0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000000)=0x3)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
fremovexattr(0xffffffffffffffff, 0x0)
connect$inet6(r1, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000013c0)={{{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0xfffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, {{@in=@remote, 0x0, 0x32}, 0x0, @in, 0xfffffffe, 0x4, 0x0, 0x2, 0xfffffffd, 0x7ff, 0x2}}, 0xe8)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c)
sendmmsg(r1, &(0x7f0000000240), 0x5c3, 0x0)

19:57:39 executing program 3:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f00000000c0))
ioctl$RTC_PIE_ON(r2, 0x7005)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newlink={0x58, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}, @IFLA_LINKINFO={0x30, 0x12, @ip6gre={{0xc, 0x1, 'ip6gre\x00'}, {0x20, 0x2, [@IFLA_GRE_REMOTE={0x14, 0x7, @mcast2}, @gre_common_policy=[@IFLA_GRE_OFLAGS={0x8, 0x3, 0x9}]]}}}]}, 0x58}}, 0x0)

[  457.574504][T10961] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  457.637422][T10961] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
19:57:39 executing program 2:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
r3 = memfd_create(&(0x7f00000000c0)='\x00'/10, 0x0)
clone(0x902500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x1000)
newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', &(0x7f00000002c0), 0x800)
r4 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r4, 0x4, 0xffffffffffffffff, 0x8)
lstat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340))
statx(0xffffffffffffffff, &(0x7f0000000200)='./file0/file0\x00', 0x800, 0x4, &(0x7f00000003c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r7 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r7, 0x4, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r9, 0x0)
statx(0xffffffffffffffff, &(0x7f00000004c0)='./file0\x00', 0x0, 0x200, &(0x7f0000000500))
r10 = socket(0x10, 0x6, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
openat$null(0xffffffffffffff9c, &(0x7f0000000600)='/dev/null\x00', 0x8000, 0x0)

[  457.658934][T10961] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  457.681523][T10969] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
19:57:39 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xfffffffffffffffd}, 0x0, 0x0, 0x41, 0xb, 0x10001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
readlink(&(0x7f0000000340)='./bus/file0\x00', &(0x7f00000003c0)=""/221, 0xdd)
getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000300), &(0x7f0000000500)=0x4)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000580)=ANY=[@ANYBLOB="a7724bdef64346bc14b7b0f781d1d3abf9d1a51c4bfce1e77551a8bd678625f5083002005a7bb39503ed2272e8cd918b035041291559f3ee3a46069062af9680d512f4d8a5c51817c3ff01a1f601000080445d8f244f6be479ffffffffff8756ea7d4865881a000000b90f1d7106f5776f7894ee47382b8811e658a49a0eba9b9d"], 0x81)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/arp\x00')
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000208, 0x0)
socket(0x0, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000))
geteuid()
r2 = syz_open_dev$midi(&(0x7f0000000380)='/dev/midi#\x00', 0x3, 0x1)
getsockopt$inet_mreqn(r2, 0x0, 0x33, &(0x7f00000001c0)={@loopback, @initdev}, 0x0)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r3, 0x0, 0x0)

19:57:39 executing program 1:
openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getpid()
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(0x0, 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
fstat(0xffffffffffffffff, &(0x7f00000007c0))
socket$inet6_tcp(0xa, 0x1, 0x0)
fstat(r0, &(0x7f0000000380))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_sys\x00\xc7\xec\xac\xd9&{\x0f\x96\xad\xd1\x8fl![\x8f\xb9\f\xca\x1d\xc2{\xee\xb7\x03K\x0f\xa6\xaa;\xf6\x89\xf7b^\xa5\xafI\r\xc4\x9f\v\xf2\x1c\xdc\xddp2\xb7\xbb\x1b\xfev\xea\xed\xe0\xaa\xe8\xceR`\xbb\xf2\xed;pC\x19\xbfn\x16\xaa\x199\xfe.Q\xebvB\xd2\x19&l?\x87\x17H\x1f.\xdbA\x1b\xafz\xe3\xdc};*\xec\xfe\xfa\xfb/\x18g\x80y\xfe\x89', 0x26e1, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000003c0)={{{@in=@dev, @in6=@dev}}, {{@in=@remote}, 0x0, @in6=@loopback}}, &(0x7f00000001c0)=0xe8)
ioprio_set$uid(0x3, 0x0, 0x0)
close(0xffffffffffffffff)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080)='threaded\x00', 0xfffffc61)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000cab000))
ioprio_set$uid(0x3, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_sys\x00\xc7\xec\xac\xd9&{\x0f\x96\xad\xd1\x8fl![\x8f\xb9\f\xca\x1d\xc2{\xee\xb7\x03K\x0f\xa6\xaa;\xf6\x89\xf7b^\xa5\xafI\r\xc4\x9f\v\xf2\x1c\xdc\xddp2\xb7\xbb\x1b\xfev\xea\xed\xe0\xaa\xe8\xceR`\xbb\xf2\xed;pC\x19\xbfn\x16\xaa\x199\xfe.Q\xebvB\xd2\x19&l?\x87\x17H\x1f.\xdbA\x1b\xafz\xe3\xdc};*\xec\xfe\xfa\xfb/\x18g\x80y\xfe\x89', 0x26e1, 0x0)
close(r2)
syz_open_pts(r0, 0x200000)
watch_devices(r2, 0xb7, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
close(0xffffffffffffffff)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = dup3(r3, r4, 0x0)
dup2(r6, r5)

[  457.827036][T10977] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rc /sbin/startpar /etc/init.d/ssh /sbin/start-stop-daemon /usr/sbin/sshd /usr/sbin/sshd /bin/bash /root/syz-fuzzer /root/syz-executor.2 proc:/self/fd/6' not defined.
[  457.926578][T10984] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 17)
[  457.935874][T10984] FAT-fs (loop4): Filesystem has been set read-only
[  457.943008][T10984] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 17)
[  458.055179][T10997] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
19:57:48 executing program 5:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x10800, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f00000000c0)={0x0, @rc={0x1f, {0x1, 0x0, 0x2, 0x63, 0x5, 0x80}, 0x6}, @rc={0x1f, {0x2, 0x8, 0x3, 0xff, 0x7, 0x5b}, 0x81}, @llc={0x1a, 0x312, 0x1f, 0x0, 0x9, 0x60, @broadcast}, 0x6, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000080)='veth1_to_team\x00', 0x7f, 0xffffffffffffffc1, 0x7fff})
ioctl$BLKPBSZGET(r0, 0x127b, &(0x7f0000000040))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x0)

19:57:48 executing program 3:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x400, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000bc0)={{{@in6=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@initdev}}, &(0x7f0000000cc0)=0xe8)
bind$packet(r0, &(0x7f0000000d00)={0x11, 0x9, r1, 0x1, 0x3f, 0x6, @local}, 0x14)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000085000000410000009500"/32], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$FIBMAP(r3, 0x1, &(0x7f0000000080)=0x4d6e)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x0, 0xe, 0x0, &(0x7f00000002c0)="9f99f22b78cce352415be3b364e1", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

19:57:48 executing program 4:
unshare(0x20000)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='clear_refs\x00')
sendfile(r0, 0xffffffffffffffff, 0x0, 0x1)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000040)='./file0\x00', 0x20000800)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000028c0)=[{{&(0x7f00000004c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x21a, 0x0, 0x59, 0x0, 0x1d7}}], 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/route\x00')
preadv(r2, &(0x7f00000017c0), 0x315, 0x0)
mount(&(0x7f0000000340)=ANY=[@ANYBLOB="5af933d412ebae69d783e3626bf4a4de8dbe745a55f74477e30e524133d476e6cf9497214e22f9f5f252ccd92ce88fe2965be731c7620893eeceaf430c0043f95ce1559f4885ce06e49ba9ddf1b7ef3c816d4b5d82ce5ee047bdcf0b9fc708ac1d73fbcaf03189d61b5ef14a51dbd44361a25ebaf0e30b7b73a469e16014fda7fd3e49438c1db3a9ffa1222759239d8d7e1d8fa08191ddae1b867d7222a66badd923f0bbf983359c1598c3bb9f887e8b6bcaf2092a148686ea6df81e2d8e01fe610c02d6331fb01945e3f4fa90f05a98d1ffcb64fe612608c127a7fe6e96b63de23f4189661acb4b54ed84994d913267a44190354a0a"], &(0x7f0000000240)='./file0\x00', 0x0, 0x1080, 0x0)
unlink(&(0x7f0000000080)='./file0\x00')
bind$packet(r0, &(0x7f0000000200)={0x11, 0x10, 0x0, 0x1, 0x7, 0x6, @remote}, 0x14)
setresuid(0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001700), 0x0)
lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000002c0))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r3, 0x0, r3)
bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000280))

19:57:48 executing program 0:
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000b44000/0x2000)=nil})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008)
mlock2(&(0x7f0000a4f000/0x4000)=nil, 0x4000, 0x0)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000080))
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x401, &(0x7f0000000080)={<r5=>0xffffffffffffffff}, 0x15, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r4, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {&(0x7f0000000040), 0x0, r5, 0x1c, 0x0, @in6={0xa, 0x4e21, 0x4, @rand_addr="561531068b59657e37e93584da810fda", 0xfff}}}, 0xa0)
r6 = syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00')
sendfile(r3, r6, 0x0, 0x320c)

19:57:48 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$fou(&(0x7f00000006c0)='fou\x00')
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x1c, r3, 0x3, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x8, 0x4, 0x2}]}, 0x1c}}, 0x0)
sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="0101000000029f4db4a4222ac800"], 0x14}}, 0x0)
sendmsg$FOU_CMD_GET(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, r3, 0x0, 0x70bd2c, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @remote}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)
syz_open_pts(r1, 0x200102)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x80000000)

19:57:48 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000880)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000480)={0x2a, 0x4, 0x0, {0x1, 0x0, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x49, 0x16000)
ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f0000000100)=0x101)

[  466.636493][T11017] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
19:57:48 executing program 3:
perf_event_open(&(0x7f0000000600)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec", 0x4)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000000)=0xffe1, &(0x7f0000000040)=0x2)
write$binfmt_script(r1, &(0x7f0000000600)=ANY=[], 0xfec8)
recvmmsg(r1, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000004700)=[{&(0x7f0000003580)=""/4096, 0x20004580}], 0x1}}], 0x1, 0x0, 0x0)

19:57:48 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x40, 0x0)
ioctl$RTC_ALM_READ(r1, 0x80247008, &(0x7f0000000100))
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f00000067c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback}, 0x1c, &(0x7f0000002200)=[{&(0x7f0000000080)='G', 0xff3c}], 0x1}}], 0x1, 0x0)

19:57:48 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
close(r0)
read(r0, &(0x7f0000000240)=""/4096, 0x1000)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r3, 0x40405514, &(0x7f0000000040)={0x5, 0x4, 0x6, 0x2, '\x00', 0x6})
ftruncate(r2, 0x200004)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000080))
connect$inet6(r3, &(0x7f0000001240)={0xa, 0x4e22, 0x101, @mcast1, 0x9}, 0x1c)
ioctl$VIDIOC_S_FBUF(r4, 0x4030560b, &(0x7f0000000000)={0x10, 0x16, &(0x7f0000000140)="784e75fdeae31d3c0ef9c3bba1a6ebf8a97ffcf291fdf9b5de6e3d5f69132d93f44a5c97aaa6149a702444e7939e7fbd83025df7976a08adfbc35ee3dace925687c3b3539d627fdf38efb1105a9dfb8be8ba3d4de5870c201eeb999beb6939aa156ba6ccf662a1e55cb3b81414685fee95169be50bdb4142e7c6e3a00a6524fba35348b4843bfb541fa49d64328b04bd8520cb1b84a6f64cba139fb6add63a8741934c2d42849f8eb6ed343f19bb7805f4599886562a37a48ed34f8c640c62895a08edfc0ef8de3ad60c54e5a885acd4e3ce9e1e03994cb06c5e12dbb8689b334247", {0xbd, 0xff, 0xd2777070, 0x4, 0x3, 0x80000000, 0x1, 0x7ff}})
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x1}, 0x8)
sendfile(r0, r2, 0x0, 0x80001d000010)

19:57:48 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1000, 0x0, 0x0, 0x1, 0x0, 0x10000000, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x373, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
tkill(0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xffff00000}, {0x80000006}]}, 0x10)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e22, 0x0, @ipv4={[], [], @multicast1}}, 0x1c)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00')
sendfile(r0, r2, 0x0, 0xedc0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x0)
socket(0x0, 0x0, 0x0)

19:57:49 executing program 4:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
close(r0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000040)={{0x2, 0x1, 0x401, 0x2, 0x814f}})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x0, 0x3, 0x47}, 0x3c)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000340)={<r3=>0x0, <r4=>0x0})
close(r3)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x127)
sendmsg$tipc(r4, &(0x7f0000000500)={&(0x7f0000000280)=@nameseq={0x1e, 0x1, 0x0, {0x9c020000}}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000001580)="276c5bd6f0db828036f59b152925d176a9e51a4722f8fd829657ff48969c3c5f309ceaf42e7b242b7fe4fa128061aec9827004000c31fd9e31cb1c79990c2b89045ea4dc3ad63a775c80850ea10827e8a40a6c8b5fa7cc514639bb99f13c6a3d0825a738a1a53433042c75230d368c95f8a0b5562b58ecf50fd78e5def7375cd62fb5728535bf371b2ffc7d8058398075e1d0a7a4451395c39f79c26b7287cebd130de7737e77714686b9d67d87a3cf8da02cc70fdc99c1a7c916ae542b9d5baaf1f9daa4fb845fd5d5cad2073a61ce51c345150f84b3900997296d55c7d394af17b01d445465ef377508a1a29a5d6b03b0da22c973f22814fb2a802d50fb1f051e7d95d53d598a0599ec79cd27123fa1d13b7996609d4548e81ef7b1e8de8f32593ef46c3081ab55929a3c1cb1fa28a485518391a76b7b80d5941aa42222cb6f25be29ebc938af75971ffffdd4dea114ac37f38e69cb670020a7448d99b7b5e3d09bcf2625c94d6599182ce9edb0bbfea111dae3b1c9d6cd3162ce0aaebcdcf22a8d29dca0d04ebf5944168f398c500915579070586dff7a2ec6d345d1f69a8c749740aea0dbb2d30c9f7e3afd498a886c906fe09a83322d8e94b3ebe288ec1601e6a16122fa44191b6b3f5315eb0b35cb628540438919b906502eeb7cacc7d15753e456b056e6145ab65ac7c01253f3c5663495a74a0598feed07436a72d3ee1185d0fbcf89e8c5d449e0216cab8110efe923be24366dffc65bb386e7f015bb40b6fd9abbf7180b217f88d99f168c113f3ff187c202e2ae32a0238e43af612678a44a3d8373b6dc6bf820f8bf73e6411c51152f51993c66effe25c6e72a3127da6996f13691ded659e1f9d6eab1124435750dfeb60de2b2d59d9196bda3a3c5cd5054b2960481d50ce28ac4159b54f3f26a9decfc8ab36b6110eda741e21c95e3631b3de40fd3c7828fb0e3c85070eb233d4d4b1b75e0167ec62e81f1a12a0cd2e02a7a43edb384e4d0d59744bbe86611575966efe25b4191f14a368a72c13aeb4de7caff7a9439b583d08714fd22a9b1ff08297a562a859e2d21dd4f8ecf6701bcd9a30d28909c52c56a8ef739f0841ae895ad858121b1ec82ae1bbec856730aba8e2f42841c33caa862fdf8b651d90055b6725e5bf0af348ec550ad23c5a3c15c7455fdb13a57a6e452bdebbeb32200ab7dce3fab98b206ec2571e3de8904bea2265288dbaec64359cb5cd926dc025343fff78e7bdab6f541a3d2b569f37b8339d14e706163854d01ba5380d648391740e1fc2e118557692796acf6e0fa8ab21c5657259bf05a8b510eb285f306c8cdd6e185094b0ff46ec71d5a9b8e344176f263730468db893eaba00c32bdafdb1ebdc3ec441abaf4e7b2db744411ae02f33b340a373ea1a485b88073c2da7bd6828bbe4028fef4c30088c9b28daf899741029da8f52d2927250c582f16ca173c0761ad74364f562f3106a15d17d34ff27abc49b8a7d9aa3d2d2bd5c406c9fe21e59ffad1a85c3d1283f983efaab087a92ce4bc66c934605b658f56857301278b09f5e22ba0034a3944ae27bd20cf9cd4a7d1973d4818716d0bf71d922d74ef68ede2604a98f6db652206e0a34ceed21cb950eebbee9686fc368e2b42f9417b22ab84c1a341630f962560900e02f20cc0ed618e657fe4ede15f9a105620dd2206dbd74ba7f061f2d058a127f5ecb72ad12264d81816d82169d668adf80bbdd279c684e11980f72ba126d0326dbfe6736d2b737069e0c5efb7e76276f10fa915907d91282084fa9a12c5636fd265ef705f49adc9924ffcc68742b17c9212fe8abcc49e4db91ee543a7fd438e59d030d6fa1c31ebe151f9c44af0069df608f0395159c41339aaf31b4c3e67526036c7f4d96fdd5afa5c4c85f2a6648098dccd6a49a8250e26bce3ca0e78976c961432783947e3a8ff5430af9cfebf3d2ee72153b7bd4d7f2cce79da6defba02cc5a73f7fa137c01a2cea52a961d9504d959aec7e2627fc33d07ef45bb8afbded876bee54c7f2feacf548bbab68a782e7bbcb6140d6c6b3fbe1108a6f4dd750c0424a9e1e0b8f239c4739f28463a23fe011cb8c98e25126c5693f19f16ab8a4b6351ff2955a397c3618ae47c78b2d123c334082f9aae0d7f9e7b761d58ef7e1f6dd20a23c7bcc3e84dbc75551573c425e5d56ca84e263b22c2ed5ff1255e500c1810574ff1af28114221fa6e72439d5fc117700bf5a7e01e2ffc0cfeabfddb8ae217a7033c9c8dce5a685ca7a0f4ceeb153ab2ae77652e1d73e9510f868b70270e386664ab4c45ddf353e61aef1ac0c673502b7e7faae557df3eaa5fd0a3a00c54f23723ce6406f616f678b6f789c57e09864895dd8a1e5da9ff0bc7be9f9174af99e157e4c71ed69c71783abb3ad18141d99e49ef32614b8ac29eb50f64b2355f4b599acbdf039877d68275a2ebeb0729791412dfd3194cc2cb4f045a4d2ac74afffec582df03ce4afd2aedc594c6cd34a4cd21d4ea653b04d49a8aa1e942df36b530c90d0c2c62ef8369677ce2ffd4304b0410ff9ef86be8afbf55adc6abca02acf03dcab2fe5339ab0eb9d79dfc4817c5e2c10676904192395d9b8552760b0fa79add2769284a0ef5ebc4d61e64dc9a8b2d4770cdb4be4345026f6d04549140f4bb01e8252eb06d70afd84247f8023a0cc31329499a0efcd8a79e0832992a96b437258ab186c6a9c8f2e55fe7319605453b888d928730a11a11b4f56eec25b4c18b2205aad508a9f6850e6e23103a517cf43af019d54593803b76a3529777a58441d781d2eb509fcb723ba3be91d12c809f0148095e2066e1b0f0656ceeb751ad610e265bd4bc1b67f5e521ef420420e9b7e137f29240d63a42d678c1739f33f39a09a0f4c5249f808f41152a07ce9bfcc94e35683bea83f82a5e34e1fef3f8ea2cf4c9f1c8ccef87d7f58fc1b4ace6cb667e62ed1f54f72b3a156551d96f9a16ff4864ae3a01dc86b5c65e6676493f07d7257b34d8c6c5851334a4542dd2bea4aef4f444b5f26ac89a27e3313a4a66bdad09382357f1adbd61d526a2541022814cc4b2515aec30f74729d1a5826a3206c02ccd6adfb6c2b6c7aee33b7213bdbc5878151b50d1a8fdc1b2b9b44a01606770028723c848e1faf60b89de5a2e72b7d19f7745f7c89989ab2a8174291ad7d0f2b172672aba9f4a1b42df53baf6d353b45d755eff7526efa8a87a2aeaf84d9a434e8844a98eab172fa474b353f19e1231aca846d93eb24e650e015a42c578d23d794c02304ff72e358ea5c75f6709e587951d3900b3b1066ddd4a2fe9186d0cfcfcc7e33e9b882e8c2242ba990face580f94d66bb6a5212190fba3c1f1e046738c422d9e94ed6671157af9145bcfe7fd0d431a7a7c84a3eec802794286e2dc2b59e93fcb09ea22a1e47ee8f0b3cf756fb67bc3676819cbc67396322ea6be61552533b52a2fd258e82dc7c57a09211cce3e785f5b4deacae7b9dcd48080c9edb03d935c9c9a426bb6d3ec71e559af61b796827b5e425c991d3485381e0842b35cb0ad91154f4a13117b35d2a9ebfcf0ef68d73093dd483923f7b3a00e9c04c0eec31effc9f908f38949e1766409fc9c8cc48f95d4d537520159dd794edb56e824d31c67d9c7cbefdb51860a8d1f859baa9bf5c2752d00b6969e94d47a88be798f6df9e6b5977a56206c33a38e74ac5de0b23489c9f5a037e13ae0194beb9f954c6b8ebefa78194a4e891c12ddb43019e60d9b8e7fe78df65a83671b76fd1a9c7be064c6d822bb0749d2162168821484ab78f906cb990167a2f9e19a33be2086dd55e54cb8b6dbcd6d1cc9b4c828472d55db6f175547f73db54d142f290ef99e8e26f2c6ebc7a53bfe31fe1eb2ac6a13dd0081debcc346cc0d3407ff158bc48a314a18b7fa781e32b66f9eaa792031567fa8d5c33fd85ebf85af958ef84c0c69f2bc3f842bff08b4b3112a6ac24a78c9476f15d40de489e50fb5e426167a10739db436cb1a63f5e7b3baf7c21c3506d3021c487ce4625f66a18468c89c3a9c94c7c1c2676e1f21a26bc393cf83e7bdf9bf66c2e9dd080574e1a80fe152124e5191c9367f22b4a712322986165964ccc2b016f0fc52e69d009a2f9fc13f344153f17bcebf937f59714f44dfdc11e69c7216cdb4f4d2143222e41d7415b3ef52e45477f62def841cea29c6258a2a2d8c7895712c51025ed7fd5d68bf8aa5a96fbbba98090dac42ad69522f47288af9f6f7acd2406c42706a940300ab41a59488966dc63f4ce8a6e6e7b18c1cf7b3e5013441ad0d7f201343e4a64da2cd513782877cb35d00f2113147ec4d7410971968daa76b1b9ad115c9ef6e8fe6abeb8b372806dbccb26f504f3fb8fb26c97fc6dcc7091f2f940e76fc121b39f215cb5ee96383b0ad5dcb2f7671e1d75612b3992a8bfd9ef25545b75845991f64a26c87a8abbdde668be3e6fb8ebdc31e73eb4eafda15215e0b545907a86c0fa3d5f1af4cf096cd7ec9c31dd57851203a2ce0c4cfecefe63e43ec9335f00fe3195965d0602bdf0fb36a8b4c6a538f18c002895f4d33968901c0228fbbfd250ae07075c9c3d8e3233027ca1ba82586797b9c3fd5c256c9562789f4393908ecba4bbd26a49672d71098198efe77b3661a2114c3b919330e67cd0ae6e90d88e1922750b6d36bde8926f9c635fbe0b1016f016af69965d762ebcab348ea4fe695007c9e1f91b8f7019a3206627751c8216dae9857569f152888ba8876b51d5d73bffb3c5544500e1121d72a0d2ca9b382bae36c36fdb5680b5973ec3529eefc2077654f5ec0021d473c221d544d6c0b56c48926ece451f01bd3b2746f6ccb0a44a2e934eefbc24c8f4ced796e4941bb6363d2bf0af8834e0dde49632c228477fcbae8d6667c5996aeb14eac620e35a1b3a3b29c4122c91f92a2f9917291c04cfb9ef91215d8b0dffccd082474c9a2ee26ab2139d4428c74efd41f820d671b4255253abad18028b4d19715ba084eaa884dcc975da4c316ac3f8c056a2dc1215bd1db2fd504169e6dab0494bc8e02d4374f061c517d424b0050b678fb240df83d19c0f9a71465541f706cf976f6f653a216dc290698158864c941067577cc0b54c8ccae532de0ec0ddc67d4a22f5c9dcee990b7ae21567991bb1fa1f83d51114f00248735a3b884311b695a65fe6671db499588fd69c79baa8962d6f4331e3dda9b3d7075b2240d58cbe88521c4bfab84066a6b69fbcbc3cb6cbf", 0x101d0}], 0x1}, 0x0)
gettid()
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000))
ptrace$getregs(0xe, 0x0, 0xff, &(0x7f0000000380)=""/144)

19:57:49 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x368, &(0x7f00000bfff0)={&(0x7f0000006440)=ANY=[@ANYPTR=&(0x7f0000000200)=ANY=[@ANYBLOB="1953998c9a3223620e22f237d5372597f19d3abf1a9d24c3a0088322eedd77a7c61a4400eceefa7e6afd58d47bf2495c952cbe7fcdab06c736b3838291582bb9079022b68050010016171fefbaabc5c5656609bba2054385bfe6c116caec47f441e31edc7cac126e9fc2b7e2216d555aefe47d770e9830239b8396f491f86d6277cae72b3551e9ea640e5944e686a112241a981226ae0037d47ac9f0101f3201728b73076d1a6b8feb6c1b8a4f357815ef66152a3e26ed0024732b7f2943e36f59548e111509e83fb04e0319831946ef047adaeacc775b9bf9335f4e55", @ANYRESOCT=r4], @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16=r3], 0x4}}, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  467.378605][   T27] audit: type=1800 audit(1577390269.478:57): pid=11045 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="sda1" ino=16593 res=0
[  467.408615][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  467.414614][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:57:57 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={[], [], @empty}}, 0x1c)
sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0xbb8)

19:57:57 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = memfd_create(&(0x7f00000002c0)='systemem0md5sum$\x00', 0x0)
r3 = memfd_create(&(0x7f0000000140)='$.6/%cpuset]\x00', 0x0)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r5)
write$binfmt_elf64(r3, &(0x7f00000004c0)=ANY=[], 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r6 = dup(r3)
write$P9_RGETATTR(r6, &(0x7f0000000400)={0x186, 0x19, 0x0, {0x0, {0x8a, 0x0, 0xffffffffffffffff}, 0xcb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xa0)
mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x5, 0x11, r2, 0x0)
rt_sigaction(0x7, &(0x7f0000b4a000)={0xfffffffffffffffd, {0x4000001}, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000))
syz_open_procfs(0x0, &(0x7f0000000040)='coredump_filter\x00*\x0e\xc3=.\x13\xcbx\x95*\xeeX\x9fcy\xa49\xf6\x8f\x82^\x19\xa9\xcd+\b\x9f\xc6,\xa0\xf0\xff\x9dO\x06\xc9\x15\xda\xa4\x7fh\xd4\xe8C\xdeKUrR\xf4\x9c\x87\xee\xd2\xfb\xdfs\xd0G\x91\x02\x15Z\xa8\x1ad\xadY\x13\x14mg\xc9\x00\x16\xa4\xc48\x06u\x1e:\xd4Y?\xd8P\xe8reP\xffv\xd6\x12\x85N1\n\f\xb0\x1e\xe7\xffD\x1aS\xbf0\x80\xff\xff7V\xcc5\x96W\x14J\xe2\x93\xe3\xc6A7\xd8\xec\xb2m\xf5\x16-\x1b\xbd\x11\x1aYg\xe0\xa7\xd19\a')
prctl$PR_SET_DUMPABLE(0x4, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_targets\x00')

19:57:57 executing program 4:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xffe8)
r3 = socket$inet(0x2, 0x3, 0x29)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000001440)={0x0, 0x0, 0xfffffffffffffffe}, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
bind$inet(r3, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)
prctl$PR_SVE_GET_VL(0x33, 0x9)

19:57:57 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x368, &(0x7f00000bfff0)={&(0x7f0000006440)=ANY=[@ANYPTR=&(0x7f0000000200)=ANY=[@ANYBLOB="1953998c9a3223620e22f237d5372597f19d3abf1a9d24c3a0088322eedd77a7c61a4400eceefa7e6afd58d47bf2495c952cbe7fcdab06c736b3838291582bb9079022b68050010016171fefbaabc5c5656609bba2054385bfe6c116caec47f441e31edc7cac126e9fc2b7e2216d555aefe47d770e9830239b8396f491f86d6277cae72b3551e9ea640e5944e686a112241a981226ae0037d47ac9f0101f3201728b73076d1a6b8feb6c1b8a4f357815ef66152a3e26ed0024732b7f2943e36f59548e111509e83fb04e0319831946ef047adaeacc775b9bf9335f4e55", @ANYRESOCT=r4], @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16=r3], 0x4}}, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:57:57 executing program 1:
ioctl$ION_IOC_HEAP_QUERY(0xffffffffffffffff, 0xc0184908, &(0x7f00000001c0)={0x34, 0x0, &(0x7f0000000180)})
r0 = socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x300000b, 0x4000010, r0, 0x0)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$sock_SIOCDELDLCI(r1, 0x8981, 0x0)
gettid()
r2 = creat(&(0x7f0000000280)='./file0\x00', 0x90)
write$binfmt_script(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="737e7b0debe9070ad9309fc751b6881820edbae8c6aedbf363e1c92077aa8926727d57e8a03df6ac83a869dda6113d85cf0f37839b67e9ee5cac0d85db8b528f2be6d3ec04c6f37c29f1acd9140f649400a64ad50ddfcdfe936755a9045f55c92445abb6ef"], 0xb)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x3, 0x7)
r4 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x10000}, {0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@empty, 0x0, 0x3c}, 0x0, @in6=@ipv4={[], [], @local}, 0x0, 0x1, 0x0, 0x6, 0x0, 0x2}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0xfec0)
r5 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r6 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r6, 0xc0184900, &(0x7f0000000040)={0xa925, 0x2b, 0x0, <r7=>0xffffffffffffffff})
r8 = dup(r7)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000000c0)={<r9=>0x0, 0x0, r8})
ioctl$DRM_IOCTL_GEM_CLOSE(r5, 0x40086409, &(0x7f0000000100)={r9, 0x7000000})
writev(r1, &(0x7f0000001540)=[{&(0x7f0000000140)="876d", 0x2}, {&(0x7f0000000240)="b3384887f2346a94c0fe2de2e80dc403dabeab95233bafc7b5a221c7d94875aa", 0x20}, {&(0x7f00000002c0)="6d153b742af8622f18f56468c497cbabd367ee96b6c4026bc656f7f9485308fa7b5eeb23ec0fa34346397260a0ea82b7c390fd7f86a981495cffe7649f1538827f3e5765b25d0de74ff19066403876713922178a109a568a0661d15f9a86a458f6cdb321247a5fb99d3255dd6dea3f8e04f9ede0dbee79b23c3ee5f75416670428f0d9765fa4a111761d4d0e8d33e77b6f69bfd4d05e9cbaa605a8a6a714d4490a13af9ba5fd007f68cb989b597bf91b30fa69c0a5cbfd741777ae577400500f7638ef2c1a0179db0656ebb0c44ca7252ff47fe6cf1c306c7d608eb9eea514f683784526ec9eebf46fb70ec2d71366d94404c068c7476c0f43729e2b203f2c", 0xff}, {&(0x7f0000000400)="758abf17a4847e3a61c4e72b26b7f0a56fe36db40f5a33448dfadb3d00af17b820d614f809359ae1725a82dc71186b26c1058950cc62973bd7d68ad1913cf316c5e50a8f9e08348f", 0x48}, {&(0x7f0000000540)="7410dcac2b25eee7725e906671fa836cae0c4104a8b9e6ade4d713b29e95c0c915860acd9db740c7c6c59f55980c3fec74ce44812ca939a56c9e4a928bab226ee940180c76b8af996c67fde98c3a9e752e289502035da5aff3db056608ef5613d33d3c2efc698de3ca2bbd0fc444da04b0fb09702dbcaa8367be6f28d61e5eaa49f3ef98859dd382edb2466c454be364641e4877367a1064fa3009efc9b5759b20d5293354e670d867df05855d32bdcdaa50a0a73432e98308ddbb7ace224c462721a41113bed4d231f0bb2122f8b55b465fafd7207a5e4d26f404a1617544f9f0ded1b813917a30f3704ba7f0ba917e9a8a1634c0485942f112a23aa70f39b7a41962846d432c2ca2c9d32c6711f2cf484e55e06d93ec365381a103049c1bc398a4a501793378fd5168564e13627cebefcd76af3d8125f5d720f9e4e392e77ded23e6fca203be32aea2382c05e52dfedf02ac3ecd7b410066cffe38c163c46f076b1cacc7e967344efb10940c1f7addb18ba07f44cccc246b2b5f608a1aedfe74ca3a1cf20e25de07a3532001f1ffa547f77f845a0f67f7389dcd206ad0f75436d62426973deca20e625195a6c74f30570f7b2c0ddaa3b5478513e41f286c489df766d2411d431eebcfe17a3ef2c7e73ff2f321c11b4ccd7c6ae129979b1d45a0c4a8490c96fbdc1ad7d8c3c2e52e16f9325941c9485748be5b8070d78a7e66afd8ff744de5b47c5767371ee0da621051a27d86b241749d7ff8532f88475d354d24050e9aefbc6c237d34c0d3fd3cea1d18c80a62a7ac0d42a26d601a4555e2d2300ed83a6242ca1ab13a502ff5220a5df84b023c30ba939624fb8746c0c7a20fbbafd763bb63b45ef735703345cf737c486fc465ad964b0c61adae29cce88f64bb583d36859392e90a81f76dca0661cdb94c66c62cb4927c5135decc245fe9e55f03f53d0aa9d35f36875a5b0945257dccd927833cecdf7d13c85a85fcdb236e933d78959bbe6ee00595d828f92c1d43a767948eeba1aadd5af7b7989c9d10da2f8a78bf949d3980c3d626757bff8264e93bdec41cfbf60c24c6a17837804eec2265ad273a21bf28c4e1dda3955828b7508033a73768bc5912e206402c208931f5b491448714a58e3a1a75273da3a495fcfb2688f93ce361281f963518f62cc9eed0dc9cdcd7a07e8e495d1aabc4f06de964ce2093a534dcbdece26068adc723c07cb845685c5c5c6950629838900ff0649c1c6b50f1b63500fa390d4e086817224ae8f7ddabe7b463b0c010a6b7d85dda6b95bf5c7b6ab3e3ee648a5447f385b3b5ee6a845e6334b57d3bc4fa223fec919ed1717f0a0fa25e6f48be20784c909978a010eb713bda8da8d479ffd98cae0e13824462bf299a406620f215f8a1e87dc35aa3b4caa94d307bf8a99741e4085ab4e588268bd6d64ee341f76cd03658890fd31bb1be09585eb96c68c867d85e674f7388cbef68443ba801050fddf5201e22c151ea55548b3b8c20f90713607b241675ac9054900f6f64b110448343683d4608bd84d557ba39ebe17b642ef05f222f9924f32596fcfefe21e8981274c96d5db2b4d410fc9c14dbccbcc278fe69a1462ffab906db54af99d9a9f66edd34f673360b28bd15346ac0ce364a392580e02cac8fa4ebed8922c3cb0666898a086bb3a5f80126951bee331e5aac5fa4ecd0b5f21e2418f4872f3cc4fc8b9c31fa9b69028cd4336906d8cea28e8d93f595ff5edd4ea7377e9d873bd2a1628f3d48074c4a08d8f5a8341b37d3eaf877c55a34e48a86574646fa830e471d088127440b4ff2ef32f9eb0c5ea83e4a3d924d0232b0930f08903b1d21b83f6944ebd66c9ce0e40e4739d06eda13d1fb312d209d88b3b0adf39432ae82f325bd9618ee90069dd5094ac9d553e696d92d10c7e82ca41c0b24b87ae27c80da6318fcb21a13c5d057d345b34d5adddca1b640c1cac549a004ea1c91690e7e1b1bf8dd4baaf41e328ab60e5e94166f25c0164d9a03da301cfc2f480b1e3d5300f6e72d77031451bcc8896745697bd380de76ca56f6736d3ad3399d36035207d09386077482646988fb5b7b81755ed892d4fd8c9b8d9696b8d5527e8b68690112dcf196f6ab17e0e856bbf98eebe14d484c79593aec18b39d0ba68342a98b2380c12832ecfc790f224e0ee5ba7bfc78bed3423f476db9e2ddc171fa429c497ba7675fc38922e77ad2c17e81436bc9c5f6323f43d09ae47f1e2546cd70d410d4fa05e6f3d2159e61e35665779ce2622a7b9cbdff7b204845ec26fc9521a02337278d46fd4620713c7738bce2c1d24036ed432b80d4118262385922c2aef88903dfe1b19336e2e9e70bf2ef3f701da49b9e14230b3dc7ce0b94df1b0b9f6e037a2036059a9102402138d98105a0c55828347c5a151dd62544eae1bcaefd416879f46877893f2064d11feea84999d2182ed38d55ff06de23ab9883b56157d624f8b13bcb6b69cf830acdc4fd1093c0d32ad049262bbc778b448c78fba7e6180da4184eb203e34258cc59950dcd195e97bf41db6e87d7d9cd2f02417327da42aa393dba5fde71420923e46a95a4634974171e35f4f2b81f2245582068b6ffe1f204989794ce8119a130c927fd3b76a5ef47a7e5fe5eb92d4983eb6aadacbe9766717298a43e27bf2c9837dc58f5812efecc7671cad84b495222cf87414c1edff3f8755787175641ad624647a05c921cd29dd4da13deb4d46a9c98b8e584721fa097c05cab3cfacecd6be09e29e5e0f35499544e46cd82bda75c2c5c92fbe71c46338b4d790d30309bf69bbe266ffc581f441baaa93953046904d60a0b39b2a8513349cc6aa1a9fafc56354f9213f56d454ab9c789656e44ffa006fd0d092ed113d420b7769d2ed1c8480d15df401162eb8d838f1809fa57b0929f923343d06c666852c8e3e2093c42552a5dbcf49c391a3c0e3a46fa6c07d9c2f937e8210dcd4a87f30fcceb9dd0ff0b9b141af7a1e02e3a5112f0cebb99cd3e3c6faa3fe402c97009d018eb5a323d6cd1fa4f6827bb0f2545b4d8ecace0a20959a8d69a92caaaa533d53454fb32c425e34e0885b8e7a5e92ab49a58b13bc0cc878d141130a3f0cda3bbcee6f353354ef2fd308266d54a1b337d5b265d4213ba91dc344b86042a7b279a4b8dedf4f91e95e93f53ce28523476b7ce4e1eb293d44fbe81d467865bfe26cd3ee01b3dec75f7c5497c565743ef486dd8a86877069035515a3182f8e86680bf621a67af66377a8702adcf87f948507bcc94745315b32ac9c4dd8179dce0f6fa1858295e29d08147dbcd16e99a3af5a7c7e9c02de7dad9dfbe14cbc131cb78d9a5b0c9ef11a686f7477ce1e0f71ad01a3a886229148c8397bb010faf8546880315d411146626d4493dc39e7cc10b4c7857efc427613fae45212aaad2f44ce0a493492eb5048773ef4c3ae307e2c8db28c7ed741d781c464b040766aaec3d81bf831b72526c8af384c98bb620ea98b2a21987133dd620b89fa9ee19cd46bcb4d8bc82e58ada4a96ead2b57985d0a1edf27397d64016c9a5d6365d33c220c88bfecf258fcc15da1bef1a13f03a2330d939abf2b486d9852ddc4abc9cf6ef044cf3a9d27636e3e72f5f363b25d6923db4c78ce5d80e0c92940c83eac915ba8596c989fcc5104ab1715039c135a1bef78aa0336c5c936200da8c818e75671ce306604970e4bd831d2a6bf3b381100bea93023e14f5c99018a49300764df5b418d147b869592a7222a163d7cd63fb3d08d5a10d0f2bc1a605b8078d0d2f04e413d32f5a602b067d8b9c6a3abd63c50e0287279eff510877fdbe5c105a072e8ed6d8a71365be732914316042a6e894e53d4f718d3fb53f91a8fa9dc4ae8d8091f468ca8d74b950a9a81a0808d1a929f28b718dc56863889334f36c84657f232b047622466eca9a65f918ae5bee44d8ac4b7c265680604f989c6730004bb6e107c7eba71f9f46e9d4cb825d5fb191e6122382a71a071589f075c463abbc3f5052b9d700547ad9d22da17bd36052121c4a313d6417a8af58e4996ff225a148919fe4c5c9804fa949085ac62408d7e6b9576451de08b1e8ea4eb96e849d75ac6a768ca9f51ca6c45b010aa0a641cffd473d05949edb2cbd6fde9ceb664058463fdb3403eefa376d5591284d94d4a4f6c93edabb9a181b8e13e1576b5a7f057e949087dc2cd868ef63affef406d9f13aff495ef01330768fd3ffacabed6152566ddb6e4064459e531b6565f13761632b4e8bdd6cbfba529c1a8f57ed3c32b3a39d76d23004d6f41e670f072340a7686c61ec062d3e10ba8c42b7ab451cb6c19830152d0b0041c9d3ccda8c2131bbb76ca17aba69042f32dc1c0a8d6b2c4c787ed8a3c7fc3e2a0091f0d4865f9618244110f140ab4b972bbaef9bd377b130931433e4d52f0c89a774c432ff888a0616db6cc1791d70bc34d582ce363710e0a4ced5bda458fab17ee7ccd17d19a4c0c24c3fa72a5336dbf4b5d0ee951723900be5b8cdd4cf1e9ba03c07204fed252876fa043766d4375b56cad0556bb4ce234a0b13ad453a040bfdd912300cc25e0e01158a7f24891a41cd327f7b5392f57c27e6ef181ba6a87c8aa101f5a10f82bac44d9376b1104d737160fa211e6c7f4590670f625e0cc720e6581aa62cc228f99578b2a0fdfacf0327fc9665cd64339aae96fa37c4ad40a3cf2eb557e90b88c29e557e6e659f9840f7086574d42ae6e04838fd95e385f678e88386c4249574fef5a271641454c1a78d882524c7f3e4fb97486c156862f2b961c51fe9b381d2a0756bc07f61fb868deaf60d609a3089d6bdf8e333ac203c10021daa4e519396c1728be1f9404b7201c708d84195e0c46100129ef87f2ba8b0b4c6e3726a687775a3272fe90a38e7c64af920a08f4113c6710799e8fc2f548604a0d32a1b8fbda60a036378fe2443b5f4e827cc9e915fd3bb6b8c16291aa6c10629338a1cf9d3c47a6e24f5adb981d439f97f9ee10850db010429c87a9f0a84e1c6f1226eb341233c5aa6ea1df925e2aff93a711187412d782a09397c2ad238f28bab955ad43d25d4aee05927d7deb733a22d6102d66dda180c30ecaec9e53793126eca660b8b490b97c3db02a33f48150312deb260c827a193184494182bb5c6f5972c47079a4d68f8347342a673ad45a47dca2ed0389339a681ee8a623d4f61b6d19982cceb41425e729e9cb14f6fec1e2837ba7edf0e3f4a2ea8f57f767293b7dc5ea12cf8e8a31104dfa4cac2d36aa362b6ea1c990a8ad60c041917c28e3a0e2b20291a4829a2ddc912066deb895c876e0a612b6f6175dfc107d1f9d5c29dc0b9a4e54351221ffa13b76a5ff59b76d617c9a1408adfa9333cf8c4cb5422114019ce8c0631c6d5063c8f9cb1fa614fb11c5cd73dd78b2f4f07ec25220523bbc12946337095424303aa2dc3976c9f6a7206fe274f51650cc4c7fbffd05468583498cf7185913128ac83e1fcfc3d56978e348c37e5501cb11bf922e8c9c425a12faa3fa1da5a5e9f5334163e631b53b25d5b65917ba149e46230f821834a42dbfafb66d6b793d7e9b714e68e23a23458c62ba5c468ac337a40f45623922a38f273e34ccd2e7cd5b1b1ae42fdb62704fab8dca352852890310f266c4296832499898d1638bdbc0f764b566e009fa4ad85486fc650b3f0052286107633437deea707d6bf9ef7ede2ec56d8015343fb9cca75024f85a9a55135bef292e21210a9625949813219b52e07d91d4731ab919f1b31e1a9109fcda2ce6fee39bff138", 0xffc}], 0x5)

19:57:57 executing program 0:
r0 = socket$kcm(0xa, 0x802, 0x88)
sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000080)=@in6={0xa, 0x4e24, 0x0, @mcast2, 0x7}, 0x3c4, 0x0}, 0x8000)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000180)=@nl=@unspec={0xa, 0x2a77, 0xfc90000}, 0x80, &(0x7f0000000040), 0x0, &(0x7f0000001280)}, 0x0)

19:57:58 executing program 1:

19:57:58 executing program 0:

19:57:58 executing program 2:

19:57:58 executing program 4:

19:57:58 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:57:58 executing program 0:
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000200)=ANY=[], 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00')
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup2(r0, r0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, &(0x7f0000000380), &(0x7f00000005c0)=0xffffffffffffffa9)
lsetxattr$security_ima(&(0x7f0000000140)='./file0\x00', &(0x7f0000000300)='security.ima\x00', &(0x7f00000000c0)=ANY=[], 0x0, 0x1)
socket$packet(0x11, 0x0, 0x300)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0xfffffffffffffffd)
r2 = socket$packet(0x11, 0x0, 0x300)
getsockname$packet(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000000000)='./file0\x00', 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f00000001c0))

[  476.288677][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  476.294513][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  476.528621][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  476.534424][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  477.408643][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  477.414457][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  477.818640][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  477.824520][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  477.968693][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  477.974525][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  481.568675][    C0] net_ratelimit: 14 callbacks suppressed
[  481.574404][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  481.580315][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  481.968721][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  481.974754][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  482.128719][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  482.128828][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  482.538678][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  482.544486][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  482.768646][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  482.768701][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:07 executing program 2:

19:58:07 executing program 5:

19:58:07 executing program 4:

19:58:07 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x368, &(0x7f00000bfff0)={&(0x7f0000006440)=ANY=[@ANYPTR=&(0x7f0000000200)=ANY=[@ANYBLOB="1953998c9a3223620e22f237d5372597f19d3abf1a9d24c3a0088322eedd77a7c61a4400eceefa7e6afd58d47bf2495c952cbe7fcdab06c736b3838291582bb9079022b68050010016171fefbaabc5c5656609bba2054385bfe6c116caec47f441e31edc7cac126e9fc2b7e2216d555aefe47d770e9830239b8396f491f86d6277cae72b3551e9ea640e5944e686a112241a981226ae0037d47ac9f0101f3201728b73076d1a6b8feb6c1b8a4f357815ef66152a3e26ed0024732b7f2943e36f59548e111509e83fb04e0319831946ef047adaeacc775b9bf9335f4e55", @ANYRESOCT=r4], @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16=r3], 0x4}}, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:07 executing program 0:

19:58:07 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:07 executing program 0:

19:58:07 executing program 2:

19:58:07 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x13, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x35}, [@call={0x6e}]}, &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x8, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1e}, 0x64)

19:58:07 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x368, &(0x7f00000bfff0)={&(0x7f0000006440)=ANY=[@ANYPTR=&(0x7f0000000200)=ANY=[@ANYBLOB="1953998c9a3223620e22f237d5372597f19d3abf1a9d24c3a0088322eedd77a7c61a4400eceefa7e6afd58d47bf2495c952cbe7fcdab06c736b3838291582bb9079022b68050010016171fefbaabc5c5656609bba2054385bfe6c116caec47f441e31edc7cac126e9fc2b7e2216d555aefe47d770e9830239b8396f491f86d6277cae72b3551e9ea640e5944e686a112241a981226ae0037d47ac9f0101f3201728b73076d1a6b8feb6c1b8a4f357815ef66152a3e26ed0024732b7f2943e36f59548e111509e83fb04e0319831946ef047adaeacc775b9bf9335f4e55", @ANYRESOCT=r4], @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16=r3], 0x4}}, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:07 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'nr0\x01\x00', 0x4009})
ioctl$TUNSETTXFILTER(r0, 0x400454d0, 0x0)

19:58:07 executing program 0:
recvmsg$can_bcm(0xffffffffffffffff, &(0x7f00000023c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000022c0)=""/251, 0xfb}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x20)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
preadv(r1, &(0x7f00000017c0), 0x1d0, 0x2)

19:58:07 executing program 4:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x802102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
select(0xf4, 0x0, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x2a)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x9, 0x10000, 0x9})
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="020100090e1000000300000000db73040500060000606b1fbbcae06b644e23aea0840000f609000000000000040055d0dbb525e8b2d400f721"], 0x39}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendmsg$TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

19:58:07 executing program 0:
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
ioctl$sock_proto_private(r0, 0x89e3, &(0x7f0000000400)="0f")

[  486.688686][    C0] net_ratelimit: 16 callbacks suppressed
[  486.688692][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  486.700297][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  486.928660][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  486.934510][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  487.808658][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  487.814508][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  488.208633][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  488.214476][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  488.378675][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  488.384515][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:13 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @rand_addr=0x800}, 0x10)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
sendmsg(r2, &(0x7f0000000140)={&(0x7f00004f5000)=@generic={0x10000000001e, "0200000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, 0x0}, 0x0)
ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e24, @multicast2}, {0x306}, 0x62, {0x2, 0x4e24, @multicast1}, 'lapb0\x00'})
r3 = accept(r2, &(0x7f0000000240)=@nfc, &(0x7f0000000180)=0xfffffffffffffdcf)
getsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, 0x0, &(0x7f0000000300))
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x1)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='clear_refs\x00g\xff\xca\x02\x8a\xf0\xe1ZM\xfa@\x1bS0\x11\xbe\xdc\xdc\xdd\xc1\x17~\x18\xd6\xa5\x88Cd**\xde\xae\xaf\xcf\t\xec0\x04\xe7\xf3\"\b9\xb5\x96VR+\xbb\xa0a\xbb\xc8')
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='loginuid\x009\xda\xd3\xc4D\xdeJ5\xf0\xfd\"=\xb6\xaa\x1e/\xddc\xc9\xf3_8\x9eFi\xe0\xafe\"\xc2%\xbb\xb6E\xae\x9e\x0fF\xc8|\xd4M\xb4\x91\x9c\x1a4\xab\x1d\x00\xbbAW\xf7\x9b#\x91.\x9b\x96Vn\xbf#a\x8d\xfd\xd31\xfc\xac\xfe\xcc\xdb\x93\x89t\xf4\x8dB\fI\xe5\xb3\x7f\x94\xbd\xb6Q\xb9\xc1\x02e\x904\xf4\x19/')
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='clear_refs\x00g\xff\xca\x02\x8a\xf0\xe1ZM\xfa@\x1bS0\x11\xbe\xdc\xdc\xdd\xc1\x17~\x18\xd6\xa5\x88Cd**\xde\xae\xaf\xcf\t\xec0\x04\xe7\xf3\"\b9\xb5\x96VR+\xbb\xa0a\xbb\xc8')
r7 = syz_open_procfs(0x0, &(0x7f0000000100)='loginuid\x009\xda\xd3\xc4D\xdeJ5\xf0\xfd\"=\xb6\xaa\x1e/\xddc\xc9\xf3_8\x9eFi\xe0\xafe\"\xc2%\xbb\xb6E\xae\x9e\x0fF\xc8|\xd4M\xb4\x91\x9c\x1a4\xab\x1d\x00\xbbAW\xf7\x9b#\x91.\x9b\x96Vn\xbf#a\x8d\xfd\xd31\xfc\xac\xfe\xcc\xdb\x93\x89t\xf4\x8dB\fI\xe5\xb3\x7f\x94\xbd\xb6Q\xb9\xc1\x02e\x904\xf4\x19/')
sendfile(r6, r7, 0x0, 0x1)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r6, 0x10f, 0x83, &(0x7f0000000380), &(0x7f00000004c0)=0x4)
sendfile(r4, r5, 0x0, 0x1)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000340)={'bond0\x00', 0x800})
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x1, 0x0, 0x2, 0x4}, 0x1c)
sendmsg(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f00004f5000)=@rc={0x1f, {0x9e, 0x3f, 0x80, 0x0, 0x9, 0x40}, 0xe3}, 0x80, 0x0}, 0x0)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0x8953, &(0x7f00000001c0)={{0x2, 0x4e24, @multicast2}, {0x306}, 0x62, {0x2, 0x4e24, @multicast1}, 'lapb0\x00'})
getsockname$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x50)
prctl$PR_GET_NAME(0x10, &(0x7f0000000400)=""/192)

19:58:13 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:13 executing program 0:
openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp1\x00', 0x40, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
openat$vhci(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/vhci\x00', 0x400)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vcsn(&(0x7f0000000700)='/dev/vcs#\x00', 0xd31e, 0x80)
fsetxattr$trusted_overlay_redirect(r1, &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000100)='./file0\x00', 0x8, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0xc028ae92, &(0x7f0000000140)={0x9, 0x6})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
syz_mount_image$cifs(&(0x7f0000000880)='cifs\x00', &(0x7f0000000240)='./file0\x00', 0xee7, 0x4, &(0x7f0000000600)=[{&(0x7f0000000280)="4c57deb7c781d293e21b842f2fe07c2beff5f2616f2751ab64dc9a4f6e901531f68afdb3da6d9395d4e1c7b2cf12219cec35c2a6b97b04907273a68ae80b38720737403f15208ea225a07ca8516fa344165ae374e9a3e6c407a9fc49ebfdc93791bc3aa2dc9e9d8661cafda196c35122bc650015a5eadbd60ee425858bcba599ca2e43b43ef43506b740fdd60ba10f78bec70fdfe2336f1c01382058a3bf019dfdacceb175d833c3a5e61ba6a2c6278ca95d40b5eb2b0501adf662f5efe24b2931109546a465a5aed9d697cc6b6927b7bbfe938df8b7d5294358403b", 0xdc, 0x8001}, {&(0x7f0000000780)="35b60efa6db4acd0dd236810fd28c00123643522d18d9422c0aabf2e24c44967bcc4c50e4d356aabca4fee1499a1fbec858feb884feeea3c53426333d9dd6de1b8e877772ad703378b57b6b38efa4d13677b1e201a521c140a22dcb0e52cce2c2aee323e0c0b5ae9b69d8c6dcf62e33a82d3c800a474ab1814e9637170e04d467b0b5d2288f8e31490d031a8f70242919aab0575d5aab08dc953b5356a653c5886e9454629a084d465f94dbb5b3c43bc3fa43d9262022ba48970875a67f02ae12fe098c592fae22af5ea70ce9a18a1d7e322c825b312ea7e8138d88f3bfb68ed5714611fe15bab8a389559bc59037bb73722ea9f5db50dfd04195ace0675", 0xe7712b024e0f6157, 0x100}, {&(0x7f0000000480)="19a3c7029f64cb795d7365d8f5455fa425e5d3046c6b004b649030943aa264acfe162bef6b507d8fc1a73eb7135ee8e21afbb0f41109d6e1207639ff006bf291ecc2", 0x42, 0x3}, {&(0x7f0000000500)="6abb46673731da2f816aaf4680d5bc1cbe60d70c6eae5967d56d2b574e58795fdf82c37b71e935313193eae34b8729640c15b6e485d3a48c943fd95963d14f749727703abcd766732ac2c6bba6aaddb0242f7fe63d8879c2ae663feaf7101eb75c175bb9edb4888f0cd70184fc9b51644ae1c9dd0e0b539a48ce86e13edcd9cdc8f4e742c1dce5e0f32d7b2d093df43f746983922254a9aed0a3f43e9051a153c82d22454566e6762fd15f88000e4170ec3dd92b9c33c0af0d7dd722dde55898bdb29fb9299bbd63c99f9d11992ad24b989c9a2b7a4bc7acfa9016c8400150bb3595e898c7a1eef877189c6112d6650ce466ed3580ae86", 0xf7, 0x6}], 0x8, &(0x7f0000000680)='trusted.overlay.redirect\x00')
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000740)={0x8000, 0x2, 0x2, r3})
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000040)={0xa927, 0x38, 0x2, <r4=>0xffffffffffffffff})
r5 = dup(r4)
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f0000000080)=0x2)
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/attr/current\x00', 0x2, 0x0)

19:58:13 executing program 4:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x9, 0x18, 0x249e1e, 0x8000000001}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r1, &(0x7f0000000200), &(0x7f0000000100)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r1, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x505602, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000100)={0x0, 0x6})
r4 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000280)={r5}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000080)={r5, 0x2d4}, 0x8)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f00000000c0)={0x7cfe812}, 0x4)

19:58:13 executing program 2:
perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x0, @loopback}], 0x10)
sendto$inet(r0, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

19:58:13 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:13 executing program 4:
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000440)={@dev, 0x800, 0x2, 0xff, 0x100000000000004, 0xfffc}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@rand_addr="15376d743273146fa88268ce719f0597", 0x0, 0x0, 0xff, 0x1}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x1000000000800, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x20)

19:58:13 executing program 4:
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/adsp1\x00', 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0xc0045005, &(0x7f0000000000)=0x1b8)

19:58:13 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0))
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  491.968604][    C0] net_ratelimit: 14 callbacks suppressed
[  491.968613][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  491.980376][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:14 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6(0xa, 0x100000000802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000340)="ff020400"/24, 0x18)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr="35d4a7cf18000000629841c900"}, 0x1c)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000380)=0xc, 0x4)
r3 = socket$inet(0x2, 0x3, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000280)={r4}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000003c0)={<r5=>r4, 0x5}, &(0x7f0000000400)=0x8)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000280)={r8}, &(0x7f00000002c0)=0x8)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
r10 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r10, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r11=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r9, 0x84, 0x76, &(0x7f0000000280)={r11}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000840)={<r12=>r11, 0xffff}, &(0x7f0000000880)=0x8)
r13 = io_uring_setup(0x925, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x1, 0x2f})
preadv(r13, &(0x7f0000000a40)=[{&(0x7f0000001080)=""/78, 0x4e}], 0x1, 0xffffffff)
r14 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000e80)='/dev/nvme-fabrics\x00', 0x200400, 0x0)
ioctl$TUNSETNOCSUM(r14, 0x400454c8, 0x1)
sendmmsg$inet_sctp(r0, &(0x7f0000000ec0)=[{&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xffffffff, @mcast2}, 0xfecd, &(0x7f0000001040)=[{&(0x7f00000000c0)="9968ec18d01fbf53c0b29f6b50e4d95f6b4dabb6fc1c09af5804ee05678a4a5bcdd9f93acf2fb816663f36858ce7d5686a338869ab4f7610783953d0a6f7106f24758d172d65d2edbf0889e455b8c0b81e489643208e8f2849719ec3722924087a13714873ecffb797bcacb1ef4336caeee5937b136b506d0f3da051860c5f3365440164147f", 0x86}, {&(0x7f0000000180)="974e89d5c86c184980e23dcee635b10f07fb0345f26305ae001ec524f8537a4119f50c0df39e38c650fda423abadb2df2741f27179b521cc24448f4f9a7cea8be5620c35887430409dbdacff3a4df9f345f1f6e9e4ca704fd59623b364da492df6f27afe0d3b927a44346354f8fbc584f0519ed6ed5617d6e5b0791a511984b43231719002fdcb0140e168e83c47569b5c019a10ca0787357c66a1b438f30c217c5bd5f18e9b8e536119478fb3dbb3135c13b9cc9db502511bdd31f97e30c23d021a1144020d71a6e0862949", 0xcc}, {&(0x7f0000000280)="d8f493db6e24b693b373e518e1221be128fe91961333c9dc4e5e48a958bd48e735b441137ff908557987836913b522edda07a66d21d1918672105adbb26de866c3268acd679855b50e1841a1455de01d1b2349f9ccf8", 0x56}, {&(0x7f0000000300)}], 0x4, &(0x7f0000000440)=[@dstaddrv6={0x20, 0x84, 0x8, @mcast1}, @dstaddrv6={0x20, 0x84, 0x8, @local}, @authinfo={0x18, 0x84, 0x6, {0x937}}, @dstaddrv6={0x20, 0x84, 0x8, @dev={0xfe, 0x80, [], 0x20}}, @sndrcv={0x30, 0x84, 0x1, {0xfff9, 0x8, 0x0, 0x20, 0x200, 0x1, 0x8001, 0x12, r5}}, @sndrcv={0x30, 0x84, 0x1, {0x1000, 0x2, 0x200, 0x1009, 0x7fffffff, 0x5, 0xffffff81, 0x4, r8}}, @authinfo={0x18, 0x84, 0x6, {0x1b}}], 0xf0, 0x4000000}, {&(0x7f0000000540)=@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10, &(0x7f0000000800)=[{&(0x7f0000000580)="c5df2d", 0x3}, {&(0x7f00000005c0)="a7e89a761f3dc7d7ab0a276c76845739210dc79b04b0df40619082fee194a5363264468abc26c7b9b5f930ce309951a6948c87057fcc870708478646a35de6c78b65b9597109c294e761a74caaacc6dc8bef9d1069bd89f756c8f786fd8aa3b481ff1d8570f8d8093b5011f4a74b6a03c7a7648da7a9b9989a28559616e3ed3b4b7690e86cb1a70fdd9c7b18e6bca905f1c7c9c94a852478e2c02b4ca3412aa53c727abf398a9ffee73f3988d49293ae64add61b1d257a30d493ce", 0xbb}, {&(0x7f0000000680)="b7df2bf9087c8d1f6825013efd3122867949f87890fb4f424141aa703dfdf17ad8958596f396efe70bbb852e3f7c8c33d1de2a7df73f550ccaa0f54f540a576d2800d52c989e29c085cdb532053fa1e04eef060d6bc9a5203f401338902085eb85db23b4cd205c88c84b7e3dcabc4957747f546741a078fb59fbb0ac4c44e1eb2c2e20ab307147fd8a0f642f528333eee2bc7f9e83cfdc6b920bd1b6ff1cd2143d25c2f9041aa8881844de03eec1cd8855c87774d6e2e4", 0xb7}, {&(0x7f0000000740)="439c2d9f11273b5045279e05c40210c3d27ea91fc7dbbe9c7e4db4fdf0a697a772c3246b61a94d2b342991f8e940e138c1bb934a241d6e769d0a9028de300e61a2511d19c03773b1c9427b9e72d5b6114c64c44d78dca4cadafac416e366a7b505deef0ad0bf08bc0c8ee36539a05ff4db0c73507ca7acf82d6831e39b45cd990190b33cd25c55412835319c4c39e302e78a5f2ebae503b7aa106efc05", 0x9d}], 0x4, &(0x7f00000008c0)=[@authinfo={0x18, 0x84, 0x6, {0xf800}}, @sndinfo={0x20, 0x84, 0x2, {0x44, 0x200, 0xfffffff9, 0x0, r12}}], 0x38}, {&(0x7f0000000900)=@in={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000c80)=[{&(0x7f0000000940)="15a30ca3423d15f92375a1294d5e33899509ca88c879d56102", 0x19}, {&(0x7f0000000fc0)="be882cbdff9208ac52e896736ac1dfb44093526cbb42860c4ff25e3962cdcfdccc2c1ed14b09190a59c44c7dada24a0237a72507b23b7f08190fce182785d91ad13afab573373800b84191d5c8d2ef76ba8f0021b6394ab2b346c5652b3b3a5908cf23472c6e5139a1fbdb306617f0406be330c78b7585efd2cda89d88f1", 0x7e}, {&(0x7f0000000a00)="ea5d1942b406591791a74ce86ba8286b6e3b44b4d83a1987cf660bb9eeff504fc1c669b896b5da10e671c52fb1", 0x2d}, {&(0x7f0000000a40)}, {&(0x7f0000000a80)="37b9c8fcfeb551119e2986243e6979e7c15f5e85de16bc3eac87df29f3e032f0134ec8e70df4dfe7ea4039eb36f1a90b864ad82b57eb5bc056bf01d4eb5de0a6cbbb1869b05fe70bb19710e2bac34ce45675a519a8602604711300aaf19193d347b69f1d4c28caf213ef6d5e778d62a70294e2b74c496590ed7b0c3d731b5c5b6e495cdcf83a5f6a21e88607839099be0d350836e1e2554d48d31febe283ceb7163cef790f192a9049644c9d749a54537de7e05357eca17b8061f733942558ef40d0e3c0", 0xc4}, {&(0x7f0000000b80)="03963df468d4d75f32e74876ec587f14a5f82315ce416dcc95dafd48517e35ff1deaf3fbd0079c7c9ce606f654d9bf4217d5fc6a9dc32578d8b61d5b0353ed8b3c9f2a75c97161c323ca16a9d3ccbdbe0e1d2c0cec5edfc96dc2cdd2ae0186c2b46b14b9c2c538aeccf2a40204ba6a49200f1f72d5376fd5acf210a906e53def126b672dfed98a935b719797474178059802da86371960da3b04dd6340fd528716f00416f9d2261eb35cb236602c55e88d35bfd0523ce21e5d2c239460eb0ccaf9fa233da9974c31e56e9858dc7614e5e90f3afd291427d3d7d306597dd70b30b480d16828b66b4b478d783fc0cf82", 0xef}], 0x6, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000084000000050000000000000014f4ffff180000000000000084000000050000002007000001000080"], 0x30, 0x8000}, {&(0x7f0000000d40)=@in6={0xa, 0x4e23, 0x1, @mcast1, 0x8}, 0x1c, &(0x7f0000000e40)=[{&(0x7f0000000d80)="d9264607ef94a583fcf2bdd6c74f9a4dbcba04fa7c7103cc8de4ef93c91257183633b9057b7c0a0da690fcd748754a0d7f9a4681b792f38439d7bbf80b21c9", 0x3f}, {&(0x7f0000000dc0)="a8d2ab20133d2530007c63a52cbd8ad42075030f0f70c197fed98e42a8ebbaec57021ec31df42919474ecb153a9395fd9389a3c188ffc5a092479c9a63624257", 0x40}, {&(0x7f0000000e00)="9ecf2e09d904173201249944550b3cd2ce6eaa0644e6eda5a8044eeb4c46cd21b8fcf7290777f2fda08701083c5e209681201c", 0x33}], 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000691aa51f00000000102406ff0f000000000000fffffff5"], 0x18, 0x20000000}], 0x4, 0x0)
openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe(0x0)
ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2282, 0x0)

[  492.013111][T11186] CIFS: Attempting to mount /dev/loop0
[  492.032658][T11186] CIFS VFS: Malformed UNC in devname.
19:58:14 executing program 4:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = dup(r0)
setsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000000)=0x4, 0x4)
dup(r0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$bt_hci_HCI_TIME_STAMP(r2, 0x0, 0x3, &(0x7f0000000040)=0xfffffd09, 0x4)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8b22, &(0x7f0000000180)='wlan0\x00&G\xc4RGb\xd9\x91\xf5R-\xf8\x9f-L\x1f\xd4\x8c\x80^\r\xd1L\x17W\x8d\xc4tB[\xb8\x8b&+\x04A\x1f\a\a\xdc\xd8#\b\xb9\x01\xcd|>\x8c\xf4H:~\x96\xd0j\x8c\xdb\xac$\xf6k\x96\xca|^9\x95\x1d\xabyk\xf7f3\x10)/\xba\xfb\x9a\x98\x88mr\xf0\x90\x1e\xce\xd5.f\xe7\x05\xf7Y\x02\xfa\xff\x00\x00\x00\x00\x00k\xec\xa1\x8asq]w\\\x14m^\v\x86\x8d< \x9f>lS\x98.Q\f\xba\x84\xe7\xfc7\r\xb01\xb4\xff\xbcA+t\xcac\xa4\x9b|\xea\x11y\x91\x98d\xed\xfb\xbc\r\x17\x91\x9a\x01')
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000140)={0x1}, 0x1)

19:58:14 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r2)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  492.368615][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  492.374448][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  492.538611][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  492.544457][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  492.938690][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  492.944521][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  493.168636][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  493.174596][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  497.088676][    C0] net_ratelimit: 16 callbacks suppressed
[  497.095882][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  497.101759][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  497.328679][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  497.334628][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  498.208665][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  498.214533][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  498.618635][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  498.624493][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  498.768689][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  498.774545][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:23 executing program 4:
syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x3, 0x2)
r0 = syz_open_dev$cec(0x0, 0x0, 0x2)
ioctl$IOC_PR_PREEMPT(r0, 0xc0506107, &(0x7f0000000140))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000000))
rt_sigpending(&(0x7f0000000080), 0x8)

19:58:23 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
socket$inet6(0xa, 0x5, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r1, 0x4, 0x4002)
io_setup(0xc32f, &(0x7f0000000440)=<r2=>0x0)
ftruncate(r1, 0x48280)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000800)="371d848c24591792863b2d5d6bc3c76a000001000000000079e6ae1a07de1d42fd46fdfada485aaea1cda588838353786b2ff4f7b644e0839054fcd3486dfe9795b35eae35042b0ae441065b6570a16e9f59424cf705c5958d33fbfcec4080876e65ccb6cc4a9a8e6a0f46559eb725fdab41865ab93895a77a3e494f920e9617dc006dcbe35e9ff7112f2a58bbd9f7123b6661186821900b092f90a53e27d726e56671cc23bf1472b65c3131051de54ab9b1fe6b7b515163790da97ebdaf688dc5b30aed84cbb5c86c3c0a64548106e6a4bfd61442897160333d8ad0b914906fb8839422a3", 0x2c84e1972a71ed36, 0x0, 0x0, 0xffffffe4}])
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
ioctl$CAPI_CLR_FLAGS(r3, 0x80044325, &(0x7f0000000140))
r4 = syz_open_procfs(0x0, 0x0)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'eql\x00`\x00\xa9[,\x00\x14\x01\x03\x03\xf0\x00', @ifru_addrs=@nfc})
sendto(0xffffffffffffffff, &(0x7f0000000000)="59c05a3dec2e6cefddf23c1005b796d05193944d4fd8f690bcebe23c7fa11d53a643a902deec51a9d90995ebfe", 0x2d, 0x8000030, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$USBDEVFS_DROP_PRIVILEGES(r4, 0x4004551e, &(0x7f0000000100)=0x1f)
socket(0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)

19:58:23 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:23 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e000, 0xe3, &(0x7f0000000240)=[{&(0x7f0000000100)="c1e9091a4a9eb15b151739eb3c906d6b66732e666174", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0)
r2 = open$dir(&(0x7f0000000380)='./file0\x00', 0x8000000000006000, 0x0)
setsockopt$RXRPC_SECURITY_KEYRING(r1, 0x110, 0x2, &(0x7f00000000c0)='}\x00', 0x2)
write$P9_RATTACH(0xffffffffffffffff, 0x0, 0x0)
write$9p(r1, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796ee", 0x110)
sendfile(r1, r2, 0x0, 0x10000)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e22, 0x4, @remote, 0x5}}}, 0x84)
r5 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$UI_SET_PROPBIT(r5, 0x4004556e, 0x1)

