb5b05f904c68886d014fcce1bac5fe4a131f89d4f6512186f26d72a3963ce1ce6ea15fbe967e753ad9156816c0f98fd7acaebb5d5d83d977ca617060a4777ed9788b9a559b86013d04fad77acff547d193b8c71e081482eab5da57e47f961f2d6735e9bed09f56fc800064648ab3482977b1b0294dfa68ed79c734c6474764968232d808ddf2c81659fbcd7d27ff2c7ec1fef99ef61abe0193062e32e53b5f5ef576621e51a8e4023d9dee21775ad0935e98b6e403ece1c1b59295e5b4e0384066e037f039253201ceacc9f5ef18e781de5f77bb3022e70a51eb6524287ffc971d6c346cd084a8bd3647c8c849e29fd69cee4efef1ae82cffe12674af057fbce4a1e314c23e412abc8906a1040c9dfcd7606ca02c6bd54aa8c1a64e50beb7116c16c6c84e292c230c3cc8fbe90e0b43452025322c893ffea61c5e710c2d9954116d15dca20eda91c579cdd7b9b6f4651655d0cd826ded127e7f4719f5cb01c03f87de02d7e7e3777e6f421fca6fc5de3fbc3479ba5878da6d40fc84e0396178f53ae13b5b5bf132a50be91027ba262e406fd12910e4307e0b0deb41427e7053d72dd8f638f408925f54349ce7c81f9371ea687f264a8bb44434e6eefb451ca5177c8eb2b582470173eec3846dfbe98b6e5163726942def42f2d4aa745b9a888b2f6d33d259ba6261ff7e01aa7f94ce01a15edda4ba789f70ff7efa048ebaa28722b4f7ba69adfa2962847e074fb054567ebf0423c4e6a77c77730ecfae2261c81d1e202149356ee3a961bc52b6ea073cb13d5f88785ad63872301d9f6d342f70b48988e7d56f6dea9790e26045d5b31d1ce290145fc276a0facf6ada18e77dfc01c4ed5930bf3bd267b4e63c554b0a2f137242d68e9ff529d569a7b82988bacc955b81de0a1ac266bc4c168947836db43e0efb71499f36dd9bd12f4589fa8bdb7f9152be271f701ceb985984196fc898e649fb9788022b3f005d37c9549bbf506cf8555881cba53b54b7b2f9930c8b321337f23925c111f9ee63a27f8e44552af9bd2f05296c34493eb041c26388095a7a190c39fd17bc05682da0e6d5def3c388137d3f5d9e7acd1eeda0716f5f4df12fe9990ba75b7fafbbf87a22e777f0bb36b6bf3d4906f866194178edd885b4301794c96054203fb0cf0e85d4c2a3711498e5aa301d21181c803b086771fd0abc6f03888a86683f5c0cfeebe2b841a40d3b4e3ec3f8726e4f3154dfaba3f8a4e402dbd7b4069559c7fcdc99e227d661db8b8007357940c0b8e665283898edcd0cdee87e5a71fa05242c935ce962dcc474959bc92c6ee2ab9e7a695cbab4c05bf1287c79799cf83768015d27a6342563b106d6676a05bf8a02332249deb5b27fab23b483fad01f62894b1cf5b68fba8bded026fdb7f848eb72a88f762e21e1285c181c5e3d48214cf527f2d479b978b58c38097c8b7a763da148a1ec2d78df06026a0005e1e808e2ce1b8dcd54d329b0c5ca0b14f1301772ae9bf43f49e1802ee5d16ded436b3849eb3ac3b5d4786110d3ad4b77232ab6823f2ed0b9057980b51273769a54a8aca2078b7a3f971214843d7166cde228709191d07b062b931c9822cc3f7203aa9feee5c230248dce15b0c1f232fd10f975790339a92f50cc2f031308eb188f904f8932f903f4956cc86e719667c053b9dfe49cc51f03a2cf25e9d16725a028eee583965dd54375a222cc5db615c5ba38c8da9f1cf7997ce14e44873359acf5f9fae96f7bdaea6367608f1506a5929e1592762ec561a63d49ed7eb9eddb9837472f267743c7c4f028bdcca7fd6aca754cc83e289d7176edd97201abc62390f49d95a54dfe806b40b9283f730abf6897ad8d443775ce7750515e5bc40dbc443ac2520151124e63cd8e36ab2892f07306af9f7188ab8c86296c81bb9aeca985643ae6bbfa5cdfc78ed46d443d35f0a5f7f31379c0e52beb9ee66005a4171a62654da8205d8a4a9deda393c7ded97b7ccb0a930608374b2dfd138245d856cb93414139264801cf8df1f43d43ac08b31b25b0a85c097e016b76827784cd851ee256bbf92be19ba0f1cbe47333152fa5e9989b5d24b4fb3d70f76e4706cf398dd9dc4f8290c77bb6d9b1534319d0074a9f1636cab3dfd494138351347d6dfd84f004981ac6a2c2224b090a0e620445a6f7f729f2bd90e0908289b074aef52476e4577d74204f85b517bb034d3318723d8d96b417a7d860486f210338d353278eba48a710168f446b84f71aed3d3bfafb643c83adc4b9d0886c95beb692c334f13dcb27fc94997b7ff64f92120de3946924ffea7888049c48fd406dea7fbe4d3bd29e00d5e1854eb280beb8a735dfbf2c0ba27cb046cc41c9847f6dc279994cc6bed803548e30cbfd1f965e2455e323ddeece07d3685528bad4f782b95fc7129307b3d252bfe783ad988d8b16b4f62443011ad75d8afc5c91dc94d87c95ff4491a994387a42f6f51fbb4f0d2f0908f236aed341c885da709b07a5e0666622bb2fca2f65b00dbcd3d929804bbfa603c5cdd8b9d47cb79bb1c5c50a3ef3efd939f5cfe6dcad891b76240624ac8cd2651afa212d2048134d371f3208f957c466722f2387919d7713b35aabc691824dd9f8ca2ccfeb2d4edbe0eaa8dee489a71b179332bb6baa251881a58895437b5e903dff767a936625221ae26dcfc1a3cdc417356db2859fb686850789b6789d5d7a6da5c3801b450d5753b612e21d146b338c0366cdf48e11690ab58712b618eb1c99cfcd6e7774dd29bd52167c2819cf429ca93229a4c3cdc524e049b964c6e685b7c89afad75c1395137f4c8eed90cadc1096a84eb2f7ab1546ea8f7038905b7f6ac15cb4374e827a32131cced142f76fd49587f00c78109799fe9d0bd324026ed5c6557ac7c1c97bbe4f4fbbf7d07d3b22a81494a2f05e433cb381a97d62190f7f138e6b4401628448f71b747bb34c0be2e4c670afc11f9ef410c0855c0327dba101355a42557d4bb7c6de0cfb0ee04b6ef8ceb4dab1c0010e3bf3b2ed468dfcc21f9a5cae293b05a9143f3919e27073072256e3fec3a5bae7229d611cf4cc3ff1a4dc11da2d7826cee4288cef4be074f917fe7a9031d441c2e8bd2ddf5a50662ef03fea7bc937e1f1774b45c958ec101dc78ae56b0c1e48a9b391b89e25fd53bbb1992c923cc86a0e2230b793d48533b18a569bd0b8e16257943e052613608a081c3924fef9c3eceecb69fd32b239983629995018b57f4e6751b96af327361b3dc3538fc374cd39526ef61fb532fb2501ed8a27dd77a95d2946dcdac2bcc6a17e23b2ebe23dfcaae509485a2613516d9128b7c6e586f85793f446189374cc4e4291b81849359b803a0bc6b0ebb235d2fb7b30ab1a50024124e15719bca112a61947a2a321924d81d6c34632a6cd1fb7e2920676fa3734a139bf48dbc5ec578b7d384f873c0200ecda192b96b8d15b4e5f152c7dbf51312b717ababa1f3d25e94f25e7d997ef0dc53c6bb791a7766567f951bb9b94a0d1c9977a0c8ec127e92a1f94421e5b803e293b0783636c5bfa149919741ebc58c35d6197d8a944e14ee2e9850a71e0de1035186a865b199156fc8d7eea3da30062ce9265ee20062dced357f38800d4e5ef3c908dcdd174b279c2c47fed08439139f229ac186ae6abb8a2ed9ce86183f11ccccc65c5ca7b9d88d738167265e38d433395747980fa8182cc2efddcef0568013a7ab0c3176b9ae490d3ca81c48059dd258ec71799d4fe111ba940f6086cd3cbb090649d5eea39dc355e3ddc45a37fe57a35587cc394cfcc8edb70fd4a786cbb7da84533b49f01f84a7033a8ff484ba104fdaaae77a9d0bd0c5f947f7ec32c9cf8f24f77b5c90f7884d20ddab28b67e00bf1302e94e82563378783be59b4cfb68addc6b3167131aaf05c768830e1f14b155bd8789058389bfbb9752b4e4c247f92419a24b7e53566480ad7ffaaa3b52fd32dd58855a579f775fcbd6965f6eaf25435ddbba778f24decaae2e8e30cf33e98f032466c07721625845d9c8f351bfb48245a53bc3f6bdf7a2d4428b92a655364510a6aebedec1790f3713b616fa77a220f0f61bc333419c8e5b85de59484a6688c241bb64ea1b61264374a55395d932f9484d6dcdcd01312f92378c3801630f5076d3f600bb0db4a691119ce83902aca838db2a2d6f62d6da78347d2d170c45f61ee6dc7395b503adc385bf224d3dbdb10b45b8a39dfb3a877803f89ced57db1da49693456dbb581cc74a10c44c8e9c6df4762c561f7ed55d98dfab880e970f03a16a27902c", @typed={0x7, 0x6c, 0x0, 0x0, @str='%}\x00'}]}, 0x1040}], 0x1, &(0x7f00000012c0)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee00}}}], 0x20}, 0x4004000)
r2 = getpid()
r3 = getpgrp(r2)
wait4(r3, 0x0, 0x20000002, 0x0)
syz_open_procfs$namespace(r2, &(0x7f00000000c0)='ns/cgroup\x00')
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000001340)={'batadv0\x00'})
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r4, 0x80f86406, &(0x7f0000000140)=""/201)
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000040)={&(0x7f0000000000)=[0x7, 0x1, 0x1, 0x35, 0x1, 0x0], 0x6, 0xff, 0x5, 0x6, 0x6, 0x8, 0x8, {0x5, 0x81, 0x4, 0x1ff, 0x0, 0x5, 0x38f7, 0x7, 0x1f, 0x0, 0x2, 0x1, 0xe53, 0x1, "52d9691081357c01eb8fcf85d1975fe75f2f6b54175d5da4b72577eaacb77d64"}})

05:55:15 executing program 0:
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x20000, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0xfffffff7, 0x8e9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000100)={0x1, 0x0, 0x8, 0xfff, 0x1, 0xffffff85, 0x5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
sendmsg$AUDIT_USER_AVC(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="c00000005304200025bd7000fedbdf251150101645f40679d5da02926bdfb6b6824d2baa13550aca9ae35a30cd01c639d6bb19ab3bf00bc387129085f51400a26dac18babc2bd54f180496fd63b493b9b992ce90885038125b1b085d94af456238b4a737529c435ddb4c43578f70e8c1d553a8c46a0b2b9608010e3b504709fd59b73d84c6b5be78715186f17fefe21ed63569c58a7b8fc3e041909a1cba645721fbdb327f2f6bd7a8cb6ccc6a9a74bd8028a750382549267b4153244d18443754667aa160ff05fbbdb4039b4435a23292c4f817b5cd326412853399252d98b21e7fecf96f2261e405edbf2874"], 0xc0}, 0x1, 0x0, 0x0, 0x10}, 0x44040)
syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x84e3, 0x0)

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xf914b77891b50072, 0x0)
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000040)={0x0, 0x1000, 0xffff, 0x1, 0x9, 0x0, 0x3f, 0x6, 0x7, 0x4, 0x6, 0x2})

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:15 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x8, 0x10344)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{}]})

05:55:15 executing program 1:
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040)='l2tp\x00')
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x200)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x2a80)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f00000001c0)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000180)={r2, 0x80000})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000080)={0x0, 0xa59})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {}, {}, {}]})

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f00000000c0)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x3, 0x0, [], 0x9, 0x8})

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x2, 0x284, 0x3b6, 0x0, 0x7ef, 0x4005, 0xfffffffe})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000080))

05:55:15 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYRESDEC=r0, @ANYRESDEC], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x4040850)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x4e601, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000002c0)='/dev/input/event#\x00', 0x4, 0x66082)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
getsockname$netlink(r4, &(0x7f00000003c0), &(0x7f00000006c0)=0xc)
ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000300))
r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000540)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_LIST(r0, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000640)={&(0x7f0000000580)={0xa4, r5, 0x100, 0x70bd26, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010102}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010102}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}, @NLBL_UNLABEL_A_SECCTX={0x2b, 0x7, 'system_u:object_r:xconsole_device_t:s0\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast1}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4000008}, 0x20000000)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000180)={0x2, 0x200, 0x0, 0x10001, 0x2, 0x9, 0x9})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000200)={0x0, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000440)={&(0x7f0000000340)="bdb6530218918790bf2ef8f89d3be4604ce50d024f024f51d4d8ec88761f6d99d4aeb6fcec6bcd4d325c", 0x2a, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r6, 0xc01064ac, &(0x7f00000004c0)={r7, 0x28, &(0x7f0000000480)=""/40})
ioctl$DRM_IOCTL_SET_UNIQUE(r2, 0x40106410, &(0x7f0000000140)={0x54, &(0x7f00000000c0)="a78e8666e7bf240774d5d34025d8185777635b1e7a52b7df7ccf7786c08ceecdfc8ea07d2df59f084862f8c53eeaef25989dcad83adbc07884d9a56d5116a191834a95c3d746de8a817a95dba62847898aca88d4"})

05:55:15 executing program 0:
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(0xffffffffffffffff, 0xc00464be, &(0x7f0000000000)={0x2})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000040)={0x0, &(0x7f0000000140)=""/224})

05:55:15 executing program 5:
getitimer(0x0, &(0x7f0000000080))
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x10)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000000)={0x6, 0x0, 0x12})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xa0c3, 0x0)
ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f0000000100)={0x0, 0x2})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f00000000c0)={0x1ff, 0x2, 0x4, 0x2, 0x2, 0x6, 0x7fffffff})
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x6, 0x280000)
ioctl$DRM_IOCTL_MODE_ADDFB(r2, 0xc01c64ae, &(0x7f0000000180)={0x8, 0x8, 0x1ff0, 0x400, 0x29eb, 0x4, 0x2})

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x5, 0x80000000, 0x688, 0x9, 0x13, 0x4], 0x6, 0x80000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000200)={&(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0], 0xa, 0x3, 0x4, 0x0, 0x9})

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f00000000c0)=0xfffffc01)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x250181)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:15 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7ffc, 0x7f, 0xaa3})
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x4, 0x400000)
ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f00000000c0)={0x6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000100)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_UNIQUE(r2, 0x40106410, &(0x7f0000000180)={0x15, &(0x7f0000000140)="45f6fb28a752607ebb80345251cb24f81bfbea4c85"})

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xa, 0x10000)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xfff, 0x163001)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r1})

05:55:15 executing program 2:
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f0000000240)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r1, @ANYBLOB="080006004981ae2002c700000040cb7584f355e2e804f68a393e7b5ebf41829fad4c79d37592785af9a726bf68fbe6a6f6f71a2b7f384f96da18c7b687e4", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/zero\x00', 0x145480, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f0000000180)=0x3, 0x4)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x15}, 0x8081)
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r4, 0x80f86406, &(0x7f0000000000)=""/188)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000340)={&(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000000c0)={0x5, 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000040)=[0x4068, 0x2, 0x100], 0x3, 0x5, 0x8, 0x40, 0x5, 0x3, 0x9, {0x6, 0x1, 0x2, 0x3ff, 0x20, 0x7fff, 0x6a, 0xfffe, 0x4, 0x2, 0xfff9, 0x6f1, 0x5, 0x1f, "843f234426b9395edbe56c4cb43f86f57207e1499d83b0dfbdc02d7fcda04fa2"}})

05:55:15 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xfffffffffffffff9, 0x210400)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f00000000c0)={0x1000000000000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000000)="e895a7ed097816a3e2f2bd5eaeecb33e5c646d79ae8a17213273aee52c512b23a2a099ccd8", 0x25, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r0, 0xc01064ac, &(0x7f00000000c0)={r1, 0x1a, &(0x7f0000000080)=""/26})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000040)="699d0ed005e76e3996eb437f89babd6e492e150774babc7e68af517d8eadf2cd17a3bf239ee94e23133e7dbe14dc57323d25ce523aefd11ee4191e44349ac71b63dc037ca5fb20f09697ca524d86ffa55cd8496611f53a209cfcfd4d743d16f016b98391c8ee50ba2dceb0858d71ecc36d4c78a15868d5e457b8362e78608586317c5769d1037e6b5fb11ef725a5bcdb608459efda6c1ab404849122364f12175b951b89f5d7037ca67ce1cce334c12fe91b71e9", 0xb4})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x4010c2)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x1, 0x505480)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000001c0)={&(0x7f0000000140)=[0x80000001], &(0x7f0000000180)=[0x0], 0x1, 0x7fffffff, 0xdededede})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280), 0x0, 0x80800, 0x0, <r4=>0xffffffffffffffff})
getresuid(&(0x7f0000000080)=<r5=>0x0, &(0x7f00000000c0), &(0x7f0000000100))
mount$9p_fd(0x0, 0x0, 0x0, 0x2020021, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESDEC=r5, @ANYBLOB=',func=FILE_MMAP,euid>', @ANYRESDEC, @ANYBLOB=',\x00'])
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='9p\x00', 0x100000, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap='cache=mmap'}], [{@subj_user={'subj_user', 0x3d, '/dev/input/mouse#\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x37, 0x36, 0x30, 0x61, 0x33, 0x31, 0x37, 0x35008bc5d5f06dc0], 0x2d, [0x55, 0x62, 0x38, 0x33], 0x2d, [0x35, 0x37, 0x65, 0x65], 0x2d, [0x32, 0x63, 0x34, 0x38], 0x2d, [0x32, 0x33, 0x65, 0x63, 0x63, 0x33, 0x62, 0x31]}}}, {@fowner_gt={'fowner>', r5}}, {@appraise_type='appraise_type=imasig'}]}})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x1, 0x0, 0x3b6, 0xffffffff, 0x7ef, 0x5, 0x2})

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x40201)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x7, 0x10000)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000080)={0x1, 0x3f, &(0x7f0000000040)=""/63})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/188)
r2 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x9, 0xc0100)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r2, 0xc00464be, &(0x7f0000000200))

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3, 0x4080)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000000000)=0xfffffffd)

05:55:15 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0x9, 0x0, 0x10001})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x374fd12e8e16c09d, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f00000000c0)={0x0, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000000)={0x3, 0x9, 0x9, 0x9, 0x8000})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff4, 0x9, 0x5})

05:55:15 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007180)={0x0, 0x27, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7dfe0000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="b5c9164b208a8fcc38eeb769a474edc0d3841c6b74002ca7904fd1f1cba1ec123d2763948396ab1c64e3f5315f3db410a3841d1fe2d498dc8cb3b4d49c9243a25b28d46aa61cab747d370ba9329dfcc8a6c450b63f423b827b9edb5b5ef480c1b481c31349292c6ca1a7984774c2b5b20ad869824fb20d1c78324a9f6c4c4a59c763ddb89397677e1ca9131d82a0fa78ad5883b91dd8a0176ee286a8d6787acfeb077b3b9dea50290ee4946328365c1d4c96186af78b98f3b74c47d99aeeb6b16dbb7bdb6609000000d01d227f181cbcb6f2d970af344082d486b3293aeed1e8e7da6f4e206eef78a04c8e4003dc1f851240709edd11c2"], 0x10}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000180)={&(0x7f0000000080)=[0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x3, 0x6, 0x4, 0x0, 0xfffffffd})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xfffffffffffffffb, 0x230741)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000100)={0xfffffffffffffeff, <r2=>0x0, 0x10000})
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000180)={0x0, r2})
syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00')

05:55:15 executing program 3:
clock_getres(0x3, &(0x7f0000000180))
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
socket$netlink(0x10, 0x3, 0x8)
r1 = getpgid(0x0)
getpgid(r1)
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x3, &(0x7f00000001c0)=0xfffff990, 0x4)

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x4400)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x10000000fe9, 0x10d300)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x7, 0x9, 0x3f})

05:55:15 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f00000000c0)={0x0, 0x25})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r2, 0x40046411, &(0x7f0000000100)=0x6)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7ffe, 0x7f, 0xaa3})

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
recvmsg(r1, &(0x7f0000000280)={&(0x7f0000000140)=@sco, 0x80, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/2, 0x2}, {&(0x7f00000001c0)=""/125, 0x7d}], 0x2}, 0x20)

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x4, 0xffffffff})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000080)={0x4, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0]})
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x3, 0x218040)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f0000000140)={0x7, 0x1ff, 0x3f})

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
pipe2$9p(&(0x7f0000000040), 0x800)

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x800, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x1, 0x80, 0x3b6, 0x200001, 0x7f0, 0x80000000, 0x7})
r2 = accept(r1, &(0x7f0000000080)=@sco, &(0x7f0000000140)=0x80)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000380)={0x65, &(0x7f0000000300)=""/101})
getsockname$packet(r2, &(0x7f0000000540)={0x11, 0x0, <r4=>0x0}, &(0x7f0000000580)=0x14)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB="46ae3439", @ANYRES16=0x0, @ANYBLOB="00012cbd7000fcdbdf251600000005000300010000001c00018008000100", @ANYRES32=r4, @ANYBLOB="080003000300000008000100", @ANYRES32=0x0, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f00000002c0)={0x9, 0x22dc7402, 0x1000, 0xfff, 0xc000000, 0x271c, 0xff})
ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r1, 0xc00464be, &(0x7f0000000280)={0x1})
ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f0000000240)={0x0, 0x7, 0xd50, 0x200, 0x1, 0x6})
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000001c0)=0x14)

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/189)

05:55:15 executing program 1:
sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="240428bd7000fcdbdf25020000001400060076657468305f746f5f62c7d66164760008000500ac1414bb08000400e0000002e0f4f88189241f616bbd75a2a1b3aaca2ad4e53b7e050e9144d4a19063b7ef103ec521f8dd2bc29f6ccd6e67a272b4a0c6aa24b3d1a31c3e9747446b55a2d97d3408dae09a71c2364c85bfb4a3c1dc72e9d5d02b361844891b2ba80d18c7e7d50a96150a6403cc6e9c572340a60eed6387e0ed66166ff134e8c7dbd48c0b86f300"/188], 0x38}, 0x1, 0x0, 0x0, 0x20008001}, 0x5)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x109000, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000080)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_GEM_CLOSE(0xffffffffffffffff, 0x40086409, &(0x7f0000000140)={r1})
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000640)='l2tp\x00')
sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000740)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x4c, r2, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x7}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x3}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0xd1}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x3}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @rand_addr=' \x01\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x40810)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000000)={0x8})

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x100000000, 0x400020)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:15 executing program 5:
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080)='batadv\x00')
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20008", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r3, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, r0, 0x8, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xfffffe00}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7f}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xffffffff}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004014}, 0x1)
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x8, 0x480640)

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff3, 0xe5, 0x8001})

05:55:15 executing program 4:
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000000)=0x3, 0x4)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r1=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r1, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000440)={0x1c4, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0xff}, @ETHTOOL_A_EEE_MODES_OURS={0x12c, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}, @ETHTOOL_A_BITSET_MASK={0x1c, 0x5, "17518d787fd1e2f46eb1e746d3a13830f179582a03030592"}, @ETHTOOL_A_BITSET_VALUE={0x102, 0x4, "b5af2781f196fdcf617d3d5d906708fd555431e5d95b916f04820d2f7069f4aef55852c1d6c3da81181e7bd2e4ad3b0011fb5bb3933f3290715428740549660a7a97d137d382290845710c89ba67b9319827a64a97a3886792e52f3faa515985067ad64f33b20e85d7900b2d21f97907cf00f15fda80b228b4ea9a4f46b162f6d9a7712cfb982c01d52d7de5e695575f3577c3de226b2b2754d6c8f53efef1cb2ae241b847c890a2dbe7f208b0ca202b24e8baef053d01ca50a9c1ae3a7904c94580d2494ef90e37f011a6d6a75166ff73539d3c55d85e4b1678a93de7ac71c2fee222851fdde1c82ca34f0f0c83cff9e0639d4fdd8a274f1bdeda387062"}]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x24008014}, 0x80c0)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x9, 0x80840)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_LOCK(r4, 0x4008642a, &(0x7f00000000c0)={0x0, 0x1b})
ioctl$DRM_IOCTL_MODE_ADDFB(r3, 0xc01c64ae, &(0x7f0000000080)={0x3, 0x8000, 0x8100, 0x1f, 0x7fffffff, 0x100, 0x8})
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=""/214})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:15 executing program 3:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x523200)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000080)={0x800, 0x8b})
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000040)={0x1, 0xfffffe01, 0x0, 0x8, 0x6, 0x1000, 0xcb})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:15 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000040)={<r2=>0x0, 0x0, r1})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xffff7ff7, 0xe9, 0x5})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000240)={r2})
r4 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x3, 0x200)
ioctl$DRM_IOCTL_AGP_INFO(r4, 0x80386433, &(0x7f00000002c0)=""/78)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose='cache=loose'}, {@access_client='access=client'}, {@access_any='access=any'}, {@version_9p2000='version=9p2000'}, {@loose='loose'}, {@debug={'debug', 0x3d, 0x101}}, {@nodevmap='nodevmap'}], [{@dont_appraise='dont_appraise'}, {@hash='hash'}]}})

05:55:15 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0]})

05:55:15 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x6, 0x0, 0xfffffffb})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x10000, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r1, 0xc00464be, &(0x7f0000000140))
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r0})

05:55:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/57)

05:55:16 executing program 0:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x4, 0x4080)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xed, 0x4e53aa13})

05:55:16 executing program 5:
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000001080)={&(0x7f0000000080)="9388f0a3a23356c32ef608b81acbe81d50e7e6fb71b8d343e49cf0c363dfd0f8cba6e630f4d5c5aa038f698cc4d1402e6a53dcfbffb0ccd0cabdd56587e471f656eb0b299898a1e83b5ed856da5b16471908e3477f7bde4d3b627d7b661476a0b0fdf320795ca43ea372d0d0b2fdb5c8e80a87cebdf491790fa0320fffa3a1fd37ae63d2ee15467785449d86adcb1e69ad61dfdd5669a9e58fa56d73381c8902af08c9f860fae69af34e09e728a750264a8fa4be661ab382d908ce2444d5fd06bc611f24fb2a324317b091df918a33d8b2bba48c1ad0e96d63bf3c53e5dcba9c376cd43cc5424b077e855c3633c320e122d5a22e60b66536b10eb2996e5ecc55ca60c9a8b10fdd1bc2a39f3b8a1466738d141a520902409824c1f83aa4a1a5229d85ae8e5e2f728fcdc178eea69313c8ba3ef25b8cbf4e8828ecf4298de8342dbedbea73cbd47bf62dc2b79e8b2a545965bfd745b1472fcab01a697cc3ddcc22c2ee28c2ea005b4a3b5ffe25587b90ffcc53e8e5b52b7f234c52ed7f879b98f01ca08b2295fbf908fb19edd1a7c4e44976669ff8b1c458b85bc282b3579b33edb0192907afb3a0e45c733fb0fddd48cad9cc7d0ae523a5435491576d08ae584fdd69c7473aa85401e3c571200a3887fe332b2e61b85be71ef76f745b7c7b048256ef2fe84d881c39151d5c3cda20f973333c9ccec1a20c171bdaadf06a206541b20b2eb825a0146e16e67596acb6cc564e1d7b0ada7a2817a6c0c73bb72e1f6b6ba217cf64cc2d61df1ea26dbdf219a78c8d198f6894320e5593fb6c7e71736a9f69191f6fd886a0341a0e937f8e848902ac2ac254912b5019ec514a687854e7e255637a79080a5dc1b9d38447abfa1d09a9ea997abe4440e62b23620429735ba5b383ddbb7ad582b2b5dfb150c8ca0343f89c8ad362ccc3c5d07f75b619bb3a34818f389052ad941733185d0f6de34cf59460a8838e01dc47daeea5c5747df8c7ccedf7668a6249b525610a6abd7640596438853ccb2164a216d570c3ab36bfad97fe1d76fed36c6395f522279be5b2e435cd8551f66eabde839094596323a97bfd35fdc9a73cff6524c1d597bb46afd056c994d2d822ed77e40aba6ba9bc89b76d4177350cbe40c7379f58c6ea06d2260f2e32a04d3a91211c71874a788e501360c9dfd2b39cb194b2ca2f2f9e52964042977ad6d40f37afe7b37df24be34eeacc55dcd132aceef4b928db5ecfece2fcfda86c7cb9a12f1ebaf37725edcd98a2b73748c9ec4d11015f1ac9f618f12e99980f109c0903fd6fa6df6c9a84f688de2e6c675f4e59fa867d6f0a9f0a7321fa0cc6417fbf1d5dae81b0db3bdc8fa53b1d564ba9dfd93c3b45ff472155734a4cb0b2a222e5adae9ba3a4e9a603ae92e1e487ce8135d41d7d90e87d35a8f4ac254d8fafe1ceb72e2fe6484cbd5a8896cb0d3d7c38f2dacb1e1e338d72a12dfd76f9071a216eeb9190bd92c984f00a2419989d033d27da06b3e80515f3f3a8f0b5e6cefad21c2ab5af3c921cd4ca6d5dc155f77bbabc874fae7e594ba844ebc28cb02f8b81decbb78b41a2344f95e005a16efabd1aea43251e257e6034bea1326c66d62f56fa4953aebbf5df0a7e3a578413cc0c39aa1b814dc027b1693e945a25bb479fddfbfba3a4fccb983a69839197b3b87ee823a938187e3a5efb1e0ef83509f0c0f88b9f72e6d7c7d783f3f155775d863f4a8a1dde168205f78735f9984e26b6d109ed1fbf685fa8047095b019fdcf8d6d1df7685f647a55f5b17006f28a7d6f5a304df999eefd059e96f1e2292db58520018e62ce62484458b9a0a67d2a2cb5c10b3ace21a60dc3f902ef9af4ca63f06ea484b7a1b6f2c8fc87fa306388521edacf5f8b7c1d8959c9c129b25687b30345f9a5888d4aa45eb9b7b97d51938edb4972296765d23f13b2aecbed67bfc2aef833bedd30dc4c163af09644b15b6b03cd963cd8bb0a28e0ea0af147599faede0c3b153a108a4e13bbc911506067b3456d5a733b3c9dbe48722af88fa7baef9a195279ad8f556e2bfb378d00c3d32f2d8e52f75a5920ccfc2ca9de6df9c48ae5c2f3a579932b0eb326a770d5ed521fca03f9ecb93c990af92be454ce9b50866e80be57fe201f82289e1c62c34ab10cdf2a7621f5d80643e7ef7aa8f9e520f6e4cea9894780175d08a4a80912dc35f4f605e01eeb114f12247f344946e29b80775fa0e4760a67a554e54e7539e6a57c051253513253445adc6e00358d11480f209f0fa47c090d05078f71b5d5d8a31762e513b0d4b87493f11c134050485ed00b143c4df5868306cd8553dbc96360c6dcd0671f4f6eee6e169b2afbba5e4af96f40f471438ca40f3dd3ddb2e2fc3f6ea8b12866cbe94c1d6ae785376e12b65f2f002ae1c2eabbf60af0b616ba1c58ea7a1bf81e3038d0f8a37a901792a132ceed4778961d797e9e2c30ea4b11d9609bb93cbc3cf8284e20eebea5e1c85a011f2b03ad156d07fcc1bc636978aff35798254b7cb9fba31cea1b6308a0f45afd6a8ac84d20590d5640a1e20e88a12eee10b7dd5a48fb2e58de358c989a5f8a3abc34418ffefd02945409abb52ee195085251814cbfa4df6910aac57afe8e36b633e9230abcb196ce9a508edf0727188fb86a50ed083d6b0612a39d8054df038d28386473767f3600b8ecaabcbabd7a741491174e0a6f9b9347ffcf74edd093c7513481541fc00561b66b9e955a5e42b068d33fa07fee6115fdd9fefd90096ab043b3a257b1f4158eabd721a1038801a192a9a12a9246952acea8b9bca47d7ade06e2add9d64e0c85e7329310d5c8ee0d359b8384505128a15e88362132a4b1883ea7f451f64d837661dbb8d0f6422f0d478d8677e9520ac54533e65bf92069e3f2b278c42948511148e652f00864c88a2af8ddc0a8797ad9536c4ac17b8266b9d4d2ab82d3db273d0b05dcfc6e88b1a904bf2e2d493a960d8d7fed0083ca321b77d20fd84bdfc36191afc7283d484042965d6044ff94b7d9b589ca36d8ec480f748713da348854c90fb64ca7933015f8842d19825f88ce49243721f4039d59fbec7331fbc514d741e82d4d44aed4760fcd6388d2867205603d256bd4236ca752d007e2e31c89fb661d8c4ab4d368ac811228c7522b6968a97fc7eb62f14be6d2ada6e5ee1f18ca9cf753fc958508de40bad649cc29453d7b9c835c8fcb3412e77c768ff4c7dcf538df3165e9032fe41f31efd05a1ce09aa0e14961ef3f09f88e3c47b76739d40d00d035e9fc161578535d0eaa96f5621949b5c3776a83aa969677717173de21f81806835796d255e20172108ee77bfc2a482bcaaabec4c889d1d5076d449a503757c9f0e966af7721ca40c24ec9d4eefcae7df4b7671d9846abcd5eab819e0debf77b989852d707da58c751e15cd563e033ff9b4ee6071d6ad12dc5bd1780621c2352d0ec4fd698a6ab4d6dbff19fa47ee7ebaea74cd3e48aa9f9f06e45841d419fb1cb0473fc3bfc5fbd21f4eb2188900d0abb0d9e94d6f6d5ba769b3ed1616a20962a84a5206cc0fa64c4f5ef5dbbac129bc6c8ea6518cf30753c2a698d2fa6f4e63a18b7ed0ee47bbabc160fe228f2f211de2ef6f26ddf27d3d346814f326f457702eb647741aa8a38de7249aecffedca989f28e7990f47f360be781e502e8017b49d44c3371b7cc32faf6c2c406c356a03ca48a3a83dd21a967628534fe738c23e49aa000f4d6d15e5b7e5796a4167c8baf4ce386195a137db987781225ff4495d0e5c0cce52270a3aa1f53fa18e73e63c55913d53dc0ae2b72d4b538fda0ec38dc98bd6eb9c76f915cf20751176faaa340d06f1908b31d7d5d460bd062060f96b2d7e595142721075a356eda3bf7f6297b02dd5f444b70e7d1fb297376519fc45662a0cfa9cf7b03d3f9fbc6a0ab8e58b71e87437967ad6e96bfba0434fc953fe90b76bedc289c93fe0eb1dc9290e419520e3c249561b5839d9f3399de8f0f7f5c93025e9feff24f9a2671ebb7dcee0c6265ddb05e1358311dcd9161786bf52fa51e779658d1af5680d811c6227d8484d8d89f8046583443c2efbd9fb93fa2880626a8b91fa30e107ac27f66ce9f54d685d3daa9f883121815c2b82ca4a5e6b275ab62f8ff6db821274f7dda2c6eb4080c3a686b627c99e2151dfd75f330edc2bb5b2c69b73f33bfba594fb16245cbb6e29a5c85f88a9c77ffa08d57886f389b8ca67fe73ad3f4e0cc261af9cc1183044e1af47ddbbff47fb2dbd47bc632728fc1ced9e53a9d12c1c82ed18c54a9513a133c6abd3a7bfd40c0eb7a5de3c3fd5e4406f41fe924b41a2e875f5f821ce743e735de5b4985228c024392ce1d3241b01ec50a7820f51ed77789c0bc29eb99ca8cfb27d85574aa69ebd8f8d355d77219900885497159781c260d2b4c0e8b07bcf7908490658847eb81e966406d1663bf9d90c6ad65c113f05ad2d2e692ac5080b7fc1916994776e257fb11b2d5141757c1ea4b1b5483bbf18a5f71882a804f70a40325f3ec7fa3c409a9347fc22deafedc586dda222fae94d8d8e2043849d12a674596b047d8e99a22408e4e24ee69b051839b515bcae8f8f55637326e04fae8e76f2d99414e50ae68443840f911a653ea0fe6d99f4c639e9f06d6ec63049638e9d5a316a6e9c884957d66ce2c40e22dd2d0ab2384a90d5933c73c91cc8d663d2fb41ffdd306a111613958c26592b39a1bcccaf2826a8d7dc2701ecec6145cbcb2fb254fc390dcf0d2a1fd370ec8b0f02d2ccad0a8d0777d63e69f997ee42f2937184cfeb11ec70edce1115f49a3cbf1c76e4e60b9021c45f932c6f9d1512fb5cedab45b0e1b44b1908d6bb076a22cad14b95bb8058c961108c9e7c88fc4217abc9f9aaa2eacb4d9be1cc1eaf420b0f58e1c9a7ec49bd6249d1b6f57fd46b2c3d67bd9b4335773708396779c43dad1d8510fffb65356e9635ca2a65ded78c4ee832b2d94d56ee2febbae83dbd755b670944a682d06fa7078fde51e64aeae19b28e537a4955392e78bc9c7bc91d51c75194163f5b56d9a982dee52fc813f8f7c5c72f56a4ad21200cfac11fc4010528f3e4af9b5ad0c8e76d387c3224d3e99701b40f49a6b176ea3f5896ebe40038a31d8a8ce160ecd552a41ea42d51e15f03c32d97ea054ca5103868dd44825c7c4374302c3735226638f5963b41947c30e7b226a5c998e6dc8f1e898c01e32c12024d7bd852d5502df2bc3a5149949c106cb8a83b92b02daff582ea019c3ca001ddb28341e90b03a7c9dbe6e969cf75fbdca88512ac00060b86570e035bdc6d610550539c293f754648cd42567d0949945b88d46a2699fdca38405f6e547c7104d086d8cf46811790606d5d2c37ad5c27c55b73ba3d55adaabe7a213265e19299acf50bfc2d9d7904cd07509fa0b313ef7b2e972ac686343f74ccc26d3353b77da849486381b16e961a166331f38dc9fcee0f631248dda921764fb171bc2b367a3d82119be9e9f2141589462f834fe997718df32ea3874ab45ae82284725a92c38cd593d8ba6fae59ff4400a56f110fc3ba722950290b3cc4789a2eeefda6272fcb027ef1974b037359518ea75ac7f888ceb449a02815662d1dc55d3788585d4c009ae5730c3a80a52d59688a9a1b20d02b14cacf3f9a29cbb5a5bdf849b27240eca316d473660223508089d4fd2d2e9d17d42a08f7385abaf8d85aae07f3ab75416f412f232c2594dc40094636e340927e8c257379752ecc691e8a1e162bce0c1c54770d3802f083ce5c95908a6227455c8271e5b060f4ec", 0x1000})
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:16 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000180)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1421}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x48, r1, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010102}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010100}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1={0xfc, 0x1, [], 0x1}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @private=0xa010100}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f00000000c0)={0x0, 0xc})

05:55:16 executing program 3:
getpgid(0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:16 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r3, 0xc0106438, &(0x7f0000000240)={0xfdf})
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYRES16], 0x4c}}, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000280)=""/189)
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r4, 0xc010640c, &(0x7f0000000000)={0x6})
r5 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xffffffffffffffff, 0xa08681)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0)='batadv\x00')
sendmsg$BATADV_CMD_SET_HARDIF(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r6, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)

05:55:16 executing program 4:
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000040)={{0x77359400}}, &(0x7f0000000080))
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x13, 0x204100)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x7, 0x206840)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff9, 0xe9, 0x5})

05:55:16 executing program 5:
r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)="f756205195d5c5e60dcbe2806c825acb404fd8199a7435d0d56bd94f2dcbd58be43e22218dd226c1f9a0a0b0e905a33289f961f33738cd514d86538a885405e97d6891cf66fa051f6a711737b79f21c5aafad32431b0166112d190bf318011c89849c2eeb3b2e77a8b5b009ca659402a0114ebb8d23c", 0x76, 0xfffffffffffffff8)
keyctl$dh_compute(0x17, &(0x7f0000000180)={0x0, 0x0, r0}, &(0x7f00000001c0)=""/96, 0x60, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
getsockname(0xffffffffffffffff, &(0x7f0000000240)=@qipcrtr, &(0x7f00000002c0)=0x80)

05:55:16 executing program 0:
ioctl$DRM_IOCTL_SWITCH_CTX(0xffffffffffffffff, 0x40086424, &(0x7f0000000140)={0x0, 0x2})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x420c00)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x200, 0x40, 0xd6f9, 0x4, 0x20000004, 0x401, 0x9, 0x743], 0x8, 0x40000, 0x0, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x20, 0x101002)
ioctl$DRM_IOCTL_SET_UNIQUE(r2, 0x40106410, &(0x7f00000011c0)={0x1000, &(0x7f00000001c0)="2afe888c5879526b574b1871374a47d4e0a116446f1116ca2562007c2aef2dc798d4913d51a6b8ed1d50a439b9d6c3deca06cfd340aa0708a818a3fa412f16d9cbcc1615cebf1045a63b511797bd1009edade5de15ef45e2ac53773b5c536445aeec32b20e33d2e47ef0f3e420addbad9f343dacf06d956b0419e003632e93e16e3c799d19c8752479264e67d0e2ac2422bee876864222378aecd7fdbe7115d24c2a612a2091b656855b0de0ae778b84b2d7af12572efd54d67f4bc487c6673c38aed84a9bf54cfc294c6d005a58c37906aad72f8e45c81e3695b22ddf5dcf9bc5d29598ccfee7ab355fb1d7e6618f32beea619cec26f722acaa71d54a88f0ec091ff0b5877bde6691af7ffa4464c07e67f9cc86cc843308f891c6bb30a20e6346b34110abac552d165831d7be9ab9f6728761a05f0cf7b2d8479e8b81ab484c64983489f69558c33846a6d5e7993f3f982f957957e713d79c0dc287ec44d0237b5144b48906b338ce1313e60cde71fea18591e5647c3f830722fa86eeeef84751b11d5d357851564bf78311ba0435c3126f1b47ed6901d7a149f5f246626e1647bfcd0b03068c015d90596c52b605857d4661c8517eefa616e788c840e2529e595e29a649ebc0754cb00421e90d70a9ac82ccc033f74fd6bee2e935d9b734b3ea458af802ca5a6a563ee6735bd474b72621095b99e7771a24612108f2acb4270e2727abfd4581651d298ad12770d92fa7f36edd4cd66fc8d7b2131362ec7848fbff455846e7a28f92d1accaa0f47b1e49fb910d5bf2d9b0652665874442fb9b8b10d620f18658b15371601d94c6c73d4c5a36829c330cfb41b95dcff6dc73693d21bbeef3aa536a22b57ef9d23318b0c59296b4c5a0d1d99bce8f3dd639a509d232c3e28b1c695dd3ab5bb35cb1cdc24d20855d073c80f96feef2c541d1dd00902885e906fdaea712f2608db0576c5cc32d9de3fa48e83855d4ccb5bfb7fcb472b0f970fb24636e960acba9761b8ff1d3960b1913df56c48e2db3684f7cefdee6261fe589a81bc9fc0c49b91885db5772d2bc113a2501e5572e3ba5e470a6c1e2874b29ed503dfd753242cf7f7e3067febe3a7fdafb9958e568ee11988ead11de7f3d09d399d3981544b26e6c26667ef2d22fd39d0e05d82545ff8c27709040f0de945d0c439d0e1017fe4ce9d474b986ecacc246e8a8045cc446aba684b2d05d3c10bdfe7b9a9daac1b4a233b75bdb620aa7877226b24cfce971af9ce0965f6406a342601acde831cda64dd88f30179134d322ef83cf42a47237dd5ea4fd315b81a97bf35fffb94016c4d95e8010762f25a2ddd11ad54bb4d47a4cd1817be8ae07e127eaae81b64b68bbd99331b59d3903955dec3aa86a909190ba986f63e1a3f0f340916536a1bc113e6e6c8540014e016e0c4f8a7fbd12f2ff901c879b231640ddbf17c6265f76b09a8e5beaf6240843509da8ddf654e4fefa82b2d21d89c52764846a9a70e608ea8ad71f08385a94aa407101226f917bfe7a8c25a0da50c47dca329ef7795c170bb85b619c27b662f9392d45845dc270311ff0f89dfb83e1ad98aa08c84ec52ee6966d1c7fb45ac4cb195c946e43714fbed5168fab0056daa862ed6f14b6451da8b311a317ffdf5bf614ff3439cb330e9754ea90d32bbb276754c4a9473522b30590cba326e24a8c910446afff5b41729ee5bab6d1ea4e97eb1395872485f70133ce4d80e931417a45bca6c7bc871d85daa69113393a88d0fde5217a56987b16ec44ed6c6532b101284efa7c115fa590afd77f404a85d02ad3eb750afe3191b0737fafe888e35e50b323d80800ff7c3442665a46589e68d401b34bc20b4b8d5eb0a7709e42c4f01fd0417863c05ffe13bc52da540ee71e80b390c9191dec6b9dc5b8921101f74c23808e0557a0dcd08b52b09dcb075e0a3eae23277d8381d3f4b2019f6e2904f9421b2d72a5a120332e1cf72efcc99192d902d5ecf5670759b6022c413df52af2290a7c00fc75eddb8a1d35db813358efbeef542042d248db4a0de33ebe058db1a8d4299bad514c91e6fab1365056f640879d4f03c1499d06022640187211ad4c593f7386bc397182e072e26a2e174896481d871cc195a4b9ea2b287e214351cbbda320d4a549983cee4ec9a3926a978d32aba4425a7ccaa0bc548935ff51c0b5f6ccb0bd90df4ae6662abf50306370926632da0e8789b74ae5ef1cfa8bfcf5d86c6a5fa0866a76dc1eee6a3fe0012367e11211d2de99621c10512abf5f9510361fefc0df5499dafe5e9d55d419ac250e8d013fa6cb7dff528025e10c87c22c664e8e4bcc0474d765d1ee34b3718bb2ca21a69f970d1688281db8f416363424253d1973d70f65f98258308e52e11746ef70f33c1af875d104e743789677a9e9bbe9f71d99a4a094b80d6afddbdbba896e5f407f3163fb167a787c68cdb605b0bb0ba1f9e47105baedc4d73dcfc4726887f5bc2ce29b727f8f2a948385822df7a38d5c1cbb568cc8b3503f15b8524cff78331268c91cda6b4c427e1a6dc975b4231e37f15342b6bd3d3ea10f3f06e9a057a00a6138e115d74b1a3478403a62a5ebd723d9a2ca0ea73c258b813033c685c6d5518bd9f61ee68cc963dbd6a512b2248f300d8ee43e3ff3cbe7d06b09e5653a090b64cadd862b8a71de4c3e5dfd0b76c2b0da48a7cbfa3395e67f2864262b006801d90dd750023516785fd2f5357cd29b621f03586c159be4709249251d52a5d9cde38df4fbd1974710c3a054d964696ffff993bad4455c5798e0449ed5b328690c1e9b1c2673886a0e0a6c04e0b4cb8a8cb325d3842f449770aa6497479889bde18def4b785f70f0f1187ac4ef65919171bc2857884e0aac606f05b9db1cb592e17d5f8d9f6713c0337dd4bddffea74d5cad151a686c5246f3b56ac3c0b53bc06e3ab39cdfbcc0637eba8151b336f99613901e715397b8bdfc9fa65782f9ed095e409a376ec891674d09a37384924269f52630228f5bd4da93076d413c9fe5d03472680aafdefb47541dd0bcc99a5c06bac8f4aa276c91b5312f7da2ce9072a89cbe61d15e15df23b2e10b245afe986ac7a25f784d2c212380b83fd3189d5ee5ac35fe9cba8826ed0f30f2de3554729499ad3726cffa2f349de5dd4c7ae8f16bafa6c510ba27c68239a46806ca3c01b6b5d9220ff38b44779fc27bf8b7abd5722a23c03b5bac4dfd8c87e198bb6dd5a330b89d5545fbb7a17f44fa920aded585cd8bb49e298d364d24f6e7aea39606acb07a22ff2158747ebe0f598e464e5de8cd8e111131e3e4cfaec06c70747bc0dcba52acb957cd8197a04e7ef4ba3b2bb6c3f62b91f1e2c24c418221d34f26864a261a9626002218d07d055bf073fdc554d1bf430b8ddb9d53f400d1e2f55fbe1cc287b41ec8ec1d9c579423ba5c213b6668f2aa0a827287c62d7169df47b96795813f8970799a3a6aa5e214d1aa21d4eaf6a0987e5edaf684ff575d51863d2d8ef33b193cdcae540ebd7a3ad744705e7ef8648bbe525a6b0e81db43db58f0aaa245f74d900beebdad0261098e32caa4038fc3b0721128a1bdd672b7b1758a4638912d7c2c51f791be90d6acffeb6046a387bdad9926dc42c8641f99d4f7744dd57e614689e386e5ce2e6894bc62cbff13cb4b974873aac283882b14394212d8e99bf2629540767b557a1358b309fd39a26aaa9e2518c8bd72b01a126d594bcd9c73ec4db4dffb8f22bc463cfdf004b967c785a8368e14e24c4e52c33bee1a4b2202e7daac77e02291085fc4929831202c57762494da884f9b57d9e6d7f055b74ef78664fda23a308365d4c9ebd834c2c6d51b76f8380a02887448569963ec8aca1027c327d933b5898c6d9899f16b0e61005b45c81ad7f5a82b8e370471a1771846ed0eb32ae40f9d3dfe7d126bca984761a6c9aba5ea126f8e0d86648dca356ca5ef3bfe9f334c22751646d04ed36ff36d8fca37b577e4a1ee82b5e2535ef4df50bfe47d935611e0ae426c13bde9dffd7b437101b1a9081e73976f5ef96481b5ecee5b8ad4b72162450424cce51884020d5c2ebe428e7408dc5bab1321dea1695b08ffe320cf693db7abad1d4c2fd19b28278a76411649b319a3f5df93f6b169e2ea85ca8e0392a15ca7e10a894b0318b014f80b905cafd15274d0380e580edb7f042f7c615b20f0e9d5cda0131c0c7b45221856e06587710687a718115e7ee9e16c42771a51db808dd038c99628415c89543251037786aa8a5d508ef9af88d0e9b5790eb437744d3d4f489325ac07df0bf0f89025b1aa3d0fa6ddc5cbd3601a86ea174246e055b752a3de308562b42b0d3e6d99d995b74c7ad367cc0e7c62622f86cca6e50a85a21c2859f953b1dced43db7d36d7ff6492bcf11dc403678b24f5c8d37df06f560a807c26a2299e6811789d616db37675f7d4fdb699562c501630898980b5d44c04de895b97746782282708a125c06298ce5d5080a49199044ffc6fb16efc26e4781cad6057aa93097cb47932f87451861bcc70e1241c61359f0b13aa39820bb129e4aa28d93647fb79861d2948441fced00bfc4327ece0b97f6792d6f8526f8843b74284981ccbc6466e89a2d18bfd9e2ad2510b27e4e24a44446300aa3125088f0a4eefe8c01adce0460d49549604d3cb26232639e9ddfbfe6670ee9acb56351011d892b6fa8e9a3636fde3504d4968ca00a83c411d102cc552d06547cd8f1f43b9136d59371cdd63bd744fe67ddab2b130532ccb9bcaca23db528ea81be79ca1913a03888e9caeedcbbe74796702dfe51706e1b36d5e0a0e01b39c01a00098eb0e1acd056dc520bea6fac03ff799753a87936baef56947d3e80c85357cd1434610c9633d8d70977f936e7163180545570f8b0c59bc2c48f56b0f0407b095b3cc20f03dc63ca06443fb3ad1edc7f6138e858fbd4ab8d7b0568185014917ae5c857cb81a8f56bd7ce2a7f209170e9b22a1e7ac22188ece34a830f45330d41e9efad1b35b9572e7fbfb583c6f9107e0f65a04da86fd41cef65be47689aaafb7f5bda1f4c43955f55841217fc7ceff52c73c98b9f1a31578777ba27974fea229c9f69a3971d36a5e6db61a852168be5339a9a109a16708c0ecc6183783041ef228f00079e65278a2aad613d3e3b45ac625ab476effcf5cefb635d8e301ba5abdba3188f6376715228a174c6f4d7597574c13be75e7db81d0284f4472a0a6497d3c9163e08cbf60d2578baf65425d34e064ff382e8d66a419958c4866eb61d26e0fc5d4352e36f8243ec093cc7db77d258d88c9d68a93f28db694cc85ba86c114fbf217e02731b13a00d85e23abc1acaf7cb9d5fc5dab295a0d79515960063ef2133f4f4704cdab984ae92163ecc7815b396a6bb2d778f7a887060e0376f29db809da042db3bd443c477c790dbececa7e8800bae41bb11a0e74c0d3f777193e87967f7f1d510e6edbbfe604454afffb40539b48a66055b5b5a3b1191b2f528ec6e243f891f16181e5a033d4628b1908f2bd4e1427b2cf2f74a11147026eaf0b90d63684d925f95ef625ed32bb334e03c287bad9c437547742e8dce7b2b61a05b69b05262ccf1ff85f34e6c393581e81fb2f6ce590ac28892bf532dd3e0e5e44d081f5393cb61c035307614bbce05363b15327ccb5e99b9502323f742fce1db816109ba296dcf758124b5d8e8dc4b220374e8285838f1c9bf80ee9e4e4582793eff68d833939eb1cc1daa0e7c2bc780b834922ca5ca1c0f9f48eb6f9256b9d5d35275a5aa87914185beb"})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f00000000c0)={0x200, 0x0, 0x1})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r3, 0xc02064a4, &(0x7f00000012c0)={0x0, 0x1, &(0x7f0000001200)=[0x3c], &(0x7f0000001240)=[0x1, 0x73], &(0x7f0000001280)=[0x2, 0x6, 0xff, 0x6, 0x8, 0x0]})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000240)={0xd7b2, 0x17fc, 0x7591})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000001600)={&(0x7f00000015c0)=[0x1fe, 0x7fff, 0x6, 0x400, 0x2], 0x5, 0x80000, 0x0, <r2=>0xffffffffffffffff})
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000001700)={&(0x7f0000001640)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000016c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1cffff00021400022dbd7000ffdbdf25090002005079b6b500c368661aebac398614e6f0e29c7007ede240e0a765c44c6b2982db173faa"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x4004000)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000140)=[0x0, 0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000200)={r3, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0]})

05:55:16 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f0000000180)={0x3, 0x1ff, 0xcf, 0x10000, 0x3, 0x0, 0x5e0})
sendmsg$AUDIT_SET_FEATURE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x1, 0x70bd2d, 0x25dfdbfe, {0x1, 0x0, 0x0, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x5, 0x3b6, 0x0, 0x7ef, 0x6})

05:55:16 executing program 5:
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0, 0x0], 0x7})
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000100)={r0, 0x800, 0x1, 0xfffffff9, 0x5, 0x6, 0x1f, 0x1f, 0x5f6bf004, 0x10000, 0x8, 0x80000000})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x200, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000})

05:55:16 executing program 0:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x6356, 0x40000)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/83)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0x9, 0x5})

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef})

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x721981)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000080)={&(0x7f0000000040)=[0x4, 0x90, 0x4, 0x2ff, 0xfffffffc, 0x3, 0x0], 0x7, 0x0, 0x6, 0x3, 0xffffffe0, 0x4, 0x2, {0x7fffffff, 0x1ff, 0x5, 0x70, 0xfe00, 0x8, 0x3, 0x4, 0x7, 0xffff, 0x7, 0xc8, 0x8, 0x2b, "e2692e9b08222c6731a7976c1a4288cd28ddcb01c69edf9320ad355d18062388"}})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x8000, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r2})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r0})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0x20000005, 0xe9, 0x3})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x3d0cb93b, 0x442080)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x1, <r2=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f00000000c0)={r2, 0x2})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r3, 0x28, 0x2, &(0x7f0000000140)=0x20, 0x8)

05:55:16 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x4, 0x3b6, 0x6, 0x7ef, 0x5})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f00000000c0)={0x0, 0x2})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000080)=""/94)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a5000200", @ANYRES16=0x0, @ANYBLOB="00022dbd7000fedbdf250100000008000500ffffffff08000400e00000011400020000000000000000000000ffff0a0101010500010001000000"], 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000040)={0xffffffff, 0x2, 0x1})

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80a40, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000340)='/dev/zero\x00', 0x400001, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000380)="0e3d0ed5fcde486196f601a13508f44b147fb4333739ab9fecdadfb8617d53a1ae8176a63aaa19014be88ed0bdce89c989dff332859afb29c6552db4b41d74fc5b8fe7e74d0dbce6d57fd07e40ee178b263b4e4222b43ef32d0e6fac2402f1a3032f93c088ffdee577b73700a113eb60e6061700"/140, 0x8c, <r3=>0x0})
socket(0x22, 0x0, 0x400000)
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000040)={0x0, 0x22})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000180)={r3, 0xa2, &(0x7f0000000240)=""/162})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r4 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0xfffffffffffffff8, 0x400)
ioctl$DRM_IOCTL_SG_FREE(r4, 0x40106439, &(0x7f0000000300)={0x8})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0x9, 0x9, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x0, 0xffffffff, 0x6})

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:16 executing program 5:
shmget$private(0x0, 0x4000, 0x1, &(0x7f0000ffb000/0x4000)=nil)
shmget$private(0x0, 0x3000, 0x4, &(0x7f0000ffa000/0x3000)=nil)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x1)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xc1e1, 0x2400)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x3, <r1=>0x0, 0x1})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f00000000c0)={0x5ec, r1})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x3, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f00000001c0)={&(0x7f0000000140)="41c3936c0002346d5848854561ed73370102d3f7c746ef944d1d3f9a7b3c0638470531dad29fd735409c53d1430d18d66c2655a06fbc6bd830ec8391380ec58966cdfb1e33eed9e0564a3b", 0x4b})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000140)={0x6, 0x0, 0x1})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000740)={0x8, &(0x7f0000000180)=""/29, &(0x7f0000000680)=[{0x4, 0x8a, 0x6, &(0x7f00000001c0)=""/138}, {0x0, 0xba, 0x3, &(0x7f0000000280)=""/186}, {0x1000, 0x37, 0xad, &(0x7f0000000340)=""/55}, {0x10000, 0x88, 0x5, &(0x7f0000000380)=""/136}, {0xc45f, 0x78, 0xc2, &(0x7f0000000440)=""/120}, {0x800, 0xb2, 0x6, &(0x7f00000004c0)=""/178}, {0xfff, 0x83, 0x8000, &(0x7f0000000580)=""/131}, {0x1000, 0x40, 0x8, &(0x7f0000000640)=""/64}]})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000800)={&(0x7f00000007c0)=[0x6, 0x400, 0x9], 0x3, 0x1, 0x7, 0x1, 0x45, 0xffffc7a8, 0x3, {0x9, 0x1000, 0x1, 0x1, 0x2, 0x20, 0x4, 0x80, 0x0, 0x2d, 0xffff, 0x9, 0x0, 0x7, "30590f4f31bb1149bcbe5409bac5e5deb34c3ba2046b057538cdc5965b336df3"}})
ioctl$DRM_IOCTL_ADD_MAP(r3, 0xc0286415, &(0x7f0000000780)={&(0x7f0000ffd000/0x2000)=nil, 0x8, 0x1, 0xce})

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)=""/225, 0xe1}, {&(0x7f0000000140)=""/21, 0x15}, {&(0x7f0000000180)=""/99, 0x63}, {&(0x7f0000000240)=""/225, 0xe1}, {&(0x7f0000000340)=""/62, 0x3e}, {&(0x7f0000000380)=""/24, 0x18}, {&(0x7f00000003c0)=""/143, 0x8f}, {&(0x7f0000000480)=""/98, 0x62}], 0x8}, 0x2140)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000780)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f00000007c0)={0xfffffff7, 0x889, 0x3, 0x2, 0x7, 0x6, 0x1000})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r3 = accept(r1, &(0x7f00000005c0)=@ipx, &(0x7f0000000640)=0x80)
sendmsg$nl_route(r3, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)=@ipv6_getnetconf={0x24, 0x52, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NETCONFA_PROXY_NEIGH={0x8, 0x5, 0x2}, @NETCONFA_FORWARDING={0x8, 0x2, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x850)

05:55:16 executing program 1:
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xdcc, 0xc2a40)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000140)=[0x7, 0xb53, 0x9, 0x3f, 0x24, 0x3, 0xffffffff, 0x6c], 0x8, 0x0, 0x0, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x9, 0x101100)
ioctl$EVIOCSREP(r2, 0x40084503, &(0x7f00000001c0)=[0x80a, 0x8])
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r1})
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/49)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x1})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x444001)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x80000000, <r2=>0x0})
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000040)={r2, 0x10000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xff, 0x8})

05:55:16 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x100003, 0x3, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000080)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f00000000c0)={r2})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x40000000000, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000140))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000000c0))
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:16 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x4c, 0x0, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_NET_NS_FD={0x8}, @GTPA_NET_NS_FD={0x8, 0x7, r0}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_FLOW={0x6, 0x6, 0x2}, @GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010101}, @GTPA_O_TEI={0x8, 0x9, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000010}, 0x800)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x200000000, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=[0x2, 0xe664, 0x7, 0x0], &(0x7f0000000040)=[0x8, 0x8, 0x2000, 0x4, 0x1ff, 0x1000, 0x0, 0x40, 0x9], &(0x7f00000000c0)=[0x3f, 0x3, 0x8, 0x7ff, 0x81, 0x9, 0x4]})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000240)={&(0x7f0000000180)="725c5c3790002a7090348b99aa2cfea04ea7bd0a6b52cd08216c5dc86e852a2eea762e0e1867af6897b698a3491721f8d1d9306c2a59665eeb6cd3159719ab3086735a55d0af05d43e4e6012a7452c8faafdd469b4d8f7a684f40573c8ab56a3125d45b76b725e06eaeb225167772157b2e2427edcd8030de15ed8bac91c98193ba9df4ad3feecee8c6d615e799f1ac734ab951de0af3c37b8d1276af29d94a37c4830b1f02996468f0013e9af", 0xad, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000280)={r1})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000002c0)=[0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0], 0x7})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000003c0)={0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_CLOSE(r4, 0x40086409, &(0x7f0000000400))
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000380)={r3, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0]})
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r5, 0x40046411, &(0x7f0000000480)=0x1000)

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000040)=""/116)

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x2, 0x420000)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000080)=[0x4, 0xfff, 0xfffff000, 0x3, 0x420, 0x4, 0xb7], 0x7, 0x2, 0x7, 0x9, 0x42aee9db, 0xffff, 0x7, {0x80000001, 0x0, 0x2, 0x0, 0x80, 0x2, 0x6, 0x1, 0x1ff, 0x5, 0x8001, 0x2, 0x1, 0x5, "e3d472242131129d7e7517fa773856222522dea3cb6eb9dc3ba20bb0f90e3c47"}})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:16 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{}, {}]})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f00000003c0)={&(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x1f, 0x0, [], 0xa, 0x8})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x200001, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000440))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_BUFS(r3, 0xc0206416, &(0x7f0000000180)={0x10000, 0x4757, 0x9, 0x1, 0xa, 0x2})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000080)={0x1, 0xfffffff9, 0xf0, 0x1ffd, 0x4, 0xf64d, 0x9})

05:55:16 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x55c, 0x101000)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/194)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000})

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x2, 0x501000)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000040)={&(0x7f0000000080), &(0x7f0000000180)=[{}, {}, {}], 0x1f, 0x0, [], 0x0, 0x3})

05:55:16 executing program 0:
shmget$private(0x0, 0x4000, 0x80, &(0x7f0000ffb000/0x4000)=nil)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x7, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040)='ethtool\x00')
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r3=>0x0})
shmctl$SHM_LOCK(0x0, 0xb)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r3, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x2b4, r1, 0x100, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_EEE_MODES_OURS={0x284, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x15c, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8000}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '!\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1ff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x200}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '@\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '{\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '--\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xcd}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ':}{\x00'}]}, {0x4}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '(}\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x2c, 0x3, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '%],&\'#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_BITS={0x68, 0x3, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, ']\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xcc2}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x80}, @ETHTOOL_A_BITSET_BITS={0x7c, 0x3, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0xb, 0x2, '],@$--\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7f}]}]}]}, @ETHTOOL_A_EEE_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x2b4}, 0x1, 0x0, 0x0, 0x50}, 0x40041)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f0000000040)={0x9, 0x8000, 0x2, 0x4, 0xa, 0xfffffffffffff798})

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000040)=""/1)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xaf, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/188)
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000040)={0x10000})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffe000/0x1000)=nil})

05:55:16 executing program 4:
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x81], 0x1, 0x800, 0x0, <r0=>0xffffffffffffffff})
timerfd_gettime(r0, &(0x7f0000000080))
r1 = timerfd_create(0x9, 0x80000)
timerfd_settime(r1, 0x0, &(0x7f0000000280)={{}, {0x0, 0x3938700}}, &(0x7f00000002c0))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$AUDIT_USER(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x3ed, 0x800, 0x70bd26, 0x25dfdbfe, "666ce605c33a65cf5f7bb683e9ba727cffe2c86b60c5a5648ad87850df90e1b2d5c7318d0caab6df34eea70d6938ffd4ebe4d812408c5564bfd565364cd704bd6941f3527796347091b2d7da60d3d32c8e34fa06f4c81da9", ["", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:16 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x942, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
sendmsg$AUDIT_LIST_RULES(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x3f5, 0x400, 0x70bd2b, 0x25dfdbfb, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x10}, 0x4000810)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000080)={0x11})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000})

05:55:16 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x0, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000084}, 0x20004040)

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=""/167})

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xcaf, 0x140)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000040)={0x2, 0x7, 0x0, 0xca2, 0x7})

05:55:16 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x9, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000240)={&(0x7f0000000140)="73348850e341bbd2e76d0a954f003bd58b0aa15de0a3b47fc471489c4dd394df426f5870fb473c46ea3c45250feb16fb16e712968391a13a64ece1dfe3b4e08e8d763d2290659f1d8fcdfe282d8549e6ded1960951c171f836553f770305e8d153343fbc073991d5f25b7fb7a70c9ba9df2e8da739ac4c69d710f5a47be414077f45e8dfdf6d85b1729c1518e16802617d76ce6befc2907a7d1f244f533f6762aa8b469f454e162867df3ae51aa5b36dbef036945115c5e8218c86dff86d3c8d6fbfd884c861cc44042131e8ca355dc788e9dc9624b60e616361497d1fa041d4f388abc4a686ed0f8d", 0xe9, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000100)={r3})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000280)={0xffffffffffffffff, r2})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0xfffffff7, 0xe9, 0x5})

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x10040)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000040)={0x0, <r1=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r1, 0x80000})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0], 0x2})

05:55:16 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x8, 0x7f, 0xa9f})

05:55:16 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000000))
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f0000000080)={&(0x7f0000000040), &(0x7f0000000240)=[{}, {}, {}, {}, {}, {}], 0x9, 0x0, [], 0x0, 0x6})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x1, <r2=>0x0, 0x2})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000040)={r2, 0x8e})

05:55:16 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x6, 0x400000)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000200)=""/170)

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
pkey_mprotect(&(0x7f0000a6e000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
pkey_mprotect(&(0x7f0000a6b000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x6})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0xfffffff7, 0x9, 0x7fff})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x5, 0x200000)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080))

05:55:16 executing program 4:
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, &(0x7f0000000080), 0xfffffffffffffeeb)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:16 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x400, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x2, 0x0)
openat$cgroup_devices(r2, &(0x7f0000000240)='devices.deny\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, <r3=>0x0, 0x0, 0x0], 0x5})
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000280)=0x2, 0x4)
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r3, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0]})
ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f0000000080)=0xffff)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfc, 0x8fe70fcf615ac43a)
r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x7ff, 0x200000)
ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000140)={0x6})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r2 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x1, 0x400000)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f00000001c0))

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f0000000040)={0x8, 0x87, 0x8d, 0x7, 0x3, 0x8})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x4, 0x600080)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x2], 0x1, 0x800})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000240)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000280)={0x0, <r4=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f00000002c0)={r4})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0], 0x7})
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000200)={r5, 0x1, 0x6, 0x3, 0x5, 0x80a, 0x4, 0xaa92, 0x8e6, 0x4, 0x9, 0x101})

05:55:16 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xd, 0x410000)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000000)={0xffffffffffffffb4, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000040)=""/153)

05:55:16 executing program 5:
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000001080)={&(0x7f0000000080)="05dfc08b4b86f914ac983c0314fc54f1019d5c289471d8628c54d91ac288fdb917dff29283f06cee39ec0333e1577166d7f7db2aa86a8c3f96d7f02aadbed91305fbbc921f7047ac6c7cddc4bc426587c76905f9d1c8cad4cf670e57057b93cea6cf15eff031e49f242f4cfd4ceb44296cf24ffbdedadc8652c2c1ad96e3ffb16c0042869d55a7927e76af6043e8787e5836db018211c409588b3edbbf58ae516bd82d0729a51c90060f48e8a07671dd087f1d69b250d95499133680ec0bfa7caf10038dc62752c5d0bb95ee5d5b692696e3f2531f57b2bc93f8c06841ad1ce7102517a78dbaf46668e15aceeb52d5d4a07439d3af687a098e8144156c7406e456954635010c00a559a33202da0af11281b17cb19578023d6ed1c25e4200c899ea3ba9b51a3cdc5b1a8d3450291f0a2e3ee39a579014e8f5cf0c99c0a280a665234bf0029c0a9bd248128e357b0080abf7ded679c92d670e860c522e737c4654740c7ca4092f664a93cdbfc3a18ebdb05f532da15cea0ac9116fd7b7599b22604e8ebc27485f36743c36b3db90544b5cc18bc401f60874135b119109e4f1cf7efab4cf8940b22afd20ad6f4762bf1ded35f98513a84c58d758d945b4156342d589b7a7df3f072b0dddddaa353a2fba6101ad2eb2b0fb733274907b8a1ccebd28d1105e45ac470cd7f15dd7e21185fb4134c42784bbd475b8b5970f69901686ab7997cd4fbbb9e5c1f6a15e6323189b3a847dcc522a1414fdf917b25a2c9b5ed9c853044c5baa93ba93de64911cbc8b38393e52f05a7014ec2c6861d06485e5d718d00ffddeed38510a079938139fd47b39e24ea902059a437c39cc6c988530868bb7692200c34113a7c30f672bc76d47f2d1351016e292f29f6ce8814c9e48d59051e5b192c8d843b615a2b90eca01fa572ab86592d59ecd4c2c6160996a6751587e1ee3723db4e08f38d64e4b497996e800aea1510b86fa652e0475c3f58dc3bc4ae876458cec7d07a4d7919f598caec7d9b386b91c8e7dcf9f8b401939e126624333cc07588ef2a923f0be73944c165fac12e156715164622f39973bbfd7671961cb512ad8647cc8fd80afe002f38e2a9701809f940d7ed52d224b6f1e954b4b870a927a7cdae5b98e050fb695c2f4bcbaa724a30d6626b25447a63f38a49c5d51e6dfaa4ed77dcd86364d223959864b52a4be6658f6c7d34f1d06ac19832a107f1850b603abf3e6af3ba6778998b1380769ff9b0201afe569215267f36057839b86504cf23dac80d4bc11a056cd86b82aa976c57abea7504fd54539b4302446482c556f2da7e7e0db62dc611a155e2f2ef8e810d94c3bede16749cb919eeea364a5b7d0b85619c824f2a50380a5ec17eaec44604f56fdecdf5c302cc2b9da3d8400fbe5f091cab4827a1c946496a3b2264429d47b6be9043a2cd5b0421347ca2f355293816f7111d2769b5758ac0c609f75749d83afbc550db2951223d77d46d2774087caa2ea5c7f625c7a298096f87a3abb8eeeaf4e75341922dd74be93051b00546bb0e558838a37582b3b79d96084d5a1b31f078c14ddf0c763a8e5d31e19a160774b1aec6931b2401e475408a7dcd24264cb00a40a98096742d56360053d53c4aa2ebd948e49fb3e0ef22b9a96d68be0c161df6a14e1a42196862de556c8288863feccc9afe988e8e40d30690795f22f5b09702420ac47fa6291a0a0169950f8ab52edf3fffc49921138d991bfd974bb9a62abf585b0a53e444b56353efd9b7e0d39920c128e986afb2dbd1104f6ea93d184bedef715e31386fcb6ee22d009b767895cfb22da89781f2ad9fb4878d0875d197cd4a016473a90e51b69574915ba018900b6612d9e52ee9fd29f57fa59315d1548718ae8bf7c965c4fe2da2b4641131ce0587266f38db72a8a1e4017fc56c5bd144887bd22721703a2933a2cd50079189ccf8a948dd1ca57370f6b209941f485caef198b7c225fb4929f90b26f4dbf3eb0b93310a8c0fd04ca201bac61f7d2115470e9d5ef3b76b38e89eb7cb5352f98dfadf04b2fc65bf00d7938fb868ee059c69f18ccef3401683840e920e5a93206fd57d35b53be84fa42d8a77f99ebfbac02d25d214fb08572905c2d4629c1aed80f2bca42c2459512d10e5fe87361f8cce0e35ce8d3d21f2b52035a314b5ac1796b9eb959f1442e9b5be61d1ab81a90b3c549dd8924540abd187d60ed30a13fb33344f892bc4abb36d23354438e750a5787ec96bd5dcb14a8790f2458f53f22efe0fcf4040454e12c0001081f551bbd7f05e4939e3ba3d0ca72554d766990d8352e261afe5879cac40f0332b0a0738328d4f1dc3d2a9ff4a1d57de2e261200c9670266e7ce8f74bdf4b8b1aca6dfd3b6e8c26ee4c328634bc98cf3b1b00cda7b769d8fb202d1b76f08cef0dc01e69553625f48ae113926f40c42c92d95bfedafb462fd0cb0d0e7c5571e01dbc62497433ab07efddc39694e75a4715fb434319b941901b585f5da2b10c2733b827eb238d42240d6e6459ccc3f728d68770d760c59590cce4d0b8e04f955a984d60a764329d8b4b005353d5ce3c717f6e13646d7ea7c446261b358de34fd756d4a9ca04eaa9b9f59dd00196116c1030efc19cae9d649a7a2e2859f9d1ba7e050eebc7c3e0cdd712d7188a50971b22d112d6bda5197a27bf1d175acea9c6bbcd1efdc7aa5409ce3c6239e95ee62e674c486ba1fd83df361f7b8f193fc6412c783c14be365408fa0e2ef87f549ac125b7600c81191bc7ff8ce1dae9b1bfdad8e73872c68abbfff1951d93451e1883c71be3c19781f105b08817b2ddeaa6502f4c2c1a5084a4ea5fbb4ded6cc30ff502928d09228825ecde17979dc19a5f0776f477f315546e292a660b93d511313af7a4e8ee5683023a336f3c35bf49d93d30235d1651302664ae5cbc19d22118907f7a7ef693ae618971e79ebfd84d18a7e4f019590e106f5005e695d6a1a71e407c1e809657a3131673fbb7e36613671fcbf9a451ba688f80c0824e0048844bd515b05168ad402e7e8631041c4725ac7d383c8a2d67716a6357b1e4712118e62626a8fec03d7bdd990261f9adf41f301982aadbbe75f9847075f47d47a3c1b9d565846e7b36ad1751fcff1282d9ac549cca440c7cca011f005a9dc785aab42314284e51c84bfbb9e11aefee975e092e1bb677bc5644c056e3e2edb3b7a67fbf243312ad4c27e7f4ca59dca445384c0e9a0fcd008a4591144bdb2b491dd27d332f4391f5449accbd47244b942609c69d2048b8c252448da9f6c41483cfa4ff0e05d0097e5cf14c765635796acb952892f8ae3bddc76bc65968784eab3554bfa85fbcdf345c73c752006c5d45f37952b4467335456bb9e4e53723e26010af2a0b90f553697bb17ffe1f4ca55307e1981aa66e6210f9ccdfddbac9878457f115621dfda64fee9ae5182fa97ecc19ff0567be7dfb52c9c42825968ea032fa43058c414a726c776d125d1feba41cd640757c38db7470353e177bee64d3189cd371c7766edc1bc921e47b47c077b52253547adfe2474c18729f05881e7c29d7f645389568fee35d54c89f8d025e7cccf66cc0ec9c6f276c837befeed987d42399d30d345170d981a4615814d7bc0533ce91570b167c04bbcf56ccafdd42deda442249653b2b7959d43693597fdcc660b94a503d51fc24cfe09537d6118267d78ea51e958b3b45ff4f90b2388010ec6ccfb3c71e5434d249b0e2f17c6777f11b04aa8dabea5c249beebc1e19a75f171f5a89673bb4536abbacd8e4ac7c09be2628f9289921ec59a4a82e694ea268465da509bd460e16005eff0a351d153e546ec11e45e3dcfd91a96cd83e98924683980eab25573beec327dffc921ea139a5645b8c4b91e82ddd1e756d95011f68ef5fc280ee00b3f809823b8c47d3f8a4e9d63b3a7aa188e0078994503907e918291df7275fba4043bc5857d938158180a5208eaf4226700aea5d1a9acdebeeec0aaecfed6fd8795eeca482c461b3b29f42b0e7f2a5805a67444fb78838e69ecbda3de4733e00dcf782bd192a19754732936ce0786f8350ff494bb6d46090b2b5c89f239d402d628bc68a9064db8e63ca2dbee903e30bb049786d166e2a15c8fc9dfbe1a2cad563acae682998b2e32d2b2ebb1f688e374533af5b08232e1926e7d4544ebbf2d7d4feb4c46a0296e29d4e9e9b1d4e697a2543727426510ba27b5a32cec07564b91921684a8d5210617af25633c3193c1baba56975a7de1cdfc3f54186fc7532baf4f926aafe53285f88a4c0e175249eeba703e7a46753bbf152c5bde9dba2f8f79cdaaacbb1b9e6c7a71c136d238369a92cacba296bb4f823ba9d56e5960ae71e9ae13f2974958931bf0688de1f9764deb594280e88fe0b212b67c1960461d188c7a780b7efbc115763c7a3d0821c08a7fec055d685b9b81cd4c3ff8ad9a0640bf2776bccc7a5c33a1887d9617331d2929e3c0d6aece978b24b69fdfc4f410ffa87b40448c4e31d0758a7d6e21e2a070600dd06829fbcf132bff48ce70670a6e03369028ff13ff93f9c8dbf63f96d507e121afe04541d3a17f289ba6d4fe46cbeaef88d235717ce72196d7636784d214e153dbd5706ac6bb8c09212b1bc2a54f06e1660164d8b8b99e8811b6a80250f53a64d9dcfd867a2cac8cf0165eb326bac01a861e6ae9d71d12fa6337f072186d4f52d8316a3ef52790d2bb4211848dba497f0d49a26fed39a5d5f02b271e19cd04c78ffb5960a96a99aae654b5e0e9718d6bf17639ad0d204c5153efdd07f035968ce31150728c4fb6f8de59bf7e1d648eabb18acafbecf399d79e48d391cc6d516ddd586679590b1262336a84fe30a4cf08be08f2e4d9d2a528d19e4eef5c16962cc03bcd1fccabcd332e4ba555c2be4fe839b20adb832396553616c6076f3f6df7cb5b86452cfacf5642de201399ab209d9a58f6830ab9de12047a47132ef1c072766a392812d966eb76857d8432385fbc4a6e6efb98f99e3ef4e321a4b629a231d7268397ba5b180bdd56a2572fce4525b1207d16f4a3f18666a1eb455ac91f0741d8738b93fed2c6174f4f56bdb9ff55d781169b451cd6c645e773a5564874901657b7843dd968f9ee6fe28a49b90c97222fd08be6a1e4d5a90da70fcfa3f1cbd637eb756c124c983fe1a9fc8769f34139ae2cfeeef6c1782fa081f618a03f5a5e58461a8e18ad7f35f7a97213b61b75606491bf1c74fb8af015640b4c1bfe01999698e3a6fc89214241d46c07d8811e284f279e2532d84760266d65e032aa4535a20da66d506fc64dd3a0dc582e66e4b497d5d278ce734cec5a014d4cb39ef16449178e1e2f606de1d97e6802c77d10c6f2a87b089853e459a8682e0492462024745a3e1ec4f8d6fd755a2c02b950426ad63a733bb413e3f21cfd776f10ffe515f66240b863dc9d3d4ba0320135a897d98749f062c595aa298ed4216baf0ddb2b57fbed56c11607f151ba28f45d29da917b20703ddc618ab08662437f842de6642fa65ab8932ee4fc07b0ddba9fce87da4121b2928f1cbfd03063b269c6ccdb72a3ed22168fd97cba31351fa0522f4c9400c8234423eead9a6d05c34f187d9b60b9d54b19a61fe1efa6064d8cc977ff87c3439603e35ddd011f49c491ae65742f88b1a3dddc3ba6a12fa48ada7eee6bd000adeaa9f7280e1f11757d39a98c343d1b113eed9b20a6b7715831e20bcc4cfa672df160c348420c30c8ca8ea8e43d4c84026516d5cb822fff0e3adc447a7fd22f4fed51a51a2eedc37cb96b70b12", 0x1000})
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x40, 0x80540)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:16 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000000)="309de3728793143f62a890a1e809bb0a223625", 0x13})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:16 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x22000)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x3c, 0x0, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private0={0xfc, 0x0, [], 0x1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x40004)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x210000, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b8, 0x0, 0x5, 0x5, 0xfffffbff})

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x32882, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f0000000080)={0xc0, 0x519, 0xfffffff9})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f00000000c0)={<r2=>0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000140)={r2, 0x1})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$EVIOCGKEYCODE_V2(0xffffffffffffffff, 0x80284504, &(0x7f00000000c0)=""/14)

05:55:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x58fc0417], 0x2, 0x9, 0xed, 0x5, 0x200, 0x8, 0x73, {0x6, 0x5, 0x7f, 0x0, 0x1, 0xfffd, 0x400, 0xce4, 0x4, 0x7, 0xfbff, 0x1, 0x6, 0x7ff, "286e5f5197ddb017a74490f60b54893f1242382f82f8863ca22013e178889d3b"}})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f00000000c0)={0x1, 0x9e, &(0x7f0000000140)=""/158})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'})

05:55:16 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x400080, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f0000000080)={0xed, 0xe10, 0x80, 0x6, 0x0, 0x100, 0x2})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:16 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000080)={0x0, 0x3})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000140)={0x8, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9})

05:55:17 executing program 4:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_dccp_buf(r0, 0x21, 0x2, &(0x7f0000000040)=""/172, &(0x7f0000000140)=0xac)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f0000000000)={0x9, 0x1, 0x1, 0x80, 0x3f})

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x82)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x10842)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x681000)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x9, 0x2)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x3})
ioctl$DRM_IOCTL_SG_FREE(r1, 0x40106439, &(0x7f0000000040)={0x8})

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x800, 0x400000)
ioctl$DRM_IOCTL_AGP_UNBIND(r0, 0x40106437, &(0x7f0000000080)={0x0, 0x5})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f00000000c0)={0x4})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x100)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0x3, 0x0, 0x1})

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000080)={0x3})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000100)={0x7, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}]})

05:55:17 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYRES16], 0x4c}}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r2, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x200}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x42}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x2}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xfdc}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3f}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x200}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004005}, 0x4008840)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180)='batadv\x00')
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x2c, r3, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8d5}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008044}, 0x4001)
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r4, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_ADD_CTX(r4, 0xc0086420, &(0x7f00000000c0))
syz_genetlink_get_family_id$batadv(&(0x7f0000000580)='batadv\x00')

05:55:17 executing program 0:
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0x80, <r0=>0x0}, 0x8)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040)={r0}, 0x4)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:17 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140)='ethtool\x00')
sendmsg$ETHTOOL_MSG_EEE_SET(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x68c, r1, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_EEE_MODES_OURS={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x9}]}, @ETHTOOL_A_EEE_MODES_OURS={0x350, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x4c, 0x4, "2787f17fefb71618c79ff3276d4cae99ac41e822c9f26bc3aee8251d3f998c6b4af627778145d60139962df9c9bfbc629e7dc50a53222685fa061a235377f77db337637a1d967aec"}, @ETHTOOL_A_BITSET_BITS={0xd0, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1ff}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}]}, {0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '$]\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7f}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4e}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x100}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '^@!\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0xa4, 0x5, "14cadb4167e1bdcacd3c71d54ef2db4435f9e5929f291d41603b281a4b369fefdc9da313ac93d4b7062e7fc020be25a3483b36ba9616cfa22e680f22e685ff78dd5d9307a5faab7d317b265601ef917e3ba62119ef7ab99a390e6cbc709ab8f19ceb724cd98093d6505b4a8a1a8dca1d3fef1706e33f31512d4464c8314bc9ad2e4114fd093bddf1175821ba36dcf23acbd0ec8c7e6dc6b1b479544a9436c6f1"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_MASK={0xc1, 0x5, "cfe4d7d7d44cceffeae7328757bdacc2fef81c3d82e4808cb6f8290849dc0aaad5fa675be05a94477f71ff6e4755c2ff6f9e77191c47a528f14efc32317fee7a781d5463953013b77d199b9641eec1adc859048ecd93f0d04e5289c864f184babc9e2173b62a1d934ae20f23def26fe5a2cefc57258276208a88c319993beeb507a43d973a1adf8350b27067e2e9b09167f7235cd7d6b05c0d795e369a68cad57a17f3c1006fb967dfd0f8ec615412b80436ad3b3c42f1b118ed46cf36"}, @ETHTOOL_A_BITSET_BITS={0x6c, 0x3, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0x47, 0x5, "bfd40c710fc0512355d66da0a35de5271fb730e9fc30091d2f7c8fadf847a31d500de40cf734d9e0d674f673095e7392d7805310db503d5da5e686a81dcd15e001f85f"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x4}]}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x7fa}, @ETHTOOL_A_EEE_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x8}, @ETHTOOL_A_EEE_MODES_OURS={0x2dc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x66e8}, @ETHTOOL_A_BITSET_VALUE={0x88, 0x4, "52ed41079206d57d0dd18187885fb5d8142647e874b9d73fcecf61abb984f9b3e21cff00e589bd93ad585b9401d739c2207fd29e726b18bc290e61905ee13d802d95d8979dc6fb367f275c130ff969da4509cae59c7870e4762fa116f2356409b99ed2b37be7cbb8315cfccc690090585541ccac7aa436f99fdc5e9b3ebfea078be6f4ee"}, @ETHTOOL_A_BITSET_BITS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_MASK={0xda, 0x5, "305a0cf379b932be39af2baddb66f7bb3ddeb4e767fe718de3d2798e71ea8226d4a08a7991a568537d7c073d35977886b759ba2b789633c57dc1c90f86bf50846ab37484394e223b16af40efcfdb7b0edbb05ba0cdf48b85b10f19c2a33e3829c697aeca5e6a69a6c6f2be828f3455c05c7b369b4d53920ec54c1d947190a1a2f077bf00c77ed0c05fbb9ccca1d2ef981bdca8ce2bf62f14f40328f4310761a26d5dc69637fe040f67510f4003e918f9979cd67196b7c681beb8d85baeee94049db24833b8929d39164cc51f24b3717466131f3036fe"}, @ETHTOOL_A_BITSET_MASK={0x24, 0x5, "c63ab7916d86e9a4defc7097edd8da01c1b208434a274292c1335a824dabf1cb"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xffffffff}, @ETHTOOL_A_BITSET_MASK={0x38, 0x5, "1231e91cba69b848dd57f6a4b48481d23774e27d8417ab5a64e6e1f52f33141d5111f8782fceba64e31c1d20a3846e9a2c70f5f3"}, @ETHTOOL_A_BITSET_BITS={0xac, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffff7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x4}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8499dab}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, '-\'{{${.[@%\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2eca}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, '/dev/dri/card#\x00'}]}]}]}]}, 0x68c}, 0x1, 0x0, 0x0, 0x8000000}, 0x20000)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000080)={0x10})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000000)={0x6b6e, 0x7cf, 0x0, 0x432c, 0xc5, 0x4d, 0x1})
ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f0000000040))

05:55:17 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)

05:55:17 executing program 5:
modify_ldt$read_default(0x2, &(0x7f0000001440)=""/4089, 0xff9)
r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='q', 0x1, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000240)={0x0, r0}, 0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={'rmd256-generic\x00'}})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000180)={0x5, 0x1, &(0x7f00000000c0)=[0x5], &(0x7f0000000100), &(0x7f0000000140)=[0x9c, 0x8]})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000100)=[0x0, 0x0, 0x0], 0x3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000040)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x10001, 0x12500)
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, <r2=>0x0, 0x0], 0x5})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000003c0)=[0x0, 0x0]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000440)={&(0x7f0000000400)="ed1525db951bfb4e36aa3da5e36484f9efc7a865a48b72", 0x17, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r3, 0xc01064ac, &(0x7f0000001480)={r4, 0x1000, &(0x7f0000000480)=""/4096})
r5 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x1, 0x40000)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000280)={0x0, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r6, 0xc02064a4, &(0x7f0000000380)={0x4, 0xa, &(0x7f00000002c0)=[0x7ff, 0x2, 0x400, 0xcf4, 0x0, 0x90, 0xf3, 0x4, 0x20, 0xfff], &(0x7f0000000300)=[0x2a, 0xff01, 0x6ff, 0x400, 0xff, 0x80, 0x1ca, 0x1, 0x7f], &(0x7f0000000340)=[0x81, 0xfff9, 0x0, 0xee, 0x0, 0xded1, 0x40]})
ioctl$DRM_IOCTL_MODE_SETPLANE(r5, 0xc03064b7, &(0x7f0000000240)={0x0, 0xc, 0x2da, 0x101, 0x1000, 0xcd, 0x10000, 0x80, 0xfffffc01, 0x100, 0x3, 0x6})

05:55:17 executing program 2:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="18dcd96f5304020026bd7000fedbdf2560c352986e544e8a3c660c36c528576b8f9f1e10ff6902d1ae386a883cc33562a10dfb8b55c409bd1863be42b956b4cba74dffb068c3e1677738a5ebe543ef6755862c9630f09a86fed72f9b2e865d5dc6ab0000c57d90fe3e2fa9eb9e434a35ca21a400837d4b707dfcfb07f228551212abdacdb2bc255b45c358931b4fcae119baabc46c10b1aa0a9cb1115e116d4f46ba2c8e637e3f43908bd9690fccf2a15a3d160b2f6ee8fd2629bfff4f8fe0866fabef770ae74b58ac0ef290b9995aa9f8"], 0x64}, 0x1, 0x0, 0x0, 0x4004000}, 0x20000004)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000140)={0x2, 0x0, &(0x7f00000000c0)=[0x0, 0x0]})

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x20, 0x1a1000)
r2 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0xfa03, 0xa00)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000280)={0x0, 0x0, r1})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000140)=[<r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f00000001c0)={r3, 0x9, 0x1, 0x1, 0x8, 0x3ff, 0x7, 0x2, 0x2, 0x1, 0x8, 0x327})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000000c0)={0x8000000000000517, <r5=>0x0, 0x2})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000200)={0x8bac, 0x2})
ioctl$DRM_IOCTL_AGP_FREE(r4, 0x40206435, &(0x7f0000000040)={0x0, r5})

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0x7fff, 0x101, 0xaa3})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000080)={0x0, 0x2, 0x6891, 0x7, 0x939, 0x3, 0x2, 0x8d96, 0x80000000, 0x7, 0x7, 0x5})

05:55:17 executing program 1:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x1})

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xffff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f00000000c0)=""/4096)

05:55:17 executing program 4:
r0 = gettid()
shmctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000040)={{0x3, 0xffffffffffffffff, 0xee01, 0xee01, 0xee01, 0x1b, 0x7ff}, 0xfffff000, 0x0, 0x1, 0x8, r0, 0xffffffffffffffff, 0x7})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x1bb3c3)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})

05:55:17 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x3, 0x3b8, 0x3ba, 0x0, 0x7ef})

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1000000000, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x1ff, 0x480)
r2 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x800, 0x80)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000200))
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000080))
r3 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x29cb, 0x400000)
ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0106426, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x2, 0x7ff, 0x0, 0x0, 0x7ef, 0x5, 0x100000})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x8000, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000040)={0x0, 0x5, 0x7, 0x3, 0x4a, 0x2, 0x6})

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000140))

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x100000)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0x4, 0x5})
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000040)={0x9e, &(0x7f0000000240)="47af379d46a95b5c33a4f9129074ed8710a5fe5f4e8feae0b978ad51fd83c87e547224b402f85a6ac07f07452d26b73171eefacdc5922488f061de6b769713387f24eb9900c12ef228b51a8bb1da1462b16770dbe2a320e8ad461683ea399deaadfca7abff491839cb2e4da7e2564047c4d6cd006b33486f1690d79fa909a157c653094d69fdcba05cc26205df0599cc66aeb37421842c4085bd6bc3fe30"})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f00000000c0))
r2 = syz_open_dev$dri(&(0x7f0000000300)='/dev/dri/card#\x00', 0x7dc, 0x60001)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000440)={0x20, 0x1, &(0x7f0000000340)=[0x20], &(0x7f0000000380)=[0x4, 0xff00, 0x8, 0x7, 0x3e, 0x5, 0x40, 0x9], &(0x7f00000003c0)=[0x2, 0x7, 0xff01]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000000)={0x2, 0xca, &(0x7f0000000140)=""/202})

05:55:17 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYRES16], 0x4c}}, 0x0)
sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x6c, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={[], 0x30}}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xdbd}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x6}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="3b36f55c22cf"}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x7f}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x80)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000240)=""/179)

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000080)={0x1, 0x80000000, 0x9, 0x7})

05:55:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x9, 0xa000)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000080)={0x800, 0x800, 0xa, 0x800, 0x81})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000500)={&(0x7f00000004c0)=[0xf1be, 0xc0, 0x4, 0x8], 0x4, 0x0, 0x0, <r1=>0xffffffffffffffff})
timerfd_gettime(r1, &(0x7f0000000540))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
shmctl$SHM_LOCK(0xffffffffffffffff, 0xb)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000006c0)={0x6, 0x0, &(0x7f00000003c0), &(0x7f0000000640)=[0x2], &(0x7f0000000680)=[0x8001, 0x80, 0x7f, 0x5, 0xed]})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000000c0)})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = gettid()
sendmsg$netlink(r4, &(0x7f0000007180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@cred={{0x1c, 0x1, 0x2, {r5, 0x0, 0xee01}}}], 0x20}, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$l2tp(0x2, 0x2, 0x73)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f0000000700)=ANY=[@ANYBLOB="44d2050000009f7e575c738eac41a0783a422d2e49bd337e92b39d2c47a694ed58524b29939460071cca4181f55ec9ab0cb126d2c23e3f4be363f53ae92897e624dc0502c7b55d7200"/83, @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB="6ae59e0235a11f6991bce7f1c66453016a2ad86901d3b33c0a33e1aba7b6a2a802e936d986bcda70ede1cb4e7d09b2c341f2668e37d0dcc791757cda6d761761abebfcb1a8f12e67b4d521f96c10960cea1af726f1d55c0961a4a226f852b56367973dea186fcab97d643983dd8c67dfacab27054531f279929c0b39938ada4e1da924b325d2bb099bf9f1ed8f1dd6079c77b7b7959c322018719f82dda437133788d86b6342133c409c89789945f693f996326275d3d498584a2503daecc35ea8047af5198c503453d2b305a2dcae17acc085edd8aaaa920352293f49245d30a6"], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$nl_route(r3, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="b80100001000000026bd7000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="08810400200800000500210020000000080004000300000008001d000600000008001c00", @ANYRES32=r2, @ANYBLOB="3001188014000180050006000600000008000100060000006000018014000400332ef27c83f9d59bbf35839883f6449f14000500ba75aecafa1bde4b2219292064c0facb0500060001000000050006007f0000000e0002002f6465762f7a65726f000000140005009694fb08b9082bc45e30392833f6c80244000180050006001f000000080001000900000014000400b199d93de9a994f5cf6cc038b136b11c08000100080000001400050045844ad5daadd9b9ba20d42302357ec514000180080001000900000005000600ff00000060000180050006000000000005000600040000000a000200295c2a402900000008000100080000000500060007000000080001001f000000140004001d2ede830863d06c8f63cf02f7434a1914000400529c8f2d145248e858c26133ebbfaacb14001400626f6e643000000000000000000000002c00198014000400e8907f096d72b08ddce5e3517824aa2614000400a86a445353f183854710da95e2e7bb1e0500110000000000a46c3d79b4c072a96135d5e9e60106b37c870b6f1d267a63e04773916cad578767db45313492ddcd1ad13cbc8a63e2f3748ee983b1f343a81be2301d360efcfb4e5b2462760171ee67e4cdba5ef6d832f2c5668c55f3c63223d831be8d63c23b98ff0a02bfedd223c4317d2e2f97483b9250ca600336e535ea352750d04c6018347036f6833dcb1c397380bb4fac6b4bab7d67df576ac3d7"], 0x1b8}}, 0x8001)
r6 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:17 executing program 1:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x2, 0x400)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000000)={0x10})

05:55:17 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x6, 0x400000)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000200)=""/170)

05:55:17 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x90000, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000240)='NLBL_UNLBL\x00')
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000280)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_ACCEPT(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x94, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @empty}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_macvtap\x00'}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={[], [], @multicast1}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010100}]}, 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x60000)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x4400)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:17 executing program 5:
r0 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x18d840, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x60, 0x0, 0x4, 0x70bd28, 0x25dfdbff, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r0}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r1}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000)
r2 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xfffffffffffffffd, 0x10000)
r3 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x5, 0x200)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000340)={0x14, 0x0, &(0x7f0000000280)=[@increfs_done={0x40106308, 0x2}], 0x5f, 0x0, &(0x7f00000002c0)="337809cb8b3e523974399b81a80920d87f4cccac23341fa0f18991d94f46d02c3edd0e675fde75a1ac3306424a60f40f2aea6499d5e5ff468e4002077c9dd97277a37528cf5026dac41cddd9d17ea5b5a8526e2b48949a0dbff1dd983a036e"})
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000240))
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000380)={0x1, 0xff, &(0x7f0000000440)=""/255})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0xffffffff, 0x8001})

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/179)

05:55:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}], 0x3ed, 0x0, [], 0x7, 0x6})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:17 executing program 0:
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000280)={&(0x7f0000000240)=[0x400], 0x1, 0x1, 0xd03, 0x10000, 0xffff, 0x5, 0x788efad0, {0x12000, 0x800, 0x0, 0x8001, 0x7dd, 0x400, 0x8, 0x9, 0x8000, 0x0, 0x2, 0x5, 0x1000, 0x1, "6cbad7b3d5012dba8e369d9e45c48b10f73064ad8988106b529600895596b93f"}})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000340))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000380)={0x4, 0x0, 0x10000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000, <r3=>0xffffffffffffffff})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440)='/dev/zero\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000480)={0x0, 0x0, 0xffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000140)=[0x0, 0x0, <r5=>0x0], 0x3})
ioctl$DRM_IOCTL_AUTH_MAGIC(r3, 0x40046411, &(0x7f0000000300)=0x6)
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f0000000200)={r5, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x60000, 0x0)
ioctl$EVIOCSREP(r6, 0x40084503, &(0x7f00000003c0)=[0x2ab])

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x10008, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7f, 0x20, 0x0, 0xfffffff9], 0x4, 0x800, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000100)={0x5})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000140)={0x8, 0x7, 0x3, 0x6fb, 0x5})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000180))

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
accept(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3, &(0x7f00000000c0)=0x80)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000140)=0x7)
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f00000001c0)={0x8, &(0x7f0000000180)="8781f5c66ddc4b38"})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000200)={0x0, 0x0, r0})

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f00000000c0)=0x7)

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/179)

05:55:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x2, 0x0, 0x3b6, 0x0, 0x7ef, 0x85})

05:55:17 executing program 4:
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000100)={0x7fff, 0xf6d, 0xaa3})
ioctl$DRM_IOCTL_GET_UNIQUE(0xffffffffffffffff, 0xc0106401, &(0x7f00000000c0)={0x36, &(0x7f0000000080)=""/54})

05:55:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x6e400000, 0x9, 0x5})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x5, 0x20000)
r2 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x2, 0x84000)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000300)={&(0x7f0000000180)=[0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], 0x7, 0x2, 0x4, 0x0, 0xc})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x0, <r3=>0x0, 0x10001})
ioctl$DRM_IOCTL_SG_FREE(r1, 0x40106439, &(0x7f00000000c0)={0x2, r3})

05:55:17 executing program 0:
accept4$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14, 0x800)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x44, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x18, 0x1402, 0x300, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x440c4}, 0x5)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x2, 0xffffffff, 0x30, 0x20, 0xff, 0x7, 0x6], 0x7})

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000080)={0x3, 0x3})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f00000001c0)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0], &(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x2, 0x4, 0x0, 0x7})
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000040)=0x4)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/zero\x00', 0x80000, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000001400)={0x0, 0x80000})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x1, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="8cf6f4b6a9410618"], &(0x7f0000000280)='GPL\x00', 0xe64, 0x1000, &(0x7f00000002c0)=""/4096, 0x41100, 0x2, [], 0x0, 0x20, r1, 0x8, &(0x7f00000012c0)={0x0, 0x3}, 0x8, 0x10, &(0x7f0000001300)={0x1, 0x1, 0x5, 0x1f2}, 0x10, 0xffffffffffffffff}, 0x78)

05:55:17 executing program 2:
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x1, 0x9, 0xf7, 0x7, 0xf5], 0x5, 0x0, 0x0, <r0=>0xffffffffffffffff})
getsockopt$inet_dccp_buf(r0, 0x21, 0x2, &(0x7f0000000180)=""/170, &(0x7f0000000240)=0xaa)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000280)={0x0, 0x8})

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, &(0x7f0000000000)={0xffff, 0x4, 0x8000})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xa0, 0x2e8001)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000140)={&(0x7f00000000c0)=[0x5, 0xf61, 0xfffffffd, 0x20, 0x7351], &(0x7f0000000100)=[0x0, 0x0], 0x5, 0x4, 0xfbfbfbfb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:17 executing program 5:
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x9, 0x1e7e, 0x5, 0xf858, 0x9, 0x8, 0x4de9, 0x7, 0x7], 0x9, 0x80000, 0x0, <r0=>0xffffffffffffffff})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, 0x0, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x4, 0x7ef, 0x5})

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffffe, 0x444400)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000180)={&(0x7f0000000140)="b0bbe0af5279ba42388196252374dc56614a056b48deea66e5ed40ac3ddb2612", 0x20})

05:55:17 executing program 4:
r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
shmctl$IPC_SET(r0, 0x1, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x3}, 0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff})
r1 = shmget$private(0x0, 0x1000, 0x100, &(0x7f0000ffc000/0x1000)=nil)
shmat(r1, &(0x7f0000ffa000/0x4000)=nil, 0x4000)
shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x3000)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000400)={0x4, &(0x7f0000000140)=""/227, &(0x7f0000000380)=[{0x8, 0x98, 0xa3, &(0x7f0000000040)=""/152}, {0x20, 0x2d, 0xc01a, &(0x7f0000000240)=""/45}, {0x7, 0x15, 0x8, &(0x7f0000000280)=""/21}, {0xe87, 0x98, 0x3ff, &(0x7f00000002c0)=""/152}]})
syz_open_dev$dri(&(0x7f0000000440)='/dev/dri/card#\x00', 0x6, 0x880)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x40001)
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000100)={0x5b, &(0x7f0000000080)="75a7f3314d121498054e99853edd1e1d63538f041100e756ce978264a0dc21448a9cf47e0bc55f097edf0162b95ed3c20853dac98bf790fe2b2e5db61bc47faa18a02476354cf5d598c349d270debb2e2ef325329c36f5b169b09c"})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x8002, 0x1, 0xaa6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)

05:55:17 executing program 0:
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x9, 0x1e7e, 0x5, 0xf858, 0x9, 0x8, 0x4de9, 0x7, 0x7], 0x9, 0x80000, 0x0, <r0=>0xffffffffffffffff})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, 0x0, 0x2, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x43, 0x204441)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/9})

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x2000000000000008, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0xffffffde, 0x0, 0x4})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:17 executing program 3:
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000000)={0x8})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x2, 0x4, 0x8000, 0x0, 0x2401, 0x7, 0xff})

05:55:17 executing program 5:
ioctl$DRM_IOCTL_ADD_BUFS(0xffffffffffffffff, 0xc0206416, &(0x7f0000000080)={0x1, 0x7, 0x1, 0x0, 0x22, 0xd6})
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000000c0)={0xde9b, 0x7, &(0x7f0000000000)=[0x8, 0x946, 0x5, 0x2, 0x25, 0x20, 0x81], &(0x7f0000000040)=[0x6a00, 0x0], &(0x7f0000000080)=[0x6, 0xffff, 0xff, 0x4, 0x0, 0xff]})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x9, 0x8003)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}]})

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f00000001c0)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[{}, {}, {}], 0xf1f9, 0x0, [], 0x8, 0x3})

05:55:17 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYRES16], 0x4c}}, 0x0)
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x40}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000000}, 0x20004)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x9, 0x3b6, 0x0, 0x7ef, 0x5, 0x1})
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000040)={0x2, 0x40001001, 0xffffffff, 0xe9})

05:55:17 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x220c82)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000000c0)={0xde9b, 0x7, &(0x7f0000000000)=[0x8, 0x946, 0x5, 0x2, 0x25, 0x20, 0x81], &(0x7f0000000040)=[0x6a00, 0x0], &(0x7f0000000080)=[0x6, 0xffff, 0xff, 0x4, 0x0, 0xff]})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:17 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x4, 0x8], 0x3, 0x0, 0x9, 0x2, 0x1, 0x3f80, 0x1c, {0x401, 0x0, 0x8, 0x400, 0x6, 0x7, 0x80, 0x4, 0xb4, 0x0, 0x400, 0xc35, 0x6, 0x3, "eb36aaabb53342f846e42166a476f552e8c4341eb4322204f737740b5a919797"}})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x8003, 0x7f, 0x3})

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time_for_children\x00')
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000080))

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x200)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/206)

05:55:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x1632c0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f00000000c0)=""/4)
ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000140)=[0x2893fbbd, 0x4])
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000180)={0x1})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/186)

05:55:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000000c0)={0xde9b, 0x7, &(0x7f0000000000)=[0x8, 0x946, 0x5, 0x2, 0x25, 0x20, 0x81], &(0x7f0000000040)=[0x6a00, 0x0], &(0x7f0000000080)=[0x6, 0xffff, 0xff, 0x4, 0x0, 0xff]})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:17 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xfffffff7, 0xe9, 0x5})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000000)=[0x6, 0x9, 0x4], 0x3, 0x8, 0x3ff, 0x4, 0x1, 0x3, 0x1, {0x7fffffff, 0x7, 0x40, 0x5, 0x0, 0x7, 0x0, 0x1, 0xfffc, 0x1f00, 0x7f, 0xd3a, 0x5, 0x2, "34b076f9072622f5d6739aece44a0687c90658f4a3cb8458ab9b14d4831b5958"}})
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xfffffffffffffe00, 0x200)
ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f00000000c0)={&(0x7f0000ffe000/0x1000)=nil, 0x81, 0x5, 0x2})

05:55:18 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x7, 0x0, 0x2})
ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000040)={0x0, 0x3})

05:55:18 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000040)={0x0, 0x2, 0x100, 0x10001})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = pkey_alloc(0x0, 0x0)
pkey_mprotect(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x1, r1)

05:55:18 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x9, 0x440000)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000140))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x109140, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000180))
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000100)={0x3, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0]})

05:55:18 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040), 0x0, 0x800, 0x0, <r1=>0xffffffffffffffff})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000100)={&(0x7f0000000040)=[0x5, 0x401], 0x2, 0x85b28d1ed47135ee})
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f00000000c0)=0xfff)

05:55:18 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x5, 0x8000)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x5, 0xe87f], 0x2, 0x80000})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000080)={0x8, &(0x7f0000000040)=""/8})

05:55:18 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x1}]}, 0x24}}, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000180)={0x20, 0xff, 0x8, 0x0, 0x400, 0x8000, 0x4})

05:55:18 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0xba882)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000240)={0x0, 0x7, 0x5, 0x2, 0x200, 0x4, 0x7f, 0x3de, 0x9, 0x7, 0x5, 0x5})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f0000000200)={0x2, 0x4c, &(0x7f0000000180)=""/76})
r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x7f, 0xb00)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000140)={0x4, &(0x7f00000002c0)=[{}, {}, {}, {}]})

05:55:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000000c0)={0xde9b, 0x7, &(0x7f0000000000)=[0x8, 0x946, 0x5, 0x2, 0x25, 0x20, 0x81], &(0x7f0000000040)=[0x6a00, 0x0], &(0x7f0000000080)=[0x6, 0xffff, 0xff, 0x4, 0x0, 0xff]})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000200)={0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x470400)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:18 executing program 2:
r0 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x20, 0x40000)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000140)={0x7fff, 0x2493, 0x2c4, 0xffff})
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f00000000c0)={0xde9b, 0x7, &(0x7f0000000000)=[0x8, 0x946, 0x5, 0x2, 0x25, 0x20, 0x81], &(0x7f0000000040)=[0x6a00, 0x0], &(0x7f0000000080)=[0x6, 0xffff, 0xff, 0x4, 0x0, 0xff]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0x81, <r2=>0x0})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000140)={r2, 0x70be575a})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000080)={0x0, 0x7f, 0x5, 0x87ac, 0x3, 0x9, 0x5, 0x10000000, 0x8001, 0x0, 0x8001, 0x200})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, &(0x7f0000000380)={0x7fffffff, 0xfffffffe, 0x1})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r4, 0xc0086420, &(0x7f0000000340))
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000000c0)={0x7ffb, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000000040)={0x9, 0x3f00, 0x4, 0x40, 0xfffffffa, 0x8bb5, 0x4})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache='cache=fscache'}, {@fscache='fscache'}, {@debug={'debug', 0x3d, 0x798d}}, {@noextend='noextend'}], [{@func={'func', 0x3d, 'FILE_CHECK'}}, {@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@subj_user={'subj_user', 0x3d, '/dev/zero\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '/dev/dri/card#\x00'}}]}})

05:55:18 executing program 3:
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x7, 0x9, 0x1ff, 0x2], 0x4, 0x0, 0x0, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_UNBIND(r0, 0x40106437, &(0x7f00000001c0)={0x0, 0xfffffffffffffff7})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000040)=""/143)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:18 executing program 1:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000140)="d49eeaea6ab0440ac8bef08ec6d57c1800411ad176a51e0250d7c50c7a52d1f1b588ef97e8f2cf65dab75355fe95af8b69fcb47f59512d220054dc6a3e07ba836a13cb0d70073240df060fad71a5af8f13e693f2d5093f1680688a0dee8c6d867593696f996094c19be5fad6132a0b0390b1f365cc21525706fde90ce92dca57767bb4ad102f2021cf80cde46705bfd354a40b8c6ce5c8d577d48fb27628da322f13a8c0293bd23250936f75c3159b663c5b", 0xb2, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f00000000c0)={r2, 0xcd, &(0x7f0000000200)=""/205})
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000040))

05:55:18 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000100)={&(0x7f00000000c0)=[0x8e1, 0x2, 0x8, 0x8001], 0x4, 0x80800})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000080)={0x0, 0xfffffffffffffff8})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0xea0, 0x7f, 0xaa2})

05:55:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r1=>0x0})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000001300)={'tunl0\x00', &(0x7f0000001240)={'gre0\x00', r1, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}}}})
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r3, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:18 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000040))

05:55:18 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, &(0x7f0000000440)=""/4096)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000240)=""/228)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:18 executing program 1:
socket(0x28, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x6})

05:55:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x3, 0x20001)
r1 = getpgrp(0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f00000000c0))
r3 = getpgid(r1)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
getpgid(r3)

05:55:18 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x3ff, 0x4, 0x1, 0x0, 0x3, 0x3, 0x8001, 0x7ff], 0x8, 0x80000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000240)={0x2, 0xff51, 0x8, 0x7, 0x0, 0x40, 0x6})
getresuid(&(0x7f0000000080)=<r2=>0x0, &(0x7f00000000c0), &(0x7f0000000100))
r3 = ioctl$NS_GET_PARENT(r1, 0xb702, 0x0)
ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000000440))
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000001480)={&(0x7f0000000480)="0692487db339557061bb9ac8576edb5e3b31c77dedce3c7f1ff4bfa868e59269f2667486fcaf968a17bb176b156037f4bb1533b9f5c9cd9fa0b3a98db5c358f1337e7aa6b1145c908fb5cb9fcf833db3f7a9b2f3be0dc3ef0b24efb7e241c5bddf70322d84e6cb9f1eba8eae46fd859746efac3581ac9c01bc6318a0e42fa711f0c90d542cea5908e93b12823b56dcae8e74a16aad60d299370d39b41eb057478a608cbc2ab27164b2d7a91a69c0d5d0285677cd3ffcbbb6912b64396b9fb05a52af433af8fee9d31cb2db4379d4ee6309b6df3b33ac25fe217acb8f1a8dcfc99e2e6f2cbcd661aff177126762330736a246eac70c8cd8730a13356fbf5eae1df0b6cc5f83f71df0237e1cc92ed72d0a156463750951c9b829a887cc5d060e42eea3579d218420462a0573761869a657533fbdc63480317566cba7f4f11eb83a300c3f546697a39991b14d2181aec38e8b4c633f7fd3c83483afbb7b5a544f094b73de988d89a57b6cb0a8acc2fcbe25364063b8462c418aead377989f3e6f8d00b8535c35c212a40a5dae1aed88cae2cf0515c4ec9e910d5fd0c3a9e3ea4779bb8efa4e614c61d47825c915a1a9a5135370cbb124783356b82f18e2c928a994cd75986628f1fcf2573ed8d252cd8e6ce1e62ebfdecd4c3501d60ca709f46ab7e776cf547464e32b899dee92c328587e3f7e578600a0dfc07be40130f0a472f8fb9032df3a5c8db55542aa90f44423703c887adef2489086dd55dc7285ccf4f67583221e756c6ce9a3663027f46119b5b82916da09cae5ab9ae426bfb3075a8da43afad883b5520b605ffb3e5e9107cd51f1194e65985c40ee9d91ce0ab6dfca20d4ca1679d5432aef1e7812e935b28b3a12f1cc67c909c4702b5810925466b08cabc76068ddb65945013f8cf8d7322ba3347149260262b358b4eb63dd4679fd614aabc6d9492f21c22b70922d219d3f226d81b95b243b6df967dcab5767678584859d4f97f018511147dd5fdf4fc0ef8479aa1913c4f3b8566fdebd01f9de7e35ef3a5aaa37d53671145947fde5a3f92c88e17cb447fe1a39c3510c421b6fe2decc3b81387204919724ff6bf1c6749a4e725d71dcf6121fe0ba7b1630a59f751f7fc272dddc1bac39b99956477330fdad55bf56cb9a6b8d646ef64bb5c32ab7e42755d3b06a7ad622ad4c88f3ba3efcd48e0106655c285d1e96cfba9d0daff7831d519d4683887fbf0b66bfa538c0f42e8349d467428d6dd377ebd619f878a12e92af1250871033c9e4a2717a39acb9f04971fbe09a521d25edf631abb1126337e288d8e1c99bf364a5d56d12a1d4054ac4892b9aa17db2d07ea6cbe77c2ae8b300060f4300a0a71da1149fa8158c9dc5e83ee47bd97a022589e07d9d4fdcc1a7d7d6e0db2568fe15048acc45ccdcae844ab427f83c45350634be3c32455e5e8827d642c8161c774003d9f3b6e72fc253a97d5ffa6bc8bcc1b006c8949a5a4210e6d98663d8e86a5db98ccde3be11805b4d3fa14029111d824561a24ab22b17747ca934bbaec5f42a5201ba730d416a363bae55738f2af5bb24dd3d2d65b33a8d066e3b62f2117e9fc927c4ffc07deb80fdfc43e5d60965d59b7dec8c9a2e367851a2bf41d42c31d3039edf3733ae31ca456cb8dd3633aa18efa35678d4c650f4ea21f5b133a5b27d202b54c2b27e63555131ee703e0a8a91f673e024f16bf4d915da0200decb6dd148919000990865fba5cd6dd84cc511d376b1a7f40fc519498c48a6c13232c0046515d854d07a80f51921fde23dd8c0b301686712beca3df830118d70275d076077c6eb5dcf8580cb0ae03267048315df1dae305a1e6cb448f1f9145012bdda049e0fe617558adfbcbbffec4a57903fd93c768ec7c23d477096a7e9d9155f8332db8d5e87edab589f56f95e7bbac9ffb87c5f43d6e3f01f3671bce6c87721c21aba8fcf03a10001acea784a327511f2381adf57699e359c6b4270d9200083431e6ef1c560bc98dc8b38a86d59ac6291a0c94e53a261ea92591f181d23570d565765789611b7d19bdff5f08651d990c4494cdbc86172aa0281a6ee7771f8bdc995f7b51918e5e59a7823e942458e4b9ee4bc1eab88793a36f7abb81df5e9808ef576e72be0a0c8b662ba882940134f58adfa96c08a6734b1637ef102c67e313d66896e7a08e7c31501815bab2eeeda2d850642ad6888b83881d119233307aca1b6f4bc5745e7bc319c86d675eeca15e363e41cac35f41631b6939bdb12b355a5436408bb5ba370c29124bda0251e4b66b7f018bfa4e54b347f7699c274973209029170162a05a643c9b3d0b6529034e2722182236a5ee410e78570db221bdf6fabc4e8c3167b1f91eaaae4b103321e05897f103b778cd30d58356c641c1fa18de4a183c260e4cc20cd07758cad4d4dc87a35a2a6fbc4f15ea14d31537962572f8e7010db89de5d2a007eead34e7b5e936513e442b4471c5eeb1ae22a1671c01fa1839c56de37aa057c646395542894997e99cc6000a7f1bca084af395ce6c6cc78d84f597309cb8903956d6240d108c233da69926c74db9c2adb845c8af95bac761796434770edb4dd4e3ff270f8188018689bb0660b0005bee52c97a7218a194979bd717db0740c4bd7907e19ea7408a7abcb1b7a25e069f2a3b12ec88325abde7edc758f2966173e60a800c6f8ad1126b1c1cb3496b9ef35c3c820c9106b388182089a78f43da0cce772bb32b25ab9ab2253af8554c28f279194bdc663b550e116de982923e473635293e81ee51e5a0a43e559a6510302918aee3d03cf1068830905a547fcc59e49199763c98a558f4a6dc87a79bf7bc86d71580ad4d1be7d0156d844fe4c23a89694883bd7790361e8f0d63eb8c8c90424958287ed617eebfef730dd18d242d0b2910a0113ecab0f1954a1b0cc1d0c4c2ff10cde5bfe9a9ebae9f38177520e54c0141ec9ebd598406895c21fbc82a7e55f956c34dbf0870ef6ff947b512fc163c0460e6dabf7793714df3a48d8b161d88b3dda57fc4a28db921526d4023e3ae2ea4e4edf1da3b0abb2202c45fd4762e7e95784db0873996305e20807b2f1c856750b38b6ebdef4ce1d9d2e3e8e8f26f43368c2846f87589d1db4deae52f61654b3e531badb11c96d41f9d5837e755764e9fc14088050ef20eb7a5a0f5f4c94cdb6624141ce38b18289062c70032c0cac23baf5ba7ea8f901543230def59950657351225b3cf3d748fd129250d0d2597cdd03f8a55a7906e7026cb3372284e9970b992130d43a2af921a19d2ca10931e41ee3e483646a1c3980292f2b8f29480dca19c55b5ab991ffb19e2ba8c993b0fa6ea23f353bacf43ac304eba0566787244ac32bc05d6f8905a7c260942342ec62e770806a5472c4f2106339ad51a33a656df89f1a28050c5cb5fba89349deda65bd6fabd8d9794f27c2486474b6ebfc4036284af4d420f3b1cba0936e13b3f6863ca2a3e0d776f73d47db0facee039c71ccc3e6dc6fe490ff49e9cf58d3335f09f76514fa3d01bda8eb1e6f65ade58c95c591fddb012d6215d1ad468fa6193cca907e830a513971330491a0a56441ccd9939676276cd862a423a8e1b633b72878f6070ee9bef243b95edcabbb73b545bdce71eb178b79d4112be7c6598826877b21fad724ffe4a2ad022747e52866a87afeb647ad0eb9fa66a748a4a9ea0af2b57e2224992d193793568ae329f4ec3c478ef7dd16ae3e0ddd2a9a43a369206bacb9cc4a1822dc5b88fcd79f796765139ef3f2719357ff82dd46b21405cb5ef069577ad7fa18c2a3c745a87d20e557329b79dc3896ae72b9b8bc846821f75ed05bd6a35c25e55b2ee9b15f1ce49dd416b7cd4a104ed750ae0c1d8123e85d50db27afa61ae22697bf231570bed1960e154a574645319deead6fc818636dad0fcd75ed496d054e9b9167f8dab4f8806e6fb1d5c9346fe846088ed133d02f358b35ff41561ae5afc5767f59015634ad4a0cdc5e28c1eafb885f85b3345f2a31ca192ebae27a6c687a9abf8b85f725a61df43dde623ba55cb1672cb42f974b113513cc35f370c55607bb4f98d82799423b6f6606a17e608c056134a5e8dab4fc4e68194a869d3890b5260f4addd2662852b77746dafc1f534cd57d299a03418398493182d876d6fe7339020776dea32f136bba831cd531b4a9c25565715146b39651a13db8117342a3ac7dbda824be887f821a1e0163ba956e61d6ab12f43f278a37fd274db564c09b43be6f562f758b97b549204ec043e833f3741fbd0307af7173d3b9021f1eabec156fb82d8c1a58a94f039e383e4226414d5c088b49c7ac77f5ab5479a90ce5e0835069e0dfbe33d1fc01c3273289c940c5c068285a2a680c5403417322ffecb9314aa322990c0fbd60dec0b7be7b9aca8f6c6cd1159d3ee2e885bb626d8cdfcde46cbe55d5fc8cdd0ea762ab1bdd9eb8acdef77a8f5a516bb4666e158b3d53d0bebf1151a44e6a410b368b369d28b264c651f711375b8dafced9711dfefb04f6fad7a5707f2ba82b1348e8c985848ff9d9e14aab1fc8ae22c8e9dca7b6034bec3c19e0499b4632efdddf981bcfbfb24f81d618014c8ddef42b3be7681a8696f1f75eae4b8b5ca53a282aef99e10c6443798971835cfad37c010cc3f749d8068bfb391d9cdde95ee20cecb0f299cd9165a5d2f4204e8378280426a6fb5e239d552bffbc2570e79cc32ec3f664c7815c93eca0d28dc83d0e0ff9aca7de0a59218864da3026faf0397e57ab4986a4c0ed9928f963078f461cdc334e282ebd0c172b32874621ca950cae94be4ef0d155d3e75cb6a08e840a87c1dd4ffe7c90caa2143705e04eae3ca55d47128f30ff87c5b25671f4717bd6198470c61905a206a24c2452d7ef36dd7982ecad3cacc35bad6b23ae073cbc9061bbf7483b588fdc8c4a4871b9714562041e88ce8b5a084308ac21e201bbfe97949b09276635535f75d85fccb4eb6774e0966c7115e3886ed26b6e20f8b18c0ef5ef6caa02666fdf7f9e4580004f268c0e3e3685299929fe82c8e161aa6ee3917fb08349a4c166dc713de2627a19dfd702fa4223270ab5f392ff2bd711b1659771d3c05611abc9881c9f525bf7010254d5c45819fb6721f28d14fd8398332eaa61ac5211ae68a54fad0209e127ef21e7ef6cdfd1866670e44e64883b138fe9770d025ae837f7fcb6365637c697804db7db84c2a17731065a0b68d4a02e3a781748f9608985b22feb40f6fdfa948d7e8a937a62317ed7813dd032b99124ec8d75bf6107a80fa939a22991d8e103dc39486e6f6359f356362d94382940eb48cc96cdb884f6e316975b14c66c3233a60968d9a0d1945e045e06c43b2957ddeb46f523af6fdd8f14df8c64cd43139177dd35390837547488eaffd8597f8f2c1f18d4aed628132ddf9d74eabfe1c1aa46b416815c901c647381182cf214fb63c6a7bdcb2e362a8b42904be4895dda229d0e0ad299feb0f0f2b82ecb9629c4df54fcd5d1d7d01c104540277e884e1a20751d8c8c6e990203483636b552d5fd0175739910f49286cce48a0e39796345608376863a3cc6504dff78594a22f7095360bd5cc6d4306a7f818a27e36f4205c7282bb295a0a5aa0f2a721c8468f0600123d49a66c7c88b603be4986803baffb3ef829a2454205598e1ff0c8a8548787088e6c00a4bbf61d68421d942cc3e0a8f9a8471f415cb1426e39d5d0e6a3860a3af7c22ec4967eb9a000a0152e98e014714c9c077105cab8a53708cf8877b4b504d083ef0315172", 0x1000})
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000180)={0xa, &(0x7f0000000340)=[{}, {}, {}, {}, {}, {}, {<r5=>0x0}, {}, {}, {}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r4, 0x4010641c, &(0x7f0000000400)={r5, &(0x7f00000003c0)=""/33})
mount$9p_fd(0x0, 0x0, 0x0, 0x2020021, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESDEC=r2, @ANYBLOB=',func=FILE_MMAP,euid>', @ANYRESDEC, @ANYBLOB=',\x00'])
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x206006, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',loose,uid=', @ANYRESDEC=r2, @ANYBLOB="cdec5ed1d345f3b89bdc71382353df1d53215eb1d804b98e655f3e7e4ef919bf3f86627fc6f1c33d3cd8d9d77721597ed4ba1c17b29339fb"])

05:55:18 executing program 0:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0xec7b, 0x9ebc, 0x8], 0x3, 0x800, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x5e6, 0x2000000, 0x9})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 1 (fault-call:1 fault-nth:0):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:18 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x80, 0x210a00)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r1, 0xc02064a4, &(0x7f00000002c0)={0x2, 0x2, &(0x7f0000000200)=[0x4, 0x5], &(0x7f0000000240)=[0x8], &(0x7f0000000280)=[0x2]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000180)={0x21, &(0x7f0000000140)=""/33})

05:55:18 executing program 5:
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x100000000, 0x80201)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000080)=[0x8001, 0xfff, 0xffff], &(0x7f00000000c0)=[0x0, 0x0], 0x3, 0x18000, 0xbbbbbbbb})

05:55:18 executing program 0 (fault-call:1 fault-nth:0):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:18 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000140)={0x0, &(0x7f00000000c0)})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

[ 1553.226520] FAULT_INJECTION: forcing a failure.
[ 1553.226520] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.259042] FAULT_INJECTION: forcing a failure.
[ 1553.259042] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.259798] CPU: 1 PID: 28626 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1553.278138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1553.287526] Call Trace:
[ 1553.290117]  dump_stack+0x1b2/0x281
[ 1553.293747]  should_fail.cold+0x10a/0x149
[ 1553.297893]  should_failslab+0xd6/0x130
[ 1553.301875]  __kmalloc_track_caller+0x2bc/0x400
[ 1553.306546]  ? strndup_user+0x5b/0xf0
[ 1553.310341]  memdup_user+0x22/0xa0
[ 1553.313873]  strndup_user+0x5b/0xf0
[ 1553.317491]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.321375]  SyS_mount+0x39/0x120
05:55:18 executing program 4:
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 3:
getsockname$packet(0xffffffffffffffff, &(0x7f00000006c0)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000700)=0x14)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000007c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl0\x00', r0, 0x29, 0x2, 0x80, 0x2, 0x3, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x40, 0x80, 0x1632, 0xdc01}})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x20007ef, 0x20000005})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000240)='/dev/dri/card#\x00', 0x1000, 0x30780)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0], 0x1})
sendmsg$AUDIT_SET(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, 0x3e9, 0x300, 0x70bd2c, 0x25dfdbfe, {0x64, 0x1, 0x2, 0xffffffffffffffff, 0x100, 0xe4ea, 0xc56e, 0x1, 0x0, 0x2}, ["", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x8050}, 0x10)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
sendmsg$AUDIT_MAKE_EQUIV(r4, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, 0x3f7, 0x2, 0x70bd28, 0x25dfdbfd, {0x7, 0x7, './file0', './file0'}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000440)={0x0, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000480)={0x2, 0xfffff474, 0x400, 0x4, 0x8, 0x1, 0x1})
r7 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x7, 0x400000)
ioctl$DRM_IOCTL_ADD_MAP(r7, 0xc0286415, &(0x7f00000000c0)={&(0x7f0000ffc000/0x3000)=nil, 0x14d3ca53, 0x1, 0x335827f1e0aa5772})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, &(0x7f0000000040)={0x38a8, 0x5, 0x2})

05:55:18 executing program 4:
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 4:
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 2:
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, 0x3f7, 0x1, 0x70bd26, 0x25dfdbfe, {0x7, 0x7, './file0', './file0'}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4040004}, 0x80)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1, 0x2000)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

[ 1553.324825]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.328712]  do_syscall_64+0x1d5/0x640
[ 1553.332602]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1553.337784] RIP: 0033:0x45e219
[ 1553.340970] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1553.348681] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1553.355949] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1553.363216] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1553.370484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1553.377750] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1553.388360] CPU: 0 PID: 28633 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1553.396263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1553.405617] Call Trace:
[ 1553.408328]  dump_stack+0x1b2/0x281
[ 1553.411963]  should_fail.cold+0x10a/0x149
[ 1553.416110]  should_failslab+0xd6/0x130
[ 1553.420082]  __kmalloc_track_caller+0x2bc/0x400
[ 1553.424761]  ? strndup_user+0x5b/0xf0
[ 1553.426126] FAULT_INJECTION: forcing a failure.
[ 1553.426126] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.428562]  memdup_user+0x22/0xa0
[ 1553.428573]  strndup_user+0x5b/0xf0
[ 1553.428589]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.450765]  SyS_mount+0x39/0x120
[ 1553.454218]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.458100]  do_syscall_64+0x1d5/0x640
[ 1553.461979]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1553.467153] RIP: 0033:0x45e219
05:55:18 executing program 1 (fault-call:1 fault-nth:1):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1553.470328] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1553.478108] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1553.485359] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1553.492609] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1553.499860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1553.507114] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1553.514387] CPU: 1 PID: 28647 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
05:55:18 executing program 3:
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000580)={0x44, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xfffffff8}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x4800000}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="e2ecab31cc7f"}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x800}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x30000111)
r0 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x70, r0, 0x8, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}, @NLBL_UNLABEL_A_SECCTX={0x2b, 0x7, 'system_u:object_r:setrans_var_run_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004004)
ioctl$DRM_IOCTL_SET_UNIQUE(0xffffffffffffffff, 0x40106410, &(0x7f00000003c0)={0x99, &(0x7f0000000300)="5873998fdecfb8450feb359d7916ae551b14bd9a940da3cc264263bf48fca4c8a16ec3c0784f80e6db58d27717ffda1c5e762a2ca5c2f149879136034d53ce1845677f454071bfcfc89239a3d7c4a42c3893ed5bc6c632ba85236702f250f915308cc4685dca56d3a6e99625654d084d0070b3b0b0cdbeea56e340460641f033e3f460c1948ae4c6498d563541381c57f0e1048091db72c2ac"})
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000440)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x54, r1, 0x400, 0x70bd25, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'macsec0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010100}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x40048d1}, 0xc800)

05:55:18 executing program 4:
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

[ 1553.522276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1553.531630] Call Trace:
[ 1553.534226]  dump_stack+0x1b2/0x281
[ 1553.537863]  should_fail.cold+0x10a/0x149
[ 1553.542018]  should_failslab+0xd6/0x130
[ 1553.546003]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1553.550681]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.554564]  copy_mount_options+0x59/0x2f0
[ 1553.558795]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.562686]  SyS_mount+0x84/0x120
[ 1553.566140]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.570032]  do_syscall_64+0x1d5/0x640
05:55:18 executing program 4:
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x1f, 0x1, 0x7})

05:55:18 executing program 4:
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

05:55:18 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f00000000c0))

05:55:18 executing program 0 (fault-call:1 fault-nth:1):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1553.573929]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1553.579121] RIP: 0033:0x45e219
[ 1553.582318] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1553.590026] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1553.597301] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1553.604578] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1553.611850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1553.619123] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:18 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x4, 0x80800)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(0xffffffffffffffff, 0xc00464be, &(0x7f0000000040)={0x2})

05:55:18 executing program 1 (fault-call:1 fault-nth:2):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:18 executing program 2:
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:18 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

[ 1553.675954] FAULT_INJECTION: forcing a failure.
[ 1553.675954] name failslab, interval 1, probability 0, space 0, times 0
[ 1553.701369] FAULT_INJECTION: forcing a failure.
[ 1553.701369] name failslab, interval 1, probability 0, space 0, times 0
05:55:18 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

[ 1553.721498] CPU: 1 PID: 28671 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1553.729413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1553.738872] Call Trace:
[ 1553.741460]  dump_stack+0x1b2/0x281
[ 1553.745089]  should_fail.cold+0x10a/0x149
[ 1553.749233]  should_failslab+0xd6/0x130
[ 1553.753205]  kmem_cache_alloc+0x28e/0x3c0
[ 1553.757354]  getname_flags+0xc8/0x550
[ 1553.761167]  user_path_at_empty+0x2a/0x50
[ 1553.765312]  do_mount+0x118/0x2a00
[ 1553.768854]  ? copy_mount_string+0x40/0x40
05:55:18 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, &(0x7f0000000140)=""/6})

[ 1553.773086]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1553.778104]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1553.782941]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.786830]  ? copy_mount_options+0x1fa/0x2f0
[ 1553.791321]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.795205]  SyS_mount+0xa8/0x120
[ 1553.798657]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.802549]  do_syscall_64+0x1d5/0x640
[ 1553.806438]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1553.811615] RIP: 0033:0x45e219
[ 1553.814796] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, 0x0)

05:55:18 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)

[ 1553.822511] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1553.829781] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1553.837043] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1553.844308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1553.851598] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1553.877524] CPU: 0 PID: 28663 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1553.885431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1553.894781] Call Trace:
[ 1553.897374]  dump_stack+0x1b2/0x281
[ 1553.901007]  should_fail.cold+0x10a/0x149
[ 1553.905160]  should_failslab+0xd6/0x130
[ 1553.908570] FAULT_INJECTION: forcing a failure.
[ 1553.908570] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1553.909136]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1553.925565]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.929439]  copy_mount_options+0x59/0x2f0
[ 1553.933657]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.937526]  SyS_mount+0x84/0x120
[ 1553.940959]  ? copy_mnt_ns+0xa30/0xa30
[ 1553.944828]  do_syscall_64+0x1d5/0x640
[ 1553.948702]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1553.953871] RIP: 0033:0x45e219
[ 1553.957040] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1553.964730] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
05:55:19 executing program 1 (fault-call:1 fault-nth:3):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1553.971980] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1553.979231] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1553.986611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1553.993860] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1554.001127] CPU: 1 PID: 28688 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1554.009010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1554.018376] Call Trace:
[ 1554.020964]  dump_stack+0x1b2/0x281
05:55:19 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000040))
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:19 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r1 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1002000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@nodevmap='nodevmap'}, {@loose='loose'}, {@msize={'msize', 0x3d, 0x1}}, {@cachetag={'cachetag', 0x3d, '\xb1!.$,{-!&./'}}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}]}})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000080)={&(0x7f0000ffa000/0x3000)=nil, 0x4, 0x2, 0x3})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0x8001})

[ 1554.024595]  should_fail.cold+0x10a/0x149
[ 1554.028750]  __alloc_pages_nodemask+0x22c/0x2720
[ 1554.033506]  ? deref_stack_reg+0x124/0x1a0
[ 1554.037748]  ? __lock_acquire+0x5fc/0x3f20
[ 1554.041990]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1554.047092]  ? kernel_text_address+0xbd/0xf0
[ 1554.051502]  ? __kernel_text_address+0x9/0x30
[ 1554.056003]  ? depot_save_stack+0x10d/0x3f0
[ 1554.060327]  ? kasan_kmalloc+0x139/0x160
[ 1554.064395]  cache_grow_begin+0x91/0x630
[ 1554.068466]  ? check_preemption_disabled+0x35/0x240
[ 1554.073485]  cache_alloc_refill+0x273/0x350
[ 1554.077812]  kmem_cache_alloc+0x333/0x3c0
[ 1554.081960]  getname_flags+0xc8/0x550
[ 1554.085756]  user_path_at_empty+0x2a/0x50
[ 1554.089882]  do_mount+0x118/0x2a00
[ 1554.093406]  ? copy_mount_string+0x40/0x40
[ 1554.097618]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1554.102617]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1554.107442]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.111311]  ? copy_mount_options+0x1fa/0x2f0
[ 1554.115786]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.119653]  SyS_mount+0xa8/0x120
[ 1554.123084]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.126952]  do_syscall_64+0x1d5/0x640
[ 1554.130819]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1554.135986] RIP: 0033:0x45e219
[ 1554.139185] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1554.146923] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1554.154212] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1554.161460] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1554.168708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
05:55:19 executing program 0 (fault-call:1 fault-nth:2):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:19 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/188)

05:55:19 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, 0x0)

05:55:19 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xfcf, 0x200)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{}, {}, {}, {}]})

05:55:19 executing program 5 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:19 executing program 1 (fault-call:1 fault-nth:4):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1554.175962] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:19 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffffe, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f00000000c0)={0x600000, 0x3bb, 0x5, 0x8, 0xfffffffd, 0xfffffff9})
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x5, 0x101800)

05:55:19 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x20000, 0x2040)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000000c0))
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:19 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, 0x0)

[ 1554.233137] FAULT_INJECTION: forcing a failure.
[ 1554.233137] name failslab, interval 1, probability 0, space 0, times 0
[ 1554.246159] FAULT_INJECTION: forcing a failure.
[ 1554.246159] name failslab, interval 1, probability 0, space 0, times 0
[ 1554.262556] FAULT_INJECTION: forcing a failure.
[ 1554.262556] name failslab, interval 1, probability 0, space 0, times 0
05:55:19 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1554.278784] CPU: 1 PID: 28707 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1554.286798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1554.296154] Call Trace:
[ 1554.298761]  dump_stack+0x1b2/0x281
[ 1554.302406]  should_fail.cold+0x10a/0x149
[ 1554.306560]  should_failslab+0xd6/0x130
[ 1554.310543]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1554.315223]  __vgem_gem_create+0x44/0xe0
[ 1554.319282]  vgem_gem_dumb_create+0xc5/0x210
[ 1554.323690]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1554.328810]  ? __drm_printfn_debug+0x70/0x70
05:55:19 executing program 2:
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000040)={0x1})
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x400000000, 0x4402)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x101c3, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/4096)

[ 1554.333208]  drm_ioctl_kernel+0x14c/0x200
[ 1554.337357]  drm_ioctl+0x419/0x870
[ 1554.340989]  ? __drm_printfn_debug+0x70/0x70
[ 1554.345393]  ? drm_getstats+0x20/0x20
[ 1554.349193]  ? fsnotify+0x974/0x11b0
[ 1554.352908]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1554.357834]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1554.362848]  ? SyS_write+0x1b7/0x210
[ 1554.366563]  ? drm_getstats+0x20/0x20
[ 1554.370388]  do_vfs_ioctl+0x75a/0xff0
[ 1554.374183]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1554.378583]  ? lock_downgrade+0x740/0x740
[ 1554.382720]  ? __fget+0x225/0x360
[ 1554.386159]  ? do_vfs_ioctl+0xff0/0xff0
[ 1554.390121]  ? security_file_ioctl+0x83/0xb0
[ 1554.394523]  SyS_ioctl+0x7f/0xb0
[ 1554.397976]  ? do_vfs_ioctl+0xff0/0xff0
[ 1554.401943]  do_syscall_64+0x1d5/0x640
[ 1554.407829]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1554.413005] RIP: 0033:0x45e219
[ 1554.416185] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1554.423882] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1554.431132] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1554.438383] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1554.445635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1554.452890] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
[ 1554.460273] CPU: 0 PID: 28711 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1554.468158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1554.477588] Call Trace:
[ 1554.480173]  dump_stack+0x1b2/0x281
[ 1554.483789]  should_fail.cold+0x10a/0x149
[ 1554.488011]  should_failslab+0xd6/0x130
[ 1554.491968]  kmem_cache_alloc+0x28e/0x3c0
[ 1554.496102]  getname_flags+0xc8/0x550
[ 1554.499885]  user_path_at_empty+0x2a/0x50
[ 1554.504017]  do_mount+0x118/0x2a00
[ 1554.507669]  ? copy_mount_string+0x40/0x40
[ 1554.511894]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1554.516901]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1554.521723]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.525679]  ? copy_mount_options+0x1fa/0x2f0
[ 1554.530155]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.534024]  SyS_mount+0xa8/0x120
[ 1554.537561]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.541434]  do_syscall_64+0x1d5/0x640
[ 1554.545312]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1554.550483] RIP: 0033:0x45e219
[ 1554.553653] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1554.561341] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1554.568596] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1554.575847] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
05:55:19 executing program 4 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1554.583096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1554.590349] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1554.597618] CPU: 1 PID: 28706 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1554.605506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1554.614859] Call Trace:
[ 1554.617450]  dump_stack+0x1b2/0x281
[ 1554.621078]  should_fail.cold+0x10a/0x149
[ 1554.625228]  should_failslab+0xd6/0x130
[ 1554.629207]  kmem_cache_alloc+0x28e/0x3c0
[ 1554.633358]  alloc_vfsmnt+0x23/0x7f0
[ 1554.637069]  ? _raw_read_unlock+0x29/0x40
[ 1554.641219]  vfs_kern_mount.part.0+0x27/0x470
[ 1554.645714]  do_mount+0xe53/0x2a00
[ 1554.649264]  ? copy_mount_string+0x40/0x40
[ 1554.653503]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1554.658521]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.662406]  ? copy_mount_options+0x1fa/0x2f0
[ 1554.666900]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.670788]  SyS_mount+0xa8/0x120
[ 1554.674241]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.678130]  do_syscall_64+0x1d5/0x640
05:55:19 executing program 0 (fault-call:1 fault-nth:3):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:19 executing program 1 (fault-call:1 fault-nth:5):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:19 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x80000, 0x22000)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000140)={0xcb, &(0x7f0000000000)="f9e2f5fb0e98b4b90b5e47da247b56aa1f48b6c473b56299d68a79d5dc05ac6af5bd0ca13792a1c5367723a5ec3828ffa894e2f48676fc32ccd74cbe42c4f7f226973260be0491b2a20b4110745203fab78dbd67be981c5513feeb46006cf88d7d4d741ae04ef69062c30a6fc8ce4e94d0e9d23cd2a61ac79f3d4613e6b770c2d3f80c7cb09992ff4f01d0394814271a9caa76c3b094c23774e597a6434dfcd545ddcf5aa8315ffabbbaf4b7583190f339c7a7e6d0fa9df7fdc6a5ad04759a04e7cdb917bb304e313408a2"})

05:55:19 executing program 3:
sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xf8ffa1dbdacc3f60}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x42c, 0x3f3, 0x8, 0x70bd2b, 0x25dfdbfc, {0x1, 0x2, 0x1d, [0x8, 0x4, 0x3f906c5b, 0x3, 0x1, 0x0, 0xfffeffff, 0x2, 0x0, 0x7, 0x1f, 0x80, 0xfffffffc, 0xff, 0x9, 0x6, 0x1, 0xc1, 0xc00, 0x4a45dd40, 0x2, 0xffff, 0x798, 0x9, 0x8, 0x5, 0x226c, 0x3f, 0x6, 0x4, 0x5, 0x6, 0x401, 0x0, 0x6a0, 0x8, 0xffffffff, 0x2, 0x5, 0x6, 0x4, 0x17f68318, 0x0, 0x1f, 0x6, 0x5, 0x1, 0x4, 0xa4, 0x5, 0x8, 0x6, 0xfffffc00, 0x3bbe, 0x0, 0x40, 0x1f, 0x4, 0x6, 0x100, 0x2, 0xffff, 0x5d, 0xfffffff8], [0x1, 0x4, 0x3, 0x8000, 0x9, 0xffff, 0xffff, 0x6, 0x3800000, 0x2, 0x2, 0x8, 0x4, 0x3, 0x6, 0x1, 0x62ca, 0x2, 0x7, 0xff, 0x0, 0x99, 0x7, 0x4, 0x4, 0x7fff, 0x9, 0x0, 0xdd, 0x1, 0x5ac4, 0x2, 0x0, 0x5, 0x8, 0x2400000, 0xfff, 0x6, 0x4, 0x1, 0x100, 0x1b, 0x6, 0x1, 0x800, 0x44, 0x390, 0x200, 0x7, 0xfa, 0x7ff, 0x7, 0x4, 0x1, 0x2, 0x40, 0x8, 0x3, 0x6, 0x3ff, 0x3, 0x8000, 0x20, 0xfff], [0x16, 0x9, 0x4, 0x152, 0x62e, 0xfff, 0x4, 0x9, 0x1f, 0xe1, 0x1, 0xff, 0x3, 0x7fff, 0x7, 0x6, 0x4, 0x2d5, 0x6, 0x5, 0x5b00000, 0x41, 0x9, 0x80, 0x1, 0x80000001, 0x7, 0x8b, 0x80000000, 0x1, 0x8000, 0x1, 0x5, 0xf1, 0xdb, 0x400, 0x9, 0x7fffffff, 0x4, 0x7, 0x6, 0x7fff, 0xa54, 0x6, 0x1000, 0xffffffff, 0x8, 0x5, 0xfffffffc, 0x8000, 0xa00, 0x1, 0x4a4, 0x7f, 0x9, 0x2, 0x5, 0x1, 0x0, 0x9a6, 0xffff774a, 0x7, 0xffff4d06, 0x7], [0x1, 0x7f, 0x7, 0xffffffff, 0xfffffff9, 0x2, 0x1, 0x20, 0x0, 0x3, 0x20, 0x1000000, 0x80000000, 0x9, 0x1, 0x7, 0xffffffff, 0x1f, 0x0, 0x37, 0x0, 0xd2a, 0x7fff, 0x1, 0x0, 0xfffffffc, 0x1b7, 0x2, 0x6875, 0x1, 0xfff, 0x1, 0x7, 0xc00000, 0xfffffc00, 0x2, 0x7fffffff, 0x3f, 0x9, 0x100, 0x5, 0xffffffc0, 0x3f, 0x3, 0x81, 0xa33, 0x8, 0xdf90, 0xffffffff, 0xf, 0x5d3b674e, 0x9, 0x7, 0x6d3, 0xffff, 0x2, 0x101, 0x4, 0xb580, 0x4, 0x8, 0x4, 0x80000000, 0xffffffff], 0x9, ['*&[:\\].\'\x00']}, ["", ""]}, 0x42c}, 0x1, 0x0, 0x0, 0x10}, 0x4010)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000580)={0x5})