19:58:23 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  501.168097][   T27] audit: type=1804 audit(1577390303.268:58): pid=11241 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir755456860/syzkaller.ym7LGg/61/file0" dev="sda1" ino=16868 res=1
19:58:23 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket(0x10, 0x2, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:23 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='\xfa\xe9\x00')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x80, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xffffffffffffff93, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@broadcast, @remote, [], {@ipx={0x8137, {0xffff, 0x30, 0x2, 0x1, {@random=0x1ff, @broadcast, 0x474}, {@random=0x29, @random="884fbdb6b7bf"}, "6cf79ed77ace2a282676d8a3a1a321073716"}}}}, &(0x7f0000000140)={0x1, 0x4, [0x858, 0xc56, 0xee9, 0xff7]})
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x405842, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000})
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f0000000200)=0xffffb8a6, 0x4)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000080)={'gre0\x00', {0x2, 0x0, @multicast2}})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  501.328761][   T27] audit: type=1800 audit(1577390303.278:59): pid=11241 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16868 res=0
19:58:23 executing program 5:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x400000000803, 0x5f)
close(r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340)='/dev/net/tun\x00', 0x400000001, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x1})
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000540)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000002400070500"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff0000000008000100736662002c0042002800010000000000000000000000000000000000affe00000000000000000000ff01000000000000"], 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r7, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
recvmmsg(r0, &(0x7f0000006e80)=[{{&(0x7f00000043c0)=@ll={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000006740)=[{&(0x7f0000004440)=""/4096, 0x1000}, {&(0x7f0000005440)=""/28, 0x1c}, {&(0x7f0000005480)=""/182, 0xb6}, {&(0x7f0000005540)=""/127, 0x7f}, {&(0x7f00000055c0)=""/174, 0xae}, {&(0x7f0000005680)=""/4096, 0x1000}, {&(0x7f0000006680)=""/94, 0x5e}, {&(0x7f0000006700)=""/7, 0x7}], 0x8, &(0x7f00000067c0)=""/62, 0x3e}, 0x7}, {{&(0x7f0000006800)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000006d80)=[{&(0x7f0000006880)=""/146, 0x92}, {&(0x7f0000006940)=""/140, 0x8c}, {&(0x7f0000006a00)=""/17, 0x11}, {&(0x7f0000006a40)=""/216, 0xd8}, {&(0x7f0000006b40)=""/73, 0x49}, {&(0x7f0000006bc0)=""/131, 0x83}, {&(0x7f0000006c80)=""/208, 0xd0}], 0x7, &(0x7f0000006e00)=""/123, 0x7b}, 0xffffffff}], 0x2, 0x40, &(0x7f0000006f00)={0x0, 0x989680})
sendmmsg(r3, &(0x7f0000007100)=[{{0x0, 0x0, &(0x7f0000000640), 0x0, &(0x7f0000001980)=[{0x48, 0x84, 0xef, "d6ca947c44a11cec25de2996b7ea714182662a5cedd8837dddac3023b7004aeb727646f505ef2a8b4c4f9e3310e7a167491b76"}, {0x30, 0x113, 0x2, "66548f5ddc34bd250273cb1656eee92e01e92731cea92111c219"}], 0x78}}, {{&(0x7f0000001a00)=@can={0x1d, r7}, 0x80, &(0x7f0000003fc0)=[{&(0x7f0000001a80)="796438cebe737338ab213fd5d1203ab4513adbd2045ec71377c4a841c65bb5fe6cfb79abd53e7a13433c8bb90fcf603fd7394589973629f11d0a5276b5aecff11ba2a549cd06a242021858e8594375294c868ccae6812242e13f4515789ce7c861b44ce6f545c2d6dab1c84df1c5f7761d9381fd2e8ef5dd4f9bcf1ecb8a47e18cf3c6b4762c54e0e5e0eb798bbab31e04de7bd6864ff946f4e8be3e1b9c99ba6d1e87e22b0321f548f24fab0f4d20522f09f6812fe9a2469ccdee062a0a855144280c2770d760b3daf827e5606f2b43f672c8f45bdaa57945349cbd11864d3ff06d", 0xe2}, {&(0x7f0000001b80)="bd3080e621fd5be9f66943caff6e75af6880b0446f8cd769d6a86c2715", 0x1d}, {&(0x7f0000001bc0)="80a1793507445581b0af0ec451821db0bc779d87829725d80854b9e03ec3f9813f2d324749cbd4ab96ce2838117b5d97fc1f29192cd9913e5e818ed74c1634168fc6f2947907306bf2af8eea0cacc0cecf8f51a62380520af52900e40e95295da594a2d4daee795ce2ac330309d799181cda1e50e33a1e2b327af3a9c618122e8b934f44f7c586473411c11ff0243f2aa6f51416d49deb2499dbf1ec5215239dfa93df5613eed5d90e56f4d6bda330e60eda5d07dd2226d3cf71a99bee839bc38c5d886fd029540a329b4d79ff4e8daec5cae2995bdd9adecaa30d1090b37416a78baf3291aca4772e2dc7d091cbd146491b3a29b7fbd62488c9d6d00999dcf209d82e17b71a99bedc8ff1e0f03e3fe43ad313cd79bea2be5181a3ea9d7b1da82e3b06c415df1cb8a5e0b5950ae035850aad9a6ec58186b2a7a7d1fbc3969cc1b7de27f489adf14f102a6ab8e405b105ce1988f7211fff2c8cd429f322db6a3442083a72e5f8527344a97b3bc0e09a8725b80c667d1cb5d411e0192e7db5acd892301d5adb9d49ee8c72522dee4fb049587db059966d7b3517252c64c539f246cde9f82c6fbcf62f99c32777791dfba5c03c751e9c296771c1d6b8a922a39875a8e4b40ecf2b13ecca468e3c1cecb12ab86aad243feff5df5114284040b4c5b902a5b0c384d4695591e8a7eb8c673ac310ee7f98f1cfc84011e89ae65873f6d5683e632d79620a2344dbf8e0c78ac9c5955074fb06bd44a3432ed319ec17ae1645eead0bf45f1f11ea957815b392d6f84ea8803b60d3f1a306e5d02259a2fef2b68b93bc6b216a7c1ceb71d16939450442672396806117c7f87c5180b1322932a6474e8f3c77a1afdb9a997b75408b26abe090bd0a0ad15ac7fe8ab9feb962d9b557ff553252c74ca239192baadb4ca9f7bc4a4a346ddca76f1a4a9e43226640104b112960c7d96de5a50f38108608c2d61e8f1bacc1c7ec599aa7350da37ba03963114f0d15854a1ef5dac180bcbcb550c7349848ee564666beef55552f1b3dbd07aea4eac63729f0133418657fdf6baf17bc846070f9033082d5fa00af053457ef459287c6a9d79706bf5889885904afc54641509f35d994ee77e664624e56231dbf45255ac8773f91a7d3687ac673e1288709e98e3de9b5f7a509c927a87e83feda12e7044a1fd0ceb562ee2be9470ef0b44ab74145f345f3bc7b6b462b4fdc707fdab1191ff357e95d41bff1176405ba14c84ede35f2317e8437f693e9b961b2a4a69c26c3763a7c939599333e6c8650c5c5d6b8056ff37435dcc1469d04871fb0d3f725bcedd2dad32ea4f5283459984233495ff365420e9832147bba4aca10907514ff340b96d4d56716a72ba05845c98f6cc3ea962b372358772d954ee66e21103592dce2b9b9ebdda4057874ba6d61451265fb4e4f1c78f95157c6ac55a7432b41579f93c658fa4e18fc55c671cd0ee1bbee386aae4fafe1fc22fd02e963d3156c638c001f232a94d3168c06c0d042fe351b3a198b67d1e7872e34c91991eb0cdd52e3cfd25de3317003ebb86d0296cce2b0445c086bb40dd5e5005186721d2eadc2658ace3dd48306340bc0a0506c8597f6bd63212b034a596d085d52b3c509276ef02087a99437c9cd8c3762e2ed05798dc9c95b0b9fec379726f4f8190d31e64135225b65459e16064adf6caab530350fedb56a235b8561ce27cf7ca8277eaaea0fcfffdb890e729fa1662a5acd9a80e559fc09208ed4217880e0f8589bfce233108dd04462cd33c3d68d0b30b8557d123a4cfc03582f000b4688bfcc97c20cebd3e0f45f5589805a1a9ccae4c3f0ed0843f92d6e8d07f1939c8f29821c1cf7413856608911309eb8d74eca1dfc1c04c2aaf3be0f7880c3ee54490e6f742cc46c452a2dbf7f3767679ae3e0d5164c7cd7551351a758e4e1753843a8b2951e928b88dc62c7c43e952feaaf16ccb36dcee39cfa78462438e6548a2fde5f9692e0606dfcf4c9fe6cc41fe1e985dabcae976557a5172db25e5f714c0f363cf4d509c4ac9a97116d8d1720df34e4ac64c4732c347b1518e1b1e54156264feb8567495402459fc8651a7679322c899070765de0dd404e841280a25b590318ce006ac1435c94789cb628075fe50731be1d71b4e8a3040105212314d0c85eacbb04b07b3aff0c27d032fd24283f9f2102ffe122005015ef8d9169043ba4e4ad5b5ad8ef2113dacd02d6a4ae1d33f5d4f31289e0e1d7638d83e1885d3407bdbceb2e31aee0a464acaaec1d853c630fb770b48792c0bb9447a5b9d18e2d13ef8b230058a41c6a1b6c4cf670e0373ca910b793510ccbf6362b12a9c0609332d313eae21fd15ae3bc1da3daf84f725b4b00215ecbad1a7af963c6b1869af9e8fa7b71e79a007a342a02fb5f23614b2ab912cd09d7854e20b5064c1e4373177266a602db1287d9b703b9e99ce7e5f102f677bc701d5d07b72470a212bf887ed685df4e9a98e44d0065eae2bcdb4e2e93bbe605d47af78b0cb7a01889edc02e53dd213eef04b2e90afe6947a4372a5eaf340962ec39bf68f06930825594cb4bf8bb484881aacc31cf50f0799c0309a5a1cf3f7bf5dabd491d1dfa5cd6f71c2efd2c4d6feff4bcf06ea8a8f051154c34c112ee7440ab44e92da16805d9ed28cbc522db4f32c07265a1b0f39d2e392ca8caddd34f13ed60e716978af953e8047dc6652c2dd38b92452156bf3c42487837e2fcf10f07e6e17c4da2cb96239ee7a4bc6abb754e2338f344a7b8e3fd18ed34dcc8d092bd6471568e86d25be041999a8ed36ca8eb9b620d2a837cca8ab4735dc788335a70a9f523d32f49dd22823b7020e1560d4f507dcb03aced6e0fd7df69685b609cfc31fd3cf218939d411b4d9a3ec9f8dbdadd3ea426a4c80ea5a10ea063388a85036331e7641f174af889798085ff1f8ec9368ec1ad8f31959ccb0dfe78814cb8bede8aa9721dd503fa3e5f62a9b99e40e5b71e19de96bab184de5602352fea6be1a3dd60f470adc91366e614926dcef225bbe643f554719a02fd16686be625da3055c0c37b913d85063375d08d77392e27030f74c1e49a609e010537729b583eb6b36c6aa9afdaa1c4a07c80f59ee71f41b6c786e0fa4cb8b4a9db4ab373da6ffce0e3f3878b4d72b58c46002368ecd1ea6181dc71fad2c8cbc178d5439f8a00f9f76759445696268bea48a530db7316794203d9dff1d323d672f497bc2002b5d9fc6af7c467739ef5a9d0c764e3cd4736fdac3266f514f3c0a3677754509701b2602c5f592df0e75118b980060a3b65978b3ce8ea1d09b332de7b7b77fdbc90ab273d46e61d324455244ae38357cfe651a32b8b0f5c0091de486df31d8fbf72badd432bd17eae449f450daae0566eda70948de75f5eb852003ec596489bd0bb2ce424d6ad25d6c72ece490e23b32fa684fd8790136c0ad9890fd816a0cdf32e09e44c2d92bc407057bb300363c00a473373a3db12519f2cb710d43d93e31328cb859ff42848ff26a5dd75a06d8ec20d306e4685a37b297cace13510def7b700bf4a499773fbf426b1cf3e3f3a6fcd5d8b8c3d88af0392d96e03222ba222eb7afc5bbe517baa87f6c1bd16b001779651d811efaf9f7d4b71b6e2dead9035768baba8533bb93851f4345a3df54bc0f8829d156d57e3d6f87b9cc57681093a64ac0f8dae0f1733fb2c356e4e9c5dcd0b0be128f341f2d38c411c348eb23fe3f4cc174fdf1ea3a2f941ad2be3abbc156a9950f98169cf998d54e5ade570e36adc723da17cf20776a8b0dc79bf4a96682999f2baa6d266dfbb73923bccc1906f6cee840fa6f9aee86f0518e87282d03e0dd9e627fe2bc44c6dc54faebd66334e2ceceb10d3984cc01ab3929d2566ab61d639e4b1c9944999e30124bc45e1879268f363f131c116e1002faf21b2c3881725df03cebf0b7b0d5b9228b607b1da92ae8311f8f7e6388aa55779ea8418c98a412c30c4e19f4bc7623ca09d08c924dce79231bc04773becef00fdfde301167d0660ed2c84c5358c011cb5ad308095d5c0f27a046eb1ad79fc8366e46aa65c7c50deee13668e01ea57d29e2a050bbd6083e4084b20b7a9657181ebecfcf3960c2a2bcac4814514b795bae514a337fc54161cfa7c59da96c080df6d9f2eec7b1fd074fd7a8966101029db8e57f5364852f8d5c130008cf098231098dd1f4f195f55bd91b09ab656ae7a4d4d85db8f1190b0c8b62952cfaa73900c0a5c599dbda1289c8179f832f604121bf157346d027b1d031d098877ba206112d06dcb6894b738edf1ea81452d21ba893f883852907c462ec350fc51c8bb7eb34e58ba6b71e5dae2f7b5d30938d8b65c684d2817fcddb20db2cfb90ae84aed0819153d7557e7e917007841a8f364699be1330ec2f9ce7dc5ab36c3f8c12ab2b2ecf3ec6af062334c7fb78d1eb53f526b8788100dc947f64c39ad64e13988e1198fb4db078253b15bf5f8fbbf35f4d62864c99a8d280c97d6d31eff3b7e66acca15220aeef8f5d6b33167d33cb18e3b1ca4e3203826dfcbdf01ac8aa1990c3c5e49ddf35204535ed9feb471f35f7dd93f44268f5e330d2c6d0d70cf3e5850f02779313198a47c2a01c23793216937c776baefcd3c089a14663dfd6bffa89fb4ef94b0a2cad52c150fbdc4dcee567593f34e9c2e5bd801a6bdfd98e42f2d9c26d372b20a09919e552d56c27bc09e3680ce610cbfedb99dd2c5f3cb4d1fca538b48fa8db4d478d21697bf7c6402a4cc4c12c55ff6c507c0db4c09323a5889f39419bd94f696da1fad80946a423e061dbdda69f4a4c6fd9fe64444769ec5a85b96cc550ba0da970a7426111b4db0a99cc581b6977effe369e5e317fa7036ac24f4d42548cab00a2f6d840258e335c77f83617745a39fc4b9e851b7a01980b6ad12a1010e8a7cb476bebaf2683b8b8cf1dedb884fe8b0b2873866251e6c1a59d1fec42c411a266b5d38f7328eb6e4f5ee0bd53c1d692eecbb99247d1b122ae2ea163515e9dc485cd80e11e0c6647c10d27a434689e7ea1dce01d63fbe51cc867a862bd06dec48bb2dbf376d974e3bdea8ea74594d411c9941660b57a89225332f438b2abaa97c8ee139533eebfe4424dd6e7d9f2ffab65096d534a147f31e2205de1c7f90c78b7c3faecc378b77677a447dd4a1f5e68713214e71d191bb0afa85d00b33236016abd881ddfa1880d79d5eb7fe1a7e229cb74a1827f6ca2535fb97a5de97f40cd5e6cd81e65b59a2639b16c0d608340bc47e88f518bbc650a45f79326f5564af9302f705670945becfbf0918992a111b53c4abc3f767574a74146d0a6e9064566b0364e32e5e20dea10e2ffa638dc7ce433303340c1531c9344aa1b820f8470c6124c36fcb8c5058c3b91e07ba183621022827b710be6b68fd894c30c4213adcec3e7ba7ff8bb1b1b14960baca5260cc1f55e79bcca83dd5a68bcfd064a58ae6e698c3432943eacafb5cfba5fd7bf8f7b216a2487751aaeaa7e3d8cc022e41fad0e365a593f97d364a93b5f82db9aeeb9f8d22fdab641bbba504a017ef86acfe7725684ea4334c5259417b533217f21019b37d9d74a947384a2a29a6b28cce539b6fcee1d7a35accc90247a96a3d8eb91496c21a8b1895b22c572f2f7d6affcae5e32b098a82fe0557c21c539b64fa2bad33e83c49dea70a662a56d56ea4cbecb35e38d2d413b407f311d9efc0050e6339d5e947fb28ce578ac6030420ab5877d872a0883664f86690b4cd0330659be7d01b0c14266ba5d10f71cbbf09c9a3b2d578e6", 0x1000}, {&(0x7f0000002bc0)="faf7f4ef6727b91409eb8e7476e2cd1ef7cb0a824825e70b6c86387c8edecd5b5f21cb9597a50c810fb9d3a232e8c0445514ace67330bbe75741538a25b4283eb526fb795e1c128c162c179fe43ce5514a49bdc519e1c99ba5f6a6cd4c5a6a43b257994def15703dc8c898b98c73a64cc672868884067eed", 0x78}, {&(0x7f0000002c40)="fbedd1dc60a78c5c2798a746e18785a3314503821e9778efcee16428fa051a3654458e511690fd2c71d404d0735186de07319cda1b3d09ffdc922886bec410d785b4c637625e7fa8c4e255f0edc667a3fd765fc89e39ea028ab6b887b512e44a0657cfa355cb32f3a087da0c54b61cf66067b844fdb59dc60ae63d5895152fe9c820741d6b297491188a64ea1be5f777813bde4901c36e0b62f9d5b71d6a75", 0x9f}, {&(0x7f0000002d00)="a541edfc98da3a7cacb3aedaafb93bb09bf4ff25936b6d4db89d548e70dd9711fd74119d19cecaed2d49f10859697b42367394a6b3af47a9223d4d68026a9346e4c89602fb931d7fe4332a68c44c8e691903a71859e369", 0x57}, {&(0x7f0000002d80)="fb24ae615cfcb5b69016c1cf812e828276e4738542436423864b4e6f35f39bd687db576809d7d9fcff55e10ca5c70e1dd7e5a5a85951f0f26dd13502cd89c38a7d72c9ab4656d5d0266d974a7a2fc54079cfdec45523296f7e9aa8a9d26b94e1be4062d772df4d03236b02ec4a3420f6156e277a0c21e2e73907f88922d005450c1f9c002169f13a42020c60e35e81a152c0c362d2056a52c5768f9fe7eef909b5079856af5310f2fe09b680e451badbc681a44ad73a52cd1045875edd3e9d570b26b2225ac3e7ffed65b64838707e1d383b5f8ceaab37681ae2ac8b998af6f7eda4ded2505dedae6d8b9aa2176f63374738f776e1751302bf610d7ddc4267f0a0b1a041db6d367462c9e4ee7a0e2ad5cab5f7509344bcfa0ca5c3a742b2ea69d9b738feabf76ca2d9ad46c7cd510627ecb3f3f74d46bc2a464912a6268691a9c2ce8c73f5b4bc33a5c46b83f1e2fa0152450a8238bafc229699f420ce81adb201e86ed9b1270089170bf6cf4279b1766844e4931c75626c9a9c5ad1ceae5d1bfb30a57bbf9a72f8783633695d26a0789692fda331be430d784b02e8f20be5406562974917993ccdb0441f54813ddee6d01daa96cd0f1caf2be90c41369dd86feeaacbaba1a7dea798423828e5b84bf10e281c138a1207e5b58b2cc02e76c91333672528ac5ec9a3928f73c515fe7411dce51b5f0e2fa7ee71dc96fc9ced2781a2bc27eace86b601ff583c47fa88f515ca506bdbf276613599f634513c32ab7e643b928e6191b9ce9825748e9570fcdb723321b341e16a00498c5d8e71f08f5390ef1e863d310e532d41dd2f260bbabc12871a1adc0eb7644cfea7d5a1459df52501a7677fed718d395868764e51032496756eb11d164a86d4657a2bc2dd4f3852c0aded6af57162c17ca8ff98dccc3400a1d8ffccb08de0caad3901f221b11dea5f3e43f9078e6a7b0f967d18b84b5e0f4327ed6d4009bb6759eef1bf161e9d2732f41d751b133f1a2dd656755793eede1525d8cc838e17af90cb5bf8ebfd5710ab283e7d7c4c4ae8c2eb0f1eb0171bd3f7caf82d17b18f1a222e5bb40f082918753bcbb31e21a6f8285c7b4e56c9ed024706fe252154c64786b6198697e0013b7d72c59fda754e9b4f3e6dc2ba50e4bac3c77c3a99f9d3b044b10d188b67ea80500572112e90d88ce32f74fdd527d68b876600fc5133cdb53abfba728dfb5a6db2c8f5871283192d30ed22e3cb1b68ab1c513bab3ce87d33fc00aa2938badddccf7419a88ab923341b2d487dc8053cec46b7fa342720b8acd323cf862a868f028c14cdb389e432a436312ae3ed220463f5e276fdf62925036f3064ffc56a4d467e1dd9146dca20c65d28306b708d87e20bc51192d887addb75ffa405d2728f1f8391e5733f7c064ee2fa2982996393ea0d4e5afcc189c595eaabde1a03f07d7e6b40e1916ae462d43976af9893f5d846c30c08dbcfce4d8f0469931827c6b798cef2a8a603c8ed087fae9cd1d288ef2a5791fcd7a7bf2bd9c7106ce38bcd844cdfeb74db043d8c62240ac60c8d9d44cf9bb014a1b81c02b422e0cb622556ca92b2723486b3533226f182ba4368a3c6abd98dba6be8481d10628129548e4a7fa33dabb3cc650a80a3a78a951a25142c10fd82b5fa138a02b091a99f380c1c952b0bcdf52b427b4ef9890349da40e698161da7f0dc6bed30304c0bd26f81e347050b5c61646e83627d6be67eb602ea01c3b4303bef5ef49f864189eb0dbba9e0488ff93007043a492984749881d1077230f7825d95001f46b487e3ed4a34b74ef3285148618b2c05d42c68c3966661ffc1a558ae219a254cbbc22b35c5b7311d0a3be08123ee0ee87b655bdfeaac16a4cdbda6bf2c351b777ed4dba787cf2a999a53960f7824f1a7eec4d72e1cfba7a17b16d7198b8c9458ae917fbfd514b7b5b90a676333c35e152a119e2e222b13581199b19755da799ab9dd0b0851236ade441d9e2d95e137e46d4ecf44e4a57205426abae64dc638bbc554b4a3218210947d167094e38aec17e6df06a67460e2a71d910bc9475f103088b84476d7d69b544bdf132e035f841a611e6eee9e8aea8e645746089d4decb65f7e160fb770dfc6d037cdd8c5a98228bab48906b413f79526ff892d5827bce61d4c54fbc207610aff44c536e77932c47ce5b2c7da6c381b43d59f4f3e8bb130750591678900b4a87edf7e6d1becbbeca9e3f397a5533f1329d04c735aab9cea5d7a0960b25c3b35275ea319ffa83b6a5a78fd5e40eb6214a6e9ae92d002e9879299a2f1320d78250dbcf7698370ee689224401852cbecfe79c51342330110ee1a94a4b756e8e3ab270342579b1ec7821a6879dcdada139436d61a76d4540d10ac7dbbb3cfb229bfe52ede96ea8b529bdfcf1bc130bec6df302e2a124d008ca13ac7ab68ccca2a755a8fc5917c9a9236210a7387de7a9d472dd89a7e174c7c947de347c37de90a8dcb100a126da8cd8f5dea143034cc9df0c453edc8ec50ac32ba6353c112d0a923a0f3f5b570d375b67021962e3ca9a07727a735a1a1d4aa631088b82149bdb43d26a03704bec2ee2f9c5b84476a7302775cae1a6ecb0f8b422d33ce01534e3387a22201537895f5c56fd2128a32b9cf6b2daabc39191feff0f23e654792f839563df732101efc07beb3fb5d3958940c39cb666a1904a9bcaa2bbe5a06d083e9f7395a47373141ea8b5375738e646c8cb069cdc36e8cb7964557f60f01ab0474aee8cce5939bc6fcfbd583acd7ae7653a4d5bd486a237ee3002c5f8ef1d5e77480ea98915dd6ac15b7b2d8f5cd94df233b0f0b271b6cf6354c132c13c5ab4858e164cc062f604e31eae34c272b68f0ee4cf886f658d9a66393e4128d35b245611b0634e7d053d8679211c00ac822f578c6b4abbd3c158004fe6fb5976d05d8fdeb563bd5380126ef0b817f7656ac334b19946ca9d551aa784dadb26a3bb84939d2af2a87df174d3845f7b63983144be459862c505a7b357b1312c3ced49293c4ceb0f2e0a3b34ce36cd6a40640b4ca137d2cdc46709bd02d7cc34462e63a0c3c8b194ad38605bf96668d1e5500590f9712c886cea2e3cd2c47065dd626eb9fa1b40e0de7c316c822f0be545450ed0e191a98965fb595844d8f957875dee4279c6161cd26ccda12e776256d77e1bcc2e5ed45fddbc55fe79a304b57904cb5778b4a3f5163c339347850b48d09ed9fbedd8fb87f42db846d5fdd679e00f6dd91afd37bd61ce1e32b424262ffd3bef379249249304735d1e079a159bd29d6934c6bd2567a3d39d7a8b72509e23c76e8a21f2ac4f0b9ed857ebb6ceec942f33fb6c017299f7f177d1f3ad638c1e39f085539fe269cf3732fc380f2a94a784c53bd6e854d7ce2c02ef1ebec34a9f10a7d330bec76e59481785db0f4f48ec64ffe6907391e64e0043389ffc9d7478ccc5a3c84993933b99f969102c3995c1fa84f8d963935cad94637d8939b1a18e809e0ba0bce5fcb4600e206b9142f249ce64827655612caa67db29d43018af2b1cd72f16167c7cce72a7697bc13347f744865a6b91f488d340c074973eda6bfe5f4b84227f41803bfef7bcf79d046c48fb5f2136dc55b9d12dda1806935611376af6c31368490c4413f60c72c6ea1f1f1a9a668f90e2adb8e1de1e6972c7a4f8abdb6b7887ade7e96a92f0df5ca521ca7e7bf418484f6ca201a3cb6689eb915f4abe42e03b99e20f759bde1b21ee9c6f796e4697040330e6d464c975692b3b3139a42cc8423300ab8f74132ef5ba2cc17f6e27b1f62274b1e95a8676932746be573824a829ba6c73932afabd7ad7b42834416940f33c4c112d1ecced6f97ad3df33f433e61d668624557cb3eba65ee8ed7b9da489bbc13f6ef94dc5728fb8356451b05ca59132593b414edf1a0746edd8ebdaaf7d7ab29b52edea0cfd49318980ce57fcb982a5162f17da3391794b7ce5d0945af73601ffc6d6b89dc038249b157cc40b2e055bba53a862ef10feaed6f25bd609929852b7901c51483d52dc19d3ad6b8c553f0c05a0ed047b17e3830a9b40354102c7cb4141cfdda85da9585b0947a69cd03c0339a6a4879b93cf3cba0bd23d93017f8fba01db85ff24151ebc84eb0f08fbba707a433e26c638b04fdd8aa6e7ad9fda9e6e4490a0f858f83dde42ff9902a5e353e139a41363d457fbb65e242a4362ac3a26dfb751e982106e5fe18b99509235d0b73542956dc18044f22033f162b933994846534668a0204f50f36aaea990ffa155c1e657fdba671e7f8463bab895c3f5135e6ecb4da9f24ed2b933285e48b7ad6b3ae87eecd097a65132cf5bee35ef4c7f5d66f06dcfab913386c58b9f2856014800a8dc71b1ef5cc1815ea4296140cf01380645a5f09bf060a4644d38715a6439e206b30d5b71d25061385425ab9dcd4112a7367769bda369ff54835d361acb8a31bd9f5778a46ee710fc5b13612bda15174725f1d1f5e3b269780373189243d1f962a2b16ec6060f662a5309172595ff972425bef2b200da9b405e6f277d593417739d95c2aa14e4c601401d869cae73fb755a7b018d6df06243522dfc00cc327f9c9803086bd666f5c5f50a90c5433efd81d9ebff7534578d63007586e93e5240878536c342ed6647d6e6cd0bb84bc0eb694ec02f2ed203f207ad3d533c8b2f450d1aa3fa2534d216d0c737920c78c03c27b655e64a6b85852702410c9b7570d4d91adc132d947eaf246a145bea9670414e6e4e016a24c11232ba49ba949a0a4386e660ac3688c94c7e13cab223f5b626cc13b1578cfb521eb9340da751b3fc59eddac8f0b43a893993ae7a93381a9160ea5a5f8f9d3f8364d4078918bde62dbd793635ef7fcbd50e4081960c6a4ad3ed4baadf044adfdabdd1b7a848242b36ed9ca03ca175bd9b1ad0826036f3bf9b03f51cfa3f1b051e2b6c9e105a89d654178311ee4b3d4779c29fd754ad8cbace0d049cbd1827285a5105cef0c5013f867c2448129c4e52befe74109f50245882e2e07fdd2e00203066e0d88bb15e998464fecc22172be531271c4b0fea8e626ae697f79cb36984165eb020596c63c4ad03d29478d52a3d8bb9768abc75a6e4bcc31b42bafd637e88e95dcdfb13fc3f5756984c28b61fe9a924cdea500db0a8f8790ed38f52fb0942fc74dc5c81608f309ea4b9e349fdde2e2179a76afcf3d011634a5aaa7482e8c04fc432d7d095801b393c5b0b4fec5fc1e208fe69cae7be1e33031f27d0e0df6f3a5b78f2f170a32cdaa1580551d69a411212f6624615653edd241409f944dfbcef9e2db97b027df158a34d959eae02161a877fff3c349fed9b3d74e2e32ff0b1f1c613efe7f05db430afb60b831f378e85a40ee6165a00d7aba2e23ac49c28eeff5ce3381ca9586ff67f76428743e5e632a6fe5f2860d295f9be7aceaf851b47747a4a480fb6c0e1077f9aff0789cf7adb53bbb01eb0a1c22fddbd93ed0982cbefb9ec10a6b4f82444495105fceacac55ecf2bd8b35ebc2ac1a4587c568822dcb0d20a3e8c98dfee0593b2ceb487ce1f12c3ab6f69fa20cc5755fa9f2eb483635524bbb4067264a5eb7d266ed7080198e4b9d98dc16605c269a88b5d7673ae71f39c52b9fe64f201a51963cc5e59a92bee4e252a16e726caf8ed52b0924c29b8fb461f9eb4fa12bf2bb8ec04be33ce194f9e18c1f19593dedbb202dd33de3267eb221098bc22615c67d2726462ae04fef1735d1f5a31c44bffda8fba5663f9f45f3c4d570a4290ed734bde83b0823743be82bc1a2bdb", 0x1000}, {&(0x7f0000003d80)="137ab65d8d621152d0b758e8feb4ea180aacc60cf7fedee64bcff7d4ca85cee5a43cb3272fe4207faa4480b15e371ee677ef59e240c8813f00583d34fe36da05c42680051c1b30a6375bdd374de221298ec770a73bb94af9fce2f5ccee03c685fc30653738", 0x65}, {&(0x7f0000003e00)="321d18d22da7249eeccdcfca6c403ddadfe0315aea2e28c12d3724d25591ebf5b1b4ec8a01be5c5ab5d0417c601dd23eddec5f69a65d6c1079a8b6c8679ba6a0caaba78ba517c56fb2d09bad707b4a32a2b01c92850b760986626087a7f41dde8275e95672b0cd1b37be51c9929f146fe98cdb7f7b40956087f94344421e3f5a69664e8ffe5d9eec58e0e191f1a40c06569f936c70806e118755d8c88f3e27e1ec3b371ca9cd9dffb2a9196460a37d98d2d0f38c87ec50278ded90f5fca9f0a4f93bb6e7327eb67e9bb0c0d35ebd6a", 0xcf}, {&(0x7f0000003f00)="5adbb236e2c0c8b2b4f60b2ec7dd233875e78d6e2c5a7b06aec4eb034dd7a496843d0ae2dcdfa45c77f5c2822dc54344f1ac8dcf0b4620fc38ef07b279808be33cc873efd6015c80bbd94d372ff6c6f086e5520e72721232340e9c1befba218a684b472c8001b33127ca9f3dcea5491c79f7499462ffc2475d3e9787ad694b3a14a1ab726f1b6952ff5031d3d16fed57", 0x90}], 0xa, &(0x7f0000004080)=[{0xe8, 0x117, 0x9, "b70f36505c341a75a79434c5770493b1c2a28a40727de6aec353579cee6e0c8e7f947d36b6c8568c3e08722ebaa99f5226f4538d7f2fac27fd8c130c97a88ec6faad2ccdb087a84f018fdcf797c78ea0a96a8d15ede453239af1503ffafb9a64021895e8ac7e7e910d560623cd531da612e59a9c6ca0aa2d9e4c63362e4eec4a9a3e64512ce9d340d432643b26fc551d8ffc7e82f1f4fae78c6a686ef4a06978943a19bc315cb5af83d42367d4273224c40b959aff91d54ef0b662fba1ce772f4f0324841b2d13369993385029cdc12616fec2b52e68"}, {0xe0, 0x110, 0x8, "873ee967fb0f1a5f30287f95dcc457e087630c4249cf105be9381d6b906eadb04f1eb1a1bd20ec232c54c790fa74358b8ba39a380fb98fd046e91195e34a43719e210b309ddf8e5f577a1cbf38940ed739271f234e7c37095cdab6e2a905dc42034387d899f53833895e14bb01b486103be4049f7e7da2e00e53596f97ab37782c84ea08568244db1cdd35925d3a5504ca51a893454a6ad771eee7f7c8d9597446a6510b1ddab132827715f375562fd885d25b0d1ec9e886e9ed96c5dfa49428ed8288066f421c88d41d"}, {0x60, 0x0, 0x8, "3be7da505f43a781253eedc0b41fe648d1e1519e00a5ac6d2a69ac9b68c5eab1f248888f3d4757235377a565bd9a3ccc970a47fa6a3f1a9be5b0af790f79eb773606553a5b681886485644e2"}, {0x78, 0x20e, 0xa0a, "74a0d60303b03092ff56606364abea2e5716f3efe1648fba43026db3b0d2b1f08d8d171955c500df50a7b4b8b346e5fe5a114dc8cb95bd97a05b5c2be7b67a74c999bad17e0390e96928c3c79dfada8b3e20723460d399f349744319d1732a5cf91ab6c55d"}, {0x70, 0x1, 0x80000001, "5c9cd6a9dfe31ca2a1672c80689a33d13aca01afbf9683ac9b031c2a86b29f0b95c719ea15c6e52d8d6d443d927a9876ebc365b679245c5a61b248477b4932cecab978e8a7666675d443e4ffa54fbc52e87b0ff0ea63dcdabc17b346d9cc16"}], 0x310}}, {{&(0x7f0000006f40)=@xdp={0x2c, 0x2, r8, 0x3c}, 0x80, &(0x7f0000006fc0), 0x0, &(0x7f0000007000)=[{0x100, 0x6, 0x7, "b315bdf054c1112f6517e1baaa441a6269393286d8fc1bb69bfb1a26e6623c149c88834b34b2b80f4201fcb96ad5db93a5338496c6c6a77daa30c3f073cdc673fd8b0dd35184602214570e8a511e8937a7273d6f357cd9c4e670c27d83eef8309e8294afb7ba95b7b7139824dc78193490ead78e5d2e4f2eb72ba5f75ad92c99ad926800565130ecf0381834da35e0834c724a58686221b4d282b6ea438c70de1ac6f1c539c6f381b1dd8ed7757004ad3c161cb601f62a9b3a2e28d3a22f0c63a66e67cfacca1ce4b5587a62774e68b953a573e9b10404d7d2cedf91a5402791b408c28276b5e74a828af1b7edb51aba"}], 0x100}}], 0x3, 0x4000000)
lseek(0xffffffffffffffff, 0x0, 0x0)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r9, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_tx_ring(r9, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x0, 0x3}, 0x1c)
openat$apparmor_thread_current(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r10 = open(&(0x7f00000003c0)='./bus\x00', 0xccf82b8c3d0385e2, 0x0)
ftruncate(r10, 0x200004)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r11, 0x40086602, &(0x7f0000000080))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1000, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffff, 0x5}, 0x0, 0x0, 0x0, 0x0, 0xe7}, 0x0, 0xffffffffffffffff, r11, 0x0)
r12 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_IP_IPSEC_POLICY(r10, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in=@initdev}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f0000000000)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(r12, 0x8933, &(0x7f0000000040)={'team0\x00', r13})
r14 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/udmabuf\x00', 0x2)
sendfile(r1, r14, 0x0, 0x80001d00c0d0)

19:58:23 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:23 executing program 0:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000200)=0xc)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r3)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000300)={{}, {0x1, 0x1}, [], {}, [{0x8, 0xa, r1}, {0x8, 0x5, 0xee01}, {0x8, 0x7, r3}], {0x10, 0x6}, {0x20, 0x7}}, 0x3c, 0x1)
chdir(&(0x7f00000002c0)='./bus\x00')
r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)

19:58:23 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:23 executing program 2:
socket$kcm(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r2 = fcntl$dupfd(r0, 0x0, r1)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x10b, &(0x7f0000000500)=[{&(0x7f0000000580)="b89cf3aaf925e4a51f84d015e79d1d3deb0844e41d519c20d274e39e148690846ed4e44ed3ff7f00009ebd07d41aa43ae71e49c857b534752fd0c464fb18298539372587efb42aacf9ce85f376493bdb4159f809649a1f82a6456a71eaec2e819e49b730", 0x64}, {&(0x7f00000000c0)="026f5710758575c9c8859921246a3bb1f39af76dc01c830134cf22d2b699964fde3590d516cea3ce7a5a8a8d41b7ffe6bfd6df84eaa9a615bafea373f824970682e345d03de9", 0x46}, {&(0x7f0000000140)="5c8218113c73506280eb4598cf0b2da42973b2c3f720c4d0b47728cbfb12ad2c7247ca022f24b58391cc50ca7638b5f1c3e7efc5f988d619af925403", 0x3c}, {&(0x7f0000000180)="d126e9e877a17014939f7dfd4375b09bd433786e9c6c778c2a7e917b4a1ad7db7594ef62ec321f8f7b5f35d3a627ec46154ec958a21daff94646562d61d363e312c9d03503df61c1c1a2f3d75c86688a8f27d55565929d207efb25a9", 0x5c}, {&(0x7f00000007c0)="1e3c2cc6fa4e986188938dacf7bb594b1f3ecd61394cbee0b00216aac943f2569973edecc7e44b0d15a500b3f3829daf7a6a70d14b19cda009dafa177f49caaa7827e8f2b0b63fa0645020177642744d8f9bc77848141578c4a8c7fce5c9d5eb3a98cd07f6c9be3e83b4101a9b", 0x6d}, {&(0x7f00000002c0)="cfef60910efeea65899ccba34207a9cdb55f4fb6c2784c67b6e17aaea4e1b8871e810d7b12d5c44e087b3002c43f0a04987917785acd809e8a74299468a91423857631039e303904342607acbcad551709a8e17b1688de2950298b5ed5b584d7b0060bf9e5be675bebb0689761dfa183aeb1e08b2a5333e019b862d7a2e33e8cf2b0f5efcadbc21762a02ab47f0ac3979b821085209314514ee5ecfd0a762b9eb594f58d0c5089b8cad432ed4648ea65527003e3ece50962a57dcd40998b0e280fa73594c061ab826093a5296f8899000000000000000820a2baae15e236c9122260ad9d18c375b51c30a0c7ad84", 0xee}, {&(0x7f0000000600)="2c72c10e474a9c3e4521a4175c2484fb889413766e1683571c911545b9ddb5b89775fab3336826177d36c31103242dceea2e72897811e3b695170a83ba2dfd5698dc9709548dc335c7511086aee9b1195277bbeb53f218a50d576e64a693bd34c1d3b31cb06cad5496a7f2f1557d6144aed2552dd97fffee20dd0287a0b09684dc7852c4e8ed8c106e4134e82c56da38a075c77bef4cbbb63267f42ca6de03e8c4d7dfd7427c322bf540a7b1c27f743370b688f3bc00", 0xb6}, {&(0x7f0000000740)="647d796f90037a2b28e4eff982a948453467c1ec70d6ac68bfcd3c8e03b85cecc4236efb5f710c227106cac3410d4422369900cb0f405b00931fa22f02a64121b6d4be563235305e8d7397665bd63dafbe4cbe68de0042f4f9d3fa5b062a4c415bcc6e5a4e7b1e6e7681db5bba2498fc1c4509c7578c302207", 0x79}], 0x8}, 0x0)

[  501.833670][T11271] kvm: emulating exchange as write
19:58:24 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000040)={0x2}, 0x4)
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfc]})
add_key$user(&(0x7f0000000080)='user\x00', 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = add_key(&(0x7f0000000140)='.dead\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000002c0)="7b00af7c966e4c8df4076345eba21d6f900262cf007ca69f92fe2c7fed99edf284f61c2f7f6f96f38c1a4c1990f63762af1dad4d3f1a98306d864dddb5695d1c290d95819f0d26cc7f48bf55846e261e2c4f1554c556b711a2448f9532ef91c727bd5d2295f27473ed953fb803e3e05cca3250969e810911b62919456d62511a8114f7589f03642d0a68e1022ac85227be8e607344d55e59de1b8f7e6bd548514017c8a09c3e37a5bfcac2a7bdfcc3e80dcab46fb45d7cea8563503a", 0xbc, 0xffffffffffffffff)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000000440)={{{@in=@multicast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{}, 0x0, @in=@dev}}, &(0x7f00000001c0)=0xe8)
fstat(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
keyctl$chown(0x4, r5, r7, r8)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_NMI(r4, 0xae9a)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000bfff0)={0x0}}, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

[  502.078934][T11287] overlayfs: './bus' not a directory
19:58:24 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:24 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  502.368591][    C0] net_ratelimit: 14 callbacks suppressed
[  502.368600][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  502.380128][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:24 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x240, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:24 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x8, 0xe, &(0x7f0000000280)=ANY=[@ANYBLOB="b7000000000000b9bfa30000000000000703000028feffff720af0fff8ffffff71a4f0ff00000000b7060000000000013d4003000000000056040000ff0f000071183049b9ad83006c140000000000006a0a00fe00000000850000002e000000b7000000000000009500000000000000269933b3ed696a18f5ecc621efb34c5460c22b07c8b2a03106613cd71d2fcad3d425ffd8f9830c020e008842ac5b1ef860de0260b967f6b38538e086b3702316c2b7b82c3533899ee1174917a8855771d5693fe6eebfe29e9f39f1afbaa48908848cff57cf8002389bb3bf13e9127253e6ef448a5f66d88b8ba211f64a6a507fadb577a401639484876d18ac1056506cb23c50db0d0aa0d54c161a5d2eb823493154f7d4b9e52bcec3d8d2bd9f7695648ed97ede1730c6ef67168af41bd121e1b5abf4f09c53da28601c803432181edaffd72b1a8907360a27f7350d99de2e0f146b20e516a7fd7ae1124fa18ecc0e113b4691bd619b3a4034c6e0ce6578cb293a72125fdd9dcaeca8fb248a33d97ac1f92fd9486a12bbf9c298ab324a57f174da080051a703d71215cf723874783a761bb1d886b8a3e2cc6b8dce922a19b3c7450b52631194627a7fa4e6234631bfe5628e33006e0000000000000000005963"], &(0x7f00000001c0)='\x00\xf1)\r*\xbbzL\x8e7\x9e\xaa\xb3y\xb9\xfa!\xad!\xb4\xd4\x94\xa0\x86\xcf\x12#\xb4\xd3n$\x85\x06k\xb2\xf9\xd5\"\xfe\x86 \b\x7f\xe8\x8a\xcf\x89\x9b\xbaR]\xf5{J\x84\x15\xf9)\xf3\xc8\xd5`\xe6\xe6\x9eI\x02\xce\x1fI\xa8w\xc3#\xba\xf5\xe9\xea>\xc7\xab2,\xa0\x84t\xce\x04Tf\xc5\xfe`\'\x9b\xe2MH%\x93\x028\xcb\x0f\xdb\x16\xe2l\x80\xe6\xcd\xceW\x01SS-o`X\xf6\xa4\xc1|\xbe\xc4\xf0\xac1zp\xc9\x89\xef.\xa4\x91\xb4\xf3('}, 0x48)

19:58:24 executing program 2:
openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000900)={0x41, 0x4, 0x4}, 0x36f)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x41}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x41}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000280)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r3, &(0x7f0000000200)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

[  502.768622][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  502.774622][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  502.928600][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  502.934472][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  503.328697][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  503.336469][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  503.568667][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  503.574515][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  507.488660][    C0] net_ratelimit: 16 callbacks suppressed
[  507.488668][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  507.500379][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  507.738656][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  507.744522][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  508.608657][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  508.614548][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:31 executing program 5:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
r1 = getpgid(0x0)
ptrace$setregset(0x4205, r1, 0x201, &(0x7f00000000c0)={&(0x7f0000000000)="0fd3d4a66ba6e537aaad0c432912347bac621b65433d3bfe7a98b66a544fc58400937334018faf7d7d411c4744eb956f765dafdc264fd5704c5fec6034ca43eb24b77c811c6a5740a9a736be002687da092b2938cdf70fd3b8245d8c505b20843915f0dd70cef331ff967caf20c5d9c895a32e496d29ecacf2544c1676eab84070fcfa6d62383086f5d066f264fd4e602e4fd69594eb4d209a793cc9", 0x9c})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000200)={0x10, 0x30, 0xfa00, {&(0x7f0000000100), 0x2, {0xa, 0x4e20, 0x81be, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x2c6}, r3}}, 0x38)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)

19:58:31 executing program 4:
clock_gettime(0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
setitimer(0x2, &(0x7f0000000180)={{r0, r1/1000+30000}, {0x77359400}}, &(0x7f00000001c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000100)={0x0, 0x4, 0x8, 0x3})
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0xd, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000068c02cfd8a6ff9923d3df309688cae115f13c76bb7ffc937fda85d14e34ccd98630922afd40374042406294e8e7f05e1ae72ca535fb2203e593abaf2b5a98f712d6d59d7dd80f44fbf892d9482e73564189112050fd9a4f509c747d9ca0b5bac0623d4fb51175fc5b2b529011598a8e402771d7186e2a9267de6601c8210c18e149841136eb036d2c09ec24b5f49ab8a00"/161], &(0x7f0000000900)='syzkaller\x00', 0x1, 0xf6, &(0x7f0000000000)=""/246, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
ioctl$TCSBRK(r3, 0x5409, 0x1)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$VIDIOC_S_PARM(r4, 0xc0cc5616, &(0x7f00000002c0)={0x5, @output={0x3800, 0x1, {0x180, 0x3}, 0x80, 0xc675}})

19:58:31 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:31 executing program 0:
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
mount(&(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='ext4\x00@\xc3l\x05W\r\xed\x18\x0fx\xcb\x06~m\x1e\a\x837\xf7\xc0U\xf8m\xdd}\x01+\xce\x1f%\x19\xd1\x1d\x00?\rM\x82\xa2\xa40\xfb\xf1\x88\xa9b\x1f\x05\x1bS\xef\xe7\x04\x00\x82\x98|\xb3\xab\x04I\xacfUh\x87\xb5\xees^\xa5\x84\x96\x94H|W{\x19\xabG[\x05A=\x83\xa7\x94u\x95\xac\x03\xf9\x94I\xe7\x14\xa8 \xc9_\rR\xc2\xe5\xd8\xe7{\xfb', 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080)=0x408120)
open(&(0x7f0000000000)='./file0\x00', 0x80000, 0x4957d29e3eac5bd4)
ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f0000000080)={0x1, "6786ecbf970899a61aa365e00cae24f9278f9a8d2b359e693d5eccf1a00e6ecf", 0x988f50c45585ce9b, 0x3, 0x6, 0x400000, 0x8})

19:58:31 executing program 2:
dup(0xffffffffffffffff)
r0 = getpid()
prlimit64(r0, 0x8, &(0x7f0000000080)={0x4000040000000009, 0x4}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x400000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x8}, 0x10)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000440)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x14}}, r2}}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
dup2(0xffffffffffffffff, 0xffffffffffffffff)

19:58:31 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:31 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f00000024c0)=@bpq0='bpq0\x00', 0x10)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  509.008648][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  509.014479][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:31 executing program 0:
r0 = perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000002dc0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x594, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xfffffffffefffffd, 0x13, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_dccp_int(0xffffffffffffffff, 0x21, 0x5, &(0x7f0000000080)=0x40, 0x4)
sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x1f4, 0x0, 0xfffffffffffffed7)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x126}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r4 = gettid()
ptrace$setopts(0x4206, r4, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r6 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x1)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000001c0)=0x4, 0x4)
timerfd_gettime(r6, &(0x7f0000000040))
ftruncate(r6, 0x7e)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000140)={0xa, &(0x7f0000000200)=[{0x0, 0x1, 0x4, 0x7}, {0x3, 0x0, 0x40, 0x8}, {0x9, 0x1, 0x3f, 0xfff}, {0x9, 0x4e, 0x2, 0x7}, {0x3, 0x2, 0xa5, 0x5}, {0x41e, 0x7e, 0x3, 0x8001}, {0x6, 0xfd, 0x3f}, {0x3, 0x2, 0x0, 0x7}, {0x0, 0x4, 0x1, 0x3}, {0x766f, 0x9, 0x8, 0x2}]})
sendfile(r5, r6, &(0x7f00000000c0), 0x0)
ioctl$TIOCGETD(0xffffffffffffffff, 0x5424, &(0x7f00000004c0))
tkill(r4, 0x1e)

19:58:31 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6000)
io_submit(0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000000)={0x0, 0x73, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000f905e700000000000000ba60f9002eceff200005050600de"], 0x1c}}, 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
mount(&(0x7f0000000080)=@sg0='/dev/sg0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='binfmt_misc\x00', 0x2, &(0x7f0000000140)='\x00')
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
accept4$llc(r1, 0x0, &(0x7f00000001c0), 0x100800)
io_setup(0x5, &(0x7f0000000180)=<r2=>0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x129202, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'teql0\x00', 0xd412})
io_submit(r2, 0x1, &(0x7f0000000140)=[&(0x7f00000003c0)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r3, &(0x7f0000000080), 0xfffffff9}])
io_destroy(r2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)
io_cancel(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x6, 0x100, r4, &(0x7f0000000200)="1811041b523405e015fd761cbf6c44222eb9bdc2322a6e2f77fcaea180806ae1b916efbd989b777026800d7ab0084869eee742642c0ca8986ca2b6f4b1815571df1fd8daa65caa3628aca011d135daf8c636892e739400a8a5cc8d16ab5c66389f79d2630700b0ec42f95814c04aeb834713ff8f4b4453cc95fd8dcd39311a86a60b527dbfef4b2d3bf5a9374ff09cf2df6c", 0x92, 0x0, 0x0, 0x2, r5}, &(0x7f0000000300))
connect$l2tp(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x83, 0x0, &(0x7f000034f000))

[  509.168621][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  509.174452][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:31 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x1f3, &(0x7f00000000c0)={&(0x7f0000001f00)=@newlink={0x3c, 0x10, 0x42b, 0x0, 0x25dfdbff, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0xc, 0x2, [@IFLA_BR_MCAST_QUERIER={0x8, 0x19, 0x8}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
r2 = openat$ipvs(0xffffffffffffff9c, 0xfffffffffffffffe, 0x2, 0x0)
write$FUSE_NOTIFY_POLL(r2, &(0x7f0000000000)={0x18, 0x1, 0x0, {0x100000000}}, 0x18)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

[  509.254023][T11359] netlink: 'syz-executor.4': attribute type 25 has an invalid length.
19:58:31 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
pipe2(0x0, 0x4000)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  509.506370][T11359] netlink: 'syz-executor.4': attribute type 25 has an invalid length.
19:58:31 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  512.768701][    C0] net_ratelimit: 14 callbacks suppressed
[  512.768709][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  512.780344][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  513.168685][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  513.174662][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  513.328739][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  513.334518][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  513.728722][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  513.734554][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  513.968692][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  513.974546][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  517.276618][T11382] input: syz1 as /devices/virtual/input/input5
[  517.437682][T11382] input: syz1 as /devices/virtual/input/input6
19:58:39 executing program 5:
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
socket$alg(0x26, 0x5, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x284, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000500)=0x1)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
uselib(&(0x7f0000000080)='./bus\x00')
io_setup(0x1ff, &(0x7f00000004c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x10000}])
semget(0x1, 0x0, 0x0)
semctl$GETPID(0x0, 0x3, 0xb, &(0x7f00000003c0)=""/176)
openat$ashmem(0xffffffffffffff9c, &(0x7f0000002800)='/dev/ashmem\x00', 0x0, 0x0)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f0000000140)={0x7}, 0x7)
fallocate(0xffffffffffffffff, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000240)='/dev/ashmem\x00', &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff)
lsetxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000340)=@known='trusted.overlay.impure\x00', &(0x7f0000000480)='vfat\x00', 0x5, 0x4)
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cuse\x00', 0x2, 0x0)
dup3(r3, r1, 0x40000)

19:58:39 executing program 4:
clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f00000002c0)=@raw={'raw\x00\x00\x00\x00\x00\x01\xc0\x00\x05\x00', 0x2, 0x3, 0x250, 0xc0, 0xc0, 0x0, 0xc0, 0x0, 0x1b8, 0x1b8, 0x1b8, 0x1b8, 0x1b8, 0x3, 0x0, {[{{@uncond=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00'}}, {{@ip={@rand_addr, @local, 0x0, 0x0, 'syzkaller1\x00', 'caif0\x00'}, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28, 'rpfilter\x00'}}]}, @common=@SET={0x60, 'SET\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2b0)
r3 = socket(0x10, 0x2, 0x0)
r4 = dup2(r0, 0xffffffffffffffff)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4)

19:58:39 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000540)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000002400070500"/20, @ANYRES32=r4, @ANYBLOB="00000000ffffffff0000000008000100736662002c0042002800010000000000000000000000000000000000affe00000000000000000000ff01000000000000"], 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r4, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@broadcast, @in=@remote}}, {{@in=@empty}, 0x0, @in=@multicast1}}, &(0x7f00000001c0)=0xe8)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/autofs\x00', 0x101001, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r6, 0xc0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=0x6, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x9, 0x5}, 0x0, 0x0, &(0x7f0000000340)={0x3, 0xf, 0x0, 0x40}, &(0x7f0000000380)=0x5877, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=0x100}}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000080))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=0x2, 0x0, <r8=>0x0, 0x0, &(0x7f0000000700)={0x3, 0x5}, 0x0, 0x0, &(0x7f0000000740)={0x1, 0x5, 0x0, 0x4}, &(0x7f0000000780)=0x23e8, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=0x81}}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000029000)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=@dellink={0xf0, 0x11, 0xc, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r4, 0x2200, 0x400}, [@IFLA_IFALIASn={0x4}, @IFLA_IFALIASn={0x4}, @IFLA_PROMISCUITY={0x8, 0x1e, 0xfffffffc}, @IFLA_XDP={0x88, 0x2b, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x8}, @IFLA_XDP_FD={0x7c, 0x1, {0xe, 0x0, &(0x7f0000000540), &(0x7f0000000580)='GPL\x00', 0x80000001, 0x49, &(0x7f00000005c0)=""/73, 0x41100, 0xe, [], 0x0, 0x18, r7, 0x8, &(0x7f0000000640)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0xb, 0x200007, 0x4}, 0x10, r8}}]}, @IFLA_PHYS_PORT_ID={0x4}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0x400}, @IFLA_LINK={0x8, 0x5, 0xef3}, @IFLA_PHYS_SWITCH_ID={0x14, 0x24, "b45ae9f6572ab733fd48d6b6b531ec"}, @IFLA_LINKMODE={0x8, 0x11, 0x2a}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x200}]}, 0xf0}}, 0x0)

19:58:39 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:39 executing program 2:
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
read$alg(0xffffffffffffffff, 0x0, 0x0)

19:58:39 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:39 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:39 executing program 2:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000002c0)="2780084b5153bdcf85abdc32e115571f8a80c78abef72f39a76a47c1a65f388bfff24dee9488adb23eb726997d9ab900c7443f901facc33f840340ee8003e5058b4a5d060e650460457ae93ee4d096dc7d33f1578d3f9aaf2d9030eb64bbc94ca7e31c2dbf3b491a7712679136480aa92292febee5cd5c246e09722fc02102c600e83db5bb39f8ea9758285acc4ef3c3f9a5688f556c2c9433514cab9221b0d4d882fbec2f3cb2acddf54937dba83bda0b50d9c910cde01a772a07ded4203401acd274723a91104a2a8eb9a22de29e48841e9287fb554a3dbf4631ec5ea1724759ccb19d2137499a62d34150e2a27e2978f980374b7dde3fc8441706380e05f79d1d43e9e1a55dea1d0f901a563e57bd2a3bdd1e1ac0c68558336af16be0cf70bb47bec3a24f07a50cd7d0b8414f8c1b41d08117d4d40a68f6d510564086a7a5ea3c70b0f4f8d6fe6ddd2e6db842564069a8002db898aca40a82b5b0e2c8722c9b0ef00475607cee59bbf4eb8606ba9e538d5779a3b64e7d0d78a820f62ba4bd8e9fce89575e18d8335f3d9349f825e5df4f5e1fb0a036e1ecdd10a990e0c2a7093342b46c63b5395772220919e6c5e2495441bc9d30f402a4f06b545a45c65fadc611b12ad36788d2dfed09d706cd4828d7f2e7e17a9b6a1d220272bc909c06ce452a0d44e45d35191fd4c049d02c5051ada1e6f7cc603d90a18e6477986c4bf8ccf96b567925bbaff70b89a7c9e9e3563e15324e4ff7d22d1ea8c8d62c7c678acab689c2bebbbace792ca1e57a7810408954c41c93aa4cb6304d4107a3680054eff9d8491d020f1f43ae718d6f46ca5f000cd3686d57b36b69285dbf851b7ec172f4518076673250e7b597c53ae8fdad6398aefca5992458a17d9a4abe92ba90a17beb0150688d34341225bbb02b6b02cd2fed351a9e9cdb734ebd962efeb1303c556d85b5007c5bd51cf57927bd40dafb8ad0f30612e3c9875e87c4e2326cc5668101f8e74a6c140c81a29d65eee8f2ab84f77f87f7d591440fad2adacccd31658dad21da6433c3457ccfc1af5396ac37d47f7a7079918765cb66e1faa404d24c9ad122a9783e32d9d86a0cb272789bd295093936939ce6b6d5dfa9dcca95b6cab050c35f9a2160e6c0d6aa757501851d51b1df0dfc7b00ff668b4257c1d2ddf12675fc662d0c20f88030e485cde1fad4274556285dca533749e6809366e4e8a3eaed79c65774c3fb837e9b164245ba9f900f1246fbc065bbd9217794aba3446c263bfd034aa6fc2959bee9d7dad48a12b850c00cb85e62458a52ac635515a7737e24e60c190b7a0ae106ffec6f675a30690e05325a0bff1085febdec53594fca00003170f46c9ebe72e48e7f8186f91ddf25b8476458e5bd2d78cd41237d88c034dc55985f2a35ced758a550bfab1d90853e4d58bc5011d3ee0daf84565dc9efeb40e22faad004aa6fe44da6dcee591409380217ab1d2e9e2e33afd312203ead83c0dca0be657bd3bfade57725f36da8b292ca5fc9b74463597d67477c4446af2b96963d43159ad5c0af5b6ea8127f7ed81e425da3beadae5cf7c851d0c6adf3407ebe7be30dc25fc0f0b06976bc22fdd5383d709885936cc45aab177dcd10702853cdcd01c939915cbe9befa5eb2c993043cea75001d64a6b606252d72fc484ea026ec21bd8a211b717c2f22eb516b447e6913dc08575a367a08c1b6a30d94f82e9856d64abf2b5a84b39a6e901bce779fca5cb944d0d1b58bda3203912277508e17520d4998cf8e3e829f9ac254bb8ae6af6f3343b9e838b6d86a301f0e773fd0af34ed417262dc868346dc5315954bfdf47f5137458623134c77f13a254db16021f4d83bf29b040cb989ebb05cbc3a40348d4764fa98b81ea87b2455659fa56d46d2f928dfdc1331b2cbbde287b1b2fa50610cfca7b663ba1a900737b5f1a50fac7ba9cd698861869aa3bc96c9843fc79b45217cac3973f69cd7bfe2d87d34e9997d892f96b54436ed0211902ea62210760c94902c9a01c9e155dc182dd530f2da9fcb470f9567a4fe62f33d103ebc9412acc8d6f0febf737aa28d6175900a2c0ade9b28380f92203b6ce6024d06a5e9430802dc966cbd61fdfe4492e6de2227700ef71907667da41947ef5c424e0c6c9ed2e7f37de164a8f4b7f0f5498c9dc947710feaf457f8a8b5af60b5b215181033d4e59d328ab2c865488c614fc5955f14f3b62b132cb47bfb348060cbf3300ce4a83a5697d56290e0cbc1c43c5009ffa9ba8feac1e81e3263a475d63e6de38a32c297fa360ebcee29f8319a717675b11d5b0e0d375ea4a884886eecc8f6952521272d8ca74c6b9c83cbc5b081a1b04d81a73b7939e834425e1f26e6cd63a6618f8618fd65cc4d1aab64c655fb215f8b845a3dfe4d78a4f770dbe6f4101b671518a4dba621e554e43a0b7f6e1c5446988bc0ed94fcfcfdca7a121e5f9152f39e031456e45ef4453ce1b339c7194f8bd2c62324a675bc38a710e84d076c89e26f11e50f048dae1c73c936cadb9480fe2348c08062148952e0d817a352509dfb06dd237957452ad1f16a6c527e5aba43b0670a1f94c88d0f7652c3e8983fc7556fabce4886fcd8a88ebe0ed5a2e82c81475ee1e1d3161603f5307b9e167fb746b96edd0e39d30aaef6aca3b3745d6e4e92cf20141a5d02954035065b472fcd746a307e8243936a71e12085b2942a7a56c719f9632017ab5915267f7c127ccbe1e4cac91c3611e1f6dccd72748c7662c0ed4478bee8c978fdffd659475e17ae1bbfec8146e5a4a132bf9788139cf5b51b0390b262452e937bff87e6a238e25c1be1edad3d89ce70e39a922a04f6dcc63c9d1b8c33ed99932b323ef343687d3b6001ef6ac3414077762a0cecf06aecad7cbd0edd3c0ea9f5531ad6cc73eb1a512500d001978160d40cdd93658918f26aca05d5785bb166d74b1d5e507e9f74f09386b879e6b60185fefd649766df7651fec56ea2d74ffd6a7cc1c6ad6b27f0e489202a46e56fb47acef8bd2160d7a31d809e2a6ec7f291dba354960d597599758e7267b4bd56a51fcb0a88b177ab0cb51c995df699a56047e67d25a0f68e976a873b6f544ffaf58a4c39d0e843b87286bb9baf5ab3de1e20245a713358a2fa69fd03bfdc72e4f7865727f807e3c8d48d6f390afa9e7e345959c7480664ec839ada4c3abe4f19918a2fffbb4da733ea9299ad9919267761f2c331a9b910c25a8337bc23347999b9e6bdd69705594e89ccc6f45c2d5900c9e57ef6f5e3e1008643c28561ea736de40ed98d26562a803f50f9b0c1bd96947e5e9e76efa1b51a6be5f8cd1a3c5caaa5bc043cc0981797ef00d369b9ed206c623a2d1fe5b1aed35958c110ba6da764fe09ee46089178ffa8ef07d1f0bab909e9175b97105083c175ae246db1a3c60d2d73cd1dc0e87ba42fdd25f58c874985e3b4862dde7159a7725214c857a68d967e18d6947bfb53deab28b1e62d51276601098f7ca56f0eb37fb9401a78ad8496d8bd16d0fe34b7b61138fcbc23c3f6cff79cc69c3e435f038658f79fb79d3e31e8b63a7a5cfa9a9f66ea51f4459dee66c4ea9f567f3760240fdc876476a55f386958df80b41e4587352b707c34d21d4312a7e6843fde5370eca58ca385a312fdb1fca5067f1970e6c591575347d42fa1f15ffe6173d88f0cec4b42e75e0f47650551e920a0f4a891e0987304495e19f64dd0fe432013f084c35f12b2c47d2e70d3e8542a0ce62c8b70c605cfedf66c515a5124c5127c7c9350ddefe7d3983c19ddf5f4fefca969762c3fa409d60d553cd468812b6e4f87f094c353ee7f634d5b0bd2b1fac54540cff96127736b3ee67b00fadaad31e71344b33458dc2d12b0ebd0d0023cae1646b1d0f0477a89409026628c11bcee47ba412b9fbb6460e11a9befc2a75f4da5fe5bc8a2e255864132ae89cf23602b437931f9ee25b1489588d3e10114704eb2efd2aabb6826bf2a836d688db350c40cb13fe1222f2058a7c714c979dfde9c1397380e5bee879e241147570bb3ed0ce3f604719fed820186edb12c215fa9bf2b1c79af85f8dbf08476b967c89392e9b1b6f31518549648c2f7c3dcfba7855889528a518a537ee01d8df86642df5a0dede6a2cf334b77aa6154505033ee4b1b4d0cabf45a8ea1957a2cba786c6cd4a0b1c3c56c150cce3622b80ae8e8a541c385d776f1782d1dcbafcfaf8538e297bc64189a18ca81e1d11293e484ef40e33ebad6cc23cb064986e62caa033c67128d21d7cc5ff55e091e5f5dbd9a3f99e2a569fbea1e519537ebba66fe5075e075c0a74d60bddd7b39fc03d7b0b75053af6b7f12246abbc453127ffb99ed607dc9df5d765f9bead5d0c443c16c1a8f6eb1857bc2d278edee42f44f77beb180060e21eb272d80f5fb9624dc55f9fd817600e7a7735cfec394331fefedb29bcb77dee11f4f1c4636fa6f715fbcd012375947a12f48ec2e8584897856060a7bb38fd763ac0a4f3fde3dd911f31b3fe50b595e738ed4bc442686934bca0345a04ea55213aa49f8e73731ecb0ecdf321c519d1dd94943a46def29561c401905ebd73bc555b41aaad6043ae18afa10a397e952ef7de8ff99602e8a6fd84d63fe35a9a4535fab4e379a13a2e9d1c2fffa9ff83b63cbf6a7f3fc03ff2416738c32261b5b08222d5a80bd724014ab290572d10270a5bb016746d1d550d668e28ed8ab91fd95868ec3d568b387e175d35bdc69efad2bd0260f475fd3656f11646a23e83c3c4d094fccfe6224424f240eeb677158ef53b41046ffd0634b81e7577adfc920e1a14460d97d4b2484dcc8a8c3deb3b03bc691c0f1f9c7ae5db999f4bd256dc5881d44626f2a1e4db5dd313f7adf745b922bfafad4089b1e65dbfd334a623b98f856426983465c31a8981a398b3f670ff8548d2013f97ee0033261279636faaff476df804c68ccb27562191403f601836c845ea83e7c2529731b0f08f276f6773360dd648bbeccbb9624c12c9dc43213f4bfa06c47328228c54853fe7d78670cccdc158fbc041908d22556de7e751acb5d2e9df9a44bf8da901bb47ad89aabb39a3d09d3ab800153c731f8fcd703c7fc753c406d4af7906efd1ec7927d5f18d0f22a4da7e26f4cadec73be6f220453821ed1a6f539eb40076c2e098b0d3bdd61deaffaf180f4dd4b9d4785cf0832201cc05d10668534390f77974cc432a14f318a1b1408208de4ad8f21fd5b50d7a4dc771d991734e807fc80aa2ca8fe2c6f8a69b417222864fe86b49ab8433d47f3b1a9dffdb5c68209e064c88807ec270aeeded973cc4c5a20694f74822e07a87e53e7a5a6187c6afe514bfdc82f1e8fb9816ac03058f77e5a62f2850e1a48d7724fc5b6efa210dfe5534ee1fed4724e12d7761859ea553e69b4057625333089d9f41aa615693429e3425efe756fd45a5c5690b2d2b8a47a5033cc1b15c51e70740ea30815f96d0bbe8bb39f7f6cfb0cbd6c5fd4d79e94e50b4348ded1c79d1d474434ce10e5abee633bd1f2e74a91481fbe9a310f0175e76d901c07571f0dde3e5e0799a1623852da2e22062a14a7b3c42da246dbe44bfdf7b0f0fd7aa890ac80ec5d6a31235f70614a0ca096677f4903e119705d6605a70c5a4ba4b908007f854ede1dd45e21f8c84a089be22322f668e562fe30d73311a69ebd2d614bd69fe736a570aa75b604088e12d9793f43757df6613c0805428aa8a43e7d2d430e92db4bbd65cb1461829cc04eefb8588c84707a96181072e86d018deb691b7a13e94e0b3bf3486de3d41", 0x1000)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)

[  517.580272][T11393] x_tables: ip_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
19:58:39 executing program 4:
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r0, 0x4, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000180)={0x5, 0x70, 0xea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x7, 0x0, 0x2, 0x0, 0x200000}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
tee(r2, r4, 0x91, 0x6)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x7132})
ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)=0x1)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r8, &(0x7f0000000000)=ANY=[], 0x32600)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r11 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r12=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r12)
r13 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r14=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r14)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000cab000)=0x9)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
getsockopt$sock_cred(r16, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r17=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r17, 0x0)
r18 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r18, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r19=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r19)
write$cgroup_subtree(r8, &(0x7f0000000440)=ANY=[@ANYRESOCT=r10, @ANYRES32, @ANYRESOCT=0x0, @ANYPTR=&(0x7f0000000680)=ANY=[@ANYRESDEC=r12, @ANYBLOB="bfc385d3e54af9641793c77d92633904606294276d676654078de123ee5162fcd736cce25c754d23d2f9d66b9af08929894273998a60db8b027056781bf821fffd1ff38773ad4a9870250c90cf2c11341a2eff925bca0154a2f39a17a5785dcac126f43fa619cc575f0c2aa8efa973fbf52825e6d65b11ae70495be3cbda8d6dedbb502c6283ddeca94968296e6171c5d23590531e49274cbc5ad5e6c995fc5bbe2bcd8955952aa69b5e5971a67dbaa5d41f06e24c2dda4e37384f", @ANYBLOB="1b6ed320a7e382ae23fe049ada930c36a9ba1728b2178069d26b5923af9e2c64b76ac2b1481d86cae4633b29d9e26190027f824a198c1b33be7aeff78077087488e98a1b249d90d7599cd5339bc51817f40941db01f2a113bc42b5a9ac1e4a56f56f7f09405ce19afc43a9455cf0b77fa2c6c92f0c59a7b85851bf8bf69b30d16023399d9f6e96ddb416bc8c96cf66ee1c492ee4e14ba3f1e1f9abe9b99e481c1b0662ef706fdc92dd960838a972344a2632e71f7d3c65729b6972e23fa5ad99f0023db9d442c1e9520e3b8cb33dc214d347b9fa941aa430a16aef4b", @ANYRES16=r14, @ANYRESHEX=r9, @ANYPTR64=&(0x7f0000000280)=ANY=[@ANYRESOCT, @ANYRESHEX=r5, @ANYRESOCT=r15, @ANYPTR64, @ANYRESOCT=r3, @ANYRESOCT=r17], @ANYPTR64, @ANYRES64=r19]], 0xfffffdfb)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r6, 0xc0305615, &(0x7f00000000c0)={0x0, {0x906, 0x6}})
close(r1)

19:58:39 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:39 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:40 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000240)=ANY=[@ANYBLOB="020300090c000000ffffffffffffffff02001300020000000000000000000000030006000000000002004e20e0000001000000000000002402000100f8beffff0000000200010000030005000000000002004e20e00000010000000000000000e8ee2a20c81e5bcd20f26da342882e4189da06b5ddfbba41e0e7a605cae91e7d8c9c211c7ddba5ded1f6ecb3d3654daff905f6cb9be0b6b530ce576d07b940a5b7d67140393890b8fc08803e4b5fc2a44da4fa31288a64e950a95978cf0fa0f4515e45acf64c63e23822a493d878dac5c8fa2f78ded4414b622a5446fe934559b7a9635df6c786cbd0a2705cf98318da11f787bc3c290caa2c3f22be876f8838ea59e3a87f10159efd4bfb825f8c412ffafdb4f4a6a685b020a9e96fc4681140744c55712ce2063af46c6f9dfe41944e2a0c248b43d5c4720c1d78e8"], 0x60}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$TUNSETCARRIER(r1, 0x400454e2, &(0x7f0000000040)=0x1)
sendmsg$key(r0, &(0x7f000033efc8)={0x0, 0xffffff7f, &(0x7f0000aa8000)={&(0x7f0000000000)=ANY=[@ANYBLOB="0209000002006deaf3837e6bfe1b5fa8501f3cb6c3dfa45f4bba010000005b8279112065b9830cc25b983335312000"/61], 0x10}}, 0x0)

[  517.888637][    C0] net_ratelimit: 16 callbacks suppressed
[  517.888646][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  517.901317][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  518.128619][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  518.134556][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  519.008680][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  519.014606][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  519.408720][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  519.414595][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  519.568687][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  519.574646][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  523.168684][    C0] net_ratelimit: 14 callbacks suppressed
[  523.174414][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  523.180236][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  523.568688][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  523.574467][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  523.738648][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  523.744989][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  524.128624][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  524.134415][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  524.368638][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  524.374690][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:49 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f000000ac80), 0x66, 0x0)

19:58:49 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:49 executing program 0:
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = getpid()
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
bind$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x3f, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xa5, 0xfffffffffffffe00}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x72)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x80, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x6011})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f00000006c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6\xf23F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0_\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\xa9\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&k\x80K\xd1>\xa6\xff(\xb1\x01\xe7\xa5\xce-A\xb0\xec\x190r-q\x83\xb3mN\x91\'\xc5\xf8\xfe\x18\x16\xb7R6\xa9R\xf4H\xa7\x84\x98\xfc\xf9\xa6\xd6\x8d\xa7\xd5_\xc0\x93\xde\x1f`\xff\xcf\xe1)N\x85&\x8b\x06I\xa2\x13\x02\x00\x00\x00\x00\x00\x00\x00[\xae5\x82}\xb7h!\xd9\xce\xe9\x06\b\rs^\x8d\x14\xc1\x97m@6\x1d\xfc\x92@-\xb6\xe5N\x84\xbc\xc0\x1f\xfbI\'M\xdd\xc6*\x06&\f\b\xa6\x92)D}\x87\x80\xea\xb9l\x80H\xea\x82o6\xfa)\x15\xdc@\xf4\x86\xd6_\xf9+/Q\xd5\x8a;\x8b\xe1\x1d\xd0\xec\x8ek\xdb\xa8\xf3Ir\xdb1`B&\xe8A\xd1\xea\xb4$5%aL\xc1\xbd\x91\xc3\x90\x06i <1\xaa\"\xd5\xbb\xe9\xc7SX\xbfm{>\xd4\xc3(E[\xb0J13\xbbG\x8a\xb4\x8aMs\x9f\xcf\xb8g\xab\x12\x8cj\x95}\xb1\bc\xc4u\xf4\xe2\x88\xfa\xde\xec\xdf\xb9\x98\x84\x028\xd9_n\x9f\x86\x88\xe6\x15b\x01]\x01a\xe7\xb9\xb0\xbdk\xaa\xa1\xc1')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000080))
write$P9_RLOPEN(r4, &(0x7f0000000040)={0x18, 0xd, 0x1, {{0xa, 0x3, 0x3}}}, 0x18)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x143042, 0x0)
ftruncate(r5, 0x200004)
sendfile(r2, r5, 0x0, 0x80001d00c0d0)

19:58:49 executing program 4:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xd}, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000100)="12347f895629408c971d752b3e8ad0188a46883bafdcefa74472f46941865cc548296c421d7777fd725a83222c756b60d3780fc09004b180a4c128c74105ebecaed6012e767f9227ccac288869da7f824324cd8dce0d381929fffb66279244d3016f838e1c3d8123472116fcd57478475bb6e85224e3129a55241e67303f26e0eb269853a6898caaf5413443a1678cc6da9b92420b2706e6f12c24d675a7bf4921517402a27055d2d2b4fd84626a2a95128b42daf30b2b34b1b3d41e3417e17372c24e8ea86ff3ffb2cec43ae6088f70e01a91cf1c50fbd663977e2eb270a1aab7c9cc13a94d4d62d1782c11287b573eb89a02b9148934b0f9fb37fb727c47f3")
r1 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$vcsu(&(0x7f0000000000)='/dev/vcsu#\x00', 0xfff, 0x400)
setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000040), 0x2)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsu\x00', 0x90800, 0x0)
ioctl$FBIOGET_CON2FBMAP(r3, 0x460f, &(0x7f0000000200)={0x1a, 0x1})
r4 = accept4$tipc(r3, 0x0, &(0x7f0000000300), 0x800)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r4, 0x10f, 0x83, &(0x7f0000000340), &(0x7f0000000380)=0x4)
r5 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x2, 0x81)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0xc)
mmap$xdp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13, 0x4000010, r3, 0x100000000)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)

19:58:49 executing program 2:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000002c0)="2780084b5153bdcf85abdc32e115571f8a80c78abef72f39a76a47c1a65f388bfff24dee9488adb23eb726997d9ab900c7443f901facc33f840340ee8003e5058b4a5d060e650460457ae93ee4d096dc7d33f1578d3f9aaf2d9030eb64bbc94ca7e31c2dbf3b491a7712679136480aa92292febee5cd5c246e09722fc02102c600e83db5bb39f8ea9758285acc4ef3c3f9a5688f556c2c9433514cab9221b0d4d882fbec2f3cb2acddf54937dba83bda0b50d9c910cde01a772a07ded4203401acd274723a91104a2a8eb9a22de29e48841e9287fb554a3dbf4631ec5ea1724759ccb19d2137499a62d34150e2a27e2978f980374b7dde3fc8441706380e05f79d1d43e9e1a55dea1d0f901a563e57bd2a3bdd1e1ac0c68558336af16be0cf70bb47bec3a24f07a50cd7d0b8414f8c1b41d08117d4d40a68f6d510564086a7a5ea3c70b0f4f8d6fe6ddd2e6db842564069a8002db898aca40a82b5b0e2c8722c9b0ef00475607cee59bbf4eb8606ba9e538d5779a3b64e7d0d78a820f62ba4bd8e9fce89575e18d8335f3d9349f825e5df4f5e1fb0a036e1ecdd10a990e0c2a7093342b46c63b5395772220919e6c5e2495441bc9d30f402a4f06b545a45c65fadc611b12ad36788d2dfed09d706cd4828d7f2e7e17a9b6a1d220272bc909c06ce452a0d44e45d35191fd4c049d02c5051ada1e6f7cc603d90a18e6477986c4bf8ccf96b567925bbaff70b89a7c9e9e3563e15324e4ff7d22d1ea8c8d62c7c678acab689c2bebbbace792ca1e57a7810408954c41c93aa4cb6304d4107a3680054eff9d8491d020f1f43ae718d6f46ca5f000cd3686d57b36b69285dbf851b7ec172f4518076673250e7b597c53ae8fdad6398aefca5992458a17d9a4abe92ba90a17beb0150688d34341225bbb02b6b02cd2fed351a9e9cdb734ebd962efeb1303c556d85b5007c5bd51cf57927bd40dafb8ad0f30612e3c9875e87c4e2326cc5668101f8e74a6c140c81a29d65eee8f2ab84f77f87f7d591440fad2adacccd31658dad21da6433c3457ccfc1af5396ac37d47f7a7079918765cb66e1faa404d24c9ad122a9783e32d9d86a0cb272789bd295093936939ce6b6d5dfa9dcca95b6cab050c35f9a2160e6c0d6aa757501851d51b1df0dfc7b00ff668b4257c1d2ddf12675fc662d0c20f88030e485cde1fad4274556285dca533749e6809366e4e8a3eaed79c65774c3fb837e9b164245ba9f900f1246fbc065bbd9217794aba3446c263bfd034aa6fc2959bee9d7dad48a12b850c00cb85e62458a52ac635515a7737e24e60c190b7a0ae106ffec6f675a30690e05325a0bff1085febdec53594fca00003170f46c9ebe72e48e7f8186f91ddf25b8476458e5bd2d78cd41237d88c034dc55985f2a35ced758a550bfab1d90853e4d58bc5011d3ee0daf84565dc9efeb40e22faad004aa6fe44da6dcee591409380217ab1d2e9e2e33afd312203ead83c0dca0be657bd3bfade57725f36da8b292ca5fc9b74463597d67477c4446af2b96963d43159ad5c0af5b6ea8127f7ed81e425da3beadae5cf7c851d0c6adf3407ebe7be30dc25fc0f0b06976bc22fdd5383d709885936cc45aab177dcd10702853cdcd01c939915cbe9befa5eb2c993043cea75001d64a6b606252d72fc484ea026ec21bd8a211b717c2f22eb516b447e6913dc08575a367a08c1b6a30d94f82e9856d64abf2b5a84b39a6e901bce779fca5cb944d0d1b58bda3203912277508e17520d4998cf8e3e829f9ac254bb8ae6af6f3343b9e838b6d86a301f0e773fd0af34ed417262dc868346dc5315954bfdf47f5137458623134c77f13a254db16021f4d83bf29b040cb989ebb05cbc3a40348d4764fa98b81ea87b2455659fa56d46d2f928dfdc1331b2cbbde287b1b2fa50610cfca7b663ba1a900737b5f1a50fac7ba9cd698861869aa3bc96c9843fc79b45217cac3973f69cd7bfe2d87d34e9997d892f96b54436ed0211902ea62210760c94902c9a01c9e155dc182dd530f2da9fcb470f9567a4fe62f33d103ebc9412acc8d6f0febf737aa28d6175900a2c0ade9b28380f92203b6ce6024d06a5e9430802dc966cbd61fdfe4492e6de2227700ef71907667da41947ef5c424e0c6c9ed2e7f37de164a8f4b7f0f5498c9dc947710feaf457f8a8b5af60b5b215181033d4e59d328ab2c865488c614fc5955f14f3b62b132cb47bfb348060cbf3300ce4a83a5697d56290e0cbc1c43c5009ffa9ba8feac1e81e3263a475d63e6de38a32c297fa360ebcee29f8319a717675b11d5b0e0d375ea4a884886eecc8f6952521272d8ca74c6b9c83cbc5b081a1b04d81a73b7939e834425e1f26e6cd63a6618f8618fd65cc4d1aab64c655fb215f8b845a3dfe4d78a4f770dbe6f4101b671518a4dba621e554e43a0b7f6e1c5446988bc0ed94fcfcfdca7a121e5f9152f39e031456e45ef4453ce1b339c7194f8bd2c62324a675bc38a710e84d076c89e26f11e50f048dae1c73c936cadb9480fe2348c08062148952e0d817a352509dfb06dd237957452ad1f16a6c527e5aba43b0670a1f94c88d0f7652c3e8983fc7556fabce4886fcd8a88ebe0ed5a2e82c81475ee1e1d3161603f5307b9e167fb746b96edd0e39d30aaef6aca3b3745d6e4e92cf20141a5d02954035065b472fcd746a307e8243936a71e12085b2942a7a56c719f9632017ab5915267f7c127ccbe1e4cac91c3611e1f6dccd72748c7662c0ed4478bee8c978fdffd659475e17ae1bbfec8146e5a4a132bf9788139cf5b51b0390b262452e937bff87e6a238e25c1be1edad3d89ce70e39a922a04f6dcc63c9d1b8c33ed99932b323ef343687d3b6001ef6ac3414077762a0cecf06aecad7cbd0edd3c0ea9f5531ad6cc73eb1a512500d001978160d40cdd93658918f26aca05d5785bb166d74b1d5e507e9f74f09386b879e6b60185fefd649766df7651fec56ea2d74ffd6a7cc1c6ad6b27f0e489202a46e56fb47acef8bd2160d7a31d809e2a6ec7f291dba354960d597599758e7267b4bd56a51fcb0a88b177ab0cb51c995df699a56047e67d25a0f68e976a873b6f544ffaf58a4c39d0e843b87286bb9baf5ab3de1e20245a713358a2fa69fd03bfdc72e4f7865727f807e3c8d48d6f390afa9e7e345959c7480664ec839ada4c3abe4f19918a2fffbb4da733ea9299ad9919267761f2c331a9b910c25a8337bc23347999b9e6bdd69705594e89ccc6f45c2d5900c9e57ef6f5e3e1008643c28561ea736de40ed98d26562a803f50f9b0c1bd96947e5e9e76efa1b51a6be5f8cd1a3c5caaa5bc043cc0981797ef00d369b9ed206c623a2d1fe5b1aed35958c110ba6da764fe09ee46089178ffa8ef07d1f0bab909e9175b97105083c175ae246db1a3c60d2d73cd1dc0e87ba42fdd25f58c874985e3b4862dde7159a7725214c857a68d967e18d6947bfb53deab28b1e62d51276601098f7ca56f0eb37fb9401a78ad8496d8bd16d0fe34b7b61138fcbc23c3f6cff79cc69c3e435f038658f79fb79d3e31e8b63a7a5cfa9a9f66ea51f4459dee66c4ea9f567f3760240fdc876476a55f386958df80b41e4587352b707c34d21d4312a7e6843fde5370eca58ca385a312fdb1fca5067f1970e6c591575347d42fa1f15ffe6173d88f0cec4b42e75e0f47650551e920a0f4a891e0987304495e19f64dd0fe432013f084c35f12b2c47d2e70d3e8542a0ce62c8b70c605cfedf66c515a5124c5127c7c9350ddefe7d3983c19ddf5f4fefca969762c3fa409d60d553cd468812b6e4f87f094c353ee7f634d5b0bd2b1fac54540cff96127736b3ee67b00fadaad31e71344b33458dc2d12b0ebd0d0023cae1646b1d0f0477a89409026628c11bcee47ba412b9fbb6460e11a9befc2a75f4da5fe5bc8a2e255864132ae89cf23602b437931f9ee25b1489588d3e10114704eb2efd2aabb6826bf2a836d688db350c40cb13fe1222f2058a7c714c979dfde9c1397380e5bee879e241147570bb3ed0ce3f604719fed820186edb12c215fa9bf2b1c79af85f8dbf08476b967c89392e9b1b6f31518549648c2f7c3dcfba7855889528a518a537ee01d8df86642df5a0dede6a2cf334b77aa6154505033ee4b1b4d0cabf45a8ea1957a2cba786c6cd4a0b1c3c56c150cce3622b80ae8e8a541c385d776f1782d1dcbafcfaf8538e297bc64189a18ca81e1d11293e484ef40e33ebad6cc23cb064986e62caa033c67128d21d7cc5ff55e091e5f5dbd9a3f99e2a569fbea1e519537ebba66fe5075e075c0a74d60bddd7b39fc03d7b0b75053af6b7f12246abbc453127ffb99ed607dc9df5d765f9bead5d0c443c16c1a8f6eb1857bc2d278edee42f44f77beb180060e21eb272d80f5fb9624dc55f9fd817600e7a7735cfec394331fefedb29bcb77dee11f4f1c4636fa6f715fbcd012375947a12f48ec2e8584897856060a7bb38fd763ac0a4f3fde3dd911f31b3fe50b595e738ed4bc442686934bca0345a04ea55213aa49f8e73731ecb0ecdf321c519d1dd94943a46def29561c401905ebd73bc555b41aaad6043ae18afa10a397e952ef7de8ff99602e8a6fd84d63fe35a9a4535fab4e379a13a2e9d1c2fffa9ff83b63cbf6a7f3fc03ff2416738c32261b5b08222d5a80bd724014ab290572d10270a5bb016746d1d550d668e28ed8ab91fd95868ec3d568b387e175d35bdc69efad2bd0260f475fd3656f11646a23e83c3c4d094fccfe6224424f240eeb677158ef53b41046ffd0634b81e7577adfc920e1a14460d97d4b2484dcc8a8c3deb3b03bc691c0f1f9c7ae5db999f4bd256dc5881d44626f2a1e4db5dd313f7adf745b922bfafad4089b1e65dbfd334a623b98f856426983465c31a8981a398b3f670ff8548d2013f97ee0033261279636faaff476df804c68ccb27562191403f601836c845ea83e7c2529731b0f08f276f6773360dd648bbeccbb9624c12c9dc43213f4bfa06c47328228c54853fe7d78670cccdc158fbc041908d22556de7e751acb5d2e9df9a44bf8da901bb47ad89aabb39a3d09d3ab800153c731f8fcd703c7fc753c406d4af7906efd1ec7927d5f18d0f22a4da7e26f4cadec73be6f220453821ed1a6f539eb40076c2e098b0d3bdd61deaffaf180f4dd4b9d4785cf0832201cc05d10668534390f77974cc432a14f318a1b1408208de4ad8f21fd5b50d7a4dc771d991734e807fc80aa2ca8fe2c6f8a69b417222864fe86b49ab8433d47f3b1a9dffdb5c68209e064c88807ec270aeeded973cc4c5a20694f74822e07a87e53e7a5a6187c6afe514bfdc82f1e8fb9816ac03058f77e5a62f2850e1a48d7724fc5b6efa210dfe5534ee1fed4724e12d7761859ea553e69b4057625333089d9f41aa615693429e3425efe756fd45a5c5690b2d2b8a47a5033cc1b15c51e70740ea30815f96d0bbe8bb39f7f6cfb0cbd6c5fd4d79e94e50b4348ded1c79d1d474434ce10e5abee633bd1f2e74a91481fbe9a310f0175e76d901c07571f0dde3e5e0799a1623852da2e22062a14a7b3c42da246dbe44bfdf7b0f0fd7aa890ac80ec5d6a31235f70614a0ca096677f4903e119705d6605a70c5a4ba4b908007f854ede1dd45e21f8c84a089be22322f668e562fe30d73311a69ebd2d614bd69fe736a570aa75b604088e12d9793f43757df6613c0805428aa8a43e7d2d430e92db4bbd65cb1461829cc04eefb8588c84707a96181072e86d018deb691b7a13e94e0b3bf3486de3d41", 0x1000)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)

19:58:49 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x10)
syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x1, 0x2)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000180)={<r2=>0x0}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000200)={r2, 0x401}, &(0x7f0000000240)=0x8)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f00000002c0)=0x104)
sendfile(r3, r4, 0x0, 0xa07)
r5 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0x2, 0x2000)
r6 = fcntl$dupfd(r5, 0x80c, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000340)=0x1)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000280)={'\x7f\x000\x00\x04\x00\x00\x04\x00\x02\x00', 0x20})
ioctl$UI_SET_RELBIT(r6, 0x40045566, 0x2)
r8 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r8, 0x4, 0xffffffffffffffff, 0x8)
sched_getparam(r8, &(0x7f0000000140))
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/loop-control\x00', 0x1, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x32600)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r10, 0x40086602, &(0x7f0000000080))
ioctl$TUNSETLINK(r10, 0x400454ce, 0x0)
close(r7)

[  527.094742][T11446] device nr0
 entered promiscuous mode
19:58:49 executing program 4:
r0 = fanotify_init(0x0, 0x0)
r1 = epoll_create1(0x0)
r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
fanotify_mark(r0, 0x65, 0x1, r2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r7 = dup3(r5, r6, 0x80000)
write$9p(r7, &(0x7f0000000140)="f35cddf617a894b4fa278eb9da28326f1a49c255f1ee27081e387e33154081ac9b55ed3d9c1dcf8496c54cfe889b6b191fc9ca250954875d52102e19aec31e47c6974b6cd1ae9c36df9b6e0e02006ac51a3f1096569d1b6e8cd394fe467709bebc4430ff77fbc334bf8d1630c465d6e5f2ae49ddf2170b872fbe643822faf2bcd88ca4ff3a05e196d5c650ed47506ed0b153289d53ad348792345c3a5adf5a1b7bf558612edb52c6ef61caf9ad5a699b0c202d1dce1f3d9a72f1d321cb2759a8395a8a5fdcebbdec1fac3f65c55879af7b472dcdc473aba50753fd278b182e2afedbead4aba1920dc8ffa389de91ad39007df3652f870a0b5aa559185fbcf0523735ee7dbed41c40bad32e6bad1225998a08691d56f04a14979e02b5df9b6ff0aeb2f32f0ac76f0a14f59b7a62dadf586acebdcab69c35d669a99ef3be6546cdb7d4697898c07bfda98e751facb6b4b8c1a49664e9aafe6a27a6b08eae2028a98e2446c2cc3c7d5b38c1167087eaaae5493c2b1f7638cc02208aacde9df64d450e484216be2f442f7a74f8caadeed9fc0f7792ee333a296619f081d9a76b678b2021438f6b82b89d11c52be6dfb6cea2387a3142d61960deef3fb25997a01a80fb19315c44dbf51f1225ad60f25d6e4c2cae9f128710b3eb5af662745ee8fc993c9bb2066a31fb570a8e4e40497ec8d803b0bd3e3bf401c471cf18819af1ccabead8b7ca5f81a038c0c701cda4397c81f7a9c8c742cc0f5ec60951828a4e1e74783dd18a3bf3ec6c9aa6647ae46ae293da36a7624d7964ef2a957c9fff18ea60fb1dea6d6eb88bf411f9e2a5c5734232f775afa7a9d4189affb56e0b7447a0a8149e9bad0c7d5ef991b5608ab7e09043f3507a37b0f4449c93b7f52cb00997463b3779c83d45bc63c86c88347a08106c0ed86d4b6a458d963fa98da78ecb35a0945be4649dcf70080287fe84da123181ca30b79a2d87f14471a6c4725de9748be76979a93d9a4e206c066f77bf6d860d2e45f724744f6324dd775dd05be51a47d8d1add91768a789b2abe3aac5cdb8aeec643906b49eb98d8c67c9a91fa39a43cd5c12ec1a8dbaf0253bc9c5dc048cd9cc18f685e99d1b122a93e8ccf4fde1b5dc8108a5b300b82e0a056f16da04fe9abba60b96fee799f3bf98ceef931294e06ec40a5304df872ceecd1e5b30ad51ebdeee8319f479c4e69a6a124261b5c67a67e5f36d7bc514d36e2e201b1d99e02bb17dbbf19e5792f697936a402627d03ef5e67f84fe1fff59912e31580690610215f8023065731c250c66604799c0d5c7417750060ce6423624b5c83a5d4384f6442abfcd0e9b3998afb216ada402bbbfa611f384d6aae2290687164b5d08cfbec71389f0e10a9c6eaa18e40c6e0cb29555715cb553b87edd98d6420abe34e229bf6bbfe01440cec07933848b162d58d8cf30f4a5886c3ccb53b74da85fee46d2beff9fe9057a6caa2fd8956066f78488f3fe743a61debc2e37d7f4db2a634a0e637b9390b566eb12246c7acdfed79d3a366ead75c7f93fa4820ed8176e5ceb98912c03454705a4f8fb074fb94cfd593cc395b8e39a94b284ad9c38b67cdd37bd2330ac36398a24dbddbfb0aa6a3c0e59688208f7e58ac32c9cfc0e4faa09baab749c49ccfe630f29ee0ece3170f1f05d20ff6671e9f0672d1fef0c26bbdcf2cd3df11ffada258042eb93c03d81feeb9894dfd8cc4a6d94cb4d0f3dce8d3445ae102148a3781b4676e0fbb3c755f54f0af641dbc6359d6d64db334d5e157f79c16dc3bdc6fbe14fbe87267dd0d6f3d47684a3cf5cb08549d14878b75f9d48af230986ca212c7ab1ad71172aaa91d4792d3c38a9dd83539ad8b09e5054ceed05b3ceea22e98ac4039aa595a74fc044ab23df1155abf85cef9ebd0717409ab7858a9f6f7461148087cb0b4bb8f8bb08a0b9f5a4181dd201f5c934c4cd2cbdd9d62554ba1ba280b6a7dc1796692cb45e93143e2cd55f36f2b82ee14cd58bae68d7caff741906df7f7e83c56beca1613fea28707eef4dac858ffef70d69fedec2dccf4ba3185bebadd7029831316ddc81565ab2305f9ac0eef9ee710cafded762299d1650d17723dd632b5fb84f63f55e723b958fa547c37874d8a51253ba57b7f76403f972413952c37acb3c7ae61eeb47bb39bec9caac3d1774735061db135bea18a14470def7ea1df8835e255c6158085634fd0ba1cc0fa4b735886388b260934140c5288ae71fc244f194abbe6181825a242a9f76a208a29c70e7a06684a26d6a8f9ef26aebc71c69d142932d6df39055ba9315fdce514bdb8358f418e601db5eb8948d1e973fac24a1c92533244261ca23c9f57d813ce4dfb40c719390fe6cf78fd2bc8ac62205dc9b5b1ad4634ca30d38ade9e0001e2400919e825afe4cd77c5473c33753507e8b0547c6b5fb38fea0650487b3f09e31849ed0e7ae4b133e798a5f679924e4c9d6ae21b61a1ae5bc92201e48b701e70a00276d07fa6daf0ae7d7de5ca4aad2a162e67343c3ac48141863696a5b32a180e269d76236c211b884ad58b8a4ef2d800307348de2d9fff37ff77a11bb4b8bb56a08c12db390a70718777ca083bc138684b3e94fb97d026b89831c8c5e2855849e773ef3c03eda42f01ee1f19a57f1c729c3eeb8775a5819f20d5ffaa3ef349864e189a130751d169adb85b5417780febdf2ad0385ec602f18966171107132185cc3f21ef42129f630b446b27f4285d78a755c5c32d73b224b09e57db4e6b6c0c2e4b29cb58be9d6427dad0efe6188e92f4c49963d639e05cd206c909639491ab250d274848ed25d535b81a70769987a491b07fd9c0cde287da65fbf9d8bdd13aa2383ac6583f2afbc0639252736806acf6b130f683957d87a65c72c092a39d0997050722286891760bc7bc5560809a318139b453eb8196b6bb50cf27992e91cf10fb6126445029c0acfc9f13599aeb714235825221203e29da81dc363fb31ec2b9706a3a77075666e82f55dc5b0eccf4fdaf22511ab85967caee8ab9ed86f653a7924c9cbd24471ba377e3df28d0d2d1cc306e503897e734a97e62682511b3734465635b6e680a270debeec5930347709f16eb07f76a4831b5a54bc5488e421487215c2e0d445a6b1eafb4f697b031f920578e00aa81b3e91d692aadd4fad636c8740617d3f3ffcbe61ae8a28d5e56dbc7c760698c7f09c811c50fe29444e772f568d9a8e9a78d5b74f62ea85bf90baae063d570fb226ffe869f01a25455b81fb6dee6e0db511d32ded29ff805aa8c5d5e136066d5a842a7d65432fb5f43a8d42e9fb499152f793f6cb1ca5175d5cbfca12c6d12d490195bd291880f31ca3afdf822a5292d21ceaba7c04c16e359d94d39fdbca50ef858dc9d8ed508f6730ce38273d29e822630943d4678c9bcb59736d6f0707a2cbc6c369344839887e427835ddf1ba76ab9096eac7376ae296d7a0ea1d960fb3b8510a258c6a1c14aeb4d2ef48e42eef59b994a2fc4bef14464f0ee5362a8c1c39ed38b410e59f3e9d1468001ca7a85627beb619178cd4225d4e6b561a8ac64edd6e589220d3bffc5bed4131ae9a6b27c1bd2050c7cfd041ae1bd8ec8bb2bf72cabdc4df9ccd17d13c80539f61a3f2e3f889697c9577ee7cae2f8acd45042cd2abbadef39a7ec038c9745a15a755ba9540b8d785fe0c4a984d6f83a949e79755707a7439558aba30f47107e24ebf2c541ff9bd9bf64e3fb77486731af392938ce9ab965082a80eeba70637042311fe50d907e64a459d4459980a49e2d46d7ce1018ecfbf4fc6e01f84e84b8324816b4ca567d09332267ed23735579b8d0313cc798d2e3e078b9b6613820338f1c13d80281ec08d1bea30cd007d04ade26df5da74ef35428aa8e9c784ac8a880900f65e61aaa86f324ed72c4bca302b0701aa31d49a094d003d0e253e9582b1ac5041adcf80df36510c2def31d2f732a05f19e1cc45d87ba484235826d0634a024d9293b7706faedaec3693d45b12581741ad9aff371a3f0f40553e2a119c120da7816b11a87940a225a7961d3730d68baded8285dc3af4d5fd358fe7c59ed936e47532ce4632c49c401079c1ae1f0e20a6cfde7a1fe1268c10748512f582e108629f489dbdd8847a812968946cdb193a297f58d503844b8d74523893264c32de1dfecfd895849adbf5dd3e7c44b25e4af5afb54e3a24f9abb21a9a76e715d9c5df95e6e86448aa43c8f9d004a755a313bc112d05b6e7987a6b7a97fdcfb62cea0b56183e7e3309a91744b521f719fa8f10a3c1242414ddb86cd6566fc3000e1cc17856c26b84d0856b20a4fdde809f48bc03f9ffd9a56ba06d21dca404c13f17cf4e729b60e7d5c694996aa834b59a748e6acb81f0247f937a2bd4a73c5c2e00bf98d459b55031cbe362b28c9567b69dd4f65fda693b9914612202835e68de70f6d5ae40a62d02c3a63ee4aabfb2298cf6573fef9225cf92b3114cf9144d80b11389c867e39b769e7b8d22b49cc2c7e534344b027cb073023abaf2ddee82836ef5bebf11ad888257d80d9fa717d0961975736f4a4dceda249626d1af8327011d7649cfaf0cd61b48eb6a8e21e901086b586c7f927fb5cb5351b4a1d73cab78b4110cea34eb002d35bec512a146b28a9966ec58a70d3d82d08a36c99d6c7a3e7cfb5d4928f5b84703363e0e8bc65f8d12308ef2e3f0a98c5c20d1332700177161853c2c17bf66c056d03a225aa8b1a4ad0da9c262d0a3727eb05b1d1633bdbf9b6bedcc76295f56cd6ba6779fd8686430abf16d6f6303516fda08a1480f471307de81c5dfb9a08ca6425053d57b91083d8ad8a1f31921d286e7fe64b40e0ab4771e890faf5e4100bcc847e5a80c6d64c25eae89ff8223aab7f4b9b73450aed06f66a046f37cbd5398aad0d7290ec50e315b77449c4ba15e808d67f46446f1067b8fa842b57c116b1a350fe780cf9248a7ed54c3ee9033632cbd707c83a3ca0a6a0ba00a3c6b032f4d7cba480db355e6a1346ae2eeb8378da188f75939ee7990a89836c4ed2ba71978aec8b20d50cac5332bb1ab834def64fa1dd0b5f5a1a0246da81777562c9bed5555f1d6db7ca32a2d72b242e2ff58e02cd06738f110d59caf0325e74195da4d89c3667d14302d4cd03e2c12f18b0617c2a4c1163b9fe78525a801b3d8f43488bc8f7f0580c8af8fcf0bd7809e852540f9c81ef55797baa8d78cfd7302dbefe7661f51a7996aa97f43e2ea0bffd4ded47ae79dee22043a6d235b33073f50b4ef8e19a7464c9b074ba465c57bb02e15d2b4baac543692ec3605070ab7eac94d6504be7112b4166f7dfdd2ce98d4da4ca41f2c8109fccd4f435b31b5bca78907d2deb9e02418456baf3f9f57a387edde0669076e98379036c3dc60f47b8f763b8f65af279f70098593061c088012bc05ccaf9e8078363551e83b7dfa60b85a69384f64abf29ef7a90c7dd927aaf60bf7ee3f09f7c81287f4583c3a5de72ee32c8d9ff1e3097fa49b6e039b5bcdf47e18abd7c08c04e98f6eaa482d875508a9d20a4e01b34ddc9a2cf9b6b49be5a4818090a88ec3a606973a10140c37ef3f04467c1134ea789d093b68b5814e5f44a54d6d98c23c68db562944ea31ae60345e2aac40215e3cc78b696a1815c8a26a42a123c996bbef5594af0f2a252ba43550bbbc14050e82d0c89b2ac0dda9fed10b9cd44c03232620becbe79c87e17ef716da086c66112a15693212a209bbb53fca34bec698701475c716db16e0e54b1f444177b03ade98a6fd9e681f53a490c730d5bb", 0x1000)
r8 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r8, r5, 0x0, 0x209)