[ 1554.682028]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1554.687213] RIP: 0033:0x45e219
[ 1554.690391] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1554.698076] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1554.705360] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1554.712606] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1554.719855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1554.727109] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:19 executing program 5 (fault-call:1 fault-nth:1):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:19 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0xc63, 0x521c1)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

[ 1554.785884] FAULT_INJECTION: forcing a failure.
[ 1554.785884] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1554.800042] FAULT_INJECTION: forcing a failure.
[ 1554.800042] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1554.804417] FAULT_INJECTION: forcing a failure.
[ 1554.804417] name failslab, interval 1, probability 0, space 0, times 0
[ 1554.811881] CPU: 0 PID: 28740 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1554.811888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1554.811892] Call Trace:
[ 1554.811910]  dump_stack+0x1b2/0x281
[ 1554.811927]  should_fail.cold+0x10a/0x149
[ 1554.850601]  __alloc_pages_nodemask+0x22c/0x2720
[ 1554.855352]  ? deref_stack_reg+0x124/0x1a0
[ 1554.859573]  ? __lock_acquire+0x5fc/0x3f20
[ 1554.863795]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1554.868616]  ? kernel_text_address+0xbd/0xf0
[ 1554.873004]  ? __kernel_text_address+0x9/0x30
[ 1554.877493]  ? depot_save_stack+0x10d/0x3f0
[ 1554.881825]  ? kasan_kmalloc+0x139/0x160
[ 1554.885878]  cache_grow_begin+0x91/0x630
[ 1554.889941]  ? check_preemption_disabled+0x35/0x240
[ 1554.894939]  cache_alloc_refill+0x273/0x350
[ 1554.899263]  kmem_cache_alloc+0x333/0x3c0
[ 1554.903412]  getname_flags+0xc8/0x550
[ 1554.907283]  user_path_at_empty+0x2a/0x50
[ 1554.911416]  do_mount+0x118/0x2a00
[ 1554.916418]  ? copy_mount_string+0x40/0x40
[ 1554.920639]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1554.925637]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1554.930459]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.934332]  ? copy_mount_options+0x1fa/0x2f0
[ 1554.938809]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.942694]  SyS_mount+0xa8/0x120
[ 1554.946129]  ? copy_mnt_ns+0xa30/0xa30
[ 1554.949999]  do_syscall_64+0x1d5/0x640
[ 1554.953873]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1554.960015] RIP: 0033:0x45e219
[ 1554.963186] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1554.970875] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1554.978141] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1554.985392] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1554.992642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1554.999893] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1555.007503] CPU: 1 PID: 28743 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1555.015396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1555.024870] Call Trace:
[ 1555.027477]  dump_stack+0x1b2/0x281
[ 1555.031114]  should_fail.cold+0x10a/0x149
[ 1555.035268]  should_failslab+0xd6/0x130
[ 1555.039245]  kmem_cache_alloc+0x28e/0x3c0
[ 1555.043397]  __d_alloc+0x2a/0xa20
[ 1555.046859]  __shmem_file_setup.part.0+0xcb/0x3c0
[ 1555.051701]  ? fs_reclaim_release+0xd0/0x110
[ 1555.056138]  ? shmem_create+0x30/0x30
[ 1555.060218]  ? __vgem_gem_create+0x44/0xe0
[ 1555.064460]  shmem_file_setup+0x4b/0x60
[ 1555.068441]  drm_gem_object_init+0x36/0xa0
[ 1555.072680]  __vgem_gem_create+0x6a/0xe0
[ 1555.076743]  vgem_gem_dumb_create+0xc5/0x210
[ 1555.081157]  drm_mode_create_dumb_ioctl+0x221/0x2b0
05:55:20 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000040)={0x0, 0x0, 0x3b6, 0x0, 0xfffffffe, 0x5})

[ 1555.086176]  ? __drm_printfn_debug+0x70/0x70
[ 1555.090585]  drm_ioctl_kernel+0x14c/0x200
[ 1555.094736]  drm_ioctl+0x419/0x870
[ 1555.098295]  ? __drm_printfn_debug+0x70/0x70
[ 1555.102700]  ? drm_getstats+0x20/0x20
[ 1555.106501]  ? fsnotify+0x974/0x11b0
[ 1555.110210]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1555.115139]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1555.120151]  ? SyS_write+0x1b7/0x210
[ 1555.123861]  ? drm_getstats+0x20/0x20
[ 1555.127655]  do_vfs_ioctl+0x75a/0xff0
[ 1555.131446]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1555.135846]  ? lock_downgrade+0x740/0x740
[ 1555.139996]  ? __fget+0x225/0x360
[ 1555.143450]  ? do_vfs_ioctl+0xff0/0xff0
[ 1555.147423]  ? security_file_ioctl+0x83/0xb0
[ 1555.151834]  SyS_ioctl+0x7f/0xb0
[ 1555.155198]  ? do_vfs_ioctl+0xff0/0xff0
[ 1555.159167]  do_syscall_64+0x1d5/0x640
[ 1555.163059]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1555.168236] RIP: 0033:0x45e219
[ 1555.171411] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1555.179107] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
05:55:20 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x5, 0x40c40)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f00000007c0)={0x7, &(0x7f0000000140)=""/207, &(0x7f00000008c0)=[{0x3, 0x8c, 0x6, &(0x7f0000000240)=""/140}, {0x6, 0xe5, 0x6, &(0x7f0000000300)=""/229}, {0xfffffffd, 0x6c, 0x3, &(0x7f0000000400)=""/108}, {0x24, 0xb1, 0x2, &(0x7f0000000480)=""/177}, {0x3ff, 0xab, 0x6, &(0x7f0000000700)=""/171}, {0x8006, 0xd5, 0x1ff, &(0x7f0000000980)=""/213}, {0xaa, 0xaf, 0xee, &(0x7f0000000800)=""/175}]})
r2 = syz_open_dev$mouse(&(0x7f0000000580)='/dev/input/mouse#\x00', 0x0, 0xa00)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r2, 0xc01064c7, &(0x7f0000000600)={0x5, 0x0, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000540))

05:55:20 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f00000002c0)={0x2, &(0x7f0000000080)})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000300)={&(0x7f00000000c0)=[0x4, 0x8, 0x7, 0x80, 0x80, 0xcde9, 0x8000, 0x1], 0x8, 0x0, 0x0, <r3=>0xffffffffffffffff})
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000380)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x84000080}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x30, r4, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vcan0\x00'}]}, 0x30}}, 0x20004080)
r5 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x12, 0x402c02)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000040)={<r6=>0x0, 0x0, r5})
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r5, 0x40046411, &(0x7f0000000080)=0x1)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000240)={r6, 0x80000, <r8=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r8, 0xc01064ab, &(0x7f0000000280)={0xfff, 0x7, 0x1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000001c0)={&(0x7f0000000140)=[0x1, 0x3, 0xffffffff, 0xff, 0x2000000, 0x9, 0x4, 0x0], 0x8, 0x1ff, 0x81, 0x8, 0x4c5, 0x3f, 0x1f, {0x3ff, 0x4, 0x2, 0x9, 0x72, 0x3000, 0x8, 0x3f, 0x12, 0x8, 0xff29, 0x5, 0x7bfe, 0xc1, "897e49937f1310386ca6c14c89655a5814936a46c282f34ce1be8dd10cbbac01"}})
ioctl$DRM_IOCTL_ADD_CTX(r7, 0xc0086420, &(0x7f0000000500)={<r9=>0x0})
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000580)={r9, &(0x7f0000000540)=""/33})

05:55:20 executing program 3:
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0x2})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

[ 1555.186360] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1555.193625] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1555.200886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1555.208147] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
[ 1555.250355] CPU: 0 PID: 28737 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1555.258286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1555.267688] Call Trace:
[ 1555.270299]  dump_stack+0x1b2/0x281
[ 1555.273939]  should_fail.cold+0x10a/0x149
[ 1555.278100]  __alloc_pages_nodemask+0x22c/0x2720
[ 1555.282865]  ? trace_hardirqs_on+0x10/0x10
[ 1555.287105]  ? pcpu_alloc+0xbe0/0xf50
[ 1555.290912]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1555.295766]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1555.297636] FAULT_INJECTION: forcing a failure.
[ 1555.297636] name failslab, interval 1, probability 0, space 0, times 0
[ 1555.301218]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1555.301234]  alloc_pages_current+0x155/0x260
[ 1555.301244]  ? __lockdep_init_map+0x100/0x560
[ 1555.301259]  get_zeroed_page+0x19/0x50
[ 1555.330185]  mount_fs+0x1c7/0x2a0
[ 1555.333640]  vfs_kern_mount.part.0+0x5b/0x470
[ 1555.338133]  do_mount+0xe53/0x2a00
[ 1555.341671]  ? do_raw_spin_unlock+0x164/0x220
[ 1555.346157]  ? copy_mount_string+0x40/0x40
[ 1555.350381]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1555.355391]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.359274]  ? copy_mount_options+0x1fa/0x2f0
[ 1555.363761]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.367655]  SyS_mount+0xa8/0x120
[ 1555.371115]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.374999]  do_syscall_64+0x1d5/0x640
[ 1555.378876]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1555.384049] RIP: 0033:0x45e219
[ 1555.387220] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:20 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x3, 0x9, 0x3, 0x80, 0x5, 0x8, 0xff, 0x4, 0x7], 0x9, 0x800})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:20 executing program 0 (fault-call:1 fault-nth:4):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:20 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
write$cgroup_devices(r1, &(0x7f0000000880)={'c', ' *:* ', 'rw\x00'}, 0x9)
r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0xffffffff, 0x501200)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000140)={0x6, <r3=>0x0, 0x2})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r2, 0xc01864b0, &(0x7f0000000840)={0xfffffff7, 0x8000, 0x3, 0xffff, 0x4})
ioctl$DRM_IOCTL_AGP_BIND(r2, 0x40106436, &(0x7f00000001c0)={r3, 0xf3})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000240)={&(0x7f0000000200)=[0x8001, 0xb5a, 0x101, 0x4, 0x7ab9, 0x5, 0x0, 0x5, 0x40b1f2ee, 0x40], 0xa, 0x10001, 0x10000, 0x1, 0x400, 0x0, 0x5, {0x8, 0x9, 0x5, 0x9, 0x3ff, 0xa543, 0x4, 0x400, 0x100, 0x8155, 0x7fff, 0x1f, 0x7ff, 0x8000, "c2c1d4adb8ab7a1e55e40d5d7f6f26fafa8c5db90084235e1af117a8d3931480"}})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f00000007c0)={0x6, &(0x7f00000002c0)=""/219, &(0x7f0000000700)=[{0x0, 0x2a, 0x7, &(0x7f00000003c0)=""/42}, {0x1, 0x93, 0x5, &(0x7f0000000400)=""/147}, {0xd97e, 0x65, 0x4, &(0x7f00000004c0)=""/101}, {0x6, 0xb0, 0x1, &(0x7f0000000540)=""/176}, {0x7, 0x57, 0x6b, &(0x7f0000000600)=""/87}, {0x2, 0x72, 0x9, &(0x7f0000000680)=""/114}]})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r4, 0xc0286415, &(0x7f0000000800)={&(0x7f0000ff9000/0x4000)=nil, 0x7fffffff, 0x0, 0x11})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f0000000080)={&(0x7f0000000000)=[0x0], &(0x7f0000000040)=[{}], 0x3, 0x0, [], 0x1, 0x1})

[ 1555.394913] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1555.402166] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1555.409420] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1555.416677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 1555.423947] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1555.431216] CPU: 1 PID: 28757 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1555.439098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1555.448448] Call Trace:
[ 1555.451050]  dump_stack+0x1b2/0x281
[ 1555.454662]  should_fail.cold+0x10a/0x149
[ 1555.458796]  should_failslab+0xd6/0x130
[ 1555.462755]  kmem_cache_alloc+0x28e/0x3c0
[ 1555.466898]  alloc_vfsmnt+0x23/0x7f0
[ 1555.470593]  ? _raw_read_unlock+0x29/0x40
[ 1555.474723]  vfs_kern_mount.part.0+0x27/0x470
[ 1555.479202]  do_mount+0xe53/0x2a00
[ 1555.482727]  ? copy_mount_string+0x40/0x40
[ 1555.486943]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1555.491942]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.495811]  ? copy_mount_options+0x1fa/0x2f0
[ 1555.500287]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.504157]  SyS_mount+0xa8/0x120
[ 1555.507595]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.511465]  do_syscall_64+0x1d5/0x640
[ 1555.515339]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1555.520510] RIP: 0033:0x45e219
[ 1555.523682] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1555.531370] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1555.538622] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1555.545872] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1555.553123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1555.560390] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:20 executing program 1 (fault-call:1 fault-nth:6):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:20 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
accept(r1, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000080)=0x80)

05:55:20 executing program 5 (fault-call:1 fault-nth:2):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:20 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x4000000000000003, 0x220001)
r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x5, 0x8200)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0x1, 0x2, 0x3f})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

05:55:20 executing program 0 (fault-call:1 fault-nth:5):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1555.634163] FAULT_INJECTION: forcing a failure.
[ 1555.634163] name failslab, interval 1, probability 0, space 0, times 0
[ 1555.634174] CPU: 1 PID: 28772 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1555.634181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1555.634184] Call Trace:
[ 1555.634200]  dump_stack+0x1b2/0x281
[ 1555.634216]  should_fail.cold+0x10a/0x149
[ 1555.652369] FAULT_INJECTION: forcing a failure.
[ 1555.652369] name failslab, interval 1, probability 0, space 0, times 0
[ 1555.653278]  should_failslab+0xd6/0x130
[ 1555.653292]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1555.653306]  v9fs_mount+0x54/0x860
[ 1555.653315]  ? alloc_pages_current+0x15d/0x260
[ 1555.653325]  ? __lockdep_init_map+0x100/0x560
[ 1555.653336]  mount_fs+0x92/0x2a0
[ 1555.653349]  vfs_kern_mount.part.0+0x5b/0x470
[ 1555.713155]  do_mount+0xe53/0x2a00
[ 1555.716708]  ? copy_mount_string+0x40/0x40
[ 1555.720927]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1555.725933]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.729809]  ? copy_mount_options+0x1fa/0x2f0
[ 1555.734285]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.738156]  SyS_mount+0xa8/0x120
[ 1555.741597]  ? copy_mnt_ns+0xa30/0xa30
[ 1555.745479]  do_syscall_64+0x1d5/0x640
[ 1555.749361]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1555.754539] RIP: 0033:0x45e219
[ 1555.757709] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1555.765406] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1555.772667] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1555.780052] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1555.787313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[ 1555.794578] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1555.801854] CPU: 0 PID: 28774 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1555.809744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1555.812349] FAULT_INJECTION: forcing a failure.
[ 1555.812349] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1555.819092] Call Trace:
[ 1555.819110]  dump_stack+0x1b2/0x281
[ 1555.819123]  should_fail.cold+0x10a/0x149
[ 1555.819137]  should_failslab+0xd6/0x130
[ 1555.819154]  kmem_cache_alloc+0x28e/0x3c0
[ 1555.849297]  ? shmem_destroy_callback+0xa0/0xa0
[ 1555.853957]  shmem_alloc_inode+0x18/0x40
[ 1555.858000]  ? shmem_destroy_callback+0xa0/0xa0
[ 1555.862664]  alloc_inode+0x5d/0x170
[ 1555.866276]  new_inode+0x1d/0xf0
[ 1555.869626]  shmem_get_inode+0x8b/0x890
[ 1555.873583]  __shmem_file_setup.part.0+0x104/0x3c0
[ 1555.878494]  ? fs_reclaim_release+0xd0/0x110
[ 1555.882886]  ? shmem_create+0x30/0x30
[ 1555.886675]  ? __vgem_gem_create+0x44/0xe0
[ 1555.890896]  shmem_file_setup+0x4b/0x60
[ 1555.894854]  drm_gem_object_init+0x36/0xa0
[ 1555.899071]  __vgem_gem_create+0x6a/0xe0
[ 1555.903119]  vgem_gem_dumb_create+0xc5/0x210
[ 1555.907542]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1555.912539]  ? __drm_printfn_debug+0x70/0x70
[ 1555.916925]  drm_ioctl_kernel+0x14c/0x200
[ 1555.921070]  drm_ioctl+0x419/0x870
[ 1555.924593]  ? __drm_printfn_debug+0x70/0x70
[ 1555.928999]  ? drm_getstats+0x20/0x20
[ 1555.932787]  ? fsnotify+0x974/0x11b0
[ 1555.936481]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1555.941413]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1555.946414]  ? SyS_write+0x1b7/0x210
[ 1555.950108]  ? drm_getstats+0x20/0x20
[ 1555.953888]  do_vfs_ioctl+0x75a/0xff0
[ 1555.957672]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1555.962076]  ? lock_downgrade+0x740/0x740
[ 1555.966207]  ? __fget+0x225/0x360
[ 1555.969640]  ? do_vfs_ioctl+0xff0/0xff0
[ 1555.973595]  ? security_file_ioctl+0x83/0xb0
[ 1555.977984]  SyS_ioctl+0x7f/0xb0
[ 1555.981330]  ? do_vfs_ioctl+0xff0/0xff0
[ 1555.985309]  do_syscall_64+0x1d5/0x640
[ 1555.989191]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1555.994368] RIP: 0033:0x45e219
[ 1555.997538] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1556.005225] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1556.012475] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1556.019726] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1556.026998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
05:55:20 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xa4, 0x0, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'macsec0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x1f, 0x7, 'system_u:object_r:man_t:s0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, [], 0x1}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:restorecond_exec_t:s0\x00'}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40000}, 0x811)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:20 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0, 0x0], 0x7})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x0, 0x0]})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000005980)={0x0, 0x0, &(0x7f0000005900)=[{&(0x7f0000000440)={0x14, 0x34, 0x4, 0x0, 0x25dfdbfd, "", [@generic='+']}, 0x14}, {&(0x7f0000002ec0)={0x28, 0x2e, 0x1, 0x0, 0x0, "", [@generic="e0604bc515cbc4d3", @typed={0xe, 0x0, 0x0, 0x0, @str='/dev/zero\x00'}]}, 0x28}], 0x2}, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r3, 0xc02064a4, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000200)=[0x9, 0x2, 0x1], &(0x7f0000000240)=[0xc, 0x5, 0xfffb, 0x7fff, 0xd, 0x7], &(0x7f0000000280)})
r4 = syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0x9, 0x230600)
sendmsg$BATADV_CMD_SET_HARDIF(r4, &(0x7f00000003c0)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x3c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x81}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x4c000)

05:55:20 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7f2, 0xffffffe0})

[ 1556.034259] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
[ 1556.041528] CPU: 1 PID: 28780 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1556.049449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1556.058802] Call Trace:
[ 1556.061395]  dump_stack+0x1b2/0x281
[ 1556.065028]  should_fail.cold+0x10a/0x149
[ 1556.069182]  __alloc_pages_nodemask+0x22c/0x2720
[ 1556.073950]  ? trace_hardirqs_on+0x10/0x10
[ 1556.078211]  ? _find_next_bit+0xdb/0x100
[ 1556.082272]  ? pcpu_alloc+0xbe0/0xf50
[ 1556.086079]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1556.090932]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1556.096391]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1556.101419]  alloc_pages_current+0x155/0x260
[ 1556.105828]  ? __lockdep_init_map+0x100/0x560
[ 1556.110323]  get_zeroed_page+0x19/0x50
[ 1556.114206]  mount_fs+0x1c7/0x2a0
[ 1556.117661]  vfs_kern_mount.part.0+0x5b/0x470
[ 1556.122157]  do_mount+0xe53/0x2a00
[ 1556.125703]  ? copy_mount_string+0x40/0x40
[ 1556.129939]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1556.130437] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1556.134956]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.134967]  ? copy_mount_options+0x1fa/0x2f0
[ 1556.134975]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.134984]  SyS_mount+0xa8/0x120
[ 1556.134992]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.135002]  do_syscall_64+0x1d5/0x640
[ 1556.135019]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1556.135026] RIP: 0033:0x45e219
[ 1556.135031] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:21 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=""/107})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:21 executing program 5 (fault-call:1 fault-nth:3):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:21 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000040))
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000000)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0xfff], 0x1, 0x400, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x2, 0x3f], 0x2, 0x80800, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f0000000180)={&(0x7f0000000140)="805427bb46ac01c79d785b8107", 0xd})

[ 1556.135042] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1556.135046] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1556.135054] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1556.149511] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1556.151889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 1556.220679] FAULT_INJECTION: forcing a failure.
[ 1556.220679] name failslab, interval 1, probability 0, space 0, times 0
[ 1556.220743] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1556.239181] CPU: 0 PID: 28792 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1556.247066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1556.256416] Call Trace:
[ 1556.259007]  dump_stack+0x1b2/0x281
[ 1556.262677]  should_fail.cold+0x10a/0x149
[ 1556.266827]  should_failslab+0xd6/0x130
[ 1556.270809]  kmem_cache_alloc+0x28e/0x3c0
[ 1556.274949]  get_empty_filp+0x86/0x3e0
[ 1556.278814]  alloc_file+0x23/0x440
[ 1556.282334]  __shmem_file_setup.part.0+0x198/0x3c0
[ 1556.287240]  ? fs_reclaim_release+0xd0/0x110
[ 1556.291627]  ? shmem_create+0x30/0x30
[ 1556.295411]  ? __vgem_gem_create+0x44/0xe0
[ 1556.299628]  shmem_file_setup+0x4b/0x60
[ 1556.303601]  drm_gem_object_init+0x36/0xa0
[ 1556.307836]  __vgem_gem_create+0x6a/0xe0
[ 1556.311900]  vgem_gem_dumb_create+0xc5/0x210
[ 1556.316313]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1556.321330]  ? __drm_printfn_debug+0x70/0x70
[ 1556.325740]  drm_ioctl_kernel+0x14c/0x200
[ 1556.329892]  drm_ioctl+0x419/0x870
[ 1556.333435]  ? __drm_printfn_debug+0x70/0x70
[ 1556.337177] FAULT_INJECTION: forcing a failure.
[ 1556.337177] name failslab, interval 1, probability 0, space 0, times 0
[ 1556.337838]  ? drm_getstats+0x20/0x20
[ 1556.337853]  ? fsnotify+0x974/0x11b0
[ 1556.337868]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1556.349723] FAULT_INJECTION: forcing a failure.
[ 1556.349723] name failslab, interval 1, probability 0, space 0, times 0
[ 1556.352869]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1556.352881]  ? SyS_write+0x1b7/0x210
[ 1556.352893]  ? drm_getstats+0x20/0x20
[ 1556.352903]  do_vfs_ioctl+0x75a/0xff0
[ 1556.352917]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1556.393335]  ? lock_downgrade+0x740/0x740
[ 1556.397489]  ? __fget+0x225/0x360
[ 1556.400936]  ? do_vfs_ioctl+0xff0/0xff0
[ 1556.404895]  ? security_file_ioctl+0x83/0xb0
[ 1556.409293]  SyS_ioctl+0x7f/0xb0
[ 1556.412648]  ? do_vfs_ioctl+0xff0/0xff0
[ 1556.416630]  do_syscall_64+0x1d5/0x640
[ 1556.420520]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1556.425694] RIP: 0033:0x45e219
[ 1556.428890] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
05:55:21 executing program 0 (fault-call:1 fault-nth:6):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:21 executing program 1 (fault-call:1 fault-nth:7):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:21 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x3ff, <r2=>0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000080)={r2, 0xffffffffffffff73})

[ 1556.436598] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1556.443873] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1556.451132] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1556.458388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1556.465645] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
[ 1556.472915] CPU: 1 PID: 28801 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1556.480809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1556.490164] Call Trace:
[ 1556.492755]  dump_stack+0x1b2/0x281
[ 1556.496385]  should_fail.cold+0x10a/0x149
[ 1556.500537]  should_failslab+0xd6/0x130
[ 1556.504520]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1556.509195]  v9fs_mount+0x54/0x860
[ 1556.512736]  ? alloc_pages_current+0x15d/0x260
[ 1556.517317]  ? __lockdep_init_map+0x100/0x560
[ 1556.521811]  mount_fs+0x92/0x2a0
[ 1556.525186]  vfs_kern_mount.part.0+0x5b/0x470
[ 1556.529687]  do_mount+0xe53/0x2a00
[ 1556.533234]  ? copy_mount_string+0x40/0x40
05:55:21 executing program 5 (fault-call:1 fault-nth:4):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:21 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
recvmsg(r1, &(0x7f00000003c0)={&(0x7f0000000140)=@in={0x2, 0x0, @private}, 0x80, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/208, 0xd0}, {&(0x7f00000002c0)=""/185, 0xb9}, {&(0x7f00000000c0)=""/6, 0x6}, {&(0x7f0000000440)=""/204, 0xcc}, {&(0x7f0000000540)=""/255, 0xff}, {&(0x7f0000000380)=""/14, 0xe}], 0x6, &(0x7f00000006c0)=""/114, 0x72}, 0x20)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000740)='/dev/zero\x00', 0x220640, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
shmctl$IPC_RMID(0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000080)={0x38, &(0x7f0000000040)=""/56})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000007c0)={&(0x7f0000000780)=[0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000840)={r3, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

05:55:21 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f00000000c0)={0x0, &(0x7f0000000140)=""/107})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/188)

05:55:21 executing program 4:
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x40, 0x60a6c1)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYRES16], 0x4c}}, 0x0)
recvmsg(r0, &(0x7f00000015c0)={&(0x7f00000000c0)=@xdp={0x2c, 0x0, <r3=>0x0}, 0x80, &(0x7f0000001540)=[{&(0x7f0000000140)=""/110, 0x6e}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/17, 0x11}, {&(0x7f0000000200)=""/239, 0xef}, {&(0x7f0000000300)=""/244, 0xf4}, {&(0x7f0000001440)=""/233, 0xe9}], 0x6}, 0x103)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000001680)={'tunl0\x00', &(0x7f0000001600)={'gre0\x00', <r4=>0x0, 0x10, 0x80, 0x1, 0x80000001, {{0x14, 0x4, 0x0, 0x7, 0x50, 0x66, 0x0, 0xc3, 0x29, 0x0, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp={0x44, 0x20, 0x4b, 0x0, 0x9, [0x1000, 0x700000, 0x28, 0xfffffffc, 0x7ff, 0x80000001, 0x7]}, @rr={0x7, 0x1b, 0x4, [@multicast2, @rand_addr=0x64010100, @local, @multicast1, @multicast2, @broadcast]}, @noop]}}}}})
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000001780)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001740)={&(0x7f00000016c0)={0x44, r2, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x3}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r3}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20040002}, 0x28044044)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0x4, 0x0, 0x810, 0x81})

[ 1556.537488]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1556.542503]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.546390]  ? copy_mount_options+0x1fa/0x2f0
[ 1556.550887]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.554775]  SyS_mount+0xa8/0x120
[ 1556.558229]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.562123]  do_syscall_64+0x1d5/0x640
[ 1556.566027]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1556.571219] RIP: 0033:0x45e219
[ 1556.574401] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:21 executing program 2 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1556.582114] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1556.593412] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1556.600682] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1556.607951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[ 1556.615225] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1556.627357] CPU: 1 PID: 28800 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1556.635267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1556.640866] FAULT_INJECTION: forcing a failure.
[ 1556.640866] name failslab, interval 1, probability 0, space 0, times 0
[ 1556.644615] Call Trace:
[ 1556.644640]  dump_stack+0x1b2/0x281
[ 1556.644657]  should_fail.cold+0x10a/0x149
[ 1556.644670]  should_failslab+0xd6/0x130
[ 1556.644682]  __kmalloc_track_caller+0x2bc/0x400
[ 1556.644692]  ? v9fs_session_init+0x98/0x1540
05:55:21 executing program 0 (fault-call:1 fault-nth:7):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:21 executing program 1 (fault-call:1 fault-nth:8):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:21 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x4], 0x1, 0x80800})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})

[ 1556.644702]  ? trace_hardirqs_on+0x10/0x10
[ 1556.644714]  kstrdup+0x36/0x70
[ 1556.644729]  v9fs_session_init+0x98/0x1540
[ 1556.644741]  ? pcpu_alloc+0xbe0/0xf50
[ 1556.644755]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1556.644770]  ? v9fs_show_options+0x6b0/0x6b0
[ 1556.644788]  ? v9fs_mount+0x54/0x860
[ 1556.644798]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1556.644810]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1556.644827]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1556.644836]  v9fs_mount+0x73/0x860
05:55:21 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x71000, 0x1d6f00)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = socket$netlink(0x10, 0x3, 0x13)
sendmsg$NLBL_UNLABEL_C_ACCEPT(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x64, 0x0, 0x300, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6tnl0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x2b, 0x7, 'system_u:object_r:wireless_device_t:s0\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x40800}, 0x20000000)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f00000001c0))
ioctl$DRM_IOCTL_LOCK(0xffffffffffffffff, 0x4008642a, &(0x7f0000000200)={0x0, 0x6})

[ 1556.644851]  ? alloc_pages_current+0x15d/0x260
[ 1556.644859]  ? __lockdep_init_map+0x100/0x560
[ 1556.644873]  mount_fs+0x92/0x2a0
[ 1556.644885]  vfs_kern_mount.part.0+0x5b/0x470
[ 1556.644896]  do_mount+0xe53/0x2a00
[ 1556.644911]  ? copy_mount_string+0x40/0x40
[ 1556.644921]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1556.644930]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.644941]  ? copy_mount_options+0x1fa/0x2f0
[ 1556.644949]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.644959]  SyS_mount+0xa8/0x120
[ 1556.644966]  ? copy_mnt_ns+0xa30/0xa30
[ 1556.644983]  do_syscall_64+0x1d5/0x640
[ 1556.644999]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1556.645006] RIP: 0033:0x45e219
[ 1556.645011] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1556.645020] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1556.645032] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1556.645036] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1556.645041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007
[ 1556.645046] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1556.712235] FAULT_INJECTION: forcing a failure.
[ 1556.712235] name failslab, interval 1, probability 0, space 0, times 0
[ 1556.777188] CPU: 0 PID: 28812 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1556.786415] FAULT_INJECTION: forcing a failure.
[ 1556.786415] name failslab, interval 1, probability 0, space 0, times 0
[ 1556.786550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1556.786554] Call Trace:
[ 1556.786573]  dump_stack+0x1b2/0x281
[ 1556.888632]  should_fail.cold+0x10a/0x149
[ 1556.892789]  should_failslab+0xd6/0x130
[ 1556.896766]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1556.901422]  apparmor_file_alloc_security+0x129/0x800
[ 1556.906598]  security_file_alloc+0x66/0xa0
[ 1556.910820]  ? selinux_is_enabled+0x5/0x50
[ 1556.915038]  get_empty_filp+0x15c/0x3e0
[ 1556.919000]  alloc_file+0x23/0x440
[ 1556.922528]  __shmem_file_setup.part.0+0x198/0x3c0
[ 1556.927439]  ? fs_reclaim_release+0xd0/0x110
[ 1556.931836]  ? shmem_create+0x30/0x30
[ 1556.935622]  ? __vgem_gem_create+0x44/0xe0
[ 1556.939842]  shmem_file_setup+0x4b/0x60
[ 1556.943805]  drm_gem_object_init+0x36/0xa0
[ 1556.948026]  __vgem_gem_create+0x6a/0xe0
[ 1556.952068]  vgem_gem_dumb_create+0xc5/0x210
[ 1556.956464]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1556.961473]  ? __drm_printfn_debug+0x70/0x70
[ 1556.965872]  drm_ioctl_kernel+0x14c/0x200
[ 1556.970008]  drm_ioctl+0x419/0x870
[ 1556.973538]  ? __drm_printfn_debug+0x70/0x70
[ 1556.977942]  ? drm_getstats+0x20/0x20
[ 1556.981735]  ? fsnotify+0x974/0x11b0
[ 1556.985427]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1556.990342]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1556.995340]  ? SyS_write+0x1b7/0x210
[ 1556.999050]  ? drm_getstats+0x20/0x20
[ 1557.002840]  do_vfs_ioctl+0x75a/0xff0
[ 1557.006631]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1557.011063]  ? lock_downgrade+0x740/0x740
[ 1557.015200]  ? __fget+0x225/0x360
[ 1557.018644]  ? do_vfs_ioctl+0xff0/0xff0
[ 1557.022606]  ? security_file_ioctl+0x83/0xb0
[ 1557.027000]  SyS_ioctl+0x7f/0xb0
[ 1557.030349]  ? do_vfs_ioctl+0xff0/0xff0
[ 1557.034307]  do_syscall_64+0x1d5/0x640
[ 1557.038182]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1557.043353] RIP: 0033:0x45e219
[ 1557.046520] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1557.054208] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1557.061458] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1557.068712] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1557.075962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1557.083228] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
[ 1557.090607] CPU: 1 PID: 28819 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1557.098493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1557.107849] Call Trace:
[ 1557.110450]  dump_stack+0x1b2/0x281
[ 1557.114084]  should_fail.cold+0x10a/0x149
[ 1557.118237]  should_failslab+0xd6/0x130
[ 1557.122217]  __kmalloc_track_caller+0x2bc/0x400
[ 1557.126887]  ? v9fs_session_init+0x98/0x1540
[ 1557.131294]  ? trace_hardirqs_on+0x10/0x10
[ 1557.135533]  kstrdup+0x36/0x70
05:55:22 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f00000000c0)={&(0x7f0000000040)=[0x7ff, 0xffff, 0x1000, 0x0, 0x7f], &(0x7f0000000080), 0x5, 0x8, 0xeeeeeeee})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000140)={<r2=>0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000180)={r2, 0x3})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000000)={0x0, 0x0, 0x3b6, 0x0, 0x7ef, 0x5})
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000080)={0xfcd, 0x800, 0x8000, 0x9, 0x4, 0x1})

05:55:22 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x50040, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f00000001c0))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f0000000240)={0x40, 0x7, 0x48b})
r3 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_congestion_control\x00', 0x1, 0x0)
write$tcp_congestion(r3, &(0x7f0000000040)='yeah\x00', 0x5)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:22 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xc7c, 0x903)
ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000080)={0x0, 0x24})

[ 1557.138726]  v9fs_session_init+0x98/0x1540
[ 1557.142957]  ? pcpu_alloc+0xbe0/0xf50
[ 1557.146762]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1557.151610]  ? v9fs_show_options+0x6b0/0x6b0
[ 1557.156022]  ? v9fs_mount+0x54/0x860
[ 1557.159733]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1557.165196]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1557.170211]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1557.175055]  v9fs_mount+0x73/0x860
[ 1557.178593]  ? alloc_pages_current+0x15d/0x260
[ 1557.183173]  ? __lockdep_init_map+0x100/0x560
[ 1557.187669]  mount_fs+0x92/0x2a0
[ 1557.191040]  vfs_kern_mount.part.0+0x5b/0x470
[ 1557.195537]  do_mount+0xe53/0x2a00
[ 1557.199087]  ? copy_mount_string+0x40/0x40
[ 1557.203337]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1557.208356]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.212254]  ? copy_mount_options+0x1fa/0x2f0
[ 1557.216747]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.220636]  SyS_mount+0xa8/0x120
[ 1557.224097]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.227991]  do_syscall_64+0x1d5/0x640
[ 1557.231884]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1557.237068] RIP: 0033:0x45e219
[ 1557.240253] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1557.247955] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1557.255217] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1557.262479] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1557.269739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007
[ 1557.276993] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1557.284564] CPU: 0 PID: 28820 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1557.292453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1557.301801] Call Trace:
[ 1557.304403]  dump_stack+0x1b2/0x281
[ 1557.308030]  should_fail.cold+0x10a/0x149
[ 1557.312290]  should_failslab+0xd6/0x130
[ 1557.315603] FAULT_INJECTION: forcing a failure.
[ 1557.315603] name failslab, interval 1, probability 0, space 0, times 0
[ 1557.316261]  __kmalloc_track_caller+0x2bc/0x400
[ 1557.316280]  ? v9fs_session_init+0xd1/0x1540
[ 1557.316296]  kstrdup+0x36/0x70
[ 1557.339822]  v9fs_session_init+0xd1/0x1540
[ 1557.344043]  ? pcpu_alloc+0xbe0/0xf50
[ 1557.347830]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1557.352659]  ? v9fs_show_options+0x6b0/0x6b0
[ 1557.357050]  ? v9fs_mount+0x54/0x860
[ 1557.360755]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1557.366190]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1557.371185]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1557.376095]  v9fs_mount+0x73/0x860
[ 1557.379613]  ? alloc_pages_current+0x15d/0x260
[ 1557.384173]  ? __lockdep_init_map+0x100/0x560
[ 1557.388648]  mount_fs+0x92/0x2a0
[ 1557.392015]  vfs_kern_mount.part.0+0x5b/0x470
[ 1557.396521]  do_mount+0xe53/0x2a00
[ 1557.400046]  ? copy_mount_string+0x40/0x40
[ 1557.404274]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1557.409364]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.413233]  ? copy_mount_options+0x1fa/0x2f0
[ 1557.417712]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.421583]  SyS_mount+0xa8/0x120
[ 1557.425016]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.428898]  do_syscall_64+0x1d5/0x640
[ 1557.432786]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1557.437968] RIP: 0033:0x45e219
05:55:22 executing program 5 (fault-call:1 fault-nth:5):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:22 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x4000, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000040)={0x7, &(0x7f0000000000)="5637a8c5e0fa3c"})

05:55:22 executing program 2:
openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x10102, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
getsockname(0xffffffffffffffff, &(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, &(0x7f0000000140)=0x80)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r1, 0x40086424, &(0x7f0000000180)={0x0, 0x1})

05:55:22 executing program 3 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:22 executing program 0 (fault-call:1 fault-nth:8):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1557.441140] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1557.448829] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1557.456079] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1557.463326] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1557.470575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[ 1557.477827] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1557.485090] CPU: 1 PID: 28839 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1557.492969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1557.502314] Call Trace:
[ 1557.504910]  dump_stack+0x1b2/0x281
[ 1557.508540]  should_fail.cold+0x10a/0x149
[ 1557.512693]  should_failslab+0xd6/0x130
[ 1557.516666]  kmem_cache_alloc+0x40/0x3c0
[ 1557.520725]  radix_tree_node_alloc.constprop.0+0x1b0/0x2f0
[ 1557.526356]  idr_get_free_cmn+0x595/0x8d0
[ 1557.530519]  idr_alloc_cmn+0xe8/0x1e0
[ 1557.534316]  ? __fprop_inc_percpu_max+0x1d0/0x1d0
05:55:22 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f0000000080)={0x744, 0x1f, 0x9, 0x8, 0x7, 0x4, 0x8})
openat$zero(0xffffffffffffff9c, 0x0, 0x501100, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000040)={&(0x7f0000ffb000/0x2000)=nil})

[ 1557.539157]  ? drm_gem_handle_create_tail+0x118/0x330
[ 1557.544355]  ? __radix_tree_preload+0x1c3/0x250
[ 1557.549025]  drm_gem_handle_create_tail+0x13e/0x330
[ 1557.552103] [drm:drm_mode_legacy_fb_format] *ERROR* bad bpp, assuming x8r8g8b8 pixel format
[ 1557.554034]  ? drm_gem_destroy+0xa0/0xa0
[ 1557.554052]  vgem_gem_dumb_create+0xe7/0x210
[ 1557.554065]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1557.554074]  ? __drm_printfn_debug+0x70/0x70
[ 1557.554082]  drm_ioctl_kernel+0x14c/0x200
[ 1557.554093]  drm_ioctl+0x419/0x870
[ 1557.554105]  ? __drm_printfn_debug+0x70/0x70
[ 1557.554113]  ? drm_getstats+0x20/0x20
[ 1557.554127]  ? fsnotify+0x974/0x11b0
[ 1557.554136]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1557.554148]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1557.554158]  ? SyS_write+0x1b7/0x210
[ 1557.554169]  ? drm_getstats+0x20/0x20
[ 1557.554178]  do_vfs_ioctl+0x75a/0xff0
[ 1557.554188]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1557.554201]  ? lock_downgrade+0x740/0x740
[ 1557.568448] [drm:drm_mode_legacy_fb_format] *ERROR* bad bpp, assuming x8r8g8b8 pixel format
[ 1557.571113]  ? __fget+0x225/0x360
05:55:22 executing program 1 (fault-call:1 fault-nth:9):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:22 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000000)={0x0, 0x3a61})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x400, 0x101000)
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000001200)={0x1, &(0x7f0000000140)=""/4096, &(0x7f00000000c0)=[{0x6, 0x8e, 0xffff0001, &(0x7f0000001140)=""/142}]})

05:55:22 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000040)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:22 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000040)={0x7, 0x800, 0x10000})

[ 1557.571126]  ? do_vfs_ioctl+0xff0/0xff0
[ 1557.571138]  ? security_file_ioctl+0x83/0xb0
[ 1557.571149]  SyS_ioctl+0x7f/0xb0
[ 1557.571157]  ? do_vfs_ioctl+0xff0/0xff0
[ 1557.571167]  do_syscall_64+0x1d5/0x640
[ 1557.571182]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1557.666520] RIP: 0033:0x45e219
[ 1557.669701] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1557.677407] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1557.684679] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
05:55:22 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:22 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000040)={0xb55, 0x5})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:22 executing program 5 (fault-call:1 fault-nth:6):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1557.692035] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1557.694508] FAULT_INJECTION: forcing a failure.
[ 1557.694508] name failslab, interval 1, probability 0, space 0, times 0
[ 1557.699304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 1557.699310] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
[ 1557.760547] FAULT_INJECTION: forcing a failure.
[ 1557.760547] name failslab, interval 1, probability 0, space 0, times 0
[ 1557.770691] FAULT_INJECTION: forcing a failure.
[ 1557.770691] name failslab, interval 1, probability 0, space 0, times 0
[ 1557.782040] CPU: 1 PID: 28864 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1557.790916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1557.800256] Call Trace:
[ 1557.802842]  dump_stack+0x1b2/0x281
[ 1557.806466]  should_fail.cold+0x10a/0x149
[ 1557.810612]  should_failslab+0xd6/0x130
[ 1557.814579]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1557.819231]  p9_client_create+0x9c/0x12c0
[ 1557.823364]  ? fs_reclaim_release+0xd0/0x110
[ 1557.827770]  ? p9_client_flush+0x4c0/0x4c0
[ 1557.831992]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1557.837433]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1557.842433]  ? __lockdep_init_map+0x100/0x560
[ 1557.846912]  ? __raw_spin_lock_init+0x28/0x100
[ 1557.851478]  v9fs_session_init+0x1c5/0x1540
[ 1557.855781]  ? pcpu_alloc+0xbe0/0xf50
[ 1557.859569]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1557.864400]  ? v9fs_show_options+0x6b0/0x6b0
[ 1557.868795]  ? v9fs_mount+0x54/0x860
[ 1557.872489]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1557.877919]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1557.882925]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1557.887753]  v9fs_mount+0x73/0x860
[ 1557.891271]  ? alloc_pages_current+0x15d/0x260
[ 1557.895833]  ? __lockdep_init_map+0x100/0x560
[ 1557.900307]  mount_fs+0x92/0x2a0
[ 1557.903665]  vfs_kern_mount.part.0+0x5b/0x470
[ 1557.908149]  do_mount+0xe53/0x2a00
[ 1557.911673]  ? copy_mount_string+0x40/0x40
[ 1557.915901]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1557.920897]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.924770]  ? copy_mount_options+0x1fa/0x2f0
[ 1557.929251]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.933128]  SyS_mount+0xa8/0x120
[ 1557.936566]  ? copy_mnt_ns+0xa30/0xa30
[ 1557.940435]  do_syscall_64+0x1d5/0x640
[ 1557.944315]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1557.949489] RIP: 0033:0x45e219
[ 1557.952664] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1557.960352] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1557.967603] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1557.974858] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1557.982115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
[ 1557.989376] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1557.996648] CPU: 0 PID: 28868 Comm: syz-executor.5 Not tainted 4.14.216-syzkaller #0
[ 1558.004538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1558.013887] Call Trace:
[ 1558.016572]  dump_stack+0x1b2/0x281
[ 1558.020203]  should_fail.cold+0x10a/0x149
[ 1558.024356]  should_failslab+0xd6/0x130
[ 1558.028333]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1558.033004]  drm_vma_node_allow+0x4e/0x2e0
[ 1558.037242]  drm_gem_handle_create_tail+0x1a1/0x330
[ 1558.042260]  ? drm_gem_destroy+0xa0/0xa0
[ 1558.046323]  vgem_gem_dumb_create+0xe7/0x210
[ 1558.050742]  drm_mode_create_dumb_ioctl+0x221/0x2b0
[ 1558.055763]  ? __drm_printfn_debug+0x70/0x70
05:55:23 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000080)={&(0x7f0000000040)=[0x7fffffff], 0x1, 0x8, 0x5, 0x8, 0x8, 0x2d, 0x800, {0x3, 0x3ff, 0x9, 0x0, 0x20, 0x33, 0x3, 0x7, 0x1000, 0x8, 0x6, 0x7, 0x7, 0x0, "c42c991bd28b6d082a8d1008de7b52ff8071b89f03f849842cebcec39f8bd059"}})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x9})

05:55:23 executing program 3:
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040))
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f00000000c0)='gtp\x00')
sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000426bd7000ffdbdf2500000000080005885a8b8de4b6ea553c5800ac1414bb084f0900010000001fedc3f3423eaebd2e68f39bc87608000400e000ed371600010800080000000000"], 0x34}, 0x1, 0x0, 0x0, 0x20000100}, 0x1)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:23 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x3, <r1=>0x0, 0x1})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000001200)={0x81, r1})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x10000, 0x40e001)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000000)={0x0, 0x3})
r5 = openat$zero(0xffffffffffffff9c, 0x0, 0x52b000, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r6, 0x28, 0x2, 0xfffffffffffffffe, 0x0)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, 0x0)
ioctl$EVIOCGKEYCODE_V2(r7, 0x80284504, &(0x7f0000000200)=""/4096)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000180)={&(0x7f0000000040)=[0x0, 0x0], &(0x7f0000000140), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x5, 0x4, 0x0, 0xfffffffe})
r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r8, 0xc00c642d, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000001880)=ANY=[@ANYBLOB="100000003b00000828bd7000fcdbdf253920aa485c7479e558c4febb92c552212e7c3235f1c64b9edaafe9121d61099c0c16c96a28f43675e326994fe4f3f28843b92915e276f384a0383438868ac9cd1255aeca6066b9f4d349d4e494ea22fd874c361d982880a69de9271bdae0e351698969afd06f110eea4d49fa5a309c7106fe123177b16ef3993edd677383942df8c548200c9c0dba178893565cda7853e28953656532d157361feeb2124592142a074b04d216e58b3e3069192bc7f41222105acbc4c7a6ff267a8fda75a49a6337bb57baa6d486144186f9f560b89ed6"], 0x10}, {&(0x7f00000016c0)=ANY=[@ANYBLOB="2401000000000000000001000800000000000000", @ANYRES32=0xee01, @ANYBLOB="0c000c009700000000000000a0939cc7dde4d3cdf655102ad8dbb9a05234db90b58c3302614334c2c9a5b70b5fc95d043bb4d7bea38a4741d82733203d92285743ef8790cceb627f3e0528fc047939bea5929fce618384770d4ea4852192ac9f85e8ce53490dbcf23c3f3a2af475d15b3eb3fa4225db57737938891fcf55d0ceb5500bf3a2c325391275b4e887dca7c99cbb158768696a43c5e302b48a1faf642fc245b05033179474a2f3e4aef1e294ab11668bdef19b723b1f654a5089869c04d61b457fff1748ce6a0968966ebcfd92cf828cdb4ef7681653f0ed3a6da783b20406de908a123b59b54d8decb0584f5b82479e6145b145f9f3ff36d329196dfdcc7ab9fc6920ae88b00000ec8ee4bc30bf4f6130e99573f5033650896ec30e7f38abffb4070c500c760b062f0281810ba31074f49fa6d1474d10b626cfedebd2afec581091c7422ec581005e016b8edf658ee3aea30192f415eda234fcec2c848eadb53c11388afb1c1d08e51252a15454bca1bc2de3f052137495f9ab844271869b83"], 0x124}], 0x2, &(0x7f0000001500)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @rights={{0x20, 0x1, 0x1, [r4, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r2, 0xffffffffffffffff, r0, r0, r0, r4]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [r6, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r6, 0xffffffffffffffff, r0, r4]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @rights={{0x2c, 0x1, 0x1, [r3, r3, r6, r6, r5, r5, r8]}}], 0x158}, 0x4)

[ 1558.060173]  drm_ioctl_kernel+0x14c/0x200
[ 1558.064324]  drm_ioctl+0x419/0x870
[ 1558.067865]  ? __drm_printfn_debug+0x70/0x70
[ 1558.072269]  ? drm_getstats+0x20/0x20
[ 1558.076070]  ? fsnotify+0x974/0x11b0
[ 1558.079790]  ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 1558.084717]  ? debug_check_no_obj_freed+0x2c0/0x680
[ 1558.089751]  ? SyS_write+0x1b7/0x210
[ 1558.093585]  ? drm_getstats+0x20/0x20
[ 1558.097383]  do_vfs_ioctl+0x75a/0xff0
[ 1558.101187]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1558.105591]  ? lock_downgrade+0x740/0x740
[ 1558.109738]  ? __fget+0x225/0x360
[ 1558.113193]  ? do_vfs_ioctl+0xff0/0xff0
[ 1558.117161]  ? security_file_ioctl+0x83/0xb0
[ 1558.121567]  SyS_ioctl+0x7f/0xb0
[ 1558.124927]  ? do_vfs_ioctl+0xff0/0xff0
[ 1558.128899]  do_syscall_64+0x1d5/0x640
[ 1558.132790]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1558.137977] RIP: 0033:0x45e219
[ 1558.141175] RSP: 002b:00007fa7fe509c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1558.148878] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219
[ 1558.156143] RDX: 0000000020000040 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 1558.163405] RBP: 00007fa7fe509ca0 R08: 0000000000000000 R09: 0000000000000000
[ 1558.170659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[ 1558.177919] R13: 00007fff50c7ba8f R14: 00007fa7fe50a9c0 R15: 000000000119bf8c
[ 1558.185189] CPU: 1 PID: 28856 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1558.193072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1558.202429] Call Trace:
[ 1558.205025]  dump_stack+0x1b2/0x281
[ 1558.208654]  should_fail.cold+0x10a/0x149
[ 1558.212801]  should_failslab+0xd6/0x130
[ 1558.216787]  __kmalloc_track_caller+0x2bc/0x400
[ 1558.221453]  ? v9fs_session_init+0xd1/0x1540
[ 1558.225860]  kstrdup+0x36/0x70
[ 1558.229090]  v9fs_session_init+0xd1/0x1540
[ 1558.233315]  ? pcpu_alloc+0xbe0/0xf50
[ 1558.237104]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1558.241926]  ? v9fs_show_options+0x6b0/0x6b0
[ 1558.246324]  ? v9fs_mount+0x54/0x860
[ 1558.250056]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1558.255488]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.260523]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1558.265393]  v9fs_mount+0x73/0x860
[ 1558.268914]  ? alloc_pages_current+0x15d/0x260
[ 1558.273504]  ? __lockdep_init_map+0x100/0x560
[ 1558.277996]  mount_fs+0x92/0x2a0
[ 1558.281388]  vfs_kern_mount.part.0+0x5b/0x470
[ 1558.285863]  do_mount+0xe53/0x2a00
[ 1558.289386]  ? copy_mount_string+0x40/0x40
[ 1558.293608]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.298660]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.302524]  ? copy_mount_options+0x1fa/0x2f0
[ 1558.307022]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.310905]  SyS_mount+0xa8/0x120
[ 1558.314343]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.318217]  do_syscall_64+0x1d5/0x640
[ 1558.322173]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1558.327337] RIP: 0033:0x45e219
[ 1558.330502] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1558.338188] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1558.345435] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1558.352688] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
05:55:23 executing program 0 (fault-call:1 fault-nth:9):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:23 executing program 2:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00')
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r0, 0x200, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x1, 0x50}, @val={0x8}, @val={0xc, 0x99, {0x4, 0x55}}}}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r1}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x7c}]}, 0x48}, 0x1, 0x0, 0x0, 0x404c080}, 0x40)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000000))

05:55:23 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
modify_ldt$read_default(0x2, &(0x7f0000000180)=""/66, 0x42)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1})
openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x40000, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000002c0)={&(0x7f0000000140)=[0x0, 0x0, <r2=>0x0], 0x3})
syz_open_dev$dri(&(0x7f0000000300)='/dev/dri/card#\x00', 0x6, 0x28000)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000280)={r2, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000200)={0x1, 0x2000}, 0x4)
ioctl$DRM_IOCTL_NEW_CTX(r3, 0x40086425, &(0x7f00000005c0)={0x0, 0x2})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000004c0)={&(0x7f0000000480)=[0x1, 0x5, 0xbef], 0x3, 0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SWITCH_CTX(r4, 0x40086424, &(0x7f0000000500))
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000580)={0x13})
openat$zero(0xffffffffffffff9c, &(0x7f0000000540)='/dev/zero\x00', 0x800, 0x0)
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000440), 0xc, &(0x7f00000003c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="0c010000530404002cbd7000ffdbdf25e16ca67ddbded14b55f84777dd8a613cfbd6817e54536ffbaddc4bd3428408df74931aa490ae15e451a14875b8834d466eebe60df7e5d4073495406fea521398361dfd040cbc2f288af0c27d1acccbd417dc1b4d44b5359c97b29b223ea49b0982a1935157094bcdd324234468b5e2fab86c6c4bf2da419c6fea090c52edd61af4f56ae4e3836cffac24330a5802e248b6f72042c9dc70393af5de907daf25320018fdaddbf8d0e622dc56f7bad087ff2c8195dceb8989d560f09ce3ba076de45e5d49bc2361400acc2f5b00084749eff8f08e34b4afe078d6a5988b29c0a7d62b3d2eca3279b8f38b5e7068dfca943fa50cf994cb64c715396c6a8f8b3a72025c00000000e88d0e5a3e8ece87f914268bfbbee1145d06384562bba45dbf9b7b470bfe34cdd23d4d10d64678241c74ad1fd29f9eae65cec40292b94f9799812436e2402bb2d168a01c520fd24b7d8a08ab6c9a2caf17c7acff92d63053053de023c09a9cd1173b9fbaa7311252982196d43d1d56eec3b0d140b01e4e1520653ef942fbb12e75bbe1312e2c06bd5b2c63b926246f9ee73dbac4fc5d6313eb7d8923ea6946ed0306b82eec1d31cd10c8b6176273f4d2e3079ba0f6d65cb12dae73cf8ed30350acac3ffa0fe78808bed6cf2131a023cdea01cd2d448cc66f54d29706f6f6f4236d23da9067ce69294e9fbe16bcc30e6399ad683d052e6165bc08a95e7296d963"], 0x10c}, 0x1, 0x0, 0x0, 0x4011}, 0x4000041)

05:55:23 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000000)={0x400, 0xfffffff9, 0x6, 0x9})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:23 executing program 1 (fault-call:1 fault-nth:10):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:23 executing program 5 (fault-call:1 fault-nth:7):
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1558.359946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[ 1558.367234] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:23 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x4a0, 0x202040)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040))

[ 1558.419030] FAULT_INJECTION: forcing a failure.
[ 1558.419030] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.431311] FAULT_INJECTION: forcing a failure.
[ 1558.431311] name failslab, interval 1, probability 0, space 0, times 0
05:55:23 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x8, 0x101200)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000140)={&(0x7f00000000c0)=[0x5e0, 0x2], 0x2, 0x3be398cd, 0x8, 0x20, 0x8001, 0x3, 0x401, {0x0, 0x6, 0x80, 0x55a6, 0x5, 0x1, 0x9, 0x0, 0x3, 0x4, 0x5, 0xffff, 0xa429, 0x2, "9e798c3f904f74548ffbd802216368b1393353b078afed4c4e1dcf014f245017"}})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000040)={0xc8f7, 0x401, 0x9})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:23 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0xbc20, 0x0, 0x10001})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1558.460366] CPU: 0 PID: 28889 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1558.468268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1558.477620] Call Trace:
[ 1558.480210]  dump_stack+0x1b2/0x281
[ 1558.483840]  should_fail.cold+0x10a/0x149
[ 1558.488008]  should_failslab+0xd6/0x130
[ 1558.491978]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1558.496649]  p9_idpool_create+0x3c/0x120
[ 1558.500704]  p9_client_create+0x1d4/0x12c0
[ 1558.504925]  ? fs_reclaim_release+0xd0/0x110
05:55:23 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xcd6, 0x400000)
r1 = accept(0xffffffffffffffff, &(0x7f00000000c0)=@alg, &(0x7f0000000140)=0x80)
sendmsg$AUDIT_LIST_RULES(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x10, 0x3f5, 0x8, 0x70bd25, 0x25dfdbfc, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x408c0}, 0xd3f14d91e0e69f66)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1558.509337]  ? p9_client_flush+0x4c0/0x4c0
[ 1558.513558]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1558.519059]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.524071]  ? __lockdep_init_map+0x100/0x560
[ 1558.528578]  ? __raw_spin_lock_init+0x28/0x100
[ 1558.533161]  v9fs_session_init+0x1c5/0x1540
[ 1558.537475]  ? pcpu_alloc+0xbe0/0xf50
[ 1558.541278]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1558.546131]  ? v9fs_show_options+0x6b0/0x6b0
[ 1558.550530]  ? v9fs_mount+0x54/0x860
[ 1558.554236]  ? rcu_lockdep_current_cpu_online+0xed/0x140
05:55:23 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f00000000c0)={0x4, 0x101})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x204280, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000080))

05:55:23 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000080))

[ 1558.559696]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.564713]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1558.569556]  v9fs_mount+0x73/0x860
[ 1558.573098]  ? alloc_pages_current+0x15d/0x260
[ 1558.577678]  ? __lockdep_init_map+0x100/0x560
[ 1558.582181]  mount_fs+0x92/0x2a0
[ 1558.585535]  vfs_kern_mount.part.0+0x5b/0x470
[ 1558.590019]  do_mount+0xe53/0x2a00
[ 1558.593555]  ? copy_mount_string+0x40/0x40
[ 1558.597784]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.602794]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.606666]  ? copy_mount_options+0x1fa/0x2f0
[ 1558.611157]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.615036]  SyS_mount+0xa8/0x120
[ 1558.618474]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.622353]  do_syscall_64+0x1d5/0x640
[ 1558.626243]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1558.631445] RIP: 0033:0x45e219
[ 1558.634637] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1558.642339] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1558.649605] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1558.656861] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1558.664129] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a
[ 1558.671381] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1558.678645] CPU: 1 PID: 28890 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1558.686526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1558.695874] Call Trace:
[ 1558.698463]  dump_stack+0x1b2/0x281
[ 1558.702092]  should_fail.cold+0x10a/0x149
[ 1558.706242]  should_failslab+0xd6/0x130
[ 1558.710220]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1558.714895]  p9_client_create+0x9c/0x12c0
[ 1558.719045]  ? fs_reclaim_release+0xd0/0x110
[ 1558.723465]  ? p9_client_flush+0x4c0/0x4c0
[ 1558.727697]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1558.733147]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.738152]  ? __lockdep_init_map+0x100/0x560
[ 1558.742682]  ? __raw_spin_lock_init+0x28/0x100
[ 1558.747243]  v9fs_session_init+0x1c5/0x1540
[ 1558.751540]  ? pcpu_alloc+0xbe0/0xf50
[ 1558.755331]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1558.760159]  ? v9fs_show_options+0x6b0/0x6b0
[ 1558.764545]  ? v9fs_mount+0x54/0x860
[ 1558.768237]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1558.773675]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.778683]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1558.783505]  v9fs_mount+0x73/0x860
[ 1558.787029]  ? alloc_pages_current+0x15d/0x260
[ 1558.791591]  ? __lockdep_init_map+0x100/0x560
[ 1558.796076]  mount_fs+0x92/0x2a0
[ 1558.799435]  vfs_kern_mount.part.0+0x5b/0x470
[ 1558.803928]  do_mount+0xe53/0x2a00
[ 1558.807463]  ? copy_mount_string+0x40/0x40
[ 1558.811677]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1558.816670]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.820544]  ? copy_mount_options+0x1fa/0x2f0
[ 1558.825021]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.828887]  SyS_mount+0xa8/0x120
[ 1558.832323]  ? copy_mnt_ns+0xa30/0xa30
[ 1558.836196]  do_syscall_64+0x1d5/0x640
[ 1558.840083]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1558.845253] RIP: 0033:0x45e219
[ 1558.848425] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:24 executing program 0 (fault-call:1 fault-nth:10):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:24 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x9, <r2=>0x0, 0x10000})
ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f00000000c0)={0x0, r2})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000000c0)={&(0x7f0000000140)=[0xffffffc0, 0xc, 0xfffff802, 0x720d, 0x7e2b, 0xd], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x80000000, 0xfbfbfbfb})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:24 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000040)={&(0x7f0000000000)=[0x200, 0x5, 0x7f, 0x7f], 0x4, 0x9, 0x0, 0x7fffffff, 0x4, 0x9, 0x5, {0x9, 0x8000, 0x8, 0x7, 0x9, 0xc000, 0x1, 0x400, 0x80, 0x2, 0x5, 0x4, 0x2, 0xf5, "8908124d806580332c1faf644c76d4342900d78147defba087c2710e110e3e5c"}})

05:55:24 executing program 1 (fault-call:1 fault-nth:11):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:24 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_FREE(r1, 0x40106439, &(0x7f0000000040)={0xb5})
r2 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r4 = getpid()
wait4(r4, 0x0, 0x20000002, 0x0)
r5 = geteuid()
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
r7 = getpid()
wait4(r7, 0x0, 0x20000002, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000004040)=<r8=>0x0)
r9 = getegid()
r10 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$netlink(r1, &(0x7f0000004100)={&(0x7f0000000140)=@proc={0x10, 0x0, 0x25dfdbfb, 0x1000000}, 0xc, &(0x7f0000003fc0)=[{&(0x7f0000004140)={0x2ec, 0x25, 0x2, 0x70bd2b, 0x25dfdbfc, "", [@nested={0xed, 0xb, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @u32=0x8000}, @generic="27f0df96bc56899d0dafc859af4992202a94189e262f2f017bd3c8469b58b84a1fecfb0df0a8de377905d999cb7510c34e94f7fec503dc68c66b6f46b28af8f8687163ec4048bb1db32d7b25f3c1923a488280cd4d0b664244be762f9fb6e54edcc28a703d1ed9a565a57dc82a7537f2d16d1594b6b8047e4ea271b358ba2ebecba19e8ac2fd354bc2e014a3cb908ba361df41907e6867aa16a6fde5e48862dd70b61c21a42bcac9fd5283e2df760f8c7a0f25fbd5de545f1a", @generic="b4ddecacf82403a8560a74fd6ec4047b831d6f25c997faa1a01feae06274792a7d260a72e658213b"]}, @nested={0x1b3, 0x3, 0x0, 0x1, [@typed={0x14, 0x65, 0x0, 0x0, @binary="bdf65d463a296c70952ee88487b87b89"}, @generic="e230ff4631406ad60d83dc6d64264203dc63b74d895e03de55fd9b704968892ede5375a51abf", @typed={0x4, 0x33}, @generic="9ca58e0d7f590c1872ac8380e095aee04c54338c8f12a2260753261e6c266534cf99b4f8c9a0a5baad1e95f678f018c04c564827390ed4df5124761f80ad27ac6f52061bb962ec02a1fbfd62596829899f2213cd5b16ffd1fcfe90848f5691ce8a9d728a30ad5a6186c8fc06feee9f8f708d9fd308f6a195227982aa3c7b6f37b9fbfd0ee98d5d5071", @generic="d7377e279d460269e01b20efec07774bfc6b4104029dae8c7cedce09dffedd08ba7cd2aa282cbec3a640116b8793a2f8ab6a970d8cb7bd4f9aac5e4dc1560939f3392440e179ab7c3cf58ded2a2632993e5f1644408379c6a22cd2875ebd8418e347d9e171f066918654afd6ec258369eaa3a683e6338444ba064a318e394d64caa5ec5df46c15012b00780e5fd543b5855ebabbd7ef4bd2082e3bde15dce2d855dbaf1cbea93ab6f4d312130277abe8d49171b0ce940147a598df01c6b7a7865edbe6b4c25d89056d", @typed={0x8, 0x89, 0x0, 0x0, @uid}, @typed={0x8, 0x46, 0x0, 0x0, @fd}, @typed={0x8, 0x80, 0x0, 0x0, @ipv4=@local}, @generic="4a7fb494f826c3"]}, @nested={0x2e, 0x3b, 0x0, 0x1, [@generic="3eade30368fedaef56436eea9b848c25ef31bcb955f00079fc39a6b8c21c", @generic, @typed={0xc, 0x59, 0x0, 0x0, @u64=0x1b5}]}, @typed={0x8, 0x3, 0x0, 0x0, @pid}]}, 0x2ec}, {&(0x7f0000000440)={0x2518, 0x1a, 0x100, 0x70bd27, 0x25dfdbfb, "", [@generic="a73a8fe10ba6dfe28dbaf049a06ee81f6873ecf790db8eeed1ce8285a9726a7bfdbac3c64e0c81c067bc80d27543bdaa55ad82fdf4bd57843eac76905f6150ea0361ad110a1f569bf4d594b85859b99130024b34b36defd8746ba0d30dbb6d2726c4bfcb86f364eccb6097153b2fe10e4e490c0d4579cafa1f8527ac34ba79114e7ae23f26adda36f66f35d52aed6252aade12ec8e7d8a46c445ceb334182f40e76a25eebd", @nested={0x1140, 0x4b, 0x0, 0x1, [@typed={0x8, 0x4b, 0x0, 0x0, @fd=r3}, @generic="50457e03bd1586803b8c9186494ba0d2a74bf191e4b8d962fe6e9cfebbb4c1e70092fea5d49c9ee96c4906e1beb08fc5a0effdd09f185973aaa5b83b606deee59459bfe2ffd29fb6606a3b593b8e87e92ef476869ad276e4d3a71291d57a12a3e1245cfbcd8e75cd3b596d2e9609aa6a328ae2dcc8ffaf2a03f9350c77977a6e2687620747dbb8a79e3902b509edd55bf8edb604cd69222f7a39cf14a91baf0b6675832167d2202f8671010065e02c97cdc291e089f473db8268af1551bdff8522d9f00ec62b7d0b60ec48b7d0a43fcf84ae23b0d490c5a50f750fe91b2e671fdbcf8d1fff6424e82afa9d268aba894cb58662f90f", @generic="d28e681e6d0a79f8ad322fe9f6344312739c7f3c5b50ba1d828b10d50a08943b1533b25593c0f1", @typed={0x14, 0x41, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, [], 0x1}}, @generic="3823769138389d780580c61aeb377758db75e8eea5217b103d8ffcb9af2b0ddeb543973e56be95e1117ec1e26e034607a927a9a346534d6bdf7bdac7fa17c847a529f858147a716559e3067703ad452aac749852122ee54a73c3e87b0267fa7afb818544e03d45eaf87c3ada7b70f5170a901899a14300a0ac8b99554752a4ec7c939a026ebcc32b2e38198d2a4d605b6ab6992dbe5c984fb2bddca7189c85568ade5c4befaa65e2af5f251fa2f9448de81e5fa0a611354fe1d50fb344f9bfd271df56512062e655417cb1a251c29124ac5c09e0ddb12a7a4ff3c3a751b511a269fe8c84eaf91e9b7767f8b9827f0adf33829e67dd9067804f6f6098aa7b03e96baf5b2204176ecf7bcbdbd32671ce264a73d6f2bfaf9bd796992d0a667dd0bec05d4793754007e7068dd47bbd6d40945ef0cf29c59f0a36b4b8c9b37352bc1f6aa89546a102080e53df0dd96cceb466311173ff39d32a002afad20448a3c69e9d5619518d729bd330081da75e013999305becc09e1bcbcdd32770b16115436bfbdd372b2b76be13438daff55014e01ab9b7ed073105c66e9661c3fb6af24d0f866eafce3935f312bed8453eaf5f783efe29185f01f9973a3ea74ddb24706267bc63572fb54f2de45a484b92d4abcbe002f8505752854212ed0e3f4282dab704ff2ec4b9f52f6f2a0072ccb4b618e18eaec9ebd53cbb9e5e6afb151b695710cf8542f7ad50f8becfa02a3eeeb8aae027d295a9f9488ed2f71c31513dcd36e2fb4d1c023e102cb914d043cb5df45db214d133f9c6cfd191c1058819e450c776d5cf7323827e5860fb0c069effe7a989534c4cc5429083c125cd14cff61b818dec89a7a3ab37d74b2f80f114be3bc0fca2148645bf720883d9632dc1ccd26cdfeeddc899427f33fddc4b9509dfb5a71ded93a5817e7f78e29d8e1e55aa0c185c8644b20f0181a26a20529dd8c7a9af1df9831fc0c2fc1f8067d5a65447a6a9d973c0836ef89d46e38fb67882c84c19886df7d4fdf973b6efda70f39d92e5799748749cfbbe1415b1714a069c6a8fe33621bb985b82158d7e21e8dd19e4503c6f6c6c0b15db7fa19e4dbd901bb814aee4f9ede4e39dbf8647a0a5afde82e7777c520728e6c95b2ee41374cdd3a2005e5a8e5757fde0f03ba7090894eb1d1205001b135db8e4c0ee6d0829fd419c645ba7a9576dda0013e6d9b06b6c9f497bea92f402a76fca5aff533cf1a9e8f668eaa7d8606099625bd3afe1c8aefc7b3c0c7ebcff5c1abbff7af08a6738a87e3913003ddeadf15ee28969b29514487c3271c7889628ec23818787357d9cf7c278c17f8d97b7b249d5aba2951a24a1216a704ebb509d704d3598f3b16ff24eb348df430acfac440c146814b7b6272ae3de9085844a2f00286f31c9336820e8eda6c59351ff61a42cc4da8447d20e02075dddf3bc8f6b6795b809a03dfa2d1bc843c97a6d96846b16d417dbdcf50a6c3f287715a15c451399ecec6ba2e8f042b32db3587f4b5780384f9e41d221b40f567db8635abd1b10f20f6065a77cd448a235f494afe5fe33f59f5f4cd8043e19abf3752a2cec4f1a2bf9d1b579daa95b57f35b12658aaba1b7592cf66f6e43e6b52c4be5f5f5639faa8f14e88025940bf0d8ee2050f0f922ea8d913cf513801df946afe9cfb1022f6fb7428575b834133026bcc513d45c6b7ca642ac554a4c92134306ae09343a62ea2020da23862fe3dce166126241965ce355b97156de31bf211f28ce20d269eec34011455f4dc007df8bfb7e182accae7fa152ce5751bdcaf506024bd7030e6325ce2efad6e5abd5acb67ad777db502d63b4397176e34f75c2721d3d3af0047d085db7a6925578d3b959b0e50c765a3e864fdcc6db958582272cc5fccc1b4616944e000f8cd9be1e9f39b4d91ef3199e26808e814d8495b899dea46001bafad9b2963ead0a6920f62e59d86e1811d0ecd9b141725a29b82c43cf70ad198d7174fce63e3f6b3c42e6e71387da3c4cf2438fe5361ef01511b11ef6d80a34ada8dee3d8fa9a65f3551c8255ed58413d8c03425591f2f1e2587e8f1bb9b1c7bb4326c57bf97f9efe3242fbfdeade0e69cd9dbdbdd002a3d282aa1fe8602312be5b515c5e4543d88f87b0f8341f66adcec3c8d04da9c4db73953d3a515383144116ef2f0628874cf4497f43b6858fe38eb65738d171c315fb86cc3f1c043528144c9d62fba7eae0693102bea1b5280de634109270716f5db97f5bb149de352f3c7683aeb8180f2efb7e7329edbf16fb2dbf72da6fd348e29adbc57c7d2c7169895aaf563020cb7c7ba05efc635911f6862511adc9721aa214d55f1fa66e7acb5e2569d9c61ce35a4b6b6b5af727f0f9710daac39a281061204c98639f77e197585de452f04add9ac45db4e7128a87ef32e19e7e4324d39fa40c0010f7801a449058b7fc140b0bcd9a3eb072ea2d1e3b735cfb7ff17269ede1e5e76f47e2e0d37209782cd2a5502837dd73830e09b0130ce145dfed9a3b5659ac81f6a71eef17affd328013d31f7d0f87c563f616675870ac929671b37dd199865dc349658ec41ef0a07859ac954945de63aea62f6777be702ff31c6dfec811285321e66fd6fa76d5f850a4b6d1bc1ec15fe7acc8f65ffceaf52400877061ecc574792c39971a0991e540096aaa2d8d6f877cf654a34cbab7be638fa196afcbf062d11aa09302fa032d6f6570056f1ae88eb9d08b7bf0259cacb8b58df879dfcd93981ff3f30b3f87a2f9c4aab4e91f3febd2187996d5b1f68365e1719762307df7938b728b42ea0c9335bcf02e3cbf9b3b59e965982b147c31693e86663486c6817fe39847abace859e2bd31dda630c7ccfbf6211f2dc5b5995d62f0966539e8fb695b183d5ebceac51eda88002eab762ed6e4005f2ca4b240881106c402d58e16e01ca8dd229c96710d8ff0517c03db825bad2774f892bbae5d485b4f67cceffd4b0fc94125d210cc8e395f468d50c12088414d1ca4be3ea645fa689144525bfbb03b30dc3775eb19fc4d87d364ab6b092bffbb1c25d061cab7b2cc7fa5b35aafa4802c7db899571ab90b7981ffe1cdae048642ad7a370b959ee1d5cebfef7699d89705bbb767a84a64d1c4bcf3f853f7805836ee21cbb16211cc0d8d4ec5e5bb68ff89e31f2f604db485acee13038f7a5aec9d691168fcb95da7d69343121ebbe1c86331f7507e55f88621e0b1a0f22079a7d391b8b957acf30acd92fef2c82b6c73d7b8778aaa0889a8408b5ac3edd00ef4e307703f5a680842ad27a53bab862556fe44ef855baf55931dd35f408500010e3ae4507f9716627ff9de3261eb4ac93e8efae6010ae78003998387443f720b55bfdd4e0618efba2975b59f39d1b8c8a63165cca2f1bfb9191ae5a1cc17bef1c6a2884de407818aafcb596ceb082e52908d803a1670d923634716c484160956d4e7a33c28c94b36270942932734ef95745c3c24502f5c3a54b291ec804e5e46a08e65b7a25ccd4beb4226a8b96ccc23b9ef50f8b3b1f26b7c763a1bbe4c61b2bda3d69dd7edc3dc551c5cb903666094fb80a06415956b1eceac46ae2ba1d78b6c44535793fd370a857e9bc07f338a406c9bdfd1405b50709ebfb7b23ddd9b43e509ad696e0e0fe9fb3fa3bbd8bb805b817f26f27cd38f24f971eae6417705708bef2a596cb6c5eddbf9525925c205e39a55e69039d87ad3945d9f0ef92ee741ea5dbbc09b9a67497199ffbd7040a9ce23931e9938cb36c94229a4611668a89cc8055e097ee279d1bfdd1cbb2fe3f8da9aa4c425e45515117b00475d486e64dc79048612f5c5ce227fb3aee2b481621820160d764df55785956d97925448bc31e39101fa63f67457a2e6f7e3487bff99777dc6daa2bb591ad2bfa7d114c297cbdfd615215a7d68a438fc1cee766ef1e2de3a5b6ff5f1a7cf56d71b3d87b26ae6d6a9fad76fab344df39d6c3525c5796f9127fcbb00de6108cf4272931376b4e2765bbcaa82a36d1c7d2b0d7c97f9469accc829ddcabbc29596e953a64a52156df9ea918eee363137fa8db5fc05fc58ced3bce67bd7c1af4c0fbcaaf24c463badb62c0e9fe8e5cc85a1275b91d7249a5a19a3d5456aa3230f8afcf4c2ab404f9db22b045ef4a0d4797769cfe00c9d8efe9a0df5e3652d370dee933c5d412fe506157ef544bcfab8940a5932a9489338a26b74ea871cdd46d1bb033af322278db8d8fd64148f3caf80fa4b0dd0640d106263485da3ec22b08e718787c4fb066dc63b00caaae2244608e52c2b93da431427595f102c9233a0cceb4ec0a0057fc5c5ca827783384027cfd8996a43717748df4313cd4a06cce589ff858aec84840c1afdf7df9e17cd294d4bf5ea2cffe0996dd2c7546f5c750ee993b846ccc9f9ab043da26500ca8d9717b1f2a3560caae711ed9a4ea6245a5500e4413ce19edc88c51227147a780fcc35caaa7d2926d786a84895fd4efb38556a4458da996f72688063c60d43537a8d1e4f2db8cc7d2c9bd01cd81e803183c5cdeb614f1057120d19eec467619a2b1a130640ed622046127f5cfb0f2e1c37cd4cf2aa682cd730d42300263586228427b76abac0aa33cbf6b14bf6969ce0c606f1aa9eac23390ca9d868c152dc8565f3706b8e42b6a7f4e1076a0025af00f736c2082d8974023e208e2cdf7106f160551f80993075226897e5dbd7f9c47890c6bd3c6f2bbf8b2ea92b70440e30417b23876ff769d268831d8397c4d1825a70e8fc0cf3c6feee97ac7843e7e8aeedc51946e5b0a6bc3bbadb8a3e98115bf1725deeefcd2f2a097791bdbae771be5158a7499d507661a6184c19ed0fe21458d9179c773d3e91a0dab9fd04054080f26854d39652d47292b50c34488ca3d7fe16102308a2d3021f939995baae660cb663bbc05ba05e540cafe0e0d6d53f3f2349772ad0b13339a95bf3c9ac6b9af713e8bc6e744d3b3f51728aedc6d56ca0294594b1b45e7d6bea8368a8dd4f548a3db4407e5a797fb8c0c70b43e65da5b70abd72e103a8eb84e58cfbf7866044e2a9b88c411c3ad6d2073ae08b0316678ee437321122ba8c539daf2070e33feb89012811c0084a4090cc9b910c74cee7fa53f109940ff6bb65d9d6495984626eb4a7a079ce283886a14203bf05d754137be28d910595a650ac3c0180a50cb51c4a9b194235875a10a1a15156d4d08832788a36e2a7ce283dfbe6b3324a11ccadfae28126639161693e7139488cc458759df60052e88bdd1f9d6b3db949d6ae8c6e65962ec115abf9e0ad06a5863009548a660b639f019781fd319575f307ea4fb74ef07e42d44edb591030043c5fa9b9952f695301c64ee6aab1b9f2edb3d418c01ab664e4de6c2bfb9886538581fbd0860e02822be0aa8ad6cbcde0f9084dbe40e224d17922f10b0bcaf80c57f2958e611977057eeb8467ae02db5de0b2389c89120bef9ccce365c01e93616c667adccb4f0719bb5fb46d7a9c7674f9cec6aa6d604662752352ad6359bbddb45aa9126eacdd6381fbb1ac89df6292ebe5495b05db38ac119fc51c7314d4e65c7c067a95db62d67ea5b31a9cd04b7dc719deb874f4aebe519e38faa57e0336ca0ee24e076bca7d3357586058d51eb28c73ad0662620f473798329a5a5846c8f8e2e8097ee1c2841d8f45d502573ec45f6ea1c8a6e30e5401f077f828157eaf6202e9fea891668cf67f12df7b34ca2d08419f2aabfe843dea539bc07960bded3b7a57ab17d62ada6c87b26e4b8e311c0e33e80787e9c9c2ddcb3efe9785acadb7cf478ce2", @typed={0x4, 0x49}]}, @nested={0x2a, 0x6c, 0x0, 0x1, [@generic="d8c6cfa7bca3fb494f5044873c3ebcbb05198090867435de6d2d41a8b95a", @typed={0x8, 0x51, 0x0, 0x0, @fd=r1}]}, @nested={0x116c, 0xf, 0x0, 0x1, [@typed={0x5, 0x91, 0x0, 0x0, @str='\x00'}, @generic="ca9b688f7bbdec23dfc8e643e7386157f19500d90c65fd42ce485a9dd47bc85dba2d7d97f5a8e498a66bddf9a25b95238ae08728e8eff415dcdee9dfd65bd9ebd5aefe33", @typed={0x8, 0x2e, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @typed={0x4, 0x60}, @generic="57e95151b57c56f260b63c20ac506dc9c773392bb71a07c4e907c511ad04", @generic="80931b5133b74c1888736e934d69c3744d3b302cfa9fb5a2", @generic="d2089b23f006af3ce46bfa21627c23bc0b9dd7acc7b3d27571137b7df8cedef37d338b9b0f2744e7d7970dbd398c42131c02bb661ebfb538fb22a2c2a816b361d9fc4c4a57291ba18cfcaca5f9a300a5322cb70a032381878f20a1a0cf9fd5ea4b2cab15b232ec374d83a1ab447834df82d7a782933660e05dac5b25b8406e3952c7736620f6bdf78f597db7643feb43d30c6594581766d905ee8008d33c8d04209c06b4a2fa5cf3ab423568db28930e076ea29ebf923bb8c2d1752c74a0140e019b17545c24d2f1e21212d6a27db74eaba7eb2076b841266f67", @generic="67189f30f48805fb62ce91717f13e9adf385a7d332227b35ed83eb5a169326eee02e567de74f593b6d7551aedb5da29ea1c691405efe1b36d081e40612743cc18d28224049882b48882c33335f4ef5d4a4e6b51e57a0124e7e72d318f4a541a541132cdddedf87a51d573be4a8d9710934f83dba289e77a082de82604eb56f3386454a7b18a68332c7dca214584557bea866a49108cfa65e018330be89c25d674991b46f084bdd610163a1891707b29937f5990c7a2d9275f789ad4b42bd9156effb137cf28b2266dccb2a99f3848355aa7cc9126a6cd3e0bbb47f29ef0cd1d06ba350fb2a4d6a84037974191ac30b2c4dac7a0c446a5faef9f94eba40cd40533a736032434d57fe705b9dbc93f1e952c850089345d166efdb392a6a5d54c1e7e1991dcacc3e9a1b1d65d8996cac7bc609330b1c320b7986ae4c5099769b8c528182f0490a7c5604872136615d04d4f2feaed572ad124f9e81b3e34d3a2438fc9ab593ba0a47b893e19ac407d041bdc918afa67946a254d4e14e8336845d7b90090eca46564c8f7d50bec3ee5b6f18ec564251e852c56d37043c4eb58fd63d269d9be3d81ca4dfcda3e95ac8cc47fbeaa95daeb72a6f6a9d173a5fc42bd9afc84d98ce9558c585bc909915aaf8e7b63457942e3f33fd8f45e7635b4b3a9354222b94c7f6bd801e05cdf30103ca9b5149054a2627a2ade0a1e5e3d62074407c4b9b87ff4280aa8a556cf088a737f831803f7d466c98d8a66e654a608c3c9cc426dfcc71a499fa74614ccfe46ca0c52fea7befa18b6c6afd2c57d528aa0f99201cdb1734a63387679d59a02f63ac4d3e090ad02d98352af30f46ae919e6928a43c0b9ddfcafbb30eb26c1325636024d12c824189c5dc867da617cdf4da9af62f9ef76f2c8ec99fdec14a32fc5e9326fc1c579a4e294572825fff35c5d5629730a61579829a707d0df5643770ad0484abe10c53b93b792ff25d4076024e6e0ded3cfed53a8d96b21488f4521f089e9ce2e3c08b52f734d066089a13f96360671a3d7aa21046e5b72f56228a77b4909251fc88d026d0c564de2088feb28bc528029adbb9b92f73800fe205876ced2827dab34134937a70121f82df193ccb65c94f217b52fa39f8ba3e823a90e35410c0f16fa2a9dfdb106cda3016ccf8d37971969b8eccebccd8d7ef00a5cbef436d1bc56ec85624791193356197a75b6f30eca1787d6a0271e68c29646ae36a2490537b6c8c1331249b62a3e9eb967e82b7220cb2c69f0b550376a19b0cef67618615bd39d1038b5f9a42268c0d9acb73fa1f787e9e47e359a69c770a81369623d9378a2f54eaeb30acc01c8fa94885aad23d814597a00dc48331c3d4f8047dd28f2cd706eca54f802feb87f5d67788a366192decf28bd1a943c44db7c65d0155d37954717fcb8a620c53ef34937040068aceb8ef976ca84274a432820ae3c67ed2c113acf78970e49ede1d271c644b98c6d8ef274b0fcaec40f6ceaf1cf4c434b21cfea6b6a9922e3687ff26e695db1ee764e21c046a9f9c5b2f72a82317d0c36fcbba9be5b5f48d7ab978d4e47bec6483ea6760f5c899a4239be9a1521f4f9268616ce1f6c3d79a498cfb8faecb6fa7c055795b39fdb7ca1f10c4efb8cf031e48e70d87a2672a78bf01a2f971349976faa732995006aabfe602e07f2d3dfd77c13829824ecce0198399abbdb912d4ff4c7e7395cc33b5e7e4ba7288a3ceabe6cfa46a03872065ea4b01d7daa1ecde18c9bfcace75193318200eacd127d3d51bca6236848741b4171cc6234cec8c3264ec041f69ea0265fae01a49536b031e448b35b0c44251a82172670272f80c31358cc0fd118232160796b36611793b6ce934a9bbafb39e07ffbca6fe69c31558259ccd597848c6f078e566de22b15e496cb039606bec2a3a65013a50fba6d5a295ec716595559ee5670d8a9b7d5c5169148b5d9da89589420ab7431ec8bb8febb55cb783e733f0fdcf54880f351f921f8067b1c41c0519d9c837f940dabcb0a37d8fde829b538d33034fae0148c461780792c016faf07580bb521c63772788ad2e6462b1a6ed503dc6a5adfd15a024366453c7eb00a8fd58514987a45d1e21506208db5730a293756961ec9ce4ca084d652e86f89cd20178ce5b469bba6cf347d03b42e0d5cc6a9a5bb393d1a58282af0c9c76337454d63212bbfca9f39bf1aef0820d7a476450162b53353bfa7676dec16163c6e9b7d2b346f21da83d8801dfd2036296ae3b84484bc30a5ec4c6c46b2b9ef03ed843d328fccbd59a7292f165d33a6928f8d8956daf0a33bd5ade6d547557ff1e5d1ec68284452bb1b7e1a7e930ec7b85e9b85f75830085f33abd80c49dd15a5d3991c61f335754aff5cbfab006e54acec986a5b535f7aaa263f18c7412484a7a6751471baebcc783e6c4b0c5fbf1f9210cc38919a3573bbeb697761b1590d043a86ac5eb8752a03cace010cbf6b9cc2325fd5fc878610e775d2d2140994a1662f997cd0b356a03e50e18637f480d602049a37cc05fd03bc5c8f76a6a080864c52ea2ac841ef55e508ab75782fb8b0f0c00a809bd16cd2d844cc146d77d94ec100267ca3a612d2b10dde6558ea8802c323c02ebead3549fefd0105e1da9343ae61deff09b6411e7564a51f9295730be5a29daa9ce091615280676b035f009ea2d6b4a80b7e0160ca5b6660fa2e0355411a08f35ce1937ac3c2af34d911ed9a82a3887bf5f312afeefb65015a5606b2bd2a6ff813e0499367660531466613f46b6baf4c10ab77048a5483994226084addfd00636af29385745df372dc551598fa1b6950693d0e775047a45822b77cc13b877986794401061d65b3e009133a87ee8283ed7280071a1e8330dd19fd077ccb1b687cbd05be36c4caa6f906b1108235b10be2337137c34b2ec50a598ce6ab90ab37fe07229cbf273f1aeedbcd5c3760fb4fe015a079e718ba36e12a9e059eb1db395dd349b4eca0fdae534bbbc2e79c8043e7bb9451aef5a5bc3572e58eb1510b2888a4b4ef7e38cd9cd0006c5ce6433aeff0dbb8906c008c3f724a1b8fe843192bb60ac0a1651061c2c45d10343fc3ec872427bc137e0e9c42cd2209580705666bdd00a223b88c3b57bbb414451aa031679287d0ad934a80951b9e8a0ca683f8e50627014ea2da283b58d0a7960a20bfe9689baf454e90f2687215eb2ccdf795a160a899456dab0c1fa0920fdd22a4d493db79aec95bf57a156ee06767d76486fcdf30c20aa1405dabf82e4e71af23402fda37a8c236753105b358c5d0b292f1e99d8c78e4e3aeb49636bba289fae6174786a67c5c9079f54017ae475a2e69b0d14c679bc1516ceb9c5aeabf3f6bbe5b581a0129f9f34d8283e657dc81c4fc36c80fedb8a81e0b851c52e6037bcb143b25f0ca840ad486d433150fc91d5da64dbb8bd2488b78a0dc90acfa235a50e86995df5c1d935262eed72bbed512f763841b35d16d06026b0fa22497b55d0678d465659341c0a92d314afa4137202abd3debf4732941f023a1eba87aaf28bf8d3890f0742862190e30993586e40cd72429a3465a3f1a1901403741840375af7170119753cb392459100d79f6a8b28a5d04cca7cbc34220c20abb6bc5046bd33313c31d8aa7d684f5c3f6fe1e26894fac23b38accdb2e468468b3e2087e6ecade0c4242da9af0453b430cb8fe3863c5726fadb0dab7727a063dd5493ad8cf48b0ed9e43cc7eb5dfe49dc8a647e23c0a8716d8051fcf50cebde48b8a97785ec775f828fb71257be33cc08f75efdcbf1c664c392d135733320391c31ed25bf08e58f62dc12c5c2fa432e7cdcb3affb21c2c21b76919110a4440114222d771ccbf87a77bc6da330c0ba82745251a1676ae01a15d0a1a82cff966ca015b66ae2d6355ad3ec7bd1385527c632435b40a876bc8b8fe9bc1158d828ad104f645cb23c0c3bb5ddb026dad18b5540d594aec1a8b15dd5d12498783b56fb0cbc18e3bc352cbb4a7548869668cb1571649f5d1baffcc2819ea2ed95aa0bd312cc795b430ba0f959c4f2a1219cf48fcdac9cd253c56507f6cfadc1ff89b414af3aeb8db5b189a164b276f940377e42b9cc5b092b023cfbdccdf15c72ff63d8095e6f4b9916f5aa6f10fbde1f5d5ffc397e450682af1b96f85b57456092a97c3074b1869c79533add2efa97ff7bd2753b961563c8a6a4f2a32956cfdbd9c9fcf42a88a7a5b7077743bc883030447c6c3f7a9ff6946b8e64fb7598f72410780c47a2b2885d19ae93792178e255746dda9df112473fbd3a101290100388c362f1d001e691e5b7fc55e884ab96477f07161fcb3db68c28754dee12f48087018285788951e97e2835f8b42e0641a20a0e6babb1d08ae668090b7b92a8dda598a3eacff90f91e8148285d289e1290e258e15666a3bba29b54e3b2dbf67e443b2b0f703e6edd42d4bdd67206c0b6154451bb5eb4fa577b55a81d66ce06faa1c4c572af8751ca2c65f34782cb4786fc5c25ca247eb41d7e093d930e31cdeadc387a3ea3a59052bf32f8fe0ba26040649b447da48bf5738c3f49f4d16ead971be9fdeafcace44a15753b47ed7dff0412cd922a68759a9ab684d2974f895b87e3c1c22c425e9f125e20ccb11f4b287efb657dd8003a6a07d79247d71254a57ec1576ae890c8a16d150244c9ded2555d3fecbf1dece84b1e2b2a77918cb7916bb3a8b801c384c435a8184a3ec0a5cb524404183f6d7c92bb8545f424ac956d732413977af81611bb2601bc2dcf7f663e032cd5ed62e2a39b708a59f116f8f9a390136d39f64cac7edf735f00318dde542b6ce08f1cd9894ae7cdfa9b2384504839cab412771043361ade216cc4cb5660613e861c98f98d33851c221b617cea20e1ad0956e6fc14685e3808c33f5d6be004ab8167197d62c59f0593686af68e70490fec8f615334c0de94c9604008ce419a83de1977b25d86fa4934e914cc93c634190b12c05f6a442c25ef89885f374d7db9c185b426af074d4fda2c36c4cf8e88160d40df5b52d3df7cc5f5a9f20e25668e8ebea2021eddf77f517f0c644f430acc7c8e609562c5699b91fbdd554aa46ffb7f8c097d842d7c610e99e62a254d935b84ecb998a5289d102f2bb6c42382ca7ae1314a093a95b709b2cd46c08faeba394bf2fd714bc1f6e04fb88961a25e1b9094cf26aa28053166d83df150c5e6c433853807b1e8213d7b1d75ee13e87a68eab16ecd9428e19cab6ee915ef4920b9fb7d231c29e29bb4cd348f43ff8f7b034a8e5fbd9aa7b6f3a31bbbaf25cbb01b3fbb01a5785aa5aa4cdc057f2bbc93c49abb3b445baab02686a2203e4703700650068da0d98c79fced90c7a46c53801259d32f91746ce85d69b8edcb563a1375f7f8652b54896e3a364de5dea7052429cc83a1ccd4cedf031971a76457991a1f64698b6b965c345322c73eecfb786210acf6d4f3fb30295a4c22e18538dd2e763227c1ea988fd24e49121dd51ea910a31123952713907cbad4f741806c32e4ea256381f9fb765f980bc381afac2dbf8b795738db388f66ec7e81dc602acd6606d3926853faefc02d7b9598d3bca319faec72e2b4aa6d7d67219fca1b4b871c8df055b984df5f4ef348c92e588c1d4c4d9fe8d015cfc563161ece5b783da32f9e607474ac6a09872a52b35d497d79e71cfbbec7db2ec3326394e80f89df73f66e78ad225b8781c58e57e376eb84a764be9c7c9f772e1d01961f08f2449e8d352d2ba0ba1bb5ecbb10662ce83b37364ebf075f01e29e2a1863cdaeb8ec5"]}, @generic="50501a5ad63cc89b1b0229923aded8de13dc92d468d981bdbfb80c1ac7b1bcfb7246e4f6c4f39d5bb40bc765ad837b7ebf8899fcd22286558e2949d3136a05202e079e76ff980daa1438e81a96378e4159418d97ddee97acfe5eeef388c0807b7de3e0df9028e6a6f21bacf3d51766fabd5d8286c212c158bc2f8fa46757fd92c7b69c2fa8d964d568e3ede51976f31afc2bf650648a6161ffee82ad7859982d6516181cc4365c747cd1a9bceb0233f9b2ec46f3afdf280a4ae1f644e2a923", @nested={0xb6, 0x5c, 0x0, 0x1, [@generic="249dcd12fe77ac674691e70ed31095634a561602bbf88c969c9d1deca9e4cf1d409807fbb8b6e44c37cd06e3c21cc0e06e7417e6a08f48", @typed={0xc, 0x81, 0x0, 0x0, @u64=0xe555}, @generic="cb7f8b3a29f83b47b3ecaca331a341e6fc0485f00d4064e4b513b91469cc5f827a1018acffc42c0ace33071f7da03701e33fff7c8c70dca521ee7bf48fa896b283ef8dca8911ddcf45fabe05d2c90962867cb6e40ffd572ecfbb30e6758453", @typed={0x8, 0x49, 0x0, 0x0, @pid}, @typed={0x8, 0x3c, 0x0, 0x0, @pid}]}, @typed={0x14, 0x39, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, [], 0x1}}]}, 0x2518}, {&(0x7f0000002980)={0xbc, 0x14, 0x200, 0x70bd2c, 0x25dfdbfd, "", [@typed={0x8, 0x64, 0x0, 0x0, @pid}, @generic="c9a6513ca6d076a54f0aba55496001e363a198a1c9a2fcd91b53a22603238c0b9095492e51b496ae6cc197eabfbf7e8041035eb1897afc561a35f1b390d4dad2b8265a281e04b2a8ce842864b6f0f266a744d1b73bd58e96353a67a623398293eaa21d0ffddca3e3f6398654cbee84a3d732026936abc3950777b26f0fed604ace771631e732226b5719c38c6e29b7320e315dfab63a8e", @typed={0xc, 0x23, 0x0, 0x0, @u64}]}, 0xbc}, {&(0x7f0000002c00)={0x1c4, 0x18, 0x100, 0x70bd25, 0x25dfdbfe, "", [@typed={0xdb, 0xe, 0x0, 0x0, @binary="50bf63a726ff43fc82c538b1b85e66ab57919e9d3efd317b411290ba71c28ca0ada671186d84d93272de98972650c6275260097e299496445d000efd90b56cd2c5acf00b2781490784f2a74014ed7ba04fcc362a7dedb2be784b1ce7bb34364b4aca2838b77d82a85a711557d817eea06796633c1c9626dd2593bc27d3d810c3f1bb9ef8db3fb8b30bddf939df03c971eb6e90aa86c01c6142108e72b97d5b87f4a0caa6ff01e52f548dc863ca1ff42ee7a690b9af076c53f0c8ee00359018d135c0334971089c29ecaed3f699f8f0f7a61b299dbfc6d7"}, @nested={0xc7, 0x19, 0x0, 0x1, [@typed={0x8, 0x14, 0x0, 0x0, @fd}, @typed={0x8, 0x68, 0x0, 0x0, @uid=0xee00}, @generic="151c7f6830aa906613b73f67cd3591fb2c84615f5c3eee", @typed={0x8, 0x20, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x80, 0x0, 0x0, @fd=r2}, @generic="f6a66d61ae4c12576fc6ed593bd05ab511e04a9329837d81", @typed={0x8, 0x30, 0x0, 0x0, @pid=r4}, @generic="667ba32d835745401ff34466342a690bbe4a448792814020156b0416b95e68201aa0b17a9fd0ffc335058f74da512b5ac056682ade51f276d193f2e4abc1744fc2e8d63384304c8a3fb7f89d60969b80413b8548c15973ba29cd61a1ce39e0351b1675833b785c5af2b243e0"]}, @typed={0x8, 0x15, 0x0, 0x0, @u32=0x80}, @typed={0x8, 0x54, 0x0, 0x0, @uid}]}, 0x1c4}, {&(0x7f0000002e00)={0x1190, 0x32, 0x100, 0x70bd25, 0x25dfdbfd, "", [@nested={0x116d, 0xf, 0x0, 0x1, [@generic="3927a5c342409a328e304612a1e6c1b4df", @typed={0x7, 0x74, 0x0, 0x0, @str='*$\x00'}, @typed={0x8, 0x43, 0x0, 0x0, @ipv4=@loopback}, @generic="369e1956f71c114dd32e90d76761211aa59b5a365e3092217d1405f65148137096d7542dce80200053e9a63781a99d5a0696419695040d758c9cc62c3a1613543743a07cba7d2b940728cd3026ab1df41c0853297581ab7b722d621072e650089efdf530cc7c44bbf7c57a6d3495ac2b7b94659af3d1561c8fe52f45281141cf41effaf9c8dd46b3c166967e9e85a69c7c163156a9e15b2edadca0397105bf19dcc52ef70ae17b8680917b7f25e625787f0cf5d314ab4bc2f629bcc11a5345c5a8bd35c498832887bc2a", @typed={0x4, 0x6c}, @generic="43817c61e755a8db8f053b62984cce65045a316b76fa84e7f4851316a0db72a148493a14dc16564a399c35d6a32c2e359cbbcdd23285b57d8cda4433dd1697eecb4715947960b8ff4006485bba40a5e6091b563034e1e2a3c025cab3355adb945e3a7c43d89c981442f086495693e6f1df89278b87f950f93357", @generic="6a8e382584b872a926f19fba67e7de93ddb4a06aa74ede1ce97433b06e250383c5b2bc282d6b9baad19f0a8bb585b000d0f6a3b012ce042400893db798de1b27ece6c863f88ef2e8c5498d8c1da2299f8910a48af0666704e5efa842122200d2b7056ea77eec3a35c234b67a84a32c44d2379e8ebe2202afe8077840f64ac4375289ff1fe78abb9ecd16542e3c4f1601dafececa6f468fbdb476c63817fb962b9d887e2859de0700bf18909d8822c84474844b14c85dbfe80d8932ccd0e2102c92a6eac884b353c7b494f560f2eb7e5a82dada2e6679a4c4bf7359e602ba28e74c47c297c7111d4b8a300600c608d6df90280cb6f0602165c49c3937ddf49f4fe13d12bc162741e17e16624706866d1ba6ccaf52cb1f12a9075683c1377becd5e526c811017fa20cea6994330458cb3a046e50162ec4ad323fd5ac7f18514bdc3be70af8e7556e81de7db4d2bec0ac4c4d9804bc8000e21c5d46f409ff4a043a127060ac28ed5b97d161346439d89d6e074db199221352d428948bd2096ad3716de3786ecfad1dfc78c54d2c015de042d6d7309b9bfebc1147af72820819ef5073e0bee8a7347486c895f24cb8a876165183adf7a866d3da156b645394b1de8a5ec7c911bc8592838190b2b989fb78785c7c146336daf5168f70eae98da2807c63fc1e5caac861f96c9b025f22645274b5b24b1dc9328717cf72258b14dca9b152327156f0043d38bc0fd6d66db497cb7d16dacd8ae85ac797fca33c8b396484b29498f7685f99736107978a0993352d7acb30e46831b484ef8d29b9feb78e261698cd8b93729d4acb54189d0661a7dfc22cc7932072dc68d2d8b00caf01ff17da85bd8874f3a9080dfd015bf0dedde1efb2da07fb0709440b0412a3893d5b6221c376df05bebd237433204058ba6aa36811948b3cd4d21d85b67de50b1c84cd299f3b29298ee6815ad53c8f2432b97860176aae4f0f385a7670d7046fb97b2e1bbf2b2ce4e29b960fcce5e9f7c0f6b0c2fd568734bf357a8afad0a9044e32ca025b9bfceef178c32ce39f2738a4a45b7b32c78da23985157033d4195ab98ff0fc34dba5fbd0334730600fadaddc211d369e4739b3afed4ac2eedca6b97de02a7267df5e80ddb00f5c8c5c96280a94e75e8dc2fe710c2359e6bbed9944317b82743d63f7f5857c3eb4f58defc2d4971f4f224ebdebb5d762e7058bf692a5b0891dd4e8ddbb61535b7e3420b7921c1ca5e38ad888a8879db15f91be38d6ddb3c208b7c3db869d13f3aea03816fb54775fd172daa4a4b3f0fdf920b33892a396a68b72097ce1ab56b19a39883ca5b768d2652d5cbc290cab44c84edf3bd9286dcbe8c0c4939baaa609bcaad411dc0c28837ccc594e3f36b7c42b9b9eef54cb3263943b6b263551bcae40d826d106e49009a232f637faaa03c0729e66a84028f4173b3a1b6fc217c04daa62808dc2d1cfe073aa2c830bcfab49b295b4a35e8b677fe5ffaf04bf45336fda74a865a131f63ca687cb153876f440804675e938a986f8e37ce96dc6d20690f4e91a10fe97a63034bf5a2c2a7c9d4cb0d980a1cc6b86e951c0783fc228ee9371bddbf9aa29712ea0f7a272c61529ea572170acf0f6a1cf397b8140e841fafeb8f71bc8cc0c0a2e8e389b2c0d3b220280d85a36ce8a7a8df89efd6e1641fdbb5111beb99a3a8258d2520629eebd13288a4b46373ea5cf435823b6d1afd314b941c9aad01ab70a5c7dc3c8bf9aa5efb20ece4e5d4e386e4a46f2ab5f0cfd5a2bf74bdcf7a9bf6e9a7528c6a8fb086e4164bebd31ee8ab1baa8de5b20c6e02c5d96af2e8adbf9a1542ea5e86a7efa7236be8267ef463d00eaa09ed61066a666bb15987fab64553c297d3c87e3c3f4c0be69ab1dacb3d4fcf8984183b907b13921231f6eae8edc04012bab0a8ba74ce776c3c80375c98e87a2650f6456fd5ec3cdadc0862d7eed89bc8799f92befaf72b0824d6495768b53e4967f55235076248577b4b799b685ddff5dfb7af24d0b9ae1baa69160f9478e7e6cf22f90b18979d6f70ec81c0b66a9c9af475ce824eea3e4c0dd08505e4ac39f2dbb2fc28b4219925cab02d8545b4ab3cd30ac5e584c85734a000280adcd7a1213419f4f5dae989d5346e549b2c59840bc21965012fdfa544cab846e9a3f65f90d7ea5a75351ba097becfa63e9575c17e8049a852c7125f5ac75eb08b348c48a14f239841525042ee1939343fb6fc07cb7faed16471d6b9156b487d37696b8d165e963bd3580a30196907c249144dd9e2b8e787d640a72acc08ac7afd682f4403b461acca3679a92d84455c546986efb4d92936f26a8a876636164e5b9e66d6ebc379db971221f4d252ab306c66dc8f96b61958d9945b6a4cbed9df0423c7dc17c466941c5539c8fcad5b68ff8a078c33ec61e5a0d4ed62ab078b09487914ffa8a28871e11138115a29cd6b37ad0796397d02df5d7b42d71b4cd57f3cff52a832f4f7094a0534b3e6a66c8ce8db7fc094baf6dac8a7fb01976ad7db4d32d5391deb990ad9110b94c660b641ea91d98374c13a8936567794555c1243908b99ab53a9ed54a59412a67be564505bfbea5424ddcb2d32904d813fd2ff0e27c6ab9076e6359f913a24963dd32ab3092e5302efa2b915ec6a4c107c053c26bae43ff857d87af3f5e9168085bee15a2a878d623e624b198c7159e58143f339c0346830f9a23a3f9168c63bd0ee20dc83af610ebab431b61ae31e188f843d767dbc366603bee1b9c3fd366dac43a9b2bcd473ea86d87d2108dacc96058ce4a7f1d7f43ded2a21d1bb9d11c83eb37a52f82104ed793845376ce84c3036206324d3eceb40fe3ecf37e6cfc39a4256b660d78adf5887fa942bda03a3406e4fbc6c2161c3668fb7a401f360356a8283eca881a7df703d83aa2b59b35f47a296e5cc3686dbdc6f27bd533d67ef9d6f0579a7894526c68e5e6fc2d97dfb47567c1d7f3d23ad1b984ec2b0f82c2a22b59e379a3a814aa752905b36cf70df6960e61a14670f7df3dac9fd2e5af80ad3df4bbb7abc20b5ae78a170ddcb08486157e46f6c8ea6d02eb151fa9c6becc447feba8832f0bc4c23a09873aea17821eb97295b5845ef3c775d40e0150e151337718756768acb86191efb46c80a7b17f26648be972aec1877aef88537577273fa2a4ad9491188c7b9070661243c461477fe54f1c5f16f07f0a0e313dc599edd1e92e160df8ba06c81f70787a8dc422a10592c35ca94af66f72cee8ea07113ccaffdb9a8bbe628edf742f1ad54e6d0c2e0620d8d2521a6a77812b6059b3c81d4a97160021d693e1d154962071ade803f0ada3484b696ebfd69bb7567a9c80e31d1fdb309065abcf431c68f199b58e32db18d9d7984dd0fca5892fbab3457cb05a5ca1737f4a63092e2b515533374c29c602fe18f4bf655dc195855f62661ddbeb456cc34bb68790b050c8c8f2d2cb96df42aedc8bff9ac5cc319d63814d8d60e5fbec1ec6476a8f21c1a1666cc7f4a258f3cbdae016acab3ede199ef3cb110fb9db14792e91eb84e46d9ea0211b8b158054e2d84a97d79b9b15b4135f28cf271f5662f217575526db2b4e2a92ebf77a75ca2c057de8bb2067030d8b15b9602afc653f2eef29f0899fddf9a0f878b4db9d22cd2519a83ea56cb2174d358e208a90193dc608556368410b057fd727388c21ad9d484d5fa447f0b4408a9fddaa22a815190a56c31763475645f9141ad7b5e9011ba1f2a681e2383f97a911cfb9e4db0456a35fb2cac8ff7ec3d26f4e7a712a83cbfd36e8b720d021a7278809b646ffb65a99918812d1c5a67b828dfa45d150520643b71ef05849343df3d775956ec1392528803314453bf63650d0785b84f6f45c8d64373e4acdce61734c1c48a2e04cae8286a3220692c9f6267aa44f982537210b4219ffed70fa8c4767dfe7d0946cfc6507565c9ad5a59ceefe76abeee191ec1777764b1c9cb0394f7a733c2af28e40946e2aa11db256b87a0cbc6be05061f129a19deb77038e654d1670a0f37e41d061b63235ba36dd182990faef680975695a251e45e272503c424570150a754fc4ab4108666d66612dbb1863ff4b283bd875b3a0ba87d5153f30012557a2b4c49ba6605535605667596cf77edce8ebfcdc29f57a1d42492bde1d86386cc5084183ecd4c9ca8874674118d5710da6f3a3fea503ff47e86d7dfcf61f0edd63f12b8296a962ee3475b126d6a966a871879b10be75502fb9ce6bb1e9954c28b5e19867dcd7c8406d761e2394ab98460ea5df65a241eb01e39b1728598d987f3add91fb6dc1c9a9b03d38c27f1a3275c61243498865a21b29cc72081e3b8bd790e9ceb0b25fe1056cde3d17a6176f16951ebd6920aa1ad5e0fccbf5ab451dcc24bb65db1fbb8c22d0e5a22f8668a2852147601a1af98ecdd1cfeaf0775260210ebe6c6881b27a45200dc07ace2e3ceb8bd4a2554193fd29cd7074ed4374788dfcb16769c89fa42a5964ceb638a8b601f4c482eab54f9ffba2136eb58ffb17086d0229c2e47e58e25f4e4fabb544bec48d73a68ad14c7911bb3db5f1e1f57f93b6bc0dad54691a628f3fb2771111f6c3c6640ccd753d2a4426730c5b37a6634b8375de3e70713f182f38923d203810be5238ac969ec48ee9118e1d46ac9e62de46c50078f62b54bdc689179ab553d26ad08de4d5b28cb222f2e47a2c9af4afa03700386bc9bc7ae7571f03c3d996970fce85465b14ea9e2cd23b40b163c35f12f6e2cd3fefc4cd2167a9f3f2705094b5f25cdd701d38ba7992ca72e996654f721a8d44c622705629a2766cd8eeeefd4e03a0aa83dff7fd97e1d14710f5426b67dd191437c46b351bdb2328eef900df58de5ea2910a658b1c2de8c91bcda849a97f3694e3a1e78459317f2b974589eb7f12e26b83e803c43b54af8a92f0265ac83add3751cbd9b3e6781c6a700a44f5cbbbf1958361f523a137a57ee278366998788b00b32eca738b9b8ecd7952b6824b377f510734ea8e81625a17afc359a4d5c794bc986a678e175e78d0361b1dab09d2eac4a57bf5733d2a44860eb9c330355bfb0f7b7e157ae697a40b51d5019c2028d210f6e11aec33b5c2d0ed5826be4cf066ec2232dd2a0ca2f15ed45cfc096eb7d5477081dbc5b1bd7fd14c7f08cfcf9383574b32e7e16ab7cb8df104c9da16855ed6cd2bc48c7ff5157f8a1479c58e37d1505de3c1fd6a761fe8ed27655801859b8335e2df411518a718d43417cd04144339c24c96885b01d0174f84702e6af1df51aedc2fb556291b6fa3e9a6abfa3e7e4bec356248e549152a59c02c12e59ddd3379e5c9028057ed09aee582d2f17c235a5d2205207d06065cb78b2e375e5dfa76b602cec5169e09435c756abfef4d604236868dccedcfb106cdf4821d32486e1e8ee5e4794954136ab12b9bb162c5df97190f9657027cddbb9720b087f79a68c985b8a859a15aa4ff43f7384c20950611816720331b6c47fff12568e411859cfc8ae6c1c63c9abf380a73bfdb5034b84d3d9bd5998c3ad41a87a052729f5c77580ad7e40ad44f32f728e6b36a1117bdca9f89a5abe39ff8d85820ac8993137e2c654781edd0a5b6d04bb087784fe353db72faaf00a9be0b998924c8ccbf60f1b457fb06101b2673baaeb5d4e349f836a5731f335957cd95f45e92e7f4ae9ae8022be433fa2ab69026209c2c93f0ffb214f7e51be5dea480dc03aec5dbb04f1fb464c3ae214e66cf22295fd4d8b794f1de179e8727f795c9a089e660ead1d2b8e32a3a4bc9219d5a43"]}, @generic="80c0ea6898cbf265be8474f520666d"]}, 0x1190}], 0x5, &(0x7f0000004080)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r5, 0xee01}}}, @rights={{0x1c, 0x1, 0x1, [r6, r1, r1]}}, @cred={{0x1c, 0x1, 0x2, {r7, r8, r9}}}, @rights={{0x14, 0x1, 0x1, [r10]}}], 0x78, 0x4}, 0x2400c8cc)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
accept$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)

[ 1558.856117] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1558.863363] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1558.870616] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1558.877869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009
[ 1558.885130] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:24 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ffb000/0x4000)=nil})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000001c0)={&(0x7f0000000140)=[0x80, 0x100, 0xa6, 0x2, 0x8, 0x20, 0x6], &(0x7f0000000180)=[0x0], 0x7, 0xffffffff, 0xe0e0e0e0})
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000080)=""/123)

[ 1558.944406] FAULT_INJECTION: forcing a failure.
[ 1558.944406] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.959922] FAULT_INJECTION: forcing a failure.
[ 1558.959922] name failslab, interval 1, probability 0, space 0, times 0
[ 1558.965137] CPU: 0 PID: 28919 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1558.979000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1558.988347] Call Trace:
[ 1558.990935]  dump_stack+0x1b2/0x281
[ 1558.994564]  should_fail.cold+0x10a/0x149
[ 1558.998717]  should_failslab+0xd6/0x130
[ 1559.002694]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1559.007354]  p9_idpool_create+0x3c/0x120
[ 1559.011407]  p9_client_create+0x1d4/0x12c0
[ 1559.015634]  ? fs_reclaim_release+0xd0/0x110
[ 1559.020043]  ? p9_client_flush+0x4c0/0x4c0
[ 1559.024271]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1559.029723]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.034753]  ? __lockdep_init_map+0x100/0x560
[ 1559.039253]  ? __raw_spin_lock_init+0x28/0x100
05:55:24 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockname(r1, 0x0, &(0x7f00000007c0))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000280)={0x5, &(0x7f0000000240)=[{}, {}, {}, {<r3=>0x0}, {}]})
ioctl$DRM_IOCTL_SWITCH_CTX(r2, 0x40086424, &(0x7f00000002c0)={r3, 0x3})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440)='batadv\x00')
sendmsg$BATADV_CMD_GET_VLAN(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYRES16], 0x4c}}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r7, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$BATADV_CMD_GET_GATEWAYS(r2, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r5, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1f}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}]}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x4004000)
r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r8, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r8, 0x4010641c, &(0x7f0000000200)={0x0, &(0x7f0000000140)=""/147})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f00000000c0)={&(0x7f0000000080)=[0x2, 0xffdff4a2, 0x1ff], 0x3, 0x0, 0x7, 0x1, 0x7, 0x7c, 0x101, {0x7, 0x9, 0x200, 0x1, 0x7ff, 0x8000, 0x1, 0x7f, 0x1, 0x7, 0x4, 0x40, 0x6, 0x1f, "f4664eb04d7ff7453daf18275431c6e88ee3a1de52fcf559b7046458daf80c85"}})

[ 1559.043840]  v9fs_session_init+0x1c5/0x1540
[ 1559.048157]  ? pcpu_alloc+0xbe0/0xf50
[ 1559.051948]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1559.056789]  ? v9fs_show_options+0x6b0/0x6b0
[ 1559.061200]  ? v9fs_mount+0x54/0x860
[ 1559.064908]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1559.070349]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.075363]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1559.080206]  v9fs_mount+0x73/0x860
[ 1559.083748]  ? alloc_pages_current+0x15d/0x260
[ 1559.088319]  ? __lockdep_init_map+0x100/0x560
[ 1559.092800]  mount_fs+0x92/0x2a0
[ 1559.096153]  vfs_kern_mount.part.0+0x5b/0x470
[ 1559.100636]  do_mount+0xe53/0x2a00
[ 1559.104163]  ? copy_mount_string+0x40/0x40
[ 1559.108384]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.113387]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.117256]  ? copy_mount_options+0x1fa/0x2f0
[ 1559.121741]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.125620]  SyS_mount+0xa8/0x120
[ 1559.129054]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.132924]  do_syscall_64+0x1d5/0x640
[ 1559.136796]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1559.141966] RIP: 0033:0x45e219
[ 1559.145133] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1559.152830] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1559.160079] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1559.167327] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1559.174587] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a
[ 1559.181853] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0), 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x9, 0x6, &(0x7f0000000040)=@raw=[@jmp={0x5, 0x0, 0x1, 0x3, 0x2, 0x10, 0x4}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x1}], &(0x7f0000000080)='GPL\x00', 0x3ff, 0x0, 0x0, 0x40f00, 0x18, [], 0x0, 0x576554c0e2fd8a76, r1, 0x8, &(0x7f0000000180)={0x5, 0x1}, 0x8, 0x10, &(0x7f00000001c0)={0x5, 0x1, 0x2, 0x4}, 0x10}, 0x78)

05:55:24 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x48800, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000040)={0x1, 0x10001})

[ 1559.189123] CPU: 1 PID: 28925 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1559.197011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1559.206363] Call Trace:
[ 1559.208961]  dump_stack+0x1b2/0x281
[ 1559.212593]  should_fail.cold+0x10a/0x149
[ 1559.216749]  should_failslab+0xd6/0x130
[ 1559.220724]  __kmalloc_track_caller+0x2bc/0x400
[ 1559.225398]  ? p9_client_create+0x2e3/0x12c0
[ 1559.229812]  kstrdup+0x36/0x70
[ 1559.233010]  p9_client_create+0x2e3/0x12c0
[ 1559.237249]  ? p9_client_flush+0x4c0/0x4c0
05:55:24 executing program 2:
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={<r0=>0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(0xffffffffffffffff, 0x40086424, &(0x7f0000000080)={r0, 0x3})

05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x1, 0x2, 0x7})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1559.241486]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1559.246944]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.251961]  ? __lockdep_init_map+0x100/0x560
[ 1559.256459]  ? __raw_spin_lock_init+0x28/0x100
[ 1559.261048]  v9fs_session_init+0x1c5/0x1540
[ 1559.265378]  ? pcpu_alloc+0xbe0/0xf50
[ 1559.269190]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1559.274037]  ? v9fs_show_options+0x6b0/0x6b0
[ 1559.278450]  ? v9fs_mount+0x54/0x860
[ 1559.282166]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1559.287618]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.292638]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1559.297483]  v9fs_mount+0x73/0x860
[ 1559.301040]  ? alloc_pages_current+0x15d/0x260
[ 1559.305621]  ? __lockdep_init_map+0x100/0x560
[ 1559.310120]  mount_fs+0x92/0x2a0
[ 1559.317842]  vfs_kern_mount.part.0+0x5b/0x470
[ 1559.322359]  do_mount+0xe53/0x2a00
[ 1559.325895]  ? copy_mount_string+0x40/0x40
[ 1559.330114]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.335108]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.338980]  ? copy_mount_options+0x1fa/0x2f0
[ 1559.343453]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.347325]  SyS_mount+0xa8/0x120
[ 1559.350765]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.354632]  do_syscall_64+0x1d5/0x640
[ 1559.358541]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1559.363708] RIP: 0033:0x45e219
[ 1559.366874] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1559.374560] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1559.381808] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1559.389062] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
05:55:24 executing program 0 (fault-call:1 fault-nth:11):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:24 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000040)={0x3dd7, 0x1f, 0xb, 0x1000, 0x8})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080)='l2tp\x00')
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$NS_GET_USERNS(r2, 0xb701, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f0000000100)={0x5ad8, 0x8000, 0x2675})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
sendmsg$L2TP_CMD_TUNNEL_GET(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x121, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x44890}, 0x4800)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:24 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x9, 0x9, 0x8, 0xfff, 0x100, 0x1, 0xff, [], 0x0, r0, 0x0, 0x1, 0x7}, 0x40)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1559.396309] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b
[ 1559.403557] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:24 executing program 1 (fault-call:1 fault-nth:12):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:24 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r2, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'gretap0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB='ip_vti0\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=<r3=>r2, @ANYBLOB="00448000000052a200008190787f0000017f000001891b37ac1414bbe00000018c1e00010000000000000000e0000002000000000000000000000100"]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=@RTM_NEWMDB={0x78, 0x54, 0x2, 0x70bd26, 0x25dfdbfc, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r2, 0x1, 0x1, 0x3, {@in6_addr=@remote, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x3, 0x2, {@in6_addr=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0xc941653a7fa359d, 0x0, 0x3, {@ip4=@local, 0x42cb0184a5b009f}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x8800}, 0x20000804)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000002c0)={&(0x7f00000000c0)=[0x3, 0x6, 0x906, 0x9, 0x2, 0x8, 0x4, 0x0, 0x3], 0x9, 0x80800, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000300))

05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = getpid()
wait4(r1, 0x0, 0x20000002, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040)=r1, 0x12)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$AUDIT_SET(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x38, 0x3e9, 0x100, 0x70bd25, 0x25dfdbfc, {0x7, 0x1, 0x0, 0x0, 0x5c62, 0x9, 0x1, 0x6, 0x0, 0x852}, ["", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x1)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1559.460722] FAULT_INJECTION: forcing a failure.
[ 1559.460722] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.489886] CPU: 1 PID: 28951 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1559.497803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1559.507161] Call Trace:
05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x8, 0x101400)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f00000001c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x3, 0x4, 0x0, 0xd86})

05:55:24 executing program 4:
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000))
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1559.509771]  dump_stack+0x1b2/0x281
[ 1559.513409]  should_fail.cold+0x10a/0x149
[ 1559.517561]  should_failslab+0xd6/0x130
[ 1559.521537]  __kmalloc+0x2c1/0x400
[ 1559.525079]  ? match_strdup+0x58/0xa0
[ 1559.528886]  match_strdup+0x58/0xa0
[ 1559.532513]  p9_client_create+0x3ba/0x12c0
[ 1559.536753]  ? p9_client_flush+0x4c0/0x4c0
[ 1559.540995]  ? __lockdep_init_map+0x100/0x560
[ 1559.545492]  ? __raw_spin_lock_init+0x28/0x100
[ 1559.550074]  v9fs_session_init+0x1c5/0x1540
[ 1559.554392]  ? pcpu_alloc+0xbe0/0xf50
05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:24 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
clock_getres(0x2, &(0x7f0000000000))

[ 1559.558205]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1559.563046]  ? v9fs_show_options+0x6b0/0x6b0
[ 1559.567459]  ? v9fs_mount+0x54/0x860
[ 1559.571172]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1559.576623]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.581639]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1559.586483]  v9fs_mount+0x73/0x860
[ 1559.590026]  ? alloc_pages_current+0x15d/0x260
[ 1559.594605]  ? __lockdep_init_map+0x100/0x560
[ 1559.599099]  mount_fs+0x92/0x2a0
[ 1559.602467]  vfs_kern_mount.part.0+0x5b/0x470
[ 1559.606962]  do_mount+0xe53/0x2a00
05:55:24 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x10})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000340)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000380)={0xffffffff, 0xfffff00a})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f00000003c0)={&(0x7f00000001c0)=[0x0, 0x0, 0x0], &(0x7f0000000200)=[{}, {}, {}, {}, {}], 0x7, 0x0, [], 0x3, 0x5})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000080)={&(0x7f0000000040)=[0x8000], 0x1, 0x4, 0x1, 0x1, 0x8, 0x3, 0x5, {0x8, 0xca85, 0x6, 0x4, 0x5, 0x7, 0x7, 0xff, 0x7, 0xfff, 0x6, 0xff6b, 0x101, 0x8, "0a165323d0df4a96ef3b2666fa3ce6f6518127515ae501654fdc39764c35394f"}})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000140)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000180)={0x0, 0x1})

[ 1559.610507]  ? copy_mount_string+0x40/0x40
[ 1559.614743]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.619763]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.623652]  ? copy_mount_options+0x1fa/0x2f0
[ 1559.628146]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.632032]  SyS_mount+0xa8/0x120
[ 1559.635483]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.639397]  do_syscall_64+0x1d5/0x640
[ 1559.643291]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1559.648477] RIP: 0033:0x45e219
[ 1559.651659] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:24 executing program 0 (fault-call:1 fault-nth:12):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:24 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1f, 0x600100)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000140)={<r6=>0x0, 0x0, r1})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f00000001c0)={r6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000000)={0x200, 0x97, 0x4, 0x1, 0x5, 0xfffffe01, 0x4003a})
r7 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r7, 0xc0206434, &(0x7f0000000080)={0x1, 0x0, 0x1})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:24 executing program 2:
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1110000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="28000000f70300082bbd7000fcdbdf2507000000070000002e2f66696c65302e2f66696c65300000511eb09ec20056bdc7872af1274c610120b21bc4901855ac00e73070453ba304d0b761f2f97a3b4ce9cb1dd00fdc4b22ccd26b5afedb6305d1493ccbde329d9d92c0947d10fde6e42517eb202e7ed26959f51b34fa81b927a88dd6194eeddf2bf29693cab6597162c825f49438073349d4bbce56b98f6745c3dbedf965f74268e5a941c10989142f0a1bf9dfe500680f02f0cb42e721ded3a4863b9938ca10087710e1155bfdb579bdcd2614bfda07fa3bf3604aef48ac959be99ffeddbacfc5ec4ffa6e6ff330b52d58f450"], 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x1)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
accept(r1, &(0x7f00000005c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, &(0x7f0000000640)=0x80)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000180)={0x2614, <r2=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f00000001c0)={r2, 0x100})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f00000004c0)={0x2, &(0x7f0000000200)=""/209, &(0x7f0000000480)=[{0x24c0, 0xfa, 0x3fe, &(0x7f0000000300)=""/250}, {0x4, 0x24, 0x1, &(0x7f0000000440)=""/36}]})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000540)={&(0x7f0000000500)=[0x8], 0x1, 0x80000, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000580)={0x2, 0x80000001, 0x6, 0x4, 0x42, 0x44, 0x8000})

05:55:24 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x7, 0x59b0, 0x5bd, 0xfff], 0x4, 0x80000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000180)={0xad69, <r2=>0x0, 0x10001})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_FREE(r3, 0x40106439, &(0x7f0000000040)={0x7fff, r2})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000380)={&(0x7f0000000340), 0x0, 0xc00})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000080)={0x5, r2})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg$sock(r3, &(0x7f0000000300)=[{{&(0x7f00000001c0)=@rc={0x1f, @none, 0x19}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000440)="3dd6b630342ce780f6213fbf7dab7e9fe9304455fb09d6b694d07a1bde411fac8f87668ecf091e4d22241ea05e3fd93ad30db07d74a24bd0d12a0afdbd6ed7b792c7dcc9450e61fbc6f4651d2fee14bbfea28b58e26a577babc0705a882cf2a75f9f0e77c3a249257fef248f2afb53b264d733893354b756b4fd2c318b5b4996236c15e92b836f4fc79a27dd5b8526e0452eebda56e5d5d852cabb10ecc7455890b5a3cf9df058e3c85937be11c40d30dac050a4da1ddf4d2905dccb18071db1859b1ebe5614380319a36681b07b56c6e134e9479b62aa11858b90dfb7dbf5300148c4b733d2f906330f046acd02ffea405654c628a680df6f70b97b20ba9646aef7952e5a8a7de2da6418372c6ab288c476c3ff9a7ee7e781cf7a86ead671926f53c2a5193d1230ad19b61f33573a9945ab1eaf8c9ad26aca38dfe1e9bc25788dd85b50bcc0b0d2a8a3ef6728398cec015180b9b6e385029dca6afa31e9f85f4f38d3ce4fe17085b527464d5c67e785f523715ab26900b4668df521c5c10a1b43c113dc7220e423d9a9d6a80752d57b006e302dc729204a65792cddc2a71f49297bec813a026b32e050064e17e467e1e0930f4d328aed37ce8f71c54fd07af6004944f1a257dbc671b8701f3b6ba28048a356216563cdcad74b91bfa6e310dae2cb703273da3a192d4afdc06e634e574c4d078f867142fb9bc05f98462e409b89395a5fbb8afd6c04e899b59378fe37e91595a95e647d6ebd47a8ce3e0bf1f138a7d1d1c592b98872493d29e7bc39e14f382f8f15d76879970b86ced8549ce453554aa0789a2dd7726fd2b1da1fb09dee2cde02cc7349367749ecc6c2368bcac2b882b4e69d647b24dc8ae8a5af88e18f938eced7269805552f43248e7b14770c5cb24164d0b622d8852e53609efcdd28f43e877ebdf1b64ee3a79417de096843dd37753b2825e73ecb975bccd6631debb4d4cfeb927d16f350aa8f7b098bc680ee0bd2f07baf6c26f21f9bc1a282dfcd34d278455aad8fc49ee9fb7b8402c5ed5d8c81a5d4b29564fe29ed44ccc35508cda6c71849b38ce3e95bea87b3bbdf0def1ca47fde540a54d37f705d535e1b5cd9dd357c9bd82772e0b3b1bcb02984d208d3ecbd9767961123c8584a95d2d32622ef6d346fa43f130229f405dcec3a2a14f063620edd9b899b7553d1d73edc3aa81b7347f87a9c472ceaf26b71655e94835a398c4a56249a9080193175be4f4086b71c33ce85e54a9e6374be1642f8345239a70cea56451e0b4e767bc8155a232b0b3edb363a815bb866171085168ab68345fa482f909a5a3d4bcfcea3ca0bbac397ee59c12bc2b2a9c5c845c436b356be8323b15c17323d399e06f6638e81eaf248bd3bf02f16fa1c14e45dccbdc6a0e11144992a7d86399a47f04e500002341d8a54abc61f180e90dceb956316ecd0f54ee1c9837b93ddea3772cfef949b731c3c4e2e6c162399c698ce40d84a5f64a0cb808c58624adfe2ffef1d5e317127292a384f8b613fe2a3e36f3c5a6fb49e965563476f88d18a11c397585433398831a376d5a409795be834bb811173c8159507d7fe45647e84e0e17d6a6aa94f73292cb99d0ab8136c425ebf242267f7f612577caeec56f72e88c84a30f7f8923064e24e7e7463ee50a4da26ca17ac68af6ecc83d9080dadf12d694136c02304b69586116e926608e347040e05596d8dc33c787e8cbd3c4f9f3c916a78cea6c547e48d5a4949616d62805d2c820bda9bdd9c33ad8ef113089b2870748259aae6badf6890028ae1cb6ae02f5ecf57b944e06b93c67dd0ae5ee3a6eca8c1f98102a1a5c43a73469a6ee38879b37c5bb5158a7eee2ccaded93d16b8615a70c3b71893361911db3ae726e8c9de7a741f241eceb4aad00d0220c53e0b90273c00af7781445e6dacfafb6cbae5fb4a4a13334028a4d522552aaf5e4cda58910fe02ccfa1f3ca8472d66cd75e38929e2e93ee7c574715e95005a0c937359ba954f6f58d19e67f8cec522b6afa577dce261d3222a620c8445d5c0fed8ac6f8abfe09f4e711cbe1137c54a555d9db1fd5b39c1fb78811ce125cc4b7009864603583c3a8ae137a58ab4c11a387ee02b05081bbc6da18808c9a45a08f8078b1f7d9f59765fdc6e8db0fe3c9736ec0013f80fa99e36069ffdab1bf93243c09b6affd029a637307785aec87a9936008a86f316df7acd8c025c876978a79d8a7818e70160bdc9f08d33b2a1dfaf5d3592a9cbf262e8958f9a47bb23c58c121c030ba2ccb7522583c590956962d1a2f561af7258b52ed806cd02527f0278ed857f257cb39dfafa65d65f3048f6b4d4924e5a8996a593f91706d7457dcd4204cb95e27b0fd600516a582806574b144826c1aa4d803c3aa94246f49c7fb7524b57bbdeed5225a56ba5449979de966d56bd5be827abd72d10a7c18a3df58e1d22935bb59893f5cec93e0b4ca6c1d14d72343f7248558eabb9fc06bf70798a309d10fb74de1487a4df63ffacf0a0ea98ee02553d7c2f1a200156b926cb518f176649b2a4376401d9e9af6f0114943269b08830ec4b557702826af7ff6e6aac4f8329d9a13e8ff13bdf3bc4e7f12bff9f7dc5805ae117bf0a6b93c3b80ca1c300290fcc99f1f18d115443862347d3d1d242c01f08f898484b903c4d01f8627458cfed542c3b81e0c548e25310a986e8b967160d1a5d426eff43a254c92bde369a964018640195c2172d3c8897e4f92c4fb091698d99cd0227ed4ca50528d679476828efd42e0d8b33b2cd982dcf5c1f7e2df9b770739e8569a7e5f2a6cecc799c521462e50915aea4173fe469c16b6c5b83162c85a881d2dd944daf69d1a71bdde0f58dfa0787b4e78d58540f8e359c40d04298c8573fe7b9df417073e2c671e9618a61dfed6cce58911e14da6e809bd464f40bbfff6135fd526abc4036d0dfa26346ce3434779ff1e3ba1082b43f84d4be7344eea95a3c5eed57449e8c5b34e79708d50dea3a9e0ee6da1174b64938f9ec3923c4999b9fc327f431313f41061592ee2b1ee9124e7f8c07b1ebca72fbaa694a7447430b0cbe415b4eea7a123e8633ef3ef41bcdf028efd0d6076afb7d83d028f9e466648e67a6b77433bbaa853e5bb3ad0c4a411f37abb2dd4a6e9bb82c4cd9d8522cd32c534a8fcfeaacd1d4fd039d2f242411898fdf8e4522efc5815e2ea07eec7baeb9a7bb1e0729e79ebd7117290897857e823447ec65a5b12cbb5404a29fcb7a43c26e29c44ce07f4597e7a88c11861a8cd5535f13dafa528933c896bd72898bc489df0062a842dfec9dce77c0b9a453e53fff2b6da75302082e51e6a2b90689c32349fdfa7980fc3e7021f5b9e812f3310f1bc2dd04354f76e412e9ec36513cf45a9f65a000dcc635509f43aedd5b28ab75796286f555c571aac6adc3ca76645014c0da8407205676b28ec432ebb2c74446ebea1643301669a1ac4bb43a201bdad86bbcb398d2a93dfba6939cc2ebe5e385d2ab2cdacc078d8cd80e7acc95a4829cbf63f8b4d5ace2e47809910603e41d987545ad907971858b3c1310a78c768300dd22244761011650179e471470824dc5d6d433a5fc2303de6e1270a6926497967f70fce18e8c3a74238cf486bdc90577853bb1f20c4c9eb3b5d15ffc9514afe68d4941baa9b6cc1585ecf9a28baf2a68911ee4dc79be3c3810e49456522636c2c43cdac7890a2dd60f47649cc09e4eaab0a241f9f7c6987f40648e824f52eaeade5d4350f70bb15045ad5bcc23bdfb5cfbbd7a7a6f6d5219c5934f6ecccc6ea8c7e41ec72c3695241e0d6c080efe0442087aeb06bb6fdb4b70f21911951d03a324432eb4cf8b4b5148b510c2245aa9e9bf45de284f2bd237e7dfb7516c8775b6adc6ec5e1a1d1da31fb62989a5a7e30218c725e48f48a89d4db28de8490ef0cbe9c084980a8ba00bbf1b5214c34a66abf0ae083bb25c8eaa2040883b7ae500a56c9e586761a6a8323a21bf8ce0e383cf42325e37501a3456b10d5556a390f568c204fbac9ede119bc742f08410a6ae3fb60b8e74aa6f381a44365be62e2a58d223bf260eb4086bbd5f49ed3bdbd0a86b1aa0927088a5c581eab1e730170460bcc484ef32793d5e7017dc7614accc284e39e2383da3703f79f7032fd547e847da5d5e65cd5a5bfb2081964ce3b2b1fc5dd4258b71d92454e70ab0c67291c2114e4ff2f47c02e9d00d312aea3c04c61c1f66014763f4467f6e4b34eb61ff28b5494f6f46baee847c717b96ad128a17fcff1924bc32139bb7e450e380affdf5ccb3dc9cce563b060b275170ae30bf9d55dcb60013c4ae743d5c47734572209e12d268a436eae4e058253dcd1364116e6ae3509969147eff238030a4ee4531737033234ae733e442feac605203693ac1297abe6f95651e14694daed7fa7cfaa3b77b61ea42ef85b0cf5fb88b4acc686bf02fb667651231b7e6d9cfdfe08fa0737727ec0792210cc329f90eef38a5091c8be5e88676fb7f07f1044177d91b295cb2b5878bacd1e47f95b566f0a5ab747250e8e9422adf7b96841c0525ecaf19f984b09aaefd147c070a543e7f5d8710e06cd1f081fcec329b692061cfbd398effa0fa7ca9523e6fa596b51b96f10f2fea75b106b9e9a618409e4204baf579dee8b0c4d337fbd868b8cfd5f1ccfb9f9e0247c53ec7a379b616417c297a92335dc3307a2fd4b4d35ff9d57601583579dcca77d21846dc8606c7183004f52e7ffb971508aa3ce783219ca243466a3e83fd247598fa592f768c8cd04c6efe4a5c782b8d134b3307aff0ce20186900ecbdb7614fb8296a15f54c046aefa030b6b5b179115cbe0edec6c8e9fa10fb7f5cc1632432c95a4a3ef23b3129eaf66435ec360e854deae42315d98093b85741fbf9b1c78c78b1160047412c99d9ebb2d6c3d5dd5474980f50dee7e743e355e261c88fb2649f513d2f85ca4188e50625af749b719d3156dfc47629910b810ce7d459f5b73deaeca4e705be9f2f8db83b7c48f767b4d30f6c8733f213712fd851aeb83bcb4694fa6eb9c50cbdafda86b83f8d51bf5087c82333a663961382a703a6a70969d2967b6748a929cf5810aaecca24928213c7315ef1cb0a833893c6b207a887f8863e2d667f0b2ee970f336c71a3c89b9d85235c8af6a7c87a431bd0d3ef9e9ce0843135f07a6243e1a678bbe730d5bda33b85c6044fae5943998bcb3a4d8141c5c61e627234dc5fc6a3ac5d9b48e44e3675614417e133539ed9a3cf9dd60ad6f7933bd8059413a32de428051bee69d7942fe5303f58608108c4255368f4f2fc60d0adc0d218296deb103b34662023c06ea5096f35e2c48e43a97d44ecaa881176785b7dddb337e1aa54cf8d5f30da6b86cc5668986db754454867e5dd6e0bb48509e153a4bf2ca863f7655c500b8b1b07be133e77335dc0711de49e44f506dce814119b51f7631dcc68552544d2596aa645f4fdda5a85eb07463b7abfbea1f08331a812b051a1b98c54d4ecc2be69148bd6966194ed7b3eebf62b02256a83ec17f0719e9426580cdf3ddac4f408cbd1a382827c832679ff9b41bcfb1284fd7d3bc5bff28e65bb1fdd43e8ddb33906f292506aeddba44ea683fa094f46da1a2ca8c51af33b7faa005764c887746459c3a72b476b5305a0f5a5b37437d1f7657ed217c586909419a63002c731bec40c84112bb09aac3ea6c80efac831007d5266ec0349ad5e5896d62cf210c0a2af0a716555279eae3b4c401d30c9ee4dfb4d533212ddb76c0d7f80f2e40495511acce0fcce8ad660", 0x1000}], 0x1, &(0x7f0000000280)=[@mark={{0x14, 0x1, 0x24, 0xfff}}, @timestamping={{0x14, 0x1, 0x25, 0x10000}}, @mark={{0x14, 0x1, 0x24, 0xfff}}, @mark={{0x14, 0x1, 0x24, 0xffffff8e}}], 0x60}}], 0x1, 0x41)

[ 1559.657925] FAULT_INJECTION: forcing a failure.
[ 1559.657925] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.659362] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1559.659368] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1559.659374] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1559.659379] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b
[ 1559.659384] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1559.707513] FAULT_INJECTION: forcing a failure.
[ 1559.707513] name failslab, interval 1, probability 0, space 0, times 0
[ 1559.731536] CPU: 1 PID: 28983 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1559.739443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1559.748791] Call Trace:
[ 1559.751368]  dump_stack+0x1b2/0x281
[ 1559.754980]  should_fail.cold+0x10a/0x149
[ 1559.759109]  should_failslab+0xd6/0x130
[ 1559.763068]  __kmalloc+0x2c1/0x400
[ 1559.766587]  ? match_strdup+0x58/0xa0
[ 1559.770385]  match_strdup+0x58/0xa0
[ 1559.773996]  p9_client_create+0x3ba/0x12c0
[ 1559.778215]  ? p9_client_flush+0x4c0/0x4c0
[ 1559.782434]  ? __lockdep_init_map+0x100/0x560
[ 1559.786920]  ? __raw_spin_lock_init+0x28/0x100
[ 1559.791488]  v9fs_session_init+0x1c5/0x1540
[ 1559.795804]  ? pcpu_alloc+0xbe0/0xf50
[ 1559.799613]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1559.804450]  ? v9fs_show_options+0x6b0/0x6b0
[ 1559.808841]  ? v9fs_mount+0x54/0x860
[ 1559.812537]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1559.817970]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.822966]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1559.827790]  v9fs_mount+0x73/0x860
[ 1559.831309]  ? alloc_pages_current+0x15d/0x260
[ 1559.835868]  ? __lockdep_init_map+0x100/0x560
[ 1559.840341]  mount_fs+0x92/0x2a0
[ 1559.843696]  vfs_kern_mount.part.0+0x5b/0x470
[ 1559.848178]  do_mount+0xe53/0x2a00
[ 1559.851698]  ? do_raw_spin_unlock+0x164/0x220
[ 1559.856172]  ? copy_mount_string+0x40/0x40
[ 1559.860385]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1559.865384]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.869252]  ? copy_mount_options+0x1fa/0x2f0
[ 1559.873813]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.877682]  SyS_mount+0xa8/0x120
[ 1559.881117]  ? copy_mnt_ns+0xa30/0xa30
[ 1559.884983]  do_syscall_64+0x1d5/0x640
[ 1559.888852]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1559.894021] RIP: 0033:0x45e219
[ 1559.897197] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1559.904881] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1559.912130] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1559.919393] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1559.926641] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c
[ 1559.933894] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1559.941159] CPU: 0 PID: 28959 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1559.949044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1559.958392] Call Trace:
[ 1559.960978]  dump_stack+0x1b2/0x281
[ 1559.964611]  should_fail.cold+0x10a/0x149
[ 1559.968762]  should_failslab+0xd6/0x130
[ 1559.972732]  __kmalloc+0x2c1/0x400
[ 1559.976268]  ? match_strdup+0x58/0xa0
[ 1559.980065]  match_strdup+0x58/0xa0
[ 1559.983693]  p9_client_create+0x3ba/0x12c0
[ 1559.987930]  ? p9_client_flush+0x4c0/0x4c0
[ 1559.992170]  ? __lockdep_init_map+0x100/0x560
[ 1559.996656]  ? __raw_spin_lock_init+0x28/0x100
[ 1560.001218]  v9fs_session_init+0x1c5/0x1540
[ 1560.005570]  ? pcpu_alloc+0xbe0/0xf50
[ 1560.009351]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1560.014173]  ? v9fs_show_options+0x6b0/0x6b0
[ 1560.018561]  ? v9fs_mount+0x54/0x860
[ 1560.022259]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1560.027821]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.032817]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1560.037644]  v9fs_mount+0x73/0x860
[ 1560.041163]  ? alloc_pages_current+0x15d/0x260
[ 1560.045724]  ? __lockdep_init_map+0x100/0x560
[ 1560.050250]  mount_fs+0x92/0x2a0
[ 1560.053600]  vfs_kern_mount.part.0+0x5b/0x470
[ 1560.058085]  do_mount+0xe53/0x2a00
[ 1560.061619]  ? copy_mount_string+0x40/0x40
[ 1560.065833]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.070825]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.074700]  ? copy_mount_options+0x1fa/0x2f0
[ 1560.079187]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.083078]  SyS_mount+0xa8/0x120
[ 1560.086514]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.090383]  do_syscall_64+0x1d5/0x640
[ 1560.094278]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1560.099446] RIP: 0033:0x45e219
[ 1560.102613] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:25 executing program 1 (fault-call:1 fault-nth:13):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f0000000040)={0xffffffff, 0x7, 0x7, 0x81}, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x20000, 0x40)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000))