19:58:49 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f000000ac80), 0x66, 0x0)

[  527.158072][T11449] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  527.237902][T11449] CPU: 1 PID: 11449 Comm: syz-executor.2 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  527.247856][T11449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  527.258101][T11449] Call Trace:
[  527.261492][T11449]  dump_stack+0x197/0x210
[  527.265901][T11449]  sysfs_warn_dup.cold+0x1c/0x31
[  527.270956][T11449]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  527.277050][T11449]  sysfs_create_link+0x65/0xc0
[  527.281907][T11449]  device_add+0x756/0x1d00
[  527.286608][T11449]  ? __this_cpu_preempt_check+0x35/0x190
[  527.292452][T11449]  ? uevent_show+0x370/0x370
[  527.297143][T11449]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  527.303565][T11449]  wiphy_register+0x1c46/0x2720
[  527.308550][T11449]  ? wiphy_unregister+0x1040/0x1040
[  527.313827][T11449]  ? retint_kernel+0x2b/0x2b
[  527.318525][T11449]  ? ieee80211_register_hw+0x150f/0x3ac0
[  527.324184][T11449]  ieee80211_register_hw+0x157e/0x3ac0
[  527.329674][T11449]  ? ieee80211_ifa_changed+0xde0/0xde0
[  527.335411][T11449]  ? memset+0x32/0x40
[  527.339424][T11449]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  527.345743][T11449]  ? __hrtimer_init+0x13d/0x280
[  527.350711][T11449]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  527.356473][T11449]  ? hwsim_register_received_nl+0x420/0x420
[  527.362569][T11449]  ? hwsim_new_radio_nl+0x29f/0x1070
[  527.367884][T11449]  hwsim_new_radio_nl+0x9e3/0x1070
[  527.373107][T11449]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  527.379372][T11449]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  527.385358][T11449]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  527.391729][T11449]  genl_rcv_msg+0x67d/0xea0
[  527.396256][T11449]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  527.402875][T11449]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  527.408577][T11449]  netlink_rcv_skb+0x177/0x450
[  527.413377][T11449]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  527.419819][T11449]  ? netlink_ack+0xb50/0xb50
[  527.424432][T11449]  ? __kasan_check_write+0x14/0x20
[  527.429744][T11449]  ? netlink_deliver_tap+0x248/0xbe0
[  527.435057][T11449]  genl_rcv+0x29/0x40
[  527.439061][T11449]  netlink_unicast+0x58c/0x7d0
[  527.443942][T11449]  ? netlink_attachskb+0x870/0x870
[  527.449082][T11449]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  527.454924][T11449]  ? __check_object_size+0x3d/0x437
[  527.460152][T11449]  netlink_sendmsg+0x91c/0xea0
[  527.464937][T11449]  ? netlink_unicast+0x7d0/0x7d0
[  527.469940][T11449]  ? sock_sendmsg+0x6d/0x130
[  527.469990][T11449]  ? netlink_unicast+0x7d0/0x7d0
[  527.470005][T11449]  sock_sendmsg+0xd7/0x130
[  527.470021][T11449]  ____sys_sendmsg+0x753/0x880
19:58:49 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f000000ac80), 0x66, 0x0)

19:58:49 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  527.470046][T11449]  ? kernel_sendmsg+0x50/0x50
[  527.470106][T11449]  ? __fget+0x35d/0x550
[  527.497814][T11449]  ? find_held_lock+0x35/0x130
[  527.502618][T11449]  ___sys_sendmsg+0x100/0x170
[  527.507324][T11449]  ? sendmsg_copy_msghdr+0x70/0x70
[  527.512455][T11449]  ? __kasan_check_read+0x11/0x20
[  527.517508][T11449]  ? __fget+0x37f/0x550
[  527.521793][T11449]  ? do_dup2+0x4f0/0x4f0
[  527.526069][T11449]  ? __fget_light+0x1a9/0x230
[  527.530775][T11449]  ? __fdget+0x1b/0x20
[  527.534871][T11449]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  527.541141][T11449]  __sys_sendmsg+0x105/0x1d0
[  527.545814][T11449]  ? __sys_sendmsg_sock+0xc0/0xc0
[  527.550865][T11449]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  527.556379][T11449]  __x64_sys_sendmsg+0x78/0xb0
[  527.561274][T11449]  do_syscall_64+0xfa/0x790
[  527.565801][T11449]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  527.571719][T11449] RIP: 0033:0x45a919
[  527.575627][T11449] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  527.595242][T11449] RSP: 002b:00007f3e97b3fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  527.603769][T11449] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a919
[  527.611841][T11449] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005
[  527.619846][T11449] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  527.627832][T11449] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3e97b406d4
19:58:49 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  527.635817][T11449] R13: 00000000004c99b6 R14: 00000000004e1888 R15: 00000000ffffffff
19:58:49 executing program 2:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r0, 0x0)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="4da1e7aea3651c1f0dc68a478028965d5edb8daff6b1134d993d34edb24083c04e7b76f807ca1b839b754b084cc1d212d20a22bf0312ec1270dc08baccd4f3ff41a14105a4ddcf9b4e7456128c165bfbc137cdd383ab35d7ec1fdabc0723"], 0x2)
perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x80c00}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

19:58:49 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  528.268406][   T27] audit: type=1800 audit(1577390330.368:60): pid=11495 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="bus" dev="sda1" ino=16802 res=0
[  528.288636][    C0] net_ratelimit: 16 callbacks suppressed
[  528.288644][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  528.300337][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  528.528635][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  528.534526][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  529.408622][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  529.414461][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  529.808669][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  529.814554][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  529.968708][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  529.974551][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:58:52 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:58:52 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000017c0)='TIPC\x00')
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)={0x34, r4, 0x501, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @udp='udp:syz1\x00'}}}}, 0x34}}, 0x0)
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r2, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r4, 0x31a, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x27f13d40d253b370}, 0x4000000)
r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$PPPIOCGNPMODE(r9, 0xc008744c, &(0x7f0000000240)={0x14332, 0x3})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="48ffdf35000010000507000000000000000004000000", @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="e371a01c7d83e16db1918b5328546fd0db633ad73f48121530e272e1e1c5c2d6513819000000624400000000000000"], 0x48}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001000250800"/20, @ANYRES32=r8, @ANYBLOB="800104000000000000000a0014000000"], 0x28}}, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r9, 0x4010ae42, &(0x7f00000002c0)={0x2710, 0x0, &(0x7f0000ffb000/0x4000)=nil})
ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, &(0x7f0000000400)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}, 0x2})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="2000000011000d0400"/20, @ANYRES32=r8, @ANYBLOB="00000000000000009ced1c2269c340608c0929cd7503b59d60f62914e1205e41882e14da2dde12b712e94fc8835ad295eff927bdafaf1dc33106f656fc380746fccbb525f5a8ecc120986d8f2e8eb5585e989d9e75f1d378601a02911659e781b9bd"], 0x20}}, 0x0)

19:58:52 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:58:52 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000140)={@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x3, 0x4, 0x4, 0x2, {0xa, 0x4e21, 0xfa6, @mcast1, 0xbfa9}}}, {&(0x7f0000000040)=""/181, 0xb5}, &(0x7f0000000100), 0x1}, 0xa0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = memfd_create(&(0x7f0000003380)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>\x9b\x94a\xac\xf8R?\x1c\xe2\xb5!\xfa\xcb\xd4\xb6\xe1_\xb4d>\xf6\xb7h\xb9Uql\b<zP\xf5\x96\xb0*5\xa2\xd6\xf2Ym\x13\xf1qj\x14\x9e\x9d\xee\xd9X\xf7{b\xab\a6m\xd2%\xebL\x1f\xb3m\xde\xddUC\x984ZZ\xc4\n\t\xd3\x0eO\xa1\xbc)\xb0n\xe85\xa0\x95\t8\x95\f\xa3\xca\xea\xe8^\xcbj\x1d\xc5\x17!\xf0`\xefHz\xddl\xa7\xc3\xcb\xcfM\xc9\xde\xechl\x11\x81\xca2\xe4\x1e\x006\xc61\xda\xa8\x87PQ5,\xba\x87\xda,\xc3\xf3-Xl\x12\x8aY\xa7\x9f\xa2-3\xe9\x1a6\xecj\xa3\x12\xea4\xbb\x99\'|9I\x9e\x05u\xe5\b\xd8\x1a_\xd3\xbaRY\xfbgp\xf62\x8a\xd9\x8c\xd8\xb4\xa1\x1fr ', 0x0)
write$binfmt_misc(r4, &(0x7f0000000c40)=ANY=[@ANYRES32], 0x1000000d8)
lseek(r4, 0x0, 0x4)

[  530.075870][T11505] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  530.103991][T11505] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  530.136390][T11510] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  530.146729][T11505] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  533.568705][    C0] net_ratelimit: 14 callbacks suppressed
[  533.574426][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  533.580238][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  533.968697][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  533.974514][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  534.128738][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  534.134560][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  534.538739][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  534.544581][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  534.768675][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  534.774612][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:00 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f00000000c0), 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x0, 0x0, 0x3, 0x0, 0x4, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0xffffffffffffff7b)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$kcm(0x11, 0x3, 0x300)
recvmsg$kcm(r2, &(0x7f0000000040)={&(0x7f00000082c0)=@xdp, 0x80, 0x0}, 0x20)
close(0xffffffffffffffff)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$kcm(0x2, 0x1, 0x84)
close(0xffffffffffffffff)
setsockopt$sock_attach_bpf(r3, 0x10d, 0x10, &(0x7f0000000000), 0x4)
recvmsg$kcm(r3, &(0x7f0000007ec0)={&(0x7f0000007bc0)=@xdp, 0x80, 0x0}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)

19:59:00 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xc0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300), 0x0, <r1=>0x0, 0x0, &(0x7f0000000340)={0x2, 0x4}, 0x0, 0x0, &(0x7f0000000480)={0x5, 0xd, 0x1, 0x3f}, &(0x7f00000004c0)=0x8000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x5}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000680)=r1, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="b7000000000000f46f000000000000009500400000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000003c0)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r1}, 0x78)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
epoll_pwait(r2, &(0x7f0000000040), 0x218, 0x9, &(0x7f00000000c0)={0xe00000000000000}, 0x8)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000000280)={r7}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000040)={<r8=>r7, 0x68, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x4, @loopback, 0x8ad}, @in6={0xa, 0x4e23, 0x2, @loopback, 0x80000001}, @in={0x2, 0x4e20, @local}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e21, @rand_addr=0x9}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000200)={r8, @in6={{0xa, 0x4e23, 0x9, @dev={0xfe, 0x80, [], 0xd}, 0x7fff}}, 0x8}, &(0x7f00000002c0)=0x90)

19:59:00 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:00 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b0", 0x4)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000000000)=[@iv={0x80, 0x117, 0x2, 0x69, "b31f79b4f463433515bc0e24291ad057eecc7c287bf38c5f8864765573715b2fe83c119b1e54f644f7f4d2507156be6393361fb7bcc2b193def3cf5073240520119c97b7e868e4c9a51a9434f7ea4e1bcc0e70f0651e41ff20aebbe5419ac9b3fc6cbd924cf50c61cd"}], 0x80}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000001280)=[{{0x0, 0x28a, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x1}}], 0x500, 0x0, 0x0)

19:59:00 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, 0x0)
pipe(0x0)
r0 = socket$inet(0x2, 0x4000000805, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = dup3(r0, r1, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10)
sendto$inet(r2, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r1, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r3=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x7a, &(0x7f000059aff8)={r3}, &(0x7f000034f000)=0x2059b000)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000004c0)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f0000000040)=0x1, &(0x7f00000000c0)=0x4)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x200000, 0x0)
ioctl$PIO_UNISCRNMAP(r4, 0x4b6a, &(0x7f0000000340)="9141e35ad8e7f745fdf61d69c20e0315e03eee38a9e1712983bfab5bd29ac276dc8f91b9f3148ec5df8bb594767dce362fb7677ef7c898b5809fe032bc19dcb49369252d2b12c5ac1e5877b0bfca581b4bcc2fa817ab3ed22ada2ad172687e9c0d406f76af9ba8d9ec8b69d7cc00bcc0dce7a7e631d9c4af239cc45a41f52cd112df31414fe936bdfb2f4f2f569b89b3c46c8690196f64cd686c71e9ca30121c706aba52dfd3d707c34011b80da4f452b8ab293d92edf680da20a96b4578e67827223c9e6e771535")
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa)
clock_gettime(0x0, 0x0)
socket(0x10, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x3}}, 0x0)

19:59:00 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:59:00 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  538.688645][    C0] net_ratelimit: 16 callbacks suppressed
[  538.688698][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  538.700202][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:00 executing program 4:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001f40)={&(0x7f0000000080)={0x2, 0x0, @rand_addr=0x5}, 0x10, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="5800000000000000140100000900000000001a002cdd00000000", @ANYPTR=&(0x7f0000001780)=ANY=[], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00'/54], 0x58}, 0x0)

19:59:01 executing program 2:
r0 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x00\x00\xa4\f\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c0000001400210100000000000010000a000000", @ANYRES32=r1, @ANYBLOB="080008000000000014000200000000000001000000000000000000011400010000d80000000000000000ffffac1e0001140006000000000000000000150000000000000064d63eac5630b44b982d72d5a7bed249f8e8a719c52e830cd7d1a8b78a153672d4b9c24641ca7fac2386f2742c3219e12f0fae062e04b6d74d05cb1602cef7a2ac40f1712a8ee5cd77d97511c05455e0cb1951330e77ee011412f4ab2a0f71ef1291f4810edee56ef8be66b500ef99fddca11ba6dbc9f76d7ad1eb7277b09f3a1a27f0747e2174a62bd5ebda4a69ea7acb968fc613b61a32685a6591cccc9ab1a8b4c79c5be19ae1a3b90bf069a627de67e84816d5c952ab0f4fd6cbf8afad1d422f3e169a323450f78baadee9431c5d8b302d51cb4058edd4094ff3f985e1edfb3e9fb4654d87e51d5cd585bf3a69b9f88123a91a6e2e2041b478f30a9d206a67c750c11ea00e7c06075d95ca7516a6b64cb1f7f3ebb81924114bad4b5d053b5ef1b87eb96df4f664f88dfd926c5eb9a5d3b1cd39cfb10a3c59e4462c596766d9af8d29e5cec32219628787dbdccf362cb9082e306edf8339ad2d77f2f397c58476e3b489c9db7feaeb72b576ed73b7f130c0a5546ae9a76c4eac5e84120094a326e07d133088b3f552ce8e6d5d3821e7b9044fd0792137f5391416a399e5989227e0c5c19eaf"], 0x5c}}, 0x0)
r2 = socket(0x10, 0x200080002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100), 0x2}], 0x492492492492805, 0x0)

19:59:01 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x4, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000005c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5fff}, 0x0, 0x0, r0, 0x0)
r2 = socket$kcm(0x11, 0x8000000000000003, 0x0)
recvmsg(r2, &(0x7f0000000140)={&(0x7f0000000b40)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000840)=""/84, 0x54}, 0x40001001)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="00243c9a51fed3dd251b90b5d2ba502bc1565200d9f900000000000000001fd402a17b42904afff000000000000000000000000000daaec783de4c3c820c8f0f74375eb25002043f2f33d8965abebae6cb8934d7337452ec2f0cfe0e001f5dc1da16b0de3a839f65b5d5eae09ceb4117f200000000003500000000000000000000000000000060823c8363be66d12bf265b2d9e1847df17a8ab5f5e60c412f30bdfd4de2ec99d9d302c7a2f3fc78ca52d4f4e32229d5b0d4b37920b0de22af5dd63d99892188f9cc0c7dc8b3d7c05582d493d1439598c29223b9e6a3485ac5b9b73cbeb267d9a01af1600fe156c15f1cbc24589be2683e56fe83dfc67ab2da21d6d099c66d6c066f69d5d02168a088319f9751adaa4fd2845c4a2ddbe1a443dc6acb"], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
perf_event_open(&(0x7f0000000980)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x800004}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x4}}, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000240)}, {&(0x7f0000000280)="783271530de9c90ade7a4eae572e518a81ac6aea9bb683c8", 0x18}, {&(0x7f00000004c0)="a4e26b358e123c236528fa46037713cdef00cc11090c121e59eb1d581bd44ebd4e43572d2e2133bbd4a4e282e6237509a7b6f164d5affca044c4cad712aa9e0603c4143bb6bf3b0954bce7ecdfb9cb958e90de9361f45e077dbafe6ddf844e02e4e32be04980e991dc410c4b95e972aba37fbb8795", 0x75}], 0x3, &(0x7f0000000f40)=ANY=[@ANYBLOB="e80000000000000017010000f690000039faa718816362111ef231e0d7d63f8612b85bb43d75c04c3d608878b1de8bceffe290286b16cad51495495fd64f467f9403ffaf8d0054c79281eda9db809ea85dd9098cf3cd0d0c1983856fb389ee375f0d8f9ce0c00b83864d0366c083c0daa2bfd465415c1c29b23096c8d1ee67c87f815a3dcbd7a61b322cdc96d680331b30ff3b431316ebe60c07c0c32cd54f15e5276362aa4ba3230f812d710beb4520ccd638afeab90586f2d4b9fdb1b8ccda29fc2998117428774e825c6f7fb947a4d46f89eb99dafbaa293661ca52099ce85f88ef0000000000b000000000000000180100004e0400000f7649187c87c59d9284dd09b561cb4f558785d12cea852557f66f0817c1cd2fba0e7ed17f44e8757563b617a0d2ffeeed653d77c1102c7514c4dd51eea46dcc66fbc74149d26ee2629f36d60c899334004472714950da77bebe408c91f5945e5cb18009793280bed16864c80cb9fa44a3dfb7c002cef39781b2f1b4f54fdbec017a142ad3e3f437fd71ec2cc2942f2fca705227af14c40045426236d9500000600000000000000005010000ffff000060f94e11d547f946a5fb4fcbfae6977fdfe777fefa236120ca978d67e6e7331afab96dd77e73817ee2a520591f354edfa79f4cca31fe4c7d0a12611b53a3c6fcd98bc1093bf30ebe0a3f6e61f2000000e1178da37eaa6025a54fcb4e02e2bc732bb70f1dc04f65638eb1cb3eceb5f6f90c5df95935c8fe5aad1c351088da9cc6528e204c515776231021c13dd49f2b553baad3171453384dba99ad502bf76a58030301c09495dbe4198bc59259804c2bb55b822f7c16cdabe3228033eed7b23b2aaa291333183816c53e199664548ab1193f6cd731146a5c345237bc2c5b8ae925"], 0x289}, 0x40000)
write$cgroup_subtree(r3, 0x0, 0x0)
getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000340)='*]nodev\x00'}, 0x30)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000002c0)='//z0\xff', 0x1c0)

[  538.928605][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  538.935079][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:01 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:01 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000140))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  539.818657][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  539.824512][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  540.208673][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  540.214565][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  540.368687][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  540.374502][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  543.968660][    C0] net_ratelimit: 14 callbacks suppressed
[  543.968667][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  543.980220][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  544.368720][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  544.374608][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  544.528726][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  544.534759][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  544.928670][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  544.934604][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  545.168666][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  545.177353][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  549.088606][    C0] net_ratelimit: 16 callbacks suppressed
[  549.088612][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  549.100107][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  549.328636][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  549.334473][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  550.218652][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  550.224485][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:12 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b0", 0x4)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000000000)=[@iv={0x80, 0x117, 0x2, 0x69, "b31f79b4f463433515bc0e24291ad057eecc7c287bf38c5f8864765573715b2fe83c119b1e54f644f7f4d2507156be6393361fb7bcc2b193def3cf5073240520119c97b7e868e4c9a51a9434f7ea4e1bcc0e70f0651e41ff20aebbe5419ac9b3fc6cbd924cf50c61cd"}], 0x80}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000001280)=[{{0x0, 0x28a, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x1}}], 0x500, 0x0, 0x0)

19:59:12 executing program 4:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20000, 0x0)

19:59:12 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r1 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x4, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000005c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5fff}, 0x0, 0x0, r0, 0x0)
r2 = socket$kcm(0x11, 0x8000000000000003, 0x0)
recvmsg(r2, &(0x7f0000000140)={&(0x7f0000000b40)=@nl=@proc, 0x80, 0x0, 0x0, &(0x7f0000000840)=""/84, 0x54}, 0x40001001)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="00243c9a51fed3dd251b90b5d2ba502bc1565200d9f900000000000000001fd402a17b42904afff000000000000000000000000000daaec783de4c3c820c8f0f74375eb25002043f2f33d8965abebae6cb8934d7337452ec2f0cfe0e001f5dc1da16b0de3a839f65b5d5eae09ceb4117f200000000003500000000000000000000000000000060823c8363be66d12bf265b2d9e1847df17a8ab5f5e60c412f30bdfd4de2ec99d9d302c7a2f3fc78ca52d4f4e32229d5b0d4b37920b0de22af5dd63d99892188f9cc0c7dc8b3d7c05582d493d1439598c29223b9e6a3485ac5b9b73cbeb267d9a01af1600fe156c15f1cbc24589be2683e56fe83dfc67ab2da21d6d099c66d6c066f69d5d02168a088319f9751adaa4fd2845c4a2ddbe1a443dc6acb"], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
perf_event_open(&(0x7f0000000980)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x800004}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x4}}, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000240)}, {&(0x7f0000000280)="783271530de9c90ade7a4eae572e518a81ac6aea9bb683c8", 0x18}, {&(0x7f00000004c0)="a4e26b358e123c236528fa46037713cdef00cc11090c121e59eb1d581bd44ebd4e43572d2e2133bbd4a4e282e6237509a7b6f164d5affca044c4cad712aa9e0603c4143bb6bf3b0954bce7ecdfb9cb958e90de9361f45e077dbafe6ddf844e02e4e32be04980e991dc410c4b95e972aba37fbb8795", 0x75}], 0x3, &(0x7f0000000f40)=ANY=[@ANYBLOB="e80000000000000017010000f690000039faa718816362111ef231e0d7d63f8612b85bb43d75c04c3d608878b1de8bceffe290286b16cad51495495fd64f467f9403ffaf8d0054c79281eda9db809ea85dd9098cf3cd0d0c1983856fb389ee375f0d8f9ce0c00b83864d0366c083c0daa2bfd465415c1c29b23096c8d1ee67c87f815a3dcbd7a61b322cdc96d680331b30ff3b431316ebe60c07c0c32cd54f15e5276362aa4ba3230f812d710beb4520ccd638afeab90586f2d4b9fdb1b8ccda29fc2998117428774e825c6f7fb947a4d46f89eb99dafbaa293661ca52099ce85f88ef0000000000b000000000000000180100004e0400000f7649187c87c59d9284dd09b561cb4f558785d12cea852557f66f0817c1cd2fba0e7ed17f44e8757563b617a0d2ffeeed653d77c1102c7514c4dd51eea46dcc66fbc74149d26ee2629f36d60c899334004472714950da77bebe408c91f5945e5cb18009793280bed16864c80cb9fa44a3dfb7c002cef39781b2f1b4f54fdbec017a142ad3e3f437fd71ec2cc2942f2fca705227af14c40045426236d9500000600000000000000005010000ffff000060f94e11d547f946a5fb4fcbfae6977fdfe777fefa236120ca978d67e6e7331afab96dd77e73817ee2a520591f354edfa79f4cca31fe4c7d0a12611b53a3c6fcd98bc1093bf30ebe0a3f6e61f2000000e1178da37eaa6025a54fcb4e02e2bc732bb70f1dc04f65638eb1cb3eceb5f6f90c5df95935c8fe5aad1c351088da9cc6528e204c515776231021c13dd49f2b553baad3171453384dba99ad502bf76a58030301c09495dbe4198bc59259804c2bb55b822f7c16cdabe3228033eed7b23b2aaa291333183816c53e199664548ab1193f6cd731146a5c345237bc2c5b8ae925"], 0x289}, 0x40000)
write$cgroup_subtree(r3, 0x0, 0x0)
getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000005c0)={0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000340)='*]nodev\x00'}, 0x30)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000002c0)='//z0\xff', 0x1c0)

19:59:12 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:12 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_PIT2(0xffffffffffffffff, 0x4070aea0, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000140))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

19:59:12 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:59:12 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:12 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:12 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
shmget(0x1, 0x3000, 0x10, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000340)=""/149)
semtimedop(0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c9c380})
socket$key(0xf, 0x3, 0x2)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, 0x0, 0xfffffffffffffe32, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xc498ead121f97dd6)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, "d44eb8c7308ec7c4", "442065238929350ade91900b51fc9534", "6bdda720", "7ee51430da3f51b3"}, 0x28)
r2 = syz_open_dev$vcsu(&(0x7f0000000140)='/dev/vcsu#\x00', 0x1, 0x8000)
ioctl$USBDEVFS_RESETEP(r2, 0x80045503, &(0x7f0000000180)={0x5, 0x1})
sendto$inet6(r0, &(0x7f0000000080)="39a110", 0xffffffffffffffc1, 0x40, 0x0, 0xfffffffffffffe5b)

19:59:12 executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2e, 0x24, 0x0, 0x0, 0xff000000}}, &(0x7f0000000240)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0xfff, 0xc3, &(0x7f0000000480)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)

19:59:12 executing program 2:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x21}, 0x4}, 0x1c)
setsockopt$inet6_udp_int(r1, 0x11, 0x65, &(0x7f0000000280)=0xff, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000002, 0x4000000032, 0xffffffffffffffff, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x24a, 0x0)

[  550.608622][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  550.614482][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:12 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  550.768692][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  550.774587][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  554.368694][    C0] net_ratelimit: 14 callbacks suppressed
[  554.368701][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  554.380192][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  554.768670][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  554.774997][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  554.928715][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  554.938802][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  555.328676][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  555.334482][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  555.568676][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  555.574509][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  559.488638][    C0] net_ratelimit: 16 callbacks suppressed
[  559.488645][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  559.500239][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:21 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b0", 0x4)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000000000)=[@iv={0x80, 0x117, 0x2, 0x69, "b31f79b4f463433515bc0e24291ad057eecc7c287bf38c5f8864765573715b2fe83c119b1e54f644f7f4d2507156be6393361fb7bcc2b193def3cf5073240520119c97b7e868e4c9a51a9434f7ea4e1bcc0e70f0651e41ff20aebbe5419ac9b3fc6cbd924cf50c61cd"}], 0x80}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000001280)=[{{0x0, 0x28a, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x1}}], 0x500, 0x0, 0x0)

19:59:21 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x70d, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_UPDELAY={0x8, 0x9, 0xffffffff}]}}}]}, 0x3c}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_QUERYBUF(r1, 0xc0585609, &(0x7f0000000080)={0x7, 0x2, 0x4, 0x40006000, 0x3, {}, {0x1, 0x0, 0x2, 0x4f, 0x80, 0x9, "8c80171c"}, 0xfffffa45, 0x3, @offset=0x100, 0x4, 0x0, <r3=>r2})
ioctl$PPPIOCGUNIT(r3, 0x80047456, &(0x7f0000000100))

19:59:21 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:21 executing program 2:
mkdir(&(0x7f0000000700)='./file1\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000140)='./file1/file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={[{@sb={'sb', 0x3d, 0x80000000}}]})

19:59:21 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
shmget(0x1, 0x3000, 0x10, &(0x7f0000ffd000/0x3000)=nil)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000340)=""/149)
semtimedop(0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c9c380})
socket$key(0xf, 0x3, 0x2)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, 0x0, 0xfffffffffffffe32, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xc498ead121f97dd6)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, "d44eb8c7308ec7c4", "442065238929350ade91900b51fc9534", "6bdda720", "7ee51430da3f51b3"}, 0x28)
r2 = syz_open_dev$vcsu(&(0x7f0000000140)='/dev/vcsu#\x00', 0x1, 0x8000)
ioctl$USBDEVFS_RESETEP(r2, 0x80045503, &(0x7f0000000180)={0x5, 0x1})
sendto$inet6(r0, &(0x7f0000000080)="39a110", 0xffffffffffffffc1, 0x40, 0x0, 0xfffffffffffffe5b)

19:59:21 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  559.729300][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  559.736533][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:21 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f000000ac80), 0x66, 0x0)

19:59:22 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  559.839336][T11633] (unnamed net_device) (uninitialized): option arp_validate: invalid value (18446744073709551615)
[  559.996727][T11626] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
19:59:22 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f000000ac80), 0x66, 0x0)

19:59:22 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x9)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf6fa0671940849062b1de3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef245758dec41dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710"], 0x48}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000001000250800"/20, @ANYRESDEC=0x0, @ANYBLOB="01fb00000000000004000a00140000009bb7a6d984d798171632cb7343bf73e1d74f932b4ae359930a85a5e6cfb5b527b9efe15ef74782e5d30141a30d0594fb3910000ebf824a2a960e5bac04ce83ac1c558ba9a61dcd0a73970757176858a8268b68757f146a36e4cded8eff887a42c909c1fab25eee42aa4699e5d2708c1ecfa39d0ed4d2bad6c3a8b0ce72bf6ec2481bef256905fa266f0200000060a7b7c323f178fe002da84ea85cc4874e618fbc9d88ff9be2ef906a7d6ddb71a64a09c1438ca725ace7bbd9f029052b5951c79b0a2c8bda71dbc29b047b528f41d67cd6eb59bfd3a8d9f967512dee1ecd902038b07ce54703e9ed6f513a5a12501238104720771cfe6feec76d4d25325c9f98f20e94f822c10efcd3fd6f39523f710edf804cc6ef9a8cd1457ceda1395ede50a65eb9bd4ec4a3b259fbf0ad9b5e65c293a64d495c8edf5215d6310fa619b04525348e4acddb7b98b0d771f737d4944556c3d258aae9898a178696976b1d0f0378b3bde59a54b707342c8cae1de264ad865b660199f2e237ec499bdb3799f08867b64ddb"], 0x3}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000040)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_BROADCAST={0xc, 0x2, @local}]}, 0xfdbf}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_tcp_int(r7, 0x6, 0x24, &(0x7f00000000c0)=0x6, 0x4)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x32600)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_QBUF(r6, 0xc058560f, &(0x7f0000000440)={0x0, 0x6, 0x4, 0x100, 0x5, {0x77359400}, {0x2, 0x2, 0x3f, 0x8, 0x3, 0xc6, "8d782624"}, 0x9, 0x1, @offset=0xf5, 0x2, 0x0, <r9=>r8})
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x2400, 0x1)

19:59:22 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:59:22 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x99, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
pipe(&(0x7f0000000140))
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x11}}}, 0x0, 0x0, 0x0, 0x0, 0x1000000000054}, 0x9c)
r3 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/capi/capi20\x00', 0x1000, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r3, 0x111, 0x4, 0x1, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x541c, &(0x7f0000000100))
ioctl$SIOCX25GSUBSCRIP(0xffffffffffffffff, 0x89e0, 0x0)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$IP6T_SO_GET_INFO(r5, 0x29, 0x40, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000000)=0x54)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)

[  560.275995][T11657] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  560.431121][T11662] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  560.608608][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  560.615185][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  561.008653][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  561.014769][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  561.168666][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  561.174464][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  564.768689][    C0] net_ratelimit: 14 callbacks suppressed
[  564.774419][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  564.780198][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  565.168693][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  565.175414][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  565.328665][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  565.334795][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  565.728671][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  565.734524][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  565.968656][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  565.974540][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  569.888676][    C0] net_ratelimit: 16 callbacks suppressed
[  569.888685][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  569.900651][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  570.128653][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  570.135317][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  571.008610][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  571.014419][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:33 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b0", 0x4)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000000000)=[@iv={0x80, 0x117, 0x2, 0x69, "b31f79b4f463433515bc0e24291ad057eecc7c287bf38c5f8864765573715b2fe83c119b1e54f644f7f4d2507156be6393361fb7bcc2b193def3cf5073240520119c97b7e868e4c9a51a9434f7ea4e1bcc0e70f0651e41ff20aebbe5419ac9b3fc6cbd924cf50c61cd"}], 0x80}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000001280)=[{{0x0, 0x28a, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x1}}], 0x500, 0x0, 0x0)

19:59:33 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f000000ac80), 0x66, 0x0)

19:59:33 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:59:33 executing program 4:
inotify_add_watch(0xffffffffffffffff, 0x0, 0x60000094)
perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0xf48880d859bfc531)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f0000000040)=0x100000001, 0x4)
capset(0x0, &(0x7f0000000480)={0x0, 0x0, 0x2, 0x0, 0x8, 0x4})
bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000000c0), 0x19b3aef86ca2203c)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000200), 0x88)
write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="7f454c4600000000000000000000000000000000000000000000000000000000400000000000000000000000f364e1747b4355b4600038100000215619545706000000000000000000000000b3b0adf90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a7cd8e55d893a85c8f61c64fe32de1bff6f5780931c4df8a3919adba121523451fdde9fa389a4155a2c2eaa5951ffda1a3271191f45a3d6ad01b91f8c488d9cfd17e7ff32c408b40edf6e23dd3e19c372884e1103c413feba015e6fcf0f21bd948eb5a047d1ddc9752950a21cadd"], 0xfdb4)

19:59:33 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x5b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500fa0000000000b3d6fbdaef9f7d4e1a5b276570dd9934843e3cfc6b3282d976ef3190ed183edd9f8f456a870ca7555cbc7fd526dbd9e8f3860bf492a8e4afc28ac1f48f4c4bbb43728e1ac1b67474e56a20ddb70311ad550db6bd0256157490116308063915b61032be77b400836830e6d293f4d9d1fa470fd23e9c9282eadac0b0dec2f39ca2f02c19ee61748e1db2740a6b7109dbcb87212b861303286dd6b455d54509792ce29d6f7189ebd9ab73c3c4a780ea140f2e8780d8281d2d6010ac5c2bc3af73954abd5a6616591783410393ec5d28da5fb2689dc07129bf3bca7b35d937221a739396bbf8e00ac47c463a6ec8bad33a89c8c020148e0e9522fe0e4dcdb8a4c2a5dffe42896d2bed45040a513dbf05f30165ec0e879bfd4c3c92c37d697551a80e37c13ee9d77b15e19515c5685d2c77ce89ee99c8ea74f28d8a085db78dab969934ee9b8909ae91b287a39149ef8217baebce4e5108c232858edcabec8e7ab062b1fa81a47463a38fa0f147fda1a8b38ef57b03b85b2582730ffff52d5039d41ef8e253723055c34299079fa387ba400ec9432fa638292892374f87a2805effffffff000000009a991d102b6351f8af25183d753e22d94369dec1416b3661632681b0f66b11a3fc18f7967aba0ff9fa901c12ec55d3f5b3c68bd2e507a35a4e43f64bb49d0b6c52fe49308e5ecdb03d5cad40b9999d4eae7176cea5c643815bdf6cfef3562cced066cad487543e6fad13c7e78915e204db795164bc0f1955de204510b49b139503082dafb7a032cde4f95d354d2cfc08f6585f81bbd23be69479e999a2c3683058bcc341271ba1e9540499669c403199a8d7dab9be31db3895249ad9e1f5c14aeab82df3a736673724261e6fae02242ad78e55853ad57f111a5eb2fbcbec000000000000c86a92ea37afad27c312478c812b1b0b2514c8ba961a7838fe3e94bb647769bb017d7ea637c3fd75d6e46b05f8"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x1ee, &(0x7f00000003c0)=""/251, 0x0, 0x0, [], 0x0, 0xd, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1cf}, 0x48)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
pipe(0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, 0x0, 0x20000000)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)={r1, r0, 0xd}, 0x10)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000100)={r1, r0, 0x8000000000d}, 0x10)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsa\x00', 0x400, 0x0)
ioctl$DRM_IOCTL_SET_UNIQUE(r2, 0x40106410, &(0x7f00000001c0)={0x6, &(0x7f00000000c0)="51a225d8662d"})
creat(0x0, 0x0)
setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)

19:59:33 executing program 2:
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = dup(r0)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x1000, 0x1})
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000000)={0x10001, 0x1, 0x4, 0x40, 0x5, {0x0, 0x7530}, {0xd, 0x4, 0x2, 0x40, 0x5, 0x81, "7318f324"}, 0x0, 0x4, @offset=0x7, 0x1, 0x0, <r4=>r3})
ioctl$SOUND_PCM_READ_CHANNELS(r4, 0x80045006, &(0x7f0000000080))
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x700})

[  571.408602][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  571.414428][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:33 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

19:59:33 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000006700)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @dev}, 0x1c, 0x0}}, {{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000002900f8ff3900"/24], 0x18}}], 0x2, 0x0)

19:59:33 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  571.568610][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  571.574718][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:33 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

19:59:34 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, 0x0, 0x0, 0x0)

19:59:34 executing program 0:
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x10)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f00000000c0)=0x1)
r2 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
write$binfmt_elf64(r2, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0xfd14)

[  575.168677][    C0] net_ratelimit: 14 callbacks suppressed
[  575.174564][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  575.181468][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  575.568703][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  575.574763][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  575.728677][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  575.734492][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  576.128663][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  576.134450][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  576.368666][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  576.374459][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  580.288641][    C0] net_ratelimit: 16 callbacks suppressed
[  580.288650][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  580.300931][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  580.528703][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  580.534641][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  581.408633][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  581.414694][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  581.808703][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  581.814961][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  581.968640][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  581.974468][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:44 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='cpuacct.stat\x00', 0x0, 0x0)
ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1})
write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000540)={0x0, &(0x7f0000000500)}, 0x8)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil})
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000004}, 0xc, &(0x7f0000000480)={&(0x7f0000000340)={0x30, 0x0, 0x30c, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80000000}]}, @TIPC_NLA_LINK={0x10, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x10)
syz_open_dev$vcsa(&(0x7f00000004c0)='/dev/vcsa#\x00', 0x0, 0x103800)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0], 0x1}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_NMI(r3, 0xae9a)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
r6 = fcntl$dupfd(r4, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

19:59:44 executing program 2:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/d\xff\x00\x00\x05\x00', 0x5, 0x883e091e1bc4c77c)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r2 = socket(0x11, 0x80000, 0x0)
write(r2, &(0x7f00000000c0)="24000000200099f0003be97600f1190e020008160000100400ba1000080002007f196be0", 0xffffffe8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0))
r3 = msgget$private(0x0, 0x0)
msgsnd(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="03000002"], 0x1, 0x0)
msgrcv(r3, &(0x7f0000000300)={0x0, ""/210}, 0xda, 0x0, 0x0)
msgctl$MSG_STAT(r3, 0xb, &(0x7f00000002c0)=""/51)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000000180)=0xffffffffffffff1f)
openat$userio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/userio\x00', 0x202000, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)
clock_gettime(0x0, &(0x7f0000000140)={<r6=>0x0, <r7=>0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_PREPARE_BUF(r5, 0xc058565d, &(0x7f00000001c0)={0x5, 0x4, 0x4, 0x10, 0x5db, {r6, r7/1000+30000}, {0x1, 0x0, 0x22, 0x0, 0x1, 0x0, "cd1ae3be"}, 0x7f, 0x4, @offset=0x2, 0x0, 0x0, <r9=>r8})
connect$unix(r9, &(0x7f0000000240)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
r10 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040), 0x4)

19:59:44 executing program 3 (fault-call:2 fault-nth:0):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:44 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000), 0x0, 0x8)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
r0 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe)
write$tun(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="0105000000100000090001080fa169c2a94a873bf5d121988f969c919828458931896f637ae493c0715c96b5ead78f93e454c64906ffa7f912b304b1c4ecad7641c4f68d3aaf9cb3891d6e2cd44a74dbcfe98832b2a0f8dcf0148d589d71911b72c95bebe8aa6c5a01010000800540a7d1e8d6f5878e16b571f5a480b2b6a83570f281ed7733a45f1f88ddd9d576840ecdc27348026d50af7d9e43397a7c929b2638c031ad373264e1f8ed10e4c740b610301f1b871aa9478383f5571a5a3bba41a0576357ef6599dbe41276a2a63400c17728cf733b84661cd9a05c203fc9e4c7359ccb1abdb1bda37891a71f0d5b955d548545dfe8779f8a866bf9c0f1c2"], 0x7e)
keyctl$get_persistent(0x16, 0x0, r0)
syz_mount_image$erofs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0)

19:59:44 executing program 0:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xffe8)
r3 = socket$inet(0x2, 0x3, 0x29)
socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0x32600)
write$fb(r6, &(0x7f00000001c0)="d7b2f23ecdb3bc9bf83bc66409942629797c4894cfe2868c0f3e151ff5027f526b3304425ba397ea99ea0cd1dcf5d692da644eb76c8922ffc11032ee617973647e2743cd447b81efa66b127e5d83688855d2484714e8e92417b0cc9bc631e0e23fe849c995ce1a72ec491d3404caa8419f9512f92b166f9a13ae3dd1abda567867b741a39ff007973a689f140564d8e5b12a4c92a64f14ff68b7b6e8a0c302b83a58eb8357e6a7690659eaa8d3a3642d7874722d40807d9646aa025125ff9ddeabdcfcbd4ea1d34035809930df5d0db65d030c70963b8725b1427397f5c1ad5588e21f49a07c78cf0f434179", 0xec)
bind$inet(r3, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)

19:59:44 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  582.866834][T11742] FAULT_INJECTION: forcing a failure.
[  582.866834][T11742] name failslab, interval 1, probability 0, space 0, times 1
[  582.891922][T11742] CPU: 0 PID: 11742 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  582.902125][T11742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  582.912216][T11742] Call Trace:
[  582.912241][T11742]  dump_stack+0x197/0x210
[  582.912356][T11742]  should_fail.cold+0xa/0x10
[  582.912380][T11742]  ? setup_fault_attr+0x220/0x220
[  582.912418][T11742]  ? ___might_sleep+0x163/0x2c0
[  582.920247][T11742]  __should_failslab+0x121/0x190
[  582.920351][T11742]  should_failslab+0x9/0x14
[  582.920374][T11742]  kmem_cache_alloc_node+0x268/0x740
[  582.949702][T11742]  ? __kasan_check_read+0x11/0x20
[  582.954757][T11742]  ? mark_lock+0xc2/0x1220
[  582.954780][T11742]  __alloc_skb+0xd5/0x5e0
[  582.954801][T11742]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  582.954818][T11742]  ? __kasan_check_read+0x11/0x20
[  582.954843][T11742]  alloc_skb_with_frags+0x93/0x590
[  582.954857][T11742]  ? find_held_lock+0x35/0x130
[  582.954882][T11742]  sock_alloc_send_pskb+0x7ad/0x920
[  582.970956][T11742]  ? sock_wmalloc+0x120/0x120
[  582.970976][T11742]  ? __kasan_check_read+0x11/0x20
[  582.971051][T11742]  ? ip6_mtu+0x2e6/0x450
[  582.971068][T11742]  ? find_held_lock+0x35/0x130
19:59:45 executing program 2:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x10000, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000080)=0xfff, 0x4)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r2)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b7000000000000000c00000000000000bca0000000000000b800000000000000"], &(0x7f0000003ff6)='OPL\x00', 0x1, 0xff06, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffbb}, 0x48)

19:59:45 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  582.971092][T11742]  sock_alloc_send_skb+0x32/0x40
[  582.971139][T11742]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  583.026063][T11742]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.031253][T11742]  ? ip6_setup_cork+0x1920/0x1920
[  583.037188][T11742]  ? ip6_flush_pending_frames+0xd0/0xd0
[  583.043377][T11742]  ? __kasan_check_read+0x11/0x20
[  583.048443][T11742]  ip6_make_skb+0x32f/0x570
[  583.053067][T11742]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.058254][T11742]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.063317][T11742]  ? ip6_push_pending_frames+0xf0/0xf0
[  583.068813][T11742]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  583.074534][T11742]  ? ip6_forward_finish+0x570/0x570
[  583.079845][T11742]  ? rcu_read_lock_held+0x9c/0xb0
[  583.084986][T11742]  udpv6_sendmsg+0x22a1/0x2b30
[  583.089797][T11742]  ? __kasan_check_write+0x14/0x20
[  583.094965][T11742]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.100200][T11742]  ? udp_v6_get_port+0x6b0/0x6b0
[  583.105132][T11742]  ? __kasan_check_read+0x11/0x20
[  583.110289][T11742]  ? mark_lock+0xc2/0x1220
[  583.115070][T11742]  ? __kasan_check_read+0x11/0x20
[  583.120097][T11742]  ? mark_lock+0xc2/0x1220
[  583.124627][T11742]  ? __kasan_check_read+0x11/0x20
[  583.129660][T11742]  ? ___might_sleep+0x163/0x2c0
[  583.134530][T11742]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  583.140220][T11742]  ? aa_sk_perm+0x346/0xb00
[  583.144950][T11742]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  583.150552][T11742]  inet6_sendmsg+0x9e/0xe0
[  583.154965][T11742]  ? inet6_sendmsg+0x9e/0xe0
[  583.159571][T11742]  ? inet6_ioctl+0x1c0/0x1c0
[  583.164193][T11742]  sock_sendmsg+0xd7/0x130
[  583.168602][T11742]  ____sys_sendmsg+0x358/0x880
[  583.173502][T11742]  ? kernel_sendmsg+0x50/0x50
[  583.178178][T11742]  ? __fget+0x35d/0x550
[  583.182340][T11742]  ? find_held_lock+0x35/0x130
[  583.187126][T11742]  ___sys_sendmsg+0x100/0x170
[  583.192422][T11742]  ? sendmsg_copy_msghdr+0x70/0x70
[  583.197763][T11742]  ? __kasan_check_read+0x11/0x20
[  583.202804][T11742]  ? __fget+0x37f/0x550
[  583.206972][T11742]  ? do_dup2+0x4f0/0x4f0
[  583.211204][T11742]  ? find_held_lock+0x35/0x130
[  583.216166][T11742]  ? get_pid_task+0x11d/0x210
[  583.220879][T11742]  ? __fget_light+0x1a9/0x230
[  583.225581][T11742]  ? __fdget+0x1b/0x20
[  583.229741][T11742]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  583.238051][T11742]  ? sockfd_lookup_light+0xcb/0x180
[  583.243516][T11742]  __sys_sendmmsg+0x1bf/0x4d0
[  583.248521][T11742]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  583.253573][T11742]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  583.260654][T11742]  ? fput_many+0x12c/0x1a0
[  583.265297][T11742]  ? fput+0x1b/0x20
[  583.269121][T11742]  ? ksys_write+0x1cf/0x290
[  583.274002][T11742]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  583.279553][T11742]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  583.285002][T11742]  ? do_syscall_64+0x26/0x790
[  583.289746][T11742]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  583.295931][T11742]  ? do_syscall_64+0x26/0x790
[  583.301072][T11742]  __x64_sys_sendmmsg+0x9d/0x100
[  583.306221][T11742]  do_syscall_64+0xfa/0x790
[  583.310751][T11742]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  583.317236][T11742] RIP: 0033:0x45a919
[  583.321169][T11742] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  583.340946][T11742] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  583.350355][T11742] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  583.358527][T11742] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
19:59:45 executing program 3 (fault-call:2 fault-nth:1):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  583.366597][T11742] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  583.374648][T11742] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  583.382612][T11742] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  583.532080][T11759] FAULT_INJECTION: forcing a failure.
[  583.532080][T11759] name failslab, interval 1, probability 0, space 0, times 0
19:59:45 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0xb, 0x81, 0x7, 0x5, 0x1}, 0x14a)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x40, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, &(0x7f0000000040)={0x7b, 0x13747608, 0x80000000, 0xe1, 0x3, @stepwise={{0x2, 0x672}, {0x7, 0x7}, {0xe389, 0x2}}})
r2 = fcntl$dupfd(r0, 0x0, r0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000180), &(0x7f0000000240)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r2, &(0x7f0000000240), 0x0}, 0x20)

[  583.630909][T11759] CPU: 1 PID: 11759 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  583.640857][T11759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  583.650927][T11759] Call Trace:
[  583.654238][T11759]  dump_stack+0x197/0x210
[  583.658597][T11759]  should_fail.cold+0xa/0x10
[  583.663249][T11759]  ? setup_fault_attr+0x220/0x220
[  583.668337][T11759]  ? ___might_sleep+0x163/0x2c0
[  583.673219][T11759]  __should_failslab+0x121/0x190
[  583.678194][T11759]  should_failslab+0x9/0x14
[  583.682845][T11759]  kmem_cache_alloc_node_trace+0x274/0x750
[  583.688682][T11759]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  583.694693][T11759]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  583.700536][T11759]  __kmalloc_node_track_caller+0x3d/0x70
[  583.706311][T11759]  __kmalloc_reserve.isra.0+0x40/0xf0
[  583.711711][T11759]  __alloc_skb+0x10b/0x5e0
[  583.716153][T11759]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  583.722166][T11759]  alloc_skb_with_frags+0x93/0x590
[  583.727409][T11759]  ? is_bpf_text_address+0xac/0x160
[  583.732641][T11759]  sock_alloc_send_pskb+0x7ad/0x920
[  583.737902][T11759]  ? sock_wmalloc+0x120/0x120
[  583.742610][T11759]  ? __kasan_check_read+0x11/0x20
[  583.747758][T11759]  ? ip6_mtu+0x2e6/0x450
[  583.752013][T11759]  ? find_held_lock+0x35/0x130
[  583.757056][T11759]  sock_alloc_send_skb+0x32/0x40
[  583.762020][T11759]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  583.767762][T11759]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.772902][T11759]  ? ip6_setup_cork+0x1920/0x1920
[  583.778045][T11759]  ? ip6_flush_pending_frames+0xd0/0xd0
[  583.783619][T11759]  ? __kasan_check_read+0x11/0x20
[  583.788899][T11759]  ip6_make_skb+0x32f/0x570
[  583.793693][T11759]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.798738][T11759]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.803785][T11759]  ? ip6_push_pending_frames+0xf0/0xf0
[  583.809279][T11759]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  583.814845][T11759]  ? ip6_forward_finish+0x570/0x570
[  583.820083][T11759]  ? rcu_read_lock_held+0x9c/0xb0
[  583.825159][T11759]  udpv6_sendmsg+0x22a1/0x2b30
[  583.829952][T11759]  ? __kasan_check_write+0x14/0x20
[  583.835087][T11759]  ? ip_reply_glue_bits+0xc0/0xc0
[  583.840149][T11759]  ? udp_v6_get_port+0x6b0/0x6b0
[  583.845193][T11759]  ? __kasan_check_read+0x11/0x20
[  583.850498][T11759]  ? mark_lock+0xc2/0x1220
[  583.854939][T11759]  ? __kasan_check_read+0x11/0x20
[  583.859983][T11759]  ? mark_lock+0xc2/0x1220
[  583.864419][T11759]  ? __kasan_check_read+0x11/0x20
[  583.869470][T11759]  ? ___might_sleep+0x163/0x2c0
[  583.874351][T11759]  ? debug_lockdep_rcu_enabled+0x71/0xa0
19:59:46 executing program 2:
r0 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f00000002c0))
r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BLKROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f00000000c0))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r1, r2, 0x0, 0x8, &(0x7f0000000000)='GPLeth0\x00'}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080), 0xc)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.opaque\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x2)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
fcntl$setstatus(r2, 0x4, 0x40000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x779c7c060c487abd, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000107ff8)={0x0, 0x10040000}, 0x8)
openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0xe040, 0x0)
connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYBLOB="02f9cc000000794d9c68329d6965330acaa8f3"], 0x2de)

19:59:46 executing program 4:
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nvme-fabrics\x00', 0x84000, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffbfff, r0, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
r2 = getpid()
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000180))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, r1, 0x0, 0xb, &(0x7f0000000040)='lo{keyring\x00', <r4=>0xffffffffffffffff}, 0x30)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000240)={0x0, 0x4d, 0xded, <r5=>0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x0, 0x200, [], @p_u8=&(0x7f00000001c0)}})
setsockopt$SO_J1939_PROMISC(r5, 0x6b, 0x2, &(0x7f0000000280)=0x1, 0x4)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r2, 0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000000)='\xf6]nodev\x00', r4}, 0x30)
unshare(0x4000400)

[  583.880009][T11759]  ? aa_sk_perm+0x346/0xb00
[  583.884552][T11759]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  583.890740][T11759]  inet6_sendmsg+0x9e/0xe0
[  583.895176][T11759]  ? inet6_sendmsg+0x9e/0xe0
[  583.899800][T11759]  ? inet6_ioctl+0x1c0/0x1c0
[  583.904520][T11759]  sock_sendmsg+0xd7/0x130
[  583.908972][T11759]  ____sys_sendmsg+0x358/0x880
[  583.913785][T11759]  ? kernel_sendmsg+0x50/0x50
[  583.918491][T11759]  ? __fget+0x35d/0x550
[  583.922703][T11759]  ? find_held_lock+0x35/0x130
[  583.927503][T11759]  ___sys_sendmsg+0x100/0x170
[  583.932236][T11759]  ? sendmsg_copy_msghdr+0x70/0x70
[  583.937369][T11759]  ? __kasan_check_read+0x11/0x20
[  583.942433][T11759]  ? __fget+0x37f/0x550
[  583.946629][T11759]  ? do_dup2+0x4f0/0x4f0
[  583.950920][T11759]  ? find_held_lock+0x35/0x130
[  583.955712][T11759]  ? get_pid_task+0x11d/0x210
[  583.960412][T11759]  ? __fget_light+0x1a9/0x230
[  583.965111][T11759]  ? __fdget+0x1b/0x20
[  583.969205][T11759]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  583.975476][T11759]  ? sockfd_lookup_light+0xcb/0x180
[  583.980720][T11759]  __sys_sendmmsg+0x1bf/0x4d0
[  583.985431][T11759]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  583.990526][T11759]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  583.996792][T11759]  ? fput_many+0x12c/0x1a0
[  584.001243][T11759]  ? fput+0x1b/0x20
[  584.005090][T11759]  ? ksys_write+0x1cf/0x290
[  584.009624][T11759]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  584.015107][T11759]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  584.020599][T11759]  ? do_syscall_64+0x26/0x790
[  584.025328][T11759]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  584.031510][T11759]  ? do_syscall_64+0x26/0x790
[  584.036239][T11759]  __x64_sys_sendmmsg+0x9d/0x100
[  584.041214][T11759]  do_syscall_64+0xfa/0x790
[  584.045785][T11759]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  584.051697][T11759] RIP: 0033:0x45a919
[  584.055618][T11759] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  584.075588][T11759] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  584.084711][T11759] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  584.092703][T11759] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  584.100746][T11759] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  584.108747][T11759] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  584.116742][T11759] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  585.568629][    C0] net_ratelimit: 14 callbacks suppressed
[  585.568635][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  585.580096][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  585.978652][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  585.984503][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  586.128636][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  586.134477][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  586.528747][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  586.534956][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  586.768677][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  586.774527][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  590.688742][    C0] net_ratelimit: 16 callbacks suppressed
[  590.694472][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  590.700295][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  590.928669][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  590.934666][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  591.808628][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  591.814550][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  592.208607][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  592.214459][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  592.368640][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  592.374453][    C0] protocol 88fb is buggy, dev hsr_slave_1
19:59:56 executing program 5:
setsockopt$RXRPC_UPGRADEABLE_SERVICE(0xffffffffffffffff, 0x110, 0x5, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r1 = request_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)=',]%/\x00', 0xffffffffffffffff)
keyctl$get_persistent(0x16, 0xee01, r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
ioctl$UI_SET_SNDBIT(r2, 0x4004556a, 0x3)
close(r0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r3, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000200)=ANY=[@ANYBLOB="123b9c6f06d12674fe0c81b214d217aa5263914efcfe5bb872e69b86a02aab110afda8862a983a48087f164fc57760cff13f392271e52c8bda18c4e1276cfe14a1eed9a11ee34695dbeb1e76daaa545bc6aa53699007fb24b0037a77eaf1ee07b16aa54a13f7fe6880ee1f51d99f3e20a5fd5f6836ddf4f87f373a1a0ec126172aa64bf25cfa17f7b6728c1ca78d66263a825b0893b4388c3f20d1692cfae098c2d44e9fb8dcc548b0e04a8bd6ed7c59fe4a", @ANYRES32=<r4=>0x0], &(0x7f0000000180)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, r4}, &(0x7f00000001c0)=0x10)

19:59:56 executing program 4:
getpid()
timer_create(0x0, &(0x7f0000000100), 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
keyctl$revoke(0x15, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)=<r0=>0x0)
r1 = perf_event_open(0x0, r0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xa)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000880)={@remote, 0x800, 0x0, 0x3}, 0x20)
r3 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x8447, 0x0)
preadv(r3, &(0x7f0000000800)=[{&(0x7f0000000000)=""/31, 0x1f}, {&(0x7f00000000c0)=""/66, 0x42}, {0x0}, {&(0x7f0000000580)=""/155, 0x9b}], 0x4, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/udplite\x00')
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
openat$cgroup_type(r4, &(0x7f0000000480)='cgroup.type\x00', 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000080))
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x19681}, 0x0, 0x0, r5, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x9, &(0x7f000059aff8), &(0x7f000034f000)=0x2059b000)
ioctl$EXT4_IOC_GROUP_EXTEND(r1, 0x40086607, &(0x7f0000000240)=0x1)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000300)={0x0, 0x5}, &(0x7f0000000340)=0x8)
request_key(&(0x7f00000003c0)='pkcs7_test\x00', &(0x7f0000000400)={'syz', 0x0}, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
add_key(&(0x7f0000000040)='big_key\x00', &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)

19:59:56 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000280)={r4}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000280)={<r5=>r4, @in6={{0xa, 0x4e22, 0x4, @loopback, 0x4}}, [0x2, 0x8000, 0x800, 0x106, 0x20, 0x0, 0x9, 0x418, 0x2, 0x9d, 0x9, 0x1, 0x400, 0x240, 0xfffffffffffffffb]}, &(0x7f0000000100)=0x100)
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000140)={r5, 0x80, 0x4e, 0x3}, &(0x7f0000000380)=0x10)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000180)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x2, 0x26}, 0xd8)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r6, 0x80605414, &(0x7f0000000000))
sendto$inet6(r0, &(0x7f0000f6f000), 0xffffffae, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)

19:59:56 executing program 3 (fault-call:2 fault-nth:2):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

19:59:56 executing program 2:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=./file0'])
chdir(&(0x7f00000002c0)='./bus\x00')
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0)
setxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='security.capability\x00', 0x0, 0x0, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000540)=ANY=[], 0x133)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000000c0)=0x4, 0x4)

19:59:56 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  594.493075][T11804] FAULT_INJECTION: forcing a failure.
[  594.493075][T11804] name failslab, interval 1, probability 0, space 0, times 0
[  594.554367][T11804] CPU: 1 PID: 11804 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  594.564303][T11804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  594.574371][T11804] Call Trace:
[  594.577680][T11804]  dump_stack+0x197/0x210
[  594.582042][T11804]  should_fail.cold+0xa/0x10
[  594.586683][T11804]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  594.592521][T11804]  ? setup_fault_attr+0x220/0x220
[  594.597569][T11804]  ? find_held_lock+0x35/0x130
[  594.602421][T11804]  ? __nf_conntrack_find_get+0xa6e/0x13b0
[  594.608270][T11804]  __should_failslab+0x121/0x190
[  594.613321][T11804]  should_failslab+0x9/0x14
[  594.617840][T11804]  kmem_cache_alloc+0x47/0x710
[  594.622653][T11804]  ? __nf_conntrack_find_get+0xb2e/0x13b0
[  594.628392][T11804]  ? __kasan_check_read+0x11/0x20
[  594.633439][T11804]  __nf_conntrack_alloc+0xdb/0x6c0
[  594.638586][T11804]  init_conntrack.isra.0+0xe3c/0x11a0
[  594.643993][T11804]  ? nf_conntrack_alloc+0x50/0x50
[  594.649105][T11804]  ? ip6t_do_table+0xdd5/0x1cc0
19:59:56 executing program 0:
syz_mount_image$jfs(&(0x7f0000000340)='jfs\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)={[{@umask={'umask'}}]})
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r0, 0x4, 0xffffffffffffffff, 0x8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
rt_tgsigqueueinfo(r0, r1, 0x12, &(0x7f0000000080)={0xb, 0x7ff, 0x8001})

[  594.653979][T11804]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  594.660247][T11804]  nf_conntrack_in+0xd94/0x1460
[  594.665131][T11804]  ? nf_conntrack_update+0x960/0x960
[  594.670545][T11804]  ? ip6t_error+0x40/0x40
[  594.674908][T11804]  ipv6_conntrack_local+0x1e/0x30
[  594.680048][T11804]  nf_hook_slow+0xbc/0x1e0
[  594.684546][T11804]  __ip6_local_out+0x45e/0x8e0
[  594.689333][T11804]  ? dst_output+0x170/0x170
[  594.693864][T11804]  ? ip6_dst_hoplimit+0x3e0/0x3e0
[  594.698899][T11804]  ? ip6_make_skb+0x370/0x570
[  594.703729][T11804]  ? ip_reply_glue_bits+0xc0/0xc0
[  594.708778][T11804]  ip6_local_out+0x2d/0x1b0
[  594.713423][T11804]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  594.719706][T11804]  ip6_send_skb+0xbb/0x350
[  594.724150][T11804]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  594.729631][T11804]  ? ip6_forward_finish+0x570/0x570
[  594.734879][T11804]  udpv6_sendmsg+0x22f3/0x2b30
[  594.739657][T11804]  ? __kasan_check_write+0x14/0x20
[  594.744783][T11804]  ? ip_reply_glue_bits+0xc0/0xc0
[  594.749839][T11804]  ? udp_v6_get_port+0x6b0/0x6b0
[  594.754794][T11804]  ? __kasan_check_read+0x11/0x20
[  594.759835][T11804]  ? mark_lock+0xc2/0x1220
[  594.764277][T11804]  ? __kasan_check_read+0x11/0x20
[  594.769315][T11804]  ? mark_lock+0xc2/0x1220
[  594.773746][T11804]  ? __kasan_check_read+0x11/0x20
[  594.778798][T11804]  ? ___might_sleep+0x163/0x2c0
[  594.783937][T11804]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  594.789598][T11804]  ? aa_sk_perm+0x346/0xb00
[  594.794143][T11804]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  594.799718][T11804]  inet6_sendmsg+0x9e/0xe0
[  594.804154][T11804]  ? inet6_sendmsg+0x9e/0xe0
[  594.808760][T11804]  ? inet6_ioctl+0x1c0/0x1c0
[  594.813362][T11804]  sock_sendmsg+0xd7/0x130
[  594.817804][T11804]  ____sys_sendmsg+0x358/0x880
[  594.822683][T11804]  ? kernel_sendmsg+0x50/0x50
[  594.827375][T11804]  ? __fget+0x35d/0x550
[  594.831544][T11804]  ? find_held_lock+0x35/0x130
[  594.836334][T11804]  ___sys_sendmsg+0x100/0x170
[  594.841024][T11804]  ? sendmsg_copy_msghdr+0x70/0x70
[  594.846153][T11804]  ? __kasan_check_read+0x11/0x20
[  594.851286][T11804]  ? __fget+0x37f/0x550
19:59:56 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'hsr0\x00'})
perf_event_open(0x0, 0x0, 0x3, 0xffffffffffffffff, 0x15)
io_setup(0xc, 0x0)
r1 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
close(r1)
io_submit(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
clock_gettime(0x0, &(0x7f0000000040))
clock_settime(0x0, &(0x7f00000000c0))
socket$inet_sctp(0x2, 0x5, 0x84)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mISDNtimer\x00', 0x800000, 0x0)
openat$apparmor_thread_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffd, 0x0, 0x1, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'hsr0\x00L\x00H\x00\x00\x00\x00\x00\x00\xff\x00', 0x1})

[  594.855451][T11804]  ? do_dup2+0x4f0/0x4f0
[  594.859701][T11804]  ? find_held_lock+0x35/0x130
[  594.864474][T11804]  ? get_pid_task+0x11d/0x210
[  594.869203][T11804]  ? __fget_light+0x1a9/0x230
[  594.874053][T11804]  ? __fdget+0x1b/0x20
[  594.878146][T11804]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  594.884528][T11804]  ? sockfd_lookup_light+0xcb/0x180
[  594.889947][T11804]  __sys_sendmmsg+0x1bf/0x4d0
[  594.894645][T11804]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  594.899701][T11804]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  594.906210][T11804]  ? fput_many+0x12c/0x1a0
[  594.910639][T11804]  ? fput+0x1b/0x20
[  594.914448][T11804]  ? ksys_write+0x1cf/0x290
[  594.918976][T11804]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  594.924450][T11804]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  594.929908][T11804]  ? do_syscall_64+0x26/0x790
[  594.934601][T11804]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  594.940840][T11804]  ? do_syscall_64+0x26/0x790
[  594.945518][T11804]  __x64_sys_sendmmsg+0x9d/0x100
[  594.950461][T11804]  do_syscall_64+0xfa/0x790
[  594.954964][T11804]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  594.960850][T11804] RIP: 0033:0x45a919
[  594.964825][T11804] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  594.984415][T11804] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  594.992829][T11804] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
19:59:57 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

19:59:57 executing program 3 (fault-call:2 fault-nth:3):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  595.000799][T11804] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  595.008785][T11804] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  595.016759][T11804] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  595.024720][T11804] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
19:59:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f0000000000)={0x8})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="700100002400070700"/20, @ANYRES32=r3, @ANYBLOB="00000000ffffffff00000000280008001c000100000000000000000000000000000000000000000002000000080002000000020008000100726564001c0102222e3111b92351d8647d0004010200b205a34f0459cc3d9abacd6f2ef927b5f75780560a59a8480dae55818041c02dea4837aea275565e8471389f5a076eaa787f8246aef232f41fb4fd095e664069035a011afb428d7e0945ca9aed0d7dd34c4799dc17338322cbd9196ca88f2fbcbba734486e4d3c392ec5c40433021f07004ddf02645062bacedcbcd61e4be8eea0e577dae0a23161a078fedf38760e055341db2eca0ca565e8c92336422a57f6adad6ed581b28d81ae8559557cccb155e93c542353f1681423161cb1e44cc5b75a30515c051d3a8f0d2bcb9e9ebfa6290dd5fd8cd5150410922c3f86a3738addcee1d9e807ad349ef51c99eb16018bf7a6cd83dca6ff4af8a94fab0a1d86fded7a3835a987bd9f53499e0a9115ff45ce9d94aa0000000000000000140001000700c0ff4d75a815290f820b1210af2a1203b40d473c49152d3bc559cabe2304c5e40c52daecb6bc7900d4950ca875a660d2b24489726feaed17422b16c377d8b070642adbcc9934a38e9b9df8867a124e25dc7673d3e1aab08b9b28a6c545be134721c68fe0c8df2cc1c3378da9b2d4a22aa3213697cfe1ae9cbf62fe3c6eb27ad13befb2"], 0x170}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)

[  595.203256][T11824] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  595.225646][T11824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  595.226576][T11833] FAULT_INJECTION: forcing a failure.
[  595.226576][T11833] name failslab, interval 1, probability 0, space 0, times 0
[  595.250231][T11833] CPU: 0 PID: 11833 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  595.260147][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  595.270225][T11833] Call Trace:
[  595.273534][T11833]  dump_stack+0x197/0x210
[  595.277993][T11833]  should_fail.cold+0xa/0x10
[  595.283102][T11833]  ? setup_fault_attr+0x220/0x220
[  595.288177][T11833]  ? nf_ct_ext_add+0x26b/0x630
[  595.293067][T11833]  __should_failslab+0x121/0x190
[  595.298044][T11833]  should_failslab+0x9/0x14
[  595.302577][T11833]  __kmalloc_track_caller+0x6d/0x760
[  595.308150][T11833]  ? lock_downgrade+0x920/0x920
[  595.313111][T11833]  ? rcu_read_lock_held+0x9c/0xb0
[  595.318178][T11833]  ? nf_ct_ext_add+0x2c7/0x630
[  595.323144][T11833]  krealloc+0x66/0xd0
[  595.327186][T11833]  nf_ct_ext_add+0x2c7/0x630
[  595.331898][T11833]  init_conntrack.isra.0+0x439/0x11a0
[  595.337462][T11833]  ? nf_conntrack_alloc+0x50/0x50
[  595.342605][T11833]  ? ip6t_do_table+0xdd5/0x1cc0
[  595.347471][T11833]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  595.353750][T11833]  nf_conntrack_in+0xd94/0x1460
[  595.358667][T11833]  ? nf_conntrack_update+0x960/0x960
[  595.363955][T11833]  ? ip6t_error+0x40/0x40
[  595.368283][T11833]  ipv6_conntrack_local+0x1e/0x30
[  595.373314][T11833]  nf_hook_slow+0xbc/0x1e0
[  595.377740][T11833]  __ip6_local_out+0x45e/0x8e0
[  595.382594][T11833]  ? dst_output+0x170/0x170
[  595.387101][T11833]  ? ip6_dst_hoplimit+0x3e0/0x3e0
[  595.392113][T11833]  ? ip6_make_skb+0x370/0x570
[  595.396955][T11833]  ? ip_reply_glue_bits+0xc0/0xc0
[  595.402136][T11833]  ip6_local_out+0x2d/0x1b0
[  595.406661][T11833]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  595.413155][T11833]  ip6_send_skb+0xbb/0x350
[  595.417564][T11833]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  595.423185][T11833]  ? ip6_forward_finish+0x570/0x570
[  595.428640][T11833]  udpv6_sendmsg+0x22f3/0x2b30
[  595.433394][T11833]  ? __kasan_check_write+0x14/0x20
[  595.438495][T11833]  ? ip_reply_glue_bits+0xc0/0xc0
[  595.443517][T11833]  ? udp_v6_get_port+0x6b0/0x6b0
[  595.448465][T11833]  ? __kasan_check_read+0x11/0x20
[  595.453487][T11833]  ? mark_lock+0xc2/0x1220
[  595.458006][T11833]  ? __kasan_check_read+0x11/0x20
[  595.463239][T11833]  ? mark_lock+0xc2/0x1220
[  595.467660][T11833]  ? __kasan_check_read+0x11/0x20
[  595.472869][T11833]  ? ___might_sleep+0x163/0x2c0
[  595.477734][T11833]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  595.483371][T11833]  ? aa_sk_perm+0x346/0xb00
[  595.487873][T11833]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  595.493433][T11833]  inet6_sendmsg+0x9e/0xe0
[  595.497940][T11833]  ? inet6_sendmsg+0x9e/0xe0
[  595.502816][T11833]  ? inet6_ioctl+0x1c0/0x1c0
[  595.507512][T11833]  sock_sendmsg+0xd7/0x130
[  595.512113][T11833]  ____sys_sendmsg+0x358/0x880
[  595.517060][T11833]  ? kernel_sendmsg+0x50/0x50
[  595.521964][T11833]  ? __fget+0x35d/0x550
[  595.526864][T11833]  ? find_held_lock+0x35/0x130
[  595.533551][T11833]  ___sys_sendmsg+0x100/0x170
[  595.539074][T11833]  ? sendmsg_copy_msghdr+0x70/0x70
[  595.544184][T11833]  ? __kasan_check_read+0x11/0x20
[  595.549292][T11833]  ? __fget+0x37f/0x550
[  595.553456][T11833]  ? do_dup2+0x4f0/0x4f0
[  595.557696][T11833]  ? find_held_lock+0x35/0x130
[  595.562585][T11833]  ? get_pid_task+0x11d/0x210
[  595.567638][T11833]  ? __fget_light+0x1a9/0x230
[  595.572460][T11833]  ? __fdget+0x1b/0x20
[  595.576526][T11833]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  595.582771][T11833]  ? sockfd_lookup_light+0xcb/0x180
[  595.588240][T11833]  __sys_sendmmsg+0x1bf/0x4d0
[  595.592911][T11833]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  595.599995][T11833]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  595.606372][T11833]  ? fput_many+0x12c/0x1a0
[  595.611531][T11833]  ? fput+0x1b/0x20
[  595.615428][T11833]  ? ksys_write+0x1cf/0x290
[  595.620025][T11833]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  595.625495][T11833]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  595.631076][T11833]  ? do_syscall_64+0x26/0x790
[  595.635860][T11833]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  595.641951][T11833]  ? do_syscall_64+0x26/0x790
[  595.647005][T11833]  __x64_sys_sendmmsg+0x9d/0x100
[  595.652486][T11833]  do_syscall_64+0xfa/0x790
[  595.657004][T11833]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  595.662895][T11833] RIP: 0033:0x45a919
[  595.666778][T11833] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  595.686640][T11833] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  595.695282][T11833] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  595.703485][T11833] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  595.711562][T11833] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  595.719530][T11833] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  595.727512][T11833] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
19:59:57 executing program 3 (fault-call:2 fault-nth:4):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  595.968659][    C0] net_ratelimit: 14 callbacks suppressed
[  595.968667][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  595.980846][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  596.059189][T11850] FAULT_INJECTION: forcing a failure.
[  596.059189][T11850] name failslab, interval 1, probability 0, space 0, times 0
[  596.182551][T11850] CPU: 1 PID: 11850 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  596.192643][T11850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  596.202884][T11850] Call Trace:
[  596.206307][T11850]  dump_stack+0x197/0x210
[  596.210668][T11850]  should_fail.cold+0xa/0x10
[  596.215281][T11850]  ? setup_fault_attr+0x220/0x220
[  596.220338][T11850]  ? nf_ct_ext_add+0x26b/0x630
[  596.225159][T11850]  __should_failslab+0x121/0x190
[  596.230166][T11850]  should_failslab+0x9/0x14
[  596.235227][T11850]  __kmalloc_track_caller+0x6d/0x760
[  596.240558][T11850]  ? lock_downgrade+0x920/0x920
[  596.245441][T11850]  ? rcu_read_lock_held+0x9c/0xb0
[  596.251086][T11850]  ? nf_ct_ext_add+0x2c7/0x630
[  596.256054][T11850]  krealloc+0x66/0xd0
[  596.260069][T11850]  nf_ct_ext_add+0x2c7/0x630
[  596.264811][T11850]  init_conntrack.isra.0+0x439/0x11a0
[  596.270243][T11850]  ? nf_conntrack_alloc+0x50/0x50
[  596.275645][T11850]  ? ip6t_do_table+0xdd5/0x1cc0
[  596.280529][T11850]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  596.287026][T11850]  nf_conntrack_in+0xd94/0x1460
[  596.291924][T11850]  ? nf_conntrack_update+0x960/0x960
[  596.297333][T11850]  ? ip6t_error+0x40/0x40
[  596.301721][T11850]  ipv6_conntrack_local+0x1e/0x30
[  596.306962][T11850]  nf_hook_slow+0xbc/0x1e0
[  596.311405][T11850]  __ip6_local_out+0x45e/0x8e0
[  596.316189][T11850]  ? dst_output+0x170/0x170
[  596.321100][T11850]  ? ip6_dst_hoplimit+0x3e0/0x3e0
[  596.326134][T11850]  ? ip6_make_skb+0x370/0x570
[  596.331187][T11850]  ? ip_reply_glue_bits+0xc0/0xc0
[  596.336293][T11850]  ip6_local_out+0x2d/0x1b0
[  596.340808][T11850]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  596.347111][T11850]  ip6_send_skb+0xbb/0x350
[  596.351545][T11850]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  596.357136][T11850]  ? ip6_forward_finish+0x570/0x570
[  596.362552][T11850]  udpv6_sendmsg+0x22f3/0x2b30
[  596.367628][T11850]  ? __kasan_check_write+0x14/0x20
[  596.368632][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  596.372823][T11850]  ? ip_reply_glue_bits+0xc0/0xc0
[  596.372850][T11850]  ? udp_v6_get_port+0x6b0/0x6b0
[  596.372870][T11850]  ? __kasan_check_read+0x11/0x20
[  596.378910][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  596.383837][T11850]  ? mark_lock+0xc2/0x1220
[  596.404556][T11850]  ? __kasan_check_read+0x11/0x20
[  596.409608][T11850]  ? mark_lock+0xc2/0x1220
[  596.414038][T11850]  ? __kasan_check_read+0x11/0x20
[  596.419078][T11850]  ? ___might_sleep+0x163/0x2c0
[  596.423952][T11850]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  596.429792][T11850]  ? aa_sk_perm+0x346/0xb00
[  596.434417][T11850]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  596.440156][T11850]  inet6_sendmsg+0x9e/0xe0
[  596.444627][T11850]  ? inet6_sendmsg+0x9e/0xe0
[  596.449319][T11850]  ? inet6_ioctl+0x1c0/0x1c0
[  596.454272][T11850]  sock_sendmsg+0xd7/0x130
[  596.458718][T11850]  ____sys_sendmsg+0x358/0x880
[  596.463945][T11850]  ? kernel_sendmsg+0x50/0x50
[  596.468698][T11850]  ? __fget+0x35d/0x550
[  596.472871][T11850]  ? find_held_lock+0x35/0x130
[  596.477648][T11850]  ___sys_sendmsg+0x100/0x170
[  596.482528][T11850]  ? sendmsg_copy_msghdr+0x70/0x70
[  596.488083][T11850]  ? __kasan_check_read+0x11/0x20
[  596.493134][T11850]  ? __fget+0x37f/0x550
[  596.497878][T11850]  ? do_dup2+0x4f0/0x4f0
[  596.502888][T11850]  ? find_held_lock+0x35/0x130
[  596.507946][T11850]  ? get_pid_task+0x11d/0x210
[  596.512852][T11850]  ? __fget_light+0x1a9/0x230
[  596.517537][T11850]  ? __fdget+0x1b/0x20
[  596.522676][T11850]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  596.528664][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  596.528946][T11850]  ? sockfd_lookup_light+0xcb/0x180
[  596.535027][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  596.540351][T11850]  __sys_sendmmsg+0x1bf/0x4d0
[  596.540373][T11850]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  596.540407][T11850]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  596.540429][T11850]  ? fput_many+0x12c/0x1a0
[  596.566752][T11850]  ? fput+0x1b/0x20
[  596.570771][T11850]  ? ksys_write+0x1cf/0x290
[  596.575295][T11850]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  596.580843][T11850]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  596.586531][T11850]  ? do_syscall_64+0x26/0x790
[  596.591269][T11850]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  596.597426][T11850]  ? do_syscall_64+0x26/0x790
[  596.602124][T11850]  __x64_sys_sendmmsg+0x9d/0x100
[  596.607058][T11850]  do_syscall_64+0xfa/0x790
[  596.611677][T11850]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  596.617605][T11850] RIP: 0033:0x45a919
[  596.621504][T11850] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  596.641212][T11850] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  596.649923][T11850] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  596.657990][T11850] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  596.666200][T11850] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  596.674203][T11850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  596.682199][T11850] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  596.938751][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  596.944774][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  597.168642][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  597.174485][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  601.088675][    C0] net_ratelimit: 16 callbacks suppressed
[  601.088684][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  601.100441][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  601.328628][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  601.334864][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  602.208656][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  602.208717][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  602.608632][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  602.614490][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  602.768654][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  602.774619][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:06 executing program 5:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0x5, 0x1, 0x1}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r1, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r1, &(0x7f0000000340), &(0x7f0000000440)=""/4096}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000280)={r1, 0x0, 0x0}, 0x20)

20:00:06 executing program 0:
r0 = perf_event_open(&(0x7f00000003c0)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x45}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f00000000c0)={0x2f, 0x7, 0x15, 0x1, 0x0, 0x0, 0x3, 0x72})
r2 = socket(0x10, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, r0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_tcp_int(r2, 0x6, 0xa, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$sock_bt_hidp_HIDPCONNDEL(r4, 0x400448c9, &(0x7f0000000080)={{0x7, 0x20, 0x0, 0xa1, 0x39, 0x27}, 0x6})
clone(0x10062101, 0x0, 0x0, 0x0, 0x0)

20:00:06 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x240, 0x0)
ioctl$NBD_CLEAR_QUE(0xffffffffffffffff, 0xab05)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3660, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0xffffffffffffff7c, &(0x7f00000bfff0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b8feff0019000100000006005b000000ff01080000ffffffffffffffe2000001e0006bf000000000000000000000000000000000000000000a00002e0000000085d6a3f7", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000fbbccf810000000000000000fd85d16e79bad40ac3794899000000000000000000000000000000d94bfeadbfce0d4ed6f71b242b42000000ea0000000000000000000000000000000000000500000000000000000000000000000000000000e6010000000100000000002000"], 0xb8}}, 0x0)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:06 executing program 4:
openat$proc_capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000040), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x40)
writev(r1, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r1, 0x227d, &(0x7f0000000780))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
close(0xffffffffffffffff)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = dup3(r2, r3, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080))
syz_open_dev$mouse(&(0x7f0000000280)='/#\x00', 0xdff, 0x80000)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000080))
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r8, 0x40086602, &(0x7f0000000080))
ioctl$RTC_ALM_READ(r8, 0x80247008, &(0x7f0000000300))
pipe(&(0x7f0000000540)={<r9=>0xffffffffffffffff})
dup(r2)
close(r9)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r10, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f00000003c0)=ANY=[@ANYBLOB="060000000000000004000000c322a1b2000000000000000000000000060000000400000000080000000000000000000000000000000000001c000000000000000400000000000000040000000000000005000000000100000b0000000000010001800000000100000010000003000000000000000000000003800000090000000800000006000000000000000000000000000000000000000500000002000000000000000000000008000000010000000000000000000000000000000000000000000000000000000100000002000000000000000000000007000000ff0f00000000000000000000000000000000000000000000000000000600000004000000000000000000000007000000001000000800ac1633560000faffffff00"/300])
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x203, 0x0)
dup2(r5, r4)
socket$inet6(0xa, 0x3, 0x6)
syz_open_procfs(0x0, &(0x7f0000000600)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7')

20:00:06 executing program 3 (fault-call:2 fault-nth:5):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:06 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:00:06 executing program 0:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000001c0)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000e00000004000000a00200007001000070010000700100009800000098000000080200000802000008020000080200000802000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000000000000000000000000000000000280052454a4543540000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000addeb124cc7db95d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b000d80000000000000000000000000000000000000000004000636f6e6e6c696d69740000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000280052454a4543540000000000000000000000000000000000000000000000000000000000000000ffffffffe000000100000000000000006c6170623000000000000000000000007465616d30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000700098000000000000000000000000000000000000000000280052454a4543540000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1)
bind$inet6(r0, &(0x7f0000f67fe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)={@broadcast, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, @udp={0x0, 0x4e20, 0x8}}}}}, 0x0)

[  604.012253][T11869] FAULT_INJECTION: forcing a failure.
[  604.012253][T11869] name failslab, interval 1, probability 0, space 0, times 0
[  604.025449][T11869] CPU: 1 PID: 11869 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  604.039794][T11869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  604.049865][T11869] Call Trace:
[  604.053182][T11869]  dump_stack+0x197/0x210
[  604.057537][T11869]  should_fail.cold+0xa/0x10
[  604.066439][T11869]  ? is_bpf_text_address+0xac/0x160
[  604.071682][T11869]  ? setup_fault_attr+0x220/0x220
[  604.076746][T11869]  __should_failslab+0x121/0x190
[  604.081712][T11869]  should_failslab+0x9/0x14
[  604.086580][T11869]  kmem_cache_alloc+0x47/0x710
[  604.091372][T11869]  ? lock_acquire+0x190/0x410
[  604.096142][T11869]  ? net_tx_action+0xd30/0xd30
[  604.104417][T11869]  skb_clone+0x154/0x3d0
[  604.109630][T11869]  dev_queue_xmit_nit+0x3a1/0xaa0
[  604.115204][T11869]  dev_hard_start_xmit+0xbb/0x9b0
[  604.121446][T11869]  ? validate_xmit_skb_list+0xfc/0x150
[  604.127132][T11869]  sch_direct_xmit+0x372/0xd30
[  604.132019][T11869]  ? dev_watchdog+0xca0/0xca0
[  604.136721][T11869]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  604.142379][T11869]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  604.148383][T11869]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  604.154874][T11869]  ? sfb_dequeue+0x421/0x4d0
[  604.159513][T11869]  __qdisc_run+0x4bf/0x1770
[  604.164068][T11869]  __dev_queue_xmit+0x1650/0x35c0
[  604.169126][T11869]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  604.174433][T11869]  ? mark_held_locks+0xf0/0xf0
[  604.179217][T11869]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  604.185477][T11869]  ? debug_smp_processor_id+0x33/0x18a
[  604.190956][T11869]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  604.197143][T11869]  ? rcu_read_lock_held_common+0xbd/0x130
[  604.202887][T11869]  dev_queue_xmit+0x18/0x20
[  604.207437][T11869]  ? dev_queue_xmit+0x18/0x20
20:00:06 executing program 2:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0)

[  604.212130][T11869]  neigh_direct_output+0x16/0x20
[  604.217090][T11869]  ip6_finish_output2+0x109a/0x25c0
[  604.222314][T11869]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  604.227885][T11869]  ? lock_downgrade+0x920/0x920
[  604.232780][T11869]  ? netif_rx_ni+0x670/0x670
[  604.237384][T11869]  ? __kasan_check_read+0x11/0x20
[  604.242436][T11869]  __ip6_finish_output+0x444/0xaa0
[  604.248610][T11869]  ? __ip6_finish_output+0x444/0xaa0
[  604.253929][T11869]  ip6_finish_output+0x38/0x1f0
[  604.258800][T11869]  ip6_output+0x25e/0x880
[  604.263153][T11869]  ? ip6_finish_output+0x1f0/0x1f0
[  604.268282][T11869]  ? __ip6_finish_output+0xaa0/0xaa0
[  604.273574][T11869]  ? ip6_make_skb+0x370/0x570
[  604.278254][T11869]  ? ip_reply_glue_bits+0xc0/0xc0
[  604.283284][T11869]  ip6_local_out+0xbb/0x1b0
[  604.287795][T11869]  ip6_send_skb+0xbb/0x350
[  604.292275][T11869]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  604.298266][T11869]  ? ip6_forward_finish+0x570/0x570
[  604.303480][T11869]  udpv6_sendmsg+0x22f3/0x2b30
[  604.308248][T11869]  ? __kasan_check_write+0x14/0x20
[  604.313360][T11869]  ? ip_reply_glue_bits+0xc0/0xc0
[  604.318391][T11869]  ? udp_v6_get_port+0x6b0/0x6b0
[  604.323316][T11869]  ? __kasan_check_read+0x11/0x20
[  604.328333][T11869]  ? mark_lock+0xc2/0x1220
[  604.332742][T11869]  ? __kasan_check_read+0x11/0x20
[  604.337758][T11869]  ? mark_lock+0xc2/0x1220
[  604.342160][T11869]  ? __kasan_check_read+0x11/0x20
[  604.347177][T11869]  ? ___might_sleep+0x163/0x2c0
[  604.352031][T11869]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  604.357651][T11869]  ? aa_sk_perm+0x346/0xb00
[  604.362152][T11869]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  604.367698][T11869]  inet6_sendmsg+0x9e/0xe0
[  604.372102][T11869]  ? inet6_sendmsg+0x9e/0xe0
[  604.376681][T11869]  ? inet6_ioctl+0x1c0/0x1c0
[  604.381276][T11869]  sock_sendmsg+0xd7/0x130
[  604.385716][T11869]  ____sys_sendmsg+0x358/0x880
[  604.390492][T11869]  ? kernel_sendmsg+0x50/0x50
[  604.395190][T11869]  ? __fget+0x35d/0x550
[  604.399346][T11869]  ? find_held_lock+0x35/0x130
[  604.404113][T11869]  ___sys_sendmsg+0x100/0x170
[  604.408781][T11869]  ? sendmsg_copy_msghdr+0x70/0x70
[  604.413890][T11869]  ? __kasan_check_read+0x11/0x20
[  604.418902][T11869]  ? __fget+0x37f/0x550
[  604.423067][T11869]  ? do_dup2+0x4f0/0x4f0
[  604.427296][T11869]  ? find_held_lock+0x35/0x130
[  604.432134][T11869]  ? get_pid_task+0x11d/0x210
[  604.436813][T11869]  ? __fget_light+0x1a9/0x230
[  604.441487][T11869]  ? __fdget+0x1b/0x20
[  604.445653][T11869]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  604.451895][T11869]  ? sockfd_lookup_light+0xcb/0x180
[  604.457089][T11869]  __sys_sendmmsg+0x1bf/0x4d0
[  604.461852][T11869]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  604.466892][T11869]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  604.473137][T11869]  ? fput_many+0x12c/0x1a0
[  604.477548][T11869]  ? fput+0x1b/0x20
[  604.481344][T11869]  ? ksys_write+0x1cf/0x290
[  604.485843][T11869]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  604.491292][T11869]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  604.496751][T11869]  ? do_syscall_64+0x26/0x790
[  604.501432][T11869]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  604.507492][T11869]  ? do_syscall_64+0x26/0x790
[  604.512169][T11869]  __x64_sys_sendmmsg+0x9d/0x100
[  604.517122][T11869]  do_syscall_64+0xfa/0x790
[  604.521627][T11869]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  604.527513][T11869] RIP: 0033:0x45a919
[  604.531395][T11869] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  604.550998][T11869] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  604.559406][T11869] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
20:00:06 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  604.567368][T11869] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  604.575332][T11869] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  604.583290][T11869] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  604.591246][T11869] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  604.707123][T11886] x_tables: duplicate underflow at hook 2
[  604.741864][T11892] x_tables: duplicate underflow at hook 2
20:00:06 executing program 3 (fault-call:2 fault-nth:6):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:06 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r2 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0)=r1, 0x161)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
r3 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000000))
socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="00243c9a51fed3dd251b90b5d2ba502bc1565200d9f900000000000000001fd402a17b42904afff000000000000000000000000000daaec783de4c3c820c8f0f74375eb25002043f2f33d8965abebae6cb8934d7337452ec2f0cfe0e001f5dc1da16b0de3a839f65b5d5eae09ceb4117f200000000003500000000000000000000000000000060823c8363be66d12bf265b2d9e1847df17a8ab5f5e60c412f30bdfd4de2ec99d9d302c7a2f3fc78ca52d4f4e32229d5b0d4b37920b0de22af5dd63d99892188f9cc0c7dc8b3d7c05582d493d1439598c29223b9e6a3485ac5b9b73cbeb267d9a01af1600fe156c15f1cbc24589be2683e56fe83dfc67ab2da21d6d099c66d6c066f69d5d02168a088319f9751adaa4fd2845c4a2ddbe1a443dc6acb"], &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
perf_event_open(&(0x7f0000000980)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x800004}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
getpid()
mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000002c0)='//z0\xff', 0x1c0)

20:00:06 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x22, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000633277fbac141416e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000}, 0x28)

[  604.968890][T11901] FAULT_INJECTION: forcing a failure.
[  604.968890][T11901] name failslab, interval 1, probability 0, space 0, times 0
[  605.008873][T11901] CPU: 1 PID: 11901 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  605.020121][T11901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  605.030195][T11901] Call Trace:
[  605.033494][T11901]  dump_stack+0x197/0x210
[  605.037831][T11901]  should_fail.cold+0xa/0x10
[  605.042554][T11901]  ? setup_fault_attr+0x220/0x220
[  605.047597][T11901]  ? ___might_sleep+0x163/0x2c0
[  605.052490][T11901]  __should_failslab+0x121/0x190
[  605.057466][T11901]  should_failslab+0x9/0x14
[  605.061974][T11901]  kmem_cache_alloc_node+0x268/0x740
[  605.067256][T11901]  ? __dev_queue_xmit+0x173f/0x35c0
[  605.072543][T11901]  ? trace_hardirqs_on+0x67/0x240
[  605.077586][T11901]  ? __dev_queue_xmit+0x173f/0x35c0
[  605.082816][T11901]  __alloc_skb+0xd5/0x5e0
[  605.087167][T11901]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  605.092851][T11901]  alloc_skb_with_frags+0x93/0x590
[  605.097985][T11901]  ? find_held_lock+0x35/0x130
[  605.102774][T11901]  sock_alloc_send_pskb+0x7ad/0x920
[  605.108010][T11901]  ? sock_wmalloc+0x120/0x120
[  605.112756][T11901]  ? __local_bh_enable_ip+0x15a/0x270
[  605.118144][T11901]  ? ip6_finish_output2+0x1106/0x25c0
[  605.123516][T11901]  ? ip6_mtu+0x2e6/0x450
[  605.127779][T11901]  ? find_held_lock+0x35/0x130
[  605.132580][T11901]  sock_alloc_send_skb+0x32/0x40
[  605.137519][T11901]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  605.143244][T11901]  ? ip_reply_glue_bits+0xc0/0xc0
[  605.148278][T11901]  ? ip6_setup_cork+0x1920/0x1920
[  605.153295][T11901]  ? ip6_flush_pending_frames+0xd0/0xd0
[  605.161700][T11901]  ? __kasan_check_read+0x11/0x20
[  605.166719][T11901]  ip6_make_skb+0x32f/0x570
[  605.171210][T11901]  ? ip_reply_glue_bits+0xc0/0xc0
[  605.176235][T11901]  ? ip_reply_glue_bits+0xc0/0xc0
[  605.181256][T11901]  ? ip6_push_pending_frames+0xf0/0xf0
[  605.186866][T11901]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  605.192437][T11901]  ? ip6_forward_finish+0x570/0x570
[  605.197640][T11901]  ? rcu_read_lock_held+0x9c/0xb0
[  605.202663][T11901]  udpv6_sendmsg+0x22a1/0x2b30
[  605.207428][T11901]  ? __kasan_check_write+0x14/0x20
[  605.212538][T11901]  ? ip_reply_glue_bits+0xc0/0xc0
[  605.217554][T11901]  ? udp_v6_get_port+0x6b0/0x6b0
[  605.222519][T11901]  ? __kasan_check_read+0x11/0x20
[  605.227540][T11901]  ? mark_lock+0xc2/0x1220
[  605.231958][T11901]  ? __kasan_check_read+0x11/0x20
[  605.236976][T11901]  ? mark_lock+0xc2/0x1220
[  605.241489][T11901]  ? __kasan_check_read+0x11/0x20
[  605.246592][T11901]  ? ___might_sleep+0x163/0x2c0
[  605.251476][T11901]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  605.257194][T11901]  ? aa_sk_perm+0x346/0xb00
[  605.261720][T11901]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  605.267270][T11901]  inet6_sendmsg+0x9e/0xe0
[  605.271675][T11901]  ? inet6_sendmsg+0x9e/0xe0
[  605.276256][T11901]  ? inet6_ioctl+0x1c0/0x1c0
[  605.280893][T11901]  sock_sendmsg+0xd7/0x130
[  605.285296][T11901]  ____sys_sendmsg+0x358/0x880
[  605.290048][T11901]  ? kernel_sendmsg+0x50/0x50
[  605.294712][T11901]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  605.300243][T11901]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  605.306529][T11901]  ? find_held_lock+0x35/0x130
[  605.311304][T11901]  ___sys_sendmsg+0x100/0x170
[  605.316063][T11901]  ? sendmsg_copy_msghdr+0x70/0x70
[  605.321281][T11901]  ? __kasan_check_read+0x11/0x20
[  605.326401][T11901]  ? __might_fault+0x12b/0x1e0
[  605.331249][T11901]  ? find_held_lock+0x35/0x130
[  605.336001][T11901]  ? __might_fault+0x12b/0x1e0
[  605.340753][T11901]  ? do_dup2+0x4f0/0x4f0
[  605.344988][T11901]  ? lock_downgrade+0x920/0x920
[  605.349842][T11901]  ? ___might_sleep+0x163/0x2c0
[  605.354683][T11901]  __sys_sendmmsg+0x1bf/0x4d0
[  605.359361][T11901]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  605.364391][T11901]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  605.370900][T11901]  ? fput_many+0x12c/0x1a0
[  605.375312][T11901]  ? fput+0x1b/0x20
[  605.379458][T11901]  ? ksys_write+0x1cf/0x290
[  605.383966][T11901]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  605.389429][T11901]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  605.395204][T11901]  ? do_syscall_64+0x26/0x790
[  605.400150][T11901]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  605.406767][T11901]  ? do_syscall_64+0x26/0x790
[  605.411986][T11901]  __x64_sys_sendmmsg+0x9d/0x100
[  605.416937][T11901]  do_syscall_64+0xfa/0x790
[  605.421728][T11901]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  605.427638][T11901] RIP: 0033:0x45a919
[  605.431528][T11901] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  605.451301][T11901] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  605.460387][T11901] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  605.468888][T11901] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  605.477017][T11901] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  605.485359][T11901] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  605.493352][T11901] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  606.688815][    C0] net_ratelimit: 14 callbacks suppressed
[  606.688825][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  606.700331][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  606.768655][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  606.774473][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  606.928660][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  606.934502][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  607.578686][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  607.584527][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  607.590566][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  607.596310][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  611.738633][    C0] net_ratelimit: 16 callbacks suppressed
[  611.738639][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  611.751106][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  611.757110][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  611.762929][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  612.928805][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  612.934651][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  613.008624][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  613.014556][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  613.168630][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  613.174939][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:16 executing program 3 (fault-call:2 fault-nth:7):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:16 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x2010060, &(0x7f00000001c0)=ANY=[@ANYBLOB="636f6d6d69743d3078303030303019303030303030303030302c00"])
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:00:16 executing program 2:
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="39000000140081ae00002c000500018701546fabca1b4e7db89c40ebb37358582bdbb7d553b4e921556b3d5df500"/57, 0x39}], 0x1}, 0x0)

20:00:16 executing program 0:
sysinfo(&(0x7f0000000000)=""/22)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
r0 = socket$inet(0x10, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000100)={&(0x7f0000ff2000/0xc000)=nil, 0x800, 0x1, 0x1b09814380623961, &(0x7f0000ffc000/0x3000)=nil, 0x466e})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r3 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video0\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r3, 0xc0305602, &(0x7f0000000200)={0x0, 0x4, 0x100a})
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
ioctl$TIOCSLCKTRMIOS(r2, 0x5457, &(0x7f00000000c0))
r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x155000, 0x0)
write$P9_RXATTRCREATE(r4, &(0x7f0000000140)={0x7, 0x21, 0x1}, 0x7)
sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
ioctl$sock_ifreq(r0, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00\x14\xea:\x01\x00=\x00', @ifru_flags})

20:00:16 executing program 5:
r0 = syz_open_dev$mouse(&(0x7f0000000500)='/dev/input/mouse#\x00', 0x0, 0x80000)
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000002a40)={&(0x7f0000002940)={0x10, 0x0, 0x0, 0x379c0f036ac8e7bc}, 0xc, &(0x7f0000002a00)={&(0x7f0000002980)={0x60, 0x0, 0x20, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xd}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x80000001}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1ff}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xb673e40d511f4971}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x401}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7fff}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x5cbaecce2c75b182, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fcntl$setstatus(r2, 0x4, 0x6000)
io_setup(0x1ff, &(0x7f00000004c0)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}])
r4 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
r5 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$P9_RREMOVE(r5, &(0x7f0000000180)={0xfffffffffffffe58, 0x7b, 0x1}, 0x56a)
r6 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x200000, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, 0x0, 0x0)
fdatasync(r5)
getsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000040), &(0x7f0000000100)=0x4)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000200)={0x0, r5})
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f00000001c0)={@local, @rand_addr, <r8=>0x0}, &(0x7f0000000240)=0xc)
setsockopt$inet6_mreq(r7, 0x29, 0x14, &(0x7f0000000280)={@remote, r8}, 0x14)

20:00:16 executing program 4:
setreuid(0x0, 0xee00)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000200)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x9, @loopback, 0x100}, @in6={0xa, 0x4e21, 0x7, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x400}}}, 0x118)
r1 = geteuid()
setreuid(0x0, 0x0)
mknod(&(0x7f00000005c0)='./bus\x00', 0x8, 0x0)
lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='security.capability\x00', &(0x7f0000000140)=@v2={0x2000000, [{}, {0x2}]}, 0x14, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setreuid(r1, r1)
execve(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0)

20:00:16 executing program 4:
r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xfff, 0x400080)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x0, 0x0)
ioctl$EVIOCSABS0(r3, 0x401845c0, &(0x7f0000000340)={0x5, 0x0, 0x2, 0x6, 0x0, 0xfe})
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5000000010000507000000001000000000000000", @ANYRES32=r4, @ANYBLOB="00000000000000001400030062617408002000f10b0000141012000c007df0626f6e6400000000040002009394983b0807fcddc74de90f96af94d3c3d28f5ebc8754eee28b3eabe900"/85], 0x50}}, 0x0)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000280))
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r4, 0x1, 0x6, @local}, 0x10)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r2, 0x8983, &(0x7f0000000000)={0x8, 'team_slave_0\x00', {'batadv0\x00'}, 0x100})
perf_event_open(&(0x7f0000000a00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd9ce, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/igmp\x00')
preadv(r5, &(0x7f0000000480), 0x100000000000022c, 0x6c00000000000000)

[  614.164593][T11924] FAULT_INJECTION: forcing a failure.
[  614.164593][T11924] name failslab, interval 1, probability 0, space 0, times 0
20:00:16 executing program 2:
syz_open_procfs(0x0, &(0x7f0000000080)='stat\x00')
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f00000017c0), 0x3da, 0x0)
get_thread_area(&(0x7f0000000000)={0x1, 0x20000000, 0x3400, 0x0, 0x1, 0x0, 0x0, 0x1})
bpf$MAP_CREATE(0x0, 0x0, 0x0)

[  614.339493][T11924] CPU: 1 PID: 11924 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  614.350209][T11924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  614.350216][T11924] Call Trace:
[  614.350239][T11924]  dump_stack+0x197/0x210
[  614.350264][T11924]  should_fail.cold+0xa/0x10
[  614.350285][T11924]  ? setup_fault_attr+0x220/0x220
[  614.350306][T11924]  ? ___might_sleep+0x163/0x2c0
[  614.350329][T11924]  __should_failslab+0x121/0x190
[  614.350346][T11924]  should_failslab+0x9/0x14
[  614.350367][T11924]  kmem_cache_alloc_node_trace+0x274/0x750
[  614.393153][T11924]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  614.393172][T11924]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  614.393196][T11924]  __kmalloc_node_track_caller+0x3d/0x70
[  614.393218][T11924]  __kmalloc_reserve.isra.0+0x40/0xf0
[  614.393241][T11924]  __alloc_skb+0x10b/0x5e0
[  614.393259][T11924]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  614.393283][T11924]  alloc_skb_with_frags+0x93/0x590
20:00:16 executing program 0:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @local, @multicast2}, 0xc)
r2 = syz_open_procfs(r0, &(0x7f0000000140)='net/mcfilter\x00')
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00')
preadv(r3, &(0x7f0000001300)=[{&(0x7f0000000180)=""/68, 0x44}], 0x1, 0x0)
preadv(r2, &(0x7f0000000480), 0x10000000000002a1, 0x10400003)

[  614.437844][T11924]  ? find_held_lock+0x35/0x130
[  614.442643][T11924]  sock_alloc_send_pskb+0x7ad/0x920
[  614.447895][T11924]  ? sock_wmalloc+0x120/0x120
[  614.452680][T11924]  ? __local_bh_enable_ip+0x15a/0x270
[  614.458078][T11924]  ? ip6_finish_output2+0x1106/0x25c0
[  614.463554][T11924]  ? ip6_mtu+0x2e6/0x450
[  614.467815][T11924]  ? find_held_lock+0x35/0x130
[  614.472603][T11924]  sock_alloc_send_skb+0x32/0x40
[  614.477565][T11924]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  614.483405][T11924]  ? ip_reply_glue_bits+0xc0/0xc0
[  614.484996][T11944] Unknown ioctl 1075332544
[  614.488454][T11924]  ? ip6_setup_cork+0x1920/0x1920
[  614.488475][T11924]  ? ip6_flush_pending_frames+0xd0/0xd0
[  614.488489][T11924]  ? __kasan_check_read+0x11/0x20
[  614.488510][T11924]  ip6_make_skb+0x32f/0x570
[  614.503672][T11924]  ? ip_reply_glue_bits+0xc0/0xc0
[  614.518316][T11924]  ? ip_reply_glue_bits+0xc0/0xc0
[  614.518337][T11924]  ? ip6_push_pending_frames+0xf0/0xf0
[  614.518358][T11924]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  614.534508][T11924]  ? ip6_forward_finish+0x570/0x570
[  614.539738][T11924]  ? rcu_read_lock_held+0x9c/0xb0
[  614.544796][T11924]  udpv6_sendmsg+0x22a1/0x2b30
[  614.549587][T11924]  ? __kasan_check_write+0x14/0x20
[  614.554809][T11924]  ? ip_reply_glue_bits+0xc0/0xc0
[  614.559874][T11924]  ? udp_v6_get_port+0x6b0/0x6b0
[  614.564835][T11924]  ? __kasan_check_read+0x11/0x20
[  614.569966][T11924]  ? mark_lock+0xc2/0x1220
[  614.574407][T11924]  ? __kasan_check_read+0x11/0x20
[  614.579454][T11924]  ? mark_lock+0xc2/0x1220
[  614.583901][T11924]  ? __kasan_check_read+0x11/0x20
[  614.588955][T11924]  ? ___might_sleep+0x163/0x2c0
[  614.593834][T11924]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  614.599628][T11924]  ? aa_sk_perm+0x346/0xb00
[  614.604167][T11924]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  614.609752][T11924]  inet6_sendmsg+0x9e/0xe0
[  614.614203][T11924]  ? inet6_sendmsg+0x9e/0xe0
[  614.618823][T11924]  ? inet6_ioctl+0x1c0/0x1c0
[  614.623439][T11924]  sock_sendmsg+0xd7/0x130
[  614.627885][T11924]  ____sys_sendmsg+0x358/0x880
[  614.632671][T11924]  ? kernel_sendmsg+0x50/0x50
[  614.637371][T11924]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  614.642946][T11924]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  614.648945][T11924]  ? find_held_lock+0x35/0x130
[  614.653739][T11924]  ___sys_sendmsg+0x100/0x170
[  614.658555][T11924]  ? sendmsg_copy_msghdr+0x70/0x70
[  614.664419][T11924]  ? __kasan_check_read+0x11/0x20
[  614.669491][T11924]  ? __might_fault+0x12b/0x1e0
[  614.674300][T11924]  ? find_held_lock+0x35/0x130
[  614.679085][T11924]  ? __might_fault+0x12b/0x1e0
[  614.683888][T11924]  ? do_dup2+0x4f0/0x4f0
[  614.688154][T11924]  ? lock_downgrade+0x920/0x920
[  614.693052][T11924]  ? ___might_sleep+0x163/0x2c0
[  614.697932][T11924]  __sys_sendmmsg+0x1bf/0x4d0
[  614.702640][T11924]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  614.707699][T11924]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  614.713990][T11924]  ? fput_many+0x12c/0x1a0
[  614.718417][T11924]  ? fput+0x1b/0x20
[  614.722244][T11924]  ? ksys_write+0x1cf/0x290
[  614.726779][T11924]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  614.732269][T11924]  ? trace_hardirqs_on_thunk+0x1a/0x1c
20:00:16 executing program 0:
r0 = open(&(0x7f0000000200)='./file0\x00', 0x40c2, 0x0)
syz_mount_image$minix(&(0x7f0000000040)='minix\x00', &(0x7f0000000380)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f00000003c0)="640084e002000a0400000000000000c98f4fe842fb8b1fafddf2e59578782f8a106b53bf466093d563ae3aa161c153280db0f2c02cdd9f65d7082fbe739257f3abefabbc6ac3d0f736a657079e899e3ef78f13bd46c912f5491d9918e52c35c285961aa995fcee09ebad46643598ebbf57d6d4c960f49d9271afd6080e16dfbc02359704d7a4627ce54d1b0773de24ad836f36", 0x93, 0x400}], 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x386)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000280)={r3}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={r3, 0x8, 0x20}, &(0x7f0000000080)=0xc)
umount2(&(0x7f0000000180)='./file0\x00', 0x0)

[  614.737757][T11924]  ? do_syscall_64+0x26/0x790
[  614.742459][T11924]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  614.748549][T11924]  ? do_syscall_64+0x26/0x790
[  614.753255][T11924]  __x64_sys_sendmmsg+0x9d/0x100
[  614.758224][T11924]  do_syscall_64+0xfa/0x790
[  614.762753][T11924]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  614.768658][T11924] RIP: 0033:0x45a919
[  614.772574][T11924] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  614.792187][T11924] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  614.792203][T11924] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  614.792210][T11924] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  614.792218][T11924] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  614.792227][T11924] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  614.792236][T11924] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:00:16 executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, &(0x7f00000003c0)='y\x00', 0x2, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x0)
getsockname(r0, &(0x7f0000000400)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x0)
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='proc\x00', 0x80000, &(0x7f0000000200)='vboxnet0\x00')
getsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000180), 0x0)
listen(r0, 0x5)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r3, 0x5761, &(0x7f0000000480)={0x7, 0x0, [{0x8, 0x0, 0x0, [0xf7, 0x5, 0x6, 0x9, 0x9, 0x7, 0xfff]}, {0xffffffff, 0x409, 0x1, [0x0, 0xb886, 0x1, 0x3ff, 0xdf, 0x1, 0x4, 0x8001]}, {0x6, 0x7ff, 0x1, [0x100, 0x8000, 0x10000, 0x4, 0x1ff, 0x6, 0x10, 0x1]}, {0x9, 0x0, 0x400, [0x18, 0x9, 0x5, 0x8, 0x5, 0x2, 0xfffff494]}, {0xfffffffc, 0x1, 0x4, [0x2, 0xa1305aab, 0x10000, 0x5, 0x200, 0x5, 0x3, 0x9]}, {0x3, 0x7, 0x5, [0x1, 0x0, 0x40, 0x7, 0x7, 0x3, 0xa24b, 0x4]}, {0xfffffeff, 0x76, 0x80000000, [0x101, 0x85, 0x42, 0x8, 0x100, 0x1000, 0x1, 0xa8a7]}]})
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, &(0x7f0000000100)=0xb9, 0x4)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r4, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
syz_open_procfs(0x0, &(0x7f0000000040)='\x00\x00\x00\x00H')
socket$inet6(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00')
bind$alg(r1, 0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)

20:00:16 executing program 3 (fault-call:2 fault-nth:8):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  614.798625][   T27] audit: type=1800 audit(1577390416.451:61): pid=11952 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=16582 res=0
20:00:17 executing program 2:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000100)={{0x0, 0x1, 0x5, 0xe4, 'syz1\x00', 0x1}, 0x0, 0x30, 0x7, r0, 0x0, 0x80, 'syz1\x00', &(0x7f0000000080), 0x0, [], [0x5, 0x9, 0x4, 0x4d6a]})

[  615.139554][T11970] FAULT_INJECTION: forcing a failure.
[  615.139554][T11970] name failslab, interval 1, probability 0, space 0, times 0
[  615.166062][T11970] CPU: 0 PID: 11970 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  615.176361][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  615.187415][T11970] Call Trace:
[  615.190735][T11970]  dump_stack+0x197/0x210
[  615.195126][T11970]  should_fail.cold+0xa/0x10
[  615.199828][T11970]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  615.205150][T11970]  ? setup_fault_attr+0x220/0x220
[  615.210286][T11970]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  615.215607][T11970]  __should_failslab+0x121/0x190
[  615.220601][T11970]  should_failslab+0x9/0x14
[  615.225138][T11970]  kmem_cache_alloc+0x47/0x710
[  615.230018][T11970]  ? __kasan_check_read+0x11/0x20
[  615.235077][T11970]  skb_clone+0x154/0x3d0
[  615.239368][T11970]  ip6_finish_output2+0x18be/0x25c0
[  615.244588][T11970]  ? ip6_mtu+0x2e6/0x450
[  615.248860][T11970]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  615.254447][T11970]  ? lock_downgrade+0x920/0x920
[  615.259328][T11970]  ? rcu_read_lock_held+0x9c/0xb0
[  615.264512][T11970]  ? __kasan_check_read+0x11/0x20
[  615.269919][T11970]  __ip6_finish_output+0x444/0xaa0
[  615.275072][T11970]  ? __ip6_finish_output+0x444/0xaa0
[  615.280466][T11970]  ip6_finish_output+0x38/0x1f0
[  615.285519][T11970]  ip6_output+0x25e/0x880
[  615.289869][T11970]  ? ip6_finish_output+0x1f0/0x1f0
[  615.295113][T11970]  ? __ip6_finish_output+0xaa0/0xaa0
[  615.300416][T11970]  ? ip6_make_skb+0x370/0x570
[  615.305138][T11970]  ? ip_reply_glue_bits+0xc0/0xc0
[  615.310305][T11970]  ip6_local_out+0xbb/0x1b0
[  615.314842][T11970]  ip6_send_skb+0xbb/0x350
[  615.319292][T11970]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  615.324770][T11970]  ? ip6_forward_finish+0x570/0x570
[  615.330077][T11970]  udpv6_sendmsg+0x22f3/0x2b30
[  615.334929][T11970]  ? __kasan_check_write+0x14/0x20
[  615.340294][T11970]  ? ip_reply_glue_bits+0xc0/0xc0
[  615.345324][T11970]  ? udp_v6_get_port+0x6b0/0x6b0
[  615.350251][T11970]  ? __kasan_check_read+0x11/0x20
[  615.355263][T11970]  ? mark_lock+0xc2/0x1220
[  615.359682][T11970]  ? __kasan_check_read+0x11/0x20
[  615.364698][T11970]  ? mark_lock+0xc2/0x1220
[  615.369102][T11970]  ? __kasan_check_read+0x11/0x20
[  615.374120][T11970]  ? ___might_sleep+0x163/0x2c0
[  615.378984][T11970]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  615.384705][T11970]  ? aa_sk_perm+0x346/0xb00
[  615.389299][T11970]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  615.394855][T11970]  inet6_sendmsg+0x9e/0xe0
[  615.399263][T11970]  ? inet6_sendmsg+0x9e/0xe0
[  615.403847][T11970]  ? inet6_ioctl+0x1c0/0x1c0
[  615.408475][T11970]  sock_sendmsg+0xd7/0x130
[  615.413030][T11970]  ____sys_sendmsg+0x358/0x880
[  615.418683][T11970]  ? kernel_sendmsg+0x50/0x50
[  615.423571][T11970]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  615.429112][T11970]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  615.435083][T11970]  ? find_held_lock+0x35/0x130
[  615.439936][T11970]  ___sys_sendmsg+0x100/0x170
[  615.444602][T11970]  ? sendmsg_copy_msghdr+0x70/0x70
[  615.449703][T11970]  ? __kasan_check_read+0x11/0x20
[  615.454715][T11970]  ? __might_fault+0x12b/0x1e0
[  615.459472][T11970]  ? find_held_lock+0x35/0x130
[  615.464228][T11970]  ? __might_fault+0x12b/0x1e0
[  615.469070][T11970]  ? do_dup2+0x4f0/0x4f0
[  615.473304][T11970]  ? lock_downgrade+0x920/0x920
[  615.478157][T11970]  ? ___might_sleep+0x163/0x2c0
[  615.482996][T11970]  __sys_sendmmsg+0x1bf/0x4d0
[  615.487676][T11970]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  615.492705][T11970]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  615.498934][T11970]  ? fput_many+0x12c/0x1a0
[  615.503336][T11970]  ? fput+0x1b/0x20
[  615.507133][T11970]  ? ksys_write+0x1cf/0x290
[  615.512264][T11970]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  615.517770][T11970]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  615.523225][T11970]  ? do_syscall_64+0x26/0x790
[  615.527892][T11970]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  615.533951][T11970]  ? do_syscall_64+0x26/0x790
[  615.538629][T11970]  __x64_sys_sendmmsg+0x9d/0x100
[  615.543563][T11970]  do_syscall_64+0xfa/0x790
[  615.548055][T11970]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  615.554120][T11970] RIP: 0033:0x45a919
[  615.558006][T11970] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  615.577595][T11970] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  615.586010][T11970] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  615.594055][T11970] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  615.602187][T11970] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  615.610336][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  615.618296][T11970] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:00:19 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:00:19 executing program 0:
r0 = socket(0x200000000000011, 0x4000000000080002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000540)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="beea392bb673b48341bcc061749e2602c373ada90e37d0effc181a59274d6c6bd9082e18"], 0x48}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r7, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYPTR=&(0x7f0000000580)=ANY=[@ANYRES32=r2, @ANYBLOB="0b1f39ffead38b0f6b5daf02e69c30689f84282425c95ff1878afdb1e2de364b46b437b4fc9a5aefa985281ef1d889fee6832af55078bfb4c72baf9f953e0cff46ced98d9ad2600b0a42ee41ea708e494efa71540dadae6f40749d3438c7a7c83f62e7ee5a183267f508451e8b644817094812182fbb66fc855133b67750721baae5c3061de9ccfd5f12ddd82a562cdf72f65253a2c2c5705daa5e0647315664be507b9588042009f851573dcaf006da6d2ad1b5198deece661417653afa93764615788e8c9ca2730a62d3cf4073d9a13967b4b244196187897bd5bfeb3d0b9db9fb8de28a4c0a2e84974d"], @ANYRES32=r4, @ANYPTR=&(0x7f0000000680)=ANY=[@ANYRESOCT, @ANYRES16=r1, @ANYRESDEC=r7, @ANYBLOB="0d36f6a66d4ead7b65e957404a344cc32f994aaf8b3bb59db9ad26733ff67cd9d84f2e5a37152c3ed9805a61ec", @ANYRESHEX=r8, @ANYRES64]], 0x3}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r4, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ipz\t\x00\x94\x00\xe6U\x00', <r9=>r4})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x800, r9, 0x1, 0x0, 0x6, @dev}, 0x14)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f00000000c0)={0x26, 0x2, 0x4, 0xa, 0x3, 0xcb70, 0x2, 0xec, 0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
llistxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)=""/68, 0x44)
r12 = fcntl$dupfd(r11, 0x0, r10)
ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200)
sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0)
getsockopt$packet_int(r12, 0x107, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4)

20:00:19 executing program 3 (fault-call:2 fault-nth:9):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  617.088708][    C0] net_ratelimit: 14 callbacks suppressed
[  617.088717][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  617.100329][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  617.178664][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  617.180635][T11984] FAULT_INJECTION: forcing a failure.
[  617.180635][T11984] name failslab, interval 1, probability 0, space 0, times 0
[  617.184556][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  617.197111][T11984] CPU: 1 PID: 11984 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  617.212710][T11984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  617.224699][T11984] Call Trace:
[  617.224723][T11984]  dump_stack+0x197/0x210
[  617.224744][T11984]  should_fail.cold+0xa/0x10
[  617.224760][T11984]  ? is_bpf_text_address+0xac/0x160
[  617.224777][T11984]  ? setup_fault_attr+0x220/0x220
[  617.224802][T11984]  __should_failslab+0x121/0x190
[  617.224825][T11984]  should_failslab+0x9/0x14
[  617.242381][T11984]  kmem_cache_alloc+0x47/0x710
[  617.242400][T11984]  ? lock_acquire+0x190/0x410
[  617.242418][T11984]  ? net_tx_action+0xd30/0xd30
[  617.242436][T11984]  skb_clone+0x154/0x3d0
[  617.242453][T11984]  dev_queue_xmit_nit+0x3a1/0xaa0
[  617.242478][T11984]  dev_hard_start_xmit+0xbb/0x9b0
[  617.257882][T11984]  ? validate_xmit_skb_list+0xfc/0x150
[  617.257906][T11984]  sch_direct_xmit+0x372/0xd30
[  617.257928][T11984]  ? dev_watchdog+0xca0/0xca0
[  617.272158][T11984]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  617.272175][T11984]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  617.272198][T11984]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  617.286473][T11984]  ? sfb_dequeue+0x421/0x4d0
[  617.286495][T11984]  __qdisc_run+0x4bf/0x1770
[  617.286525][T11984]  __dev_queue_xmit+0x1650/0x35c0
[  617.296827][T11984]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  617.296849][T11984]  ? mark_held_locks+0xf0/0xf0
[  617.296871][T11984]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  617.307052][T11984]  ? debug_smp_processor_id+0x33/0x18a
[  617.307074][T11984]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  617.307094][T11984]  ? rcu_read_lock_held_common+0xbd/0x130
[  617.319299][T11984]  dev_queue_xmit+0x18/0x20
[  617.319316][T11984]  ? dev_queue_xmit+0x18/0x20
[  617.319334][T11984]  neigh_direct_output+0x16/0x20
[  617.319350][T11984]  ip6_finish_output2+0x109a/0x25c0
[  617.319374][T11984]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  617.319388][T11984]  ? lock_downgrade+0x920/0x920
[  617.319411][T11984]  ? netif_rx_ni+0x670/0x670
[  617.328782][T11984]  ? __kasan_check_read+0x11/0x20
[  617.328807][T11984]  __ip6_finish_output+0x444/0xaa0
[  617.328822][T11984]  ? __ip6_finish_output+0x444/0xaa0
[  617.328842][T11984]  ip6_finish_output+0x38/0x1f0
[  617.328859][T11984]  ip6_output+0x25e/0x880
[  617.328877][T11984]  ? ip6_finish_output+0x1f0/0x1f0
[  617.328900][T11984]  ? __ip6_finish_output+0xaa0/0xaa0
[  617.339202][T11984]  ? ip6_make_skb+0x370/0x570
[  617.339221][T11984]  ? ip_reply_glue_bits+0xc0/0xc0
[  617.339243][T11984]  ip6_local_out+0xbb/0x1b0
[  617.339261][T11984]  ip6_send_skb+0xbb/0x350
[  617.339282][T11984]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  617.339300][T11984]  ? ip6_forward_finish+0x570/0x570
[  617.350496][T11984]  udpv6_sendmsg+0x22f3/0x2b30
[  617.350519][T11984]  ? __kasan_check_write+0x14/0x20
[  617.350537][T11984]  ? ip_reply_glue_bits+0xc0/0xc0
[  617.350560][T11984]  ? udp_v6_get_port+0x6b0/0x6b0
[  617.350579][T11984]  ? __kasan_check_read+0x11/0x20
[  617.362158][T11984]  ? mark_lock+0xc2/0x1220
[  617.362182][T11984]  ? __kasan_check_read+0x11/0x20
[  617.362196][T11984]  ? mark_lock+0xc2/0x1220
[  617.362211][T11984]  ? __kasan_check_read+0x11/0x20
[  617.362236][T11984]  ? ___might_sleep+0x163/0x2c0
[  617.515588][T11984]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  617.521237][T11984]  ? aa_sk_perm+0x346/0xb00
[  617.525738][T11984]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  617.531274][T11984]  inet6_sendmsg+0x9e/0xe0
[  617.535690][T11984]  ? inet6_sendmsg+0x9e/0xe0
[  617.540269][T11984]  ? inet6_ioctl+0x1c0/0x1c0
[  617.544843][T11984]  sock_sendmsg+0xd7/0x130
[  617.549253][T11984]  ____sys_sendmsg+0x358/0x880
[  617.554003][T11984]  ? kernel_sendmsg+0x50/0x50
[  617.558669][T11984]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  617.564201][T11984]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  617.570176][T11984]  ? find_held_lock+0x35/0x130
[  617.574942][T11984]  ___sys_sendmsg+0x100/0x170
[  617.579633][T11984]  ? sendmsg_copy_msghdr+0x70/0x70
[  617.584738][T11984]  ? __kasan_check_read+0x11/0x20
[  617.589764][T11984]  ? __might_fault+0x12b/0x1e0
[  617.594526][T11984]  ? find_held_lock+0x35/0x130
[  617.599281][T11984]  ? __might_fault+0x12b/0x1e0
[  617.604038][T11984]  ? do_dup2+0x4f0/0x4f0
[  617.608266][T11984]  ? lock_downgrade+0x920/0x920
[  617.613112][T11984]  ? ___might_sleep+0x163/0x2c0
[  617.617946][T11984]  __sys_sendmmsg+0x1bf/0x4d0
[  617.622622][T11984]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  617.627819][T11984]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  617.634077][T11984]  ? fput_many+0x12c/0x1a0
[  617.638511][T11984]  ? fput+0x1b/0x20
[  617.642319][T11984]  ? ksys_write+0x1cf/0x290
[  617.646842][T11984]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  617.652288][T11984]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  617.657819][T11984]  ? do_syscall_64+0x26/0x790
[  617.662954][T11984]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  617.669103][T11984]  ? do_syscall_64+0x26/0x790
[  617.673879][T11984]  __x64_sys_sendmmsg+0x9d/0x100
[  617.678807][T11984]  do_syscall_64+0xfa/0x790
[  617.683300][T11984]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  617.689190][T11984] RIP: 0033:0x45a919
[  617.693090][T11984] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  617.712697][T11984] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  617.721135][T11984] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  617.729113][T11984] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  617.737072][T11984] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  617.745042][T11984] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  617.753025][T11984] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  617.768819][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  617.774700][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  617.978692][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  617.984514][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  617.990424][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  617.996330][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  622.128637][    C0] net_ratelimit: 16 callbacks suppressed
[  622.128644][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  622.140188][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  622.146093][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  622.151959][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  623.328720][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  623.334800][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  623.408679][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  623.414478][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:25 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00')
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
sendmmsg$sock(r1, &(0x7f0000000e40)=[{{&(0x7f0000000640)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'wp512\x00'}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000740)}, {&(0x7f0000000780)="a505f433e20dc8cac80e6aaee80fc7e109029fe295b84a1f3918031af7cefd2db03e607df8628086c03baa964b8d782c56f79c8d87ed1d59d731bf837b9c73a3cc481e72498dbdcc82d3eec479fa", 0x4e}, {&(0x7f0000000800)="bc169dc499ca407d719ff6613a9f88f26fdde945d5b8dead163999cd5340c16836bcb27d11141c829cc3551a2f71235841f556a4d88c846e9571c3096bbf76c0f6e5a8a72b09864ee068911bd897439f18a785b1014860dbeeba6185d45dcb8222747c", 0x63}, {&(0x7f00000008c0)="fad935728d116a5343e9a23afd5cbd3bfb78cb335e3f00ea106c4c5cc979555f5f945c4d387e896fffdeefbd8ba92d2a70bed4ad5f08cd3cac5cf10673ce23bf86512ab7ecfdae7e8484b0066fdcab1298c1a59c27bda622be375f1cb98199da9085cfc8cabd5a12463f944d449ae9fa", 0x70}, {&(0x7f00000009c0)="e7e09f", 0x3}], 0x5, &(0x7f0000000b00)=[@txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x80000001}}, @timestamping={{0x14, 0x1, 0x25, 0xff}}, @timestamping={{0x14, 0x1, 0x25, 0x3f}}], 0x60}}, {{&(0x7f0000000b80)=@generic={0x4, "0bc4d63fc1c1198d358ccdf8e117d3f30656890668f15dd4b8c1a33c36768185f0014fce28808239b59ca134b1601473dd4ede4568df9e061470ac88923249732d124c885b1669488547b56e307c1f0677abc48e62af22cf19ad53891000da78a6ec16c5c29b1a3c2f99050b7f521ee20d0fab0693f80ad8aada5b3771ad"}, 0x80, &(0x7f0000000d40)=[{&(0x7f0000000c00)="d8e7fb1609be36b36a6c80e795f66e2adf7f243eee7ab4a745957f37dbb135564902b65497", 0x25}, {&(0x7f0000000c80)="541a996e15ef81a220cc40492d7e09c8def81696b45bbc31d807a706e94dab450acf4aedccad770574846a04d629d12d65eafe06225740ab2f403ed4127568d04d91446ad166a73456334f091c0bd5dd733f286ac5f437b23e2aca4c8cc4ed644f0c834c579b2bf3ee0f54d0f3aa1a4ec8653ec84f49c002eecf42691fa1a9efb71d5d473c84a8d382f0435513cc5edd13111a2cf3d66573a03e8089c62b9fb1d227f130430e63ae8f290e8eb6", 0xad}], 0x2, &(0x7f0000000d80)=[@mark={{0x14}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @txtime={{0x18}}, @mark={{0x14, 0x1, 0x24, 0x80d}}, @txtime={{0x18, 0x1, 0x3d, 0x8}}], 0x78}}], 0x2, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
gettid()
r3 = msgget(0x0, 0x964906915ff8a84)
msgsnd(r3, &(0x7f0000000440)={0x3, "d034d0ace9d4717dadfe79381772192b7e986519bbe79c1e990c865dfc9092b8743f4b872b2eaf5a11b4c51c33c364a819eb2dc1d6b0729f25c2be0e65f9444e74498ff5007b305c7996325e78e805c69f0cf71cf645f7be684c45354f55fe3b040ee3eaedfd5e4f880de2e6ae82cc71eed9e52f5f0c1e4578751bc9fee0b3a6fef8abb925d410539a47ceacda"}, 0x95, 0x0)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x8004e22}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0xa, &(0x7f0000000400)=0xfffffffffffffff7, 0x4)
dup(r2)
sendto$inet6(r2, 0x0, 0x0, 0x200408d4, &(0x7f0000000380)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c)
read(r2, &(0x7f0000000180)=""/139, 0x8b)
sendto$inet6(r2, &(0x7f00000000c0)='w', 0x1, 0x4000008081, 0x0, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000001400)={0x0, 0x0, 0x0}, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000540)='./file0\x00', 0x0, &(0x7f00000005c0)={'L+', 0x5}, 0x28, 0x3)
getdents(r0, &(0x7f00000000c0)=""/65, 0x311a52cb38ef9127)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000200)=<r4=>0x0)
capget(&(0x7f0000000240)={0x0, r4}, &(0x7f0000000280)={0x2, 0x7fffffff, 0x1, 0xa04, 0x0, 0x97a})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0xf0, 0x10, 0x713, 0x0, 0x0, {{@in6=@dev}, {@in6=@mcast2, 0x0, 0x32}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}}, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x1, 0x40)
r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/snapshot\x00', 0x80000, 0x0)
getsockopt$inet_dccp_buf(r6, 0x21, 0xcd, &(0x7f0000001440)=""/4096, &(0x7f0000000300)=0x1000)

20:00:25 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f0000000180))
ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e)
r2 = socket$kcm(0xa, 0x3, 0x73)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
recvfrom$ax25(0xffffffffffffffff, &(0x7f0000000000)=""/199, 0xc7, 0x80, &(0x7f0000000100)={{0x3, @null, 0x6}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast]}, 0x48)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f00000001c0)={r3})

20:00:25 executing program 2:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/de\xab\x00vsock\x00', 0x1, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000280)={r4}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000040)={r4, 0x5, 0x20}, 0xc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_G_EXT_CTRLS(r5, 0xc0205647, &(0x7f0000000200)={0xf020000, 0x7fffffff, 0x2263, <r7=>r6, 0x0, &(0x7f00000001c0)={0x30379, 0x3ff, [], @value=0x4}})
r8 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$netlink(r8, 0x10e, 0x6, &(0x7f0000000380)=""/13, &(0x7f0000000540)=0xd)
r9 = socket$pptp(0x18, 0x1, 0x2)
ioctl$VIDIOC_S_EDID(r5, 0xc0285629, &(0x7f0000000440)={0x0, 0x9, 0xfd2, [], &(0x7f0000000400)=0x1})
r10 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$sock_SIOCGIFCONF(r10, 0x8912, &(0x7f0000000340)=@buf={0x1b, &(0x7f0000000300)="430c9ccd9179e9c39df6fe7b1be6bd5e1a3e8295dc168b75578495"})
fsetxattr$trusted_overlay_redirect(r9, &(0x7f0000000240)='trusted.overlay.redirect\x00', &(0x7f00000003c0)='./file0\x00', 0x8, 0x1)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='\x03p\x04', 0x1104000, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap='cache=mmap'}, {@msize={'msize', 0x3d, 0x40}}, {@loose='loose'}], [{@obj_role={'obj_role', 0x3d, '[@wlan0\''}}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'msize'}}]}})
syz_open_procfs(0x0, 0xffffffffffffffff)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r11, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$VT_GETMODE(r11, 0x5601, &(0x7f0000000100))

20:00:25 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:00:25 executing program 3 (fault-call:2 fault-nth:10):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:25 executing program 0:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x0, 0x800, 0x0, 0x2, 0x0, 0x0, 0xfffe}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x1a)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492bd3aa3d41fd", 0x3e}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
dup(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)
socket$inet(0x2, 0x4, 0x3)
creat(0x0, 0x0)

[  623.526074][T12004] FAULT_INJECTION: forcing a failure.
[  623.526074][T12004] name failslab, interval 1, probability 0, space 0, times 0
[  623.550306][T12004] CPU: 0 PID: 12004 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  623.560336][T12004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  623.570803][T12004] Call Trace:
[  623.574142][T12004]  dump_stack+0x197/0x210
[  623.578492][T12004]  should_fail.cold+0xa/0x10
[  623.583100][T12004]  ? setup_fault_attr+0x220/0x220
[  623.583120][T12004]  ? ___might_sleep+0x163/0x2c0
[  623.583144][T12004]  __should_failslab+0x121/0x190
[  623.597955][T12004]  should_failslab+0x9/0x14
[  623.602486][T12004]  kmem_cache_alloc_node+0x268/0x740
[  623.607881][T12004]  ? __dev_queue_xmit+0x173f/0x35c0
[  623.613113][T12004]  ? trace_hardirqs_on+0x67/0x240
[  623.618162][T12004]  ? __dev_queue_xmit+0x173f/0x35c0
20:00:25 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
write$selinux_attr(r0, &(0x7f0000000040)='system_u:object_r:modem_device_t:s0\x00', 0x24)
r1 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0x0, &(0x7f0000000440)=ANY=[@ANYRES16=r0], &(0x7f0000000100)='GPL\x00', 0x400, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x3}, 0x10}, 0x78)
getsockopt$inet_dccp_int(r0, 0x21, 0x5, &(0x7f0000000140), &(0x7f0000000180)=0x4)

20:00:25 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newlink={0x38, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0xc, 0x2, [@gre_common_policy=[@IFLA_GRE_IGNORE_DF={0x8}]]}}}]}, 0x38}}, 0x0)
r3 = fcntl$getown(0xffffffffffffffff, 0x9)
r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$SNDRV_TIMER_IOCTL_INFO(r4, 0x80e85411, &(0x7f0000000180)=""/104)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x202, 0x4, @perf_bp={&(0x7f0000000200), 0x2}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r3, 0x4, 0xffffffffffffffff, 0x8)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x111000, 0x0)
ioctl$KDSETLED(r5, 0x4b32, 0xff)

[  623.623396][T12004]  __alloc_skb+0xd5/0x5e0
[  623.627771][T12004]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  623.633352][T12004]  alloc_skb_with_frags+0x93/0x590
[  623.638632][T12004]  ? find_held_lock+0x35/0x130
[  623.643440][T12004]  sock_alloc_send_pskb+0x7ad/0x920
[  623.648664][T12004]  ? sock_wmalloc+0x120/0x120
[  623.653348][T12004]  ? __local_bh_enable_ip+0x15a/0x270
[  623.658736][T12004]  ? ip6_finish_output2+0x1106/0x25c0
[  623.664239][T12004]  ? ip6_mtu+0x2e6/0x450
[  623.668532][T12004]  ? find_held_lock+0x35/0x130
[  623.673323][T12004]  sock_alloc_send_skb+0x32/0x40
[  623.678286][T12004]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  623.684032][T12004]  ? ip_reply_glue_bits+0xc0/0xc0
[  623.689069][T12004]  ? ip6_setup_cork+0x1920/0x1920
[  623.689086][T12004]  ? ip6_flush_pending_frames+0xd0/0xd0
[  623.689099][T12004]  ? __kasan_check_read+0x11/0x20
[  623.689116][T12004]  ip6_make_skb+0x32f/0x570
[  623.689134][T12004]  ? ip_reply_glue_bits+0xc0/0xc0
[  623.714535][T12004]  ? ip_reply_glue_bits+0xc0/0xc0
[  623.719617][T12004]  ? ip6_push_pending_frames+0xf0/0xf0
[  623.725281][T12004]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  623.730858][T12004]  ? ip6_forward_finish+0x570/0x570
[  623.736076][T12004]  ? rcu_read_lock_held+0x9c/0xb0
[  623.738563][T12016] netlink: 'syz-executor.4': attribute type 19 has an invalid length.
[  623.741125][T12004]  udpv6_sendmsg+0x22a1/0x2b30
[  623.741150][T12004]  ? __kasan_check_write+0x14/0x20
[  623.741173][T12004]  ? ip_reply_glue_bits+0xc0/0xc0
[  623.764367][T12004]  ? udp_v6_get_port+0x6b0/0x6b0
[  623.769359][T12004]  ? __kasan_check_read+0x11/0x20
[  623.774461][T12004]  ? mark_lock+0xc2/0x1220
[  623.778995][T12004]  ? __kasan_check_read+0x11/0x20
[  623.784029][T12004]  ? mark_lock+0xc2/0x1220
[  623.788463][T12004]  ? __kasan_check_read+0x11/0x20
[  623.793500][T12004]  ? ___might_sleep+0x163/0x2c0
[  623.798464][T12004]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  623.804105][T12004]  ? aa_sk_perm+0x346/0xb00
[  623.808746][T12004]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  623.814327][T12004]  inet6_sendmsg+0x9e/0xe0
[  623.818767][T12004]  ? inet6_sendmsg+0x9e/0xe0
[  623.823383][T12004]  ? inet6_ioctl+0x1c0/0x1c0
[  623.827998][T12004]  sock_sendmsg+0xd7/0x130
[  623.832441][T12004]  ____sys_sendmsg+0x358/0x880
[  623.837218][T12004]  ? kernel_sendmsg+0x50/0x50
[  623.841896][T12004]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  623.847437][T12004]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  623.853416][T12004]  ? find_held_lock+0x35/0x130
[  623.858178][T12004]  ___sys_sendmsg+0x100/0x170
[  623.862855][T12004]  ? sendmsg_copy_msghdr+0x70/0x70
[  623.867991][T12004]  ? __kasan_check_read+0x11/0x20
[  623.873028][T12004]  ? __might_fault+0x12b/0x1e0
[  623.877780][T12004]  ? find_held_lock+0x35/0x130
[  623.882632][T12004]  ? __might_fault+0x12b/0x1e0
[  623.887408][T12004]  ? do_dup2+0x4f0/0x4f0
[  623.891643][T12004]  ? lock_downgrade+0x920/0x920
[  623.896631][T12004]  ? ___might_sleep+0x163/0x2c0
[  623.901497][T12004]  __sys_sendmmsg+0x1bf/0x4d0
[  623.906167][T12004]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  623.911209][T12004]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  623.917447][T12004]  ? fput_many+0x12c/0x1a0
[  623.921852][T12004]  ? fput+0x1b/0x20
[  623.925647][T12004]  ? ksys_write+0x1cf/0x290
[  623.930240][T12004]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  623.935684][T12004]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  623.941148][T12004]  ? do_syscall_64+0x26/0x790
[  623.945818][T12004]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  623.951871][T12004]  ? do_syscall_64+0x26/0x790
[  623.956538][T12004]  __x64_sys_sendmmsg+0x9d/0x100
[  623.961488][T12004]  do_syscall_64+0xfa/0x790
[  623.965981][T12004]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  623.971872][T12004] RIP: 0033:0x45a919
[  623.975751][T12004] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  623.995350][T12004] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  624.003764][T12004] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  624.011728][T12004] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  624.019717][T12004] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
20:00:26 executing program 3 (fault-call:2 fault-nth:11):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  624.027771][T12004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  624.035948][T12004] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  624.044317][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  624.050196][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  624.117805][T12026] FAULT_INJECTION: forcing a failure.
[  624.117805][T12026] name failslab, interval 1, probability 0, space 0, times 0
[  624.139327][T12026] CPU: 0 PID: 12026 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  624.149241][T12026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  624.159291][T12026] Call Trace:
[  624.162581][T12026]  dump_stack+0x197/0x210
[  624.166929][T12026]  should_fail.cold+0xa/0x10
[  624.171546][T12026]  ? setup_fault_attr+0x220/0x220
[  624.176835][T12026]  ? ___might_sleep+0x163/0x2c0
[  624.181692][T12026]  __should_failslab+0x121/0x190
[  624.186625][T12026]  should_failslab+0x9/0x14
[  624.191124][T12026]  kmem_cache_alloc_node_trace+0x274/0x750
[  624.197023][T12026]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  624.203186][T12026]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  624.209101][T12026]  __kmalloc_node_track_caller+0x3d/0x70
[  624.214768][T12026]  __kmalloc_reserve.isra.0+0x40/0xf0
[  624.220227][T12026]  __alloc_skb+0x10b/0x5e0
[  624.224749][T12026]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  624.230320][T12026]  alloc_skb_with_frags+0x93/0x590
[  624.235871][T12026]  ? find_held_lock+0x35/0x130
[  624.240704][T12026]  sock_alloc_send_pskb+0x7ad/0x920
[  624.245974][T12026]  ? sock_wmalloc+0x120/0x120
[  624.250756][T12026]  ? __local_bh_enable_ip+0x15a/0x270
[  624.256138][T12026]  ? ip6_finish_output2+0x1106/0x25c0
[  624.261592][T12026]  ? ip6_mtu+0x2e6/0x450
[  624.265832][T12026]  ? find_held_lock+0x35/0x130
[  624.270673][T12026]  sock_alloc_send_skb+0x32/0x40
[  624.275628][T12026]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  624.281465][T12026]  ? ip_reply_glue_bits+0xc0/0xc0
[  624.286503][T12026]  ? ip6_setup_cork+0x1920/0x1920
[  624.291711][T12026]  ? ip6_flush_pending_frames+0xd0/0xd0
[  624.297244][T12026]  ? __kasan_check_read+0x11/0x20
[  624.302285][T12026]  ip6_make_skb+0x32f/0x570
[  624.307113][T12026]  ? ip_reply_glue_bits+0xc0/0xc0
[  624.312315][T12026]  ? ip_reply_glue_bits+0xc0/0xc0
[  624.317358][T12026]  ? ip6_push_pending_frames+0xf0/0xf0
[  624.322910][T12026]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  624.328464][T12026]  ? ip6_forward_finish+0x570/0x570
[  624.333669][T12026]  ? rcu_read_lock_held+0x9c/0xb0
[  624.338704][T12026]  udpv6_sendmsg+0x22a1/0x2b30
[  624.343639][T12026]  ? __kasan_check_write+0x14/0x20
[  624.348751][T12026]  ? ip_reply_glue_bits+0xc0/0xc0
[  624.353800][T12026]  ? udp_v6_get_port+0x6b0/0x6b0
[  624.358732][T12026]  ? __kasan_check_read+0x11/0x20
[  624.363743][T12026]  ? mark_lock+0xc2/0x1220
[  624.368162][T12026]  ? __kasan_check_read+0x11/0x20
[  624.373176][T12026]  ? mark_lock+0xc2/0x1220
[  624.377587][T12026]  ? __kasan_check_read+0x11/0x20
[  624.382605][T12026]  ? ___might_sleep+0x163/0x2c0
[  624.387455][T12026]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  624.393101][T12026]  ? aa_sk_perm+0x346/0xb00
[  624.397636][T12026]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  624.403279][T12026]  inet6_sendmsg+0x9e/0xe0
[  624.407699][T12026]  ? inet6_sendmsg+0x9e/0xe0
[  624.412286][T12026]  ? inet6_ioctl+0x1c0/0x1c0
[  624.416869][T12026]  sock_sendmsg+0xd7/0x130
[  624.421295][T12026]  ____sys_sendmsg+0x358/0x880
[  624.426063][T12026]  ? kernel_sendmsg+0x50/0x50
[  624.430731][T12026]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  624.436268][T12026]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  624.442238][T12026]  ? find_held_lock+0x35/0x130
[  624.447034][T12026]  ___sys_sendmsg+0x100/0x170
[  624.451719][T12026]  ? sendmsg_copy_msghdr+0x70/0x70
[  624.456822][T12026]  ? __kasan_check_read+0x11/0x20
[  624.461835][T12026]  ? __might_fault+0x12b/0x1e0
[  624.466601][T12026]  ? find_held_lock+0x35/0x130
[  624.471364][T12026]  ? __might_fault+0x12b/0x1e0
[  624.476134][T12026]  ? do_dup2+0x4f0/0x4f0
[  624.480379][T12026]  ? lock_downgrade+0x920/0x920
[  624.485245][T12026]  ? ___might_sleep+0x163/0x2c0
[  624.490096][T12026]  __sys_sendmmsg+0x1bf/0x4d0
[  624.494775][T12026]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  624.499829][T12026]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  624.506113][T12026]  ? fput_many+0x12c/0x1a0
[  624.510518][T12026]  ? fput+0x1b/0x20
[  624.514320][T12026]  ? ksys_write+0x1cf/0x290
[  624.518816][T12026]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  624.524287][T12026]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  624.529754][T12026]  ? do_syscall_64+0x26/0x790
[  624.534880][T12026]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  624.541032][T12026]  ? do_syscall_64+0x26/0x790
[  624.545729][T12026]  __x64_sys_sendmmsg+0x9d/0x100
[  624.550657][T12026]  do_syscall_64+0xfa/0x790
[  624.555150][T12026]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  624.561028][T12026] RIP: 0033:0x45a919
[  624.564921][T12026] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  624.584699][T12026] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  624.593128][T12026] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  624.601136][T12026] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  624.609097][T12026] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
20:00:26 executing program 3 (fault-call:2 fault-nth:12):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  624.617157][T12026] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  624.625140][T12026] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  624.659569][T12019] netlink: 'syz-executor.4': attribute type 19 has an invalid length.
20:00:26 executing program 2:
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
clone(0x1000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
close(r1)
signalfd(0xffffffffffffffff, &(0x7f0000000080), 0x8)
write$P9_RCLUNK(r1, &(0x7f0000000040)={0x7, 0x79, 0x2}, 0x7)
mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)

[  624.707896][T12033] FAULT_INJECTION: forcing a failure.
[  624.707896][T12033] name failslab, interval 1, probability 0, space 0, times 0
[  624.773599][T12033] CPU: 0 PID: 12033 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  624.783542][T12033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  624.793673][T12033] Call Trace:
[  624.796959][T12033]  dump_stack+0x197/0x210
[  624.801430][T12033]  should_fail.cold+0xa/0x10
[  624.806022][T12033]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  624.811317][T12033]  ? setup_fault_attr+0x220/0x220
[  624.816351][T12033]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  624.821653][T12033]  __should_failslab+0x121/0x190
[  624.826597][T12033]  should_failslab+0x9/0x14
[  624.831111][T12033]  kmem_cache_alloc+0x47/0x710
[  624.835876][T12033]  ? __kasan_check_read+0x11/0x20
[  624.840889][T12033]  skb_clone+0x154/0x3d0
[  624.845121][T12033]  ip6_finish_output2+0x18be/0x25c0
[  624.850318][T12033]  ? ip6_mtu+0x2e6/0x450
[  624.854572][T12033]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  624.860126][T12033]  ? lock_downgrade+0x920/0x920
[  624.864970][T12033]  ? rcu_read_lock_held+0x9c/0xb0
[  624.869983][T12033]  ? __kasan_check_read+0x11/0x20
[  624.875011][T12033]  __ip6_finish_output+0x444/0xaa0
[  624.880178][T12033]  ? __ip6_finish_output+0x444/0xaa0
[  624.885475][T12033]  ip6_finish_output+0x38/0x1f0
[  624.890457][T12033]  ip6_output+0x25e/0x880
[  624.894791][T12033]  ? ip6_finish_output+0x1f0/0x1f0
[  624.900002][T12033]  ? __ip6_finish_output+0xaa0/0xaa0
[  624.905287][T12033]  ? ip6_make_skb+0x370/0x570
[  624.909973][T12033]  ? ip_reply_glue_bits+0xc0/0xc0
[  624.915002][T12033]  ip6_local_out+0xbb/0x1b0
[  624.919496][T12033]  ip6_send_skb+0xbb/0x350
[  624.923902][T12033]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  624.929393][T12033]  ? ip6_forward_finish+0x570/0x570
[  624.934669][T12033]  udpv6_sendmsg+0x22f3/0x2b30
[  624.939420][T12033]  ? __kasan_check_write+0x14/0x20
[  624.944531][T12033]  ? ip_reply_glue_bits+0xc0/0xc0
[  624.949555][T12033]  ? udp_v6_get_port+0x6b0/0x6b0
[  624.954477][T12033]  ? __kasan_check_read+0x11/0x20
[  624.959498][T12033]  ? mark_lock+0xc2/0x1220
[  624.963914][T12033]  ? __kasan_check_read+0x11/0x20
[  624.968923][T12033]  ? mark_lock+0xc2/0x1220
[  624.973347][T12033]  ? __kasan_check_read+0x11/0x20
[  624.978370][T12033]  ? ___might_sleep+0x163/0x2c0
[  624.983224][T12033]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  624.988855][T12033]  ? aa_sk_perm+0x346/0xb00
[  624.993352][T12033]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  624.998898][T12033]  inet6_sendmsg+0x9e/0xe0
[  625.003299][T12033]  ? inet6_sendmsg+0x9e/0xe0
[  625.007878][T12033]  ? inet6_ioctl+0x1c0/0x1c0
[  625.012471][T12033]  sock_sendmsg+0xd7/0x130
[  625.016872][T12033]  ____sys_sendmsg+0x358/0x880
[  625.021634][T12033]  ? kernel_sendmsg+0x50/0x50
[  625.026295][T12033]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  625.031835][T12033]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  625.037806][T12033]  ? find_held_lock+0x35/0x130
[  625.042560][T12033]  ___sys_sendmsg+0x100/0x170
[  625.047420][T12033]  ? sendmsg_copy_msghdr+0x70/0x70
[  625.052545][T12033]  ? __kasan_check_read+0x11/0x20
[  625.057567][T12033]  ? __might_fault+0x12b/0x1e0
[  625.062326][T12033]  ? find_held_lock+0x35/0x130
[  625.067075][T12033]  ? __might_fault+0x12b/0x1e0
[  625.071826][T12033]  ? do_dup2+0x4f0/0x4f0
[  625.076058][T12033]  ? lock_downgrade+0x920/0x920
[  625.080898][T12033]  ? ___might_sleep+0x163/0x2c0
[  625.085733][T12033]  __sys_sendmmsg+0x1bf/0x4d0
[  625.090395][T12033]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  625.095438][T12033]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  625.101678][T12033]  ? fput_many+0x12c/0x1a0
[  625.106090][T12033]  ? fput+0x1b/0x20
[  625.109990][T12033]  ? ksys_write+0x1cf/0x290
[  625.114506][T12033]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  625.120022][T12033]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  625.125476][T12033]  ? do_syscall_64+0x26/0x790
[  625.130158][T12033]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  625.136336][T12033]  ? do_syscall_64+0x26/0x790
[  625.141117][T12033]  __x64_sys_sendmmsg+0x9d/0x100
[  625.146066][T12033]  do_syscall_64+0xfa/0x790
[  625.150586][T12033]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  625.156477][T12033] RIP: 0033:0x45a919
[  625.160367][T12033] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  625.179969][T12033] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  625.188366][T12033] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  625.196348][T12033] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  625.204322][T12033] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  625.212383][T12033] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
20:00:27 executing program 3 (fault-call:2 fault-nth:13):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  625.220371][T12033] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  625.349329][T12043] FAULT_INJECTION: forcing a failure.
[  625.349329][T12043] name failslab, interval 1, probability 0, space 0, times 0
[  625.362679][T12043] CPU: 1 PID: 12043 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  625.372568][T12043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  625.383153][T12043] Call Trace:
[  625.383178][T12043]  dump_stack+0x197/0x210
[  625.383200][T12043]  should_fail.cold+0xa/0x10
[  625.383215][T12043]  ? is_bpf_text_address+0xac/0x160
[  625.383233][T12043]  ? setup_fault_attr+0x220/0x220
[  625.383261][T12043]  __should_failslab+0x121/0x190
[  625.383278][T12043]  should_failslab+0x9/0x14
[  625.383297][T12043]  kmem_cache_alloc+0x47/0x710
[  625.420015][T12043]  ? lock_acquire+0x190/0x410
[  625.424715][T12043]  ? net_tx_action+0xd30/0xd30
[  625.429509][T12043]  skb_clone+0x154/0x3d0
[  625.433774][T12043]  dev_queue_xmit_nit+0x3a1/0xaa0
[  625.438818][T12043]  dev_hard_start_xmit+0xbb/0x9b0
[  625.443889][T12043]  ? validate_xmit_skb_list+0xfc/0x150
[  625.449361][T12043]  sch_direct_xmit+0x372/0xd30
[  625.454138][T12043]  ? dev_watchdog+0xca0/0xca0
[  625.458814][T12043]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  625.464351][T12043]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  625.470415][T12043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  625.476724][T12043]  ? sfb_dequeue+0x421/0x4d0
[  625.481357][T12043]  __qdisc_run+0x4bf/0x1770
[  625.485858][T12043]  __dev_queue_xmit+0x1650/0x35c0
[  625.490917][T12043]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  625.496467][T12043]  ? mark_held_locks+0xf0/0xf0
[  625.501427][T12043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  625.507803][T12043]  ? debug_smp_processor_id+0x33/0x18a
[  625.513278][T12043]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  625.519443][T12043]  ? rcu_read_lock_held_common+0xbd/0x130
[  625.525163][T12043]  dev_queue_xmit+0x18/0x20
[  625.529988][T12043]  ? dev_queue_xmit+0x18/0x20
[  625.534771][T12043]  neigh_direct_output+0x16/0x20
[  625.539728][T12043]  ip6_finish_output2+0x109a/0x25c0
[  625.544934][T12043]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  625.550485][T12043]  ? lock_downgrade+0x920/0x920
[  625.555336][T12043]  ? netif_rx_ni+0x670/0x670
[  625.559914][T12043]  ? __kasan_check_read+0x11/0x20
[  625.564929][T12043]  __ip6_finish_output+0x444/0xaa0
[  625.570039][T12043]  ? __ip6_finish_output+0x444/0xaa0
[  625.575415][T12043]  ip6_finish_output+0x38/0x1f0
[  625.580259][T12043]  ip6_output+0x25e/0x880
[  625.584606][T12043]  ? ip6_finish_output+0x1f0/0x1f0
[  625.589726][T12043]  ? __ip6_finish_output+0xaa0/0xaa0
[  625.595023][T12043]  ? ip6_make_skb+0x370/0x570
[  625.599686][T12043]  ? ip_reply_glue_bits+0xc0/0xc0
[  625.604716][T12043]  ip6_local_out+0xbb/0x1b0
[  625.609221][T12043]  ip6_send_skb+0xbb/0x350
[  625.613654][T12043]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  625.619471][T12043]  ? ip6_forward_finish+0x570/0x570
[  625.624679][T12043]  udpv6_sendmsg+0x22f3/0x2b30
[  625.629446][T12043]  ? __kasan_check_write+0x14/0x20
[  625.634564][T12043]  ? ip_reply_glue_bits+0xc0/0xc0
[  625.639590][T12043]  ? udp_v6_get_port+0x6b0/0x6b0
[  625.644516][T12043]  ? __kasan_check_read+0x11/0x20
[  625.649540][T12043]  ? mark_lock+0xc2/0x1220
[  625.653972][T12043]  ? __kasan_check_read+0x11/0x20
[  625.659010][T12043]  ? mark_lock+0xc2/0x1220
[  625.663610][T12043]  ? __kasan_check_read+0x11/0x20
[  625.668646][T12043]  ? ___might_sleep+0x163/0x2c0
[  625.673532][T12043]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  625.679171][T12043]  ? aa_sk_perm+0x346/0xb00
[  625.683695][T12043]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  625.689263][T12043]  inet6_sendmsg+0x9e/0xe0
[  625.693745][T12043]  ? inet6_sendmsg+0x9e/0xe0
[  625.698388][T12043]  ? inet6_ioctl+0x1c0/0x1c0
[  625.703014][T12043]  sock_sendmsg+0xd7/0x130
[  625.707452][T12043]  ____sys_sendmsg+0x358/0x880
[  625.712222][T12043]  ? kernel_sendmsg+0x50/0x50
[  625.716889][T12043]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  625.722450][T12043]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  625.728434][T12043]  ? find_held_lock+0x35/0x130
[  625.733196][T12043]  ___sys_sendmsg+0x100/0x170
[  625.737864][T12043]  ? sendmsg_copy_msghdr+0x70/0x70
[  625.742976][T12043]  ? __kasan_check_read+0x11/0x20
[  625.748003][T12043]  ? __might_fault+0x12b/0x1e0
[  625.752762][T12043]  ? find_held_lock+0x35/0x130
[  625.757527][T12043]  ? __might_fault+0x12b/0x1e0
[  625.762296][T12043]  ? do_dup2+0x4f0/0x4f0
[  625.766539][T12043]  ? lock_downgrade+0x920/0x920
[  625.771408][T12043]  ? ___might_sleep+0x163/0x2c0
[  625.776248][T12043]  __sys_sendmmsg+0x1bf/0x4d0
[  625.780933][T12043]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  625.785989][T12043]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  625.792234][T12043]  ? fput_many+0x12c/0x1a0
[  625.796673][T12043]  ? fput+0x1b/0x20
[  625.800518][T12043]  ? ksys_write+0x1cf/0x290
[  625.805042][T12043]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  625.810615][T12043]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  625.816172][T12043]  ? do_syscall_64+0x26/0x790
[  625.820858][T12043]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  625.826933][T12043]  ? do_syscall_64+0x26/0x790
[  625.831605][T12043]  __x64_sys_sendmmsg+0x9d/0x100
[  625.836553][T12043]  do_syscall_64+0xfa/0x790
[  625.841077][T12043]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  625.846973][T12043] RIP: 0033:0x45a919
[  625.850870][T12043] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  625.870567][T12043] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  625.878993][T12043] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  625.886965][T12043] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  625.894929][T12043] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  625.902913][T12043] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  625.910889][T12043] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  627.488657][    C0] net_ratelimit: 14 callbacks suppressed
[  627.488664][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  627.500097][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  627.568705][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  627.574662][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  628.208673][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  628.214587][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  628.768740][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  628.774890][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  628.781355][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  628.787370][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  632.928695][    C0] net_ratelimit: 16 callbacks suppressed
[  632.928703][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  632.940636][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  632.947036][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  632.953422][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  633.728664][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  633.734847][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  633.808645][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  633.814802][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  634.448624][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  634.454914][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:37 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000540)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000002400070500"/20, @ANYRES32=r3, @ANYBLOB="00000000ffffffff0000000008000100736662002c0042002800010000000000000000000000000000000000affe00000000000000000000ff01000000000000"], 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r3, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@ipmr_delroute={0xd4, 0x19, 0x400, 0x70bd25, 0x25dfdbfe, {0x80, 0x80, 0x20, 0x6, 0x100, 0x2, 0x0, 0x5, 0x200}, [@RTA_PRIORITY={0x8, 0x6, 0x1f}, @RTA_MULTIPATH={0xc, 0x9, {0x14, 0x27, 0x7, r3}}, @RTA_METRICS={0x8c, 0x8, "5f8f9e3161a3ca141c21f7379299ffd5a652d22f276c37b2a899f0ec0d4a5242e3cd2fa7599b105708260595ab0154e323555855bc7026f2822a4c08f1914d3f21a94b928741ab6a0aeb22d7c91d5feb489fe88b20eeee6db98c004a0fd124cf6885b70d9565eb870e69d172645135e2698391bac98393d172674fff18762d32b2d40ed4dc"}, @RTA_SRC={0x8, 0x2, @rand_addr=0x6}, @RTA_ENCAP_TYPE={0x8, 0x15, 0x6}, @RTA_PRIORITY={0x8, 0x6, 0x1000}]}, 0xd4}, 0x1, 0x0, 0x0, 0x6000}, 0x0)
r4 = socket(0x10, 0x80002, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$MON_IOCX_GETX(r5, 0x4018920a, &(0x7f0000000380)={&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000440)=""/188, 0xbc})
add_key$keyring(0x0, &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000180)=[{0x2, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = dup3(r7, r6, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x32600)
fsconfig$FSCONFIG_SET_PATH(r9, 0x3, &(0x7f00000003c0)='syz', &(0x7f0000000500)='./file0\x00', r8)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)

20:00:37 executing program 0:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x80002004})
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb)
r2 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
set_robust_list(&(0x7f00000003c0)={&(0x7f0000000380)={&(0x7f0000000340)}, 0xfffffffffffffffc}, 0x18)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r5 = dup3(r3, r4, 0x80000)
ioctl$IMGETCOUNT(r5, 0x80044943, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc))
r6 = perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x7ffffffffffa, 0x6d1a4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x20, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r7, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r7)
r8 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r8, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r8, 0x0, 0xfffffffffffffff8, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r8, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x240, 0x0, 0x9006000)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}, &(0x7f0000000300)=0x10)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r9, &(0x7f0000000680)={0xc, 0xfffffffffffffda0, 0xfa00, {&(0x7f0000000500)}}, 0xa8)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000000)={0x0, 0xe, 0xfa00, {0x4, &(0x7f0000000080)={<r10=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r9, &(0x7f0000000240)={0x3, 0x40, 0xfa00, {{}, {0xa, 0x0, 0x0, @mcast1}, r10}}, 0x48)
write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000240)={0x14, 0x88, 0xfa00, {r10, 0x2c, 0x0, @in6={0xa, 0x4e23, 0x200, @mcast1, 0x3}}}, 0x90)

20:00:37 executing program 4:
pipe(&(0x7f0000000680)={<r0=>0xffffffffffffffff})
socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
capget(0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x11, 0x0, 0x300)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f00000000c0)="390000001000090468fe07002b0000000100ff0714000000450001070300001419001a00", 0x24}], 0x1)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
write(0xffffffffffffffff, &(0x7f00000000c0)="240000005a005fdf", 0x8)
sendmmsg$alg(r1, &(0x7f0000000140), 0xcc, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x5452, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r4 = gettid()
sendmsg$key(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x20004850)
writev(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x227d, 0x0)
kcmp(0x0, r4, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000040)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x0)
ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x100041)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x400, 0x0)
syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)

20:00:37 executing program 2:
setreuid(0x0, 0xee00)
r0 = geteuid()
setreuid(0x0, 0x0)
mknod(&(0x7f00000005c0)='./bus\x00', 0x8, 0x0)
lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='security.capability\x00', &(0x7f0000000140)=@v2={0x2000000, [{}, {0x2}]}, 0x14, 0x0)
clone(0x40000600, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setreuid(r0, r0)
execve(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0)