05:55:25 executing program 0 (fault-call:1 fault-nth:13):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:25 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x9, 0x101000)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:25 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x80, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f00000000c0)={0x5})

05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x300, 0x28a01)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1560.110301] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1560.117547] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1560.124793] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1560.132039] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c
[ 1560.139294] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1560.178466] FAULT_INJECTION: forcing a failure.
[ 1560.178466] name failslab, interval 1, probability 0, space 0, times 0
[ 1560.198533] CPU: 0 PID: 29001 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1560.206449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1560.215802] Call Trace:
[ 1560.218397]  dump_stack+0x1b2/0x281
[ 1560.222035]  should_fail.cold+0x10a/0x149
[ 1560.226193]  should_failslab+0xd6/0x130
[ 1560.230178]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1560.234854]  p9_idpool_create+0x3c/0x120
[ 1560.238918]  p9_client_create+0x57a/0x12c0
[ 1560.243158]  ? p9_client_flush+0x4c0/0x4c0
[ 1560.247396]  ? __lockdep_init_map+0x100/0x560
[ 1560.251893]  ? __raw_spin_lock_init+0x28/0x100
[ 1560.256475]  v9fs_session_init+0x1c5/0x1540
[ 1560.256674] FAULT_INJECTION: forcing a failure.
[ 1560.256674] name failslab, interval 1, probability 0, space 0, times 0
[ 1560.260784]  ? pcpu_alloc+0xbe0/0xf50
[ 1560.260801]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1560.260813]  ? v9fs_show_options+0x6b0/0x6b0
[ 1560.260829]  ? v9fs_mount+0x54/0x860
[ 1560.288786]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1560.294238]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.299252]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1560.304108]  v9fs_mount+0x73/0x860
[ 1560.307652]  ? alloc_pages_current+0x15d/0x260
[ 1560.312240]  ? __lockdep_init_map+0x100/0x560
[ 1560.316730]  mount_fs+0x92/0x2a0
[ 1560.320112]  vfs_kern_mount.part.0+0x5b/0x470
[ 1560.324635]  do_mount+0xe53/0x2a00
[ 1560.328168]  ? copy_mount_string+0x40/0x40
[ 1560.332394]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.337406]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.341289]  ? copy_mount_options+0x1fa/0x2f0
[ 1560.345776]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.349648]  SyS_mount+0xa8/0x120
[ 1560.353087]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.356961]  do_syscall_64+0x1d5/0x640
[ 1560.360849]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1560.366034] RIP: 0033:0x45e219
[ 1560.369220] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x9, 0x20000)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:25 executing program 5:
syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0)
syz_open_dev$binderN(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x400000)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:25 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[{}, {}], 0x3, 0x0, [], 0x4, 0x2})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x100000000, 0x40001)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f00000002c0)={0xab, &(0x7f0000000200)=""/171})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000140)={0x5, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000080)={&(0x7f0000000000)=[0x3], &(0x7f0000000040)=[0x0, 0x0], 0x1, 0x10000, 0xeeeeeeee})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r2, 0xc0206416, &(0x7f00000001c0)={0x5, 0x6, 0x1, 0x3ff, 0x4, 0x3})
r3 = syz_open_dev$mouse(&(0x7f0000000300)='/dev/input/mouse#\x00', 0x5, 0x8100)
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000340)={0x1, 0x80000000, 0x9, 0x5, 0x81, 0xffff, 0x1004})

05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, <r1=>0x0, 0x0, 0x0], 0x4})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f00000001c0)={&(0x7f0000000140)=[0x2], 0x1, 0x9e05, 0x2, 0x5, 0xe0, 0x1, 0x8000, {0x4, 0xffff, 0x3, 0x81, 0xf302, 0x5, 0x5b, 0x3, 0xfff, 0x7f, 0x4, 0xff, 0x1, 0x1f, "8d15be25163213864e42050e067da6cf271c33ce2586407190e41e9b675c4842"}})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000240))
ioctl$DRM_IOCTL_MODE_SETPLANE(r3, 0xc03064b7, &(0x7f0000000080)={r1, 0x1000, 0x2, 0x200, 0x400, 0x5, 0x7, 0x1, 0x1, 0x101, 0x81, 0xcf})
ioctl$DRM_IOCTL_AUTH_MAGIC(0xffffffffffffffff, 0x40046411, &(0x7f0000000340)=0x3)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000380)={0x2, <r4=>0x0, 0x1})
ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f00000003c0)={0x80000000, r4})
r5 = syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0x3, 0x400040)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f00000002c0)={0x2, <r6=>0x0, 0x10000})
ioctl$DRM_IOCTL_AGP_FREE(r5, 0x40206435, &(0x7f0000000300)={0x0, r6})

[ 1560.376938] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1560.384204] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1560.391458] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1560.398708] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d
[ 1560.405957] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1560.413227] CPU: 1 PID: 29015 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1560.421104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1560.430455] Call Trace:
[ 1560.433042]  dump_stack+0x1b2/0x281
[ 1560.436674]  should_fail.cold+0x10a/0x149
[ 1560.440825]  should_failslab+0xd6/0x130
[ 1560.444802]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1560.449473]  p9_idpool_create+0x3c/0x120
[ 1560.453538]  p9_client_create+0x57a/0x12c0
[ 1560.457773]  ? p9_client_flush+0x4c0/0x4c0
[ 1560.462022]  ? __lockdep_init_map+0x100/0x560
[ 1560.466510]  ? __raw_spin_lock_init+0x28/0x100
[ 1560.471073]  v9fs_session_init+0x1c5/0x1540
[ 1560.475387]  ? pcpu_alloc+0xbe0/0xf50
[ 1560.479170]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1560.483992]  ? v9fs_show_options+0x6b0/0x6b0
[ 1560.488389]  ? v9fs_mount+0x54/0x860
[ 1560.492081]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1560.497512]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.502512]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1560.507336]  v9fs_mount+0x73/0x860
[ 1560.510856]  ? alloc_pages_current+0x15d/0x260
[ 1560.515457]  ? __lockdep_init_map+0x100/0x560
[ 1560.519946]  mount_fs+0x92/0x2a0
[ 1560.523297]  vfs_kern_mount.part.0+0x5b/0x470
[ 1560.527770]  do_mount+0xe53/0x2a00
[ 1560.531342]  ? copy_mount_string+0x40/0x40
[ 1560.535562]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.540558]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.544432]  ? copy_mount_options+0x1fa/0x2f0
[ 1560.548906]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.552771]  SyS_mount+0xa8/0x120
[ 1560.556200]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.560089]  do_syscall_64+0x1d5/0x640
[ 1560.563974]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1560.569140] RIP: 0033:0x45e219
[ 1560.572307] RSP: 002b:00007fe17402fc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:25 executing program 1 (fault-call:1 fault-nth:14):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000040)={'sit0\x00', <r2=>0x0, 0x2f, 0x79, 0x0, 0x2, 0x22, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @remote, 0x80, 0x7800, 0x5, 0x10001}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r3=>0x0})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000140)={'wlan1\x00'})
sendmsg$ETHTOOL_MSG_EEE_SET(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x29000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x8c, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}, @ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}, @ETHTOOL_A_EEE_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4004}, 0x40889)

05:55:25 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000040)={0x6, 0xfffffffa})

05:55:25 executing program 0 (fault-call:1 fault-nth:14):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1560.579992] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045e219
[ 1560.587250] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1560.594501] RBP: 00007fe17402fca0 R08: 0000000020000240 R09: 0000000000000000
[ 1560.601760] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d
[ 1560.609005] R13: 00007ffc77158c9f R14: 00007fe1740309c0 R15: 000000000119c034
05:55:25 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
getsockname(r0, &(0x7f0000000180)=@nl, &(0x7f0000000200)=0x80)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={0x0, 0x1})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000080)={0x0, <r3=>0x0})
ioctl$DRM_IOCTL_GEM_CLOSE(r2, 0x40086409, &(0x7f00000000c0)={r3})
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000040))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r4, 0x28, 0x2, &(0x7f0000000140), 0x8)

05:55:25 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x2, 0x7f, 0xaa3})

05:55:25 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x404040)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000040)=""/4096)
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000001080)={0x5, 0x8, 0xbec, 0x5, 0x0, 0x6, 0xfffffff7})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
setsockopt$inet_dccp_buf(r1, 0x21, 0xc, &(0x7f0000001040)="027bbeae8aa76d1e", 0x8)

05:55:25 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x200000, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000040)={0x3f})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000000)={0x0, 0x4})

[ 1560.694631] FAULT_INJECTION: forcing a failure.
[ 1560.694631] name failslab, interval 1, probability 0, space 0, times 0
[ 1560.712651] FAULT_INJECTION: forcing a failure.
[ 1560.712651] name failslab, interval 1, probability 0, space 0, times 0
[ 1560.724576] CPU: 0 PID: 29039 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1560.732477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1560.741829] Call Trace:
[ 1560.744427]  dump_stack+0x1b2/0x281
[ 1560.748056]  should_fail.cold+0x10a/0x149
[ 1560.752214]  should_failslab+0xd6/0x130
[ 1560.756222]  __kmalloc_track_caller+0x2bc/0x400
[ 1560.760897]  ? parse_opts.part.0+0x76/0x2d0
[ 1560.765220]  kstrdup+0x36/0x70
[ 1560.768414]  parse_opts.part.0+0x76/0x2d0
[ 1560.772567]  ? p9_fd_show_options+0x190/0x190
[ 1560.777069]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[ 1560.782169]  ? fs_reclaim_release+0xd0/0x110
[ 1560.786583]  p9_fd_create+0x86/0x3b0
[ 1560.790296]  ? p9_fd_create_tcp+0x440/0x440
05:55:25 executing program 3:
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x7f00000000, 0x1, 0x2})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_ADDFB(r1, 0xc01c64ae, &(0x7f0000000080)={0x6, 0x1f, 0xe7, 0x7fff, 0x20, 0x8, 0x89})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r0})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{}, {<r1=>0x0}]})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0), 0x0, 0x40000, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r2, 0x4010641c, &(0x7f0000000000)={r1, 0x0})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000240)={&(0x7f00000000c0)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x3, 0x2, 0x4, 0x0, 0x7})

05:55:25 executing program 2:
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000000c0))
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000080)={0x67, &(0x7f0000000000)="9f2fd241b625e62ac9bde723676156e5b98fd7d15e469acf1fab3f4a223b7233f2250f8bed9d5d8221e98c5456ffd0cad7fc51cf4193a6db331ea458851d191ebcc5dd8d3eff191567be9f4a77baa0bb98e0376182e3ff45f7a9d23d5dd7171fdb6d932f533c1c"})

05:55:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x1a1e40)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000040)={0x2})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1560.794621]  ? __raw_spin_lock_init+0x28/0x100
[ 1560.799204]  p9_client_create+0x5fd/0x12c0
[ 1560.803449]  ? p9_client_flush+0x4c0/0x4c0
[ 1560.807685]  ? __lockdep_init_map+0x100/0x560
[ 1560.812182]  ? __raw_spin_lock_init+0x28/0x100
[ 1560.816768]  v9fs_session_init+0x1c5/0x1540
[ 1560.821087]  ? pcpu_alloc+0xbe0/0xf50
[ 1560.824889]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1560.829729]  ? v9fs_show_options+0x6b0/0x6b0
[ 1560.834144]  ? v9fs_mount+0x54/0x860
[ 1560.837843]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1560.843275]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.848271]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1560.853098]  v9fs_mount+0x73/0x860
[ 1560.856618]  ? alloc_pages_current+0x15d/0x260
[ 1560.861180]  ? __lockdep_init_map+0x100/0x560
[ 1560.865660]  mount_fs+0x92/0x2a0
[ 1560.869016]  vfs_kern_mount.part.0+0x5b/0x470
[ 1560.873493]  do_mount+0xe53/0x2a00
[ 1560.877023]  ? copy_mount_string+0x40/0x40
[ 1560.881240]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1560.886236]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.890118]  ? copy_mount_options+0x1fa/0x2f0
[ 1560.894589]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.898461]  SyS_mount+0xa8/0x120
[ 1560.901893]  ? copy_mnt_ns+0xa30/0xa30
[ 1560.905760]  do_syscall_64+0x1d5/0x640
[ 1560.909631]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1560.914799] RIP: 0033:0x45e219
[ 1560.917967] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1560.925653] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1560.932900] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1560.940238] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1560.947488] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e
[ 1560.954735] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1560.961998] CPU: 1 PID: 29041 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1560.969879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1560.973547] 9pnet: Insufficient options for proto=fd
[ 1560.979223] Call Trace:
[ 1560.979240]  dump_stack+0x1b2/0x281
[ 1560.979252]  should_fail.cold+0x10a/0x149
[ 1560.994655]  should_failslab+0xd6/0x130
[ 1560.998637]  __kmalloc_track_caller+0x2bc/0x400
[ 1561.003309]  ? parse_opts.part.0+0x76/0x2d0
[ 1561.007742]  kstrdup+0x36/0x70
[ 1561.010937]  parse_opts.part.0+0x76/0x2d0
[ 1561.015085]  ? p9_fd_show_options+0x190/0x190
[ 1561.019571]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[ 1561.024651]  ? fs_reclaim_release+0xd0/0x110
[ 1561.029058]  p9_fd_create+0x86/0x3b0
[ 1561.032752]  ? p9_fd_create_tcp+0x440/0x440
[ 1561.037048]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.041604]  p9_client_create+0x5fd/0x12c0
[ 1561.045816]  ? p9_client_flush+0x4c0/0x4c0
[ 1561.050130]  ? __lockdep_init_map+0x100/0x560
[ 1561.054603]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.059164]  v9fs_session_init+0x1c5/0x1540
[ 1561.063462]  ? pcpu_alloc+0xbe0/0xf50
[ 1561.067241]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1561.072060]  ? v9fs_show_options+0x6b0/0x6b0
[ 1561.076446]  ? v9fs_mount+0x54/0x860
[ 1561.080137]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1561.085577]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1561.090573]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1561.095394]  v9fs_mount+0x73/0x860
[ 1561.098910]  ? alloc_pages_current+0x15d/0x260
[ 1561.103466]  ? __lockdep_init_map+0x100/0x560
[ 1561.107937]  mount_fs+0x92/0x2a0
[ 1561.111280]  vfs_kern_mount.part.0+0x5b/0x470
[ 1561.115753]  do_mount+0xe53/0x2a00
[ 1561.119271]  ? copy_mount_string+0x40/0x40
[ 1561.123494]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1561.128495]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.132357]  ? copy_mount_options+0x1fa/0x2f0
[ 1561.136831]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.140710]  SyS_mount+0xa8/0x120
[ 1561.144225]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.148091]  do_syscall_64+0x1d5/0x640
[ 1561.151959]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1561.157126] RIP: 0033:0x45e219
[ 1561.160297] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1561.167982] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1561.175227] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1561.182481] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
05:55:26 executing program 1 (fault-call:1 fault-nth:15):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:26 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:26 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x8, 0x381000)
ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000040)={0x6, 0x6d})

05:55:26 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000040))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:26 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, <r1=>0x0, 0x0], 0x5})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000140)={r1, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0]})

05:55:26 executing program 0 (fault-call:1 fault-nth:15):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1561.189730] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e
[ 1561.197015] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1561.209678] 9pnet: Insufficient options for proto=fd
05:55:26 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xe5, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:26 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x5, 0x0, [], 0x5, 0x8})
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$netlink(r2, &(0x7f0000000140), &(0x7f0000000180)=0xc)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:26 executing program 4:
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1561.260836] FAULT_INJECTION: forcing a failure.
[ 1561.260836] name failslab, interval 1, probability 0, space 0, times 0
[ 1561.276867] FAULT_INJECTION: forcing a failure.
[ 1561.276867] name failslab, interval 1, probability 0, space 0, times 0
05:55:26 executing program 3:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="60000000f04f70ada7e8210010002cbd7000fedbdf250a2014090000000b010c000014000100ff010000002700000008000000000001140001e6fb01000000000000000000000000003d7336217017298c00000000000000000000000001050016002f00000021"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x8001)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
sendmsg$NLBL_UNLABEL_C_LIST(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)={0x80, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @local}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_ACPTFLG={0x5}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:getty_var_run_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0xa014)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r3, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000580)={&(0x7f0000000540)=[0xfffffffd, 0x2, 0x3, 0x100], 0x4, 0x0, 0x0, <r4=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x10, 0x8, &(0x7f0000000300)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x1}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x51}, @generic={0x4, 0x5, 0x1, 0x25, 0x7}, @generic={0x50, 0xf, 0x8, 0x9, 0xfffffe00}, @exit], &(0x7f0000000340)='GPL\x00', 0x80000000, 0xdf, &(0x7f0000000440)=""/223, 0x40f00, 0x6, [], r3, 0xc, r1, 0x8, &(0x7f0000000380)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x3, 0x7ff, 0x6}, 0x10, 0x0, r4}, 0x78)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:26 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000080)={&(0x7f0000000040)=[0x1, 0x1], 0x2, 0x0, 0x7d3, 0x0, 0x8, 0x4, 0x7, {0x1, 0x200, 0x254, 0x4, 0x9, 0xff61, 0xc, 0x6, 0x8, 0xfff, 0xfff, 0x2, 0x20, 0x5, "7c84c64d96c4a7836df242226819611ab9003a1ab11a106e17ca9ca4372f1b23"}})

[ 1561.304114] CPU: 0 PID: 29070 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1561.312036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1561.321389] Call Trace:
[ 1561.323987]  dump_stack+0x1b2/0x281
[ 1561.327619]  should_fail.cold+0x10a/0x149
[ 1561.331773]  should_failslab+0xd6/0x130
[ 1561.335754]  __kmalloc+0x2c1/0x400
[ 1561.339293]  ? match_number+0x9d/0x200
[ 1561.343184]  match_number+0x9d/0x200
[ 1561.346897]  ? match_strdup+0xa0/0xa0
[ 1561.350692]  ? memcpy+0x35/0x50
[ 1561.353981]  parse_opts.part.0+0x1b5/0x2d0
05:55:26 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000080)={0x5})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x3, 0x8eb3, 0x8, 0x8], 0x4, 0x800, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000280)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], 0x4})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000340)='/dev/zero\x00', 0x8800, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f00000003c0)={&(0x7f0000000380)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000240)={0x5, 0x9, &(0x7f0000000180)=[0x9, 0x8, 0xc0, 0x0, 0x0, 0x44, 0x7f, 0x401, 0x101], &(0x7f00000001c0)=[0x3ff, 0x69df, 0x0, 0x3, 0x5], &(0x7f0000000200)=[0x3f, 0x9, 0x5d3, 0x3]})

[ 1561.358217]  ? p9_fd_show_options+0x190/0x190
[ 1561.362714]  ? fs_reclaim_release+0xd0/0x110
[ 1561.367139]  p9_fd_create+0x86/0x3b0
[ 1561.370854]  ? p9_fd_create_tcp+0x440/0x440
[ 1561.375176]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.379765]  p9_client_create+0x5fd/0x12c0
[ 1561.384009]  ? p9_client_flush+0x4c0/0x4c0
[ 1561.388247]  ? __lockdep_init_map+0x100/0x560
[ 1561.392744]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.397330]  v9fs_session_init+0x1c5/0x1540
[ 1561.401649]  ? pcpu_alloc+0xbe0/0xf50
[ 1561.405453]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1561.410294]  ? v9fs_show_options+0x6b0/0x6b0
[ 1561.414695]  ? v9fs_mount+0x54/0x860
[ 1561.418395]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1561.423830]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1561.428828]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1561.433652]  v9fs_mount+0x73/0x860
[ 1561.437179]  ? alloc_pages_current+0x15d/0x260
[ 1561.441929]  ? __lockdep_init_map+0x100/0x560
[ 1561.446405]  mount_fs+0x92/0x2a0
[ 1561.449757]  vfs_kern_mount.part.0+0x5b/0x470
[ 1561.454232]  do_mount+0xe53/0x2a00
[ 1561.457766]  ? copy_mount_string+0x40/0x40
[ 1561.461982]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1561.466977]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.470846]  ? copy_mount_options+0x1fa/0x2f0
[ 1561.475324]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.479194]  SyS_mount+0xa8/0x120
[ 1561.482628]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.486499]  do_syscall_64+0x1d5/0x640
[ 1561.490382]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1561.495561] RIP: 0033:0x45e219
[ 1561.498735] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1561.506423] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1561.513673] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1561.520922] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1561.528170] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f
[ 1561.535420] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1561.542686] CPU: 1 PID: 29074 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1561.550584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1561.553993] 9pnet: Insufficient options for proto=fd
[ 1561.559930] Call Trace:
[ 1561.559947]  dump_stack+0x1b2/0x281
[ 1561.559965]  should_fail.cold+0x10a/0x149
[ 1561.575366]  should_failslab+0xd6/0x130
[ 1561.579343]  __kmalloc+0x2c1/0x400
[ 1561.582882]  ? match_number+0x9d/0x200
[ 1561.586768]  match_number+0x9d/0x200
[ 1561.590492]  ? match_strdup+0xa0/0xa0
[ 1561.594288]  ? memcpy+0x35/0x50
[ 1561.597569]  parse_opts.part.0+0x1b5/0x2d0
[ 1561.601786]  ? p9_fd_show_options+0x190/0x190
[ 1561.606266]  ? fs_reclaim_release+0xd0/0x110
[ 1561.610665]  p9_fd_create+0x86/0x3b0
[ 1561.614358]  ? p9_fd_create_tcp+0x440/0x440
[ 1561.618659]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.623232]  p9_client_create+0x5fd/0x12c0
[ 1561.627463]  ? p9_client_flush+0x4c0/0x4c0
[ 1561.631686]  ? __lockdep_init_map+0x100/0x560
[ 1561.636168]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.640734]  v9fs_session_init+0x1c5/0x1540
[ 1561.645045]  ? pcpu_alloc+0xbe0/0xf50
[ 1561.648833]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1561.653692]  ? v9fs_show_options+0x6b0/0x6b0
[ 1561.658079]  ? v9fs_mount+0x54/0x860
[ 1561.661771]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1561.667202]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1561.672196]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1561.677019]  v9fs_mount+0x73/0x860
[ 1561.680538]  ? alloc_pages_current+0x15d/0x260
[ 1561.685117]  ? __lockdep_init_map+0x100/0x560
[ 1561.689601]  mount_fs+0x92/0x2a0
[ 1561.692953]  vfs_kern_mount.part.0+0x5b/0x470
[ 1561.697448]  do_mount+0xe53/0x2a00
[ 1561.700968]  ? do_raw_spin_unlock+0x164/0x220
[ 1561.705455]  ? copy_mount_string+0x40/0x40
[ 1561.709677]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1561.714682]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.718548]  ? copy_mount_options+0x1fa/0x2f0
[ 1561.723036]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.726913]  SyS_mount+0xa8/0x120
[ 1561.730346]  ? copy_mnt_ns+0xa30/0xa30
[ 1561.734213]  do_syscall_64+0x1d5/0x640
[ 1561.738084]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1561.743258] RIP: 0033:0x45e219
[ 1561.746431] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1561.754134] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
05:55:26 executing program 1 (fault-call:1 fault-nth:16):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:26 executing program 2:
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r0=>0xffffffffffffffff})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{}, {}, {}, {}]})

05:55:26 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/78)

05:55:26 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000240)={0x4, 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0]})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f00000003c0)={&(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, <r3=>0x0, 0x0], 0x6})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000440)={r3, 0x7f, 0x2, 0x7, 0x0, 0x4, 0x3, 0x10000, 0x2, 0xfffffff7, 0x8, 0x6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r4 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x3f, 0x808143)
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f00000001c0))
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f0000000080)=""/216)
sendmsg$RDMA_NLDEV_CMD_SET(r4, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="340000000214000826bd7000fcdbfaabe47d4400", @ANYRES32=r1, @ANYBLOB="0900020073797a310000000008000100010000000800010001000000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x4084)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
bind$netlink(r5, &(0x7f0000000480)={0x10, 0x0, 0x25dfdbff, 0x10}, 0xc)

05:55:26 executing program 0 (fault-call:1 fault-nth:16):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1561.761381] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1561.768633] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1561.775886] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f
[ 1561.783147] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1561.803244] 9pnet: Insufficient options for proto=fd
05:55:26 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x2, 0x49d542)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={0x0, 0xa})
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000040)={0x2, <r2=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000000c0)={0x0, r2})

05:55:27 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_NEW_CTX(0xffffffffffffffff, 0x40086425, &(0x7f0000000080)={0x0, 0x2})

05:55:27 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000040)={&(0x7f0000000000)=[0x3, 0x5, 0xffff, 0x2, 0xfffffffe, 0x5], 0x6, 0x7, 0x2, 0x1b0c, 0x7137, 0x0, 0x5, {0x6, 0x7, 0x1, 0x2, 0xff, 0x6f3, 0x1f, 0x98, 0x7945, 0x4, 0x7, 0x0, 0x0, 0x4, "ee33a9ea506d771a2d903d698a6113b8349434eedd763a162369d477df6abd71"}})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1561.862147] FAULT_INJECTION: forcing a failure.
[ 1561.862147] name failslab, interval 1, probability 0, space 0, times 0
[ 1561.877844] FAULT_INJECTION: forcing a failure.
[ 1561.877844] name failslab, interval 1, probability 0, space 0, times 0
[ 1561.883799] CPU: 0 PID: 29103 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1561.896927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1561.906278] Call Trace:
[ 1561.908859]  dump_stack+0x1b2/0x281
[ 1561.912478]  should_fail.cold+0x10a/0x149
[ 1561.916609]  should_failslab+0xd6/0x130
[ 1561.920570]  __kmalloc+0x2c1/0x400
[ 1561.924089]  ? match_number+0x9d/0x200
[ 1561.927955]  match_number+0x9d/0x200
[ 1561.931648]  ? match_strdup+0xa0/0xa0
[ 1561.935426]  ? memcpy+0x35/0x50
[ 1561.938691]  parse_opts.part.0+0x1b5/0x2d0
[ 1561.942906]  ? p9_fd_show_options+0x190/0x190
[ 1561.947379]  ? fs_reclaim_release+0xd0/0x110
[ 1561.951772]  p9_fd_create+0x86/0x3b0
[ 1561.955470]  ? p9_fd_create_tcp+0x440/0x440
[ 1561.959773]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.964336]  p9_client_create+0x5fd/0x12c0
[ 1561.968555]  ? p9_client_flush+0x4c0/0x4c0
[ 1561.972771]  ? __lockdep_init_map+0x100/0x560
[ 1561.977249]  ? __raw_spin_lock_init+0x28/0x100
[ 1561.981815]  v9fs_session_init+0x1c5/0x1540
[ 1561.986118]  ? pcpu_alloc+0xbe0/0xf50
[ 1561.989900]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1561.994724]  ? v9fs_show_options+0x6b0/0x6b0
[ 1561.999113]  ? v9fs_mount+0x54/0x860
[ 1562.002807]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1562.008246]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1562.013255]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1562.018092]  v9fs_mount+0x73/0x860
[ 1562.021621]  ? alloc_pages_current+0x15d/0x260
[ 1562.026206]  ? __lockdep_init_map+0x100/0x560
[ 1562.030695]  mount_fs+0x92/0x2a0
[ 1562.034051]  vfs_kern_mount.part.0+0x5b/0x470
[ 1562.038531]  do_mount+0xe53/0x2a00
[ 1562.042141]  ? copy_mount_string+0x40/0x40
[ 1562.046356]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1562.051438]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.055320]  ? copy_mount_options+0x1fa/0x2f0
[ 1562.059799]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.063674]  SyS_mount+0xa8/0x120
[ 1562.067105]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.070976]  do_syscall_64+0x1d5/0x640
[ 1562.074850]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1562.080023] RIP: 0033:0x45e219
[ 1562.083192] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1562.090876] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1562.098124] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1562.105373] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1562.112620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010
[ 1562.119871] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1562.127133] CPU: 1 PID: 29101 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1562.135021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1562.144370] Call Trace:
[ 1562.146961]  dump_stack+0x1b2/0x281
[ 1562.150599]  should_fail.cold+0x10a/0x149
[ 1562.154749]  should_failslab+0xd6/0x130
[ 1562.158824]  __kmalloc+0x2c1/0x400
[ 1562.162382]  ? match_number+0x9d/0x200
[ 1562.166276]  match_number+0x9d/0x200
[ 1562.169984]  ? match_strdup+0xa0/0xa0
[ 1562.171014] 9pnet: Insufficient options for proto=fd
[ 1562.173779]  ? memcpy+0x35/0x50
[ 1562.173796]  parse_opts.part.0+0x1b5/0x2d0
[ 1562.173809]  ? p9_fd_show_options+0x190/0x190
[ 1562.173819]  ? fs_reclaim_release+0xd0/0x110
[ 1562.173835]  p9_fd_create+0x86/0x3b0
[ 1562.173843]  ? p9_fd_create_tcp+0x440/0x440
[ 1562.173856]  ? __raw_spin_lock_init+0x28/0x100
[ 1562.173868]  p9_client_create+0x5fd/0x12c0
[ 1562.173882]  ? p9_client_flush+0x4c0/0x4c0
[ 1562.173894]  ? __lockdep_init_map+0x100/0x560
[ 1562.173903]  ? __raw_spin_lock_init+0x28/0x100
[ 1562.173916]  v9fs_session_init+0x1c5/0x1540
[ 1562.229757]  ? pcpu_alloc+0xbe0/0xf50
[ 1562.233573]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1562.238419]  ? v9fs_show_options+0x6b0/0x6b0
[ 1562.242842]  ? v9fs_mount+0x54/0x860
[ 1562.246558]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1562.252015]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1562.252295] FAULT_INJECTION: forcing a failure.
[ 1562.252295] name failslab, interval 1, probability 0, space 0, times 0
[ 1562.257040]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1562.257055]  v9fs_mount+0x73/0x860
[ 1562.257063]  ? alloc_pages_current+0x15d/0x260
[ 1562.257078]  ? __lockdep_init_map+0x100/0x560
[ 1562.285644]  mount_fs+0x92/0x2a0
[ 1562.288997]  vfs_kern_mount.part.0+0x5b/0x470
[ 1562.293486]  do_mount+0xe53/0x2a00
[ 1562.297020]  ? copy_mount_string+0x40/0x40
[ 1562.301237]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1562.306235]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.310103]  ? copy_mount_options+0x1fa/0x2f0
[ 1562.314582]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.318461]  SyS_mount+0xa8/0x120
[ 1562.321897]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.325771]  do_syscall_64+0x1d5/0x640
[ 1562.329652]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1562.334826] RIP: 0033:0x45e219
[ 1562.338005] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1562.345694] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1562.353006] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
05:55:27 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x2, 0x40082, 0xaa4})

05:55:27 executing program 0 (fault-call:1 fault-nth:17):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1562.360259] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1562.367510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010
[ 1562.374765] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1562.382039] CPU: 0 PID: 29117 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1562.389928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1562.399276] Call Trace:
[ 1562.401713] 9pnet: Insufficient options for proto=fd
[ 1562.401861]  dump_stack+0x1b2/0x281
[ 1562.410592]  should_fail.cold+0x10a/0x149
05:55:27 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000000)=""/67)

05:55:27 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x0, 0x1000006})

[ 1562.414742]  should_failslab+0xd6/0x130
[ 1562.418723]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1562.423397]  p9_fd_create+0x135/0x3b0
[ 1562.427203]  ? p9_fd_create_tcp+0x440/0x440
[ 1562.431528]  ? __raw_spin_lock_init+0x28/0x100
[ 1562.436112]  p9_client_create+0x5fd/0x12c0
[ 1562.440349]  ? p9_client_flush+0x4c0/0x4c0
[ 1562.444584]  ? __lockdep_init_map+0x100/0x560
[ 1562.449078]  ? __raw_spin_lock_init+0x28/0x100
[ 1562.453661]  v9fs_session_init+0x1c5/0x1540
[ 1562.457983]  ? pcpu_alloc+0xbe0/0xf50
[ 1562.461787]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1562.466628]  ? v9fs_show_options+0x6b0/0x6b0
[ 1562.471039]  ? v9fs_mount+0x54/0x860
[ 1562.474770]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1562.480220]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1562.485233]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1562.490073]  v9fs_mount+0x73/0x860
[ 1562.493615]  ? alloc_pages_current+0x15d/0x260
[ 1562.498195]  ? __lockdep_init_map+0x100/0x560
[ 1562.502685]  mount_fs+0x92/0x2a0
[ 1562.506045]  vfs_kern_mount.part.0+0x5b/0x470
[ 1562.510522]  do_mount+0xe53/0x2a00
[ 1562.514055]  ? copy_mount_string+0x40/0x40
[ 1562.518281]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1562.523288]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.527156]  ? copy_mount_options+0x1fa/0x2f0
[ 1562.531636]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.535515]  SyS_mount+0xa8/0x120
[ 1562.538949]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.542824]  do_syscall_64+0x1d5/0x640
[ 1562.546708]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1562.551878] RIP: 0033:0x45e219
[ 1562.555055] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:27 executing program 1 (fault-call:1 fault-nth:17):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:27 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = getpid()
wait4(r1, 0x0, 0x20000002, 0x0)
r2 = getpid()
wait4(r2, 0x0, 0x20000002, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
sendmsg$netlink(r0, &(0x7f00000019c0)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfe}, 0xc, &(0x7f0000001900)=[{&(0x7f0000000140)={0x308, 0x13, 0x1, 0x70bd2a, 0x25dfdbfe, "", [@nested={0x2f8, 0x34, 0x0, 0x1, [@typed={0xb4, 0x3d, 0x0, 0x0, @binary="99a5b7a68c66774c889177c3297fb0b2354300a069e149f02e0952b39c01679f96b7fafc7bbaeda51bd9906cea6b542cd974df6c11c8fe8a740014580ac128c635e1a477eced5b1b359866b97b518cbaa370f2875f8577fe892756934cd7f86419576ea3c62173d06aadf9805ba72e83cb4ebf1c8c30d8725947381cf8d183997cc24d40fd181c9bc97611ddc37269739ff0c9103f14d2a155a34e281b90fd2679c556e695a2452f406d1e06a9185e48"}, @typed={0x8, 0x86, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="bb7e33de989418f718caea6786e554ae46be7f7fa54324e3736a208d8949b896960f8a052ec312cd47001e1d729cb95c2ae9f312eef24698f1dca4b374e249f2d6d7dcfa4340e4218c03d02b210b8a56e8b304fe274a0ff98e34dcad89288c7230752a76c1d98ef0ec8ff0f61097fa04ca8a85b32cf9e90f2e3911055010e3a1231370b6ec28", @generic="ea8e8d554939bd74c71f9f738a0bf9dfbba5fb7a6cdda98ea089dd2f5d150f947fe444f3acc811ecbb152fe921fa9601ee1a307dcf4ee0836b51bdfc832a8fa01cad17456269a1ea2810e079b7", @generic="81597f820cf124bf00db52b225c3f99fe037733587a7611bc58ab6cda4f5afb49be47428b8d72851728fac21760177f88c9abfaba52481afed3eb907fb1786807045a706551b05450b5e0bc346e2ced77bd8f0273d017cf21db1693da2649d9a826e1c4c25814bacbf858cd4b971c187f4a05337b415f481c9e16b488be05ec4592a2295fb8d7b74d7b3ee5007198d1fe13c5b0b3cc4697cf458179a075ccc5741f7b3e1b72bba7f4827ad853d077f96b7a3170fe1dbc4196b0b5a9162eb03d6f3a2351abcc08645053fe2c9f33bbe2f22bb45645bb6cdd898f23c7a31c5b4a54b7ae0bfae996d2cc54b821a54", @generic="76ce864246ced8558380aac8bdabf1c481c1250332be84d6838ec95cca431ee05e73e0de0783f0aee6566f9e891e2712f64eda3956fb78cbc8bf0a1175d2787b025a010159904a8298abaca4f2f99bf4badadbbcc3c2bf4a26ff1c7c7a658b25713956e61a27bd5be85a872753440947", @typed={0x8, 0x48, 0x0, 0x0, @pid=r1}]}]}, 0x308}, {&(0x7f0000000480)={0x125c, 0x2d, 0x800, 0x70bd26, 0x25dfdbfb, "", [@typed={0x73, 0xd, 0x0, 0x0, @binary="e9c9b6b014fba2dc99cd5106f66c7bd92f0f6a02bc59d7573b725b2166084e1d3461987bd23c2ef65305d69cbbc54f459cd2e10beb3f942e4d797cb7cd79df2ee935210cde0ee0b228ecda972219a13e64ba3f1b89828c8397633d700c1595d68208a9ea437fbc68b54e088b056ae2"}, @generic="f4025f3f66fc4b1a05d78031893b17d4d830b913a45dcb9a967bb5c0340e7c88df3fbee2439a741e0d545852fbfd6aeae3b30f961d2f4c2a40e28726400ff282f336c2feb9867eae1390993b115e6b384aeb2c341f59b920893c1d", @typed={0x13, 0x2d, 0x0, 0x0, @str='/dev/dri/card#\x00'}, @nested={0x1010, 0x12, 0x0, 0x1, [@typed={0xc, 0x41, 0x0, 0x0, @u64=0x2}, @generic="5230e1c6467fa7cd5dea254a3bd6f4a4761105516108fa954a2379cc9ce1865d1324132a4ba240bb8581c30d86259efe4e1b88bd69fa071572e7fe9e0de78f009ba43f3470575f7bd6d1e6233be371e7a6c74484f1a797ea9b96bf94043833704c9c7a0814da70b6b845070445625aebe11697c875f42d81515eb257810354a3da764a88bed23fdeb1b9b29759131d1997df34dd79c98f3ddf589f5b2a725a43ffe0b51793a1a0eb97991899a155257b7c23ce2e525284028dba357b968906d61a880f6703db1b3a7e65cb36e52365b1956d327ee08c7fddf22405ebc3b83d681d1b9d64d4fbb8b9cc2f2274c904dd72a9d4cb5884549ac386c224c85d00852170c2b44a1e4a5456d7a0cd6a54e714562a7369f7614dd7e78d5f8015b891c3aa35d75e2f41654e5f87a590842d63492ac007212e7c828a5e1e7377ece3b7ad4324f97d22180d939f67c60c86a5fdf3049f0eb49864317281d13936be99a3677c2815cf3580711780b45147d490a714cd3d9da3707590b4a0c52348c45d1cb9965d3d37fed1c41161e2eada8593b0faa7a8b012054e0d18dbb193c49dd6ed416a931397015759f7797300657e6a0b258330d978d83135df04a6d6b4a11c2dd8bddfba93da44e829070a37a578fa53f1bb25231314d1e6fcc7ac125b272ae782a51792b84c83b80db0672d3bdac4f472510c7ae737fb4fb179eddaacaa5409c3c0b54448ea65d9adecbe832c0eab11101b3fa00edf8a01d17a96e792505e8baa1210b0f1180af1e712f9ebcab95fa4bef7ca8e907eb97e8288d01a558c63df00d3c37a8b37ebbe0c171641b9672e5eef6be816305d9aaa7949ca9ef05694a2b2463580d5fa170bfecf6bf68471948e48de8d2d66303d7b0661a32d1ee3b5160428f151c8ee13b54b39228931cfe9fc1b08b1e6faa0f9d8d98448e188e86c23b1954be7e5825cad88eead97b6008148d5e831d89789a9ee43931032946ab69d7b7120aae28db3a2ec984aaddbf9047619bad3778309ce71697b65bd8e267c4ef7cb326fabd2e711c5ae805eaab53b470119844b70321613f6ec090789664c1e377132c2927ad89b3b491206744e007a853fe384739b3deadb3ba7f3ffc398b2e82aa34e0712baa63c4fe0621d7773c43c3f7f422ed2a58acfda36fed78e729d0cdb1267f3647a71374eb8f38f1f914051a9a88fd30f8b858192da3b091668b380602d9d604fa7ef0151ea9809453da8f9dcb99f783648eef28b2eec0b3d0358397eb5eb5da8968cdb8e0733b24c46ff41c52f128044719d146aad99751586974040012f0813ad8c77404a55672ee6602751a4008049b3ce2e5928e45650a3e9c4fdfd010d18fac16ff8e557072411cb6ab80fc31b571d6742b1bc93723816be0d77f80b7554cde0d24c66404221d777f69f7c4475f9dfffed764145fc81a27db2952d1c4dc78b0d8c69ed6e85f47171a2674baa9ac3afb8a0e220c6a8907bd83765fa775eb78467f1e5724c6cf917896d0e4eb763d9f8b76de8623c8a475ff66953d2388fb28ab23a360872d89c83e4ee1956f99feeb42cea2529649de329540107eef17a39e839724016074ab52778cebf003b7ceb50796998387ce967d0e7bb098daab782283001eb77f9a56ae1c24f030c456a16261814aba85dc0152c46d3053fba4a6c037db52bab6601a37476022856328da2bd27d642df3babfcd099a65cd27afb9754b19e9950ac55eadeecc7522a64324b9300231326043abd3b16f35b0ad7b22e0d69a1643bed625b3531c6bf5df2ac6e2ca6641a2def28ae44880d428761c7d2a768ee9b0ef7457dc97865e46dc5a5f6b6cfa09d9c81d83c91ece3c2122d374d659b51eb90fbbfac0795930adc7e802d28ede357a30073e9480e559f7ef9894aeabd65ed460cf1c58e610fee9f436aa5c5819f433e92d825bbba5620dbe974788aef75fd2b9db39e5eae94e48b618db723c3741a3415cae26710a3720d074d37928dc94afa55f45c2b0c273a4bbb7d5c0df70a37ea4f881708ee9d616a00aae5875e66cd9f377d51567df07c9412c9d5f2840f8f66b57d6956f4d62fc5b7813491bf78c0dbe880e9a4c9765ffc4ab04386473dcd865be95943176a7c3e880cc8d86e8e2b46d85081bc7cdb236e8b1c23cc21d34ffeb002e8f27571c8ef65065afba4e7af70951d0e0f6cd9b24207aa7aa1d5c2167f6448e8668e7563e57bdd9fb825c786f4a3a6ea07fca5f2852d8554b5a84d0d7e0234d66a150c8b1651d24d0efa3a4997e5224a603faed1e4f3f3694ad734a632428d944240f63c0aed0af5b352ea8cb2c48649975d22a1ca76ac24302ad295c3d32e2f7695138e5ce918111f15a9e666a00fe26bd51ef22a70e046eeff752b86849c54529460fa73db6e070f472e12aac3eb0bfcf608f45b0aee5e11728390323c1ba6a55784df6e0e4bb20f65c52597b06ba5e225b3d66a42a3d2aefb57b03dc44f50d160d3030ab4cdd9748733b4c72bc6cb1b921b77c2a89e32e0ed1a378806ed7dc890821bddb8f71fa0814c7fb6ff54775ef49ec8fa7c08c381d1e7c6eb1b91eda7b5c9ab2c3d9fff2c3f6f12c3d44f26d52ee0a0c717c670a0db38ed8a2f60e101fb58afca385c92bd570d89fbe05d690730d4697dc2c0fff473156838c09466d26e813633abc59ad23872429e78c0570ca7246402afe4c1c553ef860e8b0018367a1f34cf02c412c081166291838036c40aa0ef0ddc1740fe026c4ce6d98957f1c1759cebb4bbcb0354edbc38784a2ab56282ff3ddd803488af8b6ca582e8a6c65217e4ddd082784e876faf2ee5db7954393b0f40fbc66f76837ff93b6192d3b58697c0deb879355f7746520532217b5cf99b1ebf8710dad07ebf1e034f42cebab9f486776c8e269047bab96f065843fab80c162ea78ee9a3b011b2353369aa6b352464807cb09a83f992c2ae6b0536b71e14c5f5dd812547690cf56ead2e923e40aa1e28d3e09fdf2e067fc6dbb01d5edc1ec73ae65b28b491a60b39fec950df79f9c3ce841cbba4db2285fd55cfa3d2ac20c33edd26666f944ff1a7e66027e5820a09e0df4f9ce78ddae42ab4750814db6da56255567abb0e8f9464c659ea4bd095b641df2a253b394c04320824ea97a093598fde1d05a238fb20ffc50c8c6aac9f8ded48d33387733b3d302bcc7f03e9f4e25a8af4b2a3201d33835c14520f68c898f9590ce6842069e5994a43fea8d378c131bffe6835d4a3ccd7a1867410bdf30efa2d8f2021ff9169e1ee5b3fc5c2ad509066ca9f9914d8ecf68bacfd9b7f977a257a5a9d4e69d6a862a0d94bcf1f0c8ea6234e5e95daaad087febcd6968b211e79c2b6f5ad7a1ed4213478492459b86dc7c706c18cf9668f86b45878ade0f8fc7f3205fcaa00115c0a8d7528457d42f43fd6479e8d8ca10ea18e4376589b584c01dedd52a6dfa713c6f60d3655c523d221a650ef771f7b64138b9576046d8b37ddbee814d1c8978a75c22f611b2039137901df1e9850a184c4c76ff75818d6c6055578f03e157b9a98bf1c19348f11a13dd109998776fa4ac9314302fa231ec3e41e9db434b982aeb70393d85cb057d574119a0be8f16c50bf23a235bf1e706475ec8a02bc2291db4521cc3cd693bc30eb7a6118cfad6b36ebc9952291dda68a2012df192709c406d1d1040137d78fd875ebe9d020ce62110af5748ed167dfea471f59aed6dc2caf02a87a19cf31aae0a68a9c87736c9822246403320219df2fd955ed970946b2d595def85331baf727a40e1ca9acbbb347907338e05d69e1c270f070cb98204f507aa6c4fb946d614d2a820324bcb3d515c0f4894b7600e34ca501462f1d7d9f413fc4a8f4532334c61d39e79ca677d4d0883e120fda15e4089795bd84f9bbd59ed9936a42a378db15a42bbce8858d072280f9e6019b3f99f1818c6df026615b24fe3f3958de68c881193b9958c2c34ee77410eedfa8f16699b59e36d54435f69f59e30d39d55377ff4293f12d3bb74290a051ae37e87620aa79bfaee98b0beb9c62b849980c85bf001514c58339443c4862e5231469006f883182d26ef08ab3fb5c4ef31c624a2811a946878e8379a80351881c8ad6c33fa40e35aabe8605d57a1080a3c8f5b0697096a4f487ace132a96041dc93d2c9341ca1feab6b12836416e869bf08ff69f888e6bf4f06a542f0d64f367d5a86b68cda10e077b09eda87f64a393eada52e6daa13acc2d228840c25f5983d56d44c1fb4f92235919cb7d4de5efd66588c1c0923dedf344a109bca762d1d0ac3ddfbc5ddf3817e62c82ca1ce188e303cc7bf11ba98d17be410a1c66eaf94b53ec56a9fa640014f6a21594dc3a9a4710affe204e09a94bccf25e6b9ba66c8db6551ac1a7d55bb833042b651db4fbd6be3c6fa185d7b835835608555b4cda5bb44bb2a49a41fb2c8f93cbbf3f34cf6be7fc4c1d5e39acb8dba605dda731efe83b33ad2ae9efd344944b01455ed241dc4f31d93f42b1e704d7a6cf23cc143a6a234a59b3a898276bd1b9071e7047a6542146a61a1aa088bcecc3974946f0b5cf8916fdf543fa73f6d25e2d1f2f27ec9504c8b30963264ad68eb1d37fcab5a4d6c41c6855e47000143cb19db59a204edeb6e10cb73c4c215cce14d4fff645297dec3c16edf79144faacc6a5feb441df2189f313f49ef5ff7a53a169d4161c3a1daa63cab0bb7bcde009962b0e2063258880961fa31bcdf279df6e1f52ad501bcb34c1fe4ea9c765819b68bfb85934ed10b7fde2dc1bea811a408bd4ad8d2d536bf07225feb99e9e8737e97bbaa53f307fe9aac84ab62dfb80b8bbd8aa368043ad566712b5a8b82d0a1d2ef56fc34572c375806b2d2f131ef6184fcf3a4f53fd355ad6a3d3d6deacc59d885578e9e798d3eafba659c509d47f9f760cdb94aea9d7aac14d9ead32cdafabf57ec70f0bdfe785adb98f1fe862fcdf09f8bd5447a9b53260fcbd4a5680f6ceef1f2b20d2bfd1561f12ff5f5ecf488efad4b84bae3e180bd3844e815c26e80de65b265e7ce129fdd2db9f6c63863564f0e5b363a7b9a4c9e55be195ad0d7a844159d938b9b014f7fd5a9561e637fb0281d6fd6d89e6fae5d5680ae2adf14b939aeb5d489d3671540692807c97baaa229515572b2b05995e97ba40ab54026746d345f18f161057286c6341a846a64cd84205d295ae7a945c3044b2aeb632f232ce50a4e4d0c7645d548760bf51f3fa0c6b8a91163fd32928904202f27adb51fa43a4ecff4b3abb61ba7829bb8f04302b95eda0c5c4434d1fad90309bb02664136b353c00540a81d3e6deabd849fba955b1c32608fef41b1b32d8a36ee32cf747e04f479fa623f8f70ba03f6f315b589d8e12db4f6b3ce31bbfc2cb9776ba91018609450fe2026f5eb1fd9eff0a1913bb953f9217143c6a30fbd81f99e06a5893921014db504cbe7d8cfecf07e0838c2c57c1249eed80743160434f1561fa64bca047711dac589debe28ca44703facf60689ad1a2720b12bd6af49a21b1925760d883c998fa4c9f8c628c4936aade5618a0a76c0db933babae31d1ecd7626bfe2f3403635cb270b3a6be35080a13002504220fe04f0ac0c264b93312814d39f52bc23d3d603508b170b6c6dfd83951bdddee1220a42a72b2d87b931c84a064c29974092eff6342ce7e7e8566e9740df2fec156bbc540160e8e69c8754055408c85b21966b7bb2699b866ff7b67de94537072a9eab9cdb7ecf9aef771e1bf6e8e0e3070cb2d83f27dec20987c56bf65a070e51ade3a9c9ad30ac40aad1b"]}, @generic="eadf6fbc217fa7ae7f7fced49629c5f645c75057f2f7a4a391588e7427b4b82e2075ebee683446fa29dd4ba896f8158831f5bc4647160311e007dfc08a5bb9ef94e839c08f5890a60fdb7f70758568be77152af1684e84411f6441552a77279e025bdce2bb815887f04f5613931b9f0adb02cc60cd09276c60e81ecc3ad3baf698b3b71f012c8dc1fc8d2bf062468034f0edb9caf12c14c17c1fffadbef23c070481a99df9790d961787e96de8e2f79e6316a9a806d3c9a971c9199739d7090fa3c83b", @generic="0475bd957ff507452ec47d63e94db09ed99627281dfd388ebe419d9e6483d3937c49af6124c227ede93ccc106255ec57ef2a547fbd019b53c4a61f1fe2bad840f4828e4cd660f76dc40652da2021704e09dd9db24f4252", @generic="f1a706dfc8acfb9a96a70e174d08e16c25d4431da96561ff7295875bc0f78c6687521cb23167f0f20181981a79dd55da60d8afdccf4cda8944158108a997"]}, 0x125c}, {&(0x7f0000000080)={0x18, 0x25, 0x10, 0x70bd2b, 0x25dfdbfd, "", [@typed={0x8, 0x53, 0x0, 0x0, @pid=r2}]}, 0x18}, {&(0x7f00000000c0)={0x1c, 0x17, 0x10, 0x70bd29, 0x25dfdbfe, "", [@typed={0xc, 0x2c, 0x0, 0x0, @u64=0x4}]}, 0x1c}, {&(0x7f0000001700)={0x188, 0x28, 0x300, 0x70bd25, 0x25dfdbfb, "", [@typed={0x74, 0x11, 0x0, 0x0, @binary="02c055e84ccdef1f87e7620cc9a27e37cfbc3dc4afa989e00386b8ebf21fe1c43e7d5126b8e673550463f8e8ca5c24629f436a1f198f9958fafc3549582fbf3d0752419c7de4b3fbb2e087ceb1ed02323225e6097360ec2aaf2acf47447762ed7bb0b63b8602d2f4727953e1815c817a"}, @typed={0xf4, 0x31, 0x0, 0x0, @binary="73f86097c819b2571fa7eb0142cfc46693ac241a28654381e5b4ce5ec2f6df6cb8a31fe8bf0e00754b47081a768741e0ff1558a07ad3b72f2b702a0748a892d86dd3e533b9681aa8c09626ce75e4aded27b9c239e377fec6f383b8771e86acbf621bd2ad54a183c2130115057518f9e8399ddd6cc4fa78f22557ddf2cfcf1adcc493b14d1728279105913c91a167cbe1aceace6a09c14c41f20bc29704f9867d4e6a08b05c22840c894dcecba3c3e780877d519a8f9ce7b9b3b176061573a639ec337857223e08253b721d968abb71b970de43e09ff08f1717c7fedfbba0b8d80c57d6a25d9494142acdfeb2e4dec2b3"}, @generic="f5971ab21cb1a82fa6cfd826ebe8de"]}, 0x188}, {&(0x7f00000018c0)={0x1c, 0x1b, 0x4, 0x70bd28, 0x25dfdbfe, "", [@typed={0xc, 0x6a, 0x0, 0x0, @u64=0x5}]}, 0x1c}], 0x6, &(0x7f0000001980)=[@rights={{0x14, 0x1, 0x1, [r3]}}], 0x18, 0x10}, 0x4000)
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r4, 0x40106436, &(0x7f0000000000))
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000001b00)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x220080}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a40)={0x48, 0x453, 0x100, 0x70bd2a, 0x25dfdbfe, "9291f624c5c3ebcbece03cd422c1b547d13c08c41e21e028bfdfaf09be5e6de7cfc337cbf7b4f42e8a4c78668865b264269b788352fa3b8a", ["", ""]}, 0x48}, 0x1, 0x0, 0x0, 0x2400801d}, 0x4008000)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:27 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x7, 0xda703)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:27 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x40000, 0x0)
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000100)={0x0, 0x24})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000340)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000380)={0x81, 0x7, 0x8, 0x8})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x8001, 0x111000)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000240)="213a938d", 0x4, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r2, 0xc00464be, &(0x7f00000002c0)={r3})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x5, &(0x7f0000000040)=[{}, {}, {}, {}, {}]})
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000300)=0x800)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000140)=[<r4=>0x0, 0x0, 0x0, 0x0], 0x4})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f00000001c0)={r4, 0x9, 0x80000000, 0x813f, 0xffff, 0x4, 0x5, 0xffffff81, 0x7fffffff, 0x9, 0x400, 0xb04})

05:55:27 executing program 0 (fault-call:1 fault-nth:18):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1562.562803] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1562.570048] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1562.577295] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1562.584542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011
[ 1562.591791] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:27 executing program 5:
syz_open_dev$binderN(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0], 0x7})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000180)={r1, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000140)=[0x0, 0x0]})

[ 1562.645110] FAULT_INJECTION: forcing a failure.
[ 1562.645110] name failslab, interval 1, probability 0, space 0, times 0
[ 1562.661375] FAULT_INJECTION: forcing a failure.
[ 1562.661375] name failslab, interval 1, probability 0, space 0, times 0
[ 1562.672763] CPU: 1 PID: 29134 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1562.680735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1562.690089] Call Trace:
05:55:27 executing program 2:
setns(0xffffffffffffffff, 0x80)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:27 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x8, 0x2000)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000180)={0x1, 0x7fff, 0x7, 0x81, 0xd6, 0x7, 0x4})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000001c0)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000200)=""/130)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x400, <r2=>0x0, 0x10003})
ioctl$DRM_IOCTL_AGP_UNBIND(r0, 0x40106437, &(0x7f0000000080)={r2, 0x2})
syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x8c, 0x80)
r3 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x800, 0x800)
ioctl$DRM_IOCTL_MODESET_CTL(r3, 0x40086408, &(0x7f0000000000)={0x80000021, 0x7fff})

[ 1562.692671]  dump_stack+0x1b2/0x281
[ 1562.696292]  should_fail.cold+0x10a/0x149
[ 1562.700430]  should_failslab+0xd6/0x130
[ 1562.704396]  kmem_cache_alloc_trace+0x47/0x3d0
[ 1562.708976]  p9_client_prepare_req.part.0+0x4ea/0xb60
[ 1562.714156]  p9_client_rpc+0x170/0x1520
[ 1562.718125]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1562.723139]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1562.728499]  ? p9_pollwait+0x18e/0x1f0
[ 1562.732390]  ? p9_conn_create+0x4b0/0x4b0
[ 1562.736530]  ? pipe_poll+0x24f/0x2c0
[ 1562.740241]  ? p9_fd_poll+0x237/0x2e0
[ 1562.744073]  ? p9_conn_create+0x3aa/0x4b0
[ 1562.748242]  ? p9_fd_create+0x293/0x3b0
[ 1562.752210]  ? p9_fd_create_tcp+0x440/0x440
[ 1562.756528]  p9_client_create+0x92f/0x12c0
[ 1562.760759]  ? p9_client_flush+0x4c0/0x4c0
[ 1562.764989]  ? __lockdep_init_map+0x100/0x560
[ 1562.769469]  ? __raw_spin_lock_init+0x28/0x100
[ 1562.774043]  v9fs_session_init+0x1c5/0x1540
[ 1562.778353]  ? pcpu_alloc+0xbe0/0xf50
[ 1562.782140]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1562.786968]  ? v9fs_show_options+0x6b0/0x6b0
[ 1562.791357]  ? v9fs_mount+0x54/0x860
05:55:27 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x10000, 0x220002)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x200, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz0\x00', 0x200002, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7, 0x9091, 0x80000001], 0x3, 0x80800})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x3, 0x10001})

[ 1562.795051]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1562.800479]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1562.805482]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1562.810313]  v9fs_mount+0x73/0x860
[ 1562.813847]  ? alloc_pages_current+0x15d/0x260
[ 1562.818417]  ? __lockdep_init_map+0x100/0x560
[ 1562.822897]  mount_fs+0x92/0x2a0
[ 1562.826263]  vfs_kern_mount.part.0+0x5b/0x470
[ 1562.830767]  do_mount+0xe53/0x2a00
[ 1562.834307]  ? retint_kernel+0x2d/0x2d
[ 1562.838180]  ? copy_mount_string+0x40/0x40
05:55:28 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x480)
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000000)={0x5})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000140)=""/172)
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x400, 0x8000)
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000100)={0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ADDFB(r0, 0xc01c64ae, &(0x7f0000000080)={0x40, 0x937a, 0x1, 0x401, 0x1c, 0x4, 0x5})

[ 1562.842416]  ? copy_mount_options+0x185/0x2f0
[ 1562.846911]  ? copy_mount_options+0x18f/0x2f0
[ 1562.851391]  ? copy_mount_options+0x1fa/0x2f0
[ 1562.855873]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.859741]  SyS_mount+0xa8/0x120
[ 1562.863179]  ? copy_mnt_ns+0xa30/0xa30
[ 1562.867053]  do_syscall_64+0x1d5/0x640
[ 1562.870925]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1562.876093] RIP: 0033:0x45e219
[ 1562.879266] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1562.886963] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1562.894223] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1562.901484] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1562.908744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012
[ 1562.916011] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1562.923281] 9pnet: Couldn't grow tag array
[ 1562.923288] CPU: 0 PID: 29130 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1562.923296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
05:55:28 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={0x0, 0x1d})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000080)=[{}], 0x2000, 0x0, [], 0x4, 0x1})

05:55:28 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = socket$netlink(0x10, 0x3, 0x6)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r3=>0x0})
r4 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x3f, 0xa0802)
ioctl$DRM_IOCTL_ADD_CTX(r4, 0xc0086420, &(0x7f0000000200))
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20000", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r3, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040029bd7000fddbdf25160000000500030000000000050003000100000030000180080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="1400020076657468305f746f5f6873720000000008000100", @ANYRES32=r3, @ANYBLOB="0000000001000000"], 0x5c}, 0x1, 0x0, 0x0, 0x4000000}, 0x2000c080)

[ 1562.944726] Call Trace:
[ 1562.947316]  dump_stack+0x1b2/0x281
[ 1562.950947]  should_fail.cold+0x10a/0x149
[ 1562.955097]  should_failslab+0xd6/0x130
[ 1562.959075]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1562.963746]  p9_fd_create+0x135/0x3b0
[ 1562.967546]  ? p9_fd_create_tcp+0x440/0x440
[ 1562.971868]  ? __raw_spin_lock_init+0x28/0x100
[ 1562.976454]  p9_client_create+0x5fd/0x12c0
[ 1562.980694]  ? p9_client_flush+0x4c0/0x4c0
[ 1562.984935]  ? __lockdep_init_map+0x100/0x560
[ 1562.989480]  ? __raw_spin_lock_init+0x28/0x100
[ 1562.994069]  v9fs_session_init+0x1c5/0x1540
[ 1562.998398]  ? pcpu_alloc+0xbe0/0xf50
[ 1563.002205]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1563.007047]  ? v9fs_show_options+0x6b0/0x6b0
[ 1563.011491]  ? v9fs_mount+0x54/0x860
[ 1563.015189]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1563.020625]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.025629]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1563.030603]  v9fs_mount+0x73/0x860
[ 1563.034128]  ? alloc_pages_current+0x15d/0x260
[ 1563.038691]  ? __lockdep_init_map+0x100/0x560
[ 1563.043168]  mount_fs+0x92/0x2a0
[ 1563.046517]  vfs_kern_mount.part.0+0x5b/0x470
[ 1563.051015]  do_mount+0xe53/0x2a00
[ 1563.054547]  ? copy_mount_string+0x40/0x40
[ 1563.058779]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.063829]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.067697]  ? copy_mount_options+0x1fa/0x2f0
[ 1563.072175]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.076045]  SyS_mount+0xa8/0x120
[ 1563.079477]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.083344]  do_syscall_64+0x1d5/0x640
[ 1563.087216]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1563.092385] RIP: 0033:0x45e219
[ 1563.095554] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1563.103238] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1563.110483] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1563.117729] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1563.124974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011
[ 1563.132222] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:28 executing program 1 (fault-call:1 fault-nth:18):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:28 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x43, 0x7, 0xff, 0x1, 0x2], 0x5, 0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000140)={0x3, <r3=>0x0, 0x2})
ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f0000000180)={0xb502, r3})
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000040)={0x1, 0x7f, 0x4, 0xfffffe01, 0xfffffffe, 0x3, 0x7f})

05:55:28 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[<r1=>0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000140)={r1, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000000c0)=[0x0, 0x0, 0x0]})

05:55:28 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x5, 0xa44b, 0x3f, 0x1, 0x5, 0x22], 0x6, 0x800, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f00000000c0)={&(0x7f0000000080)})

05:55:28 executing program 0 (fault-call:1 fault-nth:19):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:28 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xfff, 0x100)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f00000000c0)={0x2, 0x0, 0x3, 0x5, 0x8})

[ 1563.146825] binder: 29135:29148 ioctl c02064b2 20000040 returned -22
[ 1563.198288] FAULT_INJECTION: forcing a failure.
[ 1563.198288] name failslab, interval 1, probability 0, space 0, times 0
[ 1563.208977] FAULT_INJECTION: forcing a failure.
[ 1563.208977] name failslab, interval 1, probability 0, space 0, times 0
[ 1563.209504] CPU: 1 PID: 29164 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1563.209518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1563.209521] Call Trace:
[ 1563.209536]  dump_stack+0x1b2/0x281
[ 1563.209551]  should_fail.cold+0x10a/0x149
[ 1563.248300]  should_failslab+0xd6/0x130
[ 1563.252285]  kmem_cache_alloc_trace+0x47/0x3d0
[ 1563.256906]  p9_client_prepare_req.part.0+0x4ea/0xb60
[ 1563.262104]  p9_client_rpc+0x170/0x1520
[ 1563.266083]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1563.271108]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1563.276474]  ? p9_pollwait+0x18e/0x1f0
[ 1563.280365]  ? p9_conn_create+0x4b0/0x4b0
[ 1563.284507]  ? pipe_poll+0x24f/0x2c0
[ 1563.288220]  ? p9_fd_poll+0x237/0x2e0
[ 1563.292019]  ? p9_conn_create+0x3aa/0x4b0
[ 1563.296162]  ? p9_fd_create+0x293/0x3b0
[ 1563.300131]  ? p9_fd_create_tcp+0x440/0x440
[ 1563.304462]  p9_client_create+0x92f/0x12c0
[ 1563.308697]  ? p9_client_flush+0x4c0/0x4c0
[ 1563.312933]  ? __lockdep_init_map+0x100/0x560
[ 1563.317453]  ? __raw_spin_lock_init+0x28/0x100
[ 1563.322030]  v9fs_session_init+0x1c5/0x1540
[ 1563.326347]  ? pcpu_alloc+0xbe0/0xf50
[ 1563.330153]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1563.334993]  ? v9fs_show_options+0x6b0/0x6b0
[ 1563.339405]  ? v9fs_mount+0x54/0x860
[ 1563.343110]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1563.348553]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.353570]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1563.358408]  v9fs_mount+0x73/0x860
[ 1563.361939]  ? alloc_pages_current+0x15d/0x260
[ 1563.366515]  ? __lockdep_init_map+0x100/0x560
[ 1563.371005]  mount_fs+0x92/0x2a0
[ 1563.374374]  vfs_kern_mount.part.0+0x5b/0x470
[ 1563.378862]  do_mount+0xe53/0x2a00
[ 1563.382400]  ? copy_mount_string+0x40/0x40
[ 1563.387494]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.392499]  ? copy_mnt_ns+0xa30/0xa30
05:55:28 executing program 4:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000000)={<r1=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0)={r1, 0x80000, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000140)=[0x0, 0x0, 0x0, <r3=>0x0], 0x4})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000240)={r3, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[0x0]})
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000080), 0x4)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={r1})
r4 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r4, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:28 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x3})

05:55:28 executing program 2:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x8401, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x100, 0x0)
syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0xfffffffffffffffb, 0x400)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x840, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0xffffffff})

05:55:28 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xfff, 0x100)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000140)={0x1e})
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000080)={0xfff, 0x1000, 0x0, 0x88, 0x10001, 0x0, 0x8})
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000180)={0x3e, &(0x7f00000000c0)="db926a817b9b25b0d036e852ad814474b10656e58364578423691671e3ff36420839e1c52b43e3741113e52ea5b7c63170069b9b09452493b531a0ca4717"})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f00000001c0)={0x3, 0x4})

05:55:28 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x40)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x0, 0x4})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x3f, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000080)={0x0, 0x5a})

[ 1563.396377]  ? copy_mount_options+0x1fa/0x2f0
[ 1563.400854]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.404726]  SyS_mount+0xa8/0x120
[ 1563.408172]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.412056]  do_syscall_64+0x1d5/0x640
[ 1563.415951]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1563.421133] RIP: 0033:0x45e219
[ 1563.424319] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1563.432023] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1563.439289] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
05:55:28 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0xf3e], 0x1, 0x800})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0xc02, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f00000001c0)={&(0x7f0000ff9000/0x3000)=nil})

[ 1563.446553] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1563.453813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012
[ 1563.461068] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1563.468346] 9pnet: Couldn't grow tag array
[ 1563.488241] CPU: 0 PID: 29167 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1563.496147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1563.505501] Call Trace:
[ 1563.508092]  dump_stack+0x1b2/0x281
[ 1563.511722]  should_fail.cold+0x10a/0x149
[ 1563.515878]  should_failslab+0xd6/0x130
[ 1563.519857]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1563.524530]  p9_client_prepare_req.part.0+0x8ce/0xb60
[ 1563.529729]  p9_client_rpc+0x170/0x1520
[ 1563.531160] FAULT_INJECTION: forcing a failure.
[ 1563.531160] name failslab, interval 1, probability 0, space 0, times 0
[ 1563.533707]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1563.533718]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1563.533727]  ? p9_pollwait+0x18e/0x1f0
[ 1563.533737]  ? p9_conn_create+0x4b0/0x4b0
[ 1563.533750]  ? pipe_poll+0x24f/0x2c0
[ 1563.567033]  ? p9_fd_poll+0x237/0x2e0
[ 1563.570823]  ? p9_conn_create+0x3aa/0x4b0
[ 1563.574958]  ? p9_fd_create+0x293/0x3b0
[ 1563.578913]  ? p9_fd_create_tcp+0x440/0x440
[ 1563.583224]  p9_client_create+0x92f/0x12c0
[ 1563.587448]  ? p9_client_flush+0x4c0/0x4c0
[ 1563.591671]  ? __lockdep_init_map+0x100/0x560
[ 1563.596160]  ? __raw_spin_lock_init+0x28/0x100
[ 1563.600741]  v9fs_session_init+0x1c5/0x1540
[ 1563.605061]  ? pcpu_alloc+0xbe0/0xf50
[ 1563.608854]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1563.613689]  ? v9fs_show_options+0x6b0/0x6b0
[ 1563.618081]  ? v9fs_mount+0x54/0x860
[ 1563.621780]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1563.627219]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.632223]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1563.637064]  v9fs_mount+0x73/0x860
[ 1563.640605]  ? alloc_pages_current+0x15d/0x260
[ 1563.645182]  ? __lockdep_init_map+0x100/0x560
[ 1563.649784]  mount_fs+0x92/0x2a0
[ 1563.653138]  vfs_kern_mount.part.0+0x5b/0x470
[ 1563.657613]  do_mount+0xe53/0x2a00
[ 1563.661140]  ? copy_mount_string+0x40/0x40
[ 1563.665356]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.670349]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.674218]  ? copy_mount_options+0x1fa/0x2f0
[ 1563.678695]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.682569]  SyS_mount+0xa8/0x120
[ 1563.685999]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.689865]  do_syscall_64+0x1d5/0x640
[ 1563.693739]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
05:55:28 executing program 1 (fault-call:1 fault-nth:19):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:28 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x1, <r2=>0x0, 0x2})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000080)={r2, 0x1})
syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0xff, 0x276900)

05:55:28 executing program 3:
ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, &(0x7f0000000140)=""/162)
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000200)={0x6, <r1=>0x0})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={r1})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r2, 0xc01064ac, &(0x7f00000000c0)={0x2, 0x5c, &(0x7f0000000040)=""/92})

05:55:28 executing program 3:
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(0xffffffffffffffff, 0xc01064ac, &(0x7f0000000080)={0x2, 0x10, &(0x7f0000000040)=""/16})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1563.698909] RIP: 0033:0x45e219
[ 1563.702075] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1563.709760] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1563.717010] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1563.724257] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1563.731506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1563.738754] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1563.746017] CPU: 1 PID: 29192 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1563.753900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1563.763251] Call Trace:
[ 1563.765844]  dump_stack+0x1b2/0x281
[ 1563.769476]  should_fail.cold+0x10a/0x149
[ 1563.773628]  should_failslab+0xd6/0x130
[ 1563.777604]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1563.782711]  p9_client_prepare_req.part.0+0x8ce/0xb60
[ 1563.787911]  p9_client_rpc+0x170/0x1520
[ 1563.791888]  ? trace_hardirqs_on_caller+0x3a8/0x580
05:55:28 executing program 0 (fault-call:1 fault-nth:20):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:28 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x7, 0x8800)
r1 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, 0x0)
mmap$binder(&(0x7f0000ff1000/0xd000)=nil, 0xd000, 0x1, 0x11, 0xffffffffffffffff, 0x9)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r2, 0x40086409, &(0x7f0000000280))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'ip6gre0\x00', <r3=>0x0, 0x29, 0x7f, 0x5, 0x0, 0x40, @private2={0xfc, 0x2, [], 0x1}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x700, 0x10, 0x1, 0x8001}})
sendmsg$nl_route(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c0000001900020029bd7000fddbdf251c0010a0fc00fd030010000008000400", @ANYRES32=0x0, @ANYBLOB="05001a001f00000005001a000500000008000400", @ANYRES32=0x0, @ANYBLOB="2600010000000f0008000400", @ANYRES32=r3, @ANYBLOB], 0x4c}}, 0x40010)

[ 1563.796909]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1563.801630] 9pnet: Couldn't grow tag array
[ 1563.802272]  ? p9_pollwait+0x18e/0x1f0
[ 1563.802283]  ? p9_conn_create+0x4b0/0x4b0
[ 1563.802292]  ? pipe_poll+0x24f/0x2c0
[ 1563.802302]  ? p9_fd_poll+0x237/0x2e0
[ 1563.802312]  ? p9_conn_create+0x3aa/0x4b0
[ 1563.802322]  ? p9_fd_create+0x293/0x3b0
[ 1563.802330]  ? p9_fd_create_tcp+0x440/0x440
[ 1563.802343]  p9_client_create+0x92f/0x12c0
[ 1563.838647]  ? p9_client_flush+0x4c0/0x4c0
[ 1563.842881]  ? __lockdep_init_map+0x100/0x560
05:55:28 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x5a3702, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000040))

05:55:28 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x1, 0x1})

05:55:28 executing program 5:
ioctl$DRM_IOCTL_AGP_INFO(0xffffffffffffffff, 0x80386433, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000080)={0x12})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x701000, 0x0)
ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f00000001c0)={0x6d, &(0x7f0000000140)="62ce5f9f0d107e5fa1c130cde5de2219ea2229641f6c51c01f2bd23aab5f01d2f233e1be6d2a3a97e700993e960cadb372e59e411f85236c85c94368a796632acce9afcf7597c3aabfef61759e5567ef5dc59003c6bee834ffd4081d4733d50c02fb69f34cf9dc03caac6454d4"})
r2 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x81, 0x43)
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000240)={0xfffffffd, 0x40, 0x2, 0xfffffff7})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000100))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:29 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x20000)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r1, 0xc01864b0, &(0x7f00000000c0)={0x0, 0x6, 0x5, 0x1, 0x5})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x7fffffff, 0xfffffff8, 0x3, 0x0, 0x1, 0x9, 0x5, 0x7fffffff], 0x8, 0x800})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1563.847377]  ? __raw_spin_lock_init+0x28/0x100
[ 1563.851967]  v9fs_session_init+0x1c5/0x1540
[ 1563.856291]  ? pcpu_alloc+0xbe0/0xf50
[ 1563.860098]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1563.864939]  ? v9fs_show_options+0x6b0/0x6b0
[ 1563.869347]  ? v9fs_mount+0x54/0x860
[ 1563.873059]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1563.878509]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.883529]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1563.888371]  v9fs_mount+0x73/0x860
[ 1563.891910]  ? alloc_pages_current+0x15d/0x260
[ 1563.896487]  ? __lockdep_init_map+0x100/0x560
05:55:29 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:29 executing program 2:
r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x8, 0x80100)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000080))
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000)={0xfffffffe, 0xfffffff8})

[ 1563.900978]  mount_fs+0x92/0x2a0
[ 1563.904353]  vfs_kern_mount.part.0+0x5b/0x470
[ 1563.908852]  do_mount+0xe53/0x2a00
[ 1563.912398]  ? copy_mount_string+0x40/0x40
[ 1563.916632]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1563.921646]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.925532]  ? copy_mount_options+0x1fa/0x2f0
[ 1563.930030]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.933922]  SyS_mount+0xa8/0x120
[ 1563.937368]  ? copy_mnt_ns+0xa30/0xa30
[ 1563.941260]  do_syscall_64+0x1d5/0x640
[ 1563.945157]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1563.950341] RIP: 0033:0x45e219
[ 1563.953523] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1563.961228] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1563.968497] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1563.975761] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1563.983025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1563.990290] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1564.007328] FAULT_INJECTION: forcing a failure.
[ 1564.007328] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.019804] binder: 29204:29222 ioctl c018620c 0 returned -22
[ 1564.037839] CPU: 1 PID: 29221 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1564.045752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1564.048430] binder: 29204:29224 ioctl c018620c 0 returned -22
[ 1564.055096] Call Trace:
[ 1564.055115]  dump_stack+0x1b2/0x281
[ 1564.055130]  should_fail.cold+0x10a/0x149
[ 1564.055143]  should_failslab+0xd6/0x130
[ 1564.055155]  __kmalloc+0x2c1/0x400
[ 1564.055166]  ? p9_fcall_alloc+0x19/0x90
[ 1564.055177]  p9_fcall_alloc+0x19/0x90
[ 1564.055190]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1564.091884]  p9_client_rpc+0x170/0x1520
[ 1564.095623] 9pnet: Couldn't grow tag array
[ 1564.095864]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1564.105082]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1564.110439]  ? p9_pollwait+0x18e/0x1f0
[ 1564.114307]  ? p9_conn_create+0x4b0/0x4b0
[ 1564.118475]  ? pipe_poll+0x24f/0x2c0
[ 1564.122173]  ? p9_fd_poll+0x237/0x2e0
[ 1564.125959]  ? p9_conn_create+0x3aa/0x4b0
[ 1564.130133]  ? p9_fd_create+0x293/0x3b0
[ 1564.134091]  ? p9_fd_create_tcp+0x440/0x440
[ 1564.138391]  p9_client_create+0x92f/0x12c0
[ 1564.142622]  ? p9_client_flush+0x4c0/0x4c0
[ 1564.146848]  ? __lockdep_init_map+0x100/0x560
[ 1564.151321]  ? __raw_spin_lock_init+0x28/0x100
[ 1564.156347]  v9fs_session_init+0x1c5/0x1540
[ 1564.160664]  ? pcpu_alloc+0xbe0/0xf50
[ 1564.164460]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1564.169292]  ? v9fs_show_options+0x6b0/0x6b0
[ 1564.173740]  ? v9fs_mount+0x54/0x860
[ 1564.177432]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1564.182881]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1564.187949]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1564.192789]  v9fs_mount+0x73/0x860
[ 1564.196321]  ? alloc_pages_current+0x15d/0x260
[ 1564.200938]  ? __lockdep_init_map+0x100/0x560
[ 1564.205414]  mount_fs+0x92/0x2a0
[ 1564.208762]  vfs_kern_mount.part.0+0x5b/0x470
[ 1564.213249]  do_mount+0xe53/0x2a00
[ 1564.216780]  ? copy_mount_string+0x40/0x40
[ 1564.221000]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1564.226001]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.229866]  ? copy_mount_options+0x1fa/0x2f0
[ 1564.234338]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.238202]  SyS_mount+0xa8/0x120
[ 1564.241634]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.245513]  do_syscall_64+0x1d5/0x640
[ 1564.249401]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1564.254624] RIP: 0033:0x45e219
[ 1564.257833] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1564.265519] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1564.272773] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1564.280027] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1564.287396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[ 1564.294644] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:29 executing program 1 (fault-call:1 fault-nth:20):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:29 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040)={<r1=>0x0})
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000080)={r1, 0x7})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:29 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, &(0x7f0000000240)={0x653b, 0x3, &(0x7f0000000180)=[0x22, 0x8, 0x4001], &(0x7f00000001c0), &(0x7f00000001c0)})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'ip_vti0\x00', &(0x7f00000005c0)=ANY=[]})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x3})
r1 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b *:*cpw\x00'], 0x9)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r2, 0xc010640c, &(0x7f0000000140)={0x11})

05:55:29 executing program 5:
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff}, 0x100800)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000004c0)={&(0x7f0000000480)=[0xa, 0x1, 0x200004f7, 0x3, 0x4, 0x0, 0x8001], 0x7, 0x8f6, 0xfffffff8, 0x9, 0x2, 0x100, 0x5, {0x40, 0x4, 0x1003, 0x2, 0x1, 0x80, 0xa5, 0x0, 0x5, 0x20, 0xfd, 0xd57, 0x7a9d, 0xf117, "c623884323178e05a531390f30717a0ad7f949a408c5d3a9c5f1fae7805221d8"}})
socket$l2tp(0x2, 0x2, 0x73)
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000540)={0x0, 0x200})
getresuid(&(0x7f0000000080)=<r2=>0x0, &(0x7f00000000c0), &(0x7f0000000100))
mount$9p_fd(0x0, 0x0, 0x0, 0x2020021, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESDEC=r2, @ANYBLOB='LE_MMAP,euid>\x00\x00\x00\x00', @ANYRESDEC, @ANYBLOB=',\x00'])
r3 = socket(0xf, 0x5, 0x2)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000680)={'ip6tnl0\x00', &(0x7f0000000600)={'sit0\x00', <r4=>0x0, 0x2f, 0x3, 0x2, 0xff, 0x15, @local, @remote, 0x1, 0x1, 0x80, 0x3}})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000000)={0x995, 0x0, 0x10000})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000740)={'sit0\x00', &(0x7f00000006c0)={'syztnl0\x00', r4, 0x29, 0x9, 0x0, 0xb5e, 0x20, @loopback, @private2={0xfc, 0x2, [], 0x1}, 0x7800, 0x83, 0x4, 0x6}})
r5 = getegid()
sendmsg$nl_route(r3, &(0x7f0000000a00)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000780)=@dellinkprop={0x260, 0x6d, 0x4, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40, 0x1000}, [@IFLA_VF_PORTS={0x240, 0x18, 0x0, 0x1, [{0x60, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "581066f23bf300a2d9fc195538ba59f9"}, @IFLA_PORT_PROFILE={0x7, 0x2, '.&\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "45e53be4702355dd387658a470d04967"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "a92151d970bb3f7abb6444434aa44203"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0xa4}]}, {0x44, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "66e5968b0361bc0b669f40750c2ce361"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "42dd1320f12a75c13da4a070b0751edd"}, @IFLA_PORT_REQUEST={0x5}]}, {0x60, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "b07bdb7f1a3345309f829322e00d02ea"}, @IFLA_PORT_PROFILE={0x8, 0x2, '[@.\x00'}, @IFLA_PORT_VF={0x8, 0x1, 0x35a}, @IFLA_PORT_VF={0x8, 0x1, 0x9}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "28158ab1cd5d8e45fbe26a3fde81be87"}, @IFLA_PORT_PROFILE={0x8, 0x2, '}{%\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "b4051d9327c4e75223b9ad146febf0a4"}]}, {0x8c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0xbc2}, @IFLA_PORT_PROFILE={0x5, 0x2, '\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "abadec04e514e87753f612bc4ab85ed5"}, @IFLA_PORT_VF={0x8, 0x1, 0x8}, @IFLA_PORT_REQUEST={0x5, 0x6, 0xe9}, @IFLA_PORT_PROFILE={0xf, 0x2, ',@$,$*[,*&\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "fac64a7aa4e4d1a45f7450509447a56c"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "996a4637c7a9578b884650ea2e9a35d6"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x8d}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "a0fb4c85035fce134dd45ef56aa8ee97"}]}, {0x4c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0xffffffff}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "8d31eb62d5d1164a4e6811aa90b1d6f1"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "aadb1698a34858e33f08cdc5d820cbd0"}, @IFLA_PORT_VF={0x8, 0x1, 0x5220}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x80}]}, {0x28, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x1}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "86361ca414fb9cfddbff59b573ecb1ae"}]}, {0x20, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x14, 0x2, 'version=9p2000.L'}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x20}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x11, 0x2, 'cache=fscache'}]}]}]}, 0x260}, 0x1, 0x0, 0x0, 0x40040}, 0x4000000)
getresuid(&(0x7f0000000280), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@version_L='version=9p2000.L'}, {@cache_none='cache=none'}, {@access_uid={'access', 0x3d, r2}}, {@nodevmap='nodevmap'}, {@nodevmap='nodevmap'}, {@cache_fscache='cache=fscache'}, {@version_u='version=9p2000.u'}, {@dfltgid={'dfltgid', 0x3d, r5}}, {@cache_fscache='cache=fscache'}], [{@func={'func', 0x3d, 'CREDS_CHECK'}}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fowner_lt={'fowner<', r6}}]}})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000100)={&(0x7f00000000c0)=[<r7=>0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000180)={r7, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000})

05:55:29 executing program 0 (fault-call:1 fault-nth:21):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:29 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xffff, 0x202440)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000040)={&(0x7f0000fff000/0x1000)=nil})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

[ 1564.304778] 9pnet: Couldn't grow tag array
05:55:29 executing program 3:
r0 = shmget(0x2, 0x1000, 0x20, &(0x7f0000fff000/0x1000)=nil)
shmat(r0, &(0x7f0000ffe000/0x2000)=nil, 0x5000)
ioctl$DRM_IOCTL_AGP_BIND(0xffffffffffffffff, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:29 executing program 5:
ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000280)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_MAP(r2, 0xc0286404, &(0x7f00000002c0)={&(0x7f0000ffc000/0x4000)=nil})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000100)=[0x400, 0x173d], 0x2, 0x10001, 0x2, 0x8, 0x3, 0x12e, 0x8, {0x1, 0x20, 0x5, 0x100, 0x0, 0x6, 0xff6, 0xfb8e, 0x1000, 0xbb4, 0x2, 0x101, 0x463, 0x7, "5a20b36e7f575f1b196607e2f6a6db3985c3c45de7839f33a38a773f87d3a94f"}})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000240)={0x0, 0xfffffff7, 0x6, 0x8000})
accept4$packet(r3, &(0x7f00000001c0), &(0x7f0000000200)=0x14, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1564.352817] FAULT_INJECTION: forcing a failure.
[ 1564.352817] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.380653] FAULT_INJECTION: forcing a failure.
[ 1564.380653] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.392340] CPU: 1 PID: 29237 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1564.400489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1564.409842] Call Trace:
[ 1564.412436]  dump_stack+0x1b2/0x281
[ 1564.416072]  should_fail.cold+0x10a/0x149
[ 1564.420232]  should_failslab+0xd6/0x130
[ 1564.424207]  __kmalloc+0x2c1/0x400
[ 1564.427747]  ? p9_fcall_alloc+0x19/0x90
[ 1564.431719]  ? __lockdep_init_map+0x100/0x560
[ 1564.436214]  p9_fcall_alloc+0x19/0x90
[ 1564.440022]  p9_client_prepare_req.part.0+0x86c/0xb60
[ 1564.445219]  p9_client_rpc+0x170/0x1520
05:55:29 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000080)={r1, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})

05:55:29 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_FREE(r1, 0x40106439, &(0x7f00000000c0)={0x101})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000780)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000800)={&(0x7f00000007c0)=[0xf313, 0x9546, 0x9], 0x3, 0x4, 0xff, 0x9, 0x3, 0x0, 0x0, {0x8, 0x8000, 0x9, 0x1ff, 0xfc00, 0xe285, 0x4e, 0x66c8, 0x1, 0x40, 0x3, 0x9, 0x8001, 0x80000001, "8573e22aab40cce43d81df41a55b169a7ded1a5c2de6e589524652d5cc2e5205"}})
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
recvmsg(r3, &(0x7f00000003c0)={&(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000200)=""/153, 0x99}, {&(0x7f00000002c0)=""/224, 0xe0}, {&(0x7f0000000440)=""/255, 0xff}, {&(0x7f0000000540)=""/209, 0xd1}, {&(0x7f0000000640)=""/191, 0xbf}], 0x5}, 0x40012002)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{}, {}, {}, {}, {<r5=>0x0}, {}]})
socket$inet6_udp(0xa, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0xffffffffffffffff, 0x3, 0x14)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r4, 0x4010641c, &(0x7f0000000140)={r5, 0x0})

[ 1564.449194]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1564.454211]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1564.459574]  ? p9_pollwait+0x18e/0x1f0
[ 1564.463466]  ? p9_conn_create+0x4b0/0x4b0
[ 1564.467610]  ? pipe_poll+0x24f/0x2c0
[ 1564.471321]  ? p9_fd_poll+0x237/0x2e0
[ 1564.475128]  ? p9_conn_create+0x3aa/0x4b0
[ 1564.479279]  ? p9_fd_create+0x293/0x3b0
[ 1564.483249]  ? p9_fd_create_tcp+0x440/0x440
[ 1564.487571]  p9_client_create+0x92f/0x12c0
[ 1564.491813]  ? p9_client_flush+0x4c0/0x4c0
[ 1564.496052]  ? __lockdep_init_map+0x100/0x560
05:55:29 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$NS_GET_NSTYPE(r0, 0xb703, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_congestion_control\x00', 0x1, 0x0)
getsockname$packet(r0, &(0x7f0000000340)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000380)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c00bd7000ffdbdf2500"/20, @ANYRES32=r1, @ANYBLOB="03000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffffe, 0x638142)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:29 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000540)='/dev/zero\x00', 0x200400, 0x0)
sendmsg$NET_DM_CMD_STOP(r1, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r2 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x200080)
ioctl$DRM_IOCTL_GET_STATS(r2, 0x80f86406, &(0x7f00000001c0)=""/4096)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000040))

[ 1564.500549]  ? __raw_spin_lock_init+0x28/0x100
[ 1564.505135]  v9fs_session_init+0x1c5/0x1540
[ 1564.509450]  ? pcpu_alloc+0xbe0/0xf50
[ 1564.513261]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1564.518103]  ? v9fs_show_options+0x6b0/0x6b0
[ 1564.522513]  ? v9fs_mount+0x54/0x860
[ 1564.526230]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1564.531676]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1564.536691]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1564.541537]  v9fs_mount+0x73/0x860
[ 1564.545074]  ? alloc_pages_current+0x15d/0x260
[ 1564.549651]  ? __lockdep_init_map+0x100/0x560
[ 1564.554263]  mount_fs+0x92/0x2a0
[ 1564.557639]  vfs_kern_mount.part.0+0x5b/0x470
[ 1564.562141]  do_mount+0xe53/0x2a00
[ 1564.565682]  ? copy_mount_string+0x40/0x40
[ 1564.569915]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1564.574936]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.578819]  ? copy_mount_options+0x1fa/0x2f0
[ 1564.583309]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.587194]  SyS_mount+0xa8/0x120
[ 1564.590644]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.594533]  do_syscall_64+0x1d5/0x640
[ 1564.598427]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1564.603611] RIP: 0033:0x45e219
[ 1564.606798] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1564.614502] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1564.621766] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1564.629029] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1564.636287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[ 1564.643549] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1564.651721] CPU: 0 PID: 29238 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1564.659608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1564.662220] 9pnet: Couldn't grow tag array
[ 1564.668949] Call Trace:
[ 1564.668967]  dump_stack+0x1b2/0x281
[ 1564.668981]  should_fail.cold+0x10a/0x149
[ 1564.683518]  should_failslab+0xd6/0x130
[ 1564.687491]  __kmalloc+0x2c1/0x400
[ 1564.691030]  ? p9_fcall_alloc+0x19/0x90
[ 1564.694996]  p9_fcall_alloc+0x19/0x90
[ 1564.698775]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1564.703957]  p9_client_rpc+0x170/0x1520
[ 1564.707919]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1564.712911]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1564.718250]  ? p9_pollwait+0x18e/0x1f0
[ 1564.722115]  ? p9_conn_create+0x4b0/0x4b0
[ 1564.726243]  ? pipe_poll+0x24f/0x2c0
[ 1564.729935]  ? p9_fd_poll+0x237/0x2e0
[ 1564.733712]  ? p9_conn_create+0x3aa/0x4b0
[ 1564.737839]  ? p9_fd_create+0x293/0x3b0
[ 1564.741788]  ? p9_fd_create_tcp+0x440/0x440
[ 1564.746088]  p9_client_create+0x92f/0x12c0
[ 1564.750320]  ? p9_client_flush+0x4c0/0x4c0
[ 1564.754576]  ? __lockdep_init_map+0x100/0x560
[ 1564.759048]  ? __raw_spin_lock_init+0x28/0x100
[ 1564.763628]  v9fs_session_init+0x1c5/0x1540
[ 1564.767931]  ? pcpu_alloc+0xbe0/0xf50
[ 1564.771710]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1564.776528]  ? v9fs_show_options+0x6b0/0x6b0
[ 1564.780928]  ? v9fs_mount+0x54/0x860
[ 1564.784621]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1564.790049]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1564.795042]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1564.799862]  v9fs_mount+0x73/0x860
[ 1564.803381]  ? alloc_pages_current+0x15d/0x260
[ 1564.807940]  ? __lockdep_init_map+0x100/0x560
[ 1564.812412]  mount_fs+0x92/0x2a0
[ 1564.815759]  vfs_kern_mount.part.0+0x5b/0x470
[ 1564.820233]  do_mount+0xe53/0x2a00
[ 1564.823752]  ? copy_mount_string+0x40/0x40
[ 1564.827984]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1564.832976]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.836839]  ? copy_mount_options+0x1fa/0x2f0
[ 1564.841310]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.845183]  SyS_mount+0xa8/0x120
[ 1564.848725]  ? copy_mnt_ns+0xa30/0xa30
[ 1564.852590]  do_syscall_64+0x1d5/0x640
[ 1564.856459]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1564.861624] RIP: 0033:0x45e219
[ 1564.864805] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1564.872489] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1564.879735] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1564.886999] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1564.894245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
05:55:30 executing program 1 (fault-call:1 fault-nth:21):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:30 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x10640)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80000, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000040)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:30 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x80, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000140)={<r2=>0x0})
r3 = add_key$user(&(0x7f0000000580)='user\x00', &(0x7f00000005c0)={'syz', 0x3}, &(0x7f0000000000)="f8", 0x1, 0xfffffffffffffffb)
add_key$user(&(0x7f0000000040)='user\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f00000002c0)={0x0, r3}, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000080)={r2})
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000180)={0x4})

05:55:30 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000100)={&(0x7f0000000080)=[0x5, 0x1, 0xf344, 0xfffffffc, 0x9, 0x5, 0x8, 0x7f, 0x20], &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x9, 0x5, 0xe0e0e0e0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xba23})

[ 1564.901493] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:30 executing program 0 (fault-call:1 fault-nth:22):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:30 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0xc4, <r1=>0x0, 0x1})
ioctl$DRM_IOCTL_AGP_UNBIND(0xffffffffffffffff, 0x40106437, &(0x7f00000000c0)={r1, 0x5})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000140))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:30 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x17fff, 0x7f, 0xaa3})

[ 1564.926797] 9pnet: Couldn't grow tag array
05:55:30 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1, 0x100400, 0x0, <r2=>0xffffffffffffffff})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431)

05:55:30 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x10000000, 0xc900)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/uts\x00')
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:30 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x7fffffff, 0x4000)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1564.976589] FAULT_INJECTION: forcing a failure.
[ 1564.976589] name failslab, interval 1, probability 0, space 0, times 0
05:55:30 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0x3})

05:55:30 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x20200)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1565.017726] FAULT_INJECTION: forcing a failure.
[ 1565.017726] name failslab, interval 1, probability 0, space 0, times 0
[ 1565.040841] CPU: 1 PID: 29270 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1565.048751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1565.058234] Call Trace:
[ 1565.060822]  dump_stack+0x1b2/0x281
[ 1565.064451]  should_fail.cold+0x10a/0x149
[ 1565.068603]  should_failslab+0xd6/0x130
[ 1565.072580]  __kmalloc+0x2c1/0x400
[ 1565.076119]  ? p9_fcall_alloc+0x19/0x90
[ 1565.080096]  p9_fcall_alloc+0x19/0x90
[ 1565.083898]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1565.089091]  p9_client_rpc+0x170/0x1520
[ 1565.093068]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1565.098084]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1565.103447]  ? p9_pollwait+0x18e/0x1f0
[ 1565.107324]  ? p9_conn_create+0x4b0/0x4b0
[ 1565.111455]  ? pipe_poll+0x24f/0x2c0
[ 1565.115151]  ? p9_fd_poll+0x237/0x2e0
[ 1565.118939]  ? p9_conn_create+0x3aa/0x4b0
[ 1565.123076]  ? p9_fd_create+0x293/0x3b0
[ 1565.127037]  ? p9_fd_create_tcp+0x440/0x440
[ 1565.131340]  p9_client_create+0x92f/0x12c0
[ 1565.135560]  ? p9_client_flush+0x4c0/0x4c0
[ 1565.139780]  ? __lockdep_init_map+0x100/0x560
[ 1565.144361]  ? __raw_spin_lock_init+0x28/0x100
[ 1565.148931]  v9fs_session_init+0x1c5/0x1540
[ 1565.153236]  ? pcpu_alloc+0xbe0/0xf50
[ 1565.157024]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1565.161858]  ? v9fs_show_options+0x6b0/0x6b0
[ 1565.166248]  ? v9fs_mount+0x54/0x860
[ 1565.169941]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1565.175386]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1565.180391]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1565.185230]  v9fs_mount+0x73/0x860
[ 1565.188761]  ? alloc_pages_current+0x15d/0x260
[ 1565.193331]  ? __lockdep_init_map+0x100/0x560
[ 1565.197815]  mount_fs+0x92/0x2a0
[ 1565.201170]  vfs_kern_mount.part.0+0x5b/0x470
[ 1565.205738]  do_mount+0xe53/0x2a00
[ 1565.209265]  ? copy_mount_string+0x40/0x40
[ 1565.213488]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1565.218492]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.222365]  ? copy_mount_options+0x1fa/0x2f0
[ 1565.226846]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.230712]  SyS_mount+0xa8/0x120
[ 1565.234179]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.238053]  do_syscall_64+0x1d5/0x640
[ 1565.241928]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1565.247097] RIP: 0033:0x45e219
[ 1565.250266] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1565.257953] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1565.265203] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1565.272456] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1565.279708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[ 1565.287052] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1565.298722] 9pnet: Couldn't grow tag array
[ 1565.316611] CPU: 0 PID: 29276 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1565.324512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1565.333845] Call Trace:
[ 1565.336412]  dump_stack+0x1b2/0x281
[ 1565.340029]  should_fail.cold+0x10a/0x149
[ 1565.344164]  should_failslab+0xd6/0x130
[ 1565.348116]  __kmalloc+0x2c1/0x400
[ 1565.351640]  ? p9pdu_readf+0x345/0x1970
[ 1565.355592]  p9pdu_readf+0x345/0x1970
[ 1565.359376]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1565.364755]  ? p9pdu_writef+0xd0/0xd0
[ 1565.368570]  ? p9_fd_poll+0x237/0x2e0
[ 1565.372389]  ? p9_fd_create+0x293/0x3b0
[ 1565.376368]  ? p9_fd_create_tcp+0x440/0x440
[ 1565.380670]  p9_client_create+0x9b2/0x12c0
[ 1565.384972]  ? p9_client_flush+0x4c0/0x4c0
[ 1565.389187]  ? __lockdep_init_map+0x100/0x560
[ 1565.393659]  ? __raw_spin_lock_init+0x28/0x100
[ 1565.398226]  v9fs_session_init+0x1c5/0x1540
[ 1565.402523]  ? pcpu_alloc+0xbe0/0xf50
[ 1565.406307]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1565.411151]  ? v9fs_show_options+0x6b0/0x6b0
[ 1565.415537]  ? v9fs_mount+0x54/0x860
[ 1565.419327]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1565.424753]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1565.429748]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1565.434582]  v9fs_mount+0x73/0x860
[ 1565.438116]  ? alloc_pages_current+0x15d/0x260
[ 1565.442777]  ? __lockdep_init_map+0x100/0x560
[ 1565.447254]  mount_fs+0x92/0x2a0
[ 1565.450600]  vfs_kern_mount.part.0+0x5b/0x470
[ 1565.455074]  do_mount+0xe53/0x2a00
[ 1565.458687]  ? retint_kernel+0x2d/0x2d
[ 1565.462555]  ? copy_mount_string+0x40/0x40
[ 1565.466770]  ? __sanitizer_cov_trace_pc+0x4a/0x50
[ 1565.471588]  ? copy_mount_options+0x1fa/0x2f0
[ 1565.476059]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.479922]  SyS_mount+0xa8/0x120
[ 1565.483378]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.487258]  do_syscall_64+0x1d5/0x640
[ 1565.491127]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1565.496314] RIP: 0033:0x45e219
[ 1565.499494] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1565.507177] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
05:55:30 executing program 1 (fault-call:1 fault-nth:22):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:30 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x7f, 0x3810c0)
ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000040)={0x9})

05:55:30 executing program 4:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x5, 0x208880)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000040)={0x0, 0x0})

05:55:30 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000040)={0x10})

[ 1565.514423] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1565.521672] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1565.528918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[ 1565.536178] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:30 executing program 0 (fault-call:1 fault-nth:23):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:30 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000080)={0x3})

05:55:30 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x92e00)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:30 executing program 2:
r0 = accept(0xffffffffffffffff, &(0x7f0000000040)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x80)
setsockopt$inet_dccp_int(r0, 0x21, 0xb, &(0x7f0000000140)=0x9, 0x4)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x0)
pipe2$9p(0x0, 0x180000)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000))

[ 1565.577787] FAULT_INJECTION: forcing a failure.
[ 1565.577787] name failslab, interval 1, probability 0, space 0, times 0
[ 1565.589429] CPU: 0 PID: 29301 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1565.597423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1565.606776] Call Trace:
[ 1565.609372]  dump_stack+0x1b2/0x281
[ 1565.613004]  should_fail.cold+0x10a/0x149
[ 1565.617158]  should_failslab+0xd6/0x130
[ 1565.621134]  __kmalloc+0x2c1/0x400
[ 1565.624680]  ? p9_fcall_alloc+0x19/0x90
[ 1565.628664]  p9_fcall_alloc+0x19/0x90
[ 1565.632468]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1565.637665]  p9_client_rpc+0x170/0x1520
[ 1565.641639]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1565.646655]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1565.652016]  ? p9_pollwait+0x18e/0x1f0
[ 1565.655903]  ? p9_conn_create+0x4b0/0x4b0
[ 1565.660048]  ? pipe_poll+0x24f/0x2c0
[ 1565.663760]  ? p9_fd_poll+0x237/0x2e0
[ 1565.667560]  ? p9_conn_create+0x3aa/0x4b0
[ 1565.671705]  ? p9_fd_create+0x293/0x3b0
05:55:30 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000040))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x7, 0x8000)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000240)={0x0, 0x5, &(0x7f0000000180)=[0x0, 0x7, 0x6, 0x7f, 0x2], &(0x7f00000001c0)=[0x2, 0x4e5c, 0xfc00, 0x40], &(0x7f0000000200)=[0x8]})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x6, <r3=>0x0, 0x1})
ioctl$DRM_IOCTL_SG_FREE(r1, 0x40106439, &(0x7f00000000c0)={0x5, r3})

[ 1565.675678]  ? p9_fd_create_tcp+0x440/0x440
[ 1565.679999]  p9_client_create+0x92f/0x12c0
[ 1565.682754] FAULT_INJECTION: forcing a failure.
[ 1565.682754] name failslab, interval 1, probability 0, space 0, times 0
[ 1565.684232]  ? p9_client_flush+0x4c0/0x4c0
[ 1565.684249]  ? __lockdep_init_map+0x100/0x560
[ 1565.684264]  ? __raw_spin_lock_init+0x28/0x100
[ 1565.708700]  v9fs_session_init+0x1c5/0x1540
[ 1565.713013]  ? pcpu_alloc+0xbe0/0xf50
[ 1565.716802]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1565.721628]  ? v9fs_show_options+0x6b0/0x6b0
[ 1565.726020]  ? v9fs_mount+0x54/0x860
[ 1565.729713]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1565.735155]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1565.740150]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1565.744972]  v9fs_mount+0x73/0x860
[ 1565.748494]  ? alloc_pages_current+0x15d/0x260
[ 1565.753054]  ? __lockdep_init_map+0x100/0x560
[ 1565.757529]  mount_fs+0x92/0x2a0
[ 1565.760878]  vfs_kern_mount.part.0+0x5b/0x470
[ 1565.765356]  do_mount+0xe53/0x2a00
[ 1565.768877]  ? do_raw_spin_unlock+0x164/0x220
[ 1565.773354]  ? copy_mount_string+0x40/0x40
[ 1565.777567]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1565.782563]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.786430]  ? copy_mount_options+0x1fa/0x2f0
[ 1565.790914]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.794787]  SyS_mount+0xa8/0x120
[ 1565.798219]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.802085]  do_syscall_64+0x1d5/0x640
[ 1565.805958]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1565.811127] RIP: 0033:0x45e219
[ 1565.814293] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1565.821981] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1565.829229] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1565.836478] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1565.843726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[ 1565.850973] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1565.858237] CPU: 1 PID: 29310 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1565.866115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1565.875462] Call Trace:
[ 1565.878047]  dump_stack+0x1b2/0x281
[ 1565.881291] 9pnet: Couldn't grow tag array
[ 1565.881672]  should_fail.cold+0x10a/0x149
[ 1565.881685]  should_failslab+0xd6/0x130
[ 1565.893993]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1565.898664]  p9_fid_create+0x47/0x3a0
[ 1565.902463]  p9_client_attach+0x6d/0x750
[ 1565.906522]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1565.912056]  ? v9fs_session_init+0xad1/0x1540
[ 1565.916562]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1565.921598]  v9fs_session_init+0xc03/0x1540
05:55:31 executing program 3:
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={0x0, 0x4})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:31 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}]})

05:55:31 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f0000000180)={0x2e, &(0x7f0000000140)="99915e94075ad0326b4f53af50ba81aaf077640d255be44e1df9aeadd481dff840909fa961449ea381fa453178b8"})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0xffffffff, 0x9, 0x10000, 0x0, 0x7ff], 0x5, 0x80800, 0x0, <r2=>0xffffffffffffffff})
write$tcp_congestion(r2, &(0x7f00000000c0)='reno\x00', 0x5)

[ 1565.925925]  ? v9fs_show_options+0x6b0/0x6b0
[ 1565.930358]  ? v9fs_mount+0x54/0x860
[ 1565.934068]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1565.939514]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1565.944533]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1565.949377]  v9fs_mount+0x73/0x860
[ 1565.952920]  ? alloc_pages_current+0x15d/0x260
[ 1565.957506]  ? __lockdep_init_map+0x100/0x560
[ 1565.961998]  mount_fs+0x92/0x2a0
[ 1565.965364]  vfs_kern_mount.part.0+0x5b/0x470
[ 1565.969861]  do_mount+0xe53/0x2a00
[ 1565.973415]  ? copy_mount_string+0x40/0x40
[ 1565.977647]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1565.982665]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.986552]  ? copy_mount_options+0x1fa/0x2f0
[ 1565.991045]  ? copy_mnt_ns+0xa30/0xa30
[ 1565.994930]  SyS_mount+0xa8/0x120
[ 1565.998382]  ? copy_mnt_ns+0xa30/0xa30
[ 1566.002267]  do_syscall_64+0x1d5/0x640
[ 1566.006158]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1566.011324] RIP: 0033:0x45e219
[ 1566.014489] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1566.022175] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
05:55:31 executing program 1 (fault-call:1 fault-nth:23):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:31 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x2000000, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:31 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x416b02, 0x0)
r2 = add_key$user(&(0x7f0000000580)='user\x00', &(0x7f00000005c0)={'syz', 0x3}, &(0x7f0000000000)="f8", 0x1, 0xfffffffffffffffb)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_VERSION(r3, 0xc0106407, &(0x7f00000001c0)={0x1, 0x3, 0x81})
r4 = add_key$user(&(0x7f0000000580)='user\x00', &(0x7f00000005c0)={'syz', 0x3}, &(0x7f0000000000)="f8", 0x1, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f00000002c0)={0x0, r4}, 0x0, 0x0, 0x0)
r5 = add_key$user(&(0x7f0000000580)='user\x00', &(0x7f00000005c0)={'syz', 0x3}, &(0x7f0000000000)="f8", 0x1, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f00000002c0)={0x0, r5}, 0x0, 0x0, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000200)={0x0, r2, r2}, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x5, 0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000000)={0x5, 0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000140)={0xe8, <r6=>0x0, 0x2})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000180)={r6, 0x7fffffff})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1566.029544] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1566.036790] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1566.044033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017
[ 1566.051395] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:31 executing program 0 (fault-call:1 fault-nth:24):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:31 executing program 2:
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000040)={&(0x7f0000ffc000/0x4000)=nil, 0x100000000, 0x0, 0x80})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x8, 0x410240)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x3ff], 0x1, 0x80800, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000080)={0x3})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f00000001c0)={0x4, &(0x7f0000000180)=[{}, {}, {}, {}]})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000240)=[0x0]})

05:55:31 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {<r1=>0x0}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={r1, 0x0})

05:55:31 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa1})
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f00000000c0)=0xfd)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000080)=""/49)

[ 1566.116145] FAULT_INJECTION: forcing a failure.
[ 1566.116145] name failslab, interval 1, probability 0, space 0, times 0
[ 1566.155995] FAULT_INJECTION: forcing a failure.
05:55:31 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000001c0)={&(0x7f0000000180)=[0x0, 0x0, 0x0], 0x3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0x1ff})
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000140)={0x90, &(0x7f0000000080)="4a6b99aa65e1e840d8564e886f06cd490a991faae6e3b1cd0f2292d67269081f0fbdeefc9b70dcae70a344ee72bf316c24e3d1850f9b2f3097cf5266d0979d5cb724af5f2b20b80373e5cc07af1085d8590b7c448db4c1553e1ec947ccded637fcd64b3a4d04cb8a27afca4ee9b59e5378cfb363bc6f47395c3e38eb857d5f0250a48f555c2bacea012371a44534b85c"})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000200)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000240)=[0x1, 0x1, 0x40, 0xfdd], 0x4})

[ 1566.155995] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1566.167823] CPU: 1 PID: 29335 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1566.175704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1566.185147] Call Trace:
[ 1566.187759]  dump_stack+0x1b2/0x281
[ 1566.191391]  should_fail.cold+0x10a/0x149
[ 1566.195546]  __alloc_pages_nodemask+0x22c/0x2720
[ 1566.200311]  ? kasan_kmalloc+0x139/0x160
[ 1566.204373]  ? kasan_kmalloc+0xeb/0x160
[ 1566.208343]  ? __kmalloc+0x15a/0x400
[ 1566.212059]  ? p9_fcall_alloc+0x19/0x90
05:55:31 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x20, 0x210b00)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4c0d0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:31 executing program 4:
sendmsg$NLBL_UNLABEL_C_STATICLIST(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x44, 0x0, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_SECCTX={0x27, 0x7, 'system_u:object_r:passwd_exec_t:s0\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x24044840}, 0x80)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:31 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000000c0)={0x5, &(0x7f0000000080)=[{}, {}, {<r2=>0x0}, {}, {}]})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SWITCH_CTX(r3, 0x40086424, &(0x7f0000000100)={r2, 0x2})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:31 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x800)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0xfffffffffffff001, <r1=>0x0, 0x10000})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r3, 0xc00464be, &(0x7f0000000000)={0x1})
ioctl$DRM_IOCTL_AGP_BIND(r2, 0x40106436, &(0x7f0000000080)={r1, 0xfffffffffffffffe})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1566.216039]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1566.221403]  ? p9_client_rpc+0x170/0x1520
[ 1566.225547]  ? p9_client_create+0x92f/0x12c0
[ 1566.230823]  ? v9fs_session_init+0x1c5/0x1540
[ 1566.235322]  ? v9fs_mount+0x73/0x860
[ 1566.239041]  ? mount_fs+0x92/0x2a0
[ 1566.242585]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1566.247263]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1566.252109]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1566.257474]  ? do_syscall_64+0x1d5/0x640
[ 1566.261646]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1566.267007]  ? static_obj+0x50/0x50
[ 1566.270646]  ? cache_alloc_refill+0x2fa/0x350
[ 1566.275154]  cache_grow_begin+0x91/0x630
[ 1566.279216]  ? check_preemption_disabled+0x35/0x240
[ 1566.284231]  cache_alloc_refill+0x273/0x350
[ 1566.288560]  __kmalloc+0x378/0x400
[ 1566.292101]  ? p9_fcall_alloc+0x19/0x90
[ 1566.296071]  p9_fcall_alloc+0x19/0x90
[ 1566.299874]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1566.305069]  p9_client_rpc+0x170/0x1520
[ 1566.309048]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1566.314068]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1566.319431]  ? p9_pollwait+0x18e/0x1f0
[ 1566.323313]  ? p9_conn_create+0x4b0/0x4b0
[ 1566.327460]  ? pipe_poll+0x24f/0x2c0
[ 1566.331172]  ? p9_fd_poll+0x237/0x2e0
[ 1566.334956]  ? p9_conn_create+0x3aa/0x4b0
[ 1566.339089]  ? p9_fd_create+0x293/0x3b0
[ 1566.343046]  ? p9_fd_create_tcp+0x440/0x440
[ 1566.347352]  p9_client_create+0x92f/0x12c0
[ 1566.351572]  ? p9_client_flush+0x4c0/0x4c0
[ 1566.355791]  ? __lockdep_init_map+0x100/0x560
[ 1566.360272]  ? __raw_spin_lock_init+0x28/0x100
[ 1566.364840]  v9fs_session_init+0x1c5/0x1540
[ 1566.369146]  ? pcpu_alloc+0xbe0/0xf50
[ 1566.372960]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1566.377801]  ? v9fs_show_options+0x6b0/0x6b0
[ 1566.382202]  ? v9fs_mount+0x54/0x860
[ 1566.385905]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1566.391336]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1566.396338]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1566.401161]  v9fs_mount+0x73/0x860
[ 1566.404684]  ? alloc_pages_current+0x15d/0x260
[ 1566.409243]  ? __lockdep_init_map+0x100/0x560
[ 1566.413725]  mount_fs+0x92/0x2a0
[ 1566.417083]  vfs_kern_mount.part.0+0x5b/0x470
[ 1566.421560]  do_mount+0xe53/0x2a00
[ 1566.425090]  ? copy_mount_string+0x40/0x40
[ 1566.429306]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1566.434306]  ? copy_mnt_ns+0xa30/0xa30
[ 1566.438181]  ? copy_mount_options+0x1fa/0x2f0
[ 1566.442655]  ? copy_mnt_ns+0xa30/0xa30
[ 1566.446536]  SyS_mount+0xa8/0x120
[ 1566.449970]  ? copy_mnt_ns+0xa30/0xa30
[ 1566.453844]  do_syscall_64+0x1d5/0x640
[ 1566.457737]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1566.462906] RIP: 0033:0x45e219
[ 1566.466088] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1566.473781] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1566.481043] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1566.488300] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1566.495552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018
[ 1566.502802] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1566.510071] CPU: 0 PID: 29331 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1566.517958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1566.527309] Call Trace:
[ 1566.529903]  dump_stack+0x1b2/0x281
[ 1566.533536]  should_fail.cold+0x10a/0x149
[ 1566.537692]  should_failslab+0xd6/0x130
[ 1566.541673]  __kmalloc+0x2c1/0x400
[ 1566.545210]  ? p9_fcall_alloc+0x19/0x90
[ 1566.549182]  p9_fcall_alloc+0x19/0x90
[ 1566.552980]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1566.558163]  p9_client_rpc+0x170/0x1520
[ 1566.562128]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1566.567129]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1566.572468]  ? p9_pollwait+0x18e/0x1f0
[ 1566.576339]  ? p9_conn_create+0x4b0/0x4b0
[ 1566.580472]  ? pipe_poll+0x24f/0x2c0
[ 1566.584163]  ? p9_fd_poll+0x237/0x2e0
[ 1566.587942]  ? p9_conn_create+0x3aa/0x4b0
[ 1566.592068]  ? p9_fd_create+0x293/0x3b0
[ 1566.596023]  ? p9_fd_create_tcp+0x440/0x440
[ 1566.600337]  p9_client_create+0x92f/0x12c0
[ 1566.604559]  ? p9_client_flush+0x4c0/0x4c0
[ 1566.608785]  ? __lockdep_init_map+0x100/0x560
[ 1566.613258]  ? __raw_spin_lock_init+0x28/0x100
[ 1566.617822]  v9fs_session_init+0x1c5/0x1540
[ 1566.622146]  ? pcpu_alloc+0xbe0/0xf50
[ 1566.625932]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1566.630751]  ? v9fs_show_options+0x6b0/0x6b0
[ 1566.635137]  ? v9fs_mount+0x54/0x860
[ 1566.638829]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1566.644272]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1566.649266]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1566.654104]  v9fs_mount+0x73/0x860
[ 1566.657633]  ? alloc_pages_current+0x15d/0x260
[ 1566.662189]  ? __lockdep_init_map+0x100/0x560
[ 1566.666660]  mount_fs+0x92/0x2a0
[ 1566.670007]  vfs_kern_mount.part.0+0x5b/0x470
[ 1566.674480]  do_mount+0xe53/0x2a00
[ 1566.678012]  ? copy_mount_string+0x40/0x40
[ 1566.682223]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1566.687222]  ? copy_mnt_ns+0xa30/0xa30
[ 1566.691098]  ? copy_mount_options+0x1fa/0x2f0
[ 1566.695578]  ? copy_mnt_ns+0xa30/0xa30
[ 1566.699449]  SyS_mount+0xa8/0x120
[ 1566.702876]  ? copy_mnt_ns+0xa30/0xa30
[ 1566.706739]  do_syscall_64+0x1d5/0x640
[ 1566.710607]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1566.715773] RIP: 0033:0x45e219
05:55:31 executing program 1 (fault-call:1 fault-nth:24):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:31 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f00000000c0)=""/4)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080))

05:55:31 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x502)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1566.718941] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1566.726625] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1566.733874] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1566.741127] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1566.748389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017
[ 1566.755635] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1566.763835] 9pnet: Couldn't grow tag array
05:55:31 executing program 0 (fault-call:1 fault-nth:25):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:31 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200000, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000280)={&(0x7f00000001c0)=[0x0, 0x0, 0x0], &(0x7f0000000200)=[{}, {}], 0x7, 0x0, [], 0x3, 0x2})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000140)={&(0x7f0000000000), &(0x7f0000000040)=[{}, {}, {}, {}], 0x9, 0x0, [], 0x0, 0x4})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r3 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0xb0e9565, 0x2)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000440)={&(0x7f0000000300)="101f98af3ed2881e47d5f742509e3e89ce2a6b6261eee9792afc971dcaaa6b406d3a0c4c7828313c0764c345c106eda734304008ef1dcbdc85a030755275a686534d5d46357f99b063a51c22da842f72146f252817dec1e4d766cf5a3e5ca82a87ad0244e2317de976c7197e1387582e19f40ba9455a20286384e15d9ff240e6cf601cf247a9a1c6ed78805a9beaab2a50a7aaea0a51245461975bb775e7c20856ee78e6239a38872e86fad3882638b6c8672f49a34ed0fd267805c899aa11fcc9a22f0c3aabe27de0c51dab21", 0xcd})

05:55:31 executing program 2:
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00'})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:31 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f0000000080)={&(0x7f0000ffc000/0x4000)=nil, 0x2, 0x0, 0x1})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:31 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x2, 0x1}, 0x4)

05:55:31 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)={<r1=>0x0})
r2 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xda, 0x482101)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r2, 0xc01064ac, &(0x7f0000000080)={0x2, 0x1000, &(0x7f00000001c0)=""/4096})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={r1, 0x0})

[ 1566.818813] FAULT_INJECTION: forcing a failure.
[ 1566.818813] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1566.830649] CPU: 1 PID: 29368 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1566.838529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1566.847884] Call Trace:
[ 1566.850476]  dump_stack+0x1b2/0x281
[ 1566.854105]  should_fail.cold+0x10a/0x149
[ 1566.858262]  __alloc_pages_nodemask+0x22c/0x2720
[ 1566.863023]  ? kasan_kmalloc+0x139/0x160
05:55:32 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xfffffffffffffffc, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:32 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1f, 0x67a4c2)
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x6, 0x440500)
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f0000000140)={0x3, &(0x7f00000001c0)=""/4096, &(0x7f0000001280)=[{0x8, 0x42, 0xfffffff7, &(0x7f0000000080)=""/66}, {0x2, 0xaa, 0x3, &(0x7f00000011c0)=""/170}, {0x9, 0x2d, 0x1, &(0x7f0000000100)=""/45}]})

05:55:32 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x301480, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x7, 0x400})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1566.867090]  ? kasan_kmalloc+0xeb/0x160
[ 1566.871061]  ? __kmalloc+0x15a/0x400
[ 1566.874776]  ? p9_fcall_alloc+0x19/0x90
[ 1566.878749]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1566.884111]  ? p9_client_rpc+0x170/0x1520
[ 1566.888257]  ? p9_client_create+0x92f/0x12c0
[ 1566.892664]  ? v9fs_session_init+0x1c5/0x1540
[ 1566.897152]  ? v9fs_mount+0x73/0x860
[ 1566.900856]  ? mount_fs+0x92/0x2a0
[ 1566.904393]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1566.909061]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1566.913910]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1566.919275]  ? do_syscall_64+0x1d5/0x640
[ 1566.923337]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1566.928702]  ? static_obj+0x50/0x50
[ 1566.932338]  ? cache_alloc_refill+0x2fa/0x350
[ 1566.936838]  cache_grow_begin+0x91/0x630
[ 1566.940905]  ? check_preemption_disabled+0x35/0x240
[ 1566.945924]  cache_alloc_refill+0x273/0x350
[ 1566.950247]  __kmalloc+0x378/0x400
[ 1566.953785]  ? p9_fcall_alloc+0x19/0x90
[ 1566.957760]  p9_fcall_alloc+0x19/0x90
[ 1566.960232] FAULT_INJECTION: forcing a failure.
[ 1566.960232] name failslab, interval 1, probability 0, space 0, times 0
[ 1566.961558]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1566.961581]  p9_client_rpc+0x170/0x1520
[ 1566.981976]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1566.986981]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1566.992326]  ? p9_pollwait+0x18e/0x1f0
[ 1566.996196]  ? p9_conn_create+0x4b0/0x4b0
[ 1567.000322]  ? pipe_poll+0x24f/0x2c0
[ 1567.004019]  ? p9_fd_poll+0x237/0x2e0
[ 1567.007817]  ? p9_conn_create+0x3aa/0x4b0
[ 1567.011965]  ? p9_fd_create+0x293/0x3b0
[ 1567.015945]  ? p9_fd_create_tcp+0x440/0x440
[ 1567.020263]  p9_client_create+0x92f/0x12c0
[ 1567.024483]  ? p9_client_flush+0x4c0/0x4c0
[ 1567.028716]  ? __lockdep_init_map+0x100/0x560
[ 1567.033214]  ? __raw_spin_lock_init+0x28/0x100
[ 1567.037778]  v9fs_session_init+0x1c5/0x1540
[ 1567.042097]  ? pcpu_alloc+0xbe0/0xf50
[ 1567.045905]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1567.050746]  ? v9fs_show_options+0x6b0/0x6b0
[ 1567.055156]  ? v9fs_mount+0x54/0x860
[ 1567.058860]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1567.064307]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1567.069322]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1567.074162]  v9fs_mount+0x73/0x860
[ 1567.077696]  ? alloc_pages_current+0x15d/0x260
[ 1567.082272]  ? __lockdep_init_map+0x100/0x560
[ 1567.086751]  mount_fs+0x92/0x2a0
[ 1567.090120]  vfs_kern_mount.part.0+0x5b/0x470
[ 1567.094609]  do_mount+0xe53/0x2a00
[ 1567.098147]  ? copy_mount_string+0x40/0x40
[ 1567.102372]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1567.107469]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.111345]  ? copy_mount_options+0x1fa/0x2f0
[ 1567.115822]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.119692]  SyS_mount+0xa8/0x120
[ 1567.123135]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.127016]  do_syscall_64+0x1d5/0x640
[ 1567.130910]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1567.136078] RIP: 0033:0x45e219
[ 1567.139254] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1567.146974] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1567.154230] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1567.161501] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1567.168758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018
[ 1567.176009] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1567.183274] CPU: 0 PID: 29387 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1567.191158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1567.200507] Call Trace:
[ 1567.203095]  dump_stack+0x1b2/0x281
[ 1567.206727]  should_fail.cold+0x10a/0x149
[ 1567.210867]  should_failslab+0xd6/0x130
[ 1567.214854]  __kmalloc+0x2c1/0x400
[ 1567.218377]  ? p9_fcall_alloc+0x19/0x90
[ 1567.222327]  p9_fcall_alloc+0x19/0x90
[ 1567.226108]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1567.231277]  p9_client_rpc+0x170/0x1520
[ 1567.235233]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1567.240225]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1567.245565]  ? p9_pollwait+0x18e/0x1f0
[ 1567.249436]  ? p9_conn_create+0x4b0/0x4b0
[ 1567.253559]  ? pipe_poll+0x24f/0x2c0
[ 1567.257335]  ? p9_fd_poll+0x237/0x2e0
[ 1567.261129]  ? p9_conn_create+0x3aa/0x4b0
[ 1567.265302]  ? p9_fd_create+0x293/0x3b0
[ 1567.269264]  ? p9_fd_create_tcp+0x440/0x440
[ 1567.273619]  p9_client_create+0x92f/0x12c0
[ 1567.277879]  ? p9_client_flush+0x4c0/0x4c0
[ 1567.282093]  ? __lockdep_init_map+0x100/0x560
[ 1567.286567]  ? __raw_spin_lock_init+0x28/0x100
[ 1567.291165]  v9fs_session_init+0x1c5/0x1540
[ 1567.295464]  ? pcpu_alloc+0xbe0/0xf50
[ 1567.299246]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1567.304071]  ? v9fs_show_options+0x6b0/0x6b0
[ 1567.308458]  ? v9fs_mount+0x54/0x860
[ 1567.312185]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1567.317611]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1567.322656]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1567.327488]  v9fs_mount+0x73/0x860
[ 1567.331003]  ? alloc_pages_current+0x15d/0x260
[ 1567.335567]  ? __lockdep_init_map+0x100/0x560
[ 1567.340043]  mount_fs+0x92/0x2a0
[ 1567.343389]  vfs_kern_mount.part.0+0x5b/0x470
[ 1567.347862]  do_mount+0xe53/0x2a00
[ 1567.351380]  ? do_raw_spin_unlock+0x164/0x220
[ 1567.355861]  ? copy_mount_string+0x40/0x40
[ 1567.360078]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1567.365068]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.368931]  ? copy_mount_options+0x1fa/0x2f0
[ 1567.373400]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.377274]  SyS_mount+0xa8/0x120
[ 1567.380704]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.384567]  do_syscall_64+0x1d5/0x640
[ 1567.388435]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1567.393600] RIP: 0033:0x45e219
[ 1567.396766] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1567.404450] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1567.411713] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
05:55:32 executing program 1 (fault-call:1 fault-nth:25):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:32 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000080)={0x0, 0x8})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:32 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x8, 0x800)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x402000, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f00000000c0))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:32 executing program 0 (fault-call:1 fault-nth:26):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:32 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000080)={&(0x7f0000ffd000/0x2000)=nil})
syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x200, 0x10000)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:32 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f00000003c0)={&(0x7f0000000300)="bb55751da939354b1af4365bc68604bab6d23addbdfef75c8f61a4d93bf3a06849160f1c1b644bca9212009ae31bc1a8e1e59f3a72aca2645fec05cba4ed4f6f9e85f69525ca777d2822382c20bb5b0aca5d122d0df7a3880bde9365cd595b013c35abd503d39c23a673111c5adc5481904216819c7e19bf7065397d7da6c0932b4aa0f27738c3f1806fea049f", 0x8d})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x2840, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x7, 0x0, [], 0x3, 0xa})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f0000000540))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000440)={&(0x7f0000000400)=[<r4=>0x0, 0x0, 0x0], 0x3})
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000500)={0x37, 0x9, 0x3f})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000004c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000480)=[0x0]})

[ 1567.418957] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1567.426221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000019
[ 1567.433468] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1567.444262] 9pnet: Couldn't grow tag array
05:55:32 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x7, 0x141000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x8803, 0x5c9780ad, 0x101})

05:55:32 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000000040)=0x81)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1567.508908] FAULT_INJECTION: forcing a failure.
[ 1567.508908] name failslab, interval 1, probability 0, space 0, times 0
[ 1567.532465] FAULT_INJECTION: forcing a failure.
[ 1567.532465] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1567.544288] CPU: 1 PID: 29412 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1567.552169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1567.561519] Call Trace:
[ 1567.564108]  dump_stack+0x1b2/0x281
[ 1567.567742]  should_fail.cold+0x10a/0x149
[ 1567.571884]  __alloc_pages_nodemask+0x22c/0x2720
[ 1567.576628]  ? kasan_kmalloc+0x139/0x160
[ 1567.580671]  ? kasan_kmalloc+0xeb/0x160
[ 1567.584630]  ? __kmalloc+0x15a/0x400
[ 1567.588328]  ? p9_fcall_alloc+0x19/0x90
[ 1567.592282]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1567.597622]  ? p9_client_rpc+0x170/0x1520
[ 1567.601751]  ? p9_client_create+0x92f/0x12c0
[ 1567.606143]  ? v9fs_session_init+0x1c5/0x1540
[ 1567.610617]  ? v9fs_mount+0x73/0x860
[ 1567.614310]  ? mount_fs+0x92/0x2a0
[ 1567.617826]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1567.622480]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1567.627313]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1567.632655]  ? do_syscall_64+0x1d5/0x640
[ 1567.636696]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1567.642046]  ? static_obj+0x50/0x50
[ 1567.645663]  ? cache_alloc_refill+0x2fa/0x350
[ 1567.650143]  cache_grow_begin+0x91/0x630
[ 1567.654188]  ? check_preemption_disabled+0x35/0x240
[ 1567.659188]  cache_alloc_refill+0x273/0x350
[ 1567.663500]  __kmalloc+0x378/0x400
[ 1567.667028]  ? p9_fcall_alloc+0x19/0x90
[ 1567.670990]  p9_fcall_alloc+0x19/0x90
[ 1567.674773]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1567.679947]  p9_client_rpc+0x170/0x1520
[ 1567.683912]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1567.688914]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1567.694257]  ? p9_pollwait+0x18e/0x1f0
[ 1567.698141]  ? p9_conn_create+0x4b0/0x4b0
[ 1567.702273]  ? pipe_poll+0x24f/0x2c0
[ 1567.705972]  ? p9_fd_poll+0x237/0x2e0
[ 1567.709752]  ? p9_conn_create+0x3aa/0x4b0
[ 1567.713879]  ? p9_fd_create+0x293/0x3b0
[ 1567.717834]  ? p9_fd_create_tcp+0x440/0x440
[ 1567.722145]  p9_client_create+0x92f/0x12c0
[ 1567.726381]  ? p9_client_flush+0x4c0/0x4c0
[ 1567.730597]  ? __lockdep_init_map+0x100/0x560
[ 1567.735079]  ? __raw_spin_lock_init+0x28/0x100
[ 1567.739643]  v9fs_session_init+0x1c5/0x1540
[ 1567.743946]  ? pcpu_alloc+0xbe0/0xf50
[ 1567.747733]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1567.752558]  ? v9fs_show_options+0x6b0/0x6b0
[ 1567.756946]  ? v9fs_mount+0x54/0x860
[ 1567.760639]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1567.766068]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1567.771065]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1567.775890]  v9fs_mount+0x73/0x860
[ 1567.779414]  ? alloc_pages_current+0x15d/0x260
[ 1567.783979]  ? __lockdep_init_map+0x100/0x560
[ 1567.788459]  mount_fs+0x92/0x2a0
[ 1567.791815]  vfs_kern_mount.part.0+0x5b/0x470
[ 1567.796293]  do_mount+0xe53/0x2a00
[ 1567.799813]  ? retint_kernel+0x2d/0x2d
[ 1567.803709]  ? copy_mount_string+0x40/0x40
[ 1567.807931]  ? __sanitizer_cov_trace_pc+0x23/0x50
[ 1567.812752]  ? copy_mount_options+0x1fa/0x2f0
[ 1567.817312]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.821178]  SyS_mount+0xa8/0x120
[ 1567.824614]  ? copy_mnt_ns+0xa30/0xa30
[ 1567.828495]  do_syscall_64+0x1d5/0x640
[ 1567.832390]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1567.837576] RIP: 0033:0x45e219
[ 1567.840746] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1567.848433] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1567.855682] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1567.862937] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1567.870188] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001a
[ 1567.877438] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1567.894145] CPU: 0 PID: 29409 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1567.902071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1567.911415] Call Trace:
[ 1567.914000]  dump_stack+0x1b2/0x281
[ 1567.917639]  should_fail.cold+0x10a/0x149
[ 1567.921800]  should_failslab+0xd6/0x130
[ 1567.925777]  __kmalloc+0x2c1/0x400
[ 1567.929322]  ? p9_fcall_alloc+0x19/0x90
[ 1567.933299]  p9_fcall_alloc+0x19/0x90
[ 1567.937097]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1567.942306]  p9_client_rpc+0x170/0x1520
[ 1567.946283]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1567.951298]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1567.956780]  ? p9_pollwait+0x18e/0x1f0
05:55:33 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x4, 0x40})
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f0000000040)={0x20c, 0x8, 0x4, 0x3ff})

05:55:33 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000000)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{<r2=>0x0}, {}, {}, {}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={r2, 0x0})

05:55:33 executing program 5:
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080))
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:33 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r2, 0xc0286404, &(0x7f0000000040)={&(0x7f0000ffc000/0x2000)=nil})

[ 1567.960669]  ? p9_conn_create+0x4b0/0x4b0
[ 1567.964817]  ? pipe_poll+0x24f/0x2c0
[ 1567.968532]  ? p9_fd_poll+0x237/0x2e0
[ 1567.972339]  ? p9_conn_create+0x3aa/0x4b0
[ 1567.976482]  ? p9_fd_create+0x293/0x3b0
[ 1567.980456]  ? p9_fd_create_tcp+0x440/0x440
[ 1567.984781]  p9_client_create+0x92f/0x12c0
[ 1567.989022]  ? p9_client_flush+0x4c0/0x4c0
[ 1567.993258]  ? __lockdep_init_map+0x100/0x560
[ 1567.997752]  ? __raw_spin_lock_init+0x28/0x100
[ 1568.002334]  v9fs_session_init+0x1c5/0x1540
[ 1568.006659]  ? pcpu_alloc+0xbe0/0xf50
[ 1568.010465]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1568.015301]  ? v9fs_show_options+0x6b0/0x6b0
[ 1568.019749]  ? v9fs_mount+0x54/0x860
[ 1568.023447]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1568.029036]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1568.034038]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1568.038869]  v9fs_mount+0x73/0x860
[ 1568.042398]  ? alloc_pages_current+0x15d/0x260
[ 1568.046959]  ? __lockdep_init_map+0x100/0x560
[ 1568.051435]  mount_fs+0x92/0x2a0
[ 1568.054785]  vfs_kern_mount.part.0+0x5b/0x470
[ 1568.059347]  do_mount+0xe53/0x2a00
[ 1568.062886]  ? retint_kernel+0x2d/0x2d
[ 1568.066754]  ? copy_mount_string+0x40/0x40
[ 1568.070977]  ? __sanitizer_cov_trace_pc+0x23/0x50
[ 1568.075810]  ? copy_mount_options+0x1fa/0x2f0
[ 1568.080299]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.084164]  SyS_mount+0xa8/0x120
[ 1568.087602]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.091470]  do_syscall_64+0x1d5/0x640
[ 1568.095343]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1568.100509] RIP: 0033:0x45e219
[ 1568.103675] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:33 executing program 1 (fault-call:1 fault-nth:26):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:33 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000000c0)={0x5, &(0x7f0000000080)=[{}, {}, {}, {}, {}]})

05:55:33 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x2)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f0000000200)=""/80)
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000040)=""/160)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1568.111359] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1568.118605] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1568.125885] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1568.133130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000019
[ 1568.140377] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1568.148866] 9pnet: Couldn't grow tag array
05:55:33 executing program 0 (fault-call:1 fault-nth:27):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:33 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x3, 0x8000)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:33 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f00000001c0))
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000140)={0x12})
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, 0x1402, 0x8, 0x70bd2a, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x10000)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:33 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f00000000c0)={0xffffff56, 0x1d12, 0xffffff81, 0xff, 0xe31408ce4564c6a8, 0x7})
ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ffd000/0x2000)=nil})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x0, 0xaa3})

[ 1568.188726] FAULT_INJECTION: forcing a failure.
[ 1568.188726] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1568.200572] CPU: 0 PID: 29442 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1568.208465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1568.217819] Call Trace:
[ 1568.220415]  dump_stack+0x1b2/0x281
[ 1568.224051]  should_fail.cold+0x10a/0x149
[ 1568.228202]  __alloc_pages_nodemask+0x22c/0x2720
[ 1568.232958]  ? kasan_kmalloc+0x139/0x160
05:55:33 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x1419c1)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0x1, 0x84, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000040)={0x40, 0x0, 0x7ff, 0x1ff, 0x4, 0x3, 0x8000})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', 0x0, 0x18}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000800)

[ 1568.237017]  ? kasan_kmalloc+0xeb/0x160
[ 1568.240986]  ? __kmalloc+0x15a/0x400
[ 1568.244698]  ? p9_fcall_alloc+0x19/0x90
[ 1568.248668]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1568.254039]  ? p9_client_rpc+0x170/0x1520
[ 1568.258189]  ? p9_client_create+0x92f/0x12c0
[ 1568.262593]  ? v9fs_session_init+0x1c5/0x1540
[ 1568.267081]  ? v9fs_mount+0x73/0x860
[ 1568.270785]  ? mount_fs+0x92/0x2a0
[ 1568.274327]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1568.279111]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1568.283954]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
05:55:33 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x80000, <r0=>0xffffffffffffffff})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x62140, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000140))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x2676d621, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f00000000c0)={0x0, 0x22f, 0x5, 0x1, 0x1a, 0x0, 0x5})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r1, 0x80f86406, &(0x7f00000002c0)=""/42)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r4, 0x10, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x2008841}, 0x8000)

05:55:33 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000700)={0x0, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000740)={0x20, 0x6da})
r2 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0)='devlink\x00')
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x808101}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x60, r2, 0x20, 0x70bd2d, 0x25dfdbfd, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, 0xffffffffffffffff}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x4}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3e8, 0x20, 0x70bd27, 0x25dfdbfc, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x2400c080}, 0x10)
r3 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_EEE_SET(r3, &(0x7f00000006c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000680)={&(0x7f0000000340)={0x32c, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}, @ETHTOOL_A_EEE_ENABLED={0x5}, @ETHTOOL_A_EEE_MODES_OURS={0x2d0, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x63, 0x4, "bc56388870fea43c08a7029b9b14ee1b071afc5afb4a2b72bb57c9783ea08cdb73a41d803011d82e9e9402cc0f78dcdf8e99b7a092a34fcdc4aaf23831f0538b6cb47c881e9a346c4f10d23f6fb32aec357db368c22bf000fa11a57a2a16e8"}, @ETHTOOL_A_BITSET_VALUE={0xc7, 0x4, "49682d12c12650097aa7e0018cae9606102bfc6bf55185324e0311a4fcfc7eb7d20aab6f47b06afd254d61adfe7ab28e6604ee825ea5c03d76057d2c320f7f6884a64e55c137b8ac45d24bed66a5bf621a6c1a8941971cb660ce0845d034c3df0af6157ac3843416bfd2b50afa553efa7d585f6f2b85c764b59e51185e3b813bd6e99db62b3081243f906e0f0695b8542fd04c7e5a351d025fbb8ae32a395ed51fb71ddcce5157f389f28a083bdcce0a96a306e2571c080b78482afa723f6c52072dba"}, @ETHTOOL_A_BITSET_VALUE={0xea, 0x4, "493227c4acf633cc4a16c78e9e382457edc393ed624ac31daaab375e59b73c01f4781820d10b7fd47792ab8aafe3609d8e52b62093d77a508b3718c67cb403668182e52e3450660cc5e2b71138dabebbf08f77a3401b7a3c83956cc2ef108397f638ea4018e635109946f15c23ff196f55cea46116dcd125a7d5de9c9deaba1b834cd28165f2875624561ade1052cadf5dd23c781d79be8c46a22e04cb2fd52a24000c603e8bc9a68aa73541566ccd68a4bf937331ad56a7eadcd9b83d2bfac2df96e51219351e5ed8680024375d48d519216ffcf9b583799046a2dce9a66ccf824e89b40cc9"}, @ETHTOOL_A_BITSET_MASK={0x4d, 0x5, "8de034f39dbc764b3cabc59b5c0b0945d5b5d98772c7e80c24804aac1844981c92f56704b67ee5afc9e220731f6b6d4023e537ca91d820a5988617afd4c03872bb1572d660b1cf50a9"}, @ETHTOOL_A_BITSET_MASK={0x3e, 0x5, "ad264bf84eb8966cb27a8f22a5c3468fe23eba549041f52603ae65623f3b6377badd47539a9b7e282e44d3bfc909483f5efa2001d62362ed66c8"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x3}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x100}, @ETHTOOL_A_BITSET_MASK={0x10, 0x5, "ca293cef833617402e1acc71"}]}, @ETHTOOL_A_EEE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}]}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x8}, @ETHTOOL_A_EEE_TX_LPI_ENABLED={0x5}, @ETHTOOL_A_EEE_ENABLED={0x5, 0x5, 0x1}]}, 0x32c}, 0x1, 0x0, 0x0, 0x1}, 0x20000880)

[ 1568.289313]  ? do_syscall_64+0x1d5/0x640
[ 1568.293371]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1568.298734]  ? static_obj+0x50/0x50
[ 1568.302368]  ? cache_alloc_refill+0x2fa/0x350
[ 1568.306866]  cache_grow_begin+0x91/0x630
[ 1568.310936]  ? check_preemption_disabled+0x35/0x240
[ 1568.315955]  cache_alloc_refill+0x273/0x350
[ 1568.320275]  __kmalloc+0x378/0x400
[ 1568.323814]  ? p9_fcall_alloc+0x19/0x90
[ 1568.327792]  p9_fcall_alloc+0x19/0x90
[ 1568.331592]  p9_client_prepare_req.part.0+0x7f8/0xb60
05:55:33 executing program 5:
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7fffffff, 0x9, 0xdee, 0x1, 0x7], 0x5, 0x80800, 0x0, <r0=>0xffffffffffffffff})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x800, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x5, 0xe816, 0x7f, 0x1, 0x818, r0, 0x1, [], 0x0, r1, 0x5, 0x0, 0x4}, 0x40)
r2 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x2009c7, 0x408881)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x600, 0x7f, 0x4})
socket$inet_udplite(0x2, 0x2, 0x88)

05:55:33 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x8, 0x101)
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x8, 0x80000001, 0x4})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1568.336788]  p9_client_rpc+0x170/0x1520
[ 1568.340761]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1568.345774]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1568.351135]  ? p9_pollwait+0x18e/0x1f0
[ 1568.355020]  ? p9_conn_create+0x4b0/0x4b0
[ 1568.359171]  ? pipe_poll+0x24f/0x2c0
[ 1568.362884]  ? p9_fd_poll+0x237/0x2e0
[ 1568.366689]  ? p9_conn_create+0x3aa/0x4b0
[ 1568.370840]  ? p9_fd_create+0x293/0x3b0
[ 1568.374815]  ? p9_fd_create_tcp+0x440/0x440
[ 1568.379137]  p9_client_create+0x92f/0x12c0
[ 1568.383384]  ? p9_client_flush+0x4c0/0x4c0
[ 1568.387634]  ? __lockdep_init_map+0x100/0x560
[ 1568.392132]  ? __raw_spin_lock_init+0x28/0x100
[ 1568.396720]  v9fs_session_init+0x1c5/0x1540
[ 1568.401045]  ? pcpu_alloc+0xbe0/0xf50
[ 1568.404851]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1568.409690]  ? v9fs_show_options+0x6b0/0x6b0
[ 1568.414098]  ? v9fs_mount+0x54/0x860
[ 1568.417139] FAULT_INJECTION: forcing a failure.
[ 1568.417139] name failslab, interval 1, probability 0, space 0, times 0
[ 1568.417808]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1568.417820]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1568.417841]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1568.444270]  v9fs_mount+0x73/0x860
[ 1568.447808]  ? alloc_pages_current+0x15d/0x260
[ 1568.452378]  ? __lockdep_init_map+0x100/0x560
[ 1568.456858]  mount_fs+0x92/0x2a0
[ 1568.460218]  vfs_kern_mount.part.0+0x5b/0x470
[ 1568.464727]  do_mount+0xe53/0x2a00
[ 1568.468264]  ? do_raw_spin_unlock+0x164/0x220
[ 1568.472754]  ? copy_mount_string+0x40/0x40
[ 1568.477011]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1568.482012]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.485889]  ? copy_mount_options+0x1fa/0x2f0
[ 1568.490364]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.494233]  SyS_mount+0xa8/0x120
[ 1568.497666]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.501534]  do_syscall_64+0x1d5/0x640
[ 1568.505420]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1568.510595] RIP: 0033:0x45e219
[ 1568.513765] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1568.521452] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1568.528699] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1568.535947] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1568.543202] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001a
[ 1568.550450] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1568.557785] CPU: 1 PID: 29469 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1568.565674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1568.575026] Call Trace:
[ 1568.577615]  dump_stack+0x1b2/0x281
[ 1568.581240]  should_fail.cold+0x10a/0x149
[ 1568.585369]  should_failslab+0xd6/0x130
[ 1568.589322]  __kmalloc+0x2c1/0x400
[ 1568.592842]  ? p9pdu_readf+0x345/0x1970
[ 1568.596801]  p9pdu_readf+0x345/0x1970
[ 1568.600582]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1568.605929]  ? p9pdu_writef+0xd0/0xd0
[ 1568.609707]  ? p9_fd_poll+0x237/0x2e0
[ 1568.613487]  ? p9_fd_create+0x293/0x3b0
[ 1568.617442]  ? p9_fd_create_tcp+0x440/0x440
[ 1568.621743]  p9_client_create+0x9b2/0x12c0
[ 1568.625958]  ? p9_client_flush+0x4c0/0x4c0
[ 1568.630179]  ? __lockdep_init_map+0x100/0x560
[ 1568.634657]  ? __raw_spin_lock_init+0x28/0x100
[ 1568.639220]  v9fs_session_init+0x1c5/0x1540
[ 1568.643520]  ? pcpu_alloc+0xbe0/0xf50
[ 1568.647302]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1568.652127]  ? v9fs_show_options+0x6b0/0x6b0
[ 1568.656514]  ? v9fs_mount+0x54/0x860
[ 1568.660248]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1568.665675]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1568.670671]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1568.675492]  v9fs_mount+0x73/0x860
[ 1568.679011]  ? alloc_pages_current+0x15d/0x260
[ 1568.683569]  ? __lockdep_init_map+0x100/0x560
[ 1568.688050]  mount_fs+0x92/0x2a0
[ 1568.691448]  vfs_kern_mount.part.0+0x5b/0x470
[ 1568.695964]  do_mount+0xe53/0x2a00
[ 1568.699520]  ? do_raw_spin_unlock+0x164/0x220
[ 1568.703996]  ? copy_mount_string+0x40/0x40
[ 1568.708253]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1568.713247]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.717112]  ? copy_mount_options+0x1fa/0x2f0
[ 1568.721588]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.725459]  SyS_mount+0xa8/0x120
[ 1568.728900]  ? copy_mnt_ns+0xa30/0xa30
[ 1568.732774]  do_syscall_64+0x1d5/0x640
[ 1568.736643]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
05:55:33 executing program 1 (fault-call:1 fault-nth:27):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:33 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x3, 0x400)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{}]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:33 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r0})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x925c2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r3, 0xc0286404, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil})
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000040)={0x9, 0x9a4, 0x6, 0x2da, 0x3, 0xdb5, 0x7fffffff})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:33 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x4080)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000)={0x9}, 0x8)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)={0xc000}, 0x8)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000040)={0x17}, 0x8)