20:00:37 executing program 3 (fault-call:2 fault-nth:14):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:37 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
dup2(r1, r2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  635.193856][T12055] FAULT_INJECTION: forcing a failure.
[  635.193856][T12055] name failslab, interval 1, probability 0, space 0, times 0
[  635.220132][T12055] CPU: 1 PID: 12055 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  635.230161][T12055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  635.240396][T12055] Call Trace:
[  635.243736][T12055]  dump_stack+0x197/0x210
[  635.248761][T12055]  should_fail.cold+0xa/0x10
[  635.253854][T12055]  ? setup_fault_attr+0x220/0x220
[  635.258893][T12055]  ? ___might_sleep+0x163/0x2c0
[  635.263751][T12055]  __should_failslab+0x121/0x190
[  635.268695][T12055]  should_failslab+0x9/0x14
[  635.273310][T12055]  kmem_cache_alloc_node+0x268/0x740
[  635.278729][T12055]  ? __dev_queue_xmit+0x173f/0x35c0
[  635.284038][T12055]  ? trace_hardirqs_on+0x67/0x240
[  635.289153][T12055]  ? __dev_queue_xmit+0x173f/0x35c0
[  635.294693][T12055]  __alloc_skb+0xd5/0x5e0
[  635.299042][T12055]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  635.304582][T12055]  alloc_skb_with_frags+0x93/0x590
[  635.309751][T12055]  ? find_held_lock+0x35/0x130
[  635.314513][T12055]  sock_alloc_send_pskb+0x7ad/0x920
[  635.319971][T12055]  ? sock_wmalloc+0x120/0x120
[  635.325518][T12055]  ? __local_bh_enable_ip+0x15a/0x270
[  635.330885][T12055]  ? ip6_finish_output2+0x1106/0x25c0
[  635.336262][T12055]  ? ip6_mtu+0x2e6/0x450
[  635.340870][T12055]  ? find_held_lock+0x35/0x130
[  635.345649][T12055]  sock_alloc_send_skb+0x32/0x40
[  635.350643][T12055]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  635.356549][T12055]  ? ip_reply_glue_bits+0xc0/0xc0
[  635.361570][T12055]  ? ip6_setup_cork+0x1920/0x1920
[  635.366616][T12055]  ? ip6_flush_pending_frames+0xd0/0xd0
[  635.372165][T12055]  ? __kasan_check_read+0x11/0x20
[  635.377379][T12055]  ip6_make_skb+0x32f/0x570
[  635.381872][T12055]  ? ip_reply_glue_bits+0xc0/0xc0
[  635.386888][T12055]  ? ip_reply_glue_bits+0xc0/0xc0
[  635.392514][T12055]  ? ip6_push_pending_frames+0xf0/0xf0
[  635.398180][T12055]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  635.403739][T12055]  ? ip6_forward_finish+0x570/0x570
[  635.408932][T12055]  ? rcu_read_lock_held+0x9c/0xb0
[  635.414203][T12055]  udpv6_sendmsg+0x22a1/0x2b30
[  635.419099][T12055]  ? __kasan_check_write+0x14/0x20
[  635.424339][T12055]  ? ip_reply_glue_bits+0xc0/0xc0
[  635.429370][T12055]  ? udp_v6_get_port+0x6b0/0x6b0
[  635.434649][T12055]  ? __kasan_check_read+0x11/0x20
[  635.439751][T12055]  ? mark_lock+0xc2/0x1220
[  635.444338][T12055]  ? __kasan_check_read+0x11/0x20
[  635.449676][T12055]  ? mark_lock+0xc2/0x1220
[  635.454101][T12055]  ? __kasan_check_read+0x11/0x20
[  635.459144][T12055]  ? ___might_sleep+0x163/0x2c0
[  635.464032][T12055]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  635.469755][T12055]  ? aa_sk_perm+0x346/0xb00
[  635.474290][T12055]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  635.480210][T12055]  inet6_sendmsg+0x9e/0xe0
[  635.484647][T12055]  ? inet6_sendmsg+0x9e/0xe0
[  635.489326][T12055]  ? inet6_ioctl+0x1c0/0x1c0
[  635.493914][T12055]  sock_sendmsg+0xd7/0x130
[  635.498322][T12055]  ____sys_sendmsg+0x358/0x880
[  635.503079][T12055]  ? kernel_sendmsg+0x50/0x50
[  635.507754][T12055]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  635.513298][T12055]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  635.519274][T12055]  ? find_held_lock+0x35/0x130
[  635.524041][T12055]  ___sys_sendmsg+0x100/0x170
[  635.528715][T12055]  ? sendmsg_copy_msghdr+0x70/0x70
[  635.533819][T12055]  ? __kasan_check_read+0x11/0x20
[  635.538857][T12055]  ? __might_fault+0x12b/0x1e0
[  635.543629][T12055]  ? find_held_lock+0x35/0x130
[  635.548386][T12055]  ? __might_fault+0x12b/0x1e0
[  635.553152][T12055]  ? do_dup2+0x4f0/0x4f0
[  635.557385][T12055]  ? lock_downgrade+0x920/0x920
[  635.562236][T12055]  ? ___might_sleep+0x163/0x2c0
[  635.567175][T12055]  __sys_sendmmsg+0x1bf/0x4d0
[  635.571857][T12055]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  635.576889][T12055]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  635.583129][T12055]  ? fput_many+0x12c/0x1a0
[  635.587535][T12055]  ? fput+0x1b/0x20
[  635.591332][T12055]  ? ksys_write+0x1cf/0x290
[  635.595841][T12055]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  635.602795][T12055]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  635.608250][T12055]  ? do_syscall_64+0x26/0x790
[  635.612916][T12055]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  635.618977][T12055]  ? do_syscall_64+0x26/0x790
[  635.623670][T12055]  __x64_sys_sendmmsg+0x9d/0x100
[  635.628619][T12055]  do_syscall_64+0xfa/0x790
[  635.633116][T12055]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  635.639010][T12055] RIP: 0033:0x45a919
[  635.642899][T12055] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  635.662521][T12055] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  635.671060][T12055] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  635.679043][T12055] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  635.687002][T12055] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  635.694995][T12055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  635.704202][T12055] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  635.720716][T12063] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'.
[  635.743970][T12062] IPVS: ftp: loaded support on port[0] = 21
20:00:38 executing program 0:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40086602, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, 0x0, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0xda00)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100000, 0x500001c)

[  635.995600][   T27] audit: type=1804 audit(1577390438.101:62): pid=12075 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir755456860/syzkaller.ym7LGg/91/memory.events" dev="sda1" ino=16622 res=1
20:00:38 executing program 3 (fault-call:2 fault-nth:15):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:38 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000200)=0x4e8)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000080)={0x9d0000, 0x2, 0x1, <r2=>0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x3a0aea, 0x2, [], @value=0x10000}})
write$UHID_SET_REPORT_REPLY(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0e000000070000000109c3008895f3466a34070499d34f2df9f3bf5a95537baa33d8ea656655e75ef47b1e397bfee0d0ffbf7eff3c732a1eb866a60509c83cda13ff34dfb14ba1940dc87452bff8d2542f72713dee9313b2ee021ef7df45682355f9c185da4544ab9a6625ff0fa85faa9bd92ff4f280669d05012165038975ba79a40b3afd7982d526759c996e950217987e0b883cf396075cf55c6cfade1629f446699b5cd33937d232e79a6cb30287290cb707c374b735f0934a2c89ba921c27cd8786640920f073fc5ec133d83b"], 0xcf)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
clone(0x100, 0x0, 0x0, 0x0, 0x0)
socketpair(0x5, 0x6, 0x0, &(0x7f0000000000))

20:00:38 executing program 2:
perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2(0x0, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000200)=""/190)
r0 = open(0x0, 0x800000141042, 0x0)
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000080))
ioctl$USBDEVFS_RELEASEINTERFACE(0xffffffffffffffff, 0x80045510, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xffffffffffffffa9)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000280)={r8}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6, &(0x7f0000000380)={<r9=>r8, @in={{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, &(0x7f0000000100)=0x84)
ioctl$sock_rose_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000600)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x2, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={'nr', 0x0}, 0x3, [@default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @bcast]})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000440)={<r10=>0x0, 0x2, 0x101}, &(0x7f0000000480)=0x8)
getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000004c0)={r9, 0x1, 0x5, 0x7c, 0xdf, 0x7, 0x100, 0xffffa83a, {r10, @in={{0x2, 0x4e20, @broadcast}}, 0x4, 0x3, 0x0, 0x2, 0x8}}, &(0x7f0000000580)=0xb0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x5)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f00000002c0))
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, 0x0)
r11 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r12=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r12)
getresuid(&(0x7f0000000740), &(0x7f0000000780), &(0x7f00000007c0)=<r13=>0x0)
mount$9p_unix(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)='9p\x00', 0x200020, &(0x7f0000000800)=ANY=[@ANYBLOB='trans=unix,loose,dfltgid=', @ANYRESHEX=r12, @ANYBLOB=',access=user,cache=fscache,version=9p2000,noextend,version=9p2000,euid<', @ANYRESDEC=r13, @ANYBLOB="2c61707072616973655f74f297a70235501bf169672c6d61736b3d5e4d41595f455845432c00"])
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="8da4363ac0ed02000a0000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x23b, 0x10000}], 0x3, 0x0)
write$FUSE_BMAP(r0, &(0x7f00000005c0)={0x18, 0x0, 0x6, {0x2}}, 0x18)

20:00:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket(0x10, 0x80002, 0xc)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000003780)=ANY=[@ANYBLOB="148000000000000000496b646045000000000000"], 0x14}}, 0x0)
sendmmsg$alg(r1, &(0x7f0000000140), 0xffffffffffffff68, 0x0)

[  636.240446][T12084] FAULT_INJECTION: forcing a failure.
[  636.240446][T12084] name failslab, interval 1, probability 0, space 0, times 0
[  636.288836][T12084] CPU: 1 PID: 12084 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  636.298785][T12084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  636.309861][T12084] Call Trace:
[  636.313186][T12084]  dump_stack+0x197/0x210
[  636.317781][T12084]  should_fail.cold+0xa/0x10
[  636.323022][T12084]  ? setup_fault_attr+0x220/0x220
[  636.328279][T12084]  ? ___might_sleep+0x163/0x2c0
[  636.333159][T12084]  __should_failslab+0x121/0x190
[  636.333182][T12084]  should_failslab+0x9/0x14
[  636.333198][T12084]  kmem_cache_alloc_node_trace+0x274/0x750
[  636.333221][T12084]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  636.348587][T12084]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  636.348612][T12084]  __kmalloc_node_track_caller+0x3d/0x70
[  636.348669][T12084]  __kmalloc_reserve.isra.0+0x40/0xf0
[  636.348690][T12084]  __alloc_skb+0x10b/0x5e0
[  636.348710][T12084]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  636.348734][T12084]  alloc_skb_with_frags+0x93/0x590
[  636.383122][T12087] BTRFS: device fsid fff6f2a2-2997-48ae-b81e-1b00b10efd9a devid 0 transid 0 /dev/loop2 scanned by syz-executor.2 (12087)
[  636.388023][T12084]  ? find_held_lock+0x35/0x130
[  636.388050][T12084]  sock_alloc_send_pskb+0x7ad/0x920
[  636.388076][T12084]  ? sock_wmalloc+0x120/0x120
[  636.388090][T12084]  ? __local_bh_enable_ip+0x15a/0x270
[  636.388106][T12084]  ? ip6_finish_output2+0x1106/0x25c0
[  636.388127][T12084]  ? ip6_mtu+0x2e6/0x450
[  636.388142][T12084]  ? find_held_lock+0x35/0x130
[  636.436228][T12084]  sock_alloc_send_skb+0x32/0x40
[  636.441249][T12084]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  636.446967][T12084]  ? ip_reply_glue_bits+0xc0/0xc0
[  636.452082][T12084]  ? ip6_setup_cork+0x1920/0x1920
[  636.457458][T12084]  ? ip6_flush_pending_frames+0xd0/0xd0
[  636.463078][T12084]  ? __kasan_check_read+0x11/0x20
[  636.468711][T12084]  ip6_make_skb+0x32f/0x570
[  636.473654][T12084]  ? ip_reply_glue_bits+0xc0/0xc0
[  636.478670][T12084]  ? ip_reply_glue_bits+0xc0/0xc0
[  636.483716][T12084]  ? ip6_push_pending_frames+0xf0/0xf0
[  636.489195][T12084]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  636.494764][T12084]  ? ip6_forward_finish+0x570/0x570
[  636.499975][T12084]  ? rcu_read_lock_held+0x9c/0xb0
[  636.505026][T12084]  udpv6_sendmsg+0x22a1/0x2b30
[  636.509795][T12084]  ? __kasan_check_write+0x14/0x20
[  636.514923][T12084]  ? ip_reply_glue_bits+0xc0/0xc0
[  636.519954][T12084]  ? udp_v6_get_port+0x6b0/0x6b0
[  636.524888][T12084]  ? __kasan_check_read+0x11/0x20
[  636.529901][T12084]  ? mark_lock+0xc2/0x1220
[  636.534316][T12084]  ? __kasan_check_read+0x11/0x20
[  636.539332][T12084]  ? mark_lock+0xc2/0x1220
[  636.543736][T12084]  ? __kasan_check_read+0x11/0x20
[  636.548751][T12084]  ? ___might_sleep+0x163/0x2c0
[  636.553593][T12084]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  636.559218][T12084]  ? aa_sk_perm+0x346/0xb00
[  636.563730][T12084]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  636.569356][T12084]  inet6_sendmsg+0x9e/0xe0
[  636.573759][T12084]  ? inet6_sendmsg+0x9e/0xe0
[  636.578341][T12084]  ? inet6_ioctl+0x1c0/0x1c0
[  636.582928][T12084]  sock_sendmsg+0xd7/0x130
[  636.587340][T12084]  ____sys_sendmsg+0x358/0x880
[  636.592178][T12084]  ? kernel_sendmsg+0x50/0x50
[  636.596841][T12084]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  636.602383][T12084]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  636.608357][T12084]  ? find_held_lock+0x35/0x130
[  636.613115][T12084]  ___sys_sendmsg+0x100/0x170
[  636.617778][T12084]  ? sendmsg_copy_msghdr+0x70/0x70
[  636.622965][T12084]  ? __kasan_check_read+0x11/0x20
[  636.627976][T12084]  ? __might_fault+0x12b/0x1e0
[  636.632737][T12084]  ? find_held_lock+0x35/0x130
[  636.637485][T12084]  ? __might_fault+0x12b/0x1e0
[  636.642239][T12084]  ? do_dup2+0x4f0/0x4f0
[  636.646470][T12084]  ? lock_downgrade+0x920/0x920
[  636.651323][T12084]  ? ___might_sleep+0x163/0x2c0
[  636.656161][T12084]  __sys_sendmmsg+0x1bf/0x4d0
[  636.660830][T12084]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  636.665860][T12084]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  636.672114][T12084]  ? fput_many+0x12c/0x1a0
[  636.676525][T12084]  ? fput+0x1b/0x20
[  636.680331][T12084]  ? ksys_write+0x1cf/0x290
[  636.684828][T12084]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  636.690287][T12084]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  636.695740][T12084]  ? do_syscall_64+0x26/0x790
[  636.700402][T12084]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  636.706455][T12084]  ? do_syscall_64+0x26/0x790
[  636.711123][T12084]  __x64_sys_sendmmsg+0x9d/0x100
[  636.716049][T12084]  do_syscall_64+0xfa/0x790
[  636.720557][T12084]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  636.726440][T12084] RIP: 0033:0x45a919
[  636.730446][T12084] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  636.750146][T12084] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  636.758548][T12084] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  636.766504][T12084] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  636.774469][T12084] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
20:00:38 executing program 0:
r0 = socket$packet(0x11, 0x400000000002, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x5}, 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$l2tp(0x18, 0x1, 0x1)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}, 0x1c)
connect$l2tp(r2, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
sendmmsg(r2, &(0x7f0000005fc0), 0xa9, 0x0)
sendto$ax25(r2, &(0x7f0000000040)="17a186ca99ba5e0bb3229c7582c52840fe1da7f89589f4a535cad90208f59cfc5eab7bab91f3ea87d8c87e19423d18637c4e8e1b61a068b654652f43720c8eb447c238111ee5c9ee82806cd832bc726d83a697125442a3dcb38c386cb921b3c10c959a6335908b7e92248d0afd6f965e2990891964f3a4035654b8193a173400a57ff577297935be249c10f902ad808cee2b5d9dc18c1133ee07f95f62ce466e727fe19a0cafa45aa664ba7447302edbbd1baa7b20bb8d", 0xb7, 0x80, &(0x7f0000000140)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7}, [@null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)

[  636.782433][T12084] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  636.794992][T12084] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  637.110664][T12087] BTRFS error (device loop2): superblock checksum mismatch
[  637.235852][T12087] BTRFS error (device loop2): open_ctree failed
[  637.968662][    C0] net_ratelimit: 16 callbacks suppressed
[  637.968668][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  637.980130][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  638.608697][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  638.614623][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  639.168739][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  639.175084][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  639.181155][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  639.188099][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  639.968689][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  639.974820][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  643.328694][    C0] net_ratelimit: 14 callbacks suppressed
[  643.328703][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  643.340454][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  643.346298][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  643.352120][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  644.128674][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  644.134547][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  644.218633][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  644.224742][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:46 executing program 5:
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x844}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='cgroup\x00', 0x0, 0x0)
setuid(0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00\xdf\xf2\x02x\x1a\x9cu\xa1\x1b\xdaN\x1c\xef\xe9\nJ\x93\xf2\xee\xe8W\xcd\xc4\xadG\x17e\xf1\xd7\xda\xf7\xa1\xcf\x1f\xa4\xd3\xe32\xa0\x8c\xd4\xd0\x9a\xbb\xe15\xf2E`\xc9SX7\x02HG\xbd.p\xf4m\x8a\xd5u\x9c\x8c\xc0\x1b\x11\xd1.C(R\x16B5_\x1cVY,M\x83x\x89\xbe\xfb\xa5\x99\x99s\xea(D\x8d0\xec\x06\x1d\xe4\x9fw\xe7\x06\x11m\xcfL\x10HW\xf3\xf7\xee_\",\a\'\x11;\x85\x8a\x80S\v\x90\xab\x13\xe4\xc93\x96\x16\'\xdc\xecq\xcdQ\x8d\xec\xe0 \x13\xbd\x1a\x1f0\xcf\xe0\n\xeds\x85\xf2\x7f\xf1\xa4\x1fam\xc7\x12\x90\xf1Z\xbf\x15\xf7t+!}B\x15\a\x13\xbf\xa7\x05\xb1M\x89\xd5\xc43\x94\x84,\xeeFw\xc8\xe7\xa9\x9a\xbe\x0f\x80\xb9\xef\xafg2\xd0\x11\x94\b`\x8apREK*\x19zq\xbcRZ\xb2\xfc#*\xdaG5}\xc0y\xb5B\xa1Aa=\xde\xb4W\xdbC\x82f\xbb\xa12\x8b\x96J\xfa.\xf3mekE\xa0\xf2\xcd\x89\xe3\x99\x9c', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10, r0, 0x0)
socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000380)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
rmdir(&(0x7f0000000340)='./file0//ile0\x00')

20:00:46 executing program 4:
get_thread_area(&(0x7f0000000000)={0x5, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1})
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crc32c-generic)\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000003100)=[{0xffffff7f, 0x0, 0x0}], 0x500, 0x0)

20:00:46 executing program 3 (fault-call:2 fault-nth:16):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:46 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0xb7342b491782ba61}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0xff00)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[0x0, 0x68], 0x0, 0x400, 0x3ff})

20:00:46 executing program 0:
perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x2, 0x81, 0x0, 0x0, 0x0, 0x1, 0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x9, 0x1}, 0x15, 0x0, 0x0, 0x1, 0x400}, 0x0, 0x80000000000, 0xffffffffffffffff, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f0000000180))
socket$pptp(0x18, 0x1, 0x2)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
bind$rxrpc(r2, &(0x7f0000000100)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x8, @empty, 0xdef}}, 0x24)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000340), 0x8)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = fcntl$dupfd(r0, 0x0, r1)
r6 = syz_open_dev$vcsu(&(0x7f0000000140)='/dev/vcsu#\x00', 0x8000, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r6, 0xc004ae02, &(0x7f00000002c0)={0x2, [0x0, 0x0]})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[], 0x32600)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r8, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r7, 0x2405, r8)
keyctl$search(0xa, 0x0, 0x0, 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/btrfs-control\x00', 0x100, 0x0)
r9 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000380)='/proc/capi/capi20ncci\x00', 0xf4b0bbd0513ac3e3, 0x0)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00')
sendmsg$TIPC_CMD_GET_REMOTE_MNG(r9, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x5000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x1c, r10, 0x10, 0x70bd2c, 0x1, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x30000811)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r11, 0x8933, &(0x7f0000000500)={'vxcan1\x00', <r12=>0x0})
bind$xdp(r4, &(0x7f0000000540)={0x2c, 0x1, r12, 0x28}, 0x10)
ioctl$EVIOCGPROP(r5, 0xc004743e, &(0x7f0000000000)=""/246)

20:00:46 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
dup2(r1, r2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  644.559467][T12124] FAULT_INJECTION: forcing a failure.
[  644.559467][T12124] name failslab, interval 1, probability 0, space 0, times 0
[  644.578813][T12124] CPU: 0 PID: 12124 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  644.588751][T12124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  644.598821][T12124] Call Trace:
[  644.602147][T12124]  dump_stack+0x197/0x210
[  644.606498][T12124]  should_fail.cold+0xa/0x10
[  644.611084][T12124]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  644.616363][T12124]  ? setup_fault_attr+0x220/0x220
[  644.621394][T12124]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  644.626690][T12124]  __should_failslab+0x121/0x190
[  644.631636][T12124]  should_failslab+0x9/0x14
[  644.636136][T12124]  kmem_cache_alloc+0x47/0x710
[  644.640900][T12124]  ? __kasan_check_read+0x11/0x20
[  644.646720][T12124]  skb_clone+0x154/0x3d0
[  644.650954][T12124]  ip6_finish_output2+0x18be/0x25c0
[  644.656141][T12124]  ? ip6_mtu+0x2e6/0x450
[  644.660511][T12124]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  644.666055][T12124]  ? lock_downgrade+0x920/0x920
[  644.670897][T12124]  ? rcu_read_lock_held+0x9c/0xb0
[  644.675913][T12124]  ? __kasan_check_read+0x11/0x20
[  644.681016][T12124]  __ip6_finish_output+0x444/0xaa0
[  644.686125][T12124]  ? __ip6_finish_output+0x444/0xaa0
[  644.691944][T12124]  ip6_finish_output+0x38/0x1f0
[  644.696792][T12124]  ip6_output+0x25e/0x880
[  644.701117][T12124]  ? ip6_finish_output+0x1f0/0x1f0
[  644.706326][T12124]  ? __ip6_finish_output+0xaa0/0xaa0
[  644.711606][T12124]  ? ip6_make_skb+0x370/0x570
[  644.716294][T12124]  ? ip_reply_glue_bits+0xc0/0xc0
[  644.721316][T12124]  ip6_local_out+0xbb/0x1b0
[  644.725832][T12124]  ip6_send_skb+0xbb/0x350
[  644.730597][T12124]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  644.736305][T12124]  ? ip6_forward_finish+0x570/0x570
[  644.741595][T12124]  udpv6_sendmsg+0x22f3/0x2b30
[  644.746441][T12124]  ? __kasan_check_write+0x14/0x20
[  644.751664][T12124]  ? ip_reply_glue_bits+0xc0/0xc0
[  644.756721][T12124]  ? udp_v6_get_port+0x6b0/0x6b0
[  644.761757][T12124]  ? __kasan_check_read+0x11/0x20
[  644.766816][T12124]  ? mark_lock+0xc2/0x1220
[  644.771238][T12124]  ? __kasan_check_read+0x11/0x20
[  644.776438][T12124]  ? mark_lock+0xc2/0x1220
[  644.780932][T12124]  ? __kasan_check_read+0x11/0x20
[  644.786037][T12124]  ? ___might_sleep+0x163/0x2c0
[  644.790889][T12124]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  644.796521][T12124]  ? aa_sk_perm+0x346/0xb00
[  644.801173][T12124]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  644.806764][T12124]  inet6_sendmsg+0x9e/0xe0
[  644.811278][T12124]  ? inet6_sendmsg+0x9e/0xe0
[  644.815888][T12124]  ? inet6_ioctl+0x1c0/0x1c0
[  644.820478][T12124]  sock_sendmsg+0xd7/0x130
[  644.824899][T12124]  ____sys_sendmsg+0x358/0x880
[  644.829653][T12124]  ? kernel_sendmsg+0x50/0x50
[  644.834327][T12124]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  644.839883][T12124]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  644.845848][T12124]  ? find_held_lock+0x35/0x130
[  644.850705][T12124]  ___sys_sendmsg+0x100/0x170
[  644.855379][T12124]  ? sendmsg_copy_msghdr+0x70/0x70
[  644.860477][T12124]  ? __kasan_check_read+0x11/0x20
[  644.865505][T12124]  ? __might_fault+0x12b/0x1e0
[  644.870258][T12124]  ? find_held_lock+0x35/0x130
[  644.875009][T12124]  ? __might_fault+0x12b/0x1e0
[  644.879761][T12124]  ? do_dup2+0x4f0/0x4f0
[  644.884007][T12124]  ? lock_downgrade+0x920/0x920
[  644.888864][T12124]  ? ___might_sleep+0x163/0x2c0
[  644.893719][T12124]  __sys_sendmmsg+0x1bf/0x4d0
[  644.898397][T12124]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  644.903427][T12124]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  644.910526][T12124]  ? fput_many+0x12c/0x1a0
[  644.914936][T12124]  ? fput+0x1b/0x20
[  644.918735][T12124]  ? ksys_write+0x1cf/0x290
[  644.923241][T12124]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  644.928697][T12124]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  644.934151][T12124]  ? do_syscall_64+0x26/0x790
[  644.938836][T12124]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  644.944914][T12124]  ? do_syscall_64+0x26/0x790
[  644.949866][T12124]  __x64_sys_sendmmsg+0x9d/0x100
[  644.954893][T12124]  do_syscall_64+0xfa/0x790
[  644.959434][T12124]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  644.965318][T12124] RIP: 0033:0x45a919
[  644.969297][T12124] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  644.989344][T12124] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  644.998026][T12124] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
20:00:47 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec", 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
readlinkat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/53, 0x35)
r2 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)
recvmmsg(r2, &(0x7f0000006b80)=[{{&(0x7f0000000200)=@hci, 0x80, 0x0, 0x0, &(0x7f0000000640)=""/20, 0x14}}, {{&(0x7f0000000680)=@rc, 0x80, &(0x7f0000001d80)=[{&(0x7f0000000700)=""/119, 0x77}, {0x0}, {&(0x7f00000008c0)=""/230, 0xe6}, {0x0}, {&(0x7f0000000a80)=""/217, 0xd9}, {&(0x7f0000000b80)=""/82, 0x52}, {&(0x7f0000000c00)=""/4096, 0x1000}], 0x7, &(0x7f0000001e40)=""/46, 0x2e}, 0x1}, {{0x0, 0x0, &(0x7f0000003080)}}], 0x3, 0x0, 0x0)

[  645.006074][T12124] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  645.014036][T12124] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  645.022011][T12124] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  645.029999][T12124] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  645.038674][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  645.044472][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:47 executing program 3 (fault-call:2 fault-nth:17):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:47 executing program 4:
r0 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$get_security(0x11, r0, &(0x7f00000000c0), 0x0)
r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$get_security(0x11, r1, &(0x7f00000000c0), 0x0)
keyctl$search(0xa, r0, &(0x7f0000000080)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x0}, r1)
mkdir(0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x844}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
dup2(0xffffffffffffffff, r3)
connect$unix(r4, &(0x7f0000000380)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
r5 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r6 = socket(0x400000000000010, 0x802, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc)
ioctl$SIOCAX25ADDUID(r5, 0x89e1, 0x0)
ioctl$SIOCAX25GETUID(0xffffffffffffffff, 0x89e0, 0x0)
rmdir(0x0)

[  645.223277][T12140] FAULT_INJECTION: forcing a failure.
[  645.223277][T12140] name failslab, interval 1, probability 0, space 0, times 0
[  645.236199][T12140] CPU: 1 PID: 12140 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  645.246973][T12140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  645.257314][T12140] Call Trace:
[  645.260887][T12140]  dump_stack+0x197/0x210
[  645.265246][T12140]  should_fail.cold+0xa/0x10
20:00:47 executing program 2:
unshare(0x2040400)
perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
add_key$keyring(&(0x7f0000000380)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffb)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x36c, @time={0x20, 0x4}, 0x1, {0x3f, 0x3}, 0x2, 0x1, 0x3})
add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000240)="585ccbe4ed83b836c1a6474914dc55e72206297b6895b66147b3c7218a9169a85ea0bdc9e1587a050000000000000042e33089754c8107c3cd3923dd4a71c2ff06007b6b4816122d2550829eaa9435c99926022b8753a188748c569f43", 0x5d, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0x0)
ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\f\x00!!\x00\x01\x00\x01', @ifru_names='bond_slave_1\x00\x00\x00\b'})

[  645.269866][T12140]  ? is_bpf_text_address+0xac/0x160
[  645.275085][T12140]  ? setup_fault_attr+0x220/0x220
[  645.280151][T12140]  __should_failslab+0x121/0x190
[  645.285118][T12140]  should_failslab+0x9/0x14
[  645.289645][T12140]  kmem_cache_alloc+0x47/0x710
[  645.294435][T12140]  ? lock_acquire+0x190/0x410
[  645.299132][T12140]  ? net_tx_action+0xd30/0xd30
[  645.303916][T12140]  skb_clone+0x154/0x3d0
[  645.308186][T12140]  dev_queue_xmit_nit+0x3a1/0xaa0
[  645.313249][T12140]  dev_hard_start_xmit+0xbb/0x9b0
[  645.318311][T12140]  ? validate_xmit_skb_list+0xfc/0x150
20:00:47 executing program 0:
r0 = openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000040)='9p\x00', 0x2)
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000140)=0x20)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000700)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000070000000400000078040000580200004001000040010000900300009003000090030000040000000000000000000000ac1e0001ac1e0001ffffffff00000000000000000000000000000000000000000000000000000000fa7f800000ff00000000000000000000000000000000000000000000000000000000000000000000ff0000ff007f00000000000000000000080003ff0080000007ff0401636169663000000000000000000000006970365f76746930000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000200000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c65000000000000000000000000000000000000000000000000aaaaaaaaaa0d0000000000000000000000000000000000000000000000000000ac141420ac1414aa09000000ffffffff0000000300000000ff000000ff00000087dd67d58282000000000000000000000000000000000000fd00fe00000000000000000000000000000000000000000000000000000000000000000000000000ffff000080000000000000000000000000090001007f0007000100026970646470300000000000000000000064756d6d79300000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000920000000000000000000000f0001801000000000000000000000000000000000000000000000000000028000000000000000000000000000000000000000000000000000000000000004001000000000000000000000000000000000000000000000000008ed5328b37bdcca78e89920000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f00038010000000000000000000000000000000000000000000000000000480049444c4554494d45520000000000000000000000000000000000000000000000000073797a31000000000000000000000000000000000000000000000000ff030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800"/1224], 0x4c8)
socket(0x10, 0x80002, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
clone(0x3000000a0160101, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000180)={<r2=>0x0, <r3=>0x0})
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000001c0)={0x2, 0x2, 0x4, 0x6200e800, 0xffffffcc, {r2, r3/1000+10000}, {0x4, 0x1, 0x2, 0x4, 0x3, 0x0, "0099eafa"}, 0x6, 0x4, @fd, 0x3f, 0x0, <r5=>r4})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003600)=[{{&(0x7f0000000440)=@isdn, 0x80, &(0x7f0000002e40)=[{&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000000580)=""/213, 0xd5}, {&(0x7f00000004c0)=""/16, 0x10}, {&(0x7f0000000680)=""/79, 0x4f}, {&(0x7f0000000500)=""/19, 0x13}, {&(0x7f0000001c00)=""/146, 0x92}, {&(0x7f0000001cc0)=""/151, 0x97}, {&(0x7f0000001d80)=""/4096, 0x1000}, {&(0x7f0000002d80)=""/78, 0x4e}, {&(0x7f0000002e00)=""/47, 0x2f}], 0xa}}, {{0x0, 0x0, &(0x7f0000003540)=[{&(0x7f0000002f00)=""/80, 0x50}, {&(0x7f0000002f80)=""/37, 0x25}, {&(0x7f0000002fc0)=""/69, 0x45}, {&(0x7f0000003040)=""/69, 0x45}, {&(0x7f00000030c0)=""/238, 0xee}, {&(0x7f00000031c0)=""/157, 0x9d}, {&(0x7f0000003280)=""/224, 0xe0}, {&(0x7f0000003380)=""/88, 0x58}, {&(0x7f0000003400)=""/183, 0xb7}, {&(0x7f00000034c0)=""/96, 0x60}], 0xa}, 0x20}], 0x2, 0x20, &(0x7f0000003680))
getsockname$packet(r8, &(0x7f0000000540)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000002400070500"/20, @ANYRES32=r9, @ANYBLOB="00000000ffffffff0000000008000100736662002c0042002800010000000000000000000000000000000000affe00000000000000000000ff01000000000000"], 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r9, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x2a, &(0x7f00000002c0)=ANY=[@ANYBLOB="b702000000000400bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000000000812d6405000000000025040400010000001704000001000a40b7040000000100006a0a00fe00000000850000001a000000b7000000000000009500000000000000d83990832ffdd40a409f01f6147c8f6fd267bf41106f89ec68823ce3c4bcc4ce81e97719ea969f2a019a613782ccdfc129d2c67b2c70da0037ad1efc966f1cfdc4ea29f673efc20c8dec082bc6de68ab0a5ebf4ee60253518172b4226cc871311ab25868e1d9a0142636973f338d2d41c41e415a2bcc922a3aa71489fad041e59cc9f6e79e0993c96e4c43518cf72e4bcff56cf5a863efb43ea723476ab7140606791e81960ea313ea74c2cde2dedd424a4596f98e3e70a6f1d8abce75f01dbb60bdf7316a57b31031cc158a0a4c6dd4880c767f39a161b050abc5a34588ea19114caebb7995"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], r9, 0x0, r5, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
pipe(&(0x7f00000008c0)={<r10=>0xffffffffffffffff})
vmsplice(r10, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  645.323801][T12140]  sch_direct_xmit+0x372/0xd30
[  645.328600][T12140]  ? dev_watchdog+0xca0/0xca0
[  645.333303][T12140]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  645.338879][T12140]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  645.344885][T12140]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  645.351149][T12140]  ? sfb_dequeue+0x421/0x4d0
[  645.355769][T12140]  __qdisc_run+0x4bf/0x1770
[  645.360311][T12140]  __dev_queue_xmit+0x1650/0x35c0
[  645.365384][T12140]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  645.370713][T12140]  ? mark_held_locks+0xf0/0xf0
[  645.375513][T12140]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  645.381793][T12140]  ? debug_smp_processor_id+0x33/0x18a
[  645.385069][T12146] bond0: (slave bond_slave_1): Error: Device is in use and cannot be enslaved
[  645.387265][T12140]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  645.387286][T12140]  ? rcu_read_lock_held_common+0xbd/0x130
[  645.387317][T12140]  dev_queue_xmit+0x18/0x20
[  645.412525][T12140]  ? dev_queue_xmit+0x18/0x20
[  645.417223][T12140]  neigh_direct_output+0x16/0x20
[  645.422228][T12140]  ip6_finish_output2+0x109a/0x25c0
[  645.427466][T12140]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  645.433044][T12140]  ? lock_downgrade+0x920/0x920
[  645.437932][T12140]  ? netif_rx_ni+0x670/0x670
[  645.442541][T12140]  ? __kasan_check_read+0x11/0x20
[  645.447621][T12140]  __ip6_finish_output+0x444/0xaa0
[  645.452750][T12140]  ? __ip6_finish_output+0x444/0xaa0
[  645.458072][T12140]  ip6_finish_output+0x38/0x1f0
[  645.462953][T12140]  ip6_output+0x25e/0x880
[  645.467308][T12140]  ? ip6_finish_output+0x1f0/0x1f0
20:00:47 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00')
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x24, r1, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_PEER_V4={0x8, 0xb, @multicast1}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}]}, 0x24}}, 0x0)

[  645.472453][T12140]  ? __ip6_finish_output+0xaa0/0xaa0
[  645.477761][T12140]  ? ip6_make_skb+0x370/0x570
[  645.482459][T12140]  ? ip_reply_glue_bits+0xc0/0xc0
[  645.487523][T12140]  ip6_local_out+0xbb/0x1b0
[  645.487541][T12140]  ip6_send_skb+0xbb/0x350
[  645.487566][T12140]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  645.501973][T12140]  ? ip6_forward_finish+0x570/0x570
[  645.507196][T12140]  udpv6_sendmsg+0x22f3/0x2b30
[  645.511984][T12140]  ? __kasan_check_write+0x14/0x20
[  645.517121][T12140]  ? ip_reply_glue_bits+0xc0/0xc0
[  645.522171][T12140]  ? udp_v6_get_port+0x6b0/0x6b0
[  645.522187][T12140]  ? __kasan_check_read+0x11/0x20
[  645.522209][T12140]  ? mark_lock+0xc2/0x1220
[  645.532173][T12140]  ? __kasan_check_read+0x11/0x20
[  645.532188][T12140]  ? mark_lock+0xc2/0x1220
[  645.532202][T12140]  ? __kasan_check_read+0x11/0x20
[  645.532224][T12140]  ? ___might_sleep+0x163/0x2c0
[  645.532245][T12140]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  645.532270][T12140]  ? aa_sk_perm+0x346/0xb00
[  645.541723][T12140]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  645.541750][T12140]  inet6_sendmsg+0x9e/0xe0
[  645.541774][T12140]  ? inet6_sendmsg+0x9e/0xe0
[  645.541788][T12140]  ? inet6_ioctl+0x1c0/0x1c0
[  645.541809][T12140]  sock_sendmsg+0xd7/0x130
[  645.551242][T12140]  ____sys_sendmsg+0x358/0x880
[  645.551263][T12140]  ? kernel_sendmsg+0x50/0x50
[  645.551286][T12140]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  645.571787][T12140]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  645.571808][T12140]  ? find_held_lock+0x35/0x130
[  645.599251][T12140]  ___sys_sendmsg+0x100/0x170
[  645.599268][T12140]  ? sendmsg_copy_msghdr+0x70/0x70
[  645.599284][T12140]  ? __kasan_check_read+0x11/0x20
[  645.599301][T12140]  ? __might_fault+0x12b/0x1e0
[  645.599317][T12140]  ? find_held_lock+0x35/0x130
[  645.599337][T12140]  ? __might_fault+0x12b/0x1e0
[  645.635148][T12140]  ? do_dup2+0x4f0/0x4f0
[  645.635173][T12140]  ? lock_downgrade+0x920/0x920
[  645.653787][T12140]  ? ___might_sleep+0x163/0x2c0
[  645.653808][T12140]  __sys_sendmmsg+0x1bf/0x4d0
[  645.663336][T12140]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  645.668493][T12140]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  645.674749][T12140]  ? fput_many+0x12c/0x1a0
[  645.674766][T12140]  ? fput+0x1b/0x20
[  645.674780][T12140]  ? ksys_write+0x1cf/0x290
[  645.674803][T12140]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  645.683021][T12140]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  645.683037][T12140]  ? do_syscall_64+0x26/0x790
[  645.683057][T12140]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  645.692975][T12140]  ? do_syscall_64+0x26/0x790
[  645.692996][T12140]  __x64_sys_sendmmsg+0x9d/0x100
[  645.693016][T12140]  do_syscall_64+0xfa/0x790
[  645.693035][T12140]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  645.703156][T12140] RIP: 0033:0x45a919
[  645.713867][T12140] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  645.713875][T12140] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  645.713889][T12140] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  645.713896][T12140] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  645.713910][T12140] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  645.723324][T12140] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  645.723334][T12140] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  648.368665][    C0] net_ratelimit: 16 callbacks suppressed
[  648.368671][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  648.380541][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  649.168692][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  649.174551][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  649.888713][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  649.894552][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  649.900536][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  649.906432][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  650.368700][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  650.375350][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:55 executing program 5:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2a939, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000000), &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000340)='./file0/file0\x00', &(0x7f00000003c0)='cgroup2\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpuset.effective_cpus\x00', 0x26e1, 0x0)
syz_open_dev$mice(0x0, 0x0, 0x0)
r1 = socket$caif_stream(0x25, 0x1, 0x3)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x20000, 0x1000}, 0x18)
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000004c0)=0x80, 0x4)
r3 = socket(0x100000000011, 0x2, 0x0)
bind(r3, &(0x7f0000000140)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f00000001c0)=0x400, 0x4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000540)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000002400070500"/20, @ANYRES32=r6, @ANYBLOB="00000000ffffffff0000000008000100736662002c0042002800010000000000000000000000000000000000affe00000000000000000000ff01000000000000"], 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r6, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
bind$xdp(0xffffffffffffffff, &(0x7f0000000900)={0x2c, 0x0, r6, 0x12}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'ip6tnl0\x00'})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000015c0)='/dev/vga_arbiter\x00', 0x420000, 0x0)
ioctl$TIOCGISO7816(0xffffffffffffffff, 0x80285442, 0x0)
r7 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f0000000300), 0x12)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x4400, 0x0)
accept$unix(0xffffffffffffffff, &(0x7f0000001400), 0x0)
preadv(r9, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0x3ffc00}], 0x1, 0x0)
io_setup(0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000002380)={{0x0, 0x0, 0x0, 0xffffffffffffffff}})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xa, 0x84, 0x4000000000000800, 0x1}, 0x3c)

20:00:55 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
dup2(r1, r2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:00:55 executing program 2:
pipe(&(0x7f0000000680))
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d)
r1 = getpgrp(0x0)
capget(&(0x7f0000000000)={0x0, r1}, 0x0)
r2 = getpgid(0x0)
memfd_create(&(0x7f0000000980)='lotrusted\x1a\x00\xee\xee\x91\xdc\x04>R\xba0Qe\x80\xe3}U\x01\xd0\xa9\xc9\xf1\xc9\x8d&\x90\xf6\x1a\x86\xd8\x02\xda6E\x17\xa9d\xcfcK\xfe\xf4\x99\xb7o\xff\at\xb6C\xef\x068\xcf\xd3\xb6\xbe\x98\x02\xa0\x90\xc8[\v\x93A\x7f\xc6\xa7\xcaEB\xb9\xaeS\x99\x86RI;\x0e\xf0\xcf\x9b\xff\x01\x00\x00\x00\x00\x00\x00\xc9\x85\xe2\xc9\x8bM\x1f\xcd%\x98\x16H\x9f\xbc\xb8\xd4\v', 0x5)
syz_open_dev$sndseq(0x0, 0x0, 0x0)
ppoll(0x0, 0x0, &(0x7f0000000280), 0x0, 0x0)
r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x5452, &(0x7f0000000040))
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
pipe(0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfef0)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000a00)=ANY=[@ANYBLOB="020000000100eb8000000000020001", @ANYRES32, @ANYRES32, @ANYBLOB="b8e365400357609aeb2c35eb6346b93ee6a8ccac064b28045fb5ccc42eb61c604bd9bc6f06af127321df7559522954af9fbdf181f025e9a65d7a17310597d62a318833df89a57e5b53778aa3e66844fc416fc7e2cee1", @ANYBLOB, @ANYRES32=0x0], 0x6, 0x1)
r4 = socket(0xa, 0x3, 0x8)
syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x89a2, 0x0)
sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1de}}, 0x0)
r5 = gettid()
waitid(0x0, r5, &(0x7f0000000040), 0x0, &(0x7f0000000480))
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$key(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYRES32], 0x4}}, 0x906851376542d00c)
memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x9a0efa2b65aacb27)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00'})
r7 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r7)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e4", 0x2c}, {&(0x7f0000000180)="53000000c90dca807737f408177021bd01d3be55090000000001a0000000000000000000", 0x24}], 0x2)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x227d, 0x0)
kcmp(r7, r5, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
ptrace$setopts(0x4206, r7, 0x0, 0x0)
syz_open_dev$dmmidi(0x0, 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00'}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000), 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={<r8=>0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000080)='\x00'}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r3, 0x0, 0x0, 0x0, <r9=>0x0}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080), 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, r9}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000080)='/dev/autofs\x00'}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r8, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='ppp1\x00'}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340), 0xc)
open(0x0, 0xe279a88a3b20cda9, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r10 = socket$inet(0x2, 0x4000000000000001, 0x0)
fcntl$setpipe(r10, 0x407, 0xfffffffffffffffe)
bind$inet(r10, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r10, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r10, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10)
r11 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x2, 0x0)
r12 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r12, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000240)={0x20, 0x0, 0xffffffffffffffff, {0x0, 0x4}}, 0xffffffffffffffb2)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000280)=""/11)
r13 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0)
open(0x0, 0x0, 0x0)
getsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, 0x0, &(0x7f0000000300))
pwritev(0xffffffffffffffff, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a3", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r11, 0x4c00, r13)
sendfile(r10, r11, 0x0, 0x102000004)

20:00:55 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x1, 0x400000000000006}, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x2, r1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r5)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000005c0)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r7)
r8 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r9)
r10 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
fsetxattr$system_posix_acl(r10, &(0x7f0000000480)='system.posix_acl_default\x00', &(0x7f0000000540)={{}, {0x1, 0x4}, [{0x2, 0xc, r3}], {0x4, 0x1}, [{0x8, 0x1, r5}, {0x8, 0x3, r7}, {0x8, 0x5, r9}], {0x10, 0x1}, {0x20, 0xfae7f96afd2b918}}, 0x44, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b702000003000000bfa30000000008000703000000feffe6774389ed080c6cc8c0606cff7a0af0fff8ffffff79a4f0ff00000000e3b1c3027388baa4d9d210a8af5b6b9a3b0f76ffffffff2d6405000000000065040400010000000404000001067d60b7030008000000006a0a00fe00000000850000000d000000b7aee740e23c8be123f41a9c205e470c9c6af45b26e18678d7260bcc7bd075141996e89c20d149048f91dfb1fec3683c9e356c26706a8a6b611cd87e8e5b9697ef6067596cb34977b7495b0680bef663979a3a3efb619aae1ac74b17300654"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, r0}, 0x78)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000280)={0x5, 0x70, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0, 0xa}, 0x1b301113ef96cf7e, 0x2, 0x0, 0x0, 0x3, 0x8dc}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)
r11 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r12 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
fsetxattr$security_capability(r12, &(0x7f0000000040)='security.capability\x00', &(0x7f0000000300)=@v2={0x2000000, [{0x5, 0x2}, {0x3, 0x80}]}, 0x14, 0x3)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000400)=ANY=[], 0x0)
write$cgroup_subtree(r11, &(0x7f0000000380)=ANY=[@ANYBLOB="e37397d776ebb77df46b80f7ead5a5d6fd4003000000ceef063f7b4cc8ac3babdbef581068bac20c7ae0023fb0a8f24dd5badd60729eaec309937c68bc9218135b87ac4e12b50e00000000000011d68f6c7ec90af9572f8aad0a6455f645c2e961bd2bcb03e92ac9758e5f99498d51741de9302dcbaf80aeba196b883127938359ae178f8fcece546360dd388dffdfb5789af525080000004cbd6cbe07e9a774a129d96ac791d5fb1694df557ff45798d3a09014c867e754b1c1568cd62a322cf5e8ac11ace7b6a50349c5defa2e3008c5a97c9df238e7bb70bea00d92d170ecc138b82db9f3"], 0x39)
r13 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_int(r13, &(0x7f0000000500)='cgroup.clone_children\x00', 0x2, 0x0)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz0\x00', 0x200002, 0x0)

20:00:55 executing program 3 (fault-call:2 fault-nth:18):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:55 executing program 0:
r0 = socket(0x2, 0x1, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x60000000})
epoll_pwait(r1, &(0x7f0000000000)=[{}], 0x1, 0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000040)=@fragment={0x5e, 0x0, 0x2e, 0x0, 0x0, 0x15, 0x65}, 0x8)

[  653.964038][T12179] FAULT_INJECTION: forcing a failure.
[  653.964038][T12179] name failslab, interval 1, probability 0, space 0, times 0
[  654.039762][T12179] CPU: 0 PID: 12179 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  654.049808][T12179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  654.049816][T12179] Call Trace:
[  654.049840][T12179]  dump_stack+0x197/0x210
[  654.049865][T12179]  should_fail.cold+0xa/0x10
[  654.049883][T12179]  ? setup_fault_attr+0x220/0x220
[  654.049903][T12179]  ? ___might_sleep+0x163/0x2c0
[  654.049929][T12179]  __should_failslab+0x121/0x190
[  654.049949][T12179]  should_failslab+0x9/0x14
[  654.068026][T12179]  kmem_cache_alloc_node+0x268/0x740
[  654.068047][T12179]  ? __dev_queue_xmit+0x173f/0x35c0
[  654.068063][T12179]  ? trace_hardirqs_on+0x67/0x240
[  654.068084][T12179]  ? __dev_queue_xmit+0x173f/0x35c0
[  654.077957][T12179]  __alloc_skb+0xd5/0x5e0
[  654.077979][T12179]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  654.078003][T12179]  alloc_skb_with_frags+0x93/0x590
[  654.087786][T12179]  ? find_held_lock+0x35/0x130
[  654.087814][T12179]  sock_alloc_send_pskb+0x7ad/0x920
[  654.087840][T12179]  ? sock_wmalloc+0x120/0x120
[  654.087859][T12179]  ? __local_bh_enable_ip+0x15a/0x270
[  654.097937][T12179]  ? ip6_finish_output2+0x1106/0x25c0
[  654.097955][T12179]  ? ip6_mtu+0x2e6/0x450
[  654.097970][T12179]  ? find_held_lock+0x35/0x130
[  654.097990][T12179]  sock_alloc_send_skb+0x32/0x40
[  654.098010][T12179]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  654.113414][T12179]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.113440][T12179]  ? ip6_setup_cork+0x1920/0x1920
[  654.113456][T12179]  ? ip6_flush_pending_frames+0xd0/0xd0
[  654.113471][T12179]  ? __kasan_check_read+0x11/0x20
[  654.113491][T12179]  ip6_make_skb+0x32f/0x570
[  654.123339][T12179]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.123358][T12179]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.123380][T12179]  ? ip6_push_pending_frames+0xf0/0xf0
[  654.123403][T12179]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  654.123421][T12179]  ? ip6_forward_finish+0x570/0x570
[  654.123441][T12179]  ? rcu_read_lock_held+0x9c/0xb0
[  654.133555][T12179]  udpv6_sendmsg+0x22a1/0x2b30
[  654.133578][T12179]  ? __kasan_check_write+0x14/0x20
[  654.133594][T12179]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.133619][T12179]  ? udp_v6_get_port+0x6b0/0x6b0
[  654.133632][T12179]  ? __kasan_check_read+0x11/0x20
[  654.133647][T12179]  ? mark_lock+0xc2/0x1220
[  654.143615][T12179]  ? __kasan_check_read+0x11/0x20
[  654.143632][T12179]  ? mark_lock+0xc2/0x1220
[  654.143646][T12179]  ? __kasan_check_read+0x11/0x20
[  654.143672][T12179]  ? ___might_sleep+0x163/0x2c0
[  654.154467][T12179]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  654.154487][T12179]  ? aa_sk_perm+0x346/0xb00
20:00:56 executing program 0:
r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa0b0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x0, @empty, 0x4e21, 0x0, 'lblc\x00', 0xd, 0x200, 0x2d}, 0x2c)
sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x53)

[  654.154517][T12179]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  654.154542][T12179]  inet6_sendmsg+0x9e/0xe0
[  654.163520][T12179]  ? inet6_sendmsg+0x9e/0xe0
[  654.163539][T12179]  ? inet6_ioctl+0x1c0/0x1c0
[  654.163555][T12179]  sock_sendmsg+0xd7/0x130
[  654.163576][T12179]  ____sys_sendmsg+0x358/0x880
[  654.174232][T12179]  ? kernel_sendmsg+0x50/0x50
[  654.174252][T12179]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  654.174268][T12179]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  654.174287][T12179]  ? find_held_lock+0x35/0x130
[  654.184315][T12179]  ___sys_sendmsg+0x100/0x170
[  654.184335][T12179]  ? sendmsg_copy_msghdr+0x70/0x70
[  654.184351][T12179]  ? __kasan_check_read+0x11/0x20
[  654.184372][T12179]  ? __might_fault+0x12b/0x1e0
[  654.220526][T12179]  ? find_held_lock+0x35/0x130
[  654.220543][T12179]  ? __might_fault+0x12b/0x1e0
[  654.220560][T12179]  ? do_dup2+0x4f0/0x4f0
[  654.220579][T12179]  ? lock_downgrade+0x920/0x920
[  654.230798][T12179]  ? ___might_sleep+0x163/0x2c0
[  654.230819][T12179]  __sys_sendmmsg+0x1bf/0x4d0
[  654.230842][T12179]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  654.230877][T12179]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  654.399490][T12179]  ? fput_many+0x12c/0x1a0
[  654.403916][T12179]  ? fput+0x1b/0x20
[  654.408411][T12179]  ? ksys_write+0x1cf/0x290
[  654.412919][T12179]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  654.418479][T12179]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  654.423930][T12179]  ? do_syscall_64+0x26/0x790
[  654.428778][T12179]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  654.434831][T12179]  ? do_syscall_64+0x26/0x790
[  654.439512][T12179]  __x64_sys_sendmmsg+0x9d/0x100
[  654.444440][T12179]  do_syscall_64+0xfa/0x790
[  654.448944][T12179]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  654.454824][T12179] RIP: 0033:0x45a919
[  654.458727][T12179] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  654.478320][T12179] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  654.486734][T12179] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  654.494709][T12179] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  654.502668][T12179] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  654.510642][T12179] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  654.518613][T12179] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  654.526886][    C0] net_ratelimit: 14 callbacks suppressed
[  654.526898][    C0] protocol 88fb is buggy, dev hsr_slave_0
20:00:56 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000180)={0x2, 0x0, @empty}, 0x10)
r1 = socket$inet(0xa, 0x801, 0x84)
sendto$inet(r1, 0x0, 0x0, 0x4000, 0x0, 0x0)
accept4$inet(r1, &(0x7f0000000100)={0x2, 0x0, @loopback}, &(0x7f00000001c0)=0x10, 0xc0000)
socket$inet(0xa, 0x801, 0x0)
listen(0xffffffffffffffff, 0x100000001)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000240)='veIi\x7f\x15', 0xffffffffffffff2e)
r2 = socket$inet(0xa, 0x801, 0x84)
listen(r2, 0x100000001)
prctl$PR_GET_SECUREBITS(0x1b)
unshare(0x8020000)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000140), 0x1c)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x40, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000000), 0x4)
epoll_create(0x8001)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
setns(r3, 0x0)
clone(0x10062101, 0x0, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="18adb55b658ff0fbe34010dfc79052ce84ab5ab8daab379617b8d88c290cad35da97c0578e5389794c5d5d56d4", 0x2d, 0x0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)

[  654.538570][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  654.544455][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  654.550308][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  654.556781][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  654.562635][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:00:56 executing program 3 (fault-call:2 fault-nth:19):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  654.608606][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  654.614435][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  654.733300][T12198] FAULT_INJECTION: forcing a failure.
[  654.733300][T12198] name failslab, interval 1, probability 0, space 0, times 0
[  654.768863][T12198] CPU: 1 PID: 12198 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  654.778897][T12198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  654.789082][T12198] Call Trace:
[  654.792402][T12198]  dump_stack+0x197/0x210
[  654.796752][T12198]  should_fail.cold+0xa/0x10
[  654.801367][T12198]  ? setup_fault_attr+0x220/0x220
[  654.806423][T12198]  ? ___might_sleep+0x163/0x2c0
[  654.811301][T12198]  __should_failslab+0x121/0x190
[  654.816268][T12198]  should_failslab+0x9/0x14
[  654.820797][T12198]  kmem_cache_alloc_node_trace+0x274/0x750
[  654.826630][T12198]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  654.832684][T12198]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  654.838490][T12198]  __kmalloc_node_track_caller+0x3d/0x70
[  654.844145][T12198]  __kmalloc_reserve.isra.0+0x40/0xf0
[  654.849529][T12198]  __alloc_skb+0x10b/0x5e0
[  654.853939][T12198]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  654.859495][T12198]  alloc_skb_with_frags+0x93/0x590
[  654.864616][T12198]  ? find_held_lock+0x35/0x130
[  654.869513][T12198]  sock_alloc_send_pskb+0x7ad/0x920
[  654.874732][T12198]  ? sock_wmalloc+0x120/0x120
[  654.879410][T12198]  ? __local_bh_enable_ip+0x15a/0x270
[  654.884795][T12198]  ? ip6_finish_output2+0x1106/0x25c0
[  654.890167][T12198]  ? ip6_mtu+0x2e6/0x450
[  654.894412][T12198]  ? find_held_lock+0x35/0x130
[  654.899199][T12198]  sock_alloc_send_skb+0x32/0x40
[  654.904174][T12198]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  654.909910][T12198]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.914952][T12198]  ? ip6_setup_cork+0x1920/0x1920
[  654.920069][T12198]  ? ip6_flush_pending_frames+0xd0/0xd0
[  654.925617][T12198]  ? __kasan_check_read+0x11/0x20
[  654.930664][T12198]  ip6_make_skb+0x32f/0x570
[  654.935164][T12198]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.940208][T12198]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.945236][T12198]  ? ip6_push_pending_frames+0xf0/0xf0
[  654.950710][T12198]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  654.956245][T12198]  ? ip6_forward_finish+0x570/0x570
[  654.961438][T12198]  ? rcu_read_lock_held+0x9c/0xb0
[  654.966469][T12198]  udpv6_sendmsg+0x22a1/0x2b30
[  654.971239][T12198]  ? __kasan_check_write+0x14/0x20
[  654.976351][T12198]  ? ip_reply_glue_bits+0xc0/0xc0
[  654.981406][T12198]  ? udp_v6_get_port+0x6b0/0x6b0
[  654.986694][T12198]  ? __kasan_check_read+0x11/0x20
[  654.991706][T12198]  ? mark_lock+0xc2/0x1220
[  654.996110][T12198]  ? __kasan_check_read+0x11/0x20
[  655.001141][T12198]  ? mark_lock+0xc2/0x1220
[  655.005557][T12198]  ? __kasan_check_read+0x11/0x20
[  655.010598][T12198]  ? ___might_sleep+0x163/0x2c0
[  655.015442][T12198]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  655.021073][T12198]  ? aa_sk_perm+0x346/0xb00
[  655.025597][T12198]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  655.031152][T12198]  inet6_sendmsg+0x9e/0xe0
[  655.035575][T12198]  ? inet6_sendmsg+0x9e/0xe0
[  655.040207][T12198]  ? inet6_ioctl+0x1c0/0x1c0
[  655.044805][T12198]  sock_sendmsg+0xd7/0x130
[  655.049220][T12198]  ____sys_sendmsg+0x358/0x880
[  655.053982][T12198]  ? kernel_sendmsg+0x50/0x50
[  655.058654][T12198]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  655.064212][T12198]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  655.070196][T12198]  ? find_held_lock+0x35/0x130
[  655.074969][T12198]  ___sys_sendmsg+0x100/0x170
[  655.079649][T12198]  ? sendmsg_copy_msghdr+0x70/0x70
[  655.084767][T12198]  ? __kasan_check_read+0x11/0x20
[  655.089787][T12198]  ? __might_fault+0x12b/0x1e0
[  655.094538][T12198]  ? find_held_lock+0x35/0x130
[  655.099300][T12198]  ? __might_fault+0x12b/0x1e0
[  655.104107][T12198]  ? do_dup2+0x4f0/0x4f0
[  655.108376][T12198]  ? lock_downgrade+0x920/0x920
[  655.113289][T12198]  ? ___might_sleep+0x163/0x2c0
[  655.118148][T12198]  __sys_sendmmsg+0x1bf/0x4d0
[  655.122846][T12198]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  655.127916][T12198]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  655.134172][T12198]  ? fput_many+0x12c/0x1a0
[  655.138591][T12198]  ? fput+0x1b/0x20
[  655.142415][T12198]  ? ksys_write+0x1cf/0x290
[  655.146928][T12198]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  655.152403][T12198]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  655.157871][T12198]  ? do_syscall_64+0x26/0x790
[  655.162556][T12198]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  655.168623][T12198]  ? do_syscall_64+0x26/0x790
[  655.173309][T12198]  __x64_sys_sendmmsg+0x9d/0x100
[  655.178244][T12198]  do_syscall_64+0xfa/0x790
[  655.182754][T12198]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  655.188644][T12198] RIP: 0033:0x45a919
[  655.192526][T12198] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  655.212181][T12198] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  655.220601][T12198] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
20:00:57 executing program 4:
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0x200002, 0x0)
fchdir(0xffffffffffffffff)
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, 0x0)
umount2(&(0x7f0000000540)='./file0\x00', 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bsg\x00', 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x34, 0x0, 0x0)

[  655.228673][T12198] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  655.236663][T12198] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  655.244636][T12198] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  655.252609][T12198] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:00:57 executing program 3 (fault-call:2 fault-nth:20):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:00:57 executing program 0:
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x80000, 0x0)
socket$kcm(0xa, 0x2, 0x11)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000240)='cpuset.effective_cpus\x00')
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
gettid()
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x8, &(0x7f0000000000), 0x1fe)
r1 = gettid()
perf_event_open(0x0, r1, 0x7, 0xffffffffffffffff, 0x4)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
gettid()
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x1)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getpid()
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r3, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r3, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)=[{&(0x7f0000000180)="f4001100002b2c25e994efd18498d66205baa68754a3f5ffffff02000000000000000000000000002100004003000000c0", 0x31}], 0x1}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00'})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000200)={0x2, &(0x7f0000000000)=[{0x30}, {0x6}]})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = socket$kcm(0x2b, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000380)='/group.sta\x9f\xd4t\x00+\x04J{\t\xab\v\x02t\xe1\t\x85\xa6\xfa\x15\xb3[\xa6\x94!\xf2\x04\xde\xc5\x0f\xf8`\xe0\x1f&+\xaf\xacu\nm\\\xe2Y\xcba\xea\f\xd9DXX>\xef/\xc5\x97\xea\x93\xa7\xde\xc9\xb4\x16\x8eF\x8b\xe0Wm\x1d\x0e\xbf\x8b\xc4G\x8f\x8e\xd8[T|i$\x00\x04\x00\x92\xee2\xc2$Wx\x15^\xdaM\xeaB\x00\x00\x00\x00\x00\x00\x90\x1e\xbc\x91L\xa0\xda/Q\x19\xe15\x84\x8f\xea\x98\xc6\xe3WZ\x96\xce\x05\xfc\x95\xd9\x88/|\x8b\xf1\xbf\xf2u\xdd\xd8AV\xd87\x96M\xea\xd2\xa2iM\xe9\xa1\xbc\xba}\xbe\xa1\x05J\"\f\xf9\b\xcf\xb8J\x13#\xecT\xdf\xe0\x9dOA>\xe9\x99\xf8\xaf@{dw\b\xe7{\xaf\x9a\x1e3\xc1\x83&\x89\xc2\xa5\xb1\xe2NN\xdf\xd3\x0f{\x8c\xc1\xc8y\x01\x04\x00\xc7\x94\xe3\x89|\xd7\x9f\xd3\x06\x17\xe6]\xd7\x81q\x1d\x1dN\x9e\xf4c\x83\x86_\xfc\xbc\xdd\xd4{\xde\xc4\xe5\xb6\b;L\x1cN\xa2\xc9k\xd7 \xc3\xe4\x19\x96\x8c\x04\xea\x9c9\xfa\xe3\xc1\x8dDuTHL\n\xe8\xb7oSx\'}=\xfc\xa4\x86\xff\r\xedmd1\b\x02j\xb7\x98{`\x89\x8c\xd3\xc6\xe8\xe2\x9b\xd7\xab\xd1s\xfb\xaa\xcd\x9d\xf1\x9e\xee\xe3e\xf1\x91\xf7\xee%\xf8\xc7G', 0x2761, 0x0)
setsockopt$sock_attach_bpf(r4, 0x6, 0x8, &(0x7f0000000000)=r5, 0x1fe)
socket$kcm(0x2b, 0x1, 0x0)

[  655.408592][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  655.414888][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  655.449439][T12215] FAULT_INJECTION: forcing a failure.
[  655.449439][T12215] name failslab, interval 1, probability 0, space 0, times 0
[  655.462653][T12215] CPU: 1 PID: 12215 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  655.472561][T12215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  655.482627][T12215] Call Trace:
[  655.485944][T12215]  dump_stack+0x197/0x210
[  655.490391][T12215]  should_fail.cold+0xa/0x10
[  655.495009][T12215]  ? setup_fault_attr+0x220/0x220
[  655.500104][T12215]  ? ___might_sleep+0x163/0x2c0
[  655.505132][T12215]  __should_failslab+0x121/0x190
[  655.510188][T12215]  should_failslab+0x9/0x14
[  655.514724][T12215]  kmem_cache_alloc_node+0x268/0x740
[  655.520045][T12215]  ? __dev_queue_xmit+0x173f/0x35c0
[  655.525386][T12215]  ? trace_hardirqs_on+0x67/0x240
[  655.530525][T12215]  ? __dev_queue_xmit+0x173f/0x35c0
[  655.536193][T12215]  __alloc_skb+0xd5/0x5e0
[  655.541947][T12215]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  655.547521][T12215]  alloc_skb_with_frags+0x93/0x590
[  655.552660][T12215]  ? find_held_lock+0x35/0x130
[  655.557448][T12215]  sock_alloc_send_pskb+0x7ad/0x920
[  655.562767][T12215]  ? sock_wmalloc+0x120/0x120
[  655.567458][T12215]  ? __local_bh_enable_ip+0x15a/0x270
[  655.572849][T12215]  ? ip6_finish_output2+0x1106/0x25c0
[  655.578236][T12215]  ? ip6_mtu+0x2e6/0x450
[  655.582494][T12215]  ? find_held_lock+0x35/0x130
[  655.587281][T12215]  sock_alloc_send_skb+0x32/0x40
[  655.592236][T12215]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  655.597978][T12215]  ? ip_reply_glue_bits+0xc0/0xc0
[  655.603027][T12215]  ? ip6_setup_cork+0x1920/0x1920
[  655.608068][T12215]  ? ip6_flush_pending_frames+0xd0/0xd0
[  655.613627][T12215]  ? __kasan_check_read+0x11/0x20
[  655.618694][T12215]  ip6_make_skb+0x32f/0x570
[  655.623208][T12215]  ? ip_reply_glue_bits+0xc0/0xc0
[  655.628263][T12215]  ? ip_reply_glue_bits+0xc0/0xc0
[  655.633316][T12215]  ? ip6_push_pending_frames+0xf0/0xf0
[  655.638805][T12215]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  655.644390][T12215]  ? ip6_forward_finish+0x570/0x570
[  655.649604][T12215]  ? rcu_read_lock_held+0x9c/0xb0
[  655.654661][T12215]  udpv6_sendmsg+0x22a1/0x2b30
[  655.659484][T12215]  ? __kasan_check_write+0x14/0x20
[  655.664619][T12215]  ? ip_reply_glue_bits+0xc0/0xc0
[  655.669675][T12215]  ? udp_v6_get_port+0x6b0/0x6b0
[  655.674631][T12215]  ? __kasan_check_read+0x11/0x20
[  655.679767][T12215]  ? mark_lock+0xc2/0x1220
[  655.684219][T12215]  ? __kasan_check_read+0x11/0x20
[  655.689264][T12215]  ? mark_lock+0xc2/0x1220
[  655.693699][T12215]  ? __kasan_check_read+0x11/0x20
[  655.698750][T12215]  ? ___might_sleep+0x163/0x2c0
[  655.703629][T12215]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  655.709275][T12215]  ? aa_sk_perm+0x346/0xb00
[  655.713815][T12215]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  655.719545][T12215]  inet6_sendmsg+0x9e/0xe0
[  655.723988][T12215]  ? inet6_sendmsg+0x9e/0xe0
[  655.728611][T12215]  ? inet6_ioctl+0x1c0/0x1c0
[  655.733220][T12215]  sock_sendmsg+0xd7/0x130
[  655.737644][T12215]  ____sys_sendmsg+0x358/0x880
[  655.742401][T12215]  ? kernel_sendmsg+0x50/0x50
[  655.747081][T12215]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  655.752645][T12215]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  655.758726][T12215]  ? find_held_lock+0x35/0x130
[  655.763617][T12215]  ___sys_sendmsg+0x100/0x170
[  655.768295][T12215]  ? sendmsg_copy_msghdr+0x70/0x70
[  655.773426][T12215]  ? __kasan_check_read+0x11/0x20
[  655.778452][T12215]  ? __might_fault+0x12b/0x1e0
[  655.783221][T12215]  ? find_held_lock+0x35/0x130
[  655.787987][T12215]  ? __might_fault+0x12b/0x1e0
[  655.792742][T12215]  ? do_dup2+0x4f0/0x4f0
[  655.796992][T12215]  ? lock_downgrade+0x920/0x920
[  655.801867][T12215]  ? ___might_sleep+0x163/0x2c0
[  655.806719][T12215]  __sys_sendmmsg+0x1bf/0x4d0
[  655.811403][T12215]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  655.816452][T12215]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  655.822682][T12215]  ? fput_many+0x12c/0x1a0
[  655.827218][T12215]  ? fput+0x1b/0x20
[  655.831027][T12215]  ? ksys_write+0x1cf/0x290
[  655.835720][T12215]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  655.841212][T12215]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  655.846683][T12215]  ? do_syscall_64+0x26/0x790
[  655.851366][T12215]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  655.857435][T12215]  ? do_syscall_64+0x26/0x790
[  655.862123][T12215]  __x64_sys_sendmmsg+0x9d/0x100
[  655.867065][T12215]  do_syscall_64+0xfa/0x790
[  655.871573][T12215]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  655.877466][T12215] RIP: 0033:0x45a919
[  655.881364][T12215] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  655.900977][T12215] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  655.909399][T12215] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  655.917455][T12215] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  655.925418][T12215] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  655.933451][T12215] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  655.941429][T12215] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  659.568692][    C0] net_ratelimit: 18 callbacks suppressed
[  659.575173][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  659.581227][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  660.768611][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  660.774439][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  660.780326][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  660.786132][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  660.791997][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  660.797791][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  660.858647][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  660.864451][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:01:05 executing program 5:
r0 = open$dir(&(0x7f0000000800)='./file0\x00', 0x40000400000002c2, 0x0)
ftruncate(r0, 0x0)

20:01:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
close(r1)
close(r2)
pipe(&(0x7f0000000380)={<r3=>0xffffffffffffffff})
splice(r0, 0x0, r2, 0x0, 0x2, 0x0)
read$char_usb(r3, &(0x7f0000000040)=""/14, 0xe)
ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0xc2)
write(r0, &(0x7f0000000300)="2400000012005f3414f9f407000973ca2db90fb88e67003e787400050000000000000000", 0x24)

20:01:05 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x10)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000000280)="480000001500197f09004b0101048c590188ffffcf5d060000427a000000033057fff7e07900e0413ff26bb452cf9e8a62bf5b3b8c3cfe5f0028215bffff9b2264520405a3000000", 0x48}], 0x1)
recvfrom(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)=@x25={0x9, @null='               \x00'}, 0x80)

20:01:05 executing program 3 (fault-call:2 fault-nth:21):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:05 executing program 4:
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f00000002c0)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x6, 0x0, 0x0, "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006926ed0c00"}, 0xd8)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x0)
ftruncate(r1, 0x80006)
sendfile(r0, r1, 0x0, 0x8000fffffffe)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
dup3(r2, r0, 0x0)

20:01:05 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:01:05 executing program 4:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={[], [], @loopback}, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast2, 0x0, 0x3c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x1}}, 0xe8)
write(0xffffffffffffffff, &(0x7f0000000540)="dc8bc724d06a867d", 0x8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)

20:01:05 executing program 0:

[  663.692872][T12236] FAULT_INJECTION: forcing a failure.
[  663.692872][T12236] name failslab, interval 1, probability 0, space 0, times 0
[  663.705609][T12236] CPU: 0 PID: 12236 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  663.715512][T12236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  663.725579][T12236] Call Trace:
[  663.728892][T12236]  dump_stack+0x197/0x210
[  663.733253][T12236]  should_fail.cold+0xa/0x10
[  663.737948][T12236]  ? is_bpf_text_address+0xac/0x160
[  663.743193][T12236]  ? setup_fault_attr+0x220/0x220
[  663.748415][T12236]  __should_failslab+0x121/0x190
[  663.753385][T12236]  should_failslab+0x9/0x14
[  663.753404][T12236]  kmem_cache_alloc+0x47/0x710
[  663.753424][T12236]  ? lock_acquire+0x190/0x410
[  663.753447][T12236]  ? net_tx_action+0xd30/0xd30
[  663.762687][T12236]  skb_clone+0x154/0x3d0
[  663.762707][T12236]  dev_queue_xmit_nit+0x3a1/0xaa0
[  663.762733][T12236]  dev_hard_start_xmit+0xbb/0x9b0
[  663.762754][T12236]  ? validate_xmit_skb_list+0xfc/0x150
[  663.762778][T12236]  sch_direct_xmit+0x372/0xd30
[  663.762802][T12236]  ? dev_watchdog+0xca0/0xca0
[  663.801374][T12236]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  663.806940][T12236]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  663.812925][T12236]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  663.819166][T12236]  ? sfb_dequeue+0x421/0x4d0
[  663.823752][T12236]  __qdisc_run+0x4bf/0x1770
[  663.828253][T12236]  __dev_queue_xmit+0x1650/0x35c0
[  663.833273][T12236]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  663.838560][T12236]  ? mark_held_locks+0xf0/0xf0
[  663.843310][T12236]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  663.849541][T12236]  ? debug_smp_processor_id+0x33/0x18a
[  663.854989][T12236]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  663.861146][T12236]  ? rcu_read_lock_held_common+0xbd/0x130
[  663.866863][T12236]  dev_queue_xmit+0x18/0x20
[  663.871360][T12236]  ? dev_queue_xmit+0x18/0x20
[  663.876022][T12236]  neigh_direct_output+0x16/0x20
[  663.881044][T12236]  ip6_finish_output2+0x109a/0x25c0
[  663.886246][T12236]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  663.891775][T12236]  ? lock_downgrade+0x920/0x920
[  663.896619][T12236]  ? netif_rx_ni+0x670/0x670
[  663.901211][T12236]  ? __kasan_check_read+0x11/0x20
[  663.906223][T12236]  __ip6_finish_output+0x444/0xaa0
[  663.911318][T12236]  ? __ip6_finish_output+0x444/0xaa0
[  663.916864][T12236]  ip6_finish_output+0x38/0x1f0
[  663.922054][T12236]  ip6_output+0x25e/0x880
[  663.926370][T12236]  ? ip6_finish_output+0x1f0/0x1f0
[  663.931481][T12236]  ? __ip6_finish_output+0xaa0/0xaa0
[  663.936749][T12236]  ? ip6_make_skb+0x370/0x570
[  663.941533][T12236]  ? ip_reply_glue_bits+0xc0/0xc0
[  663.946576][T12236]  ip6_local_out+0xbb/0x1b0
[  663.951081][T12236]  ip6_send_skb+0xbb/0x350
[  663.955522][T12236]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  663.960989][T12236]  ? ip6_forward_finish+0x570/0x570
[  663.966187][T12236]  udpv6_sendmsg+0x22f3/0x2b30
[  663.970950][T12236]  ? __kasan_check_write+0x14/0x20
[  663.976049][T12236]  ? ip_reply_glue_bits+0xc0/0xc0
[  663.981076][T12236]  ? udp_v6_get_port+0x6b0/0x6b0
[  663.986010][T12236]  ? __kasan_check_read+0x11/0x20
[  663.991020][T12236]  ? mark_lock+0xc2/0x1220
[  663.995437][T12236]  ? __kasan_check_read+0x11/0x20
[  664.000445][T12236]  ? mark_lock+0xc2/0x1220
[  664.004848][T12236]  ? __kasan_check_read+0x11/0x20
[  664.009866][T12236]  ? ___might_sleep+0x163/0x2c0
[  664.014713][T12236]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  664.020332][T12236]  ? aa_sk_perm+0x346/0xb00
[  664.024835][T12236]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  664.030394][T12236]  inet6_sendmsg+0x9e/0xe0
[  664.034797][T12236]  ? inet6_sendmsg+0x9e/0xe0
[  664.039373][T12236]  ? inet6_ioctl+0x1c0/0x1c0
[  664.043948][T12236]  sock_sendmsg+0xd7/0x130
[  664.048358][T12236]  ____sys_sendmsg+0x358/0x880
[  664.053111][T12236]  ? kernel_sendmsg+0x50/0x50
[  664.057786][T12236]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  664.063329][T12236]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  664.069302][T12236]  ? find_held_lock+0x35/0x130
[  664.074059][T12236]  ___sys_sendmsg+0x100/0x170
[  664.081332][T12236]  ? sendmsg_copy_msghdr+0x70/0x70
[  664.086444][T12236]  ? __kasan_check_read+0x11/0x20
[  664.091456][T12236]  ? __might_fault+0x12b/0x1e0
[  664.096203][T12236]  ? find_held_lock+0x35/0x130
[  664.100956][T12236]  ? __might_fault+0x12b/0x1e0
[  664.105712][T12236]  ? do_dup2+0x4f0/0x4f0
[  664.110039][T12236]  ? lock_downgrade+0x920/0x920
[  664.114895][T12236]  ? ___might_sleep+0x163/0x2c0
[  664.119739][T12236]  __sys_sendmmsg+0x1bf/0x4d0
[  664.124412][T12236]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  664.129439][T12236]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  664.135667][T12236]  ? fput_many+0x12c/0x1a0
[  664.140078][T12236]  ? fput+0x1b/0x20
[  664.143874][T12236]  ? ksys_write+0x1cf/0x290
[  664.148394][T12236]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  664.153839][T12236]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  664.159305][T12236]  ? do_syscall_64+0x26/0x790
[  664.163971][T12236]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  664.170030][T12236]  ? do_syscall_64+0x26/0x790
[  664.174710][T12236]  __x64_sys_sendmmsg+0x9d/0x100
[  664.180176][T12236]  do_syscall_64+0xfa/0x790
[  664.184669][T12236]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  664.190561][T12236] RIP: 0033:0x45a919
[  664.194454][T12236] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  664.214044][T12236] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  664.222462][T12236] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  664.230421][T12236] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  664.238390][T12236] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  664.246347][T12236] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  664.254315][T12236] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:01:06 executing program 0:

20:01:06 executing program 0:

20:01:06 executing program 4:

[  664.361061][T12252] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
20:01:06 executing program 2:

[  664.928656][    C0] net_ratelimit: 12 callbacks suppressed
[  664.928662][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  664.940161][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  664.946047][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  664.952047][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  664.957946][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  664.963825][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  665.018643][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  665.024859][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  666.288648][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  666.294505][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  670.448645][    C0] net_ratelimit: 18 callbacks suppressed
[  670.448651][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  670.460541][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  671.168636][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  671.174449][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  671.180302][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  671.186433][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  671.192256][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  671.198017][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  671.248686][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  671.254671][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:01:14 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
rmdir(0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$UI_SET_PHYS(r3, 0x4008556c, &(0x7f00000000c0)='syz0\x00')
ioctl$TCSETS(r4, 0x40045431, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x8000000200000000, 0x100000800007f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000))
mount(0x0, 0x0, 0x0, 0x0, 0x0)

20:01:14 executing program 3 (fault-call:2 fault-nth:22):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:14 executing program 0:

20:01:14 executing program 4:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)='devtmpfs\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000ac0)=""/4096, 0x1031)

20:01:14 executing program 2:
r0 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000580)=ANY=[@ANYBLOB="726177000000000000000000003053000000000000000000000000000000000009000000030000003802000010010000a0010000000000000000000010010000a0010000a0010000a0010000a0010000a001000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800100100000000000000000000000000000000000000005800686173686c696d6974000000000000000000000000000000000000000001670000001080000000000010000000000000000000001000ff0f0000000000000000000000040000ff0f0000000000000000000000000000480043540000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000900000000000000000000000000000000000000000002000545241434500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff"], 0x1)
sendmmsg(r0, &(0x7f0000005fc0), 0x800000000000059, 0x0)

20:01:14 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  672.012716][T12271] x_tables: duplicate underflow at hook 3
[  672.025778][T12275] x_tables: duplicate underflow at hook 3
20:01:14 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x4008001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r0, 0x4b40, 0x0)

[  672.062918][T12277] FAULT_INJECTION: forcing a failure.
[  672.062918][T12277] name failslab, interval 1, probability 0, space 0, times 0
20:01:14 executing program 4:
creat(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)

[  672.106054][T12277] CPU: 1 PID: 12277 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  672.116264][T12277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  672.126933][T12277] Call Trace:
[  672.130263][T12277]  dump_stack+0x197/0x210
[  672.134614][T12277]  should_fail.cold+0xa/0x10
[  672.139217][T12277]  ? setup_fault_attr+0x220/0x220
[  672.144258][T12277]  ? ___might_sleep+0x163/0x2c0
[  672.149121][T12277]  __should_failslab+0x121/0x190
[  672.154577][T12277]  should_failslab+0x9/0x14
[  672.159280][T12277]  kmem_cache_alloc_node+0x268/0x740
[  672.164576][T12277]  ? __dev_queue_xmit+0x173f/0x35c0
[  672.170439][T12277]  ? trace_hardirqs_on+0x67/0x240
[  672.175479][T12277]  ? __dev_queue_xmit+0x173f/0x35c0
[  672.180806][T12277]  __alloc_skb+0xd5/0x5e0
[  672.185414][T12277]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  672.190961][T12277]  alloc_skb_with_frags+0x93/0x590
[  672.196155][T12277]  ? find_held_lock+0x35/0x130
[  672.200913][T12277]  sock_alloc_send_pskb+0x7ad/0x920
[  672.206107][T12277]  ? sock_wmalloc+0x120/0x120
[  672.210774][T12277]  ? __local_bh_enable_ip+0x15a/0x270
[  672.216141][T12277]  ? ip6_finish_output2+0x1106/0x25c0
[  672.221615][T12277]  ? ip6_mtu+0x2e6/0x450
[  672.225857][T12277]  ? find_held_lock+0x35/0x130
[  672.230627][T12277]  sock_alloc_send_skb+0x32/0x40
[  672.235562][T12277]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  672.241316][T12277]  ? ip_reply_glue_bits+0xc0/0xc0
[  672.246454][T12277]  ? ip6_setup_cork+0x1920/0x1920
[  672.251660][T12277]  ? ip6_flush_pending_frames+0xd0/0xd0
[  672.257395][T12277]  ? __kasan_check_read+0x11/0x20
[  672.262417][T12277]  ip6_make_skb+0x32f/0x570
[  672.266912][T12277]  ? ip_reply_glue_bits+0xc0/0xc0
[  672.272038][T12277]  ? ip_reply_glue_bits+0xc0/0xc0
[  672.277074][T12277]  ? ip6_push_pending_frames+0xf0/0xf0
[  672.282529][T12277]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  672.288085][T12277]  ? ip6_forward_finish+0x570/0x570
[  672.293393][T12277]  ? rcu_read_lock_held+0x9c/0xb0
[  672.298424][T12277]  udpv6_sendmsg+0x22a1/0x2b30
[  672.303185][T12277]  ? __kasan_check_write+0x14/0x20
[  672.308306][T12277]  ? ip_reply_glue_bits+0xc0/0xc0
[  672.313325][T12277]  ? udp_v6_get_port+0x6b0/0x6b0
[  672.318248][T12277]  ? __kasan_check_read+0x11/0x20
[  672.323266][T12277]  ? mark_lock+0xc2/0x1220
[  672.327675][T12277]  ? __kasan_check_read+0x11/0x20
[  672.332685][T12277]  ? mark_lock+0xc2/0x1220
[  672.337101][T12277]  ? __kasan_check_read+0x11/0x20
[  672.342116][T12277]  ? ___might_sleep+0x163/0x2c0
[  672.346960][T12277]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  672.352592][T12277]  ? aa_sk_perm+0x346/0xb00
[  672.357095][T12277]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  672.362641][T12277]  inet6_sendmsg+0x9e/0xe0
[  672.367073][T12277]  ? inet6_sendmsg+0x9e/0xe0
[  672.371669][T12277]  ? inet6_ioctl+0x1c0/0x1c0
[  672.376359][T12277]  sock_sendmsg+0xd7/0x130
[  672.380786][T12277]  ____sys_sendmsg+0x358/0x880
[  672.385540][T12277]  ? kernel_sendmsg+0x50/0x50
[  672.390215][T12277]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  672.395750][T12277]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  672.401730][T12277]  ? find_held_lock+0x35/0x130
[  672.406572][T12277]  ___sys_sendmsg+0x100/0x170
[  672.411240][T12277]  ? sendmsg_copy_msghdr+0x70/0x70
[  672.416338][T12277]  ? __kasan_check_read+0x11/0x20
[  672.421359][T12277]  ? __might_fault+0x12b/0x1e0
[  672.426110][T12277]  ? find_held_lock+0x35/0x130
[  672.430861][T12277]  ? __might_fault+0x12b/0x1e0
[  672.435645][T12277]  ? do_dup2+0x4f0/0x4f0
[  672.439884][T12277]  ? lock_downgrade+0x920/0x920
[  672.445160][T12277]  ? ___might_sleep+0x163/0x2c0
[  672.450001][T12277]  __sys_sendmmsg+0x1bf/0x4d0
[  672.454676][T12277]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  672.459702][T12277]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  672.465928][T12277]  ? fput_many+0x12c/0x1a0
[  672.470345][T12277]  ? fput+0x1b/0x20
[  672.474138][T12277]  ? ksys_write+0x1cf/0x290
[  672.478631][T12277]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  672.484075][T12277]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  672.489519][T12277]  ? do_syscall_64+0x26/0x790
[  672.494181][T12277]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  672.500240][T12277]  ? do_syscall_64+0x26/0x790
[  672.504912][T12277]  __x64_sys_sendmmsg+0x9d/0x100
[  672.509838][T12277]  do_syscall_64+0xfa/0x790
[  672.514378][T12277]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  672.520264][T12277] RIP: 0033:0x45a919
[  672.524149][T12277] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  672.543839][T12277] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
20:01:14 executing program 0:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f000025c000)={0x7, 0x70, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x4844, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x0, 0x0, 0x6698, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x8, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x56324a54, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x400000000000000, 0x8001, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x4, 0x6)
r0 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMSETDEVNAME(r0, 0x80184947, &(0x7f00000002c0)={0x0, 'syz0\x00'})
r1 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x48401)
ioctl$RTC_PIE_ON(r1, 0x7005)
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000040)={'sit0\x00', 0x300000000000})
prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000240))
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x200000, 0x0)
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000140)={0xfffffffffffffffb, 0xff, 0xffffffffffff7fff, 0x502, 0x10})
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0xff00)
getresuid(&(0x7f0000000380), &(0x7f0000000300), &(0x7f0000000280))
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080)='devlink\x00')
setsockopt$sock_timeval(r4, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x7530}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000080))
r6 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r6, 0x4, 0xffffffffffffffff, 0x8)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000003c0)={[], 0x7, 0x7, 0x40, 0x9da, 0x5, r6})
connect$llc(r4, &(0x7f0000000000)={0x1a, 0x304, 0x0, 0x200003, 0x7ff}, 0x10)

[  672.552254][T12277] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  672.560213][T12277] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  672.568190][T12277] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  672.576147][T12277] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  672.584351][T12277] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:01:14 executing program 3 (fault-call:2 fault-nth:23):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  672.770113][T12292] FAULT_INJECTION: forcing a failure.
[  672.770113][T12292] name failslab, interval 1, probability 0, space 0, times 0
[  672.783162][T12292] CPU: 0 PID: 12292 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  672.793070][T12292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  672.803140][T12292] Call Trace:
[  672.806468][T12292]  dump_stack+0x197/0x210
[  672.810868][T12292]  should_fail.cold+0xa/0x10
[  672.815486][T12292]  ? setup_fault_attr+0x220/0x220
[  672.820539][T12292]  ? ___might_sleep+0x163/0x2c0
[  672.825423][T12292]  __should_failslab+0x121/0x190
[  672.830393][T12292]  should_failslab+0x9/0x14
[  672.834928][T12292]  kmem_cache_alloc_node_trace+0x274/0x750
[  672.840759][T12292]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  672.846784][T12292]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  672.854271][T12292]  __kmalloc_node_track_caller+0x3d/0x70
[  672.859958][T12292]  __kmalloc_reserve.isra.0+0x40/0xf0
[  672.865353][T12292]  __alloc_skb+0x10b/0x5e0
20:01:14 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x200000, 0x0)
ioctl$ASHMEM_GET_SIZE(r2, 0x40186f40, 0x7600e1)

20:01:14 executing program 4:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfec8)
write$P9_RREADLINK(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
close(0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x31982, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x900, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
r3 = openat$md(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/md0\x00', 0x80c00, 0x0)
fsetxattr$trusted_overlay_origin(r3, &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x2)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$bt_BT_POWER(r4, 0x112, 0x9, &(0x7f0000000000), 0x1)
pipe(0x0)
bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000180)='/dev/udmabuf\x00', 0x2)
splice(r0, 0x0, r5, 0x0, 0xfffd, 0x0)
sendmsg$inet_sctp(r0, &(0x7f00000005c0)={&(0x7f00000001c0)=@in6={0xa, 0x4e22, 0x200, @rand_addr="3f35ffde5ce795fe0b532c60f68de496", 0x1000}, 0x1c, &(0x7f0000000540)=[{&(0x7f0000000340)="f3c997885e4201bf231e204321e0f1931cf4e6b1b7130b15bcc8679e8302f636ce0b2ec82c1ea47b8c7bf8572f3e7011cd8988c43617c850ed9bc45877e055e09dfd14fc0b7bcf488774391b4e0f5c9e2dbf455573b2704b8ea7a1b8c93178f3cc57cbe01d9510f9995196ddc5cb52924ac11fffcfa4395d5d40f5a40885952223851e9b0df371543f24ad912cfd48bcd245c7e22e913cbee9f4c47b6a1b585a737f0d3cfaefc39476e545d6224a4d9c3a651b84fa4cb62cfc7dd12ea6b880f64d8a67d96c1dc862b37cec27fe0dc2e2272241fe9a5f64c05bc15b2da5047e59978597fb7533fc6c9b0673d3e595e2a9e725ea7e1ee639", 0xf7}, {&(0x7f0000000200)="815341cf903118cbd4f9fa368f45975fe3872086cbfa26f400d56827a290831d8c28c2cda5c41f2655f47c5ab940675be08a8d715e6de7b34291c6", 0x3b}, {&(0x7f0000000240)="bf30724839de36af42b45291d40ced422eb67004d5abcb64a6ef7feb445a352865654554d2a39660c41d59ec9f2696269c56e035a0f10f7bdd8aa858c2c4a472a2d03b6928d75cbaa3a04df32ab4e7be4377e949d8a1", 0x56}, {&(0x7f0000000440)="b37a528d7e53b833d2f21c41f10202f75ac5818c948babea1aeee91f626c6fd1930057d979a24fee97c6aad152020eb5a64700ec7226dccd04ef982be0a697a21e6e214ba399019a60e053b1b2f240fedde095ab7ff3b45cb6e25f5e6d5a945b47e068e2e00b4f22904689b5eda988a94d5f14223f5f736c45643dcc55c75bba3a378458b2348e18fd3ed78f5f2ca091329d4a7b2a4a507844936ab8a1ef8d5dbf29b91e0b7175343796a664d90562792be5a0d1fc7198b2a6c570538d0a97a5cf98e949842a12cfb6778a2e10a2be2e3e77dd2e4519584685a96734c336b254abcf11", 0xe3}], 0x4, &(0x7f0000000580)=[@dstaddrv6={0x20, 0x84, 0x8, @remote}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x12e}}], 0x38, 0x40000000}, 0x400cc028)
r6 = syz_open_dev$vcsa(&(0x7f0000000980)='/dev/vcsa#\x00', 0x4, 0x480000)
setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f00000009c0)=0xd6a, 0x4)

[  672.869792][T12292]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  672.875365][T12292]  alloc_skb_with_frags+0x93/0x590
[  672.880509][T12292]  ? find_held_lock+0x35/0x130
[  672.885423][T12292]  sock_alloc_send_pskb+0x7ad/0x920
[  672.890663][T12292]  ? sock_wmalloc+0x120/0x120
[  672.895664][T12292]  ? __local_bh_enable_ip+0x15a/0x270
[  672.901086][T12292]  ? ip6_finish_output2+0x1106/0x25c0
[  672.906520][T12292]  ? ip6_mtu+0x2e6/0x450
[  672.910788][T12292]  ? find_held_lock+0x35/0x130
[  672.916509][T12292]  sock_alloc_send_skb+0x32/0x40
[  672.921743][T12292]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  672.927597][T12292]  ? ip_reply_glue_bits+0xc0/0xc0
[  672.934979][T12292]  ? ip6_setup_cork+0x1920/0x1920
[  672.940055][T12292]  ? ip6_flush_pending_frames+0xd0/0xd0
[  672.945627][T12292]  ? __kasan_check_read+0x11/0x20
[  672.950683][T12292]  ip6_make_skb+0x32f/0x570
[  672.955301][T12292]  ? ip_reply_glue_bits+0xc0/0xc0
[  672.960347][T12292]  ? ip_reply_glue_bits+0xc0/0xc0
[  672.960366][T12292]  ? ip6_push_pending_frames+0xf0/0xf0
[  672.960386][T12292]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  672.960403][T12292]  ? ip6_forward_finish+0x570/0x570
[  672.960417][T12292]  ? rcu_read_lock_held+0x9c/0xb0
[  672.960440][T12292]  udpv6_sendmsg+0x22a1/0x2b30
[  672.992019][T12292]  ? __kasan_check_write+0x14/0x20
[  672.997419][T12292]  ? ip_reply_glue_bits+0xc0/0xc0
[  673.002470][T12292]  ? udp_v6_get_port+0x6b0/0x6b0
[  673.007525][T12292]  ? __kasan_check_read+0x11/0x20
[  673.012593][T12292]  ? mark_lock+0xc2/0x1220
[  673.017065][T12292]  ? __kasan_check_read+0x11/0x20
[  673.022202][T12292]  ? mark_lock+0xc2/0x1220
[  673.027065][T12292]  ? __kasan_check_read+0x11/0x20
[  673.032208][T12292]  ? ___might_sleep+0x163/0x2c0
[  673.037083][T12292]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  673.042874][T12292]  ? aa_sk_perm+0x346/0xb00
[  673.047414][T12292]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  673.053096][T12292]  inet6_sendmsg+0x9e/0xe0
[  673.057566][T12292]  ? inet6_sendmsg+0x9e/0xe0
[  673.062268][T12292]  ? inet6_ioctl+0x1c0/0x1c0
[  673.067330][T12292]  sock_sendmsg+0xd7/0x130
[  673.071742][T12292]  ____sys_sendmsg+0x358/0x880
[  673.076615][T12292]  ? kernel_sendmsg+0x50/0x50
[  673.081393][T12292]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  673.086934][T12292]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  673.093006][T12292]  ? find_held_lock+0x35/0x130
[  673.098126][T12292]  ___sys_sendmsg+0x100/0x170
[  673.102829][T12292]  ? sendmsg_copy_msghdr+0x70/0x70
[  673.107992][T12292]  ? __kasan_check_read+0x11/0x20
[  673.113044][T12292]  ? __might_fault+0x12b/0x1e0
[  673.118148][T12292]  ? find_held_lock+0x35/0x130
[  673.122953][T12292]  ? __might_fault+0x12b/0x1e0
[  673.127721][T12292]  ? do_dup2+0x4f0/0x4f0
[  673.131970][T12292]  ? lock_downgrade+0x920/0x920
[  673.136843][T12292]  ? ___might_sleep+0x163/0x2c0
[  673.141865][T12292]  __sys_sendmmsg+0x1bf/0x4d0
[  673.146556][T12292]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  673.151754][T12292]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  673.158749][T12292]  ? fput_many+0x12c/0x1a0
[  673.164214][T12292]  ? fput+0x1b/0x20
[  673.168058][T12292]  ? ksys_write+0x1cf/0x290
[  673.172635][T12292]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  673.178554][T12292]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  673.184096][T12292]  ? do_syscall_64+0x26/0x790
[  673.188785][T12292]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  673.195568][T12292]  ? do_syscall_64+0x26/0x790
[  673.200608][T12292]  __x64_sys_sendmmsg+0x9d/0x100
[  673.205703][T12292]  do_syscall_64+0xfa/0x790
[  673.210399][T12292]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  673.216292][T12292] RIP: 0033:0x45a919
[  673.220193][T12292] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  673.240015][T12292] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  673.248435][T12292] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  673.256506][T12292] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  673.264583][T12292] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  673.272565][T12292] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  673.280536][T12292] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  676.688705][    C0] net_ratelimit: 20 callbacks suppressed
[  676.688713][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  676.700951][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  677.408671][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  677.414948][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  677.421487][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  677.427613][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  677.433546][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  677.439653][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  677.498692][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  677.504963][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:01:21 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
ioctl$PPPIOCSMRU1(r0, 0x40047452, &(0x7f0000000000)=0x80)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r2, 0x0, 0x0)

20:01:21 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000100)={'bridge_slave_0\x00'})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000000)={0x0, 0x97}, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r2)
preadv(r3, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/48, 0x30}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f0000000140)=""/247, 0xf7}], 0x3, 0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'bridge_slave_0\x00?', 0x22000000c0ffffff})

20:01:21 executing program 3 (fault-call:2 fault-nth:24):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:21 executing program 0:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/stat\x00')
write$input_event(r0, &(0x7f0000000340)={{0x77359400}, 0x4, 0x1000, 0x80000000}, 0x18)
preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x51, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0)
ioctl$PPPIOCGDEBUG(r1, 0x80047441, &(0x7f0000000000))
r2 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
write$binfmt_script(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="5be579d52d65c30656158f342dac877279eb892695356fd23c2a536142c5ffeaeba47f2dd8d79f2f0ebb76e58430c9d1e46c05ec27cd5b4f147058c4e73d631b5ddc67744d84462dc2228f1c487b9b509f634fd51aa2a9fd400930a8ce4f07ed3cc1dedda2899aa665746b126aeb9caeac803882e98a4d3ec5d31b0dfbcd681da77600"/167], 0x1)
r4 = syz_open_procfs(0x0, 0x0)
preadv(r4, &(0x7f00000017c0), 0x51, 0x0)
write$eventfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
close(r3)
fallocate(r2, 0x0, 0x40000, 0x4)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
fallocate(r5, 0x4, 0x5, 0x5)
mmap$dsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
fallocate(r1, 0x0, 0x0, 0x110001)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x3f000000, r2, 0x0, 0x8})
r6 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x3f, 0x2000)
faccessat(r6, &(0x7f0000000200)='./file0\x00', 0x122, 0x200)

20:01:21 executing program 2:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000001c0)=0x6e8c, 0x4)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000000)=0x7, 0x4)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="7c000000250007050000000000009de9617f0000", @ANYRES32=r3, @ANYBLOB="00ff0000ffffffff0000000008000e07006f26b008000100736671004800020000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000b7d9a9b100"/100], 0x7c}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
sendmmsg$alg(r1, &(0x7f0000000140), 0x93b657, 0x0)
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xfffffea0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100)="9da77e37334b4e1a766f016322f0be046110f860f5d4085c3ead66fb470ea2201de620fd952480266f9b91517c232a7f38ab787b6c82c920ac14fb0f7a734171839ba8d307ba5f1d2ba14aedbb1787d7724ab55f0873f7cf6c677c8d386eb6d3d0e21f3444898435cfbce73f325557065df12b03d5bfc4869331f84fa4b0edf311aeb8cd98ce78f11f34eb180dbbff747ea08e80fe4081585593be4b988afcf7131b056ec4992efdbb68fb0fa095be8bf73408edec70611b4d1704e4a1", 0xbd, r7}, 0x68)

20:01:21 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:01:21 executing program 2:
perf_event_open(&(0x7f00000001c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6d1a4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x20, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000140)=0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
accept4$bt_l2cap(r0, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x4c)
userfaultfd(0x0)

[  679.212165][T12316] FAULT_INJECTION: forcing a failure.
[  679.212165][T12316] name failslab, interval 1, probability 0, space 0, times 0
[  679.252793][T12316] CPU: 1 PID: 12316 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  679.262750][T12316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  679.272943][T12316] Call Trace:
[  679.272967][T12316]  dump_stack+0x197/0x210
[  679.272989][T12316]  should_fail.cold+0xa/0x10
[  679.273006][T12316]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  679.273029][T12316]  ? setup_fault_attr+0x220/0x220
[  679.281112][T12316]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  679.281139][T12316]  __should_failslab+0x121/0x190
[  679.307332][T12316]  should_failslab+0x9/0x14
[  679.312029][T12316]  kmem_cache_alloc+0x47/0x710
[  679.317386][T12316]  ? __kasan_check_read+0x11/0x20
[  679.322444][T12316]  skb_clone+0x154/0x3d0
[  679.326824][T12316]  ip6_finish_output2+0x18be/0x25c0
[  679.332394][T12316]  ? ip6_mtu+0x2e6/0x450
[  679.336724][T12316]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  679.342318][T12316]  ? lock_downgrade+0x920/0x920
[  679.347354][T12316]  ? rcu_read_lock_held+0x9c/0xb0
[  679.352409][T12316]  ? __kasan_check_read+0x11/0x20
[  679.357614][T12316]  __ip6_finish_output+0x444/0xaa0
[  679.362747][T12316]  ? __ip6_finish_output+0x444/0xaa0
[  679.368055][T12316]  ip6_finish_output+0x38/0x1f0
[  679.373018][T12316]  ip6_output+0x25e/0x880
[  679.377477][T12316]  ? ip6_finish_output+0x1f0/0x1f0
[  679.382730][T12316]  ? __ip6_finish_output+0xaa0/0xaa0
[  679.388096][T12316]  ? ip6_make_skb+0x370/0x570
[  679.393181][T12316]  ? ip_reply_glue_bits+0xc0/0xc0
[  679.398457][T12316]  ip6_local_out+0xbb/0x1b0
[  679.403104][T12316]  ip6_send_skb+0xbb/0x350
[  679.407552][T12316]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  679.413158][T12316]  ? ip6_forward_finish+0x570/0x570
[  679.418431][T12316]  udpv6_sendmsg+0x22f3/0x2b30
[  679.423490][T12316]  ? __kasan_check_write+0x14/0x20
[  679.429108][T12316]  ? ip_reply_glue_bits+0xc0/0xc0
[  679.434181][T12316]  ? udp_v6_get_port+0x6b0/0x6b0
[  679.439149][T12316]  ? __kasan_check_read+0x11/0x20
[  679.444286][T12316]  ? mark_lock+0xc2/0x1220
[  679.448732][T12316]  ? __kasan_check_read+0x11/0x20
[  679.453764][T12316]  ? mark_lock+0xc2/0x1220
[  679.458177][T12316]  ? __kasan_check_read+0x11/0x20
[  679.463227][T12316]  ? ___might_sleep+0x163/0x2c0
[  679.468121][T12316]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  679.473784][T12316]  ? aa_sk_perm+0x346/0xb00
[  679.478417][T12316]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  679.484270][T12316]  inet6_sendmsg+0x9e/0xe0
[  679.488704][T12316]  ? inet6_sendmsg+0x9e/0xe0
[  679.493321][T12316]  ? inet6_ioctl+0x1c0/0x1c0
[  679.497929][T12316]  sock_sendmsg+0xd7/0x130
[  679.502463][T12316]  ____sys_sendmsg+0x358/0x880
[  679.507245][T12316]  ? kernel_sendmsg+0x50/0x50
[  679.513850][T12316]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  679.519465][T12316]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  679.525549][T12316]  ? find_held_lock+0x35/0x130
[  679.530704][T12316]  ___sys_sendmsg+0x100/0x170
[  679.535408][T12316]  ? sendmsg_copy_msghdr+0x70/0x70
[  679.540563][T12316]  ? __kasan_check_read+0x11/0x20
[  679.545711][T12316]  ? __might_fault+0x12b/0x1e0
[  679.550520][T12316]  ? find_held_lock+0x35/0x130
[  679.555314][T12316]  ? __might_fault+0x12b/0x1e0
[  679.560317][T12316]  ? do_dup2+0x4f0/0x4f0
[  679.564586][T12316]  ? lock_downgrade+0x920/0x920
[  679.569576][T12316]  ? ___might_sleep+0x163/0x2c0
[  679.574447][T12316]  __sys_sendmmsg+0x1bf/0x4d0
[  679.579153][T12316]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  679.584256][T12316]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  679.590608][T12316]  ? fput_many+0x12c/0x1a0
[  679.595050][T12316]  ? fput+0x1b/0x20
[  679.598971][T12316]  ? ksys_write+0x1cf/0x290
[  679.603645][T12316]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  679.609160][T12316]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  679.615167][T12316]  ? do_syscall_64+0x26/0x790
[  679.620339][T12316]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  679.626467][T12316]  ? do_syscall_64+0x26/0x790
[  679.631481][T12316]  __x64_sys_sendmmsg+0x9d/0x100
[  679.636447][T12316]  do_syscall_64+0xfa/0x790
[  679.640977][T12316]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  679.647087][T12316] RIP: 0033:0x45a919
[  679.651175][T12316] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  679.670883][T12316] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  679.679416][T12316] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  679.687569][T12316] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  679.695681][T12316] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  679.703907][T12316] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  679.711903][T12316] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:01:21 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x5, 0x3f, 0x6d, 0x2, 0x0, 0x0}, 0x26)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000480), &(0x7f00000000c0)}, 0x20)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f00000001c0)={0x81, 0x7, 0x5})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'sVz'}, &(0x7f0000000a80), 0xfffffffffffffffd)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000380)='/dev/bsg\x00', 0x400000, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400)='TIPCv2\x00')
sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x3010}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)={0xcc, r3, 0x200, 0x200, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xaf46}]}, @TIPC_NLA_NET={0x34, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x80000000}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4e93}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100000000}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}, @TIPC_NLA_MON={0x44, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x87}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xa3d}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x800000, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000240)='tls\x00', 0x4)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x4000000, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000b55000)={0x2, 0xffff, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
ioctl$sock_FIOSETOWN(r6, 0x8901, &(0x7f0000000040)=0xffffffffffffffff)
ioctl$int_in(r6, 0x5452, &(0x7f00000000c0)=0x100000000000006)
sendto$inet(r6, 0x0, 0x0, 0x900000020000000, &(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00\x00\x00')
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f0000000280)={0x1ff, 0x1, 0x5, 0x7, 0x2, 0x31f})
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00\x00\x00')
fchdir(r8)
sendto(r6, &(0x7f0000000100)="16", 0x100000, 0x8055, 0x0, 0x0)

20:01:21 executing program 3 (fault-call:2 fault-nth:25):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:21 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr\x00', 0x4)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0), 0x4)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000900)=[{0x0}], 0x1}, 0x1)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
fchmod(0xffffffffffffffff, 0x4a)
openat$md(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/md0\x00', 0x80, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000002c0))
ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f0000000080)={0x0, 0x200})
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf)
shutdown(r0, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000580))
setgid(0x0)
recvmsg(r0, &(0x7f0000001440)={0x0, 0xa, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4096, 0xf99e}], 0x1, 0x0, 0xff96ce4aaaa47475, 0xd909}, 0x100)

20:01:22 executing program 2:
perf_event_open(&(0x7f0000000600)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
sched_setscheduler(r2, 0x5, &(0x7f0000000380))
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = dup(r3)
setsockopt$packet_int(r4, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d)
r5 = getpgrp(0x0)
capget(&(0x7f0000000000)={0x0, r5}, 0x0)
r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = socket$kcm(0x11, 0xa, 0x300)
ioctl$sock_kcm_SIOCKCMUNATTACH(r7, 0x5452, &(0x7f0000000040))
fcntl$getownex(r7, 0x10, &(0x7f0000000580)={0x0, <r8=>0x0})
r9 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r9, &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000a00)=ANY=[], 0x0, 0x0)
r10 = socket(0xa, 0x3, 0x8)
r11 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000)
ioctl$sock_inet_SIOCSIFFLAGS(r10, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4})
write$RDMA_USER_CM_CMD_CREATE_ID(r11, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r12=>0xffffffffffffffff}}}, 0x20)
sendmsg$key(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1de}}, 0x0)
r13 = gettid()
waitid(0x83b895581628fca4, r13, &(0x7f0000000040), 0x2, &(0x7f0000000480))
sendmsg$key(r10, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r12, @ANYRESDEC=r13]], 0xfffffffffffffe56}}, 0x20004850)
r14 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
r15 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x9a0efa2b65aacb27)
r16 = dup2(r15, r14)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r16, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00'})
r17 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r17)
r18 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x40)
writev(r18, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000180)="53000000c90dca807737f408177021bd01d3be55090000000001a0000000000000000000", 0x29c}], 0x2)
ioctl$SG_GET_REQUEST_TABLE(r18, 0x227d, &(0x7f0000000780))
kcmp(r17, r13, 0x0, 0xffffffffffffffff, r18)
ptrace$setopts(0x4206, r17, 0x0, 0x0)
r19 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r20=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x4, 0x0, 0x5, 0xffff}, &(0x7f00000005c0), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r17, r19, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r20}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r13, r16, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r20}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r20}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000002380)='\x00', r20}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00', r20}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r20}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={<r21=>r8, r9, 0x0, 0x1, &(0x7f0000000080)='\x00', r20}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r6, 0x0, 0x4, &(0x7f0000000180)='em1\x00', r20}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r20}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, r6, 0x0, 0x9d, &(0x7f0000000900)='GD@\xa4\x8d\x96Y5\x96Y?\xbdYto\xef\xe6K\xf1,a\x11\xba\xbd\xc6\xfap:yfs\x00=\xf0\xf3\xa7\xb7I\x1a\xc14\xa0\x9a\x9f&rb\x81\xb3\a\xd4\xb0zpk&\xb4\xe4\xa2\xc6\x1e\n\rnB\x1eE\x99K&\xbbG\xedO\xabqA\xfdi}\x00\xfd\t\x10\x8a\xda1\xd0_\x87q@K\xc6=\xe9\x12\xb7G\xdfu\xe3\xea\x9c#\x12X\x85\f\xc6\xea\x8c\x89\x06K\x94\x00\x00\x00\x00\x00\x00\x00\x00', r20}, 0x30)
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r22=>0xffffffffffffffff})
r23 = getpid()
sched_setscheduler(r23, 0x5, &(0x7f0000000380))
r24 = socket$packet(0x11, 0x3, 0x300)
r25 = dup(r24)
setsockopt$packet_int(r25, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d)
r26 = getpgrp(0x0)
capget(&(0x7f0000000000)={0x0, r26}, 0x0)
r27 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r28 = socket$kcm(0x11, 0xa, 0x300)
ioctl$sock_kcm_SIOCKCMUNATTACH(r28, 0x5452, &(0x7f0000000040))
fcntl$getownex(r28, 0x10, &(0x7f0000000580)={0x0, <r29=>0x0})
r30 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r30, &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000a00)=ANY=[], 0x0, 0x0)
r31 = socket(0xa, 0x3, 0x8)
r32 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000)
ioctl$sock_inet_SIOCSIFFLAGS(r31, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4})
write$RDMA_USER_CM_CMD_CREATE_ID(r32, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r33=>0xffffffffffffffff}}}, 0x20)
sendmsg$key(r31, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1de}}, 0x0)
r34 = gettid()
waitid(0x83b895581628fca4, r34, &(0x7f0000000040), 0x2, &(0x7f0000000480))
sendmsg$key(r31, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r33, @ANYRESDEC=r34]], 0xfffffffffffffe56}}, 0x20004850)
r35 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
r36 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x9a0efa2b65aacb27)
r37 = dup2(r36, r35)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r37, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00'})
r38 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r38)
r39 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x40)
writev(r39, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff8240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000180)="53000000c90dca807737f408177021bd01d3be55090000000001a0000000000000000000", 0x29c}], 0x2)
ioctl$SG_GET_REQUEST_TABLE(r39, 0x227d, &(0x7f0000000780))
kcmp(r38, r34, 0x0, 0xffffffffffffffff, r39)
ptrace$setopts(0x4206, r38, 0x0, 0x0)
r40 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r41=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x4, 0x0, 0x5, 0xffff}, &(0x7f00000005c0), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r38, r40, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r41}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r34, r37, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r41}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r41}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000002380)='\x00', r41}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00', r41}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r41}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={<r42=>r29, r30, 0x0, 0x1, &(0x7f0000000080)='\x00', r41}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r27, 0x0, 0x4, &(0x7f0000000180)='em1\x00', r41}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r41}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000080)='/dev/autofs\x00', r41}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r26, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00', r41}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000740)={r41}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r42, r25, 0x0, 0x5, &(0x7f0000000000)='ppp1\x00', r41}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r23, r22, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00', r41}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r41}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r41}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000140)='md5sum\x00', r41}, 0x30)
r43 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r43, 0x40086602, &(0x7f0000000080))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b40)={0xffffffffffffffff, 0xc0, &(0x7f0000000a80)={0x0, <r44=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=0x806, 0x0, 0x0, 0x0, &(0x7f0000000980)={0x0, 0x2}, 0x0, 0x0, &(0x7f00000009c0)={0x5, 0x1, 0x9}, &(0x7f0000000a00)=0x8000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=0x1}}, 0x10)
r45 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r45, &(0x7f0000000000)=ANY=[], 0x32600)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r5, r45, 0x0, 0xa, &(0x7f0000000bc0)='cgroup.subtree_control\x00', r44}, 0xfffffffffffffe51)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000200)={r20}, 0xfffffc6c)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r21, r4, 0x0, 0x5, &(0x7f0000000000)='ppp1\x00', r20}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r2, r1, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00', r20}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r20}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r20}, 0xc)
r46 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r46, 0x40086602, &(0x7f0000000080))
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, r46, 0x0, 0xfffffffffffffe91, &(0x7f0000000140)='md5sum\x00', r20}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0xffffffffffffffff, r0, 0x0, 0x14, &(0x7f0000000000)='cpusetselfvmnet0@{:\x00', r20}, 0x30)
sync()

[  680.010802][T12342] FAULT_INJECTION: forcing a failure.
[  680.010802][T12342] name failslab, interval 1, probability 0, space 0, times 0
[  680.023727][T12342] CPU: 0 PID: 12342 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  680.033716][T12342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  680.044740][T12342] Call Trace:
[  680.048055][T12342]  dump_stack+0x197/0x210
[  680.052443][T12342]  should_fail.cold+0xa/0x10
[  680.057254][T12342]  ? is_bpf_text_address+0xac/0x160
[  680.062589][T12342]  ? setup_fault_attr+0x220/0x220
[  680.068095][T12342]  __should_failslab+0x121/0x190
[  680.073147][T12342]  should_failslab+0x9/0x14
[  680.077716][T12342]  kmem_cache_alloc+0x47/0x710
[  680.082595][T12342]  ? lock_acquire+0x190/0x410
[  680.087319][T12342]  ? net_tx_action+0xd30/0xd30
[  680.090853][T12345] bridge0: port 3(gretap0) entered blocking state
[  680.092096][T12342]  skb_clone+0x154/0x3d0
[  680.092120][T12342]  dev_queue_xmit_nit+0x3a1/0xaa0
[  680.092149][T12342]  dev_hard_start_xmit+0xbb/0x9b0
[  680.092170][T12342]  ? validate_xmit_skb_list+0xfc/0x150
[  680.092193][T12342]  sch_direct_xmit+0x372/0xd30
[  680.092217][T12342]  ? dev_watchdog+0xca0/0xca0
[  680.092236][T12342]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  680.092253][T12342]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  680.092272][T12342]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  680.092285][T12342]  ? sfb_dequeue+0x421/0x4d0
[  680.092307][T12342]  __qdisc_run+0x4bf/0x1770
[  680.099533][T12345] bridge0: port 3(gretap0) entered disabled state
[  680.103001][T12342]  __dev_queue_xmit+0x1650/0x35c0
[  680.103032][T12342]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  680.103057][T12342]  ? mark_held_locks+0xf0/0xf0
[  680.103077][T12342]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  680.103095][T12342]  ? debug_smp_processor_id+0x33/0x18a
[  680.103116][T12342]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  680.103135][T12342]  ? rcu_read_lock_held_common+0xbd/0x130
[  680.103157][T12342]  dev_queue_xmit+0x18/0x20
[  680.103179][T12342]  ? dev_queue_xmit+0x18/0x20
[  680.113484][T12342]  neigh_direct_output+0x16/0x20
[  680.113503][T12342]  ip6_finish_output2+0x109a/0x25c0
[  680.113526][T12342]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  680.113540][T12342]  ? lock_downgrade+0x920/0x920
[  680.113562][T12342]  ? netif_rx_ni+0x670/0x670
[  680.113579][T12342]  ? __kasan_check_read+0x11/0x20
[  680.113602][T12342]  __ip6_finish_output+0x444/0xaa0
[  680.126771][T12345] device gretap0 entered promiscuous mode
[  680.128967][T12342]  ? __ip6_finish_output+0x444/0xaa0
[  680.128988][T12342]  ip6_finish_output+0x38/0x1f0
[  680.129006][T12342]  ip6_output+0x25e/0x880
[  680.129024][T12342]  ? ip6_finish_output+0x1f0/0x1f0
[  680.129044][T12342]  ? __ip6_finish_output+0xaa0/0xaa0
[  680.129058][T12342]  ? ip6_make_skb+0x370/0x570
[  680.129075][T12342]  ? ip_reply_glue_bits+0xc0/0xc0
[  680.129099][T12342]  ip6_local_out+0xbb/0x1b0
[  680.129125][T12342]  ip6_send_skb+0xbb/0x350
[  680.137918][T12345] bridge0: port 3(gretap0) entered blocking state
[  680.141403][T12342]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  680.141418][T12342]  ? ip6_forward_finish+0x570/0x570
[  680.141445][T12342]  udpv6_sendmsg+0x22f3/0x2b30
[  680.141463][T12342]  ? __kasan_check_write+0x14/0x20
[  680.141481][T12342]  ? ip_reply_glue_bits+0xc0/0xc0
[  680.141506][T12342]  ? udp_v6_get_port+0x6b0/0x6b0
[  680.141521][T12342]  ? __kasan_check_read+0x11/0x20
[  680.141537][T12342]  ? mark_lock+0xc2/0x1220
[  680.141558][T12342]  ? __kasan_check_read+0x11/0x20
[  680.141572][T12342]  ? mark_lock+0xc2/0x1220
[  680.141586][T12342]  ? __kasan_check_read+0x11/0x20
[  680.141608][T12342]  ? ___might_sleep+0x163/0x2c0
[  680.148241][T12345] bridge0: port 3(gretap0) entered forwarding state
[  680.152450][T12342]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  680.152469][T12342]  ? aa_sk_perm+0x346/0xb00
[  680.152503][T12342]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  680.152527][T12342]  inet6_sendmsg+0x9e/0xe0
[  680.152547][T12342]  ? inet6_sendmsg+0x9e/0xe0
[  680.168628][T12342]  ? inet6_ioctl+0x1c0/0x1c0
[  680.168645][T12342]  sock_sendmsg+0xd7/0x130
[  680.168663][T12342]  ____sys_sendmsg+0x358/0x880
[  680.168680][T12342]  ? kernel_sendmsg+0x50/0x50
[  680.168698][T12342]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  680.168715][T12342]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  680.168730][T12342]  ? find_held_lock+0x35/0x130
[  680.168756][T12342]  ___sys_sendmsg+0x100/0x170
[  680.168776][T12342]  ? sendmsg_copy_msghdr+0x70/0x70
[  680.178804][T12342]  ? __kasan_check_read+0x11/0x20
[  680.178825][T12342]  ? __might_fault+0x12b/0x1e0
[  680.178841][T12342]  ? find_held_lock+0x35/0x130
[  680.178856][T12342]  ? __might_fault+0x12b/0x1e0
[  680.178874][T12342]  ? do_dup2+0x4f0/0x4f0
[  680.178893][T12342]  ? lock_downgrade+0x920/0x920
[  680.178922][T12342]  ? ___might_sleep+0x163/0x2c0
[  680.178945][T12342]  __sys_sendmmsg+0x1bf/0x4d0
[  680.477641][T12342]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  680.482676][T12342]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  680.489015][T12342]  ? fput_many+0x12c/0x1a0
[  680.493816][T12342]  ? fput+0x1b/0x20
[  680.497611][T12342]  ? ksys_write+0x1cf/0x290
[  680.502156][T12342]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  680.507808][T12342]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  680.513731][T12342]  ? do_syscall_64+0x26/0x790
[  680.518683][T12342]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  680.524939][T12342]  ? do_syscall_64+0x26/0x790
[  680.529714][T12342]  __x64_sys_sendmmsg+0x9d/0x100
[  680.534686][T12342]  do_syscall_64+0xfa/0x790
[  680.539486][T12342]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  680.547842][T12342] RIP: 0033:0x45a919
[  680.551765][T12342] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  680.571886][T12342] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  680.580398][T12342] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  680.588394][T12342] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  680.596367][T12342] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  680.604343][T12342] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  680.612306][T12342] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:01:22 executing program 3 (fault-call:2 fault-nth:26):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  680.845699][T12351] FAULT_INJECTION: forcing a failure.
[  680.845699][T12351] name failslab, interval 1, probability 0, space 0, times 0
[  680.866496][T12351] CPU: 1 PID: 12351 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  680.876599][T12351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  680.886694][T12351] Call Trace:
[  680.890000][T12351]  dump_stack+0x197/0x210
[  680.894361][T12351]  should_fail.cold+0xa/0x10
[  680.899147][T12351]  ? setup_fault_attr+0x220/0x220
[  680.904193][T12351]  ? ___might_sleep+0x163/0x2c0
[  680.909077][T12351]  __should_failslab+0x121/0x190
[  680.914042][T12351]  should_failslab+0x9/0x14
[  680.918547][T12351]  kmem_cache_alloc_node+0x268/0x740
[  680.918564][T12351]  ? __dev_queue_xmit+0x173f/0x35c0
[  680.918580][T12351]  ? trace_hardirqs_on+0x67/0x240
[  680.918596][T12351]  ? __dev_queue_xmit+0x173f/0x35c0
[  680.918616][T12351]  __alloc_skb+0xd5/0x5e0
[  680.918635][T12351]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  680.918658][T12351]  alloc_skb_with_frags+0x93/0x590
[  680.954303][T12351]  ? find_held_lock+0x35/0x130
[  680.959099][T12351]  sock_alloc_send_pskb+0x7ad/0x920
[  680.964346][T12351]  ? sock_wmalloc+0x120/0x120
[  680.969047][T12351]  ? __local_bh_enable_ip+0x15a/0x270
[  680.974450][T12351]  ? ip6_finish_output2+0x1106/0x25c0
[  680.979859][T12351]  ? ip6_mtu+0x2e6/0x450
[  680.984144][T12351]  ? find_held_lock+0x35/0x130
[  680.988943][T12351]  sock_alloc_send_skb+0x32/0x40
[  680.993915][T12351]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  680.999698][T12351]  ? ip_reply_glue_bits+0xc0/0xc0
[  681.004797][T12351]  ? ip6_setup_cork+0x1920/0x1920
[  681.009905][T12351]  ? ip6_flush_pending_frames+0xd0/0xd0
[  681.015534][T12351]  ? __kasan_check_read+0x11/0x20
[  681.020550][T12351]  ip6_make_skb+0x32f/0x570
[  681.025080][T12351]  ? ip_reply_glue_bits+0xc0/0xc0
[  681.030094][T12351]  ? ip_reply_glue_bits+0xc0/0xc0
[  681.035104][T12351]  ? ip6_push_pending_frames+0xf0/0xf0
[  681.042574][T12351]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  681.048106][T12351]  ? ip6_forward_finish+0x570/0x570
[  681.053288][T12351]  ? rcu_read_lock_held+0x9c/0xb0
[  681.059968][T12351]  udpv6_sendmsg+0x22a1/0x2b30
[  681.064724][T12351]  ? __kasan_check_write+0x14/0x20
[  681.069818][T12351]  ? ip_reply_glue_bits+0xc0/0xc0
[  681.074835][T12351]  ? udp_v6_get_port+0x6b0/0x6b0
[  681.079754][T12351]  ? __kasan_check_read+0x11/0x20
[  681.084760][T12351]  ? mark_lock+0xc2/0x1220
[  681.089168][T12351]  ? __kasan_check_read+0x11/0x20
[  681.094193][T12351]  ? mark_lock+0xc2/0x1220
[  681.098679][T12351]  ? __kasan_check_read+0x11/0x20
[  681.103690][T12351]  ? ___might_sleep+0x163/0x2c0
[  681.108541][T12351]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  681.114184][T12351]  ? aa_sk_perm+0x346/0xb00
[  681.118679][T12351]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  681.124223][T12351]  inet6_sendmsg+0x9e/0xe0
[  681.128634][T12351]  ? inet6_sendmsg+0x9e/0xe0
[  681.133215][T12351]  ? inet6_ioctl+0x1c0/0x1c0
[  681.137800][T12351]  sock_sendmsg+0xd7/0x130
[  681.142205][T12351]  ____sys_sendmsg+0x358/0x880
[  681.146962][T12351]  ? kernel_sendmsg+0x50/0x50
[  681.151623][T12351]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  681.157150][T12351]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  681.163123][T12351]  ? find_held_lock+0x35/0x130
[  681.167969][T12351]  ___sys_sendmsg+0x100/0x170
[  681.172841][T12351]  ? sendmsg_copy_msghdr+0x70/0x70
[  681.177942][T12351]  ? __kasan_check_read+0x11/0x20
[  681.184173][T12351]  ? __might_fault+0x12b/0x1e0
[  681.188928][T12351]  ? find_held_lock+0x35/0x130
[  681.193700][T12351]  ? __might_fault+0x12b/0x1e0
[  681.199410][T12351]  ? do_dup2+0x4f0/0x4f0
[  681.203640][T12351]  ? lock_downgrade+0x920/0x920
[  681.208492][T12351]  ? ___might_sleep+0x163/0x2c0
[  681.213335][T12351]  __sys_sendmmsg+0x1bf/0x4d0
[  681.218015][T12351]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  681.223033][T12351]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  681.229255][T12351]  ? fput_many+0x12c/0x1a0
[  681.233650][T12351]  ? fput+0x1b/0x20
[  681.237452][T12351]  ? ksys_write+0x1cf/0x290
[  681.241937][T12351]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  681.247381][T12351]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  681.252840][T12351]  ? do_syscall_64+0x26/0x790
[  681.257505][T12351]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  681.263642][T12351]  ? do_syscall_64+0x26/0x790
[  681.268312][T12351]  __x64_sys_sendmmsg+0x9d/0x100
[  681.273232][T12351]  do_syscall_64+0xfa/0x790
[  681.277715][T12351]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  681.283607][T12351] RIP: 0033:0x45a919
[  681.287485][T12351] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  681.307083][T12351] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  681.315486][T12351] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  681.323439][T12351] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  681.331584][T12351] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  681.339558][T12351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  681.347598][T12351] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  682.928713][    C0] net_ratelimit: 20 callbacks suppressed
[  682.934517][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  682.940648][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  683.648725][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  683.654577][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  683.660372][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  683.666092][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  683.671866][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  683.677636][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  683.728647][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  683.734435][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  689.178656][    C0] net_ratelimit: 20 callbacks suppressed
[  689.178663][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  689.191217][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  689.888652][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  689.894495][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  689.900598][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  689.906506][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  689.913860][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  689.919811][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  689.968687][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  689.975408][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:01:33 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, &(0x7f0000000240))
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
socket(0x10, 0x2, 0x0)
syz_mount_image$hfs(&(0x7f0000000280)='hfs\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x2, &(0x7f0000000780)=[{&(0x7f0000000480)}, {&(0x7f0000000680)}], 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB="2c696f636861727365743d6575632d6a702c71756965742c756d61736b3d30303030303030303030303030303030303030303030302c6769643dc2770fdd503132f8920d743a2a2b6e133a994f8a249e273fe25ddcc50c598fff4b30d3fcb7deeb3cb86c3d8d402327cf781baa7488930cb2bebc75c2993f5576b5ed82af6b97ca0623448b3a893f452f2a74b58d3c72258b084eaf4b27950825612319bc90adc1d945a1a8486a2741a9c91db5d58b13bf9888", @ANYRESHEX, @ANYBLOB="0000000468182b0c0cfe632596308af0885f57db9a29eacbea0d7ea2481c93838b9ca3d21bd08dfbace4908571b8094825036894b8a797dda130d63b543a76e23eda78ae2b4f7f3898af57dbc81800fb5a9a9e9a0cc5ea5ad8d4bdc27f66b31ab12181cac5b99598861f4fdaac21f4579a0befa3933503d824448fca2732da76887e36fca13d65556f6834953ea579d69d83be7801f154430f31b258f55360cfbbfe66a0ccffcf090d6994c53b38a15a73e0032704662ddd140b1d73b65cf69ff9d6b2eb1c448171ab89a343e0eb3accc53038b25a6a82b8d645288c51420c582a586cfac2", @ANYRESHEX=0x0, @ANYBLOB=',obj_user=bbr\x00,rootcontext=user_u,func=FILE_MMAP,appraise_type=imasig,\x00'])
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000040)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000), 0x14f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, 0x0)
syz_open_dev$usbfs(0x0, 0x40000000909, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, &(0x7f0000000000))
keyctl$chown(0x4, 0x0, 0x0, 0x0)
gettid()
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
add_key$keyring(&(0x7f00000004c0)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)

20:01:33 executing program 0:
sendmsg(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="5500000018007f5300fe01b2a4a280930a06000000a84306910000003900070035000c", 0xff9a}], 0x1}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="260000001100f5680300c10100de96ab8de887e010fffff000ba00000000f13a050003", 0x23)
r0 = socket(0x10, 0x80002, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$EVIOCSFF(r1, 0x40304580, &(0x7f0000002680)={0x54, 0x7, 0x3c, {0x4, 0x3}, {0x7, 0x3}, @cond=[{0xb7, 0xf800, 0x0, 0x0, 0x8001, 0x9}, {0x800, 0x7, 0xf001, 0x5, 0x1000, 0x2}]})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup2(r2, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r5 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r5, &(0x7f0000000040)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x24)
sendmmsg(r5, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000001001000001000000770000f200000000a6e217b91c3b0d873722b41a118fd58fa1f0a39ad9582203daa32c9831699acc52f141eeca2bd12d2f6fb54e5bff40e062a43f80b1babfd076d2502892250deee2728316e63e589ddf142e89365bd48cf76602c6f6aa76bc37284732bd1e191ddd3c9f310f827c195f3c4957c67a08466517ba136c8c9e01000000f8ffffffffffffff3e26b5ca26bb434dbd0e5085c294e577bb081876e63e7c2834533925db8b54b33da7b947aefca1f9c49c648d58d4f944264fcace71d5c798cd3c13d7083a7eb4c526e072a23bd24cccb38e4eff542520858c940fbb95979a564d73a7af107fd5ddaa491838873914a467c3ce28056833eb4559864317c0a1dac92d090f4f9093679791a2840f2851324acdf44a807e69a1bc25d265303004e8ead128a3d61c0063233501cfdf76d99dbc46b9c00203a9161b8a444001c386475c432c7a6e898885429063954ea0bdf9abc7b9322f3485d99ab38a3231ea08584795647ddb75c593933ef3e588824acdab292482735cd91572d0bc3f95b61e039183f5ed7cb75f2ba79296f73ca6f00a0f6ce5c2bc03957a77dbd229921124580fc4ddd4aa3f3752c7f2dca3da2ba7b772e01215f05dc1cf74ddf51af1a4ebba443374e09d5ff96db1a1a60368493ff3"], 0x18}}], 0x1, 0x4048000)
sendmsg$nfc_llcp(r5, &(0x7f0000002640)={&(0x7f0000000080)={0x27, 0x0, 0x2, 0x0, 0x0, 0x5, "6a2c6f91fc156989f5541e5828017e8774ccb5c9b3942b357fcca8007f0e50dfab654f51bb2f7afd81808a23198110f8688fbc8b1fed73abb3e0c494a0c407", 0x16}, 0x60, &(0x7f0000002480)=[{&(0x7f0000000100)="c233768072c8e6faec531a22c72d9d93665b34cb517bace0c80093d7b22ebddd4eac23da8b7e4bab122e7403567b632771915b14006ef9e89e4fbe7ecc7fd4d78a7f719b3eb5743d73cd11c3d996f7f2435f1a05acf5436827ba3b3a56402b7c5349daeff6fe61eae86963b972f235096d008bc27a6e35254771faeaa87b2e3c1bdc948cefbf1c4a21df02ff9d6cb3d65455ed989d24a58ca43e4c45967134676329a373e207b0240d43d7d954c7f5f52ba5720efc13c06a9ad7625128", 0xbd}, {&(0x7f00000001c0)='n.', 0x2}, {&(0x7f0000000200)="a7a705028d71ff83244a5937f3ee69dc993758890bcff44a2c72b3d1ee4dff99e4ee787fc247aec35cb49c222307b79d615f19c41153d6647d61ef6dc58c89dfad10121d85d12ff3da1d3536d83bb60409c66ec88e9b160e671a64712914e2a1def4c1849cb2ad4079c35855bd5b5c18f96307cb7e9f5f488ab1fe8acf8025710021988448a669a68ce4c1c08e8a71161907cbef91155acf44775e02906a4ae7ceb9dae6d24d8c780fe2ffd6a4d21112d508fa93000480d1e9c5602af3483086ced81fa11223ab", 0xc7}, {&(0x7f0000000300)="7fc5d01f21e9cb563c3e02d3c4cede12f2ac0bd53e0114e96c99407a555d664746d135d319d484a104ed280108049006a87ce6238bdb2296bb78b74dc6129eb93bb9da9d0985733f466d86a808a79569e28991617655fbffeeebe96aa1950e9134c4ffa851c18c3a81b6aa4f010534f7fb567c5523f148b9f8ca294013da3b52dc3f51fbf6b54f3f0c27860fc78412324536b4", 0x93}, {&(0x7f00000003c0)="bad37902f4c31be3b6689973c109c047f12fb0f1fe9a332dcb9dddd965b6c4ebd48483f53e2a523f0d1e52c291db153441890d1adf305c66ae49a6f4360efc39fc14f31e0ab3dc876dd8deb9365cbbc593af81db7aaaffbb36ed30acf97e5d8f5e801b2808035afb351136f18607499e7fb7766e6091f02a8e761eff366b5dd75e08c90a50c6ac5bc6d15551c7108134447d1127d47ad09589e39b8fab25c918356e8a6d51e174fa399a74a807a89dfa1048dd2d73a1f54140dbd5184e668cc9a1bd6025708545755b6cbd38762afe9afa87a32d382f0013c975f45e67728b5871b148c58d84a3c9fb2a22a0c88b5136b1b254cf2d7a68ffc43dc10bbf75c39e5c544299998593ecce6c6a39251d3c48ba135c85d2e90e4755693988c0c0a2a4366aaf7238ac5d90e267c000e01c54254bee499449158ecfa1fc8c174f1abac34553a792ec0f243684e47f7f2fed1306006bdc81ba20c143a2d24907cd19fe9aba55331e8d27ea797e8e42ee07569756f3654c9ac8674ce5ad339b0672ab7949c0183cbe15c9387c0f4f36ad89a78177df29f75a1faa95f0d225d3e6bc11f850ed1f64e47561f3e07888b94061bc389f212f028b72d1b35dc099c567f1372e6cd230eaf0511e5b94d5c0a0a5377050581fdefc63f9355423874e18c80db52b13846720e4a78e8c675b10472a3181460ffa769e70c6958834d0a3a609c4536774cc6d2b0b1cf38d07b900f79ba8c8fa36dda3c2c841a22d2855b0f5fc9a9c733748a8fe46ef747e1cd8892d383112812fdfb72059c13ab29287ddbe3d55040e9cdf43b972d45cefca227e3bdd1345cf0902517b2da2b3933669ca1a34dfdf70ced9796dd145d50378ab3c450a108d60f0ca6a4631b8c055b5165c67a8a5cb416bdb765b8ac41aa7590300f62ce187e0bbd3cd331cef7130e6c6b6446dbc86e17e8cd248010efc3203c9b0de094378d68cff6ffade8e741c2acda834b3bfbf4c961f3d580a8ecdcde86ff78b4b6f3ad6ae24489f4a814149ea0af3c0d6119547ae60e9e84d29a5901bf4dda0dfd98ee97091968ff55f7824154bf7a0f250fb997c7e84e4ef523b90c2ce444caeb1624d78bcaa9a9ead1235cee38e18450235919cf43dc9334e8717899413e86c2699366ebfecd53775f0874892cde895aabc6bf3e0277caede6503aebcaa7e86c8a73ac04f3413e6ed3d5cb407e389fb53d6e32c5e45eb15b3359f62a3d30340521b272ae135ff40ba531d58e2e5c406cab332965b79dc7ede1651371dd75c48c4f9f18c59240ba5a053ea48558f1745479c4b250e7a601f2b14a8b4ca4635745bcf8ce1e969540222cf3fd4d512b8ac23411290e1328d870679ee9bb910973c0956163ffc6cd72172dab27b1c0afefef6e98496c66007b414b9be583a41a0497e920c26d7584408f7bf966240c7c35df0d2ded78ff57a045653589c9e043702af889abbac810f57c10598515c93ac3de6e0cf1fa8a69bebbd09a60a8e83344fb6528db07bf1a1c268a2aa9fd7acdbf52252acbad5e0d07dc50158e259d9f71916f1cc666a7f984344669ad45263b342da301b072d7a402fda7b4515b4ff7f32c44e0dc1d0200e2db7e15df51298d09edcc5536fd2e07cefb43870f5e2101df5194ce2114e7cd39eb991a8d915db14b24cd296d1d01397df018f1d0cc7916d2b8b17a64e768aa802d3bf4b127fe57a1453cb9d665b573a99d82548eb101b1dc9398332dcfa276446485b2e05f720b83c084bc1f1b657f69c3b1934b67b1337df86d6a45764f97df72644a0850f7eaf5cd05f1199f91f5a520429c25f131ed106d5c75ede4789d40979727d2645d3b8f6c1fb1ebaf8058c9e248fee0848e7df1c77bc8ef36848f11c2d07f3b1fd4e5a45e5fd00ed9a643ecb67f8be9e7c788bb5840cc23d5065d52ff5ea17a3daf9cb4715b06d4aeb4e6feb7ed52969189e1165a427a8d8b2c719ed420f4928a4cd45816755eb02ff99535cb4ce6af108fb05f7371333135ca817f1e03b8102c2caa5c8b18540c338ca2ab104bd3f64839362dd598792e505e3f9851d5e4425f0518cc1016f440493629f5b377322eee68226cc307bf57e9c5a97f4edf57e2ad0d421e87c6c1a8d56d7a6425c99934cdc54697c36fad71b16c1fc96ef2662894693597f7cd1fbb3d2c419a80ccff96acc44f20a2c5c40fb024d227c2244fd9772cbcaf448e8573f10d511db82670e3636dc0fc14dd73b1b26d026fe79d70a0b1247e6d505fc53555470fc05d6ec5f2ef39e98d8d7f124d846de6c368afe5bfe663fd57c8763e35233cb692b834e86b5a811fc7bcfaf6b1accfba530f0172685fdc4dbf7467347517f4db3d7f6e91ad7abd81cfbd3f50666f4a05cbbff5e6d429ee4f12749e4ce09f32c25ddf3381edbdcbae4bbba7debaa42d10d6f189e9191c837d63c0d758fc0604513d4006373f9246f83500f0f301425a18f573c95683487b621039284eac85e184a4c2d5deb613beeca3b355f7d6909297560d30473a827f006b64fcccba72eaea1fe260c33291ab4bee596231f723d7ac7ed6857e17850475946d6cac29b523ce7faa26a300eb2909404787bc55267741b5937b16c0557ee19180d0ec9f1731c6c6218ad8e861f4a276caca953b84fd168234a76716faca2fb6837e98a1ef7a030715f4d5d6e1d3746ab43e5412bdc08d4e29e0074cb886008bd76ee69641f589acabfdf1f6f6ddce053b4d567b099716ae0deea9b1826061d02f9d3e3a0ca326bc4b4bdfdeaba2a9975330c221e6ec85c1ac70adbf8d4a801fa6c28c8d6f9b1bc8c444108a92fd99d7b63b54e4188793355e44a8b17c669f0eba6fa112fae79fe4326a787712f8cad5816c597477076092a88af5fae2ce0b77cc07523b53334da7a1d1269f73c89cd5f3de2b2d18b2834be5c6b31237ba775c054da28b2d4ddd6fe608a46c7fb76148ac1cb495ef6ea31d4f0209501e2d478117193081b290eb778f3cafd4859c06b4f12e52ae0b270b35b887a37d41979c9a33da85c267c697a74f344e13eb39fac28c578e48d6b191c52b65de4d03ae82c8f939a255100ede35649ac36aaa898225595b20a8f34455714a2caeb32b653b2e64f082abb20957641cd3e188eb6bfdef5f31dac297e3769f6c20fbb632a90a621d8175f55ead7f4df684dbf830ad023d1a9d74295d29fe2ada36bc6056e0bd1e3efab06cd8f3b502a3ffe2137f0e365c4e0ad6105d00a34fda194e9255520b4f73ce4ce8a749653fc62a68a3b68109c71f9ab20658741a3f219aea4312e12c5dbd5cda212179efd3521d0645693fef784d085ee4d5464341393c9bfcd7d1c7aa60eac94a87640365e31db81d0f0ad0fad71eefc12449f6e8a7d667325396077bb1cde8c598f536eda68bca45188d85e5fc65d1b9aa14356e2ccd4bd32850de582f2881336c95214bebce66b9760cfeda40a58ed8cc61c471a07b6b28e99c1b02f645fa37daca0a76fc130500a7cddbf5e90a3c07a8c89b9c1b83eadc530b22816de7e3ba3c9afa8c843207ed99b703be9071a423b5ebeb992e0dd1947e3138e9ac0123b62ed6c69a18cc3da34e24f5e86b8565b9f3efa1c2e14da16483d0de55e98c34e2b383bcfe9ba9f7ea34fef96e7035f033d53d0b11b063d9f5fe36a0b0899c2821a1743cde7342158d40bcc8d2991230f2b8b4af4e17fade82bc084e99e7fe1b59dc652a75aba1a3aef5a2b75906ca5f3051e806abe0d9189adb1a729cf2394a330471e198c9de65eafae06c0b49dcfb01881c312cb459adf1ff8fd98b33aef10f0787742b66d129bb8a99997a64e3be60921fb2704df52e74e6cd9e15e381373169b7d943be505fe0c4f0411c3148f3f56ed5ffc30e9f90469834681fd07edca3de406fdac05997d6165dddaed8ec20ba7bde6015e2628f1b9c1c7ffcf842c6c43294115033f1787c1e00669244ccaa270a745800c6c77f591879435ae8ee3117c35b53be96c2d68cd071c02d97c44eccd62a23292f97602a834f6106fff62b4ed1447b01969c6c0aa2f073cb4e0dc5754b9f9f07152fb26c6dfddb07cd597f19e66dc7433e0a1e4d80f2548c94ce0e785a8fb5049efa3408f100e22b2743a30679b727dcc6598cdf1be4e19237b44fa2b71ea11323a42188cc274e2958240e1c7b67ff8349caaf0731df0826838293d6454ad8ad67f2de019d52340a652e3e45d49585958e06022d7fb7b87524c3425b8b6090811a2582a376cc6bf2ea2a1e8ceaa5c3a64ec8e4a8c41e2a6485a22876b803ae9ca81c2cc026e4a60cc75a2f9d5fad2a4be4491bf5288ae6c092772b9325f715c1db9f1a521839035cd83ef474e104fb4423cbc82726f47f2c6524f5e9d05ef77f42819f3997f2f33e158b8e7b67c0b6a75b3774f9e186fe01789429e12acced990f7820ea4bdbea1fdc61c3e45c1239b7d342d2f08163e6468d330373099820b890ef7e922e5f584e08d9a0c20c177e50be86d47907ea6f62511787783384c8d830a05f7b15cc956b3e5fd5e116e3fd2455493162459509e73b9916c6d11ab6077e184d6b1f7078e024aedc603b7fc0744f0b91c3b444bb3ac4b46e803deb31767e9690dd47f244baae7f0656cd6d095a6f80008d93e2c7b5dfd52b96a92bc277ffeccad438ada95e0376a1200e2c3f156dd1c7b759c06f1af085cab1bd021d783102ce02c2b690da41c9b8854b0f3ac4122b8fef42595544a5dc34635ae0c7f9e3b402505b9f044fab31c8c42a4039c7d8da57a5876591dc2a46460a59c7e69909da4301166183e6444f685c854c1d219a87f44eeab27e2edc7698ce68a422f07f52abfb69d4becf24ce4ad6de5d56c77b676c5f13fe8ce002479676fc2f30ade82eb157b868e16f588c6658ccae966f64acbaf27b8987d378f3d52170a5fb125407b59f50109cd730baa30d24986de4118c65ce5d73fd1dae332736eff0745f7e731492c4967fe28e77bad84755b807cffb65bcc229847c6eee11bd657e803d0e8108dca4e21c2fd9ede1970e98af0c329ef3fcb330d43ce0974cf67ad6d997083be365198dcac4492ecb9f5732a7ab7e43204dba7b2bc59d942533f5eb9044e9a4cf06bbae5c3f6ec4592f091e8716b2c86cd67e85f399f1c3b870d7c8dce1d4059a8e9a3d72692649d3a5a77413cae225df6b9c0d22266d6fd29e439b0de8b0a4da0c87fe0f466dd0fb79d353f856bc3779c2efe90123f42ab82b35d5dc99491aa10442172c927b90c30e47a2d68bd55d1892eeb66a69f3727d9125ba47a5d79586f6de559954453ce83143ba6dde6526f846f336572a0a443dac955550fec3801e942da5b205e75ef5234e6e4132e642fc1c7d3408c0fa05ffee6d103de8a82f667b895784b2dc44df28916292d5763ff35e61aec947b8e0a4c2b1b4a01d24800a036d2c20f8dbbd0788663b5b18a2aa0f97b9d4c89f88a7bef97a98a926420f2068400f35da3493eaf2a0ff360fd4fa2262f973543c048a5b024acb8686f38dac958427d4071092e3b6ad06ee3ab3abbcf44ef94872fee10b90b7c4ec54cda02892123cd773f025f51d9d8e5f201440942c55dd32b5229234466aab5ddc0ace97d561f428ac55bceed26b7f9da57390c02879e3e346d8b19b1cc62e3be066186e3f0472acbea96bdef2dd32dbd22dcbe471b94c8465dade0b40d566badd210112621bb2058be8551b0c09ec1ccc663fdf3282ba95c44d8dd5e1528f0c295197aaa4856e93515d606ecc9cf37fa2955311d205013b0db6a1665fde9c84e6ed2bdf437efe7609f25bedd96", 0x1000}, {&(0x7f00000013c0)="1a99a5e57776a39df2c02f3e788ea8ac99bb73cc43e29b747173380065f22907911b7cbe281c48b94c856415061312c4490ddc6c74505a32e29f621699ae9d7c925e77a5fd65854b4ae5d995e8d769de6769710d68219cd9191ca8052c35f605a97fdfde31d4df265181569faf93dd348c4d3474fcab20c91797bb13d64f1b2109477a5165b558e2a600e3", 0x8b}, {&(0x7f0000001480)="85171ab1e2f6a55ec5d1990bc674290d9e91e063573fa3c36991a2e8bfa228deb2b8c86f7d86c6fc892e246d657ee94cdbd67149ad4024b1cd5f9b6a07050e1d68555e707342149bf4d1155108c1d84291ad1867a3a996affc896d3caf18476d49957381c59f0379e65803a9ed2aa0a4c6aea1de572d289c628704e2008732ebc1e7c41c82e7c0d2960212e21264245ca1d710c97d3a9f836fab15d0721fd168d1b48988833454a168757d9978ee2c2f4169274843c28760e4d5c1edec8e32e3b070c492ffae78bf7513071a5e5ff99d89f3090862ecaab4ab9463950c40afb6c75b269b8563de24318370903181aea3f3da832e73630c32eee112bd47dfc08eb78b59e410d293e2f6c9ecd53b4dacd8973051d68026e53ae5f4c0a9c4d1f078d2ea6ce3ed7962703aa9930239997a0ed0b3fdd1b142e39927db5847b2cc289e2a9c835bc6035f673c93ba69572ebc08f8bf8f6b73fae153d0625d2f03d424bc00970e9f4a94f0c07be71f2b2bddec742a6b7231c8e034cbc04405e45dfb800b5299bfb30479e848f5210c5693c126f3b8874ac10fab126a2fdbdaf041278c141f37f18b74c59189b984811bbc3cee0962fb0abaa6a385685244e094fe76d8f47eaf3ce53d7ab26ec083fb7fca823f2c6fca09697776241c5c67d33659d6eea14923af7cd4a6cf45291c089c967133d9bd5976a35aae8026dd7d08d5a63794c0683ce85f9be8b36665d18075d3e18e5d0b49ead08a0d37182e41afc56b242515b7ff9ac3e3e8488213ff1069aff106e77e7c694cc11e4d42978c2beaa1e92c57435d013145aeee03633e73135b881b44c034e3fdac2bb9b84ae2949e45c2e2421f127071611859a625696e23a32ce2c24ee1fb66deed575a521dcfdecd54bb9e2df2dbefb78fdcbdfae4b26b6247485ce2c3e26cf3292ab6a8908b145ba1df8e4916f8be032447073b442ce2b11a6a1dc1389e94340a748e1227c1313403a9379ed67ccf5aa91c6cc055edcebe9f1a9fa3208d9412651714f6c566fb07fc6d011333e68c513849bb1e6f4ae69b7d3390785aed2cb774293ef13fed7abb67da058d47e1f9d7af50e99c5b1781c3d267d52a90852b222248983c26be6c0306c53eced0dbe97f03cdac2b355b0d2564c1af09c007fcaf8e9cf31677951ca95ea7ce42a418efafa0427fc5071c5c6b508d2031c68b759552e0dde476fcbbf31b17d2d01918f4d03f0eb08236b8cfebf19b7a7271e9f09846533e9be51233f494a4b4adbbc4e8df415e9103e520097748638c522ac38d329a290499522c65378be673f8661fa9705391664a63fae24218aad74ed9816bb8e577176a98732fb7d5d66ab5d0d7e82925cbf0753152ed0e2078d3a3110845b08e75ddb0c63a4bca3faa6c3862d3920dfbae0c35031bf9bd2df026895ef5f63764a27896f95f8b0d279252c769e561f248fde3c2735ba9b7aa713d009702889c5d17a22d7def15f79cc7e6856775c2a5d590091c37a588ef43323409d73a5360a31f2a14ff6cb4e413060ad3b83ddca37ed4c6101e132b8edd376528b948729e30c720fdcedcc3930011f55d1a26275d49b945ae65ebd09c8279231bbaeaa30207583cf131fb23f41107527a0c34ccd9e1c8663eac4ec124fb7b2330170786062d84f51e2fd0c1f3a3a0a6ea535c093b209e8c430d6687ed52cfa6a7dc63cbd4290cdb49de0140a5255acaeabe4ae284118b9c81d8bb175b9998254bb037b6d6807f1d0d45102041cabfa5c67e00bfd58d4c70c263319c93129c8d301acfc7bb38b1579dc117779b9cbc3a3d811cf91a7f6cddbdc2db11a57845548b65fe196b67d60f0a84a48fad60e110137d675c31b9c9d7f81b4baeb5123b6b0612fb8728bcea87ce8233ac855d444568ef638b8ba95e3e995ee5073217a37f64c0e5f451cdbcc505fd99cf9368e3c4ac0ab22022ef19647b1450a095fbd53b85e2454949a6e1f56c6cd2eed662c047f3f7a469a6cfb483724c3f2088b5c111138109e45b76d5dfddd3c9f820cccabec84807b72749ad4afc3b8b3b1180c4d26d75c9f15c1cfd83033fc85aa20525a0bfc0d0330ae3d98e1101aeed32409fcd3cd3afe329d8502782940cb0ab004e45e0109817f7341283032d4f8768a45711d08a0b335afe91e6c2eec86928798594f34fc43f1b4c9ffcba98a45a8f46740b13bfedd4de9296d67531f192e77ce2fa24624e273f37574c415d71b3af263484211bc318eaa797799d326715ee607e73cddaa50982d7c9208ae97cf0da7683cda35de69bf02d22f438f9eaf32fc46a6be94a21d73d4fb07f3860a7507904a5e45cae924f7d399147e16b2a473c5de15ba3fba5eb1fdaaffe2c11f4c2320896ca1e2d4a040dc6fac983df0123348ec094c9505ead632f3ce5fdf1ff57d65731f27710bba5e7ee69aa18d9fe1f3b227521ec949c273b1562abe9ee1065dc1c28405aaa63d33b621fcbbf0c25a2fe399319da70a089c4f23e8fd3d15630ab27237e5de8979f447b2930b3d3ef422b084b41652c944754f98bd4f32975b6bcf8202d70571b99692728e8dabbd8497fea105ec95ea272e66a2f18af31484d2c7fa12eab5b1824a8be546591517db37e6ecbfa0322db98a5371759ddcfcffa288aedaf8e9da16141342e67e1a260188d97b0c04fc056001a5c0bdfb7130b906b7419f5d0e7638d3f145ebb04ddf055b15b14b961c40bc40846118a622d19df5978c8e86e9f82cda80a617e8060be7a1f764effba82b9d5ae6b04942869e7343bd80d2454af45af7a20f542e297c192c0b91cdefc2a30de940152e5bf6979941b115efb0331dee6cd1c0ace18bcdde6c79d631c37ff1309a2f0e69218ff2dad57bf4aa79be455fbff99d21c639cca76fc75e5ebc764a0bee8f2c5266b3e0f01c2efdab8b72f1ef064517c8e14bb8318bbe198e0ed418b257c43b539ea88a90a8a1fb84c317941cb4a3791b1acbbe1f34d7ac5823f44721058ba425893e1d9e657d5809c850f553696361dda47a538f874ae1fe1ff52ddbcaee030e8ff85fcf05e01a2c4803c953493b1328111a8a6f20c4e6f3d581e0fa3c49660a01875909f7be5e036d525dcf66ba0c0aebcca43083fd8ec96c213a805a5712aeb67fd5198f0a343f25ca01ea903d0603d8d125c16f9a643f66e768683fe2a9f2da38ae73b97669d798d8e79ad1726483450e9b0b6f1fc6c02f6a91cfdc07d1b37e00d7e0fef5e678249820320cf9dba6a711a23613b175414f8fa91b82a3c7ecf0d62f4a0cd2e685dfb830a87ad529cdeff6a5e4b243810c74d54565905c6fd667d24215f34e422f38a5014c7889c0e7546102ba7441e3892bdd20206be88c7648202eb8d1a71f9226bd6e3b78c82eaf52c822305efa317e5c81956a92f210b1003bd5bf5f094db90391aec46e3d6c90ba4d8cf7cda6e606c2222af7c9fc2c9e2b259f5d371ae7c1a997043b86119fbf2f296280f0e47e0e458b0bd812d83f99d7e8cc46b922d877b336374e93ad3d90c8dc815de2fa16493b2b3a138050eb0175098a3c88b129b13ded203c5975de5a40b93df9896ab1fff3d985382f429b0ab616ac90a2fbae4daa17977c40721fb9b979e879d863e5d21050358b28cd431e2d3584e5e39493ca9c33ea90bd81f7e6167cef5b45aea0c64882c619f8900375c4879fe795c833314f82b3a2376109516225b0ae8fc97015af29d59b7b76f2e277474bd82678fc5d37712cd029f90a52a014d78e803005dc1870b94cca952a856343b84e5f4ca5cce14e609bafbacb01fcc86d517d68874c9d1c440688a980fb3944de3599b93bb92e564eef9b33073759d944d434d3731bb5e0c819b72a4718ed3cb7c80e48fe365f3aee654b84b5d4142b784381ab10f87ce102022ca6bbcd9928ab973e0d265e4cf47e834ea388fc1c0f78baf16fa50f432ee75c85cf8fefe199c335b7e77e1f425198fbe22b4d86d75a47209e31b50a6ee4a7f1c36320d6398e9377841ca30bac123ac5b82ed11bef5306f48047d40ab1f4ac1a836784d21eb4f0a8d1af8639af301d979c5d1348845f830ef76c9852abd1529fba091477523a06bfa46641a4bdcf6be295471d99f4197d6f99abba4bdcd08cbf83e1e60b28df5ed46166b5e59449193421e4631a8c09286a81e0591a9236b3f0f81f9122d44eee509fcf87bfe19e68cc804990e56c3bff52778d3267864e86aac827b95f678892168b546599c9242c40e1e5d9a9d11f6d06b23fc75ac7e4a581676c35c60fe9eac75cdf54148a1ba5704f8937761b1610694e2403e88067fc487f6b31a421bb6cafc5e9315ea6575a6d7e157ebf09441ab42a25e5b3aa5e39bbc421c5256f9391005376b96840a6234b9f0103f9b2baec76719a55de36d625bb26a3305625798f8fa5aa0901e7e231059061c1c59b5cbe8a0383af8a0334684cea2757c96f20f035fa95ba427a335da311d9c2cdf14aa3ef138a4851f4e34a84afd8554adf88ff61043d76467fb7714a318bd7fc88183a9483023d0e685a6301c4256a27921bf0ce32c511a89d55d8eb61f160f34884fd6e2a1fd536e9c739d443833c082ca81425db73da79d8a31ea093d27a59643f07124691207e0a8260f6e60c7b3ced995dcc5357fcb8a93870454c226e329e7d3b582fe41be130ce122e29d08470baf94bba2279dd323edf47978b76a29b7d669fa1733904e74f7e611187c53e5bebc11c290d186c44ee98c3753079f5d950d7e722ab746f264952a85fe25ade9d126e521a8397f892d2b569745eafaf5c55ae2480ff5ab94c30df4ec6c52051a35f5e82666181a2f1dbac205a7827be2f13a6519e67bfa019271235111632affc5c84b237fbb695e4742fa902a370f4449dd67d8fb8d838284b2bd204b1b65df6b178b10c34093bdc4e85f20f5ee76dee87251ae83adb17cd89ffe592f47668c33d4f4491d46bb482f645a9df2b612d3011aa07add185bfa75a6562a29289eda338b31378790c76c4c723b692db4926f74615f3efacbc629eef5d396864dd4542717cdddb27b7940d8f999aa277bab5f0acaa5bc33754d15370c57a1fbf34c60a141f8d1af5e8d2de0b6bbf4307516f0f7b58d7de58c4633429841a2ae1764005b33b9f43f20f98e931fed2e7e929c0e9a332d7904e9770890acefdd8df9043c107c24dfa6a20a95f939b3cccdc33df6af77a02ac9c57355d400557f47c3d4d1dc2b4b6a5051117f0cf5a6dd4221a3c62b7490b33c25194dccaa9eacfa5e3d719ce2d562329c1ea201a8c216276738be9437ff2c49fd3834f10a6d2dc36b6b0cd1f875b158de51d9200d792f76cb7445a1dd13e582c1ccda97640ca49b780abfcb9111b0bdb47dc3f6edbaf942e6a7665cb6347967ab60aef1f3a258ab84570b91336e436a4ce650fe4c8489b59d5d08dd77eeaf7fafcee8dc4c97dde35a3c2d298c0c0273711deaa069f761de2399e3a492b21c3bc2666ed507c52955f729e5c98c9253b36557d1c6ca9d9565d5fb8de72fe93cf281df0c9b7541cfcb86d9a7be2feecfa0a1bc9bf584256795f723bc137a763c1337f07e8de04bcc4821a9fcb2c13a30fc5089c23e6138a987e7216ade5b9e752296437614377aa402ef0a74ed109638ecbcaf46782241e497f45302cb7e2ae558de30e1aff5942e682d826eb47d5d6644642c55eeb31014b03e4e5c4737115c2c53e0e34a435f8b93a1ca3a0eec0093a1eb20141d91f437dcaabc549c33690c3e41370275b30e0615a8c5137de8c7f8b9fb682497511398462263407ee2e2f1f01cc8bef0", 0x1000}], 0x7, &(0x7f0000002500)=ANY=[@ANYBLOB="10010000000000000e010000d10c00004c36e98a93f52e3d48ca07ea1bcf6b9291f69320897dfecc6ed5c93aad032eb3e01170f3dee7669e4629ca8c1e7a8f45c6996124e3392923a4b40d9bb76cc1b706341f694b77e5e47263eb2245edb7f3a84c25215ac958c5fd0c4c269ba064d13548d57b425f11a1b1403e20bd4283cb5b7f04e6c0ebe87c9d984fdd951b24d796026678369ffda5a71a899a2164c43ff36800cfdd9b31647ff05ed18762742a1b63c162f2a62331e654a7272bb8b90156443258d8850f2b8892a262ad3ed2ecd9f020a1ac3667f5ae9ea03db8ba38edbfbb3eee951a1c583672969ca85ce338aa38c9356d4d675a4b7d1410f6f230592f047fd703b12f3438f3943bcf420000"], 0x110, 0x4000000}, 0x800)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/dlm_plock\x00', 0x800, 0x0)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00')
sendmsg$NBD_CMD_CONNECT(r6, &(0x7f0000000e40)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x81800004}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x14, r7, 0x800, 0x70bd28, 0x25dfdbfc}, 0x14}}, 0x10)
sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000002780)={&(0x7f00000026c0)={0x10, 0x0, 0x0, 0xa1c0}, 0xc, &(0x7f0000002740)={&(0x7f0000002700)={0x14, r7, 0x8, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x27ee9575faa18da4}, 0x4000000)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x64, r7, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0xb79}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7f}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x20084849)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492805, 0x0)

20:01:33 executing program 3 (fault-call:2 fault-nth:27):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:33 executing program 4:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002800)=ANY=[@ANYBLOB="280000003200015819aad2020095c9d70000000014000100100001000800030000000000000000001f86289731ad1d41a85747df905755"], 0x28}}, 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x28, r2, 0xb03, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}]}, 0x28}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x78, r2, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}]}, @TIPC_NLA_MEDIA={0x44, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xa7ad}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}]}, 0x78}, 0x1, 0x0, 0x0, 0xe3a28edc31280be4}, 0x40)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = socket(0x6000000000010, 0x3, 0x0)
sendmmsg$alg(r5, &(0x7f0000000140), 0x492492492492778, 0x0)

20:01:33 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKPG(r2, 0x40140921, &(0x7f0000001200)={0x0, 0x9, 0x0, 0x0})
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2042, 0x0)
ioctl$IOC_PR_REGISTER(r3, 0x401870c8, &(0x7f0000000040)={0x1, 0x8, 0x1})

20:01:33 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  691.895521][T12371] FAULT_INJECTION: forcing a failure.
[  691.895521][T12371] name failslab, interval 1, probability 0, space 0, times 0
[  691.926871][T12372] md: md0 has zero or unknown size, marking faulty!
[  691.930369][T12371] CPU: 0 PID: 12371 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  691.948684][T12372] md: md_import_device returned -22
[  691.950302][T12371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  691.950311][T12371] Call Trace:
[  691.950333][T12371]  dump_stack+0x197/0x210
[  691.950357][T12371]  should_fail.cold+0xa/0x10
[  691.950381][T12371]  ? setup_fault_attr+0x220/0x220
[  691.981749][T12379] md: md0 has zero or unknown size, marking faulty!
[  691.985032][T12371]  ? ___might_sleep+0x163/0x2c0
[  691.985054][T12371]  __should_failslab+0x121/0x190
[  691.985072][T12371]  should_failslab+0x9/0x14
[  691.985118][T12371]  kmem_cache_alloc_node_trace+0x274/0x750
[  691.998665][T12371]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  691.998683][T12371]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  691.998702][T12371]  __kmalloc_node_track_caller+0x3d/0x70
20:01:34 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
fcntl$setflags(r1, 0x2, 0x0)
r2 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_read_part_table(0x0, 0x0, &(0x7f0000000040))

[  691.998727][T12371]  __kmalloc_reserve.isra.0+0x40/0xf0
[  691.998754][T12371]  __alloc_skb+0x10b/0x5e0
[  692.009778][T12371]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  692.009802][T12371]  alloc_skb_with_frags+0x93/0x590
[  692.009817][T12371]  ? find_held_lock+0x35/0x130
[  692.009842][T12371]  sock_alloc_send_pskb+0x7ad/0x920
[  692.016051][T12379] md: md_import_device returned -22
[  692.023423][T12371]  ? sock_wmalloc+0x120/0x120
[  692.023439][T12371]  ? __local_bh_enable_ip+0x15a/0x270
20:01:34 executing program 2:
r0 = memfd_create(&(0x7f00000001c0)='ppp0+,selfppp0vmnet1proc\']\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/ddv/kvm\x00', 0x40000, 0x0)
fcntl$setflags(r2, 0x2, 0xbd42d67d4fedfe22)
r3 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, '\x9e\xdez\x8cZ\xe9^\xc8g,\x934\x0fd:fO\x13\xee\xabe\xc02)\x01\xdck\xd3l\xde,Q\xf0\x1b\x7f\v\x01O\x9f\x91\xee\xb7\xc3|r@\xf4v\xc8\xd7S\xd0\x00\xaa\x8f\xaf\x8f\xb5t\xdb\xcf\xa6\xdcM'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r3, 0x40bc5311, &(0x7f0000000000)={0x80, 0x1, 'clien\x00\x00\x00\x00\x00\x00\x04\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0xffffffff90000004, "7fd82d5e02ca3901", "88e7ed00007fff051eae961ef6c6990600000000000000157711be18a3d918e0"})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x0, 0xf9}, @addr}], 0x1c)

[  692.023456][T12371]  ? ip6_finish_output2+0x1106/0x25c0
[  692.023470][T12371]  ? ip6_mtu+0x2e6/0x450
[  692.023485][T12371]  ? find_held_lock+0x35/0x130
[  692.023503][T12371]  sock_alloc_send_skb+0x32/0x40
[  692.023526][T12371]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  692.122815][T12371]  ? ip_reply_glue_bits+0xc0/0xc0
[  692.122848][T12371]  ? ip6_setup_cork+0x1920/0x1920
[  692.122870][T12371]  ? ip6_flush_pending_frames+0xd0/0xd0
[  692.133562][T12371]  ? __kasan_check_read+0x11/0x20
[  692.133580][T12371]  ip6_make_skb+0x32f/0x570
[  692.133594][T12371]  ? ip_reply_glue_bits+0xc0/0xc0
[  692.133612][T12371]  ? ip_reply_glue_bits+0xc0/0xc0
[  692.133635][T12371]  ? ip6_push_pending_frames+0xf0/0xf0
[  692.172699][T12371]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  692.179323][T12371]  ? ip6_forward_finish+0x570/0x570
[  692.185524][T12371]  ? rcu_read_lock_held+0x9c/0xb0
[  692.192479][T12371]  udpv6_sendmsg+0x22a1/0x2b30
[  692.199668][T12371]  ? __kasan_check_write+0x14/0x20
[  692.207406][T12371]  ? ip_reply_glue_bits+0xc0/0xc0
[  692.213041][T12371]  ? udp_v6_get_port+0x6b0/0x6b0
[  692.218397][T12371]  ? __kasan_check_read+0x11/0x20
[  692.224021][T12371]  ? mark_lock+0xc2/0x1220
[  692.228741][T12371]  ? __kasan_check_read+0x11/0x20
[  692.235720][T12371]  ? mark_lock+0xc2/0x1220
[  692.240218][T12371]  ? __kasan_check_read+0x11/0x20
20:01:34 executing program 2:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000280)='/dev/input/event#\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = accept$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @multicast1}, &(0x7f0000000140)=0x10)
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x40, 0x8f01, 0x4, 0x81})
write$binfmt_elf64(r2, &(0x7f0000000900)=ANY=[@ANYRES64=0x0], 0x7)
write$P9_RGETATTR(r0, &(0x7f0000000380)={0xfffffffffffffc5c}, 0xa0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f00000000c0)={0x6, 0x6, @value=0xfe8b})
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r4 = dup2(0xffffffffffffffff, r2)
write$FUSE_LSEEK(r4, &(0x7f00000001c0)={0x18, 0x0, 0x2, {0x6}}, 0x18)

[  692.245469][T12371]  ? ___might_sleep+0x163/0x2c0
[  692.250455][T12371]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  692.256699][T12371]  ? aa_sk_perm+0x346/0xb00
[  692.261452][T12371]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  692.267221][T12371]  inet6_sendmsg+0x9e/0xe0
[  692.272387][T12371]  ? inet6_sendmsg+0x9e/0xe0
[  692.277517][T12371]  ? inet6_ioctl+0x1c0/0x1c0
[  692.282382][T12371]  sock_sendmsg+0xd7/0x130
[  692.287531][T12371]  ____sys_sendmsg+0x358/0x880
[  692.292476][T12371]  ? kernel_sendmsg+0x50/0x50
20:01:34 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x404}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000000000)=@ipx, 0x80, 0x0, 0x0, 0x0, 0xfffffec5}}], 0x1, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0)
r0 = getpid()
signalfd4(0xffffffffffffffff, &(0x7f0000000100)={0x7f}, 0x8, 0x800)
sched_setscheduler(r0, 0x5, &(0x7f00000002c0))
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
clone(0x22004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
write$USERIO_CMD_REGISTER(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x40}, 0x2)
exit(0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000440)='status\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
r3 = inotify_add_watch(0xffffffffffffffff, 0x0, 0x0)
inotify_rm_watch(0xffffffffffffffff, r3)
inotify_rm_watch(r2, r3)
preadv(r1, &(0x7f00000017c0), 0x1b4, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000380))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280), &(0x7f0000000240)=0xfffffffffffffea5)
clone3(&(0x7f0000000340)={0x0, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000280)}, 0x50)

[  692.297279][T12371]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  692.302955][T12371]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  692.308969][T12371]  ? find_held_lock+0x35/0x130
[  692.313767][T12371]  ___sys_sendmsg+0x100/0x170
[  692.318691][T12371]  ? sendmsg_copy_msghdr+0x70/0x70
[  692.323840][T12371]  ? __kasan_check_read+0x11/0x20
[  692.328914][T12371]  ? __might_fault+0x12b/0x1e0
[  692.333715][T12371]  ? find_held_lock+0x35/0x130
[  692.333734][T12371]  ? __might_fault+0x12b/0x1e0
[  692.333757][T12371]  ? do_dup2+0x4f0/0x4f0
[  692.343379][T12371]  ? lock_downgrade+0x920/0x920
[  692.343409][T12371]  ? ___might_sleep+0x163/0x2c0
[  692.343426][T12371]  __sys_sendmmsg+0x1bf/0x4d0
[  692.343447][T12371]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  692.368276][T12371]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  692.374824][T12371]  ? fput_many+0x12c/0x1a0
[  692.379501][T12371]  ? fput+0x1b/0x20
[  692.383458][T12371]  ? ksys_write+0x1cf/0x290
[  692.388873][T12371]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  692.388890][T12371]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  692.388905][T12371]  ? do_syscall_64+0x26/0x790
[  692.388927][T12371]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  692.411995][T12371]  ? do_syscall_64+0x26/0x790
[  692.417121][T12371]  __x64_sys_sendmmsg+0x9d/0x100
[  692.417143][T12371]  do_syscall_64+0xfa/0x790
[  692.417165][T12371]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  692.432844][T12371] RIP: 0033:0x45a919
[  692.437048][T12371] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  692.457222][T12371] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  692.465838][T12371] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  692.473864][T12371] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  692.481864][T12371] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  692.489982][T12371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  692.498167][T12371] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:01:34 executing program 3 (fault-call:2 fault-nth:28):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:34 executing program 2:
perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x400000000000003, 0x0, 0x2, 0x2}, 0x10}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r2 = accept(r1, &(0x7f0000000180)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x80)
mmap$snddsp_status(&(0x7f0000ffc000/0x4000)=nil, 0x1000, 0x1000002, 0x4010, r2, 0x82000000)