05:55:33 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000140)=[0x3, 0x9762, 0x8000, 0x6], 0x4, 0xc0800, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000080)={0x0, 0x887a})
ioctl$DRM_IOCTL_AUTH_MAGIC(0xffffffffffffffff, 0x40046411, &(0x7f0000000040))

05:55:33 executing program 0 (fault-call:1 fault-nth:28):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1568.741810] RIP: 0033:0x45e219
[ 1568.744978] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1568.752665] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1568.759915] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1568.767204] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1568.774459] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001b
[ 1568.781716] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:33 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
getsockname(0xffffffffffffffff, &(0x7f0000000140)=@vsock={0x28, 0x0, 0x0, @hyper}, &(0x7f00000001c0)=0x80)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000000c0)={&(0x7f0000000080)=[0x4, 0x6, 0x2, 0x8, 0x2f2, 0x8], 0x6, 0x2, 0x10001, 0xffffff00, 0x9, 0x3f5, 0x1a8, {0x5, 0x3d3, 0x1f, 0x33, 0x5, 0x800, 0x7, 0x1, 0x100, 0x9, 0x4, 0x1, 0x1, 0x0, "9a8d0e3f5c2fd7fef116335b74cf97b3b9d4a55ba3f0dfba906b2ab2727d1526"}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r2=>0x0})
getsockname$packet(r1, &(0x7f0000000280)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x78, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x1}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x4048801}, 0x8004)

[ 1568.845643] FAULT_INJECTION: forcing a failure.
[ 1568.845643] name failslab, interval 1, probability 0, space 0, times 0
[ 1568.873959] FAULT_INJECTION: forcing a failure.
[ 1568.873959] name failslab, interval 1, probability 0, space 0, times 0
[ 1568.885353] CPU: 0 PID: 29489 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1568.893225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1568.902569] Call Trace:
[ 1568.905145]  dump_stack+0x1b2/0x281
[ 1568.908753]  should_fail.cold+0x10a/0x149
[ 1568.912887]  should_failslab+0xd6/0x130
[ 1568.916871]  kmem_cache_alloc+0x40/0x3c0
[ 1568.920916]  radix_tree_node_alloc.constprop.0+0x1b0/0x2f0
[ 1568.926523]  radix_tree_extend+0x158/0x3e0
[ 1568.930750]  idr_get_free_cmn+0x650/0x8d0
[ 1568.934891]  idr_alloc_cmn+0xe8/0x1e0
[ 1568.938673]  ? __fprop_inc_percpu_max+0x1d0/0x1d0
[ 1568.943493]  ? lock_acquire+0x170/0x3f0
[ 1568.947455]  p9_idpool_get+0x80/0xf0
[ 1568.951156]  ? p9_idpool_destroy+0x20/0x20
[ 1568.955367]  ? __lock_acquire+0x5fc/0x3f20
[ 1568.959585]  p9_client_prepare_req.part.0+0x65/0xb60
[ 1568.964677]  ? trace_hardirqs_on+0x10/0x10
[ 1568.968893]  ? idr_get_free_cmn+0x562/0x8d0
[ 1568.973196]  p9_client_rpc+0x170/0x1520
[ 1568.977182]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1568.982531]  ? lock_acquire+0x170/0x3f0
[ 1568.986489]  ? lock_downgrade+0x740/0x740
[ 1568.990617]  ? lock_acquire+0x170/0x3f0
[ 1568.994572]  ? lock_downgrade+0x740/0x740
[ 1568.998704]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1569.003798]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1569.008801]  p9_client_attach+0x137/0x750
[ 1569.012933]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1569.018449]  ? v9fs_session_init+0xad1/0x1540
[ 1569.022928]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1569.027946]  v9fs_session_init+0xc03/0x1540
[ 1569.032264]  ? v9fs_show_options+0x6b0/0x6b0
[ 1569.036669]  ? v9fs_mount+0x54/0x860
[ 1569.040368]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1569.045805]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.050800]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1569.055625]  v9fs_mount+0x73/0x860
[ 1569.059147]  ? alloc_pages_current+0x15d/0x260
[ 1569.063707]  ? __lockdep_init_map+0x100/0x560
[ 1569.068184]  mount_fs+0x92/0x2a0
[ 1569.071534]  vfs_kern_mount.part.0+0x5b/0x470
[ 1569.076010]  do_mount+0xe53/0x2a00
[ 1569.079534]  ? copy_mount_string+0x40/0x40
[ 1569.083747]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.088742]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.092612]  ? copy_mount_options+0x1fa/0x2f0
[ 1569.097085]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.100952]  SyS_mount+0xa8/0x120
[ 1569.104383]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.108248]  do_syscall_64+0x1d5/0x640
[ 1569.112119]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1569.117289] RIP: 0033:0x45e219
[ 1569.120457] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1569.128231] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1569.135485] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1569.142739] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1569.149985] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001c
[ 1569.157234] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1569.164508] CPU: 1 PID: 29482 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1569.172391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1569.181741] Call Trace:
[ 1569.184336]  dump_stack+0x1b2/0x281
[ 1569.187981]  should_fail.cold+0x10a/0x149
[ 1569.192134]  should_failslab+0xd6/0x130
[ 1569.196110]  __kmalloc+0x2c1/0x400
[ 1569.199649]  ? p9pdu_readf+0x345/0x1970
[ 1569.203625]  p9pdu_readf+0x345/0x1970
[ 1569.207427]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1569.212794]  ? p9pdu_writef+0xd0/0xd0
[ 1569.216595]  ? p9_fd_poll+0x237/0x2e0
[ 1569.220402]  ? p9_fd_create+0x293/0x3b0
[ 1569.224374]  ? p9_fd_create_tcp+0x440/0x440
[ 1569.228694]  p9_client_create+0x9b2/0x12c0
[ 1569.232935]  ? p9_client_flush+0x4c0/0x4c0
[ 1569.237173]  ? __lockdep_init_map+0x100/0x560
[ 1569.241669]  ? __raw_spin_lock_init+0x28/0x100
[ 1569.246251]  v9fs_session_init+0x1c5/0x1540
[ 1569.250571]  ? pcpu_alloc+0xbe0/0xf50
[ 1569.254377]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1569.259236]  ? v9fs_show_options+0x6b0/0x6b0
[ 1569.263642]  ? v9fs_mount+0x54/0x860
[ 1569.267349]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1569.272798]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.277818]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1569.282664]  v9fs_mount+0x73/0x860
[ 1569.286198]  ? alloc_pages_current+0x15d/0x260
[ 1569.290772]  ? __lockdep_init_map+0x100/0x560
05:55:34 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x6, 0x40c0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:34 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000080)={0x1, 0x5, 0x3, 0x16c00000, 0x10, 0x100})
getsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:34 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x2, 0x400000)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000140)={&(0x7f0000000080)=[0x5, 0x8, 0x2, 0x9, 0x9, 0x80000001, 0x5], 0x7, 0x6, 0x4, 0x1, 0x100, 0x3, 0x3f43, {0x8, 0x0, 0x4, 0x100, 0x1, 0x5, 0x3, 0x9, 0x200, 0x4, 0x100, 0x100, 0xa52000, 0x9, "d1d1a59ae4fbca306f1ef0c2347de5a4aeb1ad46054ed508b53692e73952031a"}})

05:55:34 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000000)=[0x8000, 0x9, 0x4, 0x4499, 0x44, 0x3], 0x6, 0x80000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000180)={0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x9, 0x9], 0x3, 0x80800, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_CLOSE(r2, 0x40086409, &(0x7f00000000c0))

05:55:34 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$NET_DM_CMD_START(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x400c0)
r2 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x4, 0x80)
ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f0000000080)={0x5})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000))

[ 1569.295267]  mount_fs+0x92/0x2a0
[ 1569.298638]  vfs_kern_mount.part.0+0x5b/0x470
[ 1569.303130]  do_mount+0xe53/0x2a00
[ 1569.306669]  ? do_raw_spin_unlock+0x164/0x220
[ 1569.311163]  ? copy_mount_string+0x40/0x40
[ 1569.315395]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.320406]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.324293]  ? copy_mount_options+0x1fa/0x2f0
[ 1569.328783]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.332683]  SyS_mount+0xa8/0x120
[ 1569.336125]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.339992]  do_syscall_64+0x1d5/0x640
05:55:34 executing program 1 (fault-call:1 fault-nth:28):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:34 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f00000008c0)={0xa, &(0x7f0000000000)=""/167, &(0x7f00000007c0)=[{0x0, 0x95, 0x1, &(0x7f00000001c0)=""/149}, {0x400, 0x97, 0x4, &(0x7f0000000280)=""/151}, {0x0, 0xdb, 0x8, &(0x7f0000000340)=""/219}, {0x5, 0xb3, 0x2, &(0x7f0000000440)=""/179}, {0x39, 0x23, 0x5, &(0x7f00000000c0)=""/35}, {0x7, 0xe7, 0x4, &(0x7f0000000500)=""/231}, {0xf441, 0xb8, 0xd43, &(0x7f0000000600)=""/184}, {0x1, 0x8c, 0x9ad2, &(0x7f00000006c0)=""/140}, {0x8, 0x0, 0x4, &(0x7f0000000140)}, {0x0, 0x3d, 0x1ff, &(0x7f0000000780)=""/61}]})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000e00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000940)={0x460, 0x3f3, 0x10, 0x70bd2b, 0x25dfdbff, {0x3, 0x1, 0x9, [0x7, 0x2, 0x1, 0x7, 0x200, 0x7f, 0x7, 0x7ff, 0x1, 0x8, 0x4, 0x4, 0x4, 0x7ff, 0x466e6597, 0x40, 0x9, 0x0, 0x972, 0x2, 0x5, 0x2, 0xfffffbff, 0x431, 0xde, 0x8, 0x200, 0x0, 0x3b5b, 0x5, 0x93f, 0x1, 0x9, 0xff, 0x10001, 0x0, 0x51, 0x365, 0x957c, 0x4, 0xd7, 0x6, 0x5, 0x8001, 0x4, 0x5c, 0x7ff, 0xdf87, 0x1, 0x6, 0xff, 0x7f, 0x512, 0x7, 0x80, 0x7fffffff, 0x0, 0xe70f, 0x400, 0x7ff, 0x0, 0x2, 0x6, 0x6], [0x698, 0x3ff, 0x80, 0x7ff, 0x7f, 0x2, 0x1, 0x2, 0x7, 0xffffffff, 0x5, 0x401, 0x3, 0x7, 0x6, 0xb84a, 0x40, 0x1000, 0x900, 0x401, 0x1, 0x5, 0x1, 0x8, 0x8, 0x0, 0x1e58007d, 0x401, 0x7, 0x6, 0xfff, 0xfffe, 0x1, 0x0, 0x8, 0x6ed3, 0x6, 0x1, 0x9, 0xce, 0x1, 0x8, 0x101, 0x1f, 0x0, 0x0, 0x0, 0x80000000, 0x6, 0x0, 0x101, 0x6, 0x3, 0x2, 0x1f, 0x1, 0x0, 0x0, 0x4e, 0x394, 0x101, 0x7f, 0x8, 0x1], [0xa5, 0x7, 0x0, 0x2, 0xffffffff, 0x80000000, 0xcde, 0x61ce, 0x2, 0x6, 0x0, 0x401, 0x2, 0x0, 0x1, 0xfff, 0x4, 0x6, 0x4, 0x100, 0x6, 0x1f, 0x8, 0x0, 0x7fff, 0x8, 0x4, 0x2, 0x8bbc, 0x2, 0x400, 0x7f, 0x3a7a, 0x5, 0x6b, 0xffffffff, 0x30, 0xf0, 0x6, 0x8001, 0x7fffffff, 0xe16, 0x0, 0x1, 0x0, 0x0, 0x7, 0x5, 0x4, 0x4, 0x1fb, 0xf5d, 0x800, 0xf10, 0x7, 0x10001, 0x6, 0x6, 0x8, 0x1000, 0x7, 0x8, 0x100, 0x46], [0x4, 0x9, 0xdbb, 0x4, 0x8, 0x0, 0x0, 0xfffffffd, 0x1, 0x1, 0x9, 0x30, 0x1, 0x400, 0xfffffffe, 0xb35, 0xff, 0x1, 0x8, 0xf63, 0x6, 0x2, 0x8001, 0x4, 0x1e, 0x7ff, 0x83, 0x40, 0x1, 0x0, 0x7fff, 0x4, 0x101, 0x20, 0x2, 0xffff32fe, 0xff, 0xfffffff8, 0x5, 0x80, 0x1000, 0x9, 0x0, 0x100, 0xcb39, 0x44, 0x7, 0x6, 0x1, 0xffffffff, 0x12, 0x8000, 0x0, 0x9, 0x1ff, 0x3f, 0xfff, 0x6, 0x8001, 0x3, 0x7, 0x9, 0x5, 0x40], 0x3f, ['/dev/zero\x00', '/dev/zero\x00', '/dev/zero\x00', '/dev/zero\x00', '\\\xd3)\x00', ']-\x00', '/dev/dri/card#\x00', '\x00']}, ["", "", "", ""]}, 0x460}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000140)={&(0x7f0000fff000/0x1000)=nil})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000e40))
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:34 executing program 3:
r0 = gettid()
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000000), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="44d20080", @ANYRES16=0x0, @ANYBLOB="000526bd7000fddbdf250a00000008003b002000000005003500020000000500380000000000050030000000000008000600", @ANYRES32=r2, @ANYBLOB="08000600", @ANYRES32=0x0, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x40005)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000440)=@bridge_setlink={0x2dc, 0x13, 0x1, 0x70bd2d, 0x25dfdbfe, {0x7, 0x0, 0x0, 0x0, 0x10000, 0x49320}, [@IFLA_NET_NS_PID={0x8, 0x13, r0}, @IFLA_LINKINFO={0x5c, 0x12, 0x0, 0x1, @bond={{0x9, 0x1, 'bond\x00'}, {0x4c, 0x2, 0x0, 0x1, [@IFLA_BOND_ALL_SLAVES_ACTIVE={0x5, 0x11, 0x6}, @IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x8}, @IFLA_BOND_MODE={0x5, 0x1, 0x2}, @IFLA_BOND_ALL_SLAVES_ACTIVE={0x5, 0x11, 0x3f}, @IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x2}, @IFLA_BOND_LP_INTERVAL={0x8, 0x13, 0x6}, @IFLA_BOND_MODE={0x5, 0x1, 0x5}, @IFLA_BOND_XMIT_HASH_POLICY={0x5, 0xe, 0x3}, @IFLA_BOND_ARP_VALIDATE={0x8}]}}}, @IFLA_MASTER={0x8, 0xa, r2}, @IFLA_VF_PORTS={0x1dc, 0x18, 0x0, 0x1, [{0x64, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "25d904824abc637b59f7143076a5df14"}, @IFLA_PORT_PROFILE={0xe, 0x2, '/dev/zero\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "6cba4d4589a6133165715e8d8d380415"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "f5cb9632b78d8ba12021c9760fde8000"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "daaee93b06ca01d0feeb8498a54aa62e"}]}, {0x58, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0x8}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "be43248d2364da2a0cf19e8fb1e03f2b"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "7ec53bba6340c43afbc4bde463e6a58f"}, @IFLA_PORT_VF={0x8, 0x1, 0x1a}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "8f0509735473313064bf5b64c1503480"}, @IFLA_PORT_VF={0x8, 0x1, 0x4}]}, {0x6c, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "c5b73ae8dc1730b8ff3b176061d67534"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "a0065ebbbaa835efd44fa93d9f5e5d34"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x81}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x1}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "323fbb64f4dbec0f5d140e97efb87b7e"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "ca2404d1e50cc3e2d39a3d91edb66205"}, @IFLA_PORT_VF={0x8, 0x1, 0x365f}]}, {0x5c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x3f}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "c76109d8fe3a362df3446692be606b31"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "2f01cfb30e43164110b6ecadbb678736"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "a0f9928b79d820eed603f8901d7b717b"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "9aaefcfbc4c2d9a7f9412eea5282e564"}]}, {0x50, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "346e3399083aedfd31ab092ee35ece99"}, @IFLA_PORT_VF={0x8, 0x1, 0x8}, @IFLA_PORT_VF={0x8, 0x1, 0x10001}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "38a76a9f977f4482e434807b74341661"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9edf1170ba252dc560237d78ccbbe880"}]}, {0x4}]}, @IFLA_BROADCAST={0xa, 0x2, @remote}, @IFLA_LINKINFO={0x60, 0x12, 0x0, 0x1, @erspan={{0xb, 0x1, 'erspan\x00'}, {0x50, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x3}, @IFLA_GRE_LOCAL={0x8, 0x6, @multicast2}, @IFLA_GRE_TOS={0x5, 0x9, 0xff}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0xe4}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x1}, @IFLA_GRE_LOCAL={0x8, 0x6, @local}, @IFLA_GRE_IKEY={0x8, 0x4, 0xda}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}, @IFLA_GRE_PMTUDISC={0x5, 0xa, 0x1}]}}}, @IFLA_LINK_NETNSID={0x8}]}, 0x2dc}, 0x1, 0x0, 0x0, 0x1}, 0x40010)
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r3, 0x40106436, &(0x7f0000000000))
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r4, 0xc0106438, &(0x7f00000001c0)={0x3})
r5 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00')
r7 = ioctl$NS_GET_PARENT(r4, 0xb702, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f0000000780)={&(0x7f00000002c0), 0xc, &(0x7f0000000740)={&(0x7f0000000340)={0x30, r6, 0x20, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x1, 0x67}, @void, @void}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x10000, 0x26}}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r7}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004004}, 0x4)
socket$netlink(0x10, 0x3, 0x7)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00'})
ioctl$DRM_IOCTL_RES_CTX(r3, 0xc0106426, &(0x7f00000000c0)={0x9, &(0x7f0000000040)=[{}, {}, {}, {}, {<r8=>0x0}, {}, {}, {}, {}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r5, 0x4010641c, &(0x7f0000000180)={r8, &(0x7f0000000140)})

05:55:34 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
openat$cgroup_devices(r1, &(0x7f0000000040)='devices.allow\x00', 0x2, 0x0)

05:55:34 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(0xffffffffffffffff, 0xc0186419, &(0x7f0000001400)={0x5, &(0x7f0000000080)=""/148, &(0x7f0000001380)=[{0x5, 0xcb, 0x9, &(0x7f0000000140)=""/203}, {0x81, 0x28, 0x6da, &(0x7f0000000240)=""/40}, {0x7fffffff, 0x1000, 0x1, &(0x7f0000000280)=""/4096}, {0x3, 0x2a, 0xfffff3cc, &(0x7f0000001280)=""/42}, {0x5, 0x9e, 0x0, &(0x7f00000012c0)=""/158}]})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000001480)=""/83)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
ioctl$SIOCGSTAMPNS(r1, 0x8907, &(0x7f0000001440))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa5})
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f00000015c0)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001580)={&(0x7f0000001540)={0x10, 0x3f5, 0x4, 0x70bd2d, 0x25dfdbfe, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)

[ 1569.343873]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1569.349048] RIP: 0033:0x45e219
[ 1569.352216] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1569.359900] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1569.367204] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1569.374495] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1569.381740] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001b
[ 1569.388988] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:34 executing program 0 (fault-call:1 fault-nth:29):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1569.456018] FAULT_INJECTION: forcing a failure.
[ 1569.456018] name failslab, interval 1, probability 0, space 0, times 0
[ 1569.458500] FAULT_INJECTION: forcing a failure.
[ 1569.458500] name failslab, interval 1, probability 0, space 0, times 0
[ 1569.477375] CPU: 1 PID: 29518 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1569.486765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1569.496108] Call Trace:
[ 1569.498683]  dump_stack+0x1b2/0x281
[ 1569.502293]  should_fail.cold+0x10a/0x149
[ 1569.506426]  should_failslab+0xd6/0x130
[ 1569.510384]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1569.515035]  p9_fid_create+0x47/0x3a0
[ 1569.518820]  p9_client_attach+0x6d/0x750
[ 1569.522877]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1569.530752]  ? v9fs_session_init+0xad1/0x1540
[ 1569.535241]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1569.540266]  v9fs_session_init+0xc03/0x1540
[ 1569.544576]  ? v9fs_show_options+0x6b0/0x6b0
[ 1569.548964]  ? v9fs_mount+0x54/0x860
[ 1569.552657]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1569.558086]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.563089]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1569.567912]  v9fs_mount+0x73/0x860
[ 1569.571433]  ? alloc_pages_current+0x15d/0x260
[ 1569.576001]  ? __lockdep_init_map+0x100/0x560
[ 1569.580477]  mount_fs+0x92/0x2a0
[ 1569.583826]  vfs_kern_mount.part.0+0x5b/0x470
[ 1569.588301]  do_mount+0xe53/0x2a00
[ 1569.591828]  ? copy_mount_string+0x40/0x40
[ 1569.596060]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.601067]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.604943]  ? copy_mount_options+0x1fa/0x2f0
[ 1569.609417]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.613286]  SyS_mount+0xa8/0x120
[ 1569.616718]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.620587]  do_syscall_64+0x1d5/0x640
[ 1569.624460]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1569.629628] RIP: 0033:0x45e219
[ 1569.632796] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1569.640484] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1569.647740] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1569.654990] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1569.662241] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001c
[ 1569.669519] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1569.676782] CPU: 0 PID: 29526 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1569.684662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1569.694008] Call Trace:
[ 1569.696595]  dump_stack+0x1b2/0x281
[ 1569.700223]  should_fail.cold+0x10a/0x149
[ 1569.704374]  should_failslab+0xd6/0x130
[ 1569.708349]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1569.713018]  p9_fid_create+0x47/0x3a0
[ 1569.716820]  p9_client_attach+0x6d/0x750
[ 1569.720883]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1569.726416]  ? v9fs_session_init+0xad1/0x1540
[ 1569.730912]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1569.735927]  v9fs_session_init+0xc03/0x1540
[ 1569.740258]  ? v9fs_show_options+0x6b0/0x6b0
[ 1569.744672]  ? v9fs_mount+0x54/0x860
[ 1569.748382]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1569.751940] FAULT_INJECTION: forcing a failure.
[ 1569.751940] name failslab, interval 1, probability 0, space 0, times 0
[ 1569.753827]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.753840]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1569.753850]  v9fs_mount+0x73/0x860
[ 1569.753864]  ? alloc_pages_current+0x15d/0x260
[ 1569.782947]  ? __lockdep_init_map+0x100/0x560
[ 1569.787440]  mount_fs+0x92/0x2a0
[ 1569.790800]  vfs_kern_mount.part.0+0x5b/0x470
[ 1569.795284]  do_mount+0xe53/0x2a00
[ 1569.798822]  ? do_raw_spin_unlock+0x164/0x220
[ 1569.803308]  ? copy_mount_string+0x40/0x40
[ 1569.807531]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.812535]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.816420]  ? copy_mount_options+0x1fa/0x2f0
[ 1569.820911]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.824786]  SyS_mount+0xa8/0x120
[ 1569.828224]  ? copy_mnt_ns+0xa30/0xa30
[ 1569.832096]  do_syscall_64+0x1d5/0x640
[ 1569.835975]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1569.841149] RIP: 0033:0x45e219
[ 1569.844325] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:34 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x100000009, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x8, 0x181080)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000080))

05:55:34 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x6, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x298400, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
accept4$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0}, &(0x7f0000000140)=0x14, 0x80000)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000280)={'erspan0\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="65727370616e300000000000000000855d75c63b6f1ead006b34622b6c06e52723dc26ed25c53660ba0ce739e2ffc046e98a1e0a5437eb22927faaa4", @ANYRES32=r3, @ANYBLOB="001000100000000800000007468100d8006800000004907800000000e0000002891fdf00000000ac1414bb00000000ffffffff6401010000000000ac1414aa890fa6e0000002ffffffff0a01010083237ce0000002ac1e0101e000000164010102000004000a0101016401010100000000860e000000030106f432536905024414a1330a010102000000037f00000100000005071fdfac1414bb6401163100000000ac1414bbac141436ac1414aae000000186060000000089137fac1e0101ac1414aaac1e0001ac1414aa83039f07132fe00000027f000001000000007f000001000000"]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000080)={0x0, 0x0, r1})

05:55:34 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000001c0)={&(0x7f0000000180)=[0x100], 0x1, 0x80000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000140)={&(0x7f0000000040)="6b27c6bdb7599e11459302a00dc9848aa31d7e12160658de1ff67eb84343d33e731ea87cf6c161b80a6407a4a02c0eded2091b5dd64b2ec56f0ce6b550193ce0d8f0fed326be9debcda1b99b0d4937edf502bb93484e3813e9153b8ffc054b59e8ae656625b118ce59b1e1b3dd3a5c1be8d7af346888c734f7d15f148beb5ec1c151caf25b6d51", 0x87})

05:55:34 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000140)={&(0x7f00000000c0)=[0x1, 0x449], 0x2, 0x80000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000180)={0xa9c, 0x0, 0x2})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODESET_CTL(r3, 0x40086408, &(0x7f0000000000)={0x1})

05:55:34 executing program 1 (fault-call:1 fault-nth:29):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:34 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x7fff}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x200}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e24}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3f0}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x3f}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000080}, 0x51)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
sendmsg$AUDIT_USER(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10080000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x8c, 0x3ed, 0x200, 0x70bd27, 0x25dfdbfd, "e464b6202a4f81c0d8310ca8a5e2fd279f9a471a65639dddf35790e30bf53d7799fae6e6d308d541a31796aca9a34582233d480057bcf9a9d098b715d8c394da81e9f8677fe53c2df758c7ed773875830e38f7f9ae69faf56506dc0c9044acd64e22415c744ff0129b7af53ab8e6dd687b040707576d49e5a7", ["", "", ""]}, 0x8c}, 0x1, 0x0, 0x0, 0x800}, 0x14)

05:55:34 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000140)={0xbf, &(0x7f0000000080)=""/191})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:34 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x80000000, 0x4000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x83, 0xaa3})

[ 1569.852028] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1569.859292] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1569.866551] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1569.873807] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001d
[ 1569.881082] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1569.903615] CPU: 1 PID: 29537 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1569.911528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1569.920875] Call Trace:
[ 1569.923466]  dump_stack+0x1b2/0x281
[ 1569.927099]  should_fail.cold+0x10a/0x149
[ 1569.931246]  should_failslab+0xd6/0x130
[ 1569.935220]  __kmalloc_track_caller+0x2bc/0x400
[ 1569.939885]  ? v9fs_session_init+0x387/0x1540
[ 1569.944371]  kstrdup+0x36/0x70
[ 1569.947540]  v9fs_session_init+0x387/0x1540
[ 1569.951854]  ? v9fs_show_options+0x6b0/0x6b0
[ 1569.956257]  ? v9fs_mount+0x54/0x860
[ 1569.959953]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1569.965420]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1569.970413]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1569.975238]  v9fs_mount+0x73/0x860
[ 1569.978760]  ? alloc_pages_current+0x15d/0x260
[ 1569.983319]  ? __lockdep_init_map+0x100/0x560
[ 1569.987793]  mount_fs+0x92/0x2a0
[ 1569.991138]  vfs_kern_mount.part.0+0x5b/0x470
[ 1569.995613]  do_mount+0xe53/0x2a00
[ 1569.999135]  ? do_raw_spin_unlock+0x164/0x220
[ 1570.003609]  ? copy_mount_string+0x40/0x40
[ 1570.007855]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1570.012860]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.016730]  ? copy_mount_options+0x1fa/0x2f0
[ 1570.021210]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.025115]  SyS_mount+0xa8/0x120
[ 1570.028546]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.032419]  do_syscall_64+0x1d5/0x640
[ 1570.036327]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1570.041495] RIP: 0033:0x45e219
[ 1570.044663] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:35 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000040)={0x3, 0x6, 0x4, 0x3, 0x2, 0x5})

05:55:35 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7, 0x3, 0x7, 0x3818fb4d, 0x1, 0xfff, 0x3ff, 0x6, 0x554, 0x80], 0xa, 0x800})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000000)="10d1164751906f03ff40890f81ce13dfce73d6f7", 0x14, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000080)={r1})

05:55:35 executing program 0 (fault-call:1 fault-nth:30):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1570.052350] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1570.059605] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1570.066854] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1570.074102] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001d
[ 1570.081349] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1570.163589] FAULT_INJECTION: forcing a failure.
[ 1570.163589] name failslab, interval 1, probability 0, space 0, times 0
[ 1570.181463] CPU: 0 PID: 29560 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1570.189494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1570.198849] Call Trace:
[ 1570.201442]  dump_stack+0x1b2/0x281
[ 1570.205076]  should_fail.cold+0x10a/0x149
[ 1570.209226]  should_failslab+0xd6/0x130
[ 1570.213204]  __kmalloc+0x2c1/0x400
[ 1570.216743]  ? p9_fcall_alloc+0x19/0x90
[ 1570.220713]  ? __lockdep_init_map+0x100/0x560
[ 1570.225208]  p9_fcall_alloc+0x19/0x90
[ 1570.229011]  p9_client_prepare_req.part.0+0x86c/0xb60
[ 1570.234206]  p9_client_rpc+0x170/0x1520
[ 1570.238181]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1570.243543]  ? lock_acquire+0x170/0x3f0
[ 1570.247512]  ? lock_downgrade+0x740/0x740
[ 1570.251659]  ? lock_acquire+0x170/0x3f0
[ 1570.255639]  ? lock_downgrade+0x740/0x740
[ 1570.259786]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1570.264892]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1570.269915]  p9_client_attach+0x137/0x750
[ 1570.274068]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1570.279604]  ? v9fs_session_init+0xad1/0x1540
[ 1570.284102]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1570.289119]  v9fs_session_init+0xc03/0x1540
[ 1570.293448]  ? v9fs_show_options+0x6b0/0x6b0
[ 1570.297859]  ? v9fs_mount+0x54/0x860
[ 1570.301570]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1570.307021]  ? rcu_read_lock_sched_held+0x16c/0x1d0
05:55:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x80, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbfc, 0x40000}, 0xc)
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f00000000c0)={0x0, 0xb, 0xa, 0x6, 0x2, 0x3f, 0x9, 0xffffd064, 0x4, 0x1fc, 0x2, 0x2})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x20100, 0x0)
r3 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x0, 0x400100)
ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f00000005c0)={0x3, &(0x7f0000000280)=""/123, &(0x7f0000000540)=[{0x0, 0xda, 0xbb9, &(0x7f0000000300)=""/218}, {0x401, 0x97, 0x6, &(0x7f0000000400)=""/151}, {0x1, 0x80, 0x1, &(0x7f00000004c0)=""/128}]})
ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@hyper})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f00000001c0)={0x0, 0x4, 0x9, 0x0, 0x3, 0x40, 0xffff7fff})

05:55:35 executing program 1 (fault-call:1 fault-nth:30):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:35 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x1, 0xd2fd, 0x2db, 0x1, 0x9], 0x5, 0x80000, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_VERSION(r2, 0xc0106407, &(0x7f0000000300)={0x2, 0x1, 0xfa2, 0x5})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000000c0)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x8c, r4, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_hsr\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan1\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @multicast2}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:utempter_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @ipv4={[], [], @empty}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000800}, 0x20009004)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000000040))

05:55:35 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x67c6, 0x48282)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f00000000c0))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:35 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x100000, 0x0)
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000080)={0x0, 0x1fb})

05:55:35 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x200100, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x7ff, 0x5810c0)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000380)={0x2, &(0x7f0000000080)=""/114, &(0x7f0000000340)=[{0x1f, 0xc5, 0xfffffff7, &(0x7f0000000140)=""/197}, {0x8, 0xf8, 0x80000000, &(0x7f0000000240)=""/248}]})

05:55:35 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x1, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000140)={0x8, <r2=>0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000000180)={r2, 0x4})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000080)={&(0x7f0000000040)=[0x2, 0x3, 0x540b, 0x9, 0x2, 0x6b7, 0xfffffffc, 0x23, 0x101, 0x0], 0xa, 0xbd, 0x1f7, 0x80, 0x4, 0x1000ee, 0x8, {0x1, 0x5, 0x7, 0x4, 0x7, 0x401, 0x6, 0x3f, 0x5, 0x7, 0x400, 0x800, 0xe7, 0x8001, "6185c11a7c96695f330b4fd0e8c5e03a294c7a6c75c94c75f04a4b91af1ed45a"}})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f0000000200)={0x5, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})

05:55:35 executing program 3:
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x2, 0x5e5ac0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:35 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000540)={0x8000fffd, 0xffffffa3})
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000400)={0x5, &(0x7f0000000040)=""/82, &(0x7f0000000380)=[{0x2, 0x3, 0x9e, &(0x7f00000000c0)=""/3}, {0x9000, 0x93, 0x3ff, &(0x7f0000000140)=""/147}, {0x8010, 0x25, 0x7, &(0x7f0000000200)=""/37}, {0x2, 0xd8, 0x8001, &(0x7f0000000240)=""/216}, {0x8000, 0x23, 0x8, &(0x7f0000000340)=""/35}]})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="180000000314000000"], 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x8001)

05:55:35 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000700)={&(0x7f0000000640)="bd2fc064c6c481c3505220842669222f8f85689a04932b20c1f290cd503a025e89aef859e5c3a251f49b2a919804f5c90182518feccd67a106cd8c41dbe5bdf88fe39c820d5f437981e92612307935fe8ae84a458cfc2a4f5550d26361d5b5d8795594e995f4afdfcc483a907cc8adbb473aad93d8c59870b8d44b482658552ebe137d3b95032cb6d208c64806974e2fda507b07367a2ddd9ec9cd26caaccf0e96612da79b408419aacd2d0d44ac016125156316f09e0daf783eee82779b", 0xfffffffffffffd58, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f00000007c0)={r2, 0x5e, &(0x7f0000000740)=""/94})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000600)={0x8, &(0x7f0000000040)=""/106, &(0x7f0000000540)=[{0x9, 0x12, 0x6, &(0x7f00000000c0)=""/18}, {0xffffffff, 0x55, 0x1ff, &(0x7f0000000140)=""/85}, {0x3f, 0x29, 0x3, &(0x7f00000001c0)=""/41}, {0x80, 0xb9, 0x4, &(0x7f0000000200)=""/185}, {0x5, 0x9f, 0x4, &(0x7f00000002c0)=""/159}, {0x4, 0x19, 0x6, &(0x7f0000000380)=""/25}, {0x2, 0x4e, 0x9, &(0x7f00000003c0)=""/78}, {0x758, 0xf1, 0x0, &(0x7f0000000440)=""/241}]})
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r3, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:35 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x0, 0xfffffffe})

[ 1570.312037]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1570.316881]  v9fs_mount+0x73/0x860
[ 1570.320433]  ? alloc_pages_current+0x15d/0x260
[ 1570.325016]  ? __lockdep_init_map+0x100/0x560
[ 1570.329514]  mount_fs+0x92/0x2a0
[ 1570.332884]  vfs_kern_mount.part.0+0x5b/0x470
[ 1570.337380]  do_mount+0xe53/0x2a00
[ 1570.341011]  ? copy_mount_string+0x40/0x40
[ 1570.345248]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1570.350261]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.354152]  ? copy_mount_options+0x1fa/0x2f0
[ 1570.358650]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.362536]  SyS_mount+0xa8/0x120
[ 1570.365985]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.369869]  do_syscall_64+0x1d5/0x640
[ 1570.373758]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1570.374368] FAULT_INJECTION: forcing a failure.
[ 1570.374368] name failslab, interval 1, probability 0, space 0, times 0
[ 1570.378939] RIP: 0033:0x45e219
[ 1570.378944] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1570.378955] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1570.378960] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1570.378965] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1570.378976] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e
[ 1570.430000] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1570.437265] CPU: 1 PID: 29591 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1570.442606] 9pnet: Couldn't grow tag array
[ 1570.445145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1570.445149] Call Trace:
[ 1570.445166]  dump_stack+0x1b2/0x281
[ 1570.445178]  should_fail.cold+0x10a/0x149
[ 1570.469060]  should_failslab+0xd6/0x130
[ 1570.473023]  __kmalloc+0x2c1/0x400
[ 1570.476551]  ? p9_fcall_alloc+0x19/0x90
[ 1570.480499]  ? __lockdep_init_map+0x100/0x560
[ 1570.484972]  p9_fcall_alloc+0x19/0x90
[ 1570.488750]  p9_client_prepare_req.part.0+0x86c/0xb60
[ 1570.493930]  p9_client_rpc+0x170/0x1520
[ 1570.497891]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1570.503284]  ? lock_acquire+0x170/0x3f0
[ 1570.507264]  ? lock_downgrade+0x740/0x740
[ 1570.511393]  ? lock_acquire+0x170/0x3f0
[ 1570.515344]  ? lock_downgrade+0x740/0x740
[ 1570.519467]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1570.524547]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1570.529543]  p9_client_attach+0x137/0x750
[ 1570.533681]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1570.539236]  ? v9fs_session_init+0xad1/0x1540
[ 1570.543713]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1570.548705]  v9fs_session_init+0xc03/0x1540
[ 1570.553022]  ? v9fs_show_options+0x6b0/0x6b0
[ 1570.557414]  ? v9fs_mount+0x54/0x860
[ 1570.561105]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1570.566532]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1570.571524]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1570.576347]  v9fs_mount+0x73/0x860
[ 1570.579879]  ? alloc_pages_current+0x15d/0x260
[ 1570.584440]  ? __lockdep_init_map+0x100/0x560
[ 1570.588910]  mount_fs+0x92/0x2a0
[ 1570.592269]  vfs_kern_mount.part.0+0x5b/0x470
[ 1570.596751]  do_mount+0xe53/0x2a00
[ 1570.600270]  ? retint_kernel+0x2d/0x2d
[ 1570.604136]  ? copy_mount_string+0x40/0x40
[ 1570.608348]  ? __sanitizer_cov_trace_pc+0x2d/0x50
[ 1570.613174]  ? copy_mount_options+0x1fa/0x2f0
[ 1570.617652]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.621526]  SyS_mount+0xa8/0x120
[ 1570.624957]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.628819]  do_syscall_64+0x1d5/0x640
[ 1570.632697]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1570.637882] RIP: 0033:0x45e219
[ 1570.641047] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1570.648750] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1570.655999] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
05:55:35 executing program 0 (fault-call:1 fault-nth:31):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:35 executing program 3:
ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000180)={0x3f, 0x6, &(0x7f0000000000)=[0x2, 0x3, 0xf0, 0x2, 0xe8bd, 0x8001], &(0x7f00000000c0)=[0x4], &(0x7f0000000140)=[0x9, 0xbed]})
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x9, 0xcc041)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000080))
openat$zero(0xffffffffffffff9c, 0x0, 0x18f000, 0x0)

05:55:35 executing program 1 (fault-call:1 fault-nth:31):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:35 executing program 2:
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x147f, 0x0)

05:55:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x22081)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:35 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x1f, 0x6, 0x0, 0x5, 0x4, 0x1], 0x6, 0x100000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8})

[ 1570.663593] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1570.670838] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e
[ 1570.678084] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1570.696458] 9pnet: Couldn't grow tag array
[ 1570.733423] FAULT_INJECTION: forcing a failure.
[ 1570.733423] name failslab, interval 1, probability 0, space 0, times 0
[ 1570.748473] FAULT_INJECTION: forcing a failure.
[ 1570.748473] name failslab, interval 1, probability 0, space 0, times 0
[ 1570.757323] CPU: 1 PID: 29596 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1570.767545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1570.776895] Call Trace:
[ 1570.779492]  dump_stack+0x1b2/0x281
05:55:35 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x7fffffff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x6, 0xc900)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000240))
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f00000001c0)={0xf1, &(0x7f00000000c0)=""/241})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1570.783125]  should_fail.cold+0x10a/0x149
[ 1570.787278]  should_failslab+0xd6/0x130
[ 1570.791251]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1570.795915]  p9_client_prepare_req.part.0+0x8ce/0xb60
[ 1570.801110]  p9_client_rpc+0x170/0x1520
[ 1570.805087]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1570.810446]  ? lock_acquire+0x170/0x3f0
[ 1570.814411]  ? lock_downgrade+0x740/0x740
[ 1570.818558]  ? lock_acquire+0x170/0x3f0
[ 1570.822529]  ? lock_downgrade+0x740/0x740
[ 1570.826669]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
05:55:35 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x2, 0xaa2})

[ 1570.831765]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1570.836780]  p9_client_attach+0x137/0x750
[ 1570.840928]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1570.846447]  ? v9fs_session_init+0xad1/0x1540
[ 1570.850945]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1570.855954]  v9fs_session_init+0xc03/0x1540
[ 1570.860265]  ? v9fs_show_options+0x6b0/0x6b0
[ 1570.864663]  ? v9fs_mount+0x54/0x860
[ 1570.868363]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1570.873795]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1570.878790]  ? kmem_cache_alloc_trace+0x36c/0x3d0
05:55:36 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x8, 0x80000)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0x40000, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r2, 0xc01064bd, &(0x7f0000000300)={&(0x7f00000002c0)="cd09da525dcbae2e45eec8c3a86af30da8f1fb16f9698f03077731810d9e", 0x1e})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000240)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}, {}], 0x20, 0x0, [], 0x6, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1570.883619]  v9fs_mount+0x73/0x860
[ 1570.887146]  ? alloc_pages_current+0x15d/0x260
[ 1570.891719]  ? __lockdep_init_map+0x100/0x560
[ 1570.896212]  mount_fs+0x92/0x2a0
[ 1570.899576]  vfs_kern_mount.part.0+0x5b/0x470
[ 1570.904061]  do_mount+0xe53/0x2a00
[ 1570.907598]  ? do_raw_spin_unlock+0x164/0x220
[ 1570.912097]  ? copy_mount_string+0x40/0x40
[ 1570.916331]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1570.921339]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.925219]  ? copy_mount_options+0x1fa/0x2f0
[ 1570.929700]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.933567]  SyS_mount+0xa8/0x120
[ 1570.936998]  ? copy_mnt_ns+0xa30/0xa30
[ 1570.940867]  do_syscall_64+0x1d5/0x640
[ 1570.944746]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1570.949923] RIP: 0033:0x45e219
[ 1570.953090] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1570.960778] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1570.968027] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1570.975277] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
05:55:36 executing program 2:
clock_gettime(0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
pselect6(0x40, &(0x7f0000000040)={0x3, 0x32e3, 0x4, 0x3, 0x8, 0x9, 0x9, 0x9}, &(0x7f0000000080)={0x992, 0x1, 0x7, 0x8001, 0x67, 0xffffffffffffffc0, 0x81, 0x100000000}, &(0x7f00000000c0)={0x8, 0x1, 0x80000000, 0x3, 0x1f, 0x7183c74f, 0x26, 0x8001}, &(0x7f0000000180)={r0, r1+10000000}, &(0x7f0000000200)={&(0x7f00000001c0)={[0x2]}, 0x8})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000240)={0x25, 0x10c, 0x1, 0x1f, 0x4, 0x2, 0x1})
ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000000))

05:55:36 executing program 5:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)

05:55:36 executing program 4:
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001400)={0x4, 0x0, &(0x7f0000001200)=[@enter_looper], 0x1, 0x0, &(0x7f0000001300)='t'})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000040)={0x1})
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_ADDFB(0xffffffffffffffff, 0xc01c64ae, &(0x7f0000000000)={0x0, 0x2, 0xffffff01, 0x8, 0xe949, 0x9, 0x7fff})

[ 1570.982540] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001f
[ 1570.989800] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1571.004295] 9pnet: Couldn't grow tag array
[ 1571.035185] CPU: 0 PID: 29605 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1571.043092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1571.052442] Call Trace:
[ 1571.055127]  dump_stack+0x1b2/0x281
[ 1571.058762]  should_fail.cold+0x10a/0x149
[ 1571.062912]  should_failslab+0xd6/0x130
[ 1571.066064] FAULT_INJECTION: forcing a failure.
[ 1571.066064] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1571.066886]  __kmalloc+0x2c1/0x400
[ 1571.082180]  ? p9_fcall_alloc+0x19/0x90
[ 1571.086138]  p9_fcall_alloc+0x19/0x90
[ 1571.089919]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1571.095093]  p9_client_rpc+0x170/0x1520
[ 1571.099051]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1571.104394]  ? lock_acquire+0x170/0x3f0
[ 1571.108347]  ? lock_downgrade+0x740/0x740
[ 1571.112479]  ? lock_acquire+0x170/0x3f0
[ 1571.116431]  ? lock_downgrade+0x740/0x740
[ 1571.120562]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1571.125644]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1571.130643]  p9_client_attach+0x137/0x750
[ 1571.134771]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1571.140287]  ? v9fs_session_init+0xad1/0x1540
[ 1571.144760]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1571.149757]  v9fs_session_init+0xc03/0x1540
[ 1571.154064]  ? v9fs_show_options+0x6b0/0x6b0
[ 1571.158464]  ? v9fs_mount+0x54/0x860
[ 1571.162153]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1571.167582]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1571.172589]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1571.177421]  v9fs_mount+0x73/0x860
[ 1571.180939]  ? alloc_pages_current+0x15d/0x260
[ 1571.185500]  ? __lockdep_init_map+0x100/0x560
[ 1571.189973]  mount_fs+0x92/0x2a0
[ 1571.193338]  vfs_kern_mount.part.0+0x5b/0x470
[ 1571.197823]  do_mount+0xe53/0x2a00
[ 1571.201350]  ? copy_mount_string+0x40/0x40
[ 1571.205574]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1571.210577]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.214453]  ? copy_mount_options+0x1fa/0x2f0
[ 1571.218931]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.222798]  SyS_mount+0xa8/0x120
[ 1571.226248]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.230117]  do_syscall_64+0x1d5/0x640
[ 1571.233990]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1571.239160] RIP: 0033:0x45e219
[ 1571.242326] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1571.250012] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1571.257261] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1571.264506] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1571.271757] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001f
[ 1571.279004] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:36 executing program 0 (fault-call:1 fault-nth:32):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:36 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0xffffffffffffffc0, <r2=>0x0, 0x2})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f00000000c0)={r2, 0x200})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000300)={&(0x7f0000000280)=[0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], 0x1, 0xb7c6, 0xe0e0e0e0})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000140))
mount$9p_fd(0x0, 0x0, 0x0, 0x2020021, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESDEC, @ANYBLOB=',func=FILE_MMAP,euid>', @ANYRESDEC, @ANYBLOB=',\x00'])
r4 = getegid()
r5 = getpid()
wait4(r5, 0x0, 0x20000002, 0x0)
r6 = geteuid()
r7 = getegid()
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001980)={&(0x7f0000000340)=@proc={0x10, 0x0, 0x25dfdbff, 0x40}, 0xc, &(0x7f00000003c0)=[{&(0x7f0000000440)={0xac, 0x18, 0x400, 0x70bd28, 0x25dfdbfc, "", [@generic="ee3b114d06f046fafecdfe5e996f7c50f87fd529da82b68bb6341f94ce0f941b7afa0ed0dc594daa822910036b710529a8034adc971ed119e4d1727c6e887b18f11111456e1bc356efb49a4c11e9df7dd4ba086653a36ddaf2fdec31c79ecb08b906f06c0afa3f1f3d4c10b978a3d142bc64a2dfabdaecd0d4219b4b966698e32099bf13861ee2ff7b9b59e46b9f701dfd23558c1562a2e271"]}, 0xac}, {&(0x7f0000000500)={0x1420, 0x26, 0x400, 0x70bd2c, 0x25dfdbfc, "", [@typed={0x13, 0x5b, 0x0, 0x0, @str='/dev/dri/card#\x00'}, @typed={0x8, 0x5b, 0x0, 0x0, @fd=r3}, @nested={0x5c, 0x48, 0x0, 0x1, [@generic="c746d55499186526291b42e37781104eacfa72b53afb6a7d3702973b35c26c17704023bcca94ae760167383f", @typed={0x8, 0x12, 0x0, 0x0, @uid}, @typed={0xc, 0x28, 0x0, 0x0, @u64=0x314}, @typed={0x8, 0x3f, 0x0, 0x0, @ipv4=@multicast1}, @generic, @typed={0xe, 0x55, 0x0, 0x0, @str='/dev/zero\x00'}]}, @nested={0x4, 0x2f}, @generic="805e4008316942615eb58acff7b046", @generic="2b0b6cea58abbac6097f2200808dc5c91c59dccbf8f988c451bf1a0d5e00d7eb9ee7c3588c5022881d728a0c700705004b5913e79430e4a6442bfbe75ce2f78b548cdfdc9dd6cd808236a59f21e213bd2d264df1ded4f4275f60dc1508fe210f2667416cb75d31831b295ad3d48296a59374abf3514f2c84c733152c92997d44a0093ecda4d85b43e0a4b28e65cfdc101a7293fa7a8ecfa738fd0bffdfbfcd74f34d415f87af38e4d2aedd2f25f23ca064aa19e37c807a22f527fd2b2f7dd04746e6daa1be", @generic="3ed922cb9c68708e3835f985dcaea299599d2c38fdbbbdcdf94c58b1dc4ef5c7bb2326658ff963e3541893f869a4cbd71a73a72ca1b8de90f25c832c78133db703355221c149290dca54b36f343542d9972363f373fcfc4d44344aeedd3e67a487a8aecfa7aa11c1cb1bbb7d60f2a3c5f6f76488f9a1cea4cb531319d8003adee5636947f7165a9b5c9648447e7d82a76d530bc73a6c7979551147e6b0f15a13095fdc776fec6ac080446464c144729426fe9aed303fb4c699cb377a53a02cc8ce74f9a176aa511b09cf353b6f6a84b626fdb5d9163f2f0e05b8940f8b", @nested={0x1109, 0x95, 0x0, 0x1, [@typed={0x8, 0x7f, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="087b46aac256cebc0e8d23544ac0b4bec7f6294db84798173a44a0029fffacc3fba111f51cd25f63ed4ca33a65f4fc98e9d7d3e96c5e4d40d02de50153fcf19f99c0def8d662f2caebe060825059dbbd4e99f755300eeadd90da5a58ff78df310984a4708a119d1eb92104ac1a16afb7b9ff4bddb5b290cc1f3949991b82d95c45ae376fb5578bb7ee79889779000fadfdbd567b36b6c4aedd13af0693db86a6c880a1ef38438c278f548b54ff3696d232dc3fdf39b5acd2246c3b7847d809a8439cf1b4e4cc9007b00b0af43640ff20adb3ccaa384671f4c95c55836e35a6a8e9abd2113deb06edcc9dd7bc2afc5c3553a973e4806ea8793597290c5f6c5221eda31d99014ee666ae2df9bbac5c232307fccc96d6461d01d13a20bcd28f61befc959a01a8fc273dcac9a970deb01a1f56f51b9fc5c30a5d6eec2b6207dae749da485e82215030fb1eff52d83ef4619bb87c3d5f72f9571ac7170fde53979fc198ef58cb390e4dc4005b77c3c88db1142a8e605212236a3b4bf11ebf69e710fb0f6adb99d27c6eb3f384c842fcffd6f1ef3e17dc3b8c72ff5f1b1a41750af26b30293569b9edbaf900ffd5f930a0a6da5a38b4d63211dbaf8b82c788504d7acb1d21b97d47de3d5481f414e58a08a42464c1fde358aac3876c3804acc3da0c5333c68bcce4162cd45d10536bde0a923cf12d294f93e55859f893d74335a4526d7c395a643e93780855ad0716771fec97855264620b9574e5019c5e396f73f5ef5b814f6dc39f1592fa73b1cb0eed9830f3380505855f2325f3a4e0e99fedb5d3b3668162e8dd1c8c7e7d2a878ec1861db016182a4d5fa48a2056150968ed506a17ff27ffb640b566a8ea6b5a9f085667b7c13d1012d2268708a05e16c37451acb63c837d2571875887ee2b83b36580f9d3e35447f820bd3ee0d9861c3fee9e70b2ce36ee3f2e565ddfbf9d6a9a51c74105287f6578a3ca4ad45b57d5710fd2af5fffa83fe7cf2f94d08f2fe19f000534ca68fe6f30d7ab5c8eca8d30686365e9d39c30b23be461b101f4d07eacd38809108a42c183a9c50ae80d16e74764b15bbd921d6193200ce7ad84e8d77acc76844abc19941aeb669c7590254eee80c830347706492f9c9d25f00c9194796f93a3a2272c87b33493deee4ff62000b49682dcc64943f18c4cf0c2ca600ae5fc22087c264a01d191575224a78a89f3e1e274c0ceaf197834c653b81a11c1658c115866e495fe46d44187a0c9a73de900c653fd52c2e60d3a0ff050b2113dc6dd93a8a2d2dc494130cef645b351335d9aaf5b4231657697291bdb3e33b1c511a08957edef2ea9e797481e75ef9ef0023a1260315df4b874c568caa64c1f1f622324fc3ebf52bb63520b7a86ef4e98c9affb149fa602d1eb9f8b9fe1570d892f3f555427eb786c3fade3c0cc1b3546889f3fb93246f3fbaf3da3c609bd064688ed3f0b9372694f736ecf976a750d3925f49793a6043a61725840e7908976af5692a52cf2325a5ff3f224095ef4b9556f85c3c76a2df4119ee008f0ef42bbd52a93f187b00515dd2849e645839a0e96ae37699f42d78b8994499aadff2bbd01a9e07968c62530bbafed19c7ef165481345b7b6cdab551589d5b663cfa5294b62b8230ba8b0358484531600395309bb02a7cb0470f2335c4275ebc4d73703bdff4e4b85f715a5cb3d53cb33c32543c1ab3620aa15614eee4e99cfdf109e0493df959a2ca216e6e078a9a4d706b0562e294b4cfda39c23d772deaab9268b27202fe49a8cef7f4eefaf1a9de6b7868744d77ceaf07235ed9b89a960bc2806a86d09750e144e1b1ac6b9f79887722609278565a9d9e0b3bb2501fa203a0269a56ac392a2962fca4736b391eb5ceb21dbadf13bb7c78c823e5964355a425fe2f736528f78fd451acee77ba64eaf0fe0629023adceeaf19cd67a9fd353194ca6c72886325bcb45b5b6ba675fae50f3d2479ac827111addfcd6f5f574c1209d481abcdf1c8fe1d93063d058c303a558bf072956bc1040c80d54649d5912122cef63b80ac4d852d6e5a2406567eb0e1f4fdfa2fc1d758782d2074d4e79c8f6c574416a2a6c4ba7085ec1235b82b239ebab01e323dc0ac9f1ce4547c419a8a9e237c4229c0285c72ac150b7ea7fbe1f046b9e5d09cada4eb005d6a86230d851c9f2a2d85ed01269cf65107c14fe3b480b21f5b890aaab012a2d56a203107442ec44180f59b7a57db5e5df715a32a1d898f75321f5b353fc908fe755f0ac4bd9626c0a7ea1e6810a364418f2443261671413475fb0568b0c11a45a79db55d2bf4ae044db2f079e88122821dda17cdcc9c09d7a5977dfab962b995bdddfeb5e17698b4d4d03e279e03df3a2d62527b5571fe8dd61a53b58f694a8817dce59521299747c69d285c49b41296b26f92bbd7a5bddd8de9b816ecc704fae3b94ff02baf0cb2ffa40f3a3f1f9e5edc23c101647f82abc54bfd22319526d644b0901f671df04e664ab56e7a38a3742d9aada19e20cfbf2d6ca571706c96e1da32dc644955618199dab4550d15465c1040c2d74ab871db44e1e7f8a37db1e535f05e4cd4bd61fb5c54e2ac74d28110dcf5ba7e78b034262414a96b54909d9bd424004fbd863b01773069040436bef7f86709e82f36ff9a0d1fb8cd6f34013ef929bb4ee997dbc8040d4ce6ad9173c6b046173dd54d54407da30c8d18f3bdd4d33d7d1a6df3366083dec1a75db5062c00f6fcb48494945293e78cbb9f6626c4d070b8f6a053a071f3ff12e289e11539ffd240d0851f30c149007a160c62827a3fb0a4c44fa1122f65f00f74ca47236fa159b334ff69d3855e811520e71fec0dbd336fd40a38012e79b713fc3fc59b64dbd1e0cb74f30e63e3d10cb97bfb0de9bd022ccfc46c160a40d9ba2b9fdec6bae831b08d453d535bb15ab10dcd3b36ba31f8dc5243a1fc877eeaa6a2682869c41aee1c82eb8f6e802e9a148f4c90b7d68c1d90451c9b2d7650e53d06de01a6a81a7c20e240043f21d214de0def0494287d1c748e05cf602c1ffa21df6a668509ff490c70cf9bb637510fb7fdf94f67dde7e24e5c6c998fd436191d63697650b4ea77679ba3fc686880df13007166b37c8c0bbab94baa543c3db24f9d5e03a7b5e91497ce68e287166df867c2a4a426bdd7b4306bc434247d74397962972ee59f54577d70605878b7c6e3ebc8d683dde04d9f0f95ab981da8569da8b423c759197010aec54609c5d748cd6ca3658a4db340c06602f40c3ad5010b2e556d8d92c05850bd03758149a3f4f8efa6f2a3d9aa743721dc3c51ef52ffc094f12c6c9912ddf3f940d2c64dc1d27c0cd7378ffeae74ab0d84a0dbddd5cae3098fc8ef05e4703abf2e65ec5a5ae3f656ad7374e380daf7e06937a185d9fc8669eb233661a4693ff3be4676aba40e07f2c45c1c4cbafa5e95e12e3097128b34bc2bcf7b5f43d2a161c60da0c0b3e9e08472f4061225d8eac62521dffedf99e9e317372f5dace395f3eaef4a44615bf67fbfd16042a1dea462816644aa8c23b9df1554176bd704eff206b91875a12080c791555502b8dcd271ea6396b8fc96888b487dddb0ded6495493293febb18fe258481a4a8c2a8a28074f18e67bb8d65ab0f6847bc44d868191ec2124ce84d57b223ab8ef07d270fc140da487b1af94036dbaee16137a03276c214510d74ed415e17c10197957464dc80378d3f4c679e5794c9cd3f3da8055768277af3fc1a7d79c848bd5d9c2e79c09849b7cf69a349d21f58b392fcbb18b8425a68afd3634ad9437265af0939c4592375f42fd298fb4a95bedc6e067a916e081709cb0c5ada0c308bc8751ec6162e67d613a16119927e763749aaf2ca1f8cc06296101d0f478f7d31ccb58dac85724f9b95077645b7dd5ea25566941eaeb15321c1c7bfb9bdbb6d964bcf552b9524c5ea048edabbb3ee43008a609ec30446d15e6ccff38dbaa89fcae315a3ce991039f3e7d7b2863de7fb74cc2ff753e22f76f31a0fce8b13e1d549aab389c02b6ed552045a242be4fddba699d8f5c29ed6d74651d3e78937fcc433ecbf6611a12bc17ba63b82deb7dc905446a33ea67f4120e0d3eab3d94e589dfd7e987349be7576b8eb28441cdd62d0a121d963212a5a07f06e420eb932343149965e3a303d367c07796dcfcf7c89fc0a3c06cce87958664fead04cfa59c8ce0ebec745513b69a805d4e727ba9b6308bf8c16bc12721914b6abc95fa07efd45ad7581a8a23826104a8af3afd575d641a097e70c11abc166b6f64f4856b4e4231067211639f80cc4362b42f072f57078654c4ffc8f31a185aff61fcd78b40b1d8361acbe2d7f66a8ef4e5ac9922bfc2c02c0bdd3ed2dd7bf3e982ded71ee39d50178e64dd1aa1a35db3db2d20a29153726c05823c8bf4bda66e95e7c2c385e0330f6b566c2f9bd7d10b1e19d5001fc84921eeaacdab6ea6e656a514471043c6e44fd094bd126e442bf588f7829844db0d5a9b370db52cd378905d3759bcef10e5fa1af0062f27b24406b794b4ef00de322aaddfe7cb6ff4add14fe4b112d945afd91d17b21b4f99ff38f3747db51ee928b4dfc6f4aa8938122f9c0f1953463abb61d284535e31a52cc86056c99728e560930623cc16a7a8088ea5e66eabeb948b75fa120d06acf376ae6d8d843a14aa2ff7e7d9ba7a80013ce0137adca8f360c40da5b1612bda987a94157295fe73a32573e6476ddaa4fd94eff6b5a0111992de8c84e6a596f6d6344360e63a54f4cdc3a781d04ec92fd3c07a2fd7c9fc596bb82e62573c8fd8535def5c41a201a7b5e9d9195886b09db0be9d0a57f57f891c767b7c2b945eae0de463d2ce782690fb12a74f45d2e00add76ccf271a9c0b69876b8933739c4a281f4be329ff5a89aaa79828a7719f39c9c1862452f2734bb441cfe210ef9fa8886ae108a7cd02edcdf891a0c077fa72d5da73de33008633efdc0123b1361db01f5c7c4b4deddef80514dd9f70497f8feb0ab11e84ceaeddb3c7fc577aa279f7d681f9f6ba2de374aab374be2c899a38d11f123b33c3321c6f5951c6c3cec7115005e8a528f2392d87f59857967d882bc2602362a0f7985d3cd7a7d8e706af03ca8a5432af30cfd75349b5dfc450062ac62469938e652899725d435b8e570cf95723574a937062103e0bf7c2e2a4b56a73252beec34cde2b280ec04a5fb307d1a2ca5a34aa47ab4414a488258bafd72daa2f66742a9ed5bc4e113a10b2d607383679152f912133a1428057b3bd0c32d8149f08aa6f5637b89cdb9e5d9f6a6b4cb6ea7377c1a3046fc05660ba8eeba67a06edd5425d18d14f4c12f59aeca1aedec58522f3565c94c3f4c585c4949c88eaf7a8625fc0d9acd00654b67c9fe34beab43b663a59c3beacc0d672da45f7596942a3a6e831cb4b87cfa85556395e3e83c8c49e49731f2520aeeaa74e261e676aa2730fb9a6be369cd93e12b0acdc60928e9ee638df4a7a26b336181a15a86129844374a2a999ef89200a9966f094cac552210b326bc206633c71dbc0f7360f0d0d15249ee86dffa81c7ed652d8f5626ef21c7683082334085d8f3d34b12d5d57bae1b9b59eab5934720d7cd68fe51f4490ee5574d7dfee1298788957259f68f4644e1c129c30f6da6cc5667d3775f9c80de384ccb48f60a3073a7d23e5fa64365890cb28f729aba627380e2363d4d697484d2af229df81d0f07687e9f80ab24cb622545a1de267fe5b505eb94820d6b0fa339b9c5f1b635777ae8d5dee2f1d05bc4a5fb92cdd0f72ee80b883c", @generic="1d433ac4eb544a91970614925ce23d1146e4ca2c159f94314fcb01e588443ce86c71ece5d9775b63bb1a6cd930a1c5c4b9d3fad6b077e182deebf9d92bc8fa047bb8e3a2ec09d0e9a3ca4c8c5e09acdabd4745c3f05adee65cc9e389f8fbe475f12f5ca5d91219b779db4d67cd0511134cf258f178aa07060e00558244b502117e20f2468f66e82bc8e37dd4136960fd568fa81e3da0069507febd407ae2288b027cb98bf830e4124d664985921fcd07ced39d2480992ba98b1d774ccd6fddc16f0a2d56560926db04abf6d89d34af270b6beb155810f8bcfe22a973abfff42e8c5db41e57b4193ba7eb3040bb58b08eb4ff2edfae286c40033060c1cc"]}, @typed={0x8, 0x5f, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @nested={0xcb, 0x4d, 0x0, 0x1, [@generic="6999140092deecd37da8274a2e50d2ec63f297e8f274455bc9068235d76460710870379f73eb61ad90", @generic="38a05f8f2fb52767bea1c14de4291faf2141f1e966062bddf4e2ace8d4063dc5eadf718e9c222af611bc7ce64b5b075734930f39fc3b56e5e51f4c733a7081f7ddcac89b56b56b1ddf2d5e7b2c7279eddd5f15b6206643cfdb5d06395c24baccb3dbd3f95c55c6a811d72a66da3bcb7714e845bd29953bcda7b3d9b1817ef0c25ea344586f8ba687410c9d6efcdc785ed7ee28f836f1c2399257f1224486"]}]}, 0x1420}], 0x2, &(0x7f0000001940)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, r4}}}, @cred={{0x1c, 0x1, 0x2, {r5, r6, r7}}}], 0x40, 0x4000}, 0x10)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r3, 0xc0106438, &(0x7f0000000040)={0x1074})
sendmsg$AUDIT_SIGNAL_INFO(r3, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x10, 0x3f2, 0x1, 0x70bd2b, 0x25dfdbfc, "", ["", "", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x804}, 0x8010)

[ 1571.286267] CPU: 1 PID: 29625 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1571.294146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1571.303495] Call Trace:
[ 1571.306083]  dump_stack+0x1b2/0x281
[ 1571.309714]  should_fail.cold+0x10a/0x149
[ 1571.313858]  ? __kernel_text_address+0x9/0x30
[ 1571.318350]  __alloc_pages_nodemask+0x22c/0x2720
[ 1571.323109]  ? depot_save_stack+0x10d/0x3f0
[ 1571.327438]  ? kasan_kmalloc+0x139/0x160
[ 1571.329072] 9pnet: Couldn't grow tag array
[ 1571.331495]  ? kasan_kmalloc+0xeb/0x160
[ 1571.331506]  ? kmem_cache_alloc_trace+0x131/0x3d0
[ 1571.331519]  ? p9_client_prepare_req.part.0+0x8ce/0xb60
[ 1571.349897]  ? p9_client_rpc+0x170/0x1520
[ 1571.354040]  ? p9_client_attach+0x137/0x750
[ 1571.358357]  ? v9fs_session_init+0xc03/0x1540
[ 1571.362851]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1571.367687]  ? do_mount+0xe53/0x2a00
[ 1571.371396]  ? SyS_mount+0xa8/0x120
[ 1571.375018]  ? do_syscall_64+0x1d5/0x640
[ 1571.379079]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1571.384452]  ? node_tag_clear+0x6c/0x170
[ 1571.388518]  cache_grow_begin+0x91/0x630
[ 1571.392598]  ? check_preemption_disabled+0x35/0x240
[ 1571.397641]  cache_alloc_refill+0x273/0x350
[ 1571.401965]  __kmalloc+0x378/0x400
[ 1571.405490]  ? p9_fcall_alloc+0x19/0x90
[ 1571.409453]  p9_fcall_alloc+0x19/0x90
[ 1571.413238]  p9_client_prepare_req.part.0+0x86c/0xb60
[ 1571.418419]  p9_client_rpc+0x170/0x1520
[ 1571.422386]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1571.427780]  ? lock_acquire+0x170/0x3f0
[ 1571.431738]  ? lock_downgrade+0x740/0x740
[ 1571.435875]  ? lock_acquire+0x170/0x3f0
[ 1571.439824]  ? lock_downgrade+0x740/0x740
[ 1571.443990]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1571.449071]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1571.454109]  p9_client_attach+0x137/0x750
[ 1571.458236]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1571.463749]  ? v9fs_session_init+0xad1/0x1540
[ 1571.468219]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1571.473225]  v9fs_session_init+0xc03/0x1540
[ 1571.477537]  ? v9fs_show_options+0x6b0/0x6b0
[ 1571.481938]  ? v9fs_mount+0x54/0x860
[ 1571.485638]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1571.491064]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1571.496059]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1571.500883]  v9fs_mount+0x73/0x860
[ 1571.504414]  ? alloc_pages_current+0x15d/0x260
[ 1571.508980]  ? __lockdep_init_map+0x100/0x560
[ 1571.513472]  mount_fs+0x92/0x2a0
[ 1571.516915]  vfs_kern_mount.part.0+0x5b/0x470
[ 1571.521404]  do_mount+0xe53/0x2a00
[ 1571.524925]  ? do_raw_spin_unlock+0x164/0x220
[ 1571.529398]  ? copy_mount_string+0x40/0x40
[ 1571.533619]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1571.538620]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.542494]  ? copy_mount_options+0x1fa/0x2f0
[ 1571.546972]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.550835]  SyS_mount+0xa8/0x120
[ 1571.554265]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.558134]  do_syscall_64+0x1d5/0x640
[ 1571.562016]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1571.567193] RIP: 0033:0x45e219
[ 1571.570357] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1571.578052] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
05:55:36 executing program 1 (fault-call:1 fault-nth:32):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:36 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x5, 0xffff, 0x23a, 0x2], 0x4, 0x80000, 0x0, <r1=>0xffffffffffffffff})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x22, &(0x7f0000001480)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@fsuuid={'fsuuid', 0x3d, {[0x36, 0x35, 0x64, 0x30, 0x39, 0x64, 0x63, 0x36], 0x2d, [0x30, 0xd, 0x39, 0x65], 0x2d, [0x38, 0x32, 0x33, 0x35], 0x2d, [0x51, 0x33, 0x31, 0x36], 0x2d, [0x65, 0x33, 0x66, 0x61, 0x36, 0x35, 0x39, 0x33]}}}, {@audit='audit'}, {@subj_role={'subj_role'}}, {@dont_measure='dont_measure'}, {@fsname={'fsname', 0x3d, '/dev/dri/card#\x00'}}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@permit_directio='permit_directio'}]}})
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x2cf)
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000040)={0x0, 0x40})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000200)={&(0x7f00000001c0)=[0x8, 0x80, 0x200, 0x3], 0x4, 0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r4, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000240)="1f7b5e57e82337944b5ecd8881a0ac5d23a6faf12bcab813", 0x18})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f0000001440)={0x1, &(0x7f0000000440)=""/4096, &(0x7f00000003c0)=[{0x0, 0xf9, 0x6, &(0x7f00000002c0)=""/249}]})

05:55:36 executing program 3:
r0 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r1 = getpid()
wait4(r1, 0x0, 0x20000002, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/uts\x00')
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xac, 0x0, 0x100, 0x70bd28, 0x25dfdbfb, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x4}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r2}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r0}}]}, 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
ioctl$NS_GET_NSTYPE(r0, 0xb703, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r3, 0x40106436, &(0x7f0000000000))
r4 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x2, 0x90180)
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000080))
openat$zero(0xffffffffffffff9c, 0x0, 0x181000, 0x0)

05:55:36 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_ADD_BUFS(r0, 0xc0206416, &(0x7f0000000080)={0x9, 0x800e, 0x5, 0x699, 0x2, 0x9})