[  692.776350][T12407] FAULT_INJECTION: forcing a failure.
[  692.776350][T12407] name failslab, interval 1, probability 0, space 0, times 0
[  692.822895][T12407] CPU: 1 PID: 12407 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  692.833338][T12407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  692.844356][T12407] Call Trace:
[  692.848173][T12407]  dump_stack+0x197/0x210
[  692.852618][T12407]  should_fail.cold+0xa/0x10
[  692.857323][T12407]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  692.862740][T12407]  ? setup_fault_attr+0x220/0x220
[  692.868866][T12407]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  692.874324][T12407]  __should_failslab+0x121/0x190
[  692.880607][T12407]  should_failslab+0x9/0x14
[  692.885300][T12407]  kmem_cache_alloc+0x47/0x710
[  692.890529][T12407]  ? __kasan_check_read+0x11/0x20
[  692.895767][T12407]  skb_clone+0x154/0x3d0
[  692.900753][T12407]  ip6_finish_output2+0x18be/0x25c0
[  692.906068][T12407]  ? ip6_mtu+0x2e6/0x450
[  692.910348][T12407]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  692.916531][T12407]  ? lock_downgrade+0x920/0x920
[  692.921934][T12407]  ? rcu_read_lock_held+0x9c/0xb0
[  692.927144][T12407]  ? __kasan_check_read+0x11/0x20
[  692.932468][T12407]  __ip6_finish_output+0x444/0xaa0
[  692.938219][T12407]  ? __ip6_finish_output+0x444/0xaa0
[  692.943542][T12407]  ip6_finish_output+0x38/0x1f0
[  692.948528][T12407]  ip6_output+0x25e/0x880
[  692.953187][T12407]  ? ip6_finish_output+0x1f0/0x1f0
[  692.958521][T12407]  ? __ip6_finish_output+0xaa0/0xaa0
[  692.964082][T12407]  ? ip6_make_skb+0x370/0x570
[  692.969010][T12407]  ? ip_reply_glue_bits+0xc0/0xc0
[  692.974184][T12407]  ip6_local_out+0xbb/0x1b0
[  692.979146][T12407]  ip6_send_skb+0xbb/0x350
[  692.983753][T12407]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  692.989410][T12407]  ? ip6_forward_finish+0x570/0x570
[  692.994853][T12407]  udpv6_sendmsg+0x22f3/0x2b30
[  692.999859][T12407]  ? __kasan_check_write+0x14/0x20
[  693.005259][T12407]  ? ip_reply_glue_bits+0xc0/0xc0
[  693.011110][T12407]  ? udp_v6_get_port+0x6b0/0x6b0
[  693.016503][T12407]  ? __kasan_check_read+0x11/0x20
[  693.022290][T12407]  ? mark_lock+0xc2/0x1220
[  693.027048][T12407]  ? __kasan_check_read+0x11/0x20
[  693.032442][T12407]  ? mark_lock+0xc2/0x1220
[  693.037164][T12407]  ? __kasan_check_read+0x11/0x20
[  693.042625][T12407]  ? ___might_sleep+0x163/0x2c0
[  693.048936][T12407]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  693.055688][T12407]  ? aa_sk_perm+0x346/0xb00
[  693.060921][T12407]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  693.067026][T12407]  inet6_sendmsg+0x9e/0xe0
[  693.071569][T12407]  ? inet6_sendmsg+0x9e/0xe0
[  693.076468][T12407]  ? inet6_ioctl+0x1c0/0x1c0
[  693.081772][T12407]  sock_sendmsg+0xd7/0x130
[  693.086855][T12407]  ____sys_sendmsg+0x358/0x880
[  693.092001][T12407]  ? kernel_sendmsg+0x50/0x50
[  693.097204][T12407]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  693.103270][T12407]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  693.109446][T12407]  ? find_held_lock+0x35/0x130
[  693.115560][T12407]  ___sys_sendmsg+0x100/0x170
[  693.121090][T12407]  ? sendmsg_copy_msghdr+0x70/0x70
[  693.126675][T12407]  ? __kasan_check_read+0x11/0x20
[  693.131901][T12407]  ? __might_fault+0x12b/0x1e0
[  693.136778][T12407]  ? find_held_lock+0x35/0x130
[  693.142229][T12407]  ? __might_fault+0x12b/0x1e0
[  693.147292][T12407]  ? do_dup2+0x4f0/0x4f0
[  693.152121][T12407]  ? lock_downgrade+0x920/0x920
[  693.157286][T12407]  ? ___might_sleep+0x163/0x2c0
[  693.162470][T12407]  __sys_sendmmsg+0x1bf/0x4d0
[  693.167284][T12407]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  693.172859][T12407]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  693.180091][T12407]  ? fput_many+0x12c/0x1a0
[  693.185190][T12407]  ? fput+0x1b/0x20
[  693.189247][T12407]  ? ksys_write+0x1cf/0x290
[  693.194057][T12407]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  693.199633][T12407]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  693.205321][T12407]  ? do_syscall_64+0x26/0x790
[  693.210458][T12407]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  693.216809][T12407]  ? do_syscall_64+0x26/0x790
[  693.221512][T12407]  __x64_sys_sendmmsg+0x9d/0x100
[  693.227317][T12407]  do_syscall_64+0xfa/0x790
[  693.231845][T12407]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  693.238631][T12407] RIP: 0033:0x45a919
[  693.242561][T12407] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  693.264900][T12407] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  693.273448][T12407] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  693.283424][T12407] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  693.292691][T12407] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  693.301060][T12407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  693.309887][T12407] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  694.528739][    C0] net_ratelimit: 12 callbacks suppressed
[  694.528747][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  694.544636][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  694.553671][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  694.562603][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  694.572138][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  694.579884][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  694.586809][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  694.593126][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  695.408695][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  695.414728][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  699.568722][    C0] net_ratelimit: 18 callbacks suppressed
[  699.568730][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  699.582502][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  700.768631][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  700.774541][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  700.780498][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  700.786293][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  700.792423][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  700.798296][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  700.804203][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  700.809998][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  702.302641][T12422] hfs: unable to parse mount options
20:01:45 executing program 5:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000001c0))
pipe(&(0x7f0000000340)={<r1=>0xffffffffffffffff})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xd, r1, 0x8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb0100180000000000070000000000200000000300000000fcd4035e8f05308ffef7576a05f06ea8475419a6fa7162b6f4f86082a446df92ff7bcb523171b0e7638a114c5b18425d9f010219f0fdbb5fcd3b25b17716541c62f8e9150ea3996304ed0145ec64835266c1e763730e8b85c707823fc6c4fe8597ccb1bd3c3729df8879d2c492da15c4d85d740800a9f04ca3e1b161af5c80b9174d2f96cf9f85c7c18f000000000000000000000000003e58b15f22bc940e9f65c45fb64d7a35024a206c72265414dc95ff21fa014710bc78961b4266285658b8ded8e09990b8767402087977ed0fd9bf0935a2642cbfb93400f600ec174731325b06361c2d577212c813e6e92c0a67901181b4e993caf0686ed4171ea288f43af8385a8af9e6c59a99d8f6270100000000000000"], 0x0, 0xb0}, 0x20)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
capget(0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
write$evdev(r6, &(0x7f00000001c0)=[{{0x77359400}, 0x2, 0x7fff}], 0x18)
r7 = fcntl$dupfd(r6, 0x0, r4)
getsockname$tipc(r7, &(0x7f0000000180)=@name, &(0x7f00000002c0)=0x10)
ptrace$getregset(0x4204, 0x0, 0x201, 0x0)
io_setup(0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x7)
r8 = socket(0x80000000000000a, 0x2, 0x0)
close(r8)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r10=>0x0]}, &(0x7f000095dffc)=0x8)
getsockopt$inet_sctp6_SCTP_RTOINFO(r8, 0x84, 0x0, &(0x7f0000000080)={r10}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000100)={r10, 0x6}, &(0x7f0000000140)=0x8)

20:01:45 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000480))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = dup3(r2, r0, 0x80000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
r5 = fsmount(r4, 0x1, 0x48)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000000c0)='\\:(trusted\x00', 0x0, r5)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff})
r7 = dup(r6)
setsockopt$SO_J1939_FILTER(r7, 0x6b, 0x1, &(0x7f0000000100)=[{0x3, 0x1, {0x3, 0xff, 0x2}, {0x3, 0x75, 0x5}, 0x1fe, 0x1}, {0x0, 0x0, {0x2, 0x1, 0x2}, {0x1, 0xaa40fd6c3d1d8710, 0x4}, 0xfe}], 0x40)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r8, 0x84, 0xe, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0xff0a)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r8, 0x84, 0x73, &(0x7f0000000040)={0x0, 0x0, 0x30}, &(0x7f0000000080)=0x18)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
mmap$usbmon(&(0x7f0000012000/0x1000)=nil, 0x1000, 0x2, 0x100077, r9, 0x2a38000000000000)
r10 = dup2(r0, r8)
dup3(r10, r1, 0x0)

20:01:45 executing program 3 (fault-call:2 fault-nth:29):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:45 executing program 0:
pipe(&(0x7f0000000680))
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
dup(0xffffffffffffffff)
r1 = getpgrp(0x0)
capget(&(0x7f0000000000)={0x0, r1}, 0x0)
getpgid(0x0)
r2 = memfd_create(0x0, 0x5)
syz_open_dev$sndseq(0x0, 0x0, 0x1)
r3 = dup2(0xffffffffffffffff, r2)
ppoll(&(0x7f0000000200)=[{r3}], 0x1, &(0x7f0000000280), 0x0, 0x0)
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$kcm(0x11, 0xa, 0x300)
fcntl$getownex(r5, 0x10, &(0x7f0000000580))
r6 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
write$binfmt_misc(r7, &(0x7f0000000140)=ANY=[], 0xfef0)
fsetxattr$system_posix_acl(r6, &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000900)=ANY=[@ANYBLOB="00eb800000", @ANYRES32, @ANYRES32, @ANYBLOB="b8e365400357609aeb2c35eb6346b93ee6a8ccac064b28045fb5ccc42eb61c604bd9bc6f06af127321df7559522954af9fbdf181f025e9a65d7a17310597d62a318833df89a57e5b53778aa3e66844fc416fc7e2cee11b08996b374e80f611201000be976c77795ceead35bdcf1b23c88334501831ff741891ff83bd8103282caf9b66fa23cc7ad8ce987b956942c2650306152e", @ANYBLOB="aa1345f97e", @ANYRES32=0x0, @ANYRESHEX=r0], 0x7, 0x1)
r8 = socket(0xa, 0x3, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff}}}, 0x20)
sendmsg$key(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1de}}, 0x0)
r10 = gettid()
waitid(0x83b895581628fca4, r10, &(0x7f0000000040), 0x2, &(0x7f0000000480))
sendmsg$key(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r9, @ANYRESDEC=r10]], 0xfffffffffffffe56}}, 0x20004850)
memfd_create(0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00'})
r11 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r11)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x227d, &(0x7f0000000780))
kcmp(r11, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r12=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x4, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x9)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r12}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r4, 0x0, 0x0, 0x0, r12}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r1, 0xffffffffffffffff, 0x0, 0x0, 0x0, r12}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000740)={r12}, 0xc)
r13 = openat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0x30000, 0x18f)
r14 = gettid()
capget(&(0x7f0000000040)={0x20071026, r14}, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000600)=<r15=>0x0)
perf_event_open(0x0, r15, 0xe, r13, 0x8)
r16 = socket$inet(0x2, 0x4000000000000001, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0xfffffffffffffffe)
bind$inet(r16, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r16, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r16, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10)
r17 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x2, 0x105084)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r18 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0)
pwritev(r18, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a3", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r17, 0x4c00, r18)
sendfile(r16, r17, 0x0, 0x102000004)

20:01:45 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r3)
stat(&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setregid(r3, r4)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000e4", 0x2b}], 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040)=0x96d1, 0x17f)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$PIO_UNISCRNMAP(0xffffffffffffffff, 0x4b6a, &(0x7f00000000c0)="d28a62d3c565ed8c78cb2637bd8dd72a7e")
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f0000000240)='tls\x00', 0x4)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bind$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000140)={[0x0, 0x0, 0x608, 0x0, 0x0, 0x0, 0x4cc], 0x100000})
setsockopt$packet_int(r6, 0x107, 0x3, &(0x7f0000000100), 0x4)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

20:01:45 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  703.368294][T12435] FAULT_INJECTION: forcing a failure.
[  703.368294][T12435] name failslab, interval 1, probability 0, space 0, times 0
[  703.381987][T12435] CPU: 0 PID: 12435 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  703.392414][T12435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  703.402566][T12435] Call Trace:
[  703.405883][T12435]  dump_stack+0x197/0x210
[  703.410242][T12435]  should_fail.cold+0xa/0x10
[  703.414987][T12435]  ? is_bpf_text_address+0xac/0x160
[  703.420838][T12435]  ? setup_fault_attr+0x220/0x220
[  703.425910][T12435]  __should_failslab+0x121/0x190
[  703.427841][T12437] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure
[  703.430963][T12435]  should_failslab+0x9/0x14
[  703.430980][T12435]  kmem_cache_alloc+0x47/0x710
[  703.430999][T12435]  ? lock_acquire+0x190/0x410
[  703.431020][T12435]  ? net_tx_action+0xd30/0xd30
[  703.431039][T12435]  skb_clone+0x154/0x3d0
[  703.431059][T12435]  dev_queue_xmit_nit+0x3a1/0xaa0
[  703.431089][T12435]  dev_hard_start_xmit+0xbb/0x9b0
[  703.431110][T12435]  ? validate_xmit_skb_list+0xfc/0x150
[  703.431140][T12435]  sch_direct_xmit+0x372/0xd30
[  703.485631][T12435]  ? dev_watchdog+0xca0/0xca0
[  703.490408][T12435]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  703.495975][T12435]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  703.501972][T12435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  703.508353][T12435]  ? sfb_dequeue+0x421/0x4d0
[  703.512982][T12435]  __qdisc_run+0x4bf/0x1770
[  703.517499][T12435]  __dev_queue_xmit+0x1650/0x35c0
[  703.522534][T12435]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  703.527978][T12435]  ? mark_held_locks+0xf0/0xf0
[  703.532749][T12435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  703.539001][T12435]  ? debug_smp_processor_id+0x33/0x18a
[  703.544555][T12435]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  703.550979][T12435]  ? rcu_read_lock_held_common+0xbd/0x130
[  703.556827][T12435]  dev_queue_xmit+0x18/0x20
[  703.561556][T12435]  ? dev_queue_xmit+0x18/0x20
[  703.566321][T12435]  neigh_direct_output+0x16/0x20
[  703.571250][T12435]  ip6_finish_output2+0x109a/0x25c0
[  703.576446][T12435]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  703.581990][T12435]  ? lock_downgrade+0x920/0x920
[  703.586836][T12435]  ? netif_rx_ni+0x670/0x670
[  703.591425][T12435]  ? __kasan_check_read+0x11/0x20
[  703.596452][T12435]  __ip6_finish_output+0x444/0xaa0
[  703.601551][T12435]  ? __ip6_finish_output+0x444/0xaa0
[  703.606838][T12435]  ip6_finish_output+0x38/0x1f0
[  703.611690][T12435]  ip6_output+0x25e/0x880
[  703.616020][T12435]  ? ip6_finish_output+0x1f0/0x1f0
[  703.621138][T12435]  ? __ip6_finish_output+0xaa0/0xaa0
[  703.626538][T12435]  ? ip6_make_skb+0x370/0x570
[  703.631425][T12435]  ? ip_reply_glue_bits+0xc0/0xc0
[  703.636581][T12435]  ip6_local_out+0xbb/0x1b0
[  703.641443][T12435]  ip6_send_skb+0xbb/0x350
[  703.646701][T12435]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  703.652891][T12435]  ? ip6_forward_finish+0x570/0x570
[  703.658250][T12435]  udpv6_sendmsg+0x22f3/0x2b30
[  703.663848][T12435]  ? __kasan_check_write+0x14/0x20
[  703.669131][T12435]  ? ip_reply_glue_bits+0xc0/0xc0
[  703.674196][T12435]  ? udp_v6_get_port+0x6b0/0x6b0
[  703.679270][T12435]  ? __kasan_check_read+0x11/0x20
[  703.684469][T12435]  ? mark_lock+0xc2/0x1220
[  703.688908][T12435]  ? __kasan_check_read+0x11/0x20
[  703.693930][T12435]  ? mark_lock+0xc2/0x1220
[  703.698434][T12435]  ? __kasan_check_read+0x11/0x20
[  703.703465][T12435]  ? ___might_sleep+0x163/0x2c0
[  703.708330][T12435]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  703.714049][T12435]  ? aa_sk_perm+0x346/0xb00
[  703.718574][T12435]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  703.724497][T12435]  inet6_sendmsg+0x9e/0xe0
[  703.728933][T12435]  ? inet6_sendmsg+0x9e/0xe0
[  703.733606][T12435]  ? inet6_ioctl+0x1c0/0x1c0
[  703.738191][T12435]  sock_sendmsg+0xd7/0x130
[  703.742726][T12435]  ____sys_sendmsg+0x358/0x880
[  703.747634][T12435]  ? kernel_sendmsg+0x50/0x50
[  703.752453][T12435]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  703.758022][T12435]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  703.764607][T12435]  ? find_held_lock+0x35/0x130
[  703.769649][T12435]  ___sys_sendmsg+0x100/0x170
[  703.774339][T12435]  ? sendmsg_copy_msghdr+0x70/0x70
[  703.779496][T12435]  ? __kasan_check_read+0x11/0x20
[  703.784538][T12435]  ? __might_fault+0x12b/0x1e0
[  703.789427][T12435]  ? find_held_lock+0x35/0x130
[  703.794204][T12435]  ? __might_fault+0x12b/0x1e0
[  703.799287][T12435]  ? do_dup2+0x4f0/0x4f0
[  703.803633][T12435]  ? lock_downgrade+0x920/0x920
[  703.808647][T12435]  ? ___might_sleep+0x163/0x2c0
[  703.813698][T12435]  __sys_sendmmsg+0x1bf/0x4d0
[  703.818950][T12435]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  703.824236][T12435]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  703.830928][T12435]  ? fput_many+0x12c/0x1a0
[  703.835368][T12435]  ? fput+0x1b/0x20
[  703.839185][T12435]  ? ksys_write+0x1cf/0x290
[  703.843889][T12435]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  703.849562][T12435]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  703.855046][T12435]  ? do_syscall_64+0x26/0x790
[  703.859733][T12435]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  703.866110][T12435]  ? do_syscall_64+0x26/0x790
[  703.870990][T12435]  __x64_sys_sendmmsg+0x9d/0x100
[  703.876480][T12435]  do_syscall_64+0xfa/0x790
[  703.881082][T12435]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  703.886970][T12435] RIP: 0033:0x45a919
[  703.890872][T12435] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  703.910956][T12435] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  703.919395][T12435] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  703.927626][T12435] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  703.935872][T12435] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  703.943935][T12435] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  703.951997][T12435] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:01:46 executing program 3 (fault-call:2 fault-nth:30):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:46 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8090, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0)
r2 = perf_event_open(&(0x7f000001d000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xefffffffffffffff, r0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
sendto$inet(r3, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x1f4, 0x0, 0x7)

[  704.100186][T12438] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  704.226812][T12458] FAULT_INJECTION: forcing a failure.
[  704.226812][T12458] name failslab, interval 1, probability 0, space 0, times 0
[  704.240313][T12458] CPU: 0 PID: 12458 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  704.250319][T12458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  704.260390][T12458] Call Trace:
[  704.263831][T12458]  dump_stack+0x197/0x210
[  704.268317][T12458]  should_fail.cold+0xa/0x10
[  704.273162][T12458]  ? setup_fault_attr+0x220/0x220
[  704.278260][T12458]  ? ___might_sleep+0x163/0x2c0
[  704.283505][T12458]  __should_failslab+0x121/0x190
[  704.288484][T12458]  should_failslab+0x9/0x14
[  704.293172][T12458]  kmem_cache_alloc_node+0x268/0x740
[  704.298719][T12458]  ? __dev_queue_xmit+0x173f/0x35c0
[  704.304218][T12458]  ? trace_hardirqs_on+0x67/0x240
[  704.309641][T12458]  ? __dev_queue_xmit+0x173f/0x35c0
[  704.315127][T12458]  __alloc_skb+0xd5/0x5e0
[  704.319467][T12458]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  704.325114][T12458]  alloc_skb_with_frags+0x93/0x590
[  704.330230][T12458]  ? find_held_lock+0x35/0x130
[  704.334989][T12458]  sock_alloc_send_pskb+0x7ad/0x920
[  704.340360][T12458]  ? sock_wmalloc+0x120/0x120
[  704.345113][T12458]  ? __local_bh_enable_ip+0x15a/0x270
[  704.350775][T12458]  ? ip6_finish_output2+0x1106/0x25c0
[  704.356581][T12458]  ? ip6_mtu+0x2e6/0x450
[  704.361175][T12458]  ? find_held_lock+0x35/0x130
[  704.365933][T12458]  sock_alloc_send_skb+0x32/0x40
[  704.370864][T12458]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  704.376945][T12458]  ? ip_reply_glue_bits+0xc0/0xc0
[  704.382163][T12458]  ? ip6_setup_cork+0x1920/0x1920
[  704.387215][T12458]  ? ip6_flush_pending_frames+0xd0/0xd0
[  704.392771][T12458]  ? __kasan_check_read+0x11/0x20
[  704.397792][T12458]  ip6_make_skb+0x32f/0x570
[  704.402385][T12458]  ? ip_reply_glue_bits+0xc0/0xc0
[  704.408193][T12458]  ? ip_reply_glue_bits+0xc0/0xc0
[  704.413411][T12458]  ? ip6_push_pending_frames+0xf0/0xf0
[  704.419081][T12458]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  704.424649][T12458]  ? ip6_forward_finish+0x570/0x570
[  704.429838][T12458]  ? rcu_read_lock_held+0x9c/0xb0
[  704.434865][T12458]  udpv6_sendmsg+0x22a1/0x2b30
[  704.439712][T12458]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  704.446023][T12458]  ? ip_reply_glue_bits+0xc0/0xc0
[  704.451152][T12458]  ? udp_v6_get_port+0x6b0/0x6b0
[  704.456460][T12458]  ? __kasan_check_read+0x11/0x20
[  704.461498][T12458]  ? mark_lock+0xc2/0x1220
[  704.466037][T12458]  ? __kasan_check_read+0x11/0x20
[  704.471049][T12458]  ? mark_lock+0xc2/0x1220
[  704.475560][T12458]  ? __kasan_check_read+0x11/0x20
[  704.480806][T12458]  ? ___might_sleep+0x163/0x2c0
[  704.485661][T12458]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  704.491286][T12458]  ? aa_sk_perm+0x346/0xb00
[  704.495805][T12458]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  704.501347][T12458]  inet6_sendmsg+0x9e/0xe0
[  704.505766][T12458]  ? inet6_sendmsg+0x9e/0xe0
[  704.510435][T12458]  ? inet6_ioctl+0x1c0/0x1c0
[  704.515015][T12458]  sock_sendmsg+0xd7/0x130
[  704.519551][T12458]  ____sys_sendmsg+0x358/0x880
[  704.524311][T12458]  ? kernel_sendmsg+0x50/0x50
[  704.528979][T12458]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  704.534742][T12458]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  704.540740][T12458]  ? find_held_lock+0x35/0x130
[  704.545512][T12458]  ___sys_sendmsg+0x100/0x170
[  704.550200][T12458]  ? sendmsg_copy_msghdr+0x70/0x70
[  704.555300][T12458]  ? __kasan_check_read+0x11/0x20
[  704.560318][T12458]  ? __might_fault+0x12b/0x1e0
[  704.565092][T12458]  ? find_held_lock+0x35/0x130
[  704.569870][T12458]  ? __might_fault+0x12b/0x1e0
[  704.574646][T12458]  ? do_dup2+0x4f0/0x4f0
[  704.578995][T12458]  ? lock_downgrade+0x920/0x920
[  704.583862][T12458]  ? ___might_sleep+0x163/0x2c0
[  704.588704][T12458]  __sys_sendmmsg+0x1bf/0x4d0
[  704.593531][T12458]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  704.598664][T12458]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  704.605391][T12458]  ? fput_many+0x12c/0x1a0
[  704.609979][T12458]  ? fput+0x1b/0x20
[  704.613792][T12458]  ? ksys_write+0x1cf/0x290
[  704.618389][T12458]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  704.623853][T12458]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  704.629503][T12458]  ? do_syscall_64+0x26/0x790
[  704.634193][T12458]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  704.640386][T12458]  ? do_syscall_64+0x26/0x790
[  704.645066][T12458]  __x64_sys_sendmmsg+0x9d/0x100
[  704.650022][T12458]  do_syscall_64+0xfa/0x790
[  704.654561][T12458]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  704.660495][T12458] RIP: 0033:0x45a919
[  704.664960][T12458] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  704.685179][T12458] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  704.693681][T12458] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  704.702027][T12458] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  704.710094][T12458] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  704.718274][T12458] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  704.726414][T12458] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:01:46 executing program 2:
perf_event_open(&(0x7f0000000180)={0x1, 0xfffffffffffffe7d, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x9, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000dec000)={0x6, 0x4, 0x338d, 0x7, 0x0, 0xffffffffffffff9c}, 0x24)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_int(r2, 0x1, 0x200000010, &(0x7f0000000080)=0x5, 0x4)
write$binfmt_elf32(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="83"], 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setuid(r4)
write$ppp(r1, &(0x7f0000000500)='R', 0x1)
recvmsg(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/16, 0x10}], 0x1}, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000c88000)={r0, &(0x7f0000847f95), &(0x7f000089b000)}, 0x3a8)

20:01:47 executing program 3 (fault-call:2 fault-nth:31):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  704.928625][    C0] net_ratelimit: 12 callbacks suppressed
[  704.928632][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  704.940593][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  704.946428][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  704.952241][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  704.958106][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  704.964389][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  704.970454][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  704.976294][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:01:47 executing program 2:
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0)
epoll_create1(0x80000)
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000000c0)={0x7, [0x200, 0x5, 0x5, 0xae, 0x5, 0x0, 0x1]}, &(0x7f0000000100)=0x12)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x11f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$dupfd(r2, 0x0, r1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r5)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r8, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000340)=ANY=[@ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYRES32, @ANYRESHEX, @ANYPTR=&(0x7f0000000180)=ANY=[@ANYPTR64, @ANYPTR, @ANYPTR], @ANYRESHEX, @ANYRESHEX, @ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYRES64=r5, @ANYRESDEC=r6, @ANYRES32=r8, @ANYRES64, @ANYPTR]]], 0x8)
ioctl$USBDEVFS_CONNECTINFO(r3, 0x40085511, &(0x7f0000000140))
r9 = socket(0x10, 0x803, 0x0)
setsockopt$inet_mtu(r9, 0x0, 0xa, &(0x7f0000000240)=0xcf0823268f0ca4ea, 0x4)
syz_read_part_table(0x300000000000000, 0x1d4, &(0x7f0000000200)=[{&(0x7f0000000080)="020005000000000e001400000000000000000f0000000000000000000500000000004200000000000000000000000000000000000000000000000000000055aa", 0x40, 0x1c0}])

20:01:47 executing program 0:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0)
fchdir(r0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, 0x0, &(0x7f00000003c0))
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x2)
ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f0000000300)={0x9, {0x0, 0x7, 0xcd}})
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = open(0x0, 0x0, 0x0)
ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/227})
write$UHID_INPUT(r2, &(0x7f0000000980), 0x10a9)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r2, &(0x7f00000000c0)=0x500, 0x8080fffffffe)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00')
sendmsg$TIPC_NL_PUBL_GET(r4, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x9000200}, 0xc, &(0x7f0000000280)={&(0x7f0000000500)={0x130, r5, 0x902, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xd3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x21eb}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}]}, @TIPC_NLA_BEARER={0x98, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1f}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xdc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffffffc1}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'erspan0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0xff800000, @rand_addr="02b207684bfc298142921727d224d4f5", 0x33}}, {0x14, 0x2, @in={0x2, 0x4e22, @remote}}}}, @TIPC_NLA_BEARER_NAME={0x18, 0x1, @l2={'eth', 0x3a, 'team_slave_0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffffffff}]}, @TIPC_NLA_NODE={0x10, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1000}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}]}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3ff}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x49001}, 0x0)

[  705.113266][T12470] FAULT_INJECTION: forcing a failure.
[  705.113266][T12470] name failslab, interval 1, probability 0, space 0, times 0
[  705.191313][T12470] CPU: 0 PID: 12470 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  705.201253][T12470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  705.211363][T12470] Call Trace:
[  705.214709][T12470]  dump_stack+0x197/0x210
[  705.219069][T12470]  should_fail.cold+0xa/0x10
[  705.223683][T12470]  ? setup_fault_attr+0x220/0x220
[  705.223706][T12470]  ? ___might_sleep+0x163/0x2c0
[  705.223730][T12470]  __should_failslab+0x121/0x190
[  705.233778][T12470]  should_failslab+0x9/0x14
[  705.233797][T12470]  kmem_cache_alloc_node_trace+0x274/0x750
[  705.233815][T12470]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  705.233837][T12470]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  705.261136][T12470]  __kmalloc_node_track_caller+0x3d/0x70
[  705.266977][T12470]  __kmalloc_reserve.isra.0+0x40/0xf0
[  705.272380][T12470]  __alloc_skb+0x10b/0x5e0
[  705.276968][T12470]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  705.282558][T12470]  alloc_skb_with_frags+0x93/0x590
[  705.287692][T12470]  ? find_held_lock+0x35/0x130
[  705.292636][T12470]  sock_alloc_send_pskb+0x7ad/0x920
[  705.298225][T12470]  ? sock_wmalloc+0x120/0x120
[  705.302930][T12470]  ? __local_bh_enable_ip+0x15a/0x270
[  705.308335][T12470]  ? ip6_finish_output2+0x1106/0x25c0
[  705.314168][T12470]  ? ip6_mtu+0x2e6/0x450
[  705.318754][T12470]  ? find_held_lock+0x35/0x130
[  705.323565][T12470]  sock_alloc_send_skb+0x32/0x40
[  705.328546][T12470]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  705.334439][T12470]  ? ip_reply_glue_bits+0xc0/0xc0
[  705.339507][T12470]  ? ip6_setup_cork+0x1920/0x1920
[  705.344759][T12470]  ? ip6_flush_pending_frames+0xd0/0xd0
[  705.350324][T12470]  ? __kasan_check_read+0x11/0x20
[  705.355380][T12470]  ip6_make_skb+0x32f/0x570
[  705.359901][T12470]  ? ip_reply_glue_bits+0xc0/0xc0
[  705.365148][T12470]  ? ip_reply_glue_bits+0xc0/0xc0
[  705.370391][T12470]  ? ip6_push_pending_frames+0xf0/0xf0
[  705.375885][T12470]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  705.381465][T12470]  ? ip6_forward_finish+0x570/0x570
[  705.386810][T12470]  ? rcu_read_lock_held+0x9c/0xb0
[  705.392504][T12470]  udpv6_sendmsg+0x22a1/0x2b30
[  705.397387][T12470]  ? __kasan_check_write+0x14/0x20
[  705.402562][T12470]  ? ip_reply_glue_bits+0xc0/0xc0
[  705.407618][T12470]  ? udp_v6_get_port+0x6b0/0x6b0
[  705.412580][T12470]  ? __kasan_check_read+0x11/0x20
[  705.417637][T12470]  ? mark_lock+0xc2/0x1220
[  705.422379][T12470]  ? __kasan_check_read+0x11/0x20
[  705.428358][T12470]  ? mark_lock+0xc2/0x1220
[  705.432985][T12470]  ? __kasan_check_read+0x11/0x20
[  705.438050][T12470]  ? ___might_sleep+0x163/0x2c0
[  705.442935][T12470]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  705.448589][T12470]  ? aa_sk_perm+0x346/0xb00
[  705.453147][T12470]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  705.458729][T12470]  inet6_sendmsg+0x9e/0xe0
[  705.463175][T12470]  ? inet6_sendmsg+0x9e/0xe0
[  705.467797][T12470]  ? inet6_ioctl+0x1c0/0x1c0
[  705.472406][T12470]  sock_sendmsg+0xd7/0x130
[  705.476963][T12470]  ____sys_sendmsg+0x358/0x880
[  705.481741][T12470]  ? kernel_sendmsg+0x50/0x50
[  705.486446][T12470]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  705.492311][T12470]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  705.492327][T12470]  ? find_held_lock+0x35/0x130
[  705.492353][T12470]  ___sys_sendmsg+0x100/0x170
[  705.492372][T12470]  ? sendmsg_copy_msghdr+0x70/0x70
[  705.492397][T12470]  ? __kasan_check_read+0x11/0x20
[  705.503155][T12470]  ? __might_fault+0x12b/0x1e0
[  705.503173][T12470]  ? find_held_lock+0x35/0x130
[  705.503189][T12470]  ? __might_fault+0x12b/0x1e0
[  705.503207][T12470]  ? do_dup2+0x4f0/0x4f0
[  705.503230][T12470]  ? lock_downgrade+0x920/0x920
[  705.535590][   T27] audit: type=1804 audit(1577390507.301:63): pid=12476 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir755456860/syzkaller.ym7LGg/111/file0/file0" dev="loop0" ino=120 res=1
[  705.539260][T12470]  ? ___might_sleep+0x163/0x2c0
[  705.539282][T12470]  __sys_sendmmsg+0x1bf/0x4d0
[  705.539301][T12470]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  705.539337][T12470]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  705.592031][T12470]  ? fput_many+0x12c/0x1a0
[  705.596987][T12470]  ? fput+0x1b/0x20
[  705.600812][T12470]  ? ksys_write+0x1cf/0x290
[  705.605737][T12470]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  705.611806][T12470]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  705.617358][T12470]  ? do_syscall_64+0x26/0x790
[  705.622242][T12470]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  705.628343][T12470]  ? do_syscall_64+0x26/0x790
[  705.633049][T12470]  __x64_sys_sendmmsg+0x9d/0x100
[  705.638090][T12470]  do_syscall_64+0xfa/0x790
[  705.642590][T12470]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  705.648482][T12470] RIP: 0033:0x45a919
[  705.652376][T12470] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  705.674640][T12470] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  705.683169][T12470] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  705.692210][T12470] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  705.700261][T12470] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  705.709264][T12470] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  705.721447][T12470] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  705.775041][T12480] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  705.785215][T12480] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  705.793507][T12480]  loop2: p2 < >
[  705.968612][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  705.974430][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  710.128684][    C0] net_ratelimit: 18 callbacks suppressed
[  710.134622][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  710.141323][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  711.168721][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  711.175062][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  711.180944][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  711.186711][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  711.192601][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  711.198365][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  711.204229][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  711.210464][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  715.328648][    C0] net_ratelimit: 12 callbacks suppressed
[  715.328657][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  715.340517][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  715.346335][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  715.352372][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  715.358389][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  715.364298][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  715.370207][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  715.375975][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  716.368634][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  716.374653][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:01:59 executing program 0:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000d0700"/20, @ANYRES32=r6, @ANYBLOB="00000000000000001c0012000c0e0100010005000000"], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=@newlink={0x20, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x10aec61bc6caa7b3}}, 0x20}}, 0x0)

20:01:59 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000940)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000280)={r5}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000980)={0x51, 0x2, 0x8, 0xffffffc0, r5}, 0x10)
ioctl$KVM_SMI(r1, 0xaeb7)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067f0200ff810040010000000058000b4824ca945f64009400050028845a01000000000000008000f0fffeffe809000000fff5dd00000010000100070c10000000000001400000", 0x58}], 0x1)

20:01:59 executing program 3 (fault-call:2 fault-nth:32):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:59 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x400}, 0x0, 0x2, 0xffffffffffffffff, 0x10)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$VIDIOC_DBG_S_REGISTER(r2, 0x4038564f, &(0x7f0000000000)={{0x4, @addr=0x4}, 0x8, 0x1000, 0x9})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_open_procfs(0x0, &(0x7f0000272000))
keyctl$session_to_parent(0x12)

20:01:59 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r1, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:01:59 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_EVENTFD(r1, 0x5, 0x0, 0x0)
r2 = open(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
dup3(r2, r0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$BLKGETSIZE(r3, 0x1260, &(0x7f0000000300))
fcntl$setstatus(r0, 0x4, 0x44000)
r4 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0)
r5 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ftruncate(r5, 0x8200)
getresuid(&(0x7f0000004180), 0x0, 0x0)
io_setup(0x40000000008, &(0x7f0000000240)=<r6=>0x0)
r7 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x28040, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x3c, r9, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x28, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}]}, 0x3c}}, 0x800)
sendmsg$IPVS_CMD_DEL_DEST(r7, &(0x7f0000000280)={&(0x7f0000000140), 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, r9, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x7}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x40000002)
io_submit(r6, 0x4, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x40000, 0x1200}])

[  717.256149][T12498] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  717.284818][T12500] FAULT_INJECTION: forcing a failure.
[  717.284818][T12500] name failslab, interval 1, probability 0, space 0, times 0
[  717.312447][T12500] CPU: 0 PID: 12500 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  717.317155][T12508] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  717.324901][T12500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  717.324909][T12500] Call Trace:
[  717.324935][T12500]  dump_stack+0x197/0x210
[  717.324957][T12500]  should_fail.cold+0xa/0x10
[  717.324974][T12500]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  717.324992][T12500]  ? setup_fault_attr+0x220/0x220
[  717.325006][T12500]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  717.325031][T12500]  __should_failslab+0x121/0x190
[  717.377515][T12500]  should_failslab+0x9/0x14
[  717.382038][T12500]  kmem_cache_alloc+0x47/0x710
[  717.386843][T12500]  ? __kasan_check_read+0x11/0x20
[  717.392335][T12500]  skb_clone+0x154/0x3d0
[  717.396695][T12500]  ip6_finish_output2+0x18be/0x25c0
[  717.402180][T12500]  ? ip6_mtu+0x2e6/0x450
[  717.406443][T12500]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
20:01:59 executing program 2:
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17, 0x1}], 0xc0ed0000, &(0x7f0000000040)={[{@fat=@usefree='usefree'}]})

20:01:59 executing program 0:
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$nV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\xc6\x96Y\xf7\xd3`\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/376)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000080)={<r3=>0x0, <r4=>0x0})
utimensat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={{r3, r4/1000+10000}}, 0x0)
r5 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
write$apparmor_exec(r0, &(0x7f0000000880)={'\\C\x1b)\x0f\x0eBC\x9bMY\x1d\x9b8r\xc3\x16\xb1\x9b<my\xeaU\x0e3\\C6im\x9bB\xd21\xd2\xbe\xddEf \xa0\xa6v\xf7\xe7\x89\xec\xbf\xc8\x97\xb37\xf0\x10\xcd\xd9\xaf\xbb\xec\xccT\x9e\xe0\xbaw3\xc4\x95\xdc\x8d3\xf8\xec/\xa4U\x87\x02g\x06k\x9fW[\x0fc\xb1\xd4y\xd4\xca=\f\xd0Q[\xacb\xa3f4\x9el\x90\x878[\x00\xd9\x04\x1a\xa6\xa4\x17\xa6\xa0ztl\x17\xef\x1bU\xfbD\xec\x88\xd4\xa0&\xdb\x95wp\xfb\x01[\x8c\xc4(\xbb)\xf3\xa9\x1b\x139\xff\x01\x00\x00\x00\x00\x00\x00\xb7\rpRc\xc1\tt\xd3W\x11t\x1f\xa4n\xfd:\x90${\xdf\x1d\x82\x9a\x88\xc78\xc0g\xb9\xbe\xbd1\x11}\x8d\'\x15+\x05\x00\x00\x00\x00\x00\x00\x00S\xe6\x12\x9f\r\xed\xb8\xb6\xd2\xb8\xb7\f[\xd8y\xc6O\xcfE\xb4\xe6\x16\xf3mq\xbb\x0f\xa8ct\x1fT\x1e\x8c\x9cT\xb8jy\xac\xcc\xf6B\xde\xcb\xb6}\x80\x94v\xd7\x8a\xe6\xd6\xa08\x1d\xa8\xef\x8f\xcf\xec\x8cG\x81\xde\f\xb0\xc1\xf2n\x9c\x04\xa5@\x9d\xaa\t\x9eE\xefE\x0e\x84\xf1`\x8b\r\x02Z\\3\xe5\xf1,', 'fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$dV\x92M%\xfd)0m6Z\x05\xae\xa7\x1b]\bp\xa6Q\x9b\x0fJ\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00]LD\xef\xf1Jg\xb9a\xe7\xe2k\xc6\x11\x8d>\x80\x9f\xddZ\xb3\xe5\xc8\x04s\xe6E\xfbQ\x0f\x82\x13\xdfP\xcc\xb3\xba\"\x18}\x04GxG\xeeN\xac\xc05`'}, 0x2c1)

[  717.412057][T12500]  ? lock_downgrade+0x920/0x920
[  717.417032][T12500]  ? rcu_read_lock_held+0x9c/0xb0
[  717.422359][T12500]  ? __kasan_check_read+0x11/0x20
[  717.428099][T12500]  __ip6_finish_output+0x444/0xaa0
[  717.433964][T12500]  ? __ip6_finish_output+0x444/0xaa0
[  717.439276][T12500]  ip6_finish_output+0x38/0x1f0
[  717.444241][T12500]  ip6_output+0x25e/0x880
[  717.448677][T12500]  ? ip6_finish_output+0x1f0/0x1f0
[  717.448698][T12500]  ? __ip6_finish_output+0xaa0/0xaa0
[  717.448717][T12500]  ? ip6_make_skb+0x370/0x570
[  717.459595][T12500]  ? ip_reply_glue_bits+0xc0/0xc0
[  717.459617][T12500]  ip6_local_out+0xbb/0x1b0
[  717.459636][T12500]  ip6_send_skb+0xbb/0x350
[  717.459657][T12500]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  717.459677][T12500]  ? ip6_forward_finish+0x570/0x570
[  717.474179][T12500]  udpv6_sendmsg+0x22f3/0x2b30
[  717.495267][T12500]  ? __kasan_check_write+0x14/0x20
[  717.495286][T12500]  ? ip_reply_glue_bits+0xc0/0xc0
[  717.495310][T12500]  ? udp_v6_get_port+0x6b0/0x6b0
[  717.501337][T12511] FAT-fs (loop2): bogus number of reserved sectors
[  717.506186][T12500]  ? __kasan_check_read+0x11/0x20
[  717.506202][T12500]  ? mark_lock+0xc2/0x1220
[  717.506222][T12500]  ? __kasan_check_read+0x11/0x20
[  717.506241][T12500]  ? mark_lock+0xc2/0x1220
[  717.538637][T12500]  ? __kasan_check_read+0x11/0x20
[  717.540542][T12511] FAT-fs (loop2): Can't find a valid FAT filesystem
[  717.543702][T12500]  ? ___might_sleep+0x163/0x2c0
[  717.543729][T12500]  ? debug_lockdep_rcu_enabled+0x71/0xa0
20:01:59 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001480)='/dev/sequencer2\x00', 0x40, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f00000014c0)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x4000, 0x1})
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
r2 = fcntl$getown(0xffffffffffffffff, 0x9)
openat$urandom(0xffffffffffffff9c, &(0x7f0000001440)='/dev/urandom\x00', 0x80402, 0x0)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r2, 0x4, 0xffffffffffffffff, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000300)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=0xff, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x8, 0x1}, 0x0, 0x0, &(0x7f0000000200)={0x1, 0xb, 0x8000, 0xfffffff9}, &(0x7f0000000240)=0x3, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001400)={r2, 0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000000)='\x00\x00\x00\x00 \x00\x00\x7f\x88\x00', r3}, 0x30)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r1, 0x4, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000080)={0x5, 0x70, 0x9, 0x5, 0x3, 0x0, 0x0, 0x45, 0x40040, 0x2, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x3, @perf_config_ext={0x0, 0x8}, 0x80, 0x5, 0xfffffffa, 0x1, 0x8, 0x1}, r1, 0x9, 0xffffffffffffffff, 0x1)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000280)='\x00\x00\x00\x00 \x00\x00\x7f\x88\x00', 0x4400, 0x0)
preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0xffc00}], 0x1, 0x0)

[  717.543744][T12500]  ? aa_sk_perm+0x346/0xb00
[  717.543774][T12500]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  717.572682][T12500]  inet6_sendmsg+0x9e/0xe0
[  717.572700][T12500]  ? inet6_sendmsg+0x9e/0xe0
[  717.572718][T12500]  ? inet6_ioctl+0x1c0/0x1c0
[  717.572734][T12500]  sock_sendmsg+0xd7/0x130
[  717.572751][T12500]  ____sys_sendmsg+0x358/0x880
[  717.572770][T12500]  ? kernel_sendmsg+0x50/0x50
20:01:59 executing program 3 (fault-call:2 fault-nth:33):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:01:59 executing program 2:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x21, 0x0, 0x11, 0xffffffffffffffff, 0x0)
r0 = add_key(&(0x7f0000000040)='big_key\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000001c0)='g', 0x524, 0xfffffffffffffffb)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r2 = dup2(r1, 0xffffffffffffffff)
write$FUSE_DIRENT(r2, &(0x7f0000000200)={0xe0, 0x1ad0bb9e69fde931, 0x4, [{0x1, 0x2, 0x3, 0x3f, 'syz'}, {0x2, 0x3ce2, 0x3, 0x100, 'syz'}, {0x5, 0x2f67, 0x8, 0x8, 'big_key\x00'}, {0x6, 0x859, 0x1, 0x7, '{'}, {0x0, 0x3, 0x11, 0x7f, 'lomime_typevmnet0'}, {0x5, 0x98, 0x3, 0x2, 'syz'}]}, 0xe0)
keyctl$revoke(0x3, r0)
dup(0xffffffffffffffff)
ptrace$setopts(0xffffffffffffffff, 0x0, 0x0, 0x0)

[  717.572788][T12500]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  717.572805][T12500]  ? rcu_read_lock_any_held.part.0+0x50/0x50
20:01:59 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$netlink(0x10, 0x3, 0x0)
lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.nlink\x00', &(0x7f0000000080)={'L+', 0x6}, 0x16, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x100000100}, 0x1, 0x0, 0x0, 0x200010d0}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x14, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0x4}}}]}, 0x34}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r5}, @IFLA_LINKINFO={0x14, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0x4}}}]}, 0x3c}}, 0x0)

[  717.572819][T12500]  ? find_held_lock+0x35/0x130
[  717.572845][T12500]  ___sys_sendmsg+0x100/0x170
[  717.572864][T12500]  ? sendmsg_copy_msghdr+0x70/0x70
[  717.572882][T12500]  ? __kasan_check_read+0x11/0x20
[  717.572902][T12500]  ? __might_fault+0x12b/0x1e0
[  717.572917][T12500]  ? find_held_lock+0x35/0x130
[  717.572934][T12500]  ? __might_fault+0x12b/0x1e0
[  717.572952][T12500]  ? do_dup2+0x4f0/0x4f0
[  717.572979][T12500]  ? lock_downgrade+0x920/0x920
[  717.573007][T12500]  ? ___might_sleep+0x163/0x2c0
[  717.573028][T12500]  __sys_sendmmsg+0x1bf/0x4d0
[  717.573046][T12500]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  717.573084][T12500]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  717.573101][T12500]  ? fput_many+0x12c/0x1a0
[  717.573118][T12500]  ? fput+0x1b/0x20
[  717.573133][T12500]  ? ksys_write+0x1cf/0x290
[  717.573155][T12500]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  717.573172][T12500]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  717.573188][T12500]  ? do_syscall_64+0x26/0x790
[  717.573203][T12500]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  717.573217][T12500]  ? do_syscall_64+0x26/0x790
[  717.573236][T12500]  __x64_sys_sendmmsg+0x9d/0x100
[  717.573254][T12500]  do_syscall_64+0xfa/0x790
[  717.573273][T12500]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  717.573284][T12500] RIP: 0033:0x45a919
[  717.573300][T12500] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  717.573308][T12500] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  717.573324][T12500] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  717.573333][T12500] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  717.573341][T12500] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  717.573350][T12500] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  717.573360][T12500] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  717.653938][T12511] FAT-fs (loop2): bogus number of reserved sectors
[  717.653952][T12511] FAT-fs (loop2): Can't find a valid FAT filesystem
[  717.905156][T12533] FAULT_INJECTION: forcing a failure.
[  717.905156][T12533] name failslab, interval 1, probability 0, space 0, times 0
[  717.928010][T12533] CPU: 1 PID: 12533 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  717.987868][T12533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  717.987876][T12533] Call Trace:
[  717.987896][T12533]  dump_stack+0x197/0x210
[  717.987922][T12533]  should_fail.cold+0xa/0x10
[  718.021878][T12533]  ? is_bpf_text_address+0xac/0x160
[  718.021897][T12533]  ? setup_fault_attr+0x220/0x220
[  718.021923][T12533]  __should_failslab+0x121/0x190
[  718.038449][T12533]  should_failslab+0x9/0x14
[  718.038464][T12533]  kmem_cache_alloc+0x47/0x710
[  718.038480][T12533]  ? lock_acquire+0x190/0x410
[  718.038508][T12533]  ? net_tx_action+0xd30/0xd30
[  718.054440][T12533]  skb_clone+0x154/0x3d0
[  718.054462][T12533]  dev_queue_xmit_nit+0x3a1/0xaa0
[  718.054487][T12533]  dev_hard_start_xmit+0xbb/0x9b0
[  718.070442][T12533]  ? validate_xmit_skb_list+0xfc/0x150
[  718.070466][T12533]  sch_direct_xmit+0x372/0xd30
[  718.070488][T12533]  ? dev_watchdog+0xca0/0xca0
[  718.070510][T12533]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  718.070525][T12533]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  718.070543][T12533]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  718.070554][T12533]  ? sfb_dequeue+0x421/0x4d0
[  718.070576][T12533]  __qdisc_run+0x4bf/0x1770
[  718.083657][T12533]  __dev_queue_xmit+0x1650/0x35c0
[  718.083686][T12533]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  718.083711][T12533]  ? mark_held_locks+0xf0/0xf0
[  718.083729][T12533]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  718.083752][T12533]  ? debug_smp_processor_id+0x33/0x18a
20:02:00 executing program 2:
r0 = socket$kcm(0x29, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@setlink={0x50, 0x13, 0x41d, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_VFINFO_LIST={0x30, 0x16, [{0x2c, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x81000000}}]}]}]}, 0x50}}, 0x0)
lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'osx.', '/(\x00'})

[  718.106382][T12533]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  718.106402][T12533]  ? rcu_read_lock_held_common+0xbd/0x130
[  718.106426][T12533]  dev_queue_xmit+0x18/0x20
[  718.106441][T12533]  ? dev_queue_xmit+0x18/0x20
[  718.106457][T12533]  neigh_direct_output+0x16/0x20
[  718.106472][T12533]  ip6_finish_output2+0x109a/0x25c0
[  718.106503][T12533]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  718.125846][T12533]  ? lock_downgrade+0x920/0x920
[  718.135657][T12533]  ? netif_rx_ni+0x670/0x670
20:02:00 executing program 3 (fault-call:2 fault-nth:34):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  718.135677][T12533]  ? __kasan_check_read+0x11/0x20
[  718.135702][T12533]  __ip6_finish_output+0x444/0xaa0
[  718.156616][T12533]  ? __ip6_finish_output+0x444/0xaa0
[  718.156643][T12533]  ip6_finish_output+0x38/0x1f0
[  718.156661][T12533]  ip6_output+0x25e/0x880
[  718.156682][T12533]  ? ip6_finish_output+0x1f0/0x1f0
[  718.156703][T12533]  ? __ip6_finish_output+0xaa0/0xaa0
[  718.175641][T12533]  ? ip6_make_skb+0x370/0x570
[  718.175663][T12533]  ? ip_reply_glue_bits+0xc0/0xc0
[  718.175687][T12533]  ip6_local_out+0xbb/0x1b0
[  718.175712][T12533]  ip6_send_skb+0xbb/0x350
[  718.196263][T12533]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  718.196281][T12533]  ? ip6_forward_finish+0x570/0x570
[  718.196311][T12533]  udpv6_sendmsg+0x22f3/0x2b30
[  718.196328][T12533]  ? __kasan_check_write+0x14/0x20
[  718.196350][T12533]  ? ip_reply_glue_bits+0xc0/0xc0
[  718.208581][T12533]  ? udp_v6_get_port+0x6b0/0x6b0
[  718.208599][T12533]  ? __kasan_check_read+0x11/0x20
[  718.208615][T12533]  ? mark_lock+0xc2/0x1220
[  718.208637][T12533]  ? __kasan_check_read+0x11/0x20
[  718.208648][T12533]  ? mark_lock+0xc2/0x1220
[  718.208661][T12533]  ? __kasan_check_read+0x11/0x20
[  718.208684][T12533]  ? ___might_sleep+0x163/0x2c0
[  718.208706][T12533]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  718.208722][T12533]  ? aa_sk_perm+0x346/0xb00
[  718.208753][T12533]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  718.208777][T12533]  inet6_sendmsg+0x9e/0xe0
[  718.220554][T12533]  ? inet6_sendmsg+0x9e/0xe0
[  718.220571][T12533]  ? inet6_ioctl+0x1c0/0x1c0
[  718.220587][T12533]  sock_sendmsg+0xd7/0x130
[  718.220605][T12533]  ____sys_sendmsg+0x358/0x880
[  718.220624][T12533]  ? kernel_sendmsg+0x50/0x50
[  718.220641][T12533]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  718.220657][T12533]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  718.220670][T12533]  ? find_held_lock+0x35/0x130
[  718.220698][T12533]  ___sys_sendmsg+0x100/0x170
[  718.230990][T12533]  ? sendmsg_copy_msghdr+0x70/0x70
[  718.231011][T12533]  ? __kasan_check_read+0x11/0x20
[  718.231032][T12533]  ? __might_fault+0x12b/0x1e0
[  718.231054][T12533]  ? find_held_lock+0x35/0x130
[  718.241081][T12533]  ? __might_fault+0x12b/0x1e0
[  718.241100][T12533]  ? do_dup2+0x4f0/0x4f0
[  718.241121][T12533]  ? lock_downgrade+0x920/0x920
[  718.241148][T12533]  ? ___might_sleep+0x163/0x2c0
[  718.241171][T12533]  __sys_sendmmsg+0x1bf/0x4d0
[  718.241193][T12533]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  718.241228][T12533]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  718.241245][T12533]  ? fput_many+0x12c/0x1a0
[  718.241265][T12533]  ? fput+0x1b/0x20
[  718.253148][T12533]  ? ksys_write+0x1cf/0x290
[  718.253245][T12533]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  718.253271][T12533]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  718.253291][T12533]  ? do_syscall_64+0x26/0x790
[  718.253307][T12533]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  718.253320][T12533]  ? do_syscall_64+0x26/0x790
[  718.253346][T12533]  __x64_sys_sendmmsg+0x9d/0x100
[  718.266215][T12533]  do_syscall_64+0xfa/0x790
[  718.266238][T12533]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  718.266251][T12533] RIP: 0033:0x45a919
[  718.266269][T12533] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  718.266277][T12533] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  718.266298][T12533] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  718.275567][T12533] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  718.275577][T12533] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  718.275585][T12533] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  718.275593][T12533] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  718.397468][T12544] FAULT_INJECTION: forcing a failure.
[  718.397468][T12544] name failslab, interval 1, probability 0, space 0, times 0
[  718.414987][T12544] CPU: 1 PID: 12544 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  718.426861][T12544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  718.466953][T12544] Call Trace:
[  718.466975][T12544]  dump_stack+0x197/0x210
[  718.466999][T12544]  should_fail.cold+0xa/0x10
[  718.477749][T12544]  ? setup_fault_attr+0x220/0x220
[  718.477777][T12544]  ? ___might_sleep+0x163/0x2c0
[  718.487552][T12544]  __should_failslab+0x121/0x190
[  718.487577][T12544]  should_failslab+0x9/0x14
[  718.497477][T12544]  kmem_cache_alloc_node+0x268/0x740
[  718.497495][T12544]  ? __dev_queue_xmit+0x173f/0x35c0
[  718.497511][T12544]  ? trace_hardirqs_on+0x67/0x240
[  718.497533][T12544]  ? __dev_queue_xmit+0x173f/0x35c0
[  718.507044][T12544]  __alloc_skb+0xd5/0x5e0
[  718.507071][T12544]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  718.519880][T12544]  alloc_skb_with_frags+0x93/0x590
[  718.519897][T12544]  ? find_held_lock+0x35/0x130
[  718.519919][T12544]  sock_alloc_send_pskb+0x7ad/0x920
[  718.519944][T12544]  ? sock_wmalloc+0x120/0x120
[  718.519959][T12544]  ? __local_bh_enable_ip+0x15a/0x270
[  718.519975][T12544]  ? ip6_finish_output2+0x1106/0x25c0
[  718.519994][T12544]  ? ip6_mtu+0x2e6/0x450
[  718.529508][T12544]  ? find_held_lock+0x35/0x130
[  718.529530][T12544]  sock_alloc_send_skb+0x32/0x40
[  718.529550][T12544]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  718.529578][T12544]  ? ip_reply_glue_bits+0xc0/0xc0
[  718.540929][T12544]  ? ip6_setup_cork+0x1920/0x1920
[  718.540946][T12544]  ? ip6_flush_pending_frames+0xd0/0xd0
[  718.540962][T12544]  ? __kasan_check_read+0x11/0x20
[  718.540979][T12544]  ip6_make_skb+0x32f/0x570
[  718.540991][T12544]  ? ip_reply_glue_bits+0xc0/0xc0
[  718.541010][T12544]  ? ip_reply_glue_bits+0xc0/0xc0
[  718.549826][T12544]  ? ip6_push_pending_frames+0xf0/0xf0
[  718.549846][T12544]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  718.549863][T12544]  ? ip6_forward_finish+0x570/0x570
[  718.549877][T12544]  ? rcu_read_lock_held+0x9c/0xb0
[  718.549901][T12544]  udpv6_sendmsg+0x22a1/0x2b30
[  718.559864][T12544]  ? __kasan_check_write+0x14/0x20
[  718.559881][T12544]  ? ip_reply_glue_bits+0xc0/0xc0
[  718.559905][T12544]  ? udp_v6_get_port+0x6b0/0x6b0
[  718.559919][T12544]  ? __kasan_check_read+0x11/0x20
[  718.559931][T12544]  ? mark_lock+0xc2/0x1220
[  718.559952][T12544]  ? __kasan_check_read+0x11/0x20
[  718.570170][T12544]  ? mark_lock+0xc2/0x1220
[  718.570185][T12544]  ? __kasan_check_read+0x11/0x20
[  718.570206][T12544]  ? ___might_sleep+0x163/0x2c0
[  718.570229][T12544]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  718.570245][T12544]  ? aa_sk_perm+0x346/0xb00
[  718.570278][T12544]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  718.580994][T12544]  inet6_sendmsg+0x9e/0xe0
[  718.581009][T12544]  ? inet6_sendmsg+0x9e/0xe0
[  718.581025][T12544]  ? inet6_ioctl+0x1c0/0x1c0
[  718.581040][T12544]  sock_sendmsg+0xd7/0x130
[  718.581054][T12544]  ____sys_sendmsg+0x358/0x880
[  718.581073][T12544]  ? kernel_sendmsg+0x50/0x50
[  718.590536][T12544]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  718.590553][T12544]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  718.590566][T12544]  ? find_held_lock+0x35/0x130
[  718.590588][T12544]  ___sys_sendmsg+0x100/0x170
[  718.590607][T12544]  ? sendmsg_copy_msghdr+0x70/0x70
[  718.600380][T12544]  ? __kasan_check_read+0x11/0x20
[  718.600400][T12544]  ? __might_fault+0x12b/0x1e0
[  718.600414][T12544]  ? find_held_lock+0x35/0x130
[  718.600429][T12544]  ? __might_fault+0x12b/0x1e0
[  718.600446][T12544]  ? do_dup2+0x4f0/0x4f0
[  718.600462][T12544]  ? lock_downgrade+0x920/0x920
[  718.600489][T12544]  ? ___might_sleep+0x163/0x2c0
[  718.628528][T12544]  __sys_sendmmsg+0x1bf/0x4d0
[  718.628550][T12544]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  718.628588][T12544]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  718.628607][T12544]  ? fput_many+0x12c/0x1a0
[  718.628631][T12544]  ? fput+0x1b/0x20
[  718.644588][T12544]  ? ksys_write+0x1cf/0x290
[  718.644610][T12544]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  718.644624][T12544]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  718.644639][T12544]  ? do_syscall_64+0x26/0x790
[  718.644653][T12544]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  718.644667][T12544]  ? do_syscall_64+0x26/0x790
[  718.644685][T12544]  __x64_sys_sendmmsg+0x9d/0x100
[  718.644707][T12544]  do_syscall_64+0xfa/0x790
20:02:01 executing program 3 (fault-call:2 fault-nth:35):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  719.094776][T12544]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  719.094788][T12544] RIP: 0033:0x45a919
[  719.094803][T12544] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
20:02:01 executing program 3 (fault-call:2 fault-nth:36):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  719.094811][T12544] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  719.094824][T12544] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  719.094833][T12544] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  719.094842][T12544] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  719.094851][T12544] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  719.094860][T12544] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  719.171436][T12550] FAULT_INJECTION: forcing a failure.
[  719.171436][T12550] name failslab, interval 1, probability 0, space 0, times 0
[  719.171459][T12550] CPU: 1 PID: 12550 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  719.171469][T12550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  719.171474][T12550] Call Trace:
[  719.171494][T12550]  dump_stack+0x197/0x210
[  719.171525][T12550]  should_fail.cold+0xa/0x10
[  719.171550][T12550]  ? setup_fault_attr+0x220/0x220
[  719.171576][T12550]  ? ___might_sleep+0x163/0x2c0
[  719.171600][T12550]  __should_failslab+0x121/0x190
[  719.171626][T12550]  should_failslab+0x9/0x14
[  719.171642][T12550]  kmem_cache_alloc_node_trace+0x274/0x750
[  719.171661][T12550]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  719.171677][T12550]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  719.171700][T12550]  __kmalloc_node_track_caller+0x3d/0x70
[  719.171728][T12550]  __kmalloc_reserve.isra.0+0x40/0xf0
[  719.171748][T12550]  __alloc_skb+0x10b/0x5e0
[  719.171771][T12550]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  719.171794][T12550]  alloc_skb_with_frags+0x93/0x590
[  719.171811][T12550]  ? find_held_lock+0x35/0x130
[  719.171836][T12550]  sock_alloc_send_pskb+0x7ad/0x920
[  719.171867][T12550]  ? sock_wmalloc+0x120/0x120
[  719.171883][T12550]  ? __local_bh_enable_ip+0x15a/0x270
[  719.171899][T12550]  ? ip6_finish_output2+0x1106/0x25c0
[  719.171912][T12550]  ? ip6_mtu+0x2e6/0x450
[  719.171926][T12550]  ? find_held_lock+0x35/0x130
[  719.171950][T12550]  sock_alloc_send_skb+0x32/0x40
[  719.171968][T12550]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  719.171998][T12550]  ? ip_reply_glue_bits+0xc0/0xc0
[  719.172026][T12550]  ? ip6_setup_cork+0x1920/0x1920
[  719.172043][T12550]  ? ip6_flush_pending_frames+0xd0/0xd0
[  719.172055][T12550]  ? __kasan_check_read+0x11/0x20
[  719.172073][T12550]  ip6_make_skb+0x32f/0x570
[  719.172087][T12550]  ? ip_reply_glue_bits+0xc0/0xc0
[  719.172107][T12550]  ? ip_reply_glue_bits+0xc0/0xc0
[  719.172125][T12550]  ? ip6_push_pending_frames+0xf0/0xf0
[  719.172145][T12550]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  719.172163][T12550]  ? ip6_forward_finish+0x570/0x570
[  719.172177][T12550]  ? rcu_read_lock_held+0x9c/0xb0
[  719.172201][T12550]  udpv6_sendmsg+0x22a1/0x2b30
[  719.172216][T12550]  ? __kasan_check_write+0x14/0x20
[  719.172231][T12550]  ? ip_reply_glue_bits+0xc0/0xc0
[  719.172255][T12550]  ? udp_v6_get_port+0x6b0/0x6b0
[  719.172268][T12550]  ? __kasan_check_read+0x11/0x20
[  719.172282][T12550]  ? mark_lock+0xc2/0x1220
[  719.172303][T12550]  ? __kasan_check_read+0x11/0x20
[  719.172317][T12550]  ? mark_lock+0xc2/0x1220
[  719.172331][T12550]  ? __kasan_check_read+0x11/0x20
[  719.172352][T12550]  ? ___might_sleep+0x163/0x2c0
[  719.172375][T12550]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  719.172393][T12550]  ? aa_sk_perm+0x346/0xb00
[  719.172427][T12550]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  719.172451][T12550]  inet6_sendmsg+0x9e/0xe0
[  719.172468][T12550]  ? inet6_sendmsg+0x9e/0xe0
[  719.172485][T12550]  ? inet6_ioctl+0x1c0/0x1c0
[  719.172500][T12550]  sock_sendmsg+0xd7/0x130
[  719.172517][T12550]  ____sys_sendmsg+0x358/0x880
[  719.172536][T12550]  ? kernel_sendmsg+0x50/0x50
[  719.172552][T12550]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  719.172569][T12550]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  719.172583][T12550]  ? find_held_lock+0x35/0x130
[  719.172608][T12550]  ___sys_sendmsg+0x100/0x170
[  719.172635][T12550]  ? sendmsg_copy_msghdr+0x70/0x70
[  719.172653][T12550]  ? __kasan_check_read+0x11/0x20
[  719.172675][T12550]  ? __might_fault+0x12b/0x1e0
[  719.172691][T12550]  ? find_held_lock+0x35/0x130
[  719.172709][T12550]  ? __might_fault+0x12b/0x1e0
[  719.172733][T12550]  ? do_dup2+0x4f0/0x4f0
[  719.172752][T12550]  ? lock_downgrade+0x920/0x920
[  719.172780][T12550]  ? ___might_sleep+0x163/0x2c0
[  719.172800][T12550]  __sys_sendmmsg+0x1bf/0x4d0
[  719.172823][T12550]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  719.172865][T12550]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  719.172882][T12550]  ? fput_many+0x12c/0x1a0
[  719.172899][T12550]  ? fput+0x1b/0x20
[  719.172915][T12550]  ? ksys_write+0x1cf/0x290
[  719.172935][T12550]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  719.172952][T12550]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  719.172969][T12550]  ? do_syscall_64+0x26/0x790
[  719.172984][T12550]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  719.172999][T12550]  ? do_syscall_64+0x26/0x790
[  719.173020][T12550]  __x64_sys_sendmmsg+0x9d/0x100
[  719.173042][T12550]  do_syscall_64+0xfa/0x790
[  719.173060][T12550]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  719.173073][T12550] RIP: 0033:0x45a919
[  719.173091][T12550] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  719.173098][T12550] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  719.173114][T12550] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  719.173125][T12550] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  719.173134][T12550] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  719.173143][T12550] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  719.173152][T12550] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  719.250467][T12557] FAULT_INJECTION: forcing a failure.
[  719.250467][T12557] name failslab, interval 1, probability 0, space 0, times 0
[  719.267021][T12557] CPU: 1 PID: 12557 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  719.274977][T12557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  719.274989][T12557] Call Trace:
[  719.284890][T12557]  dump_stack+0x197/0x210
[  719.295635][T12557]  should_fail.cold+0xa/0x10
[  719.307405][T12557]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  719.318653][T12557]  ? setup_fault_attr+0x220/0x220
[  719.318671][T12557]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  719.318697][T12557]  __should_failslab+0x121/0x190
[  719.318724][T12557]  should_failslab+0x9/0x14
[  719.328836][T12557]  kmem_cache_alloc+0x47/0x710
[  719.328851][T12557]  ? __kasan_check_read+0x11/0x20
[  719.328873][T12557]  skb_clone+0x154/0x3d0
[  719.328890][T12557]  ip6_finish_output2+0x18be/0x25c0
[  719.328904][T12557]  ? ip6_mtu+0x2e6/0x450
[  719.328924][T12557]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  719.328937][T12557]  ? lock_downgrade+0x920/0x920
[  719.328954][T12557]  ? rcu_read_lock_held+0x9c/0xb0
[  719.328973][T12557]  ? __kasan_check_read+0x11/0x20
[  719.339008][T12557]  __ip6_finish_output+0x444/0xaa0
[  719.339024][T12557]  ? __ip6_finish_output+0x444/0xaa0
[  719.339043][T12557]  ip6_finish_output+0x38/0x1f0
[  719.339057][T12557]  ip6_output+0x25e/0x880
[  719.339077][T12557]  ? ip6_finish_output+0x1f0/0x1f0
[  719.349128][T12557]  ? __ip6_finish_output+0xaa0/0xaa0
[  719.349141][T12557]  ? ip6_make_skb+0x370/0x570
[  719.349157][T12557]  ? ip_reply_glue_bits+0xc0/0xc0
[  719.349177][T12557]  ip6_local_out+0xbb/0x1b0
[  719.349198][T12557]  ip6_send_skb+0xbb/0x350
[  719.360206][T12557]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  719.360222][T12557]  ? ip6_forward_finish+0x570/0x570
[  719.360246][T12557]  udpv6_sendmsg+0x22f3/0x2b30
[  719.360261][T12557]  ? finish_task_switch+0x147/0x750
[  719.360277][T12557]  ? ip_reply_glue_bits+0xc0/0xc0
[  719.360298][T12557]  ? udp_v6_get_port+0x6b0/0x6b0
[  719.360318][T12557]  ? lockdep_hardirqs_on+0x421/0x5e0
[  719.390380][T12557]  ? __kasan_check_read+0x11/0x20
[  719.400932][T12557]  ? mark_lock+0xc2/0x1220
[  719.400945][T12557]  ? finish_task_switch+0x147/0x750
[  719.400956][T12557]  ? finish_task_switch+0x119/0x750
[  719.400975][T12557]  ? ___might_sleep+0x163/0x2c0
[  719.401002][T12557]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  719.401018][T12557]  ? aa_sk_perm+0x346/0xb00
[  719.401052][T12557]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  719.401077][T12557]  inet6_sendmsg+0x9e/0xe0
[  719.426610][T12557]  ? inet6_sendmsg+0x9e/0xe0
[  719.437032][T12557]  ? inet6_ioctl+0x1c0/0x1c0
[  719.446885][T12557]  sock_sendmsg+0xd7/0x130
[  719.457118][T12557]  ____sys_sendmsg+0x358/0x880
[  719.466557][T12557]  ? kernel_sendmsg+0x50/0x50
[  719.475980][T12557]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  719.485846][T12557]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  719.496382][T12557]  ? find_held_lock+0x35/0x130
[  720.016382][T12557]  ___sys_sendmsg+0x100/0x170
[  720.016400][T12557]  ? sendmsg_copy_msghdr+0x70/0x70
[  720.016415][T12557]  ? __kasan_check_read+0x11/0x20
[  720.016433][T12557]  ? __might_fault+0x12b/0x1e0
[  720.016448][T12557]  ? find_held_lock+0x35/0x130
[  720.016463][T12557]  ? __might_fault+0x12b/0x1e0
[  720.016480][T12557]  ? do_dup2+0x4f0/0x4f0
[  720.016496][T12557]  ? lock_downgrade+0x920/0x920
[  720.016521][T12557]  ? ___might_sleep+0x163/0x2c0
[  720.016539][T12557]  __sys_sendmmsg+0x1bf/0x4d0
[  720.016558][T12557]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  720.016594][T12557]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  720.016610][T12557]  ? fput_many+0x12c/0x1a0
[  720.016627][T12557]  ? fput+0x1b/0x20
[  720.016640][T12557]  ? ksys_write+0x1cf/0x290
[  720.016663][T12557]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  720.093541][T12557]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  720.093556][T12557]  ? do_syscall_64+0x26/0x790
[  720.093571][T12557]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  720.093586][T12557]  ? do_syscall_64+0x26/0x790
[  720.093606][T12557]  __x64_sys_sendmmsg+0x9d/0x100
[  720.093626][T12557]  do_syscall_64+0xfa/0x790
[  720.093644][T12557]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  720.093655][T12557] RIP: 0033:0x45a919
[  720.093671][T12557] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  720.093679][T12557] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  720.093693][T12557] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  720.093701][T12557] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  720.093709][T12557] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  720.093718][T12557] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  720.093727][T12557] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:02:02 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(0xffffffffffffffff, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  720.528716][    C0] net_ratelimit: 18 callbacks suppressed
[  720.528724][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  720.540171][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  721.728733][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  721.734628][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  721.740544][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  721.746561][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  721.752878][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  721.758660][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  721.764518][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  721.770492][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  725.888631][    C0] net_ratelimit: 12 callbacks suppressed
[  725.888638][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  725.900320][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  725.906285][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  725.912134][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  725.917990][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  725.923838][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  725.929955][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  725.936091][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  726.768646][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  726.774582][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:02:09 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lookup_dcookie(0x0, 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f00000001c0)={0x101, 0xb55, 0x6, 0x5}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@dev}, {@in6=@mcast2, 0x0, 0x32}, @in=@multicast1, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}]}, 0x13c}}, 0x0)

20:02:09 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(0xffffffffffffffff, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:02:09 executing program 2:
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000000))
r2 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r3, &(0x7f0000000240)={0x0, 0x194, &(0x7f0000000040), 0x12c5, 0x0, 0x0, 0xe00}, 0x4000040)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x800, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r5, 0x110, 0x3)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc)
ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000080))
ioctl$TIOCOUTQ(r4, 0x5411, &(0x7f0000000040))

20:02:09 executing program 3 (fault-call:2 fault-nth:37):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:02:09 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
mount$fuseblk(&(0x7f0000000080)='/dev/loop0\x00', 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bsg\x00', 0x400, 0x0)
sendmsg$nl_crypto(r2, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x81000520}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=@getstat={0xe0, 0x15, 0x10, 0x70bd2b, 0x25dfdbfd, {{'cbc(camellia)\x00'}, [], [], 0x400, 0x400}, ["", "", "", "", "", "", "", ""]}, 0xe0}, 0x1, 0x0, 0x0, 0x80}, 0x20000890)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000b000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, &(0x7f00000000c0)="b805000000b9510000000f01c10f46a78900000066ba2100b067ee66ba4100edb9800000c00f3266ba400066ed0f30c4c271de9d0000000066b808008ed0660f38806f000f011c2666b8bf008ee0", 0x4e}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000240))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

20:02:09 executing program 4:
openat$capi20(0xffffffffffffff9c, &(0x7f0000000480)='/dev/capi20\x00', 0x0, 0x0)
r0 = socket$packet(0x11, 0x400000000002, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
r1 = socket$inet(0x2, 0x2000080001, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
r2 = socket$inet6(0xa, 0x3, 0x84)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000280)={r6}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f00000001c0)={r6, 0x2, 0x8001}, 0x8)
r7 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000280)={r8}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000180)={0x5, 0x4, 0x10001, 0xffffffff, r8}, 0x10)
sendmmsg(r2, &(0x7f00000092c0), 0x3fffffffffffe9f, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200)
r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r11, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r11, 0x4040aea4, &(0x7f0000000000)={0x4, 0x5, 0xa, 0x4, 0x35})
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b1}, &(0x7f0000000200), 0x0)

[  727.314092][T12580] FAULT_INJECTION: forcing a failure.
[  727.314092][T12580] name failslab, interval 1, probability 0, space 0, times 0
[  727.325338][T12582] Unknown ioctl 1074292226
[  727.326799][T12580] CPU: 1 PID: 12580 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  727.341069][T12580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  727.351138][T12580] Call Trace:
[  727.354621][T12580]  dump_stack+0x197/0x210
[  727.358978][T12580]  should_fail.cold+0xa/0x10
20:02:09 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480000, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x12285, 0x0)
ioctl$DRM_IOCTL_MARK_BUFS(r3, 0x40206417, &(0x7f0000000040)={0x3d8, 0x100, 0x0, 0x8000, 0x4, 0x2})
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  727.363594][T12580]  ? is_bpf_text_address+0xac/0x160
[  727.368824][T12580]  ? setup_fault_attr+0x220/0x220
[  727.373894][T12580]  __should_failslab+0x121/0x190
[  727.378866][T12580]  should_failslab+0x9/0x14
[  727.378882][T12580]  kmem_cache_alloc+0x47/0x710
[  727.378898][T12580]  ? lock_acquire+0x190/0x410
[  727.378914][T12580]  ? net_tx_action+0xd30/0xd30
[  727.378936][T12580]  skb_clone+0x154/0x3d0
[  727.402142][T12580]  dev_queue_xmit_nit+0x3a1/0xaa0
[  727.407178][T12580]  dev_hard_start_xmit+0xbb/0x9b0
[  727.412193][T12580]  ? validate_xmit_skb_list+0xfc/0x150
[  727.417642][T12580]  sch_direct_xmit+0x372/0xd30
[  727.422417][T12580]  ? dev_watchdog+0xca0/0xca0
[  727.427138][T12580]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  727.432703][T12580]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  727.438695][T12580]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  727.444967][T12580]  ? sfb_dequeue+0x421/0x4d0
[  727.449662][T12580]  __qdisc_run+0x4bf/0x1770
[  727.454172][T12580]  __dev_queue_xmit+0x1650/0x35c0
[  727.459190][T12580]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  727.464466][T12580]  ? mark_held_locks+0xf0/0xf0
[  727.469231][T12580]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  727.475468][T12580]  ? debug_smp_processor_id+0x33/0x18a
[  727.480946][T12580]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  727.487116][T12580]  ? rcu_read_lock_held_common+0xbd/0x130
[  727.492842][T12580]  dev_queue_xmit+0x18/0x20
[  727.497333][T12580]  ? dev_queue_xmit+0x18/0x20
[  727.502007][T12580]  neigh_direct_output+0x16/0x20
[  727.507157][T12580]  ip6_finish_output2+0x109a/0x25c0
[  727.512484][T12580]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  727.518192][T12580]  ? lock_downgrade+0x920/0x920
[  727.523086][T12580]  ? netif_rx_ni+0x670/0x670
[  727.527709][T12580]  ? __kasan_check_read+0x11/0x20
[  727.532801][T12580]  __ip6_finish_output+0x444/0xaa0
[  727.537968][T12580]  ? __ip6_finish_output+0x444/0xaa0
[  727.543250][T12580]  ip6_finish_output+0x38/0x1f0
[  727.548094][T12580]  ip6_output+0x25e/0x880
[  727.552480][T12580]  ? ip6_finish_output+0x1f0/0x1f0
[  727.557685][T12580]  ? __ip6_finish_output+0xaa0/0xaa0
[  727.562973][T12580]  ? ip6_make_skb+0x370/0x570
[  727.567646][T12580]  ? ip_reply_glue_bits+0xc0/0xc0
[  727.572672][T12580]  ip6_local_out+0xbb/0x1b0
[  727.577169][T12580]  ip6_send_skb+0xbb/0x350
[  727.581632][T12580]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  727.587092][T12580]  ? ip6_forward_finish+0x570/0x570
[  727.592282][T12580]  udpv6_sendmsg+0x22f3/0x2b30
[  727.597155][T12580]  ? __kasan_check_write+0x14/0x20
[  727.602258][T12580]  ? ip_reply_glue_bits+0xc0/0xc0
[  727.607282][T12580]  ? udp_v6_get_port+0x6b0/0x6b0
[  727.612259][T12580]  ? __kasan_check_read+0x11/0x20
[  727.617289][T12580]  ? mark_lock+0xc2/0x1220
[  727.621726][T12580]  ? __kasan_check_read+0x11/0x20
[  727.626750][T12580]  ? mark_lock+0xc2/0x1220
[  727.631164][T12580]  ? __kasan_check_read+0x11/0x20
[  727.636196][T12580]  ? ___might_sleep+0x163/0x2c0
[  727.641341][T12580]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  727.647001][T12580]  ? aa_sk_perm+0x346/0xb00
[  727.651534][T12580]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  727.657096][T12580]  inet6_sendmsg+0x9e/0xe0
[  727.661538][T12580]  ? inet6_sendmsg+0x9e/0xe0
[  727.666137][T12580]  ? inet6_ioctl+0x1c0/0x1c0
[  727.670721][T12580]  sock_sendmsg+0xd7/0x130
[  727.675132][T12580]  ____sys_sendmsg+0x358/0x880
[  727.679885][T12580]  ? kernel_sendmsg+0x50/0x50
[  727.684547][T12580]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  727.690078][T12580]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  727.696049][T12580]  ? find_held_lock+0x35/0x130
[  727.700805][T12580]  ___sys_sendmsg+0x100/0x170
[  727.705477][T12580]  ? sendmsg_copy_msghdr+0x70/0x70
[  727.710576][T12580]  ? __kasan_check_read+0x11/0x20
[  727.715612][T12580]  ? __might_fault+0x12b/0x1e0
[  727.720384][T12580]  ? find_held_lock+0x35/0x130
[  727.725133][T12580]  ? __might_fault+0x12b/0x1e0
[  727.729881][T12580]  ? do_dup2+0x4f0/0x4f0
[  727.734112][T12580]  ? lock_downgrade+0x920/0x920
[  727.738971][T12580]  ? ___might_sleep+0x163/0x2c0
[  727.743826][T12580]  __sys_sendmmsg+0x1bf/0x4d0
[  727.748501][T12580]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  727.753560][T12580]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  727.759882][T12580]  ? fput_many+0x12c/0x1a0
[  727.764306][T12580]  ? fput+0x1b/0x20
[  727.768105][T12580]  ? ksys_write+0x1cf/0x290
[  727.772686][T12580]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  727.778132][T12580]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  727.783666][T12580]  ? do_syscall_64+0x26/0x790
[  727.788434][T12580]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  727.794494][T12580]  ? do_syscall_64+0x26/0x790
[  727.799336][T12580]  __x64_sys_sendmmsg+0x9d/0x100
[  727.804288][T12580]  do_syscall_64+0xfa/0x790
[  727.808810][T12580]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  727.814698][T12580] RIP: 0033:0x45a919
[  727.818600][T12580] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  727.838404][T12580] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  727.846826][T12580] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  727.854787][T12580] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  727.862761][T12580] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  727.870842][T12580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  727.878999][T12580] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:02:10 executing program 3 (fault-call:2 fault-nth:38):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:02:10 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsetxattr$smack_xattr_label(0xffffffffffffffff, &(0x7f00000001c0)='seurity.UMACK64I1IN\x00\x00', 0x0, 0x0, 0x2)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x5, &(0x7f0000000040), 0x10)
accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000240))
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x5, &(0x7f0000000040), 0x10)
ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000100)=0x20, 0x4)
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x320, 0x0, [], [{0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x801, 0x0, 0x0, 0x1}]})
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self\x00', 0xa01, 0x0)
r3 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
sendfile(r2, r3, &(0x7f00000000c0)=0x7, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r7)
write$P9_RGETATTR(r4, &(0x7f0000000400)={0xa0, 0x19, 0x1, {0x5, {0x1, 0x1, 0x3}, 0x8, r5, r7, 0x1, 0x6, 0x8, 0x59c, 0xbef2, 0xffff, 0x1, 0x7, 0x2, 0x4, 0x4, 0x2, 0x7, 0x400, 0x80000000}}, 0xa0)