[ 1571.585373] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1571.592629] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1571.599881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020
[ 1571.607129] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:36 executing program 0 (fault-call:1 fault-nth:33):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:36 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x268800, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r2, 0xc0206416, &(0x7f0000000280)={0x6, 0x2, 0x3, 0x80000001, 0x11})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
getsockopt$inet_dccp_buf(r3, 0x21, 0xe, &(0x7f00000008c0)=""/162, &(0x7f0000000540)=0xa2)
recvmsg(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000007c0)=""/251, 0xfb}, {&(0x7f0000000240)=""/25, 0x19}, {&(0x7f0000000280)}, {&(0x7f00000002c0)=""/109, 0x6d}, {&(0x7f0000000700)=""/167, 0xa7}, {&(0x7f0000000440)=""/24, 0x18}, {&(0x7f0000000480)=""/169, 0xa9}, {&(0x7f0000000140)=""/90, 0x5a}, {&(0x7f00000001c0)=""/88, 0x58}], 0x9, &(0x7f00000005c0)=""/217, 0xd9}, 0x40012003)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{}, {<r4=>0x0}]})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000000)={r4, 0x0})

[ 1571.691309] FAULT_INJECTION: forcing a failure.
[ 1571.691309] name failslab, interval 1, probability 0, space 0, times 0
[ 1571.710231] FAULT_INJECTION: forcing a failure.
[ 1571.710231] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1571.722064] CPU: 1 PID: 29646 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1571.729939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1571.739377] Call Trace:
[ 1571.741966]  dump_stack+0x1b2/0x281
[ 1571.745618]  should_fail.cold+0x10a/0x149
[ 1571.749760]  __alloc_pages_nodemask+0x22c/0x2720
[ 1571.754505]  ? kasan_kmalloc+0x139/0x160
[ 1571.758550]  ? kasan_kmalloc+0xeb/0x160
[ 1571.762513]  ? __kmalloc+0x15a/0x400
[ 1571.766218]  ? p9_fcall_alloc+0x19/0x90
[ 1571.770194]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1571.775537]  ? p9_client_rpc+0x170/0x1520
[ 1571.779671]  ? p9_client_attach+0x137/0x750
[ 1571.783972]  ? v9fs_session_init+0xc03/0x1540
[ 1571.788441]  ? v9fs_mount+0x73/0x860
[ 1571.792136]  ? mount_fs+0x92/0x2a0
[ 1571.795663]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1571.800311]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1571.805137]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1571.810485]  ? do_syscall_64+0x1d5/0x640
[ 1571.814529]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1571.819881]  ? cache_alloc_refill+0x2fa/0x350
[ 1571.824359]  cache_grow_begin+0x91/0x630
[ 1571.828412]  ? check_preemption_disabled+0x35/0x240
[ 1571.833408]  cache_alloc_refill+0x273/0x350
[ 1571.837714]  __kmalloc+0x378/0x400
05:55:37 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000100)={0x23c, 0x0, 0x1ff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})

05:55:37 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000140)={0x1})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x1, 0x4, 0xfffffffa, 0xfffffffb, 0x4], 0x5, 0x800, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f00000000c0)={0x287b, 0x4df, 0x7e, 0x3b})

[ 1571.841236]  ? p9_fcall_alloc+0x19/0x90
[ 1571.845194]  p9_fcall_alloc+0x19/0x90
[ 1571.848985]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1571.854170]  p9_client_rpc+0x170/0x1520
[ 1571.858129]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1571.863483]  ? lock_acquire+0x170/0x3f0
[ 1571.867444]  ? lock_downgrade+0x740/0x740
[ 1571.871576]  ? lock_acquire+0x170/0x3f0
[ 1571.875529]  ? lock_downgrade+0x740/0x740
[ 1571.879659]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1571.884753]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1571.889772]  p9_client_attach+0x137/0x750
[ 1571.893918]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1571.899447]  ? v9fs_session_init+0xad1/0x1540
[ 1571.903938]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1571.908950]  v9fs_session_init+0xc03/0x1540
[ 1571.913258]  ? v9fs_show_options+0x6b0/0x6b0
[ 1571.917652]  ? v9fs_mount+0x54/0x860
[ 1571.921344]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1571.926782]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1571.931795]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1571.936626]  v9fs_mount+0x73/0x860
[ 1571.940157]  ? alloc_pages_current+0x15d/0x260
[ 1571.944719]  ? __lockdep_init_map+0x100/0x560
[ 1571.949196]  mount_fs+0x92/0x2a0
[ 1571.952552]  vfs_kern_mount.part.0+0x5b/0x470
[ 1571.957042]  do_mount+0xe53/0x2a00
[ 1571.960579]  ? copy_mount_string+0x40/0x40
[ 1571.964799]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1571.969800]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.973680]  ? copy_mount_options+0x1fa/0x2f0
[ 1571.978155]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.982033]  SyS_mount+0xa8/0x120
[ 1571.985483]  ? copy_mnt_ns+0xa30/0xa30
[ 1571.989364]  do_syscall_64+0x1d5/0x640
[ 1571.993240]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1571.998414] RIP: 0033:0x45e219
[ 1572.001588] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1572.009293] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1572.016651] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1572.023910] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1572.031171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000021
[ 1572.038422] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1572.045691] CPU: 0 PID: 29641 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1572.053582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1572.062940] Call Trace:
[ 1572.065528]  dump_stack+0x1b2/0x281
[ 1572.069156]  should_fail.cold+0x10a/0x149
[ 1572.073304]  should_failslab+0xd6/0x130
[ 1572.077273]  __kmalloc+0x2c1/0x400
[ 1572.080812]  ? p9_fcall_alloc+0x19/0x90
[ 1572.084781]  ? __lockdep_init_map+0x100/0x560
[ 1572.089275]  p9_fcall_alloc+0x19/0x90
[ 1572.093073]  p9_client_prepare_req.part.0+0x86c/0xb60
[ 1572.098270]  p9_client_rpc+0x170/0x1520
[ 1572.102242]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1572.107605]  ? lock_acquire+0x170/0x3f0
[ 1572.111577]  ? lock_downgrade+0x740/0x740
[ 1572.115729]  ? lock_acquire+0x170/0x3f0
[ 1572.119711]  ? lock_downgrade+0x740/0x740
[ 1572.123862]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1572.128966]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1572.133987]  p9_client_attach+0x137/0x750
05:55:37 executing program 4:
getresuid(&(0x7f0000000080)=<r0=>0x0, &(0x7f00000000c0), &(0x7f0000000100))
mount$9p_fd(0x0, 0x0, 0x0, 0x2020021, &(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRESDEC=r0, @ANYBLOB=',func=FILE_MMAP,euid>', @ANYRESDEC, @ANYBLOB=',\x00'])
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x2, 0xee01, 0xee00, r0, 0x0, 0x100, 0x5}, 0x0, 0x726b, 0x1, 0x4, 0xffffffffffffffff, 0xffffffffffffffff, 0x1000})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:37 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000080)={0x0, 0x5})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:37 executing program 4:
r0 = getpid()
wait4(r0, &(0x7f0000000140), 0x1, &(0x7f00000001c0))
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x3e9, 0x200, 0x70bd2b, 0x25dfdbfd, {0x21, 0x0, 0x0, r0, 0x10000, 0xc1, 0x0, 0x81, 0x0, 0x1131}, ["", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x40001}, 0x4)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:37 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$NS_GET_PARENT(r0, 0xb702, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x2a43)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f0000000080)={0xbfb, 0x900f, 0x8})
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000))

[ 1572.138145]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1572.143683]  ? v9fs_session_init+0xad1/0x1540
[ 1572.148278]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1572.153296]  v9fs_session_init+0xc03/0x1540
[ 1572.157717]  ? v9fs_show_options+0x6b0/0x6b0
[ 1572.162125]  ? v9fs_mount+0x54/0x860
[ 1572.166181]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1572.171806]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1572.176825]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1572.181669]  v9fs_mount+0x73/0x860
[ 1572.185212]  ? alloc_pages_current+0x15d/0x260
[ 1572.189799]  ? __lockdep_init_map+0x100/0x560
[ 1572.194297]  mount_fs+0x92/0x2a0
[ 1572.197666]  vfs_kern_mount.part.0+0x5b/0x470
[ 1572.202167]  do_mount+0xe53/0x2a00
[ 1572.205713]  ? retint_kernel+0x2d/0x2d
[ 1572.209606]  ? copy_mount_string+0x40/0x40
[ 1572.213843]  ? __sanitizer_cov_trace_pc+0x4a/0x50
[ 1572.218682]  ? copy_mount_options+0x1fa/0x2f0
[ 1572.223175]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.227067]  SyS_mount+0xa8/0x120
[ 1572.230516]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.234406]  do_syscall_64+0x1d5/0x640
[ 1572.238308]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1572.243492] RIP: 0033:0x45e219
[ 1572.246680] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1572.254384] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1572.261646] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1572.268903] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1572.276223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020
[ 1572.283472] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:37 executing program 1 (fault-call:1 fault-nth:33):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:37 executing program 4:
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000000)={0x80})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000000c0)={0xffff, <r2=>0x0, 0x10000})
ioctl$DRM_IOCTL_SG_ALLOC(r1, 0xc0106438, &(0x7f0000000140)={0x940, r2})

05:55:37 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0xd729, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, &(0x7f0000000340)=0xffff0000, 0x4)
ioctl$DRM_IOCTL_MODE_DESTROYPROPBLOB(r0, 0xc00464be, &(0x7f0000000040)={0x2})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000140)={0x0, 0x0, r0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x7, 0x101000)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r2, 0xc01064ac, &(0x7f0000000300)={0x2, 0xc7, &(0x7f0000000200)=""/199})
r3 = syz_open_dev$dri(&(0x7f0000000500)='/dev/dri/card#\x00', 0x401, 0x88000)
ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000540)={0x9})
ioctl$DRM_IOCTL_MODE_ADDFB(r2, 0xc01c64ae, &(0x7f00000003c0)={0x8, 0x100, 0x0, 0x8, 0x3, 0x401, 0xb7a})
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000100)={0x101, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000380))
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000440)={0x1, 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r4 = syz_open_dev$dri(&(0x7f0000000480)='/dev/dri/card#\x00', 0x200, 0xc8400)
ioctl$DRM_IOCTL_ADD_MAP(r4, 0xc0286415, &(0x7f00000004c0)={&(0x7f0000fff000/0x1000)=nil, 0xfffffffffffffff8, 0x3, 0x20})

05:55:37 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={0x0, 0xcf2})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz0\x00', 0x200002, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r2, 0xc0086420, &(0x7f0000000140))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040)={<r3=>0x0})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f00000000c0)={r3, &(0x7f0000000080)=""/19})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000200)='/dev/dri/card#\x00', 0x9, 0x400000)
r5 = syz_open_dev$mouse(&(0x7f0000000300)='/dev/input/mouse#\x00', 0x8fb5, 0x8400)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r4, 0xc01064ac, &(0x7f00000002c0)={0x1, 0x42, &(0x7f0000000240)=""/66})
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f00000001c0)={&(0x7f0000ffe000/0x1000)=nil, 0x7, 0x0, 0x40})
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000340)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r5, 0xc0286404, &(0x7f00000003c0)={&(0x7f0000ff7000/0x9000)=nil})
ioctl$DRM_IOCTL_AGP_ALLOC(r6, 0xc0206434, &(0x7f0000000380)={0x112})

05:55:37 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x8, 0x7f, 0xaa3})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0xa)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000380)={&(0x7f0000000340)=[<r3=>0x0, 0x0, 0x0], 0x3})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)})
sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x0, 0x0, 0x0, 0x0, {}, [@BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x24}}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00')
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {{}, {@void, @void, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x3e}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x7fff, 0x44}}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x8001)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000080)={0x2d20, 0x0, 0x3ff, 0x5, 0xa, 0x7})
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r6, &(0x7f0000000480)={&(0x7f0000000240), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r5, 0x100, 0x70bd28, 0x25dfdbfd, {{}, {@void, @void, @void}}, [@NL80211_ATTR_PID={0xffffffffffffff3c}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x9, 0x79}}, @NL80211_ATTR_PID={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040850}, 0x4a080)

05:55:37 executing program 0 (fault-call:1 fault-nth:34):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

[ 1572.306666] 9pnet: Couldn't grow tag array
05:55:37 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000214000225bd7000fddbdf00"/28], 0x1}, 0x1, 0x0, 0x0, 0x4008844}, 0x4008801)
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_devices(r2, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x8a0, 0x0)

05:55:37 executing program 3:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x0, 0x88802)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000140))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0x0]})

[ 1572.360354] FAULT_INJECTION: forcing a failure.
[ 1572.360354] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1572.372202] CPU: 1 PID: 29686 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1572.380087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1572.389457] Call Trace:
[ 1572.392058]  dump_stack+0x1b2/0x281
[ 1572.395692]  should_fail.cold+0x10a/0x149
[ 1572.399861]  __alloc_pages_nodemask+0x22c/0x2720
[ 1572.402360] FAULT_INJECTION: forcing a failure.
[ 1572.402360] name failslab, interval 1, probability 0, space 0, times 0
[ 1572.404624]  ? kasan_kmalloc+0x139/0x160
[ 1572.404640]  ? kasan_kmalloc+0xeb/0x160
[ 1572.423834]  ? __kmalloc+0x15a/0x400
[ 1572.427543]  ? p9_fcall_alloc+0x19/0x90
[ 1572.431500]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1572.436857]  ? p9_client_rpc+0x170/0x1520
[ 1572.441001]  ? p9_client_attach+0x137/0x750
[ 1572.445314]  ? v9fs_session_init+0xc03/0x1540
[ 1572.449836]  ? v9fs_mount+0x73/0x860
[ 1572.453541]  ? mount_fs+0x92/0x2a0
05:55:37 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffffb, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000580)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000240)={0x80000000, 0x5, &(0x7f0000000000)=[0x1, 0x0, 0x3f, 0x5, 0x0], &(0x7f00000001c0)=[0x7, 0x7, 0x7fff], &(0x7f0000000200)=[0x7, 0x1ab, 0x4, 0x7, 0x5, 0x8, 0x3]})
ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f0000000080)={0x0, 0x2})
r3 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x81, 0x208800)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r3, 0xc01064ac, &(0x7f00000003c0)={0x0, 0xce, &(0x7f00000002c0)=""/206})
syz_open_dev$dri(&(0x7f0000000440)='/dev/dri/card#\x00', 0x3, 0xa40)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000480)='/dev/dri/card#\x00', 0x81, 0x440)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r5, 0xc01064bd, &(0x7f0000000540)={&(0x7f00000004c0)="f10552803ed1476286b9ec9e215711cfb6a06087e49a924b475065203ffc81bcf8c732f0c578ed9272d6080317b5f79c51860e66f2176a2da83b5b38182a5548bf", 0x41})
ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f0000000140)={0x22, <r6=>0x0})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000180)={r6, 0x20000000})
ioctl$DRM_IOCTL_LOCK(r0, 0x4008642a, &(0x7f0000000040)={0x0, 0x13})
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f00000000c0)={0xfff, 0x4, 0x5, 0x41, 0x1, 0x10001, 0x6})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1572.457086]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1572.461751]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1572.466599]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1572.471956]  ? do_syscall_64+0x1d5/0x640
[ 1572.476007]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1572.481375]  ? cache_alloc_refill+0x2fa/0x350
[ 1572.485853]  cache_grow_begin+0x91/0x630
[ 1572.489905]  ? check_preemption_disabled+0x35/0x240
[ 1572.494902]  cache_alloc_refill+0x273/0x350
[ 1572.499213]  __kmalloc+0x378/0x400
[ 1572.502739]  ? p9_fcall_alloc+0x19/0x90
[ 1572.506701]  p9_fcall_alloc+0x19/0x90
[ 1572.510491]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1572.515675]  p9_client_rpc+0x170/0x1520
[ 1572.519637]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1572.524985]  ? lock_acquire+0x170/0x3f0
[ 1572.528940]  ? lock_downgrade+0x740/0x740
[ 1572.533071]  ? lock_acquire+0x170/0x3f0
[ 1572.537031]  ? lock_downgrade+0x740/0x740
[ 1572.541184]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1572.546276]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1572.551276]  p9_client_attach+0x137/0x750
[ 1572.555409]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
05:55:37 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x800300)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1572.560928]  ? v9fs_session_init+0xad1/0x1540
[ 1572.565425]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1572.570433]  v9fs_session_init+0xc03/0x1540
[ 1572.574762]  ? v9fs_show_options+0x6b0/0x6b0
[ 1572.579173]  ? v9fs_mount+0x54/0x860
[ 1572.582883]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1572.588328]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1572.593339]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1572.598171]  v9fs_mount+0x73/0x860
[ 1572.601697]  ? alloc_pages_current+0x15d/0x260
[ 1572.606276]  ? __lockdep_init_map+0x100/0x560
[ 1572.610767]  mount_fs+0x92/0x2a0
[ 1572.614118]  vfs_kern_mount.part.0+0x5b/0x470
[ 1572.618601]  do_mount+0xe53/0x2a00
[ 1572.622233]  ? copy_mount_string+0x40/0x40
[ 1572.626460]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1572.631816]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.635690]  ? copy_mount_options+0x1fa/0x2f0
[ 1572.640167]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.644036]  SyS_mount+0xa8/0x120
[ 1572.647478]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.651353]  do_syscall_64+0x1d5/0x640
[ 1572.655238]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
05:55:37 executing program 3:
pkey_mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0xffffffffffffffff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000000180))
ioctl$DRM_IOCTL_AGP_BIND(r2, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1572.660422] RIP: 0033:0x45e219
[ 1572.663614] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1572.671322] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1572.678589] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1572.685859] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1572.693124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000021
[ 1572.700388] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1572.707703] CPU: 0 PID: 29685 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1572.715589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1572.724940] Call Trace:
[ 1572.727527]  dump_stack+0x1b2/0x281
[ 1572.731157]  should_fail.cold+0x10a/0x149
[ 1572.735305]  should_failslab+0xd6/0x130
[ 1572.739282]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1572.743955]  ? v9fs_session_init+0xad1/0x1540
[ 1572.748454]  v9fs_cache_session_get_cookie+0x103/0x1c0
[ 1572.753734]  v9fs_session_init+0xc92/0x1540
05:55:37 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x8, 0x100)

[ 1572.758066]  ? v9fs_show_options+0x6b0/0x6b0
[ 1572.762478]  ? v9fs_mount+0x54/0x860
[ 1572.766194]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1572.771644]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1572.776660]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1572.781522]  v9fs_mount+0x73/0x860
[ 1572.785059]  ? alloc_pages_current+0x15d/0x260
[ 1572.789640]  ? __lockdep_init_map+0x100/0x560
[ 1572.794141]  mount_fs+0x92/0x2a0
[ 1572.797512]  vfs_kern_mount.part.0+0x5b/0x470
[ 1572.802025]  do_mount+0xe53/0x2a00
[ 1572.805590]  ? copy_mount_string+0x40/0x40
[ 1572.809805]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1572.814800]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.818668]  ? copy_mount_options+0x1fa/0x2f0
[ 1572.823141]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.827014]  SyS_mount+0xa8/0x120
[ 1572.830458]  ? copy_mnt_ns+0xa30/0xa30
[ 1572.834331]  do_syscall_64+0x1d5/0x640
[ 1572.838212]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1572.843380] RIP: 0033:0x45e219
[ 1572.846545] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1572.854229] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
05:55:38 executing program 1 (fault-call:1 fault-nth:34):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:38 executing program 4:
ioctl$EVIOCGMTSLOTS(0xffffffffffffffff, 0x8040450a, &(0x7f0000000000)=""/180)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f00000000c0)={0x0, 0x3})

05:55:38 executing program 2:
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000000540)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x20, 0x3fa, 0x200, 0x70bd2d, 0x25dfdbfc, {}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4044804}, 0x11)
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000040)={0x7, 0x9})

05:55:38 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x40a00, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000440)=""/209)
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000000040)={0x7, 0x9, 0x7fff, 0x8001, 0x15fb64ab, 0x4e, 0x6})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r3, 0xc04064aa, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x3, 0x0, [], 0x4, 0x8})
ioctl$DRM_IOCTL_AGP_BIND(r2, 0x40106436, &(0x7f0000000000))
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
sendmmsg$sock(r5, &(0x7f0000003440)=[{{&(0x7f0000000200)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x0, @broadcast}}}, 0x80, 0x0}}], 0x1, 0x0)
r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r6, 0xc0106401, &(0x7f0000000180)={0xffffff4d, &(0x7f0000000140)=""/22})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:38 executing program 0 (fault-call:1 fault-nth:35):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:38 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x2088, &(0x7f0000000240)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@noextend='noextend'}, {@privport='privport'}], [{@smackfstransmute={'smackfstransmute', 0x3d, '&'}}]}})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_ADD_BUFS(0xffffffffffffffff, 0xc0206416, &(0x7f0000000080)={0xc56, 0xffff, 0x0, 0x4, 0x2, 0x401})
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x8, 0x250041)
ioctl$DRM_IOCTL_NEW_CTX(r2, 0x40086425, &(0x7f0000000180)={0x0, 0x3})

[ 1572.861482] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1572.868728] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1572.875978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000022
[ 1572.883361] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1572.965432] FAULT_INJECTION: forcing a failure.
[ 1572.965432] name failslab, interval 1, probability 0, space 0, times 0
[ 1572.969128] FAULT_INJECTION: forcing a failure.
[ 1572.969128] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1572.978283] CPU: 1 PID: 29727 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1572.996330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1573.005700] Call Trace:
[ 1573.008397]  dump_stack+0x1b2/0x281
[ 1573.012018]  should_fail.cold+0x10a/0x149
[ 1573.016155]  should_failslab+0xd6/0x130
[ 1573.020119]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1573.024771]  ? v9fs_session_init+0xad1/0x1540
[ 1573.029266]  v9fs_cache_session_get_cookie+0x103/0x1c0
[ 1573.034532]  v9fs_session_init+0xc92/0x1540
[ 1573.038846]  ? v9fs_show_options+0x6b0/0x6b0
[ 1573.043250]  ? v9fs_mount+0x54/0x860
[ 1573.046944]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1573.052374]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1573.057386]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1573.062207]  v9fs_mount+0x73/0x860
[ 1573.065728]  ? alloc_pages_current+0x15d/0x260
[ 1573.070286]  ? __lockdep_init_map+0x100/0x560
[ 1573.074761]  mount_fs+0x92/0x2a0
[ 1573.078110]  vfs_kern_mount.part.0+0x5b/0x470
[ 1573.082593]  do_mount+0xe53/0x2a00
[ 1573.086116]  ? copy_mount_string+0x40/0x40
[ 1573.090332]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1573.095327]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.099193]  ? copy_mount_options+0x1fa/0x2f0
[ 1573.103664]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.107532]  SyS_mount+0xa8/0x120
[ 1573.110962]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.114829]  do_syscall_64+0x1d5/0x640
[ 1573.118699]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1573.123866] RIP: 0033:0x45e219
[ 1573.127035] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1573.134732] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1573.141987] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1573.149257] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1573.156508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000022
05:55:38 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000001380)={0x6, &(0x7f0000000000)=""/248, &(0x7f00000012c0)=[{0x1ff, 0x1c, 0x100, &(0x7f0000000140)=""/28}, {0x1, 0x21, 0x4, &(0x7f0000000180)=""/33}, {0x2c4, 0x1b, 0x271d9717, &(0x7f00000001c0)=""/27}, {0x9, 0x5e, 0x37d, &(0x7f0000000200)=""/94}, {0x53b, 0x1000, 0x5, &(0x7f0000000280)=""/4096}, {0x8, 0x2b, 0x0, &(0x7f0000001280)=""/43}]})

[ 1573.163762] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1573.171030] CPU: 0 PID: 29726 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1573.178913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1573.188260] Call Trace:
[ 1573.190846]  dump_stack+0x1b2/0x281
[ 1573.194477]  should_fail.cold+0x10a/0x149
[ 1573.198632]  __alloc_pages_nodemask+0x22c/0x2720
[ 1573.203388]  ? kasan_kmalloc+0x139/0x160
[ 1573.207444]  ? kasan_kmalloc+0xeb/0x160
[ 1573.211412]  ? __kmalloc+0x15a/0x400
05:55:38 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0xffffffff})

05:55:38 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xfffffffb, 0x7c95c0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1573.215122]  ? p9_fcall_alloc+0x19/0x90
[ 1573.219096]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1573.224457]  ? p9_client_rpc+0x170/0x1520
[ 1573.228608]  ? p9_client_attach+0x137/0x750
[ 1573.232935]  ? v9fs_session_init+0xc03/0x1540
[ 1573.237433]  ? v9fs_mount+0x73/0x860
[ 1573.241150]  ? mount_fs+0x92/0x2a0
[ 1573.244697]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1573.249363]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1573.254206]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1573.259577]  ? do_syscall_64+0x1d5/0x640
05:55:38 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_AGP_UNBIND(0xffffffffffffffff, 0x40106437, &(0x7f0000000040)={0x0, 0x3ff})

05:55:38 executing program 2:
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000140)={&(0x7f0000000080)=[0x5, 0x3, 0x200, 0x40, 0xdf5, 0x4, 0x100, 0x0, 0x80], 0x9, 0x2fa, 0x4, 0x0, 0x9, 0x5, 0x7fffffff, {0x8, 0x0, 0x1ff, 0x1f, 0x7f, 0x1, 0x7, 0x5, 0x4080, 0xad, 0x131d, 0xffc1, 0x40, 0xfffffffa, "82dc526634e81552cbbeede75a8f6dc5de256ff7756448918f77962152663be1"}})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r1, 0x40046411, &(0x7f0000000040)=0x1)

[ 1573.263639]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1573.269042]  ? cache_alloc_refill+0x2fa/0x350
[ 1573.273541]  cache_grow_begin+0x91/0x630
[ 1573.277607]  ? check_preemption_disabled+0x35/0x240
[ 1573.282627]  cache_alloc_refill+0x273/0x350
[ 1573.286941]  __kmalloc+0x378/0x400
[ 1573.290470]  ? p9_fcall_alloc+0x19/0x90
[ 1573.294443]  p9_fcall_alloc+0x19/0x90
[ 1573.298238]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1573.303428]  p9_client_rpc+0x170/0x1520
[ 1573.307402]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1573.312769]  ? lock_acquire+0x170/0x3f0
05:55:38 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0xfffffffffffffff9, 0x408100)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{}, {}, {<r1=>0x0}, {}, {}, {}]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000480)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f00000004c0)={0x0, 0x1})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000140)={r1, &(0x7f00000000c0)=""/4})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r3 = socket$netlink(0x10, 0x3, 0x4)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c018818fa823835be63410000faab83db1bdf73d2b3057e6c8b7133bde7e9422afc6bd0f690ceb224ac3036209d7cebdcdad4aebcd3fd753728129ea7ea700bdcefeea0e5607c5ae54b1b4cbf1e7c5c46d430351b7b2691d3cd2462fad39dc87c98a5decbd798a4bd000000000000", @ANYRES16=0x0, @ANYBLOB="00042cbd7000ffdbdf250800000008000400ac1e00012700070073797374656d5f753a6f626a6563745f723a6574635f616c69617365735f743a73300000140003000000000000000000000000000000000114000200fc010000000000000000000000000001"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x8000)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200)='batadv\x00')
syz_genetlink_get_family_id$batadv(&(0x7f0000000500)='batadv\x00')
sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r4, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x44010)

[ 1573.316741]  ? lock_downgrade+0x740/0x740
[ 1573.320895]  ? lock_acquire+0x170/0x3f0
[ 1573.324872]  ? lock_downgrade+0x740/0x740
[ 1573.329025]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1573.334130]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1573.339150]  p9_client_attach+0x137/0x750
[ 1573.343291]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1573.348807]  ? v9fs_session_init+0xad1/0x1540
[ 1573.353282]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1573.358278]  v9fs_session_init+0xc03/0x1540
[ 1573.362580]  ? v9fs_show_options+0x6b0/0x6b0
[ 1573.367187]  ? v9fs_mount+0x54/0x860
[ 1573.370879]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1573.376365]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1573.381359]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1573.386181]  v9fs_mount+0x73/0x860
[ 1573.389709]  ? alloc_pages_current+0x15d/0x260
[ 1573.394272]  ? __lockdep_init_map+0x100/0x560
[ 1573.398749]  mount_fs+0x92/0x2a0
[ 1573.402097]  vfs_kern_mount.part.0+0x5b/0x470
[ 1573.406584]  do_mount+0xe53/0x2a00
[ 1573.410119]  ? do_raw_spin_unlock+0x164/0x220
[ 1573.414593]  ? copy_mount_string+0x40/0x40
[ 1573.418807]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1573.423800]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.427682]  ? copy_mount_options+0x1fa/0x2f0
[ 1573.432155]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.436019]  SyS_mount+0xa8/0x120
[ 1573.439487]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.443351]  do_syscall_64+0x1d5/0x640
[ 1573.447218]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1573.452449] RIP: 0033:0x45e219
[ 1573.455657] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1573.463346] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1573.470601] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1573.477892] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1573.485140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000023
[ 1573.492385] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:38 executing program 1 (fault-call:1 fault-nth:35):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:38 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x8000020, 0x400)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000140)=""/235)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000040)={0xfffffffe, 0x370})
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000080)=0x2)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x0, 0x4df6})

05:55:38 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000180))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000001c0))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x2, 0xfffffffd, 0x8, 0xfff, 0xfffffffe, 0x7, 0xffffb78e, 0x50000000], 0x8, 0x80000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000200)={0x0, 0x81})
setns(r2, 0x10000000)
ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f0000000340)={0x0, &(0x7f0000000240)=""/184, &(0x7f0000000300)})

05:55:38 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x200, 0xc00)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f00000001c0)={&(0x7f0000000080)=[0x0], &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x1, 0x4, 0x0, 0x7})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:38 executing program 0 (fault-call:1 fault-nth:36):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:38 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000140)={0xc3, &(0x7f0000000000)=""/195})

[ 1573.595660] FAULT_INJECTION: forcing a failure.
[ 1573.595660] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1573.596642] FAULT_INJECTION: forcing a failure.
[ 1573.596642] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1573.607488] CPU: 1 PID: 29768 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1573.627125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1573.636456] Call Trace:
[ 1573.639030]  dump_stack+0x1b2/0x281
[ 1573.642638]  should_fail.cold+0x10a/0x149
[ 1573.646767]  __alloc_pages_nodemask+0x22c/0x2720
[ 1573.651611]  ? kasan_kmalloc+0x139/0x160
[ 1573.655664]  ? kasan_kmalloc+0xeb/0x160
[ 1573.659619]  ? __kmalloc+0x15a/0x400
[ 1573.663310]  ? p9_fcall_alloc+0x19/0x90
[ 1573.667260]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1573.672599]  ? p9_client_rpc+0x170/0x1520
[ 1573.676726]  ? p9_client_attach+0x137/0x750
[ 1573.681025]  ? v9fs_session_init+0xc03/0x1540
[ 1573.685495]  ? v9fs_mount+0x73/0x860
[ 1573.689186]  ? mount_fs+0x92/0x2a0
[ 1573.692703]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1573.697351]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1573.702173]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1573.707513]  ? do_syscall_64+0x1d5/0x640
[ 1573.711551]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1573.716898]  ? cache_alloc_refill+0x2fa/0x350
[ 1573.721378]  cache_grow_begin+0x91/0x630
[ 1573.725421]  ? check_preemption_disabled+0x35/0x240
[ 1573.730428]  cache_alloc_refill+0x273/0x350
[ 1573.734729]  __kmalloc+0x378/0x400
[ 1573.738258]  ? p9_fcall_alloc+0x19/0x90
[ 1573.742213]  p9_fcall_alloc+0x19/0x90
[ 1573.745993]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1573.751169]  p9_client_rpc+0x170/0x1520
[ 1573.755125]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1573.760470]  ? lock_acquire+0x170/0x3f0
[ 1573.764423]  ? lock_downgrade+0x740/0x740
[ 1573.768550]  ? lock_acquire+0x170/0x3f0
[ 1573.772515]  ? lock_downgrade+0x740/0x740
[ 1573.776644]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1573.781750]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1573.786746]  p9_client_attach+0x137/0x750
[ 1573.790878]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1573.796392]  ? v9fs_session_init+0xad1/0x1540
[ 1573.800870]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1573.805868]  v9fs_session_init+0xc03/0x1540
[ 1573.810174]  ? v9fs_show_options+0x6b0/0x6b0
[ 1573.814562]  ? v9fs_mount+0x54/0x860
[ 1573.818256]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1573.823690]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1573.828684]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1573.833507]  v9fs_mount+0x73/0x860
[ 1573.837025]  ? alloc_pages_current+0x15d/0x260
[ 1573.841584]  ? __lockdep_init_map+0x100/0x560
[ 1573.846058]  mount_fs+0x92/0x2a0
[ 1573.849405]  vfs_kern_mount.part.0+0x5b/0x470
[ 1573.853881]  do_mount+0xe53/0x2a00
[ 1573.857401]  ? do_raw_spin_unlock+0x164/0x220
[ 1573.861877]  ? copy_mount_string+0x40/0x40
[ 1573.866092]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1573.871085]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.874962]  ? copy_mount_options+0x1fa/0x2f0
[ 1573.879446]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.883310]  SyS_mount+0xa8/0x120
[ 1573.886741]  ? copy_mnt_ns+0xa30/0xa30
[ 1573.890607]  do_syscall_64+0x1d5/0x640
[ 1573.894477]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1573.899656] RIP: 0033:0x45e219
[ 1573.902829] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1573.910530] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1573.917779] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1573.925026] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1573.932273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000024
[ 1573.939522] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
05:55:39 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, <r1=>0x0], 0x5})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000280)={r1, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000040)={0x0, &(0x7f0000000140)=""/235})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f00000003c0)={&(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], 0x7, 0x5, 0x4, 0x0, 0x5})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1573.946785] CPU: 0 PID: 29764 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1573.954666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1573.964021] Call Trace:
[ 1573.966612]  dump_stack+0x1b2/0x281
[ 1573.970243]  should_fail.cold+0x10a/0x149
[ 1573.974397]  __alloc_pages_nodemask+0x22c/0x2720
[ 1573.979155]  ? kasan_kmalloc+0x139/0x160
[ 1573.983214]  ? kasan_kmalloc+0xeb/0x160
[ 1573.987188]  ? __kmalloc+0x15a/0x400
[ 1573.990898]  ? p9_fcall_alloc+0x19/0x90
05:55:39 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x6d8, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000040)={0x0, <r2=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000080)={r2})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1573.994866]  ? p9_client_prepare_req.part.0+0x86c/0xb60
[ 1574.000228]  ? p9_client_rpc+0x170/0x1520
[ 1574.004372]  ? p9_client_attach+0x137/0x750
[ 1574.008694]  ? v9fs_session_init+0xc03/0x1540
[ 1574.013182]  ? v9fs_mount+0x73/0x860
[ 1574.016890]  ? mount_fs+0x92/0x2a0
[ 1574.020429]  ? vfs_kern_mount.part.0+0x5b/0x470
[ 1574.025099]  ? gfp_pfmemalloc_allowed+0x150/0x150
[ 1574.029943]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1574.035306]  ? do_syscall_64+0x1d5/0x640
[ 1574.039369]  ? entry_SYSCALL_64_after_hwframe+0x46/0xbb
05:55:39 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x2, 0x10080)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x7, 0x40000)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000080)=[0x7, 0x80000000, 0x1, 0xe0, 0x9000, 0x10000, 0x3ea8cc3c, 0xff, 0x5], 0x9, 0x0, 0x0, <r2=>0xffffffffffffffff})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r2, 0x80386433, &(0x7f0000000140)=""/4096)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000001240)={0x0, <r4=>0x0})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f0000001280)={r4})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
sendmsg$AUDIT_SET_FEATURE(r3, &(0x7f0000001200)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x20, 0x3fa, 0x0, 0x70bd2d, 0x25dfdbff, {0x1, 0x1, 0x1}, ["", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x24000001}, 0x0)

[ 1574.044741]  ? cache_alloc_refill+0x2fa/0x350
[ 1574.049240]  cache_grow_begin+0x91/0x630
[ 1574.053304]  ? check_preemption_disabled+0x35/0x240
[ 1574.058324]  cache_alloc_refill+0x273/0x350
[ 1574.062648]  __kmalloc+0x378/0x400
[ 1574.066184]  ? p9_fcall_alloc+0x19/0x90
[ 1574.070160]  p9_fcall_alloc+0x19/0x90
[ 1574.073961]  p9_client_prepare_req.part.0+0x7f8/0xb60
[ 1574.079155]  p9_client_rpc+0x170/0x1520
[ 1574.083134]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1574.088500]  ? lock_acquire+0x170/0x3f0
[ 1574.092469]  ? lock_downgrade+0x740/0x740
05:55:39 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x1)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@version_9p2000='version=9p2000'}]}})
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000140)={0x2, 0x3, 0x7, 0xe9ea, 0x8000, 0x8, 0x4})

05:55:39 executing program 2:
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, &(0x7f0000000080)={0x4, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0]})
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x2, 0x101000)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000140)={0x7, 0x7, 0x8, 0x1, 0x1d, 0x9fb})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000180)={0x1})

05:55:39 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000040)={&(0x7f0000ffc000/0x1000)=nil, 0x7fff, 0x5, 0x1})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x3, 0x3})

[ 1574.096617]  ? lock_acquire+0x170/0x3f0
[ 1574.100591]  ? lock_downgrade+0x740/0x740
[ 1574.104758]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1574.109865]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1574.114884]  p9_client_attach+0x137/0x750
[ 1574.119034]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1574.124568]  ? v9fs_session_init+0xad1/0x1540
[ 1574.129063]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1574.134081]  v9fs_session_init+0xc03/0x1540
[ 1574.138406]  ? v9fs_show_options+0x6b0/0x6b0
[ 1574.142813]  ? v9fs_mount+0x54/0x860
[ 1574.146532]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1574.151979]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1574.157040]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1574.161864]  v9fs_mount+0x73/0x860
[ 1574.165383]  ? alloc_pages_current+0x15d/0x260
[ 1574.167442] 9pnet: Insufficient options for proto=fd
[ 1574.169950]  ? __lockdep_init_map+0x100/0x560
[ 1574.169963]  mount_fs+0x92/0x2a0
[ 1574.169976]  vfs_kern_mount.part.0+0x5b/0x470
[ 1574.169988]  do_mount+0xe53/0x2a00
[ 1574.190922]  ? retint_kernel+0x2d/0x2d
[ 1574.194816]  ? copy_mount_string+0x40/0x40
[ 1574.199045]  ? copy_mount_options+0x185/0x2f0
[ 1574.203550]  ? copy_mount_options+0x197/0x2f0
[ 1574.208024]  ? copy_mount_options+0x1fa/0x2f0
[ 1574.212511]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.216387]  SyS_mount+0xa8/0x120
[ 1574.219819]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.223695]  do_syscall_64+0x1d5/0x640
[ 1574.227596]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1574.232769] RIP: 0033:0x45e219
[ 1574.235938] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
05:55:39 executing program 1 (fault-call:1 fault-nth:36):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:39 executing program 2:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x80, &(0x7f0000000200)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [{@subj_user={'subj_user', 0x3d, ',\'}'}}]}})
r1 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x24200)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000040)={<r2=>0x0, 0x0, r1})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x6, 0x1a8, 0x1, 0x8, 0x6, 0xb94], 0x6, 0x800})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000140)={0x5, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000080)={r2})

05:55:39 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = shmget(0x0, 0x2000, 0x100, &(0x7f0000ffd000/0x2000)=nil)
shmctl$IPC_RMID(r1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x7fff, 0xffffffff, 0xaa3})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f0000000100)={&(0x7f00000000c0)="7c99a39bb72ad177c91724fc6be8b7", 0xf})

05:55:39 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x4, 0x20000)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000000)={0x0, 0x0})

[ 1574.243627] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1574.250888] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1574.258154] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1574.265409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000023
[ 1574.272665] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:39 executing program 0 (fault-call:1 fault-nth:37):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:39 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x100000000, <r1=>0x0, 0x2})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={r1, 0x80000040})
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000040))
r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x7, 0x300)
ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000240)={0xfe, &(0x7f0000000140)=""/254})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SG_FREE(r3, 0x40106439, &(0x7f0000000280)={0x8, r1})

05:55:39 executing program 5:
r0 = getpid()
wait4(r0, 0x0, 0x20000002, 0x0)
getpgid(r0)
r1 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000080))
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000140)={0x1, 0x0, &(0x7f0000000100)=[0x0]})
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f00000000c0)={0x3e0, 0xd24, 0x9, 0x9})
ioctl$DRM_IOCTL_MODE_SETPLANE(r1, 0xc03064b7, &(0x7f0000000180)={0x0, 0xc9f, 0x100, 0x81, 0x1ff, 0x1, 0x8000, 0x2, 0xffff8001, 0x5, 0x2, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

[ 1574.339918] 9pnet: Insufficient options for proto=fd
[ 1574.342073] FAULT_INJECTION: forcing a failure.
[ 1574.342073] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.374741] FAULT_INJECTION: forcing a failure.
[ 1574.374741] name failslab, interval 1, probability 0, space 0, times 0
05:55:39 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x2, 0x5ad203)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x6})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0x18040, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000240)={&(0x7f00000002c0), &(0x7f0000000180)=[{}, {}, {}, {}], 0x6, 0x0, [], 0x0, 0x4})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0], &(0x7f0000000080)=[{}], 0x9, 0x0, [], 0x2, 0x1})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000006c0)={0x3ff, 0x0, 0x10000})
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r4, 0x40206435, &(0x7f0000000680))
r5 = ioctl$NS_GET_PARENT(r1, 0xb702, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000480)={&(0x7f0000000440)=[0x2, 0x6], 0x2, 0x0, 0x0, <r6=>0xffffffffffffffff})
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000600)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000005c0)={&(0x7f00000004c0)={0xd0, 0x0, 0x2, 0x70bd2c, 0x25dfdbff, {}, [{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r6}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x1}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000640)={0x0, 0x9, 0x10000})
sendmsg$RDMA_NLDEV_CMD_SET(r2, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x44, 0x1402, 0x200, 0x70bd2a, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r3}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_NET_NS_FD={0x8, 0x44, r5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x4000)

05:55:39 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x4542, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0), 0x4)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)={<r1=>0x0})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r2, 0x4010641c, &(0x7f0000000040)={r1, 0x0})

[ 1574.400635] CPU: 0 PID: 29803 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1574.408550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1574.417904] Call Trace:
[ 1574.420499]  dump_stack+0x1b2/0x281
[ 1574.424140]  should_fail.cold+0x10a/0x149
[ 1574.428295]  should_failslab+0xd6/0x130
[ 1574.432270]  __kmalloc+0x2c1/0x400
[ 1574.435811]  ? p9_fcall_alloc+0x19/0x90
[ 1574.439788]  p9_fcall_alloc+0x19/0x90
[ 1574.443586]  p9_client_prepare_req.part.0+0x7f8/0xb60
05:55:39 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x6, 0x6, 0x8, 0x6, 0xe9], 0x5, 0x40000, 0x0, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f00000000c0))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[ 1574.448777]  p9_client_rpc+0x170/0x1520
[ 1574.452755]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1574.458116]  ? lock_acquire+0x170/0x3f0
[ 1574.462092]  ? lock_downgrade+0x740/0x740
[ 1574.466244]  ? lock_acquire+0x170/0x3f0
[ 1574.470213]  ? lock_downgrade+0x740/0x740
[ 1574.474361]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1574.479463]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1574.484484]  p9_client_attach+0x137/0x750
[ 1574.488638]  ? p9_client_zc_rpc.constprop.0+0x1360/0x1360
[ 1574.494170]  ? v9fs_session_init+0xad1/0x1540
05:55:39 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x9, 0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000180)={0x9, 0x0, 0x2})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000140)={0x1, 0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000200)={0x890, <r1=>0x0, 0x2})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x40000, 0x18801)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, 0x0)
accept(r4, 0x0, &(0x7f0000000280))
setsockopt$inet_dccp_int(r4, 0x21, 0x6, &(0x7f0000000240)=0x2, 0x4)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000300)={<r5=>0x0, 0x0, r2})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000380)={r5, 0x80000, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_ADDFB(r6, 0xc01c64ae, &(0x7f00000003c0)={0xef42, 0x5, 0xa66b, 0xc9d, 0x9, 0x1f, 0x7})
ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000340)={r5})
ioctl$DRM_IOCTL_AGP_BIND(r3, 0x40106436, &(0x7f00000001c0)={r1, 0x7})
r7 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x4, 0x2, 0x1, 0x3, 0x3, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @loopback, 0x7800, 0x8000, 0x1, 0x4}})

05:55:39 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_AGP_RELEASE(0xffffffffffffffff, 0x6431)

[ 1574.498664]  ? trace_hardirqs_on_caller+0x3a8/0x580
[ 1574.503683]  v9fs_session_init+0xc03/0x1540
[ 1574.508016]  ? v9fs_show_options+0x6b0/0x6b0
[ 1574.512430]  ? v9fs_mount+0x54/0x860
[ 1574.516146]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1574.521599]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1574.526618]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1574.531463]  v9fs_mount+0x73/0x860
[ 1574.535003]  ? alloc_pages_current+0x15d/0x260
[ 1574.539582]  ? __lockdep_init_map+0x100/0x560
[ 1574.544086]  mount_fs+0x92/0x2a0
[ 1574.547450]  vfs_kern_mount.part.0+0x5b/0x470
[ 1574.551949]  do_mount+0xe53/0x2a00
[ 1574.555500]  ? do_raw_spin_unlock+0x164/0x220
[ 1574.559992]  ? copy_mount_string+0x40/0x40
[ 1574.564225]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1574.569241]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.573126]  ? copy_mount_options+0x1fa/0x2f0
[ 1574.577616]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.581500]  SyS_mount+0xa8/0x120
[ 1574.584940]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.588811]  do_syscall_64+0x1d5/0x640
[ 1574.592685]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1574.597852] RIP: 0033:0x45e219
[ 1574.601109] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1574.608794] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1574.616045] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1574.623312] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1574.630558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000024
[ 1574.637806] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1574.645066] CPU: 1 PID: 29809 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1574.648380] 9pnet: Couldn't grow tag array
[ 1574.652944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1574.652948] Call Trace:
[ 1574.652964]  dump_stack+0x1b2/0x281
[ 1574.652975]  should_fail.cold+0x10a/0x149
[ 1574.652992]  should_failslab+0xd6/0x130
[ 1574.653004]  kmem_cache_alloc+0x28e/0x3c0
[ 1574.653016]  __fscache_acquire_cookie+0xd6/0x420
[ 1574.653030]  v9fs_cache_session_get_cookie+0x95/0x1c0
[ 1574.653039]  v9fs_session_init+0xc92/0x1540
05:55:39 executing program 1 (fault-call:1 fault-nth:37):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:39 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f0000000080)={0x5, 0x401, 0x8})
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000000)={0x7f, 0x10001, 0x3, 0x401, 0x2, 0x0, 0x9})
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000040)={0x12})

05:55:39 executing program 3:
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0xfffffffffffffffe, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:39 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x4, 0x29c083)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9})

[ 1574.653056]  ? v9fs_show_options+0x6b0/0x6b0
[ 1574.653067]  ? v9fs_mount+0x54/0x860
[ 1574.707319]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[ 1574.709252] FAULT_INJECTION: forcing a failure.
[ 1574.709252] name failslab, interval 1, probability 0, space 0, times 0
[ 1574.712766]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1574.712781]  ? kmem_cache_alloc_trace+0x36c/0x3d0
[ 1574.712791]  v9fs_mount+0x73/0x860
[ 1574.712800]  ? alloc_pages_current+0x15d/0x260
[ 1574.712809]  ? __lockdep_init_map+0x100/0x560
[ 1574.712819]  mount_fs+0x92/0x2a0
[ 1574.712831]  vfs_kern_mount.part.0+0x5b/0x470
[ 1574.712842]  do_mount+0xe53/0x2a00
[ 1574.712853]  ? do_raw_spin_unlock+0x164/0x220
[ 1574.712866]  ? copy_mount_string+0x40/0x40
[ 1574.712881]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1574.771403]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.775273]  ? copy_mount_options+0x1fa/0x2f0
[ 1574.779745]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.783615]  SyS_mount+0xa8/0x120
[ 1574.787058]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.790932]  do_syscall_64+0x1d5/0x640
[ 1574.794817]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1574.799992] RIP: 0033:0x45e219
[ 1574.803161] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1574.810848] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1574.818096] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1574.825344] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1574.832594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000025
[ 1574.839964] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1574.847233] CPU: 0 PID: 29835 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1574.855122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1574.864475] Call Trace:
[ 1574.867064]  dump_stack+0x1b2/0x281
[ 1574.870692]  should_fail.cold+0x10a/0x149
[ 1574.874841]  should_failslab+0xd6/0x130
[ 1574.878819]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1574.883505]  sget_userns+0x102/0xc10
[ 1574.887221]  ? v9fs_kill_super+0x90/0x90
[ 1574.891280]  ? v9fs_kill_super+0x90/0x90
[ 1574.895329]  sget+0xd1/0x110
[ 1574.898336]  v9fs_mount+0x9e/0x860
[ 1574.901861]  ? alloc_pages_current+0x15d/0x260
[ 1574.906420]  ? __lockdep_init_map+0x100/0x560
[ 1574.910907]  mount_fs+0x92/0x2a0
[ 1574.914253]  vfs_kern_mount.part.0+0x5b/0x470
[ 1574.918727]  do_mount+0xe53/0x2a00
[ 1574.922272]  ? copy_mount_string+0x40/0x40
[ 1574.926491]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1574.931485]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.935355]  ? copy_mount_options+0x1fa/0x2f0
[ 1574.939827]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.943706]  SyS_mount+0xa8/0x120
[ 1574.947135]  ? copy_mnt_ns+0xa30/0xa30
[ 1574.951011]  do_syscall_64+0x1d5/0x640
[ 1574.954889]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1574.960064] RIP: 0033:0x45e219
[ 1574.963238] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1574.970923] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1574.978171] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1574.985420] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1574.992669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000025
[ 1574.999917] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
05:55:40 executing program 0 (fault-call:1 fault-nth:38):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:40 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x100000000009, 0xc0300)
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000000c0))
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:40 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000180)={&(0x7f00000000c0)=[0x5], &(0x7f0000000140)=[0x0, 0x0, 0x0], 0x1, 0x3, 0xbbbbbbbb})
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_MAP(r2, 0xc0286415, &(0x7f0000000200)={&(0x7f0000ffd000/0x2000)=nil, 0x1, 0x3, 0x39})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r3, 0xc01864b0, &(0x7f0000000080)={0xffffffa3, 0x4, 0x1, 0x2, 0x4})

05:55:40 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f0000000040)={0xdd, &(0x7f0000000140)="ebc560d72d9157fbf1aaabe2e48d57d004561b5f72fd185f17d9fa61de038db1610cbec349ab820a040299aec0e787fe738794457431b5b10027df5f93b8c7a729a98508f5eb27794788301ca240921224c03337ed7577ef9a431f0e1b408f4419261a35d601975b370713b6d118f35209dfdc21ed9780f1028551a53b821afc354e7b7439bcce309ac343559198d59448a231fd88aa06b7037fc3ba75bfb7b69237df1266b1c76373c40d02d1f4cfd90389c1cf73172dbf90eca08b02d7181292703522b3a551f6a4196ce630706048010c97042f8d931ab15ac9928c"})
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:40 executing program 1 (fault-call:1 fault-nth:38):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:40 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{}]})
r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x3ff, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000880)='l2tp\x00')
sendmsg$L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x28, r3, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x1c6}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e24}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000080))
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000140)={0x0, 0x0})

05:55:40 executing program 3:
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:40 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x4, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})

05:55:40 executing program 2:
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_congestion_control\x00', 0x1, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1575.080354] FAULT_INJECTION: forcing a failure.
[ 1575.080354] name failslab, interval 1, probability 0, space 0, times 0
[ 1575.108355] FAULT_INJECTION: forcing a failure.
[ 1575.108355] name failslab, interval 1, probability 0, space 0, times 0
05:55:40 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x80140)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000080)={&(0x7f0000000000)=[0x3, 0x9093, 0x6b3ac184, 0x8], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0xffffffff, 0xb0b0b0b0})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r1, 0xc01064bd, &(0x7f0000000140)={&(0x7f00000000c0)})

05:55:40 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={0x0, 0x48ea})
openat$zero(0xffffffffffffff9c, 0x0, 0x4b8701, 0x0)

05:55:40 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{}, {<r2=>0x0}, {}]})
ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f00000000c0)={r2, 0x2})

[ 1575.126864] CPU: 1 PID: 29858 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1575.134774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.144126] Call Trace:
[ 1575.146727]  dump_stack+0x1b2/0x281
[ 1575.150360]  should_fail.cold+0x10a/0x149
[ 1575.154512]  should_failslab+0xd6/0x130
[ 1575.158490]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1575.163164]  sget_userns+0x102/0xc10
[ 1575.166882]  ? v9fs_kill_super+0x90/0x90
[ 1575.170941]  ? v9fs_kill_super+0x90/0x90
[ 1575.174999]  sget+0xd1/0x110
[ 1575.178027]  v9fs_mount+0x9e/0x860
[ 1575.181570]  ? alloc_pages_current+0x15d/0x260
[ 1575.186151]  ? __lockdep_init_map+0x100/0x560
[ 1575.190648]  mount_fs+0x92/0x2a0
[ 1575.194027]  vfs_kern_mount.part.0+0x5b/0x470
[ 1575.198530]  do_mount+0xe53/0x2a00
[ 1575.202069]  ? do_raw_spin_unlock+0x164/0x220
[ 1575.206566]  ? copy_mount_string+0x40/0x40
[ 1575.210811]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1575.215827]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.219715]  ? copy_mount_options+0x1fa/0x2f0
[ 1575.224212]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.228093]  SyS_mount+0xa8/0x120
[ 1575.231547]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.235432]  do_syscall_64+0x1d5/0x640
[ 1575.239321]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1575.244492] RIP: 0033:0x45e219
[ 1575.247662] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1575.255359] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1575.262611] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1575.269864] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1575.277115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000026
[ 1575.284361] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1575.291629] CPU: 0 PID: 29860 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1575.299511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.308856] Call Trace:
[ 1575.311439]  dump_stack+0x1b2/0x281
[ 1575.315064]  should_fail.cold+0x10a/0x149
[ 1575.319196]  should_failslab+0xd6/0x130
[ 1575.323150]  kmem_cache_alloc_trace+0x29a/0x3d0
[ 1575.327798]  sget_userns+0x102/0xc10
[ 1575.331497]  ? v9fs_kill_super+0x90/0x90
[ 1575.335534]  ? v9fs_kill_super+0x90/0x90
[ 1575.339571]  sget+0xd1/0x110
[ 1575.342568]  v9fs_mount+0x9e/0x860
[ 1575.346082]  ? alloc_pages_current+0x15d/0x260
[ 1575.350638]  ? __lockdep_init_map+0x100/0x560
[ 1575.355108]  mount_fs+0x92/0x2a0
[ 1575.358617]  vfs_kern_mount.part.0+0x5b/0x470
[ 1575.363099]  do_mount+0xe53/0x2a00
[ 1575.366668]  ? do_raw_spin_unlock+0x164/0x220
[ 1575.371150]  ? copy_mount_string+0x40/0x40
[ 1575.375367]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1575.380360]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.384225]  ? copy_mount_options+0x1fa/0x2f0
[ 1575.388697]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.392564]  SyS_mount+0xa8/0x120
[ 1575.395990]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.399852]  do_syscall_64+0x1d5/0x640
[ 1575.403721]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1575.408906] RIP: 0033:0x45e219
[ 1575.412077] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1575.419765] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
05:55:40 executing program 0 (fault-call:1 fault-nth:39):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:40 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})
ioctl$DRM_IOCTL_GET_STATS(r0, 0x80f86406, &(0x7f0000000000)=""/113)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000080)={0xb8, &(0x7f00000001c0)=""/184})

05:55:40 executing program 5:
socket$nl_audit(0x10, 0x3, 0x9)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x7fff, 0x7f, 0xaa3})
socket$nl_audit(0x10, 0x3, 0x9)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, 0x1402, 0x4, 0x70bd27, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}]}, 0x3c}}, 0x40)

05:55:40 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x101, <r1=>0x0, 0x10000})
ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000000)={r1})
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)

05:55:40 executing program 1 (fault-call:1 fault-nth:39):
pipe2$9p(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080)='9p\x00', 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

05:55:40 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x792900)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

[ 1575.427049] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1575.434298] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1575.441543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000026
[ 1575.448789] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1575.507660] FAULT_INJECTION: forcing a failure.
[ 1575.507660] name failslab, interval 1, probability 0, space 0, times 0
[ 1575.511330] FAULT_INJECTION: forcing a failure.
[ 1575.511330] name failslab, interval 1, probability 0, space 0, times 0
[ 1575.530625] CPU: 0 PID: 29887 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1575.538517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.547869] Call Trace:
[ 1575.550457]  dump_stack+0x1b2/0x281
[ 1575.554096]  should_fail.cold+0x10a/0x149
[ 1575.558249]  should_failslab+0xd6/0x130
[ 1575.562219]  __kmalloc+0x2c1/0x400
[ 1575.565745]  ? register_shrinker+0x1ab/0x220
[ 1575.570145]  register_shrinker+0x1ab/0x220
[ 1575.574377]  sget_userns+0x9aa/0xc10
[ 1575.578084]  ? v9fs_kill_super+0x90/0x90
[ 1575.582136]  ? v9fs_kill_super+0x90/0x90
[ 1575.586196]  sget+0xd1/0x110
[ 1575.589209]  v9fs_mount+0x9e/0x860
[ 1575.592733]  ? alloc_pages_current+0x15d/0x260
[ 1575.597301]  ? __lockdep_init_map+0x100/0x560
[ 1575.601781]  mount_fs+0x92/0x2a0
[ 1575.605170]  vfs_kern_mount.part.0+0x5b/0x470
[ 1575.609664]  do_mount+0xe53/0x2a00
[ 1575.613216]  ? copy_mount_string+0x40/0x40
[ 1575.617444]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1575.622451]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.626333]  ? copy_mount_options+0x1fa/0x2f0
[ 1575.630817]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.634704]  SyS_mount+0xa8/0x120
[ 1575.638149]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.642028]  do_syscall_64+0x1d5/0x640
[ 1575.645914]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1575.651092] RIP: 0033:0x45e219
05:55:40 executing program 2:
ioctl$DRM_IOCTL_MODESET_CTL(0xffffffffffffffff, 0x40086408, &(0x7f0000000000))

05:55:40 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0xc2)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))

05:55:40 executing program 2:
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0xb8, 0x0, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0={0xfc, 0x0, [], 0x1}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'lo\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth1_to_bond\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_SECCTX={0x27, 0x7, 'system_u:object_r:fonts_cache_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'caif0\x00'}]}, 0xb8}, 0x1, 0x0, 0x0, 0x30048840}, 0x80)
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0], 0x2})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000400)='/dev/zero\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000001280)={0x0, &(0x7f0000000280)=""/4096})

05:55:40 executing program 2:
clock_gettime(0x0, &(0x7f0000000240)={<r0=>0x0, <r1=>0x0})
pselect6(0x40, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x6, 0x7, 0x5, 0xabdb, 0x6}, &(0x7f00000001c0)={0x2, 0x6, 0x1f, 0x3f, 0x9, 0x3, 0x8000}, &(0x7f0000000200)={0xaad4, 0x0, 0x3, 0x4, 0x800, 0x7, 0xfffffffffffffffc, 0x5}, &(0x7f0000000280)={r0, r1+10000000}, &(0x7f0000000300)={&(0x7f00000002c0)={[0x10000]}, 0x8})
r2 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0]})
ioctl$DRM_IOCTL_MODESET_CTL(r2, 0x40086408, &(0x7f0000000000))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_ADD_BUFS(r3, 0xc0206416, &(0x7f0000000140)={0x7fff, 0x400, 0x0, 0x79f, 0xc, 0x2})

[ 1575.654276] RSP: 002b:00007f3057547c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1575.661971] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1575.669229] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1575.676489] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1575.683755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000027
[ 1575.691028] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1575.699027] CPU: 1 PID: 29891 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1575.706922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.716281] 9pnet: Found fid 0 not clunked
[ 1575.716375] Call Trace:
[ 1575.721116] ==================================================================
[ 1575.723181]  dump_stack+0x1b2/0x281
[ 1575.730599] BUG: KASAN: use-after-free in p9_client_clunk+0x1fc/0x240
[ 1575.734199]  should_fail.cold+0x10a/0x149
[ 1575.740748] Read of size 8 at addr ffff88809780b000 by task syz-executor.0/29887
[ 1575.744873]  should_failslab+0xd6/0x130
[ 1575.752375] 
[ 1575.756329]  __kmalloc+0x2c1/0x400
[ 1575.761444]  ? register_shrinker+0x1ab/0x220
[ 1575.765832]  register_shrinker+0x1ab/0x220
[ 1575.770047]  sget_userns+0x9aa/0xc10
[ 1575.773742]  ? v9fs_kill_super+0x90/0x90
[ 1575.777784]  ? v9fs_kill_super+0x90/0x90
[ 1575.781823]  sget+0xd1/0x110
[ 1575.784822]  v9fs_mount+0x9e/0x860
[ 1575.788340]  ? alloc_pages_current+0x15d/0x260
[ 1575.792900]  ? __lockdep_init_map+0x100/0x560
[ 1575.797375]  mount_fs+0x92/0x2a0
[ 1575.800725]  vfs_kern_mount.part.0+0x5b/0x470
[ 1575.805199]  do_mount+0xe53/0x2a00
[ 1575.808739]  ? copy_mount_string+0x40/0x40
[ 1575.812955]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1575.817951]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.821819]  ? copy_mount_options+0x1fa/0x2f0
[ 1575.826295]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.830164]  SyS_mount+0xa8/0x120
[ 1575.833594]  ? copy_mnt_ns+0xa30/0xa30
[ 1575.837480]  do_syscall_64+0x1d5/0x640
[ 1575.841356]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1575.846528] RIP: 0033:0x45e219
[ 1575.849697] RSP: 002b:00007fe174050c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1575.857387] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1575.864638] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1575.871889] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1575.879144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000027
[ 1575.886394] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1575.893660] CPU: 0 PID: 29887 Comm: syz-executor.0 Not tainted 4.14.216-syzkaller #0
[ 1575.901549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.902547] 9pnet: Found fid 0 not clunked
[ 1575.910897] Call Trace:
[ 1575.910917]  dump_stack+0x1b2/0x281
[ 1575.910933]  print_address_description.cold+0x54/0x1d3
[ 1575.910945]  kasan_report_error.cold+0x8a/0x191
[ 1575.910958]  ? p9_client_clunk+0x1fc/0x240
[ 1575.922244] kasan: CONFIG_KASAN_INLINE enabled
[ 1575.926615]  __asan_report_load8_noabort+0x68/0x70
[ 1575.931250] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 1575.935466]  ? p9_client_clunk+0x1fc/0x240
[ 1575.940016] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 1575.944922]  p9_client_clunk+0x1fc/0x240
[ 1575.952509] Modules linked in:
[ 1575.956728]  v9fs_mount+0x69f/0x860
[ 1575.966964]  ? alloc_pages_current+0x15d/0x260
[ 1575.970130] CPU: 1 PID: 29891 Comm: syz-executor.1 Not tainted 4.14.216-syzkaller #0
[ 1575.973733]  ? __lockdep_init_map+0x100/0x560
[ 1575.978283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.986138]  mount_fs+0x92/0x2a0
[ 1575.990603] task: ffff8880a5f424c0 task.stack: ffff88808c9c8000
[ 1575.999952]  vfs_kern_mount.part.0+0x5b/0x470
[ 1576.003300] RIP: 0010:__lock_acquire+0x1cc/0x3f20
[ 1576.009341]  do_mount+0xe53/0x2a00
[ 1576.013810] RSP: 0018:ffff88808c9cf7a0 EFLAGS: 00010006
[ 1576.018655]  ? copy_mount_string+0x40/0x40
[ 1576.022171] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 1576.027543]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1576.031743] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000018
[ 1576.038995]  ? copy_mnt_ns+0xa30/0xa30
[ 1576.043976] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[ 1576.043983] R10: 0000000000000001 R11: ffff8880a5f424c0 R12: 0000000000000018
[ 1576.051233]  ? copy_mount_options+0x1fa/0x2f0
[ 1576.055088] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8beb5d40
[ 1576.062334]  ? copy_mnt_ns+0xa30/0xa30
[ 1576.069675] FS:  00007fe174051700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
[ 1576.074167]  SyS_mount+0xa8/0x120
[ 1576.081438] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1576.085305]  ? copy_mnt_ns+0xa30/0xa30
[ 1576.093504] CR2: 00000000016b9e60 CR3: 000000008f8f0000 CR4: 00000000001406e0
[ 1576.096963]  do_syscall_64+0x1d5/0x640
[ 1576.102798] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1576.106673]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1576.113914] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1576.113920] Call Trace:
[ 1576.117855] RIP: 0033:0x45e219
[ 1576.125113]  ? __lock_acquire+0x5fc/0x3f20
[ 1576.130269] RSP: 002b:00007f3057547c68 EFLAGS: 00000246
[ 1576.137521]  ? trace_hardirqs_on+0x10/0x10
[ 1576.140072]  ORIG_RAX: 00000000000000a5
[ 1576.143251]  ? __save_stack_trace+0xa0/0x160
[ 1576.147455] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1576.152796]  ? __kernel_text_address+0x9/0x30
[ 1576.157001] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1576.160950]  ? check_preemption_disabled+0x35/0x240
[ 1576.165326] RBP: 00007f3057547ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1576.172575]  ? trace_hardirqs_on+0x10/0x10
[ 1576.177039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000027
[ 1576.184288]  ? debug_object_activate+0x292/0x490
[ 1576.184299]  lock_acquire+0x170/0x3f0
[ 1576.189287] R13: 00007ffe9cbfe39f R14: 00007f30575489c0 R15: 000000000119bf8c
[ 1576.196649]  ? p9_idpool_get+0x5f/0xf0
[ 1576.200853] 
[ 1576.208107]  _raw_spin_lock_irqsave+0x8c/0xc0
[ 1576.212828] Allocated by task 29887:
[ 1576.216621]  ? p9_idpool_get+0x5f/0xf0
[ 1576.223877]  kasan_kmalloc+0xeb/0x160
[ 1576.227741]  p9_idpool_get+0x5f/0xf0
[ 1576.229342]  kmem_cache_alloc_trace+0x131/0x3d0
[ 1576.233809]  ? p9_idpool_destroy+0x20/0x20
[ 1576.237497]  p9_fid_create+0x47/0x3a0
[ 1576.241374]  ? mark_held_locks+0xa6/0xf0
[ 1576.245145]  p9_client_attach+0x6d/0x750
[ 1576.248836]  ? _raw_spin_unlock_irqrestore+0x79/0xe0
[ 1576.253479]  v9fs_session_init+0xc03/0x1540
[ 1576.257686]  p9_client_prepare_req.part.0+0x65/0xb60
[ 1576.261457]  v9fs_mount+0x73/0x860
[ 1576.265492]  ? _raw_spin_unlock_irqrestore+0x66/0xe0
[ 1576.269526]  mount_fs+0x92/0x2a0
[ 1576.274601]  p9_client_rpc+0x170/0x1520
[ 1576.278893]  vfs_kern_mount.part.0+0x5b/0x470
[ 1576.283970]  ? p9_client_prepare_req.part.0+0xb60/0xb60
[ 1576.287483]  do_mount+0xe53/0x2a00
[ 1576.292558]  ? lock_downgrade+0x740/0x740
[ 1576.295909]  SyS_mount+0xa8/0x120
[ 1576.300811]  ? kfree+0x1f0/0x250
[ 1576.305277]  do_syscall_64+0x1d5/0x640
[ 1576.310612]  ? do_raw_spin_unlock+0x164/0x220
[ 1576.314147]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1576.318272]  ? _raw_spin_unlock+0x29/0x40
[ 1576.321691] 
[ 1576.325034]  ? deactivate_locked_super+0x94/0xd0
[ 1576.328889] Freed by task 29887:
[ 1576.333360]  ? sget_userns+0x768/0xc10
[ 1576.338520]  kasan_slab_free+0xc3/0x1a0
[ 1576.342642]  p9_client_clunk+0x83/0x240
[ 1576.344242]  kfree+0xc9/0x250
[ 1576.348970]  v9fs_mount+0x69f/0x860
[ 1576.352308]  p9_client_destroy.cold+0x67/0xaa
[ 1576.356170]  ? alloc_pages_current+0x15d/0x260
[ 1576.360118]  v9fs_session_close+0x45/0x2c0
[ 1576.364062]  ? __lockdep_init_map+0x100/0x560
[ 1576.367137]  v9fs_kill_super+0x49/0x90
[ 1576.370736]  mount_fs+0x92/0x2a0
[ 1576.375204]  deactivate_locked_super+0x6c/0xd0
[ 1576.379757]  vfs_kern_mount.part.0+0x5b/0x470
[ 1576.383963]  sget_userns+0x9c4/0xc10
[ 1576.388435]  do_mount+0xe53/0x2a00
[ 1576.392293]  sget+0xd1/0x110
[ 1576.395634]  ? copy_mount_string+0x40/0x40
[ 1576.400187]  v9fs_mount+0x9e/0x860
[ 1576.404656]  ? rcu_read_lock_sched_held+0x16c/0x1d0
[ 1576.408341]  mount_fs+0x92/0x2a0
[ 1576.411854]  ? copy_mnt_ns+0xa30/0xa30
[ 1576.414844]  vfs_kern_mount.part.0+0x5b/0x470
[ 1576.419051]  ? copy_mount_options+0x1fa/0x2f0
[ 1576.422562]  do_mount+0xe53/0x2a00
[ 1576.427550]  ? copy_mnt_ns+0xa30/0xa30
[ 1576.430886]  SyS_mount+0xa8/0x120
[ 1576.434746]  SyS_mount+0xa8/0x120
[ 1576.439212]  do_syscall_64+0x1d5/0x640
[ 1576.443678]  ? copy_mnt_ns+0xa30/0xa30
[ 1576.447191]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1576.451046]  do_syscall_64+0x1d5/0x640
[ 1576.454465] 
[ 1576.457900]  entry_SYSCALL_64_after_hwframe+0x46/0xbb
[ 1576.461756] The buggy address belongs to the object at ffff88809780b000
[ 1576.461756]  which belongs to the cache kmalloc-96 of size 96
[ 1576.465615] RIP: 0033:0x45e219
[ 1576.470777] The buggy address is located 0 bytes inside of
[ 1576.470777]  96-byte region [ffff88809780b000, ffff88809780b060)
[ 1576.474635] RSP: 002b:00007fe174050c68 EFLAGS: 00000246
[ 1576.476238] The buggy address belongs to the page:
[ 1576.481401]  ORIG_RAX: 00000000000000a5
[ 1576.493855] page:ffffea00025e02c0 count:1 mapcount:0 mapping:ffff88809780b000 index:0xffff88809780b280
[ 1576.497020] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000045e219
[ 1576.513939] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000
[ 1576.518841] flags: 0xfff00000000100(slab)
[ 1576.522786] RBP: 00007fe174050ca0 R08: 0000000020000240 R09: 0000000000000000
[ 1576.532229] raw: 00fff00000000100 ffff88809780b000 ffff88809780b280 000000010000001b
[ 1576.539482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000027
[ 1576.546730] raw: ffffea00026a0e60 ffffea0002c2f320 ffff88813fe804c0 0000000000000000
[ 1576.550847] R13: 00007ffc77158c9f R14: 00007fe1740519c0 R15: 000000000119bf8c
[ 1576.558103] page dumped because: kasan: bad access detected
[ 1576.565955] Code: 
[ 1576.573197] 
[ 1576.581060] 18 
[ 1576.588315] Memory state around the buggy address:
[ 1576.593996] 00 
05:55:41 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x535082)
ioctl$DRM_IOCTL_SET_SAREA_CTX(r0, 0x4010641c, &(0x7f0000000180)={0x0, 0x0})

05:55:41 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000))
r1 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x9, 0x0)
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0x40086409, &(0x7f0000000080))

[ 1576.596122]  ffff88809780af00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[ 1576.597738] 00 
[ 1576.599603]  ffff88809780af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1576.604500] 00 
[ 1576.606371] >ffff88809780b000: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1576.613700] 00 
[ 1576.615567]                    ^
[ 1576.622897] 48 
[ 1576.624763]  ffff88809780b080: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1576.632105] 81 
[ 1576.633968]  ffff88809780b100: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 1576.637301] c4 
[ 1576.639165] ==================================================================
[ 1576.646512] 80 01 00 00 44 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 67 2a 00 00 49 81 3c 24 a0 17 2e 8b 0f 84 5f 
[ 1576.681444] RIP: __lock_acquire+0x1cc/0x3f20 RSP: ffff88808c9cf7a0
[ 1576.687755] ---[ end trace 68ec868b18d5cb88 ]---
[ 1576.692496] Kernel panic - not syncing: Fatal exception
[ 1576.698343] Kernel Offset: disabled
[ 1576.701951] Rebooting in 86400 seconds..