20:02:10 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480000, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x12285, 0x0)
ioctl$DRM_IOCTL_MARK_BUFS(r3, 0x40206417, &(0x7f0000000040)={0x3d8, 0x100, 0x0, 0x8000, 0x4, 0x2})
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  728.072311][T12596] FAULT_INJECTION: forcing a failure.
[  728.072311][T12596] name failslab, interval 1, probability 0, space 0, times 0
[  728.144747][T12596] CPU: 0 PID: 12596 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  728.154813][T12596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  728.165405][T12596] Call Trace:
[  728.168720][T12596]  dump_stack+0x197/0x210
[  728.173080][T12596]  should_fail.cold+0xa/0x10
[  728.177703][T12596]  ? setup_fault_attr+0x220/0x220
[  728.182753][T12596]  ? ___might_sleep+0x163/0x2c0
[  728.187979][T12596]  __should_failslab+0x121/0x190
[  728.192952][T12596]  should_failslab+0x9/0x14
[  728.197476][T12596]  kmem_cache_alloc_node+0x268/0x740
[  728.202785][T12596]  ? __dev_queue_xmit+0x173f/0x35c0
[  728.208002][T12596]  ? trace_hardirqs_on+0x67/0x240
[  728.213057][T12596]  ? __dev_queue_xmit+0x173f/0x35c0
[  728.218293][T12596]  __alloc_skb+0xd5/0x5e0
[  728.222638][T12596]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  728.228201][T12596]  alloc_skb_with_frags+0x93/0x590
[  728.233340][T12596]  ? find_held_lock+0x35/0x130
[  728.238119][T12596]  sock_alloc_send_pskb+0x7ad/0x920
[  728.243371][T12596]  ? sock_wmalloc+0x120/0x120
[  728.248072][T12596]  ? __local_bh_enable_ip+0x15a/0x270
[  728.253547][T12596]  ? ip6_finish_output2+0x1106/0x25c0
[  728.259009][T12596]  ? ip6_mtu+0x2e6/0x450
[  728.263259][T12596]  ? find_held_lock+0x35/0x130
[  728.268730][T12596]  sock_alloc_send_skb+0x32/0x40
[  728.273674][T12596]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  728.279433][T12596]  ? ip_reply_glue_bits+0xc0/0xc0
[  728.284572][T12596]  ? ip6_setup_cork+0x1920/0x1920
[  728.289694][T12596]  ? ip6_flush_pending_frames+0xd0/0xd0
[  728.295351][T12596]  ? __kasan_check_read+0x11/0x20
[  728.300429][T12596]  ip6_make_skb+0x32f/0x570
[  728.304963][T12596]  ? ip_reply_glue_bits+0xc0/0xc0
[  728.309999][T12596]  ? ip_reply_glue_bits+0xc0/0xc0
[  728.315726][T12596]  ? ip6_push_pending_frames+0xf0/0xf0
[  728.321384][T12596]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  728.327400][T12596]  ? ip6_forward_finish+0x570/0x570
[  728.332604][T12596]  ? rcu_read_lock_held+0x9c/0xb0
[  728.337669][T12596]  udpv6_sendmsg+0x22a1/0x2b30
[  728.342458][T12596]  ? ip_reply_glue_bits+0xc0/0xc0
[  728.347505][T12596]  ? udp_v6_get_port+0x6b0/0x6b0
[  728.352448][T12596]  ? finish_task_switch+0x147/0x750
[  728.357656][T12596]  ? _raw_spin_unlock_irq+0x23/0x80
[  728.362861][T12596]  ? lockdep_hardirqs_on+0x421/0x5e0
[  728.368158][T12596]  ? __kasan_check_read+0x11/0x20
[  728.373215][T12596]  ? mark_lock+0xc2/0x1220
[  728.377646][T12596]  ? ___might_sleep+0x163/0x2c0
[  728.382511][T12596]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  728.388145][T12596]  ? aa_sk_perm+0x346/0xb00
[  728.392673][T12596]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  728.398233][T12596]  inet6_sendmsg+0x9e/0xe0
[  728.402655][T12596]  ? inet6_sendmsg+0x9e/0xe0
[  728.407250][T12596]  ? inet6_ioctl+0x1c0/0x1c0
[  728.411841][T12596]  sock_sendmsg+0xd7/0x130
[  728.416266][T12596]  ____sys_sendmsg+0x358/0x880
[  728.421064][T12596]  ? kernel_sendmsg+0x50/0x50
[  728.425886][T12596]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  728.431519][T12596]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  728.437518][T12596]  ? find_held_lock+0x35/0x130
[  728.442305][T12596]  ___sys_sendmsg+0x100/0x170
[  728.447097][T12596]  ? sendmsg_copy_msghdr+0x70/0x70
[  728.452308][T12596]  ? __kasan_check_read+0x11/0x20
[  728.457343][T12596]  ? __might_fault+0x12b/0x1e0
[  728.462117][T12596]  ? find_held_lock+0x35/0x130
[  728.466885][T12596]  ? __might_fault+0x12b/0x1e0
[  728.471653][T12596]  ? do_dup2+0x4f0/0x4f0
[  728.475900][T12596]  ? lock_downgrade+0x920/0x920
[  728.480767][T12596]  ? ___might_sleep+0x163/0x2c0
[  728.485622][T12596]  __sys_sendmmsg+0x1bf/0x4d0
[  728.490314][T12596]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  728.495395][T12596]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  728.501669][T12596]  ? fput_many+0x12c/0x1a0
[  728.506105][T12596]  ? fput+0x1b/0x20
[  728.509938][T12596]  ? ksys_write+0x1cf/0x290
[  728.514457][T12596]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  728.519923][T12596]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  728.525388][T12596]  ? do_syscall_64+0x26/0x790
[  728.530436][T12596]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  728.536519][T12596]  ? do_syscall_64+0x26/0x790
[  728.541214][T12596]  __x64_sys_sendmmsg+0x9d/0x100
[  728.546162][T12596]  do_syscall_64+0xfa/0x790
[  728.550778][T12596]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  728.556673][T12596] RIP: 0033:0x45a919
[  728.560583][T12596] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  728.580374][T12596] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  728.588890][T12596] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  728.596884][T12596] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  728.604874][T12596] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  728.612865][T12596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  728.620941][T12596] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:02:10 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000000)={0x2})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c0000006500010700"/20, @ANYRES32, @ANYBLOB="00000000000000000000000008000b00c9000000"], 0x2c}}, 0x0)
flock(r0, 0x1)
r2 = socket(0x1000000010, 0x80003, 0x0)
sendmmsg$alg(r2, &(0x7f0000000100), 0x4924924924926ed, 0x0)

20:02:10 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480000, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x12285, 0x0)
ioctl$DRM_IOCTL_MARK_BUFS(r3, 0x40206417, &(0x7f0000000040)={0x3d8, 0x100, 0x0, 0x8000, 0x4, 0x2})
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  730.928665][    C0] net_ratelimit: 18 callbacks suppressed
[  730.928673][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  730.940188][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  732.128689][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  732.128776][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  732.128882][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  732.145964][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  732.151755][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  732.157490][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  732.163522][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  732.169282][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  736.288672][    C0] net_ratelimit: 12 callbacks suppressed
[  736.288678][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  736.300261][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  736.306092][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  736.311977][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  736.317821][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  736.323595][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  736.329421][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  736.335159][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  737.168635][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  737.174491][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:02:20 executing program 4:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
pipe(&(0x7f0000000380)={<r1=>0xffffffffffffffff})
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000200)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7fe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f00000001c0)='./file1\x00', 0x0)
write$binfmt_script(r2, &(0x7f0000000740)=ANY=[@ANYPTR64=&(0x7f0000000000)=ANY=[@ANYPTR64=&(0x7f0000001a00)=ANY=[@ANYBLOB="ad4fdeb1ceec4f13855bf716e77d8ef1d2b7807fa0483afea20cedeea293d1287ef4f5d013dcda414a13d7abe5858f7c043944097cf8e872301c4bfa57b3716137aa2b94d98a6fe58cb0c74861bf627ce836aa9b776dd277cb016bbedd1af01a97bdcbec7ae769c04d0a6460edb253151076e0a340efdc764e58a41953e8a7971bc9635f102b58fd411c27c9e959e66045f50ed08ceb9ed0c61161e952ff4f9a1740a0606573bfa2b8318fa916f334ffcb99220638b1bb7a7c8106002ab3fe5c771de4665180695fde30234e5d55801839be526670d0c2b2a63c6b5d86732a1cceb8d941dd18ce1be2a7fc0b5686e9ad9126d32c46418a307f2119a2e57f2bbdd6c2862bc3ae8d7f1f3cda9aaba5956d2852b6dfcad5be00a5c1d21c4e24f5c5c82edf1bb98685baca329f5902b8146d871eb41ba70a01ea4cd67c5c553cbe61aec296336942c03b4431d17fec11227d7e974b0ae9afd68dcb5adebdca4d91650335acb7d0b2b342c5bb286cfc6988ef63826abbc3882ee305e6b901f8eee4dce7b7885b6bfe4d380543c9dfa7187eaac2eeeb82e46328b170432f87f47f7334b9f14b601471aa25007daba26cbcd070d5a5593ec95bd80c5fc7efb45cd63ca68a111b765a1bbb65340eb38335b2d5df927a8d462af1d3d145baf9091602f948155575c0e709fed6aa38fab43039e164b959a3fc0dd52a04da66b31a0e9587946ab07b902fae5e2f77506e60013a3c2b77f460d758f50b680dd7c2ef28d50841dcdee2db82d58d2bf2d0f54a4a421e2dd5ed708667aeca562f1d3321698a83e973981577419b909f47bd2dd52d194b3c47e583b2a6e69d6b6890f8b8e71858cfcc5d491af639c35ce8c270c53b593e641c83b54cff0ab1554fb2aacbffce9107e359527e989dc978f6dc919e87876ae9152cc0045453717e55503d2092197ab655ed82c50d5348b561378c914756fc5b6b638cc2cde6e875266c3b89bc5dd6672da192d326331b2616c327dd66afec4c1d6ab45c6536910abed928076bdc4af0a9f5d99e7182ee14ee6c84e263fc633f3e232602ab86dac5e80b214db47fd4f8a559ba096fcd77e2356a10ca0e4394532e8cb6b342ea28dab17e5199140096b3485c5bb157c254e99931252044a9ee41ff2e4452ac448833675e2e7cbd755fece6ae2f4d9f35caadfe2b288aa75237141047c45cb9cccc0fc06160125559d721ffcd1046603365bda7432aa35d7d868121823c14f0b539681ebadfbfea311e0793fc9e6ed385c57c87ee0cac84143b19269874fa889988164f7238e7db46e818abab602a46148fb5b027d02a32b496f84ea1f86c75e3e0140f40f557ded9bbff91171a5c748129ad314fd838f2444c3ae9985c555b5416210cd0c51fcb4b8cd403a6c61f5bb36f964e88b8d01fea870cdf9477bd019a345f581ef47962d6301c318a833a7356abdb4293ad8e0984f0aa9efe98846448d9d6aa251e6ca14ae91f644a0311cefe505de96502874ceadf292dd6a286a32a9399a4923b3c233ef2039775ef2c5cab1b326b62125eb69fda19468aab3d22c939a513b146371f2fe7a2c58bd7f40b17fb43602ec1624c91854e165fa4693b6b9c73946932537966be6360035ebfe97de02c3914042a02085ef3f50382051d9edbf499bb10753607fdaeb13b10b6951938cfd37c48660027822ffd2f5e0610e47ff745a8dfb7438b83625697bcefa53840c9d7800631b01d3dd88246641a6626d77860db1bd806844b2f933c16f4f325cc0dfd9e6e4da73534a100c4aa1a72cc31c4e78ca94ae999a1dcfa625a8511494f9696e4af3ccf5e329c80bd4c51215ccbd1487d1c69ebe0ec1e4b30d2beb7806ef09ad102851c8d96078a18a669475f080e37116c6e6396da891e07751408923e820629759e38867e3127bd779bb23770033e8dafc6de8a987f7201931a0b9aac6e0f237c557bb482152f7b3e1ade34f2adc1b2c8d662e344ceaa7211fb2b905535a4ba8977fd67a7bd92a5560a0472b1478a6790c29f62f545a22551213ae74bd920c245b8c76e1c0ef67698c9836128f931338e9ebfd74882fc0e75be3a75a1273a6f4c3c35c90ca5e593abaca4dfa15e83b63ff062ce25d0d420b538a02ca25f676c879fec429d72c808379f8d7b3b1b8036854a938f4ee04d61eef12f0181e1ebb7b6dbfe8092ef7ef2cecf68f25e5fd68c3b8d158a5dc4b49b1ac1d24a0afd2121b50fae381ad6b6a7862e12cea17ac060f1cdd0a8619aad5038011cb7f65796efe28b58eaa2ba1d96c576af3df197a0fba2d77569a3afbbabf8ebf15e13b296eb1cb94bcf34377d0a85f862e47156942d901d9f64d3e65f328d0c182e91dc12c43914c0420c72a54df8b526bf2af9c8dff6adb6ef6b3f3281d1b3b61fa41daa9dc64662797b3ccf4d6274eb748c5f8b66fa65e7af10e199cd6aa3e17fa48927f396db2f44265fe1a178b129d7e936906dc3c6a3f32d6ca844529529840bdb7288e042f9c1c21ad45626d2d67b203c1b77e1bea6eaf14fadd8bfccb8c64b0f97c99d867116bf4c0fab67ffd6aff9c68acb6ef96782e3e8863ae27408a9bb35dfdcbdebab5262df0a19b681e7aac36ad83cf9bc93fa68ae13cd9b7954dedc9f192fad98030549625e586baacd4d7cdde33f39cb24fac79d1c781bd6c0ffd3887c4f387136a705236c07fc1948bd2f5b30b355089937ed7f6750c93c78d1d50c2896b3acaa366c5dff069bd46c203dc8ed7e329caa9bcb2b791a610147654131233e7d2e33342092fdaa1c84ea2622e3ab5a64a5d1faf9ee3e63686d0e97e39c8208bb75196ac43f5dd7e749d7d32c663bf0c9f8bf7413d0d1f39ca3427f0d8df01ae5c02e4bb1bf11ff4f5607dacc9643034b80a4ef066540257860ba225540fe612fa92cc3f8e7c645a1422de1bf7c4326675d5eba98bc5b8569a27577d63436d708a4c37327c97b32e68654aa073feb1fcc20bad02336ffc05156ad89092bd75fdbe5fe316c30b74a6d29f490fa5cd69e79412852e596c34d4a9bac4f2f68959a1b384cb6e9458fea4784c81e5eaa15b7dd4dfc936cbabf87c8cf6452ba517ce5c30340b30da427ee7edb0b1a4b966c1a6483540cd119ae3707b88c6378d4b8cf098b874d55e9c23e90103e39fce12dc516f298d6e3dc3df5960de2fed8b9cec713af74053177f9c35bcb5280ee77ca13265bdaed512472ebe4ff7869af3e2a7404893bcce6b81dc9a8c2636c79d66de7c79caf998ae440e3b20576acf777330949adfa1f2bd6b2a29964d54781e1a7f9c617583da591b430e982c1d26ae76fd90297a284197a5dd33693795eae67a2f99dab97f0e0d00dcec70f0b5f857ac8cc61c6e17debf78d269328d2cec624a2b81e82cfef801a08771626ef3f9f92257324eb57e89ef4422b4d204aa615b933049482bb2f9f7080725f502d84533d86d2a388a05e7276d37508b07928bd928e75a257fea8622072c267d2bae7b964c51ab268889e6e307219e2d50508405b13f29b2e854fea7161dd15500f12c2783165374c9a9dfa50e33a0fdeca1259086d23cface6618599c7c200d39c288c160e7dbfd191474a502b0ebf5120b5329dbd5d11af2406f760d27fcbf027a59e9c14eb16fbd1d02c878f5d689d2b988fa2d197ae1ba8f30e69391b10a8fcb8e404ea626fe0811d7d03699c7ac056ee39a5d738d2c10cb555ea6dfa77791387ec9e8188b9ccf649b0f2d05c24ceead8f5c87d144c05b5e8e22b1c06864d4a280fc485d2614a45c8d64760aab94407aebbe3b88dd083a5f0a4fa7aaccdc29820da4c903ba857f6e3f81aa266f9b3fa35c43e5d53f25d59c395723724ccb639835394f2695ba1886ad9196adfec5c62b4438f033f5bdbba6e35327ebcb48e243470d6f62f2be7e56f957a5ca962de6e6ebcd7300fb233df0657b9d7ac0a74318464d5ee30271060f305ac87469d0beee8bef930720114dd6360f98833c64cb49889ea6dc7e898fd79f0b99e6290092a2487cb622adeaed1b4ac697d256b4a9b03515d6ae4472320d96b072d95e66328ea30ae1710be4acdd341f0ee4d9cf229052d641adbc20d8df26d73b416bddae68c5d598649246965802ef0d683619a7ae24f29d1c7c14625e0be95ceb66b5c95cb0ab6be4ce9b988ea598b78492d7b1672962abcba247208be6a01cdb13f472146877d462ee73f48d7b305e9697504137fb08c0abe19d4db44bb2398ca4c9e8400a7f54d10ec2b900984e2908105db9c02466903282bb3c35963775dcbdcff353aeea3da8ab1e61784df15ecbbf99062c2ac43aad3985392527d2a2fe05c839cee17f24b918725b9c214786fef1958f2a74d8413e3da89b24c93d2126a08cc54f5f49ddd08f56de8e8eb5197b3b3a01ced9cb8319976794ccc0590a48d04355df50cbe813a902d84a67332ca2d68838bb5013e2cd7e1509118246dfead9ebda85ca3eac12b8be71485533ff27f07e57f842871459c44f53a9108bd4e3e218c33098420c180e26939334af8b0df5e671579d0f4192d2c6bd605edc228f20a836950176d638e7c30285da9d8fc442a53ce0de5090500fadd89f8ca84610d3860dd09482ea057c3cebcbd70d82a1f1896c693c52dc8af5b31f36750e48d4ac50d8a57e5fef7d3abd0a36853dd232b8d751f0f877edf82e2a8c90f9f827be66ff3c6260009969d31f11628c5b54ffb969607ef83095ba632109092dc7e575b4b7c0c363750c46ebf95f8e77e118fc7f92d01c4cbeacc08f0dadc7d6247fbfa91220ed8c4cdc7e4cd567fa485dd3cae0135bac1cbfbefa94af1218a53fa796839576b49ae32b02debbfb3f211aca0c5f95356324610b1a9c48961043ff2a28389310906508a9c234b16aae7fb86e3b989bd908467ef0508a30343a53b778d974287524527e705d777fa3e18f5dc10c4e5348996b43249259c0a2395d15eefb91f10df2b676b52296a605eb7e9a007c3a8b2422c331af5629de9af7b523f8e967cad62d14a837ab268e31c4df3c82ebac6dc7f2082a2b91b46b38f0e6a218e6373aebba78dcdadc6c22a807d1588ecf1eb827376b30bc7b0720c36d14c5e7f9b9a1a96afe4d01a47d1c31915756dff5d37e77e52a03a79ef2283ee5b5edcdd6bc62e68ef68a5757eee075fbc924f02f48af4e4ba1b6fa060375fa9fdcfb5bd99329d24d2b3168c77cf03b33502c3e992c02cfeb8cec2158bb79d0c47c42417a9924e484bcf2419a716ac714c56d6a55523a51ea6bf8124139c97e2b0789f13e7efe6b29d43e929963628aab6d705a5f61acd3c538353bee72808126286f48aaf828e902d81755dd40cb08f76d5c3def69f9f95079dac08971fa4f1677537de284fdbbcc74df49ad8ccd71dfa74031eedfd912632c564b1a61e3fe90a101cbb383e302c978ee630364c6e1139e66665b8b641bca0b192cda7a44b234a0177962451c88cbca454628b7f2fcaa7aa767e973261ae5bdcad7f7579c52a6afa02b7c56ac23f6451970e25c0c5eb423882086ae1e63eef6e47275727b817fe3e0d3672e8501be5c4b20dd1514d886eb21eb1542f398ca7dc0fbdbe8760968fb45a1e350fcc6236099231d520af848a5854eb11d7941214359c2c0982f329d49351d13778317ee3738765f1691c3c678db44e151ca9a87d983293738757b2fdb1516dde4d8517ea863381aaa6dbfa230f26ba8302d8c0d73d321f215d6db5ce6977466727a8a6e59239d053adc98cedee58f168e5e06024b652fd3edb107c5971019a607450d64e1aca3c29a05c58dee620"]], @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="0b7327a2e7a43579d73f51e4f04b40aba82d39d236ab989147a178c6fb1fb00000000000000004ce37fba68eb5d4d0c814f800b8421a484e5f05a03b291771f7687d63f44d4d868a2bf9e07a4bbe73396b90dbe52f52106d87ad88ee56d6af40aef26196cd375f691949aa8cb205b24edd346ff77ca97da9126599b615fad814efc0d9327f8ba09cb24b4bdbba76d2c1bedca41e51503f7b1e8a676c055f0d56e2628f857e7047669f7bc6046fa52af301857759c048ef24020a8a7bae4efd0d058796f1b92f3a76766b8dcbbf5c103f1c2e4076a0c4849546d488dfd889fa9ca42a39af1cd1a6566eee46aad9f35140be774ed849486f2872df796e884a082a08a1c4dd5b13d7aa0c9f11a30bbc97c934664d682e23db2352d4f27e3a0010000000001946eb6733004b9d2cda7f46cbb5b6a601ac72efbb9c5b3b9ce715aa47ce61f68ad4c8f26ed41ad87b056b76bb42878af640d581490dc8635acbbd8e50c3fe8f053e57fbf39ac262f840b3f097950101a5e0da5a761d531bf988ce111f0ebeadc486d6d0ac28fb5fa7ff4b3c509285c5c4c084a9cd7a4bf968b7c4e223463bff9140fe011e9b9e1a6660054937be2414607cc3c5d997a2639fc6019f03007bf6802a0e61ea5f7da0e140e44aa4e2e40b039f9d82020855ad902d8bff0f000000000000c785add59370d92fa10800ebcda26b85fe669d02e73f68bbd55f6e8dfd026c931761e148dd6f2037f530cdb9d5aaf7389bd2536237ba8d254c1fb713e5d1f81e5242c0c016750e4f092f44a8d38671d3053007ffa5dcef4c022891a4e620981cd247b1590952c337b211f85accda96a1edb82100a973d1981f8904e6268c5e89d6323ca5379a689120c999e464965613d43f2ee42ec539256d"], 0x29d)
openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0xffff, 0x5, 0x8000, 0x6}})
fallocate(r2, 0x8, 0x0, 0x7ffe)

20:02:20 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsetxattr$smack_xattr_label(0xffffffffffffffff, &(0x7f00000001c0)='seurity.UMACK64I1IN\x00\x00', 0x0, 0x0, 0x2)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x5, &(0x7f0000000040), 0x10)
accept$unix(0xffffffffffffffff, 0x0, &(0x7f0000000240))
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x5, &(0x7f0000000040), 0x10)
ioctl$SIOCX25GCAUSEDIAG(0xffffffffffffffff, 0x89e6, 0x0)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000100)=0x20, 0x4)
r1 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000340)={0x0, 0x0, 0x320, 0x0, [], [{0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x801, 0x0, 0x0, 0x1}]})
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self\x00', 0xa01, 0x0)
r3 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
sendfile(r2, r3, &(0x7f00000000c0)=0x7, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600)
fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r7)
write$P9_RGETATTR(r4, &(0x7f0000000400)={0xa0, 0x19, 0x1, {0x5, {0x1, 0x1, 0x3}, 0x8, r5, r7, 0x1, 0x6, 0x8, 0x59c, 0xbef2, 0xffff, 0x1, 0x7, 0x2, 0x4, 0x4, 0x2, 0x7, 0x400, 0x80000000}}, 0xa0)

20:02:20 executing program 3 (fault-call:2 fault-nth:39):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:02:20 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480000, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x12285, 0x0)
ioctl$DRM_IOCTL_MARK_BUFS(r3, 0x40206417, &(0x7f0000000040)={0x3d8, 0x100, 0x0, 0x8000, 0x4, 0x2})
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:20 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(0xffffffffffffffff, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:02:20 executing program 5:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000100))
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r1, 0x4, 0xffffffffffffffff, 0x8)
r2 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r2, 0x4, 0xffffffffffffffff, 0x8)
r3 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r3, 0x4, 0xffffffffffffffff, 0x8)
r4 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r4, 0x4, 0xffffffffffffffff, 0x8)
r5 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r5, 0x4, 0xffffffffffffffff, 0x8)
clone3(&(0x7f00000003c0)={0x20000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000280)=<r6=>0x0, {0x38}, &(0x7f00000002c0)=""/9, 0x9, &(0x7f0000000300)=""/106, &(0x7f0000000380)=[r1, r2, 0x0, r3, 0x0, r4, 0x0, r5], 0x8}, 0x50)
ioprio_set$pid(0x4, r6, 0x100)
clone(0x801480ff, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r7 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000000000)=<r8=>0x0)
io_destroy(r8)
r9 = openat$cgroup_procs(r7, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000140), 0x12)

[  738.759158][T12629] FAULT_INJECTION: forcing a failure.
[  738.759158][T12629] name failslab, interval 1, probability 0, space 0, times 0
[  738.809931][T12629] CPU: 0 PID: 12629 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  738.819963][T12629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  738.830033][T12629] Call Trace:
[  738.833338][T12629]  dump_stack+0x197/0x210
[  738.837683][T12629]  should_fail.cold+0xa/0x10
[  738.842290][T12629]  ? setup_fault_attr+0x220/0x220
[  738.847323][T12629]  ? ___might_sleep+0x163/0x2c0
[  738.852184][T12629]  __should_failslab+0x121/0x190
[  738.857139][T12629]  should_failslab+0x9/0x14
[  738.861681][T12629]  kmem_cache_alloc_node_trace+0x274/0x750
[  738.867512][T12629]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  738.873500][T12629]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  738.879317][T12629]  __kmalloc_node_track_caller+0x3d/0x70
[  738.884963][T12629]  __kmalloc_reserve.isra.0+0x40/0xf0
[  738.890367][T12629]  __alloc_skb+0x10b/0x5e0
[  738.894796][T12629]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  738.900368][T12629]  alloc_skb_with_frags+0x93/0x590
[  738.905483][T12629]  ? find_held_lock+0x35/0x130
[  738.910260][T12629]  sock_alloc_send_pskb+0x7ad/0x920
[  738.915475][T12629]  ? sock_wmalloc+0x120/0x120
[  738.920155][T12629]  ? __local_bh_enable_ip+0x15a/0x270
[  738.925530][T12629]  ? ip6_finish_output2+0x1106/0x25c0
[  738.930908][T12629]  ? ip6_mtu+0x2e6/0x450
[  738.935236][T12629]  ? find_held_lock+0x35/0x130
[  738.940009][T12629]  sock_alloc_send_skb+0x32/0x40
[  738.944951][T12629]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  738.950680][T12629]  ? ip_reply_glue_bits+0xc0/0xc0
[  738.955716][T12629]  ? ip6_setup_cork+0x1920/0x1920
[  738.960747][T12629]  ? ip6_flush_pending_frames+0xd0/0xd0
[  738.966289][T12629]  ? __kasan_check_read+0x11/0x20
[  738.971320][T12629]  ip6_make_skb+0x32f/0x570
[  738.975823][T12629]  ? ip_reply_glue_bits+0xc0/0xc0
[  738.980859][T12629]  ? ip_reply_glue_bits+0xc0/0xc0
[  738.985884][T12629]  ? ip6_push_pending_frames+0xf0/0xf0
[  738.991353][T12629]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  738.996900][T12629]  ? ip6_forward_finish+0x570/0x570
[  739.002102][T12629]  ? rcu_read_lock_held+0x9c/0xb0
[  739.007136][T12629]  udpv6_sendmsg+0x22a1/0x2b30
[  739.011924][T12629]  ? __kasan_check_write+0x14/0x20
[  739.017037][T12629]  ? ip_reply_glue_bits+0xc0/0xc0
[  739.022073][T12629]  ? udp_v6_get_port+0x6b0/0x6b0
[  739.027012][T12629]  ? __kasan_check_read+0x11/0x20
[  739.032038][T12629]  ? mark_lock+0xc2/0x1220
[  739.036466][T12629]  ? __kasan_check_read+0x11/0x20
[  739.041648][T12629]  ? mark_lock+0xc2/0x1220
[  739.046175][T12629]  ? __kasan_check_read+0x11/0x20
[  739.051240][T12629]  ? ___might_sleep+0x163/0x2c0
[  739.056125][T12629]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  739.061787][T12629]  ? aa_sk_perm+0x346/0xb00
[  739.066319][T12629]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  739.071876][T12629]  inet6_sendmsg+0x9e/0xe0
[  739.076294][T12629]  ? inet6_sendmsg+0x9e/0xe0
[  739.080890][T12629]  ? inet6_ioctl+0x1c0/0x1c0
[  739.085501][T12629]  sock_sendmsg+0xd7/0x130
[  739.089920][T12629]  ____sys_sendmsg+0x358/0x880
[  739.094686][T12629]  ? kernel_sendmsg+0x50/0x50
[  739.099372][T12629]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  739.104942][T12629]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  739.110920][T12629]  ? find_held_lock+0x35/0x130
[  739.115707][T12629]  ___sys_sendmsg+0x100/0x170
[  739.120397][T12629]  ? sendmsg_copy_msghdr+0x70/0x70
[  739.125518][T12629]  ? __kasan_check_read+0x11/0x20
[  739.130756][T12629]  ? __might_fault+0x12b/0x1e0
[  739.135623][T12629]  ? find_held_lock+0x35/0x130
[  739.140445][T12629]  ? __might_fault+0x12b/0x1e0
[  739.145222][T12629]  ? do_dup2+0x4f0/0x4f0
[  739.149482][T12629]  ? lock_downgrade+0x920/0x920
[  739.154359][T12629]  ? ___might_sleep+0x163/0x2c0
[  739.159322][T12629]  __sys_sendmmsg+0x1bf/0x4d0
[  739.164024][T12629]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  739.169269][T12629]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  739.175814][T12629]  ? fput_many+0x12c/0x1a0
[  739.180261][T12629]  ? fput+0x1b/0x20
[  739.184209][T12629]  ? ksys_write+0x1cf/0x290
[  739.188743][T12629]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  739.194597][T12629]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  739.200180][T12629]  ? do_syscall_64+0x26/0x790
[  739.204893][T12629]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  739.210981][T12629]  ? do_syscall_64+0x26/0x790
[  739.215698][T12629]  __x64_sys_sendmmsg+0x9d/0x100
[  739.220671][T12629]  do_syscall_64+0xfa/0x790
[  739.225187][T12629]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  739.231098][T12629] RIP: 0033:0x45a919
[  739.235020][T12629] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  739.254947][T12629] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  739.263845][T12629] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  739.271835][T12629] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  739.279831][T12629] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  739.288510][T12629] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  739.296589][T12629] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:02:21 executing program 0:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfec8)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x14, 0x4, @tid=r3}, &(0x7f0000044000))
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r4=>0x0})
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x208100, 0x0)
r6 = gettid()
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff})
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = getpid()
sched_setscheduler(r9, 0x5, &(0x7f0000000380))
r10 = dup(0xffffffffffffffff)
setsockopt$packet_int(r10, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d)
r11 = getpgrp(0x0)
capget(&(0x7f0000000000)={0x0, r11}, 0x0)
r12 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r10, 0x5452, &(0x7f0000000040))
r13 = timerfd_create(0x7, 0x0)
timerfd_settime(r10, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)
timerfd_settime(r13, 0x0, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
fcntl$getownex(r13, 0x10, &(0x7f0000000280)={0x0, <r14=>0x0})
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r15, &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000c40)=ANY=[], 0x0, 0x1)
r16 = socket(0xa, 0x3, 0x8)
r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000)
ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4})
write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x40000000, &(0x7f0000000040)={<r18=>0xffffffffffffffff}, 0x0, 0x5}}, 0x2cb)
r19 = gettid()
waitid(0x83b895581628fca4, r14, &(0x7f0000000040), 0x4, &(0x7f0000000b00))
sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r19]], 0xfffffffffffffe56}}, 0x20004850)
r20 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
r21 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x9a0efa2b65aacb27)
r22 = dup2(r21, r20)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r22, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00'})
r23 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r23)
r24 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x40)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
getsockopt$sock_cred(r25, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r26 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r26, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
writev(r26, &(0x7f0000000900)=[{&(0x7f0000000d40)="f9fd9e7d96c6d812d08c525187bddcfdbe09c74978d31ac33ad4c0d90aa376a907bce26a502ae2403ad24f8d48773dfafb9f6ddabe8ac5c091d0329673a3bc6aab2aa8be0386af70d2e5f4dde9356a804c1c3e9057b03bfd27695c752c5723a8b1968e00dd040000003a100e6575124cf06586399a105a888faa8ecd57bef2547d181da0e3b67e50846bf25c35cdbb755e40ac6bd8d01a598f2afcaf50dc2b969e6600c51d49a4b1fa30dc4d275a6beafb6c42474d947121bae099faf7ff2e06225a074f821a6d4a08576eac29988a47f88b21da61df3ac3893810de53e254ec89c1eb19a1de073c6ad8e452c991f67007b6f27ebe62d9bd3646bca360b9d5de4686a92f18aa40bd3e53bc13966f"}, {&(0x7f0000000a00)="aa569e3bf2b03b68c3ea8388d4a91a6df2ec7ccd24b3313c69ff4474d35dcf480dc912d299228515bb8662e320bba0d1feb227eedb9c87b8d6f224b31954dd7b517e15b89ea5ff7567d4be259722328a2b0e1c231983420697279917fbbccaff79962876e840e7df6ec74dce5daec6ef55b585bf2d8c7fb9086e6f67068f349d5f0900f62c02e7f2f304cc581f715d6e32b5149278b777403df8fe1b8615c0d60cba1e594ddc06f9e41f8df6738c9494f59bce2300feb292c0ade25c7522217e12da91c9a4c5d93e9b7677ddb799b866086c3a327e6d8014000fbea11e4119fc9035c8", 0x112}, {&(0x7f0000000bc0)="818e4f40430bae5993b169ea30a4299c3c6ac96331243791d88cde71688d6dac799e066741f083f368487ff564cf95b9cbefd4a233f8d4bc796d1e224c167f40d2ac4f5722c39bffd3270d365d9bb4e9c6385c97fe0538bec1bdb448a899c3"}, {&(0x7f00000005c0)="b5f8b3f49c71600edf19", 0x9f}], 0x10000000000001ca)
ioctl$SG_GET_REQUEST_TABLE(r24, 0x227d, &(0x7f0000000780))
kcmp(r23, r19, 0x0, 0xffffffffffffffff, r24)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r27=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)={0x4, 0x4, 0x0, 0x10002}, &(0x7f00000009c0), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x79c9e9235c799199)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r19, r22, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={<r28=>r14, r15, 0x0, 0x1, &(0x7f0000000080)='\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r12, 0x0, 0x4, &(0x7f0000000180)='em1\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000080)='/dev/autofs\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r11, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000740)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r28, r10, 0x0, 0x5, &(0x7f0000000000)='ppp1\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r9, r8, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000240)={r27}, 0xc)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r6, r7, 0x0, 0x9, &(0x7f0000000200)='/dev/kvm\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r4, r5, 0x0, 0x82, &(0x7f00000000c0)='m\x06\x00j\x00y.\x02ven\x01\x04\x00\xf1\xbb\xfc4\xd4-,\x91\xa1\xecz\x9f%\xc3\xe9\xd8\xf0h0\xd3\xa8\xaaYig\xc8\xba\x85\x8f\xb8\xb5x\xd0|&\x01\xdf\xef=\xb8Q\x1c\xfeD#\xa1k\t\x86\xc2\x89)\xd8N\xf5\x8b8\xb3\xb6kzk\xd4W\x8a.\xc9ssH\xa0g\x87\xc5h_\xa1\xa1W\xbc\x93\xf9V\xa7\x8a\xc2\xb1\xe6\x8c\x82I_\x04\x1e\x84\xc1\x9d\x8eWl%X\x9d\x10\xed\xd9fpjU\xc6\x88\x85\xc8\xf6\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r3, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000040)='v#\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={<r29=>0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00', r27}, 0x30)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r29, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)

20:02:21 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480000, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu\x00', 0x12285, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:21 executing program 3 (fault-call:2 fault-nth:40):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:02:21 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="b7f2288a911993f0265df5cf1cdd8b55", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bsg\x00', 0x80000, 0x0)
ioctl$CAPI_GET_ERRCODE(r2, 0x80024321, &(0x7f00000016c0))
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001780), &(0x7f00000017c0)=0x484)
recvmsg$can_j1939(r3, &(0x7f0000000280)={&(0x7f0000000140)=@pptp={0x18, 0x2, {0x0, @local}}, 0xfffffffffffffcfb, &(0x7f0000000040)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f00000001c0)=""/78, 0x4e}, {&(0x7f00000003c0)=""/97, 0x61}], 0x3, &(0x7f0000001640)=""/102, 0x66}, 0x40000142)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_sctp_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000240)={0x81, 0x8, 0x7, 0x81, 0x9, 0x5, 0x6, 0x80, 0xa0, 0x8, 0xf9, 0x3, 0x4, 0x5}, 0xe)
sendmsg$sock(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="130d39dc47876c4e39cc2fd19c85cf7223e1ec8b464bb3205f12abf4b955502b4f0d52df9cd77f98670782ffbfa160ec8b8984ed5f4ebcf6f8b0660fd11842ecad64df531bb905e0953f67c27e95c0ff5e3b2664799601940d4db2e4d7429e9e7d543efe0d52ceeab08c1af4e2003f469ed0d89083bf0c5da9ac1372100a2bf5bd71f3e9a71c2e86ae33d0baee911a4db66ea518bc1946890241bade8fa20e64", 0xa0}], 0x1}, 0x0)
recvmmsg(r1, &(0x7f0000001b40), 0x0, 0x0, 0x0)

[  739.621874][T12648] FAULT_INJECTION: forcing a failure.
[  739.621874][T12648] name failslab, interval 1, probability 0, space 0, times 0
20:02:21 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480000, 0x0)
io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  739.725313][T12648] CPU: 1 PID: 12648 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  739.735370][T12648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  739.745472][T12648] Call Trace:
[  739.745497][T12648]  dump_stack+0x197/0x210
[  739.745518][T12648]  should_fail.cold+0xa/0x10
[  739.745536][T12648]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  739.745552][T12648]  ? setup_fault_attr+0x220/0x220
[  739.745574][T12648]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  739.773799][T12648]  __should_failslab+0x121/0x190
[  739.778766][T12648]  should_failslab+0x9/0x14
[  739.783315][T12648]  kmem_cache_alloc+0x47/0x710
[  739.788115][T12648]  ? __kasan_check_read+0x11/0x20
[  739.793172][T12648]  skb_clone+0x154/0x3d0
[  739.797446][T12648]  ip6_finish_output2+0x18be/0x25c0
[  739.802754][T12648]  ? ip6_mtu+0x2e6/0x450
[  739.807552][T12648]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  739.813149][T12648]  ? lock_downgrade+0x920/0x920
[  739.818209][T12648]  ? rcu_read_lock_held+0x9c/0xb0
20:02:21 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x480000, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  739.823272][T12648]  ? __kasan_check_read+0x11/0x20
[  739.828347][T12648]  __ip6_finish_output+0x444/0xaa0
[  739.833652][T12648]  ? __ip6_finish_output+0x444/0xaa0
[  739.838974][T12648]  ip6_finish_output+0x38/0x1f0
[  739.844165][T12648]  ip6_output+0x25e/0x880
[  739.848535][T12648]  ? ip6_finish_output+0x1f0/0x1f0
[  739.848565][T12648]  ? __ip6_finish_output+0xaa0/0xaa0
[  739.858974][T12648]  ? ip6_make_skb+0x370/0x570
[  739.858991][T12648]  ? ip_reply_glue_bits+0xc0/0xc0
[  739.859011][T12648]  ip6_local_out+0xbb/0x1b0
[  739.859028][T12648]  ip6_send_skb+0xbb/0x350
[  739.859052][T12648]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  739.883411][T12648]  ? ip6_forward_finish+0x570/0x570
[  739.888694][T12648]  udpv6_sendmsg+0x22f3/0x2b30
[  739.893511][T12648]  ? __kasan_check_write+0x14/0x20
[  739.898823][T12648]  ? ip_reply_glue_bits+0xc0/0xc0
[  739.903881][T12648]  ? udp_v6_get_port+0x6b0/0x6b0
[  739.908936][T12648]  ? __kasan_check_read+0x11/0x20
[  739.913987][T12648]  ? mark_lock+0xc2/0x1220
[  739.918539][T12648]  ? __kasan_check_read+0x11/0x20
20:02:22 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  739.923612][T12648]  ? mark_lock+0xc2/0x1220
[  739.928150][T12648]  ? __kasan_check_read+0x11/0x20
[  739.933209][T12648]  ? ___might_sleep+0x163/0x2c0
[  739.938361][T12648]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  739.944016][T12648]  ? aa_sk_perm+0x346/0xb00
[  739.948552][T12648]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  739.954134][T12648]  inet6_sendmsg+0x9e/0xe0
[  739.958585][T12648]  ? inet6_sendmsg+0x9e/0xe0
[  739.963204][T12648]  ? inet6_ioctl+0x1c0/0x1c0
[  739.967809][T12648]  sock_sendmsg+0xd7/0x130
[  739.972224][T12648]  ____sys_sendmsg+0x358/0x880
[  739.972241][T12648]  ? kernel_sendmsg+0x50/0x50
[  739.972258][T12648]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  739.972272][T12648]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  739.972285][T12648]  ? find_held_lock+0x35/0x130
[  739.972308][T12648]  ___sys_sendmsg+0x100/0x170
[  740.002809][T12648]  ? sendmsg_copy_msghdr+0x70/0x70
[  740.007948][T12648]  ? __kasan_check_read+0x11/0x20
[  740.013001][T12648]  ? __might_fault+0x12b/0x1e0
[  740.021208][T12648]  ? find_held_lock+0x35/0x130
[  740.026001][T12648]  ? __might_fault+0x12b/0x1e0
[  740.030807][T12648]  ? do_dup2+0x4f0/0x4f0
[  740.035251][T12648]  ? lock_downgrade+0x920/0x920
[  740.040139][T12648]  ? ___might_sleep+0x163/0x2c0
[  740.045024][T12648]  __sys_sendmmsg+0x1bf/0x4d0
[  740.049737][T12648]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  740.054806][T12648]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  740.061082][T12648]  ? fput_many+0x12c/0x1a0
[  740.065522][T12648]  ? fput+0x1b/0x20
[  740.069433][T12648]  ? ksys_write+0x1cf/0x290
20:02:22 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  740.073949][T12648]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  740.079425][T12648]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  740.085009][T12648]  ? do_syscall_64+0x26/0x790
[  740.089699][T12648]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  740.095786][T12648]  ? do_syscall_64+0x26/0x790
[  740.100486][T12648]  __x64_sys_sendmmsg+0x9d/0x100
[  740.105442][T12648]  do_syscall_64+0xfa/0x790
[  740.110770][T12648]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  740.116844][T12648] RIP: 0033:0x45a919
[  740.120762][T12648] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  740.141201][T12648] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  740.141217][T12648] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  740.141225][T12648] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  740.141233][T12648] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
20:02:22 executing program 4:
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
userfaultfd(0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4800)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$PPPIOCGUNIT(r1, 0x80047456, &(0x7f0000000000))
write$cgroup_type(r0, &(0x7f00000009c0)='threaded\x00', 0x76660e)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
clone(0x3d1a7189a5548d4b, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

20:02:22 executing program 4:
openat$udambuf(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/udmabuf\x00', 0x2)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipx={0x4, 0x8, 0x9, "c517cfd32959", 0x80}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000140)="8f2bb314a644609bf110c566caf48bf1911133a95d9d017da4b33fda3ae542a1ac1876be2481203588befbdd16a413b9f4789a050aed51c6d873d6784a96f764cca0a73eacd654c587e4ca3304cc8b12805533eb918b922be02707e5b248694b88a52bd7181f8c0ad02139e583ef69df90472ff168e52868fa45c26a64b167835f984a75c15eacb2e1eaebd36361fdb39cbe9b0fdeb3d47ab8651f588d66ec4ad3c9d7e7c2", 0xa5}, {&(0x7f00000002c0)="074a811f4ba38bfa3c05a9baf1419f52e119c232f66e94011d94789a38bf1d8e792bf594338d980c782a2ee04e61367125979a201479e94b3f4d7998bde51ed2c9c14b853e32f48bf26d25b58c42941e94cd73991ebcaecb56a08bdfdc1d502d7587da84672dd77b550fd52c20b9025f156658b03104e1d240ce99c21c6e50dac793d77f7cb00214d0635036a88eba9dc3ab83", 0x93}, {&(0x7f0000000380)="2f9bd75c2579a01bb07df83d7afbff6c7a2d7420753354e008e1a1e4ea71e17dc3a573f9807ed71894b789f4f50f770202bdb56c87043c698066e4b3371c44d91445b84bff0c781e5541a4cea3a75b1991d570c932873e45f7f89f835b089ea8a561959dac4e84943401349903f0c46c544b00965e3d4c58536e31c999d74bd64568ed40db7dea0c5c2a9f46190594bc8d9e72e9a95c0d6803eb0fa9c5c2f3c5ea0563e5d3b564ff7209e0e1fb7adfd3e8c99bc0ad678ca615a22e", 0x3e7}, {&(0x7f0000000200)="7a729092719ef9090e365be80646c07ecf1e8d58cb327b526d9d6bc176e981ef7c9cb32022350e0c0fa3cf722596c13171f0578392f0593c4965e0b9ca553c80e7", 0x41}, {&(0x7f0000000440)="f8431ff01a4982a18ec8b834ecd080466aaa867f7db38be2529344e673ee12095927341b77b57ff9f2664ab4666c6f54b7a6a3dd1bd896386ac8cf2ff5b9a4afd62c2aab865d9fefa31264e6aa1dd109be535009f9cae42eb47b46ed3e537d5d761807de5d930b7fdd69b65fd529bb26b6c8883ed917bf14283b7eb6382eb8dcf02b6e775dd863245d9ba9291f7ac8ad4d15a9d6c2ac76c1db06ca789edf314efc1f9c8a47f93c664c0c5d62818fd4c9b938608b1a8458006fcc2ccf43b6bbaa1d0173a304b23a1decb02fa4e4066dcc981b59ea4a", 0xd5}], 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="58000000000000000d01000009000000ccb3118b2ce5ed6b7eb57c14a92b4a51155d6e4514f409c0b7d6ab5a3b96d00b8816216737a97b15da7bb2db62d9431ef8ab32ae68166e0261d7f19b9cd7e6f589629dce0000000078000000000000001201000004000000192f5455d57a1494604a177cb9483faf235069c04c6bb35ecb41474bdff7ce74122662d23a41fa627a27c83ca1d9b8a866e4ccf125aa47dd6b2e774659b880f27deb4b5cbe6674ac64c8db98dd98cf2e2036465f576ece48091e4bf6b93beb6e497730aae0de3f000801000000000000060000000800000018ee1a907fae25922fb5a2182ea7dbd03ef2dbeaa815fb0b27f06a666586e41f4e858c9973bcf03b9702bb417b3fc0fc58206be686887a7a2a6f5b0d749844f6a6d827841cce0d737b02929496a0da1c15763c8eb32e727a67190c111d06795de14ff5d6043a96aa9324d7577e7314bc370a66b8d45655ed426ed4783c2707e18e976e5d2e8130f57ef367096247f700088f57ebeb1c9447c76a8c9c283b64f8a4ec3a2b227b886c10cbd19f7c8db2252c257db308c12f22c6ccc6b832167d1cbde2882a335cb40d22202353ec634aa5b18c9a71af15ea356cc2da1ab207c3113e5f6713ae7d42054ced86d5c3136238eda638110000000038000000000000001001000029510000b7087fade35a3b7b620bd43d7fd44a561bebd846a296d66ced780f8c2bba200d046edc0000000000f000000000000000000000000000000063aec71829f51ff474f2e7aff39d995f7c7e068fb0a7f542d8bc70b64a5af16c68b32e4e956ceca5cafeb13020e7d3587bc348eb15b0014f30d24471a820feb5e1bfc102d37d4d653e41d8ca2177c6f754f717e8783a5c5b0f07efd22671b56acb9a37d5e56e94152ae0abd61559822cee7dc36aa199a8f1f3b4ddb285a9aa0d98f5fae2f826e3a8a79cdc2792ae1a5dd5a0928e84740a85a00fe4b1dd492b84d4508b8c0a4d50a9f90718dd4e001885b3f6c7895b29359fd3dc096e07dc3d26d3c0b12a2b368a44fb10d73e835fceeb4b727959232d377ed2fde8fd465df800"], 0x300}, 0x40000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = memfd_create(&(0x7f0000000940)='\x00', 0x1)
fchmod(r2, 0x80)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r1, 0x8982, &(0x7f0000000900)={0x7, 'bridge_slave_1\x00', {0x4cb}, 0x7})
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x48, &(0x7f0000000000)=[{&(0x7f0000000100)="2e0000002b000508d25a80648c6356c10924fc001a0004000a0f0000053582c1b0acea8b0900018004021700d1bd", 0x2e}], 0x1}, 0x0)

[  740.141241][T12648] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  740.141250][T12648] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  740.364237][T12671] netlink: 22 bytes leftover after parsing attributes in process `syz-executor.4'.
[  741.328693][    C0] net_ratelimit: 18 callbacks suppressed
[  741.328702][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  741.340700][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:02:23 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  742.528730][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  742.534795][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  742.540775][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  742.546680][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  742.552620][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  742.558398][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  742.564813][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  742.570884][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  746.688661][    C0] net_ratelimit: 12 callbacks suppressed
[  746.688668][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  746.700442][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  746.706367][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  746.712427][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  746.718279][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  746.724171][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  746.730200][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  746.736032][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  747.568637][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  747.574498][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:02:30 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x31f}, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x1, 0x100010, r0, 0x87b8e000)
write$P9_RWALK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[], 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r1, 0x0)
write$P9_RWALK(r1, &(0x7f00000003c0)=ANY=[@ANYRES64], 0x8)
r2 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)
dup2(r1, r2)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f00000002c0)=0x1, 0x1a5)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000180)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000080)='ip_vti0\x00', 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000000), 0xfea3)
recvmmsg(r3, &(0x7f0000000dc0)=[{{&(0x7f0000000300)=@x25={0x9, @remote}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000400)=""/97, 0x61}, {&(0x7f0000000480)=""/79, 0x4f}, {&(0x7f0000000500)=""/110, 0x6e}], 0x3, &(0x7f0000000580)=""/77, 0x4d}, 0x4}, {{&(0x7f0000000600)=@pppol2tpv3={0x18, 0x1, {0x0, <r4=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000680)=""/233, 0xe9}, {&(0x7f00000007c0)=""/86, 0x56}, {&(0x7f0000000380)=""/43, 0x2b}, {&(0x7f0000000840)=""/217, 0xd9}], 0x4, &(0x7f0000000980)=""/34, 0x22}, 0x89}, {{&(0x7f00000009c0)=@rc, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000a40)=""/171, 0xab}], 0x1}, 0x6}, {{&(0x7f0000000b80)=@nl=@proc, 0x80, &(0x7f0000000c80)=[{&(0x7f0000000c00)=""/71, 0x47}], 0x1, &(0x7f0000000cc0)=""/220, 0xdc}, 0x717}], 0x4, 0x100, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r4, 0x29, 0x41, &(0x7f0000000ec0)={'security\x00', 0x86, "b4bd6318603506368d0c5a57909eb2778a803c80bad7d52c28e26dd2053dba5241104ae3ec68867f6d14f468a56bdd918bc07910526c1cfbc929272931b7436f3521e2763eb28c9e91aac58a2e0795163b5330f7cb7eea2dd1fcfe71ef3d6a7ec525675da8294b92a1eb8cdd7ff4abcfe64d7de774d15f89edcb1109661949e383a763b08a85"}, &(0x7f0000000f80)=0xaa)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000b40)='oom_adj\x00')
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0xc40, 0x0)
ioctl$VHOST_SET_LOG_BASE(r5, 0x4008af04, &(0x7f0000000100)=&(0x7f00000000c0))
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
msgget$private(0x0, 0x10)

20:02:30 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:30 executing program 3 (fault-call:2 fault-nth:41):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:02:30 executing program 0:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0xfec8)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x14, 0x4, @tid=r3}, &(0x7f0000044000))
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)={0x0, <r4=>0x0})
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x208100, 0x0)
r6 = gettid()
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff})
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = getpid()
sched_setscheduler(r9, 0x5, &(0x7f0000000380))
r10 = dup(0xffffffffffffffff)
setsockopt$packet_int(r10, 0x107, 0x10000000000f, &(0x7f0000006ffc)=0x400000000008, 0x26d)
r11 = getpgrp(0x0)
capget(&(0x7f0000000000)={0x0, r11}, 0x0)
r12 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r10, 0x5452, &(0x7f0000000040))
r13 = timerfd_create(0x7, 0x0)
timerfd_settime(r10, 0x1, &(0x7f0000000080)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)
timerfd_settime(r13, 0x0, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
fcntl$getownex(r13, 0x10, &(0x7f0000000280)={0x0, <r14=>0x0})
r15 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r15, &(0x7f0000000240)='system.posix_acl_access\x00', &(0x7f0000000c40)=ANY=[], 0x0, 0x1)
r16 = socket(0xa, 0x3, 0x8)
r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000)
ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4})
write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x40000000, &(0x7f0000000040)={<r18=>0xffffffffffffffff}, 0x0, 0x5}}, 0x2cb)
r19 = gettid()
waitid(0x83b895581628fca4, r14, &(0x7f0000000040), 0x4, &(0x7f0000000b00))
sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r19]], 0xfffffffffffffe56}}, 0x20004850)
r20 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
r21 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x9a0efa2b65aacb27)
r22 = dup2(r21, r20)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r22, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00'})
r23 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r23)
r24 = syz_open_dev$sg(&(0x7f0000001580)='/dev/sg#\x00', 0x0, 0x40)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r25=>0xffffffffffffffff})
getsockopt$sock_cred(r25, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r26 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r26, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
writev(r26, &(0x7f0000000900)=[{&(0x7f0000000d40)="f9fd9e7d96c6d812d08c525187bddcfdbe09c74978d31ac33ad4c0d90aa376a907bce26a502ae2403ad24f8d48773dfafb9f6ddabe8ac5c091d0329673a3bc6aab2aa8be0386af70d2e5f4dde9356a804c1c3e9057b03bfd27695c752c5723a8b1968e00dd040000003a100e6575124cf06586399a105a888faa8ecd57bef2547d181da0e3b67e50846bf25c35cdbb755e40ac6bd8d01a598f2afcaf50dc2b969e6600c51d49a4b1fa30dc4d275a6beafb6c42474d947121bae099faf7ff2e06225a074f821a6d4a08576eac29988a47f88b21da61df3ac3893810de53e254ec89c1eb19a1de073c6ad8e452c991f67007b6f27ebe62d9bd3646bca360b9d5de4686a92f18aa40bd3e53bc13966f"}, {&(0x7f0000000a00)="aa569e3bf2b03b68c3ea8388d4a91a6df2ec7ccd24b3313c69ff4474d35dcf480dc912d299228515bb8662e320bba0d1feb227eedb9c87b8d6f224b31954dd7b517e15b89ea5ff7567d4be259722328a2b0e1c231983420697279917fbbccaff79962876e840e7df6ec74dce5daec6ef55b585bf2d8c7fb9086e6f67068f349d5f0900f62c02e7f2f304cc581f715d6e32b5149278b777403df8fe1b8615c0d60cba1e594ddc06f9e41f8df6738c9494f59bce2300feb292c0ade25c7522217e12da91c9a4c5d93e9b7677ddb799b866086c3a327e6d8014000fbea11e4119fc9035c8", 0x112}, {&(0x7f0000000bc0)="818e4f40430bae5993b169ea30a4299c3c6ac96331243791d88cde71688d6dac799e066741f083f368487ff564cf95b9cbefd4a233f8d4bc796d1e224c167f40d2ac4f5722c39bffd3270d365d9bb4e9c6385c97fe0538bec1bdb448a899c3"}, {&(0x7f00000005c0)="b5f8b3f49c71600edf19", 0x9f}], 0x10000000000001ca)
ioctl$SG_GET_REQUEST_TABLE(r24, 0x227d, &(0x7f0000000780))
kcmp(r23, r19, 0x0, 0xffffffffffffffff, r24)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, <r27=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000980)={0x4, 0x4, 0x0, 0x10002}, &(0x7f00000009c0), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x79c9e9235c799199)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r19, r22, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000780)='cgroup.subtree_control\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={<r28=>r14, r15, 0x0, 0x1, &(0x7f0000000080)='\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, r12, 0x0, 0x4, &(0x7f0000000180)='em1\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xc, &(0x7f0000000080)='/dev/autofs\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r11, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000740)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r28, r10, 0x0, 0x5, &(0x7f0000000000)='ppp1\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000600)={r9, r8, 0x0, 0x14, &(0x7f0000000180)='&$vboxnet1security!\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r27}, 0x30)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000240)={r27}, 0xc)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)={r27}, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={r6, r7, 0x0, 0x9, &(0x7f0000000200)='/dev/kvm\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r4, r5, 0x0, 0x82, &(0x7f00000000c0)='m\x06\x00j\x00y.\x02ven\x01\x04\x00\xf1\xbb\xfc4\xd4-,\x91\xa1\xecz\x9f%\xc3\xe9\xd8\xf0h0\xd3\xa8\xaaYig\xc8\xba\x85\x8f\xb8\xb5x\xd0|&\x01\xdf\xef=\xb8Q\x1c\xfeD#\xa1k\t\x86\xc2\x89)\xd8N\xf5\x8b8\xb3\xb6kzk\xd4W\x8a.\xc9ssH\xa0g\x87\xc5h_\xa1\xa1W\xbc\x93\xf9V\xa7\x8a\xc2\xb1\xe6\x8c\x82I_\x04\x1e\x84\xc1\x9d\x8eWl%X\x9d\x10\xed\xd9fpjU\xc6\x88\x85\xc8\xf6\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r3, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000040)='v#\x00', r27}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={<r29=>0x0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000000)='\x00', r27}, 0x30)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r29, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet(r2, &(0x7f00000002c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x10005, 0x0)

20:02:30 executing program 4:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="28000000300001030000000066f3069a08f9e3ab1400010010000100040001000000890000c3e8ffffc8faffffffb7f66879de01fe1519c0c4c73aa8571fa11c03c0f121e9e6b03c76f00677c5ebb234821234a4307b446136fe00b89298a0aa4136da52db5cecc4efff4a5125b04bdf16dcf8261ac328297a19e458923b00598c00e4fa04ceba760000000000003d027412d7257d0871f61d9bbbf702458fde4ef500000063db2ca617bd11801d6fa5a86b06b643fc003308492599389aaf540ca0a9b4127e4f0f5ce6cabd0231f1046f7922fdd94e321fb660fd1771f87cc19ecae82d8ac2186072d8e3d646c6df78c33f982d01b7284722ea54e1"], 0x28}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000100)="220000001500070500e80000004c03050204030303000000080003", 0x1b)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f0000000180), 0x572, 0x0)

20:02:30 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  748.078547][T12691] FAULT_INJECTION: forcing a failure.
[  748.078547][T12691] name failslab, interval 1, probability 0, space 0, times 0
[  748.091328][T12691] CPU: 0 PID: 12691 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  748.101316][T12691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  748.111474][T12691] Call Trace:
[  748.114793][T12691]  dump_stack+0x197/0x210
[  748.119849][T12691]  should_fail.cold+0xa/0x10
[  748.124469][T12691]  ? is_bpf_text_address+0xac/0x160
[  748.129690][T12691]  ? setup_fault_attr+0x220/0x220
[  748.134743][T12691]  __should_failslab+0x121/0x190
[  748.139715][T12691]  should_failslab+0x9/0x14
[  748.144236][T12691]  kmem_cache_alloc+0x47/0x710
[  748.149024][T12691]  ? lock_acquire+0x190/0x410
[  748.153711][T12691]  ? net_tx_action+0xd30/0xd30
[  748.158491][T12691]  skb_clone+0x154/0x3d0
[  748.162751][T12691]  dev_queue_xmit_nit+0x3a1/0xaa0
[  748.167806][T12691]  dev_hard_start_xmit+0xbb/0x9b0
[  748.172854][T12691]  ? validate_xmit_skb_list+0xfc/0x150
[  748.178344][T12691]  sch_direct_xmit+0x372/0xd30
[  748.183142][T12691]  ? dev_watchdog+0xca0/0xca0
[  748.187838][T12691]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  748.193422][T12691]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  748.199527][T12691]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  748.205789][T12691]  ? sfb_dequeue+0x421/0x4d0
[  748.210404][T12691]  __qdisc_run+0x4bf/0x1770
[  748.214936][T12691]  __dev_queue_xmit+0x1650/0x35c0
[  748.219993][T12691]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  748.225310][T12691]  ? mark_held_locks+0xf0/0xf0
[  748.230094][T12691]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  748.236345][T12691]  ? debug_smp_processor_id+0x33/0x18a
[  748.241831][T12691]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  748.248092][T12691]  ? rcu_read_lock_held_common+0xbd/0x130
[  748.253837][T12691]  dev_queue_xmit+0x18/0x20
[  748.258359][T12691]  ? dev_queue_xmit+0x18/0x20
[  748.263053][T12691]  neigh_direct_output+0x16/0x20
[  748.268003][T12691]  ip6_finish_output2+0x109a/0x25c0
[  748.273264][T12691]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  748.278831][T12691]  ? lock_downgrade+0x920/0x920
[  748.283708][T12691]  ? netif_rx_ni+0x670/0x670
[  748.288323][T12691]  ? __kasan_check_read+0x11/0x20
[  748.293376][T12691]  __ip6_finish_output+0x444/0xaa0
[  748.298502][T12691]  ? __ip6_finish_output+0x444/0xaa0
[  748.303809][T12691]  ip6_finish_output+0x38/0x1f0
[  748.308674][T12691]  ip6_output+0x25e/0x880
[  748.313016][T12691]  ? ip6_finish_output+0x1f0/0x1f0
[  748.318172][T12691]  ? __ip6_finish_output+0xaa0/0xaa0
[  748.323484][T12691]  ? ip6_make_skb+0x370/0x570
[  748.328182][T12691]  ? ip_reply_glue_bits+0xc0/0xc0
[  748.333230][T12691]  ip6_local_out+0xbb/0x1b0
[  748.337783][T12691]  ip6_send_skb+0xbb/0x350
[  748.342573][T12691]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  748.348316][T12691]  ? ip6_forward_finish+0x570/0x570
[  748.354934][T12691]  udpv6_sendmsg+0x22f3/0x2b30
[  748.359731][T12691]  ? __kasan_check_write+0x14/0x20
[  748.365216][T12691]  ? ip_reply_glue_bits+0xc0/0xc0
[  748.371338][T12691]  ? udp_v6_get_port+0x6b0/0x6b0
[  748.376383][T12691]  ? __kasan_check_read+0x11/0x20
[  748.381427][T12691]  ? mark_lock+0xc2/0x1220
[  748.385860][T12691]  ? __kasan_check_read+0x11/0x20
[  748.390892][T12691]  ? mark_lock+0xc2/0x1220
[  748.395342][T12691]  ? __kasan_check_read+0x11/0x20
[  748.400393][T12691]  ? ___might_sleep+0x163/0x2c0
[  748.405278][T12691]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  748.410920][T12691]  ? aa_sk_perm+0x346/0xb00
[  748.415472][T12691]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  748.421043][T12691]  inet6_sendmsg+0x9e/0xe0
[  748.425479][T12691]  ? inet6_sendmsg+0x9e/0xe0
[  748.430243][T12691]  ? inet6_ioctl+0x1c0/0x1c0
[  748.434855][T12691]  sock_sendmsg+0xd7/0x130
[  748.439291][T12691]  ____sys_sendmsg+0x358/0x880
[  748.444084][T12691]  ? kernel_sendmsg+0x50/0x50
[  748.448792][T12691]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  748.454548][T12691]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  748.460551][T12691]  ? find_held_lock+0x35/0x130
[  748.465352][T12691]  ___sys_sendmsg+0x100/0x170
[  748.470054][T12691]  ? sendmsg_copy_msghdr+0x70/0x70
[  748.475183][T12691]  ? __kasan_check_read+0x11/0x20
[  748.475199][T12691]  ? __might_fault+0x12b/0x1e0
[  748.475211][T12691]  ? find_held_lock+0x35/0x130
[  748.475224][T12691]  ? __might_fault+0x12b/0x1e0
[  748.475238][T12691]  ? do_dup2+0x4f0/0x4f0
[  748.475252][T12691]  ? lock_downgrade+0x920/0x920
[  748.475273][T12691]  ? ___might_sleep+0x163/0x2c0
[  748.475287][T12691]  __sys_sendmmsg+0x1bf/0x4d0
[  748.475303][T12691]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  748.475332][T12691]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  748.475346][T12691]  ? fput_many+0x12c/0x1a0
20:02:30 executing program 4:
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000280)={&(0x7f00000001c0)='./file0\x00', 0x0, 0x14}, 0x10)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f00000002c0)={0xfffffffa, 0x5, 0x7, 0xa9, 0x9})
perf_event_open(&(0x7f0000000040)={0x1, 0x55, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0x0, &(0x7f0000000380)=ANY=[@ANYRES32=0x0], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='bpf\x00', 0x0, &(0x7f0000000080)={[], [{@rootcontext={'rootcontex,', 0x3d, 'unconfined_u'}}]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x42, 0xaafd70c, &(0x7f00000000c0)="b9ff030000ffffff7f9e14f005051fffffff00004000630677fbac141414e934a0a662079f4b4d2f87e5feca6aab840313f2325f1a390101050a0100010000000000df74e30d7eabe773afef6f6e4798ab117e9f84fa406b913de8ad827a022e1faee50887dc302819a8a3d0cde36b67f337ce8eee124e061f8fea8ab95f1e8f99c7edea980697449b78569ea293c3eed3b28fc3205db63b2c65e77f19ab28c632cc80d9f2f37f9ba67174fffcb5244b0c909eb8e12116bebc47cf97d2ea8acadfb34ca580b64df7c800113e53bae401cd22f50072deabf93dd4d3e626", 0x0, 0x100, 0x0, 0x296, 0x0, &(0x7f00000001c0), &(0x7f0000000040)}, 0x28)
uselib(&(0x7f0000000300)='./file0\x00')
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dlm-monitor\x00', 0x200000, 0x0)
write$UHID_CREATE(r2, &(0x7f00000004c0)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000440)=""/128, 0x80, 0x5, 0x7f, 0x7ff, 0x4, 0x7}}, 0x120)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
ioctl$TIOCGSOFTCAR(r3, 0x5419, &(0x7f00000003c0))
gettid()

20:02:30 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:30 executing program 0:
r0 = socket$inet(0x2, 0x2000080001, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r0, 0xc0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=0x9, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x5, 0x3}, 0x0, 0x0, &(0x7f0000000200)={0x5, 0x9, 0x5, 0x8000}, &(0x7f0000000240)=0x8, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=0x6}}, 0x10)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, &(0x7f00000004c0)={@rc={0x1f, {0xb2, 0x5, 0xc7, 0x81, 0x81, 0x6}, 0x5}, {&(0x7f00000003c0)=""/157, 0x9d}, &(0x7f0000000480), 0x8}, 0xa0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000600)={0x9e0000, 0x200, 0x2e4, <r4=>0xffffffffffffffff, 0x0, &(0x7f00000005c0)={0x1aa14cf, 0x0, [], @p_u8=&(0x7f0000000580)=0x31}})
ioctl$sock_netrom_SIOCADDRT(r4, 0x890b, &(0x7f0000000640)={0x0, @default, @netrom={'nr', 0x0}, 0x8, 'syz0\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x3, 0x7, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
flock(r3, 0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000180)={&(0x7f0000000000)=@in={0x2, 0x0, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000140)="e6", 0x5a}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="1000007ebf00000084000000070000008914da14bb000000"], 0x18}, 0x44)

[  748.475362][T12691]  ? fput+0x1b/0x20
[  748.475382][T12691]  ? ksys_write+0x1cf/0x290
[  748.529070][T12691]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  748.529088][T12691]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  748.529104][T12691]  ? do_syscall_64+0x26/0x790
[  748.529118][T12691]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  748.529132][T12691]  ? do_syscall_64+0x26/0x790
[  748.529152][T12691]  __x64_sys_sendmmsg+0x9d/0x100
[  748.529171][T12691]  do_syscall_64+0xfa/0x790
[  748.529188][T12691]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  748.529201][T12691] RIP: 0033:0x45a919
[  748.529229][T12691] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  748.529237][T12691] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  748.529250][T12691] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  748.529265][T12691] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
20:02:30 executing program 3 (fault-call:2 fault-nth:42):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  748.579328][T12691] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  748.579338][T12691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  748.579348][T12691] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:02:30 executing program 2:
socket$kcm(0x2b, 0x1, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  748.687774][T12706] FAULT_INJECTION: forcing a failure.
[  748.687774][T12706] name failslab, interval 1, probability 0, space 0, times 0
[  748.701200][T12706] CPU: 1 PID: 12706 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  748.711563][T12706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  748.721720][T12706] Call Trace:
[  748.725233][T12706]  dump_stack+0x197/0x210
[  748.729593][T12706]  should_fail.cold+0xa/0x10
20:02:30 executing program 0:
r0 = dup(0xffffffffffffffff)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f0000000040))
perf_event_open(&(0x7f000001d000)={0x1, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x803, 0xa5)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0xcc000014, &(0x7f0000000000)=[{&(0x7f0000000140)="2e0000003100050ad22780648c6394fb0400fc0010000b400c000200053582c137153e370900018025643d00d1bd", 0x2e}], 0x1}, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@loopback, @in6=@ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x80000000000001}, {{@in6=@empty, 0x0, 0x3c}, 0x0, @in=@empty, 0x0, 0x1, 0x0, 0x2}}, 0xe8)
sendmmsg(r1, &(0x7f0000008440)=[{{0x0, 0x1aa, 0x0}}], 0x400000000000107, 0x0)

[  748.734308][T12706]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  748.739625][T12706]  ? setup_fault_attr+0x220/0x220
[  748.744765][T12706]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  748.750169][T12706]  __should_failslab+0x121/0x190
[  748.755144][T12706]  should_failslab+0x9/0x14
[  748.759771][T12706]  kmem_cache_alloc+0x47/0x710
[  748.764562][T12706]  ? __kasan_check_read+0x11/0x20
[  748.769627][T12706]  skb_clone+0x154/0x3d0
[  748.773903][T12706]  ip6_finish_output2+0x18be/0x25c0
[  748.779135][T12706]  ? ip6_mtu+0x2e6/0x450
[  748.783501][T12706]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  748.789334][T12706]  ? lock_downgrade+0x920/0x920
[  748.794222][T12706]  ? rcu_read_lock_held+0x9c/0xb0
[  748.799273][T12706]  ? __kasan_check_read+0x11/0x20
[  748.804338][T12706]  __ip6_finish_output+0x444/0xaa0
[  748.809818][T12706]  ? __ip6_finish_output+0x444/0xaa0
[  748.815136][T12706]  ip6_finish_output+0x38/0x1f0
[  748.820007][T12706]  ip6_output+0x25e/0x880
[  748.824370][T12706]  ? ip6_finish_output+0x1f0/0x1f0
[  748.827912][T12711] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  748.829513][T12706]  ? __ip6_finish_output+0xaa0/0xaa0
[  748.829527][T12706]  ? ip6_make_skb+0x370/0x570
[  748.829544][T12706]  ? ip_reply_glue_bits+0xc0/0xc0
[  748.829565][T12706]  ip6_local_out+0xbb/0x1b0
[  748.829595][T12706]  ip6_send_skb+0xbb/0x350
[  748.829619][T12706]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  748.868066][T12706]  ? ip6_forward_finish+0x570/0x570
[  748.873310][T12706]  udpv6_sendmsg+0x22f3/0x2b30
[  748.878377][T12706]  ? __kasan_check_write+0x14/0x20
[  748.883659][T12706]  ? ip_reply_glue_bits+0xc0/0xc0
[  748.888907][T12706]  ? udp_v6_get_port+0x6b0/0x6b0
[  748.894597][T12706]  ? __kasan_check_read+0x11/0x20
[  748.899647][T12706]  ? mark_lock+0xc2/0x1220
[  748.904103][T12706]  ? __kasan_check_read+0x11/0x20
[  748.909246][T12706]  ? mark_lock+0xc2/0x1220
[  748.913681][T12706]  ? __kasan_check_read+0x11/0x20
[  748.918820][T12706]  ? ___might_sleep+0x163/0x2c0
[  748.923696][T12706]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  748.929347][T12706]  ? aa_sk_perm+0x346/0xb00
[  748.933891][T12706]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  748.939463][T12706]  inet6_sendmsg+0x9e/0xe0
[  748.943884][T12706]  ? inet6_sendmsg+0x9e/0xe0
[  748.943901][T12706]  ? inet6_ioctl+0x1c0/0x1c0
[  748.943916][T12706]  sock_sendmsg+0xd7/0x130
[  748.943935][T12706]  ____sys_sendmsg+0x358/0x880
[  748.957067][T12711] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  748.957701][T12706]  ? kernel_sendmsg+0x50/0x50
[  748.970644][T12706]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  748.970660][T12706]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  748.970672][T12706]  ? find_held_lock+0x35/0x130
[  748.970697][T12706]  ___sys_sendmsg+0x100/0x170
[  748.987134][T12706]  ? sendmsg_copy_msghdr+0x70/0x70
[  749.001888][T12706]  ? __kasan_check_read+0x11/0x20
[  749.006937][T12706]  ? __might_fault+0x12b/0x1e0
[  749.011720][T12706]  ? find_held_lock+0x35/0x130
[  749.016918][T12706]  ? __might_fault+0x12b/0x1e0
[  749.021685][T12706]  ? do_dup2+0x4f0/0x4f0
[  749.021703][T12706]  ? lock_downgrade+0x920/0x920
[  749.021727][T12706]  ? ___might_sleep+0x163/0x2c0
[  749.021747][T12706]  __sys_sendmmsg+0x1bf/0x4d0
[  749.040586][T12706]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  749.045973][T12706]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  749.052503][T12706]  ? fput_many+0x12c/0x1a0
[  749.057022][T12706]  ? fput+0x1b/0x20
[  749.061132][T12706]  ? ksys_write+0x1cf/0x290
[  749.061153][T12706]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  749.061168][T12706]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  749.061188][T12706]  ? do_syscall_64+0x26/0x790
[  749.071337][T12706]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  749.071352][T12706]  ? do_syscall_64+0x26/0x790
[  749.071379][T12706]  __x64_sys_sendmmsg+0x9d/0x100
[  749.097303][T12706]  do_syscall_64+0xfa/0x790
[  749.102008][T12706]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  749.107924][T12706] RIP: 0033:0x45a919
[  749.112212][T12706] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  749.132400][T12706] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  749.140939][T12706] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  749.149195][T12706] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  749.157677][T12706] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  749.165845][T12706] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  749.173838][T12706] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  751.728662][    C0] net_ratelimit: 18 callbacks suppressed
[  751.734488][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  751.740519][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  753.328828][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  753.334695][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  753.340571][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  753.346352][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  753.352297][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  753.358097][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  753.363943][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  753.369758][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:02:39 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180), 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote={0xfe, 0x80, [], 0xffffffffffffffff}, 0x5}, 0x20)
r2 = socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendmmsg(r2, &(0x7f00000092c0), 0x105, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x0, &(0x7f0000000080)=0x8, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$TIOCSPTLCK(r3, 0x40045431, &(0x7f0000000000))

20:02:39 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:02:39 executing program 2:
socket$kcm(0x2b, 0x1, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:39 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
bind$pptp(r1, &(0x7f0000000080)={0x18, 0x2, {0x3, @local}}, 0x1e)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x75)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=@newlink={0x40, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x6b185fb9395d584b}, [@IFLA_LINKINFO={0x20, 0x12, @sit={{0x8, 0x1, 'sit\x00'}, {0x14, 0x2, [@IFLA_IPTUN_FLAGS={0x8, 0x8, 0x31}, @tunl_policy=[@IFLA_IPTUN_LINK={0x8, 0x2, r2}]]}}}]}, 0x40}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000540)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000002400070500"/20, @ANYRES32=r6, @ANYBLOB="00000000ffffffff0000000008000100736662002c0042002800010000000000000000000000000000000000affe00000000000000000000ff01000000000000"], 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r6, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r8, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000280)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x0, 0x4e20, 0x4, 0x2, 0x80, 0x27e02262f17f89d7, 0x89, r6, r8}, {0x6538, 0x6, 0x7fffffff, 0x6, 0x2, 0x10000, 0x81c1, 0x3}, {0x7, 0x1, 0x2d41, 0x3ff}, 0x6, 0x6e6bbd, 0x3, 0x1, 0x7}, {{@in6=@local, 0x4d2, 0x3c}, 0xa, @in=@local, 0x3500, 0x2, 0x1, 0x20, 0x81, 0x3b, 0x10000}}, 0xe8)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$VIDIOC_TRY_EXT_CTRLS(r9, 0xc0205649, &(0x7f0000000480)={0x9f0000, 0x5, 0x4, <r10=>r4, 0x0, &(0x7f0000000440)={0x990a73, 0x9, [], @string=&(0x7f0000000380)=0x6}})
ioctl$KDFONTOP_SET_DEF(r10, 0x4b72, &(0x7f00000004c0)={0x2, 0x0, 0xe, 0x1c, 0x62, &(0x7f0000000580)="1938971e219a6c57b2bdc6e8a02c501feaf8e25d4b8667912fd2513ed0003fd3eb9bc90d5ec832a862c8965303104fc96dbc24419580bcb0163412b2756f811514cfd7d6da3448fe8f7a81e3a08a1074ceacfcc1b93510ea4cd9a283d548031098066caf7f135c586b2d69a3599682edcffd969d82271d3d8a4a03eedbb04b1b891c0d78fb337e5c411abfe78eb63744ccac560f42d59dfcdea89d356151398b8964d92e92ef1188a88e4b22336b59a467de98d12f9c8fcd080498bbdd1cad673b6e9ad0e436c059681b1f9da9d7c4cf97477fa93a560dd5665f6f25a54da0a9d2406e8b545d7f2e4d443f115077ec3e771c277da2936f4515d461fe644d7f6b2175c04f2df58f1a973ababeff99ed105c21fad747e509b4eca79bf52c1d6d336d4640e86fb68a6872568b28ea556a802411177159caba0c5c86922dd959a0b43d042c349e702f9f26dd491f48353db0b36f6295db148175907f7cd64aa46b56e10f05f865548dfe7ac2071abda84e1867a25c026d27a14a23bfa7a206681cb3a8caa7597c81698d32a6d0e689d1853c871e33c76b9295984638c727d5b3b1bf4c15ee39b643441039a924b2d6866e8e8aa860375ab530a05c3fbcdffe5673b045e5504e91fb2e8cfd19ed2f06ecf2aef53d25bfd9609c07bda389ec0ffa55a835e6734f968135715ee52f2852f8ea8cabe0b46429a4b6ad45aa760fea52be92e3a838a23a215a0badfbd517c5d8d63f33be9e87b5a950f9e4d364a07a13cf8e3704ab917334c15e474102c83707ccbf050d92e03484a2d65ab06b2dc47885a6006716b4a5633d14ada61f4cdc68099687380ef02d4552e55167291aa3ae1d57e94b8d842f476b333356681c029ac4564ec46d507fcce5bdd0cc01d71bfd7b3ab331afbbcaa0cf0312ba12abb256318970cd0b3dd9393280c2445845550ae69a0c5ff40dfcb3912513c71c68b2e528806b49d6a86ec62d91eadb2cfafbd9970694f657df4ab60d9bcec5e21575814443aedb83d375ae38b9d60107c8df51077bcb02b521f358bcdd217c8b17a2473f21548bf5b524347e131afc1b907a8b8474f1850f47533b2d5e3c91cdaa7a43f725707c7a673fcaee630f46b7b333734012adcd8f83bd7602b81504700d783fe266d5b7aee5e7800928bdb767a816d8b09eff7399e73eb3b3f01b99c1bba4b1b6fcc228e5b84815a953e90fa5839a5cd42b0b47883ce6bd5fe91f0b2529b490bf7a78e423d46939fc58dbce4c953a70cd319c8eacdc07093558135cf5eb2c867e9f4ccba2098585ac2c8aa5e7ec04530b6e8e9d01a9ae08d8585d0b64a17b93bb9a096ef4d0217d2921a58f9e660d1e3c098f70413cfdfcc4a854f1f6eaa24af2fea8f0f9c507eb01315b7568e87d9134ec0d55340055df3c6a5fa7e7919a658e8f99fec921b488f00316e9a460cb54068b"})

20:02:39 executing program 0:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r1, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000000), 0x8)
r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f0000000100))
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/autofs\x00', 0x20040, 0x0)
ioctl$VIDIOC_TRY_FMT(r5, 0xc0d05640, 0x0)
write$cgroup_pid(r3, &(0x7f0000000300), 0x12)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x0, 0x0)
preadv(r6, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0x3ffc00}], 0x1, 0x0)
setxattr$security_smack_transmute(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8)
setsockopt$inet_sctp6_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000000), 0x8)
modify_ldt$write2(0x11, &(0x7f0000000140)={0x1, 0x20101000, 0x2000, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x10)
dup2(r7, 0xffffffffffffffff)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

20:02:39 executing program 3 (fault-call:2 fault-nth:43):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  757.377527][T12737] netlink: 'syz-executor.4': attribute type 8 has an invalid length.
[  757.393978][T12736] FAULT_INJECTION: forcing a failure.
[  757.393978][T12736] name failslab, interval 1, probability 0, space 0, times 0
[  757.434258][T12737] IPv6: sit1: Disabled Multicast RS
[  757.458791][T12736] CPU: 1 PID: 12736 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  757.468741][T12736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  757.478815][T12736] Call Trace:
[  757.478842][T12736]  dump_stack+0x197/0x210
[  757.478864][T12736]  should_fail.cold+0xa/0x10
[  757.478884][T12736]  ? setup_fault_attr+0x220/0x220
[  757.478903][T12736]  ? ___might_sleep+0x163/0x2c0
[  757.478923][T12736]  __should_failslab+0x121/0x190
[  757.478951][T12736]  should_failslab+0x9/0x14
[  757.488622][    C0] net_ratelimit: 12 callbacks suppressed
[  757.488630][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  757.491193][T12736]  kmem_cache_alloc_node_trace+0x274/0x750
[  757.496253][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  757.501047][T12736]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  757.501062][T12736]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  757.501080][T12736]  __kmalloc_node_track_caller+0x3d/0x70
[  757.501100][T12736]  __kmalloc_reserve.isra.0+0x40/0xf0
[  757.501119][T12736]  __alloc_skb+0x10b/0x5e0
[  757.501140][T12736]  ? __kmalloc_reserve.isra.0+0xf0/0xf0
[  757.506151][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  757.510572][T12736]  alloc_skb_with_frags+0x93/0x590
[  757.510589][T12736]  ? find_held_lock+0x35/0x130
[  757.510611][T12736]  sock_alloc_send_pskb+0x7ad/0x920
[  757.510635][T12736]  ? sock_wmalloc+0x120/0x120
[  757.516310][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  757.522094][T12736]  ? __local_bh_enable_ip+0x15a/0x270
[  757.522115][T12736]  ? ip6_finish_output2+0x1106/0x25c0
[  757.522133][T12736]  ? ip6_mtu+0x2e6/0x450
[  757.528114][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  757.533751][T12736]  ? find_held_lock+0x35/0x130
[  757.533772][T12736]  sock_alloc_send_skb+0x32/0x40
[  757.533791][T12736]  __ip6_append_data.isra.0+0x1e94/0x3b60
[  757.533812][T12736]  ? ip_reply_glue_bits+0xc0/0xc0
[  757.539896][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  757.545972][T12736]  ? ip6_setup_cork+0x1920/0x1920
[  757.551750][    C0] protocol 88fb is buggy, dev hsr_slave_0
20:02:39 executing program 2:
socket$kcm(0x2b, 0x1, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  757.556944][T12736]  ? ip6_flush_pending_frames+0xd0/0xd0
[  757.561406][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  757.566877][T12736]  ? __kasan_check_read+0x11/0x20
[  757.577671][T12736]  ip6_make_skb+0x32f/0x570
[  757.577688][T12736]  ? ip_reply_glue_bits+0xc0/0xc0
[  757.577708][T12736]  ? ip_reply_glue_bits+0xc0/0xc0
[  757.577725][T12736]  ? ip6_push_pending_frames+0xf0/0xf0
[  757.577746][T12736]  ? ip6_sk_dst_lookup_flow+0x55e/0xb00
[  757.587690][T12736]  ? ip6_forward_finish+0x570/0x570
[  757.587706][T12736]  ? rcu_read_lock_held+0x9c/0xb0
[  757.587730][T12736]  udpv6_sendmsg+0x22a1/0x2b30
[  757.587751][T12736]  ? _raw_spin_unlock_irq+0x23/0x80
[  757.587771][T12736]  ? ip_reply_glue_bits+0xc0/0xc0
[  757.598154][T12736]  ? udp_v6_get_port+0x6b0/0x6b0
[  757.598172][T12736]  ? __kasan_check_read+0x11/0x20
[  757.598188][T12736]  ? mark_lock+0xc2/0x1220
[  757.598211][T12736]  ? __kasan_check_read+0x11/0x20
[  757.608934][T12736]  ? mark_lock+0xc2/0x1220
[  757.608960][T12736]  ? ___might_sleep+0x163/0x2c0
[  757.608985][T12736]  ? debug_lockdep_rcu_enabled+0x71/0xa0
20:02:39 executing program 3 (fault-call:2 fault-nth:44):
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

[  757.609002][T12736]  ? aa_sk_perm+0x346/0xb00
[  757.609039][T12736]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  757.609064][T12736]  inet6_sendmsg+0x9e/0xe0
[  757.619015][T12736]  ? inet6_sendmsg+0x9e/0xe0
[  757.619037][T12736]  ? inet6_ioctl+0x1c0/0x1c0
[  757.619054][T12736]  sock_sendmsg+0xd7/0x130
[  757.619070][T12736]  ____sys_sendmsg+0x358/0x880
[  757.619087][T12736]  ? kernel_sendmsg+0x50/0x50
[  757.619102][T12736]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  757.619121][T12736]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  757.628783][T12736]  ? find_held_lock+0x35/0x130
[  757.628810][T12736]  ___sys_sendmsg+0x100/0x170
[  757.628829][T12736]  ? sendmsg_copy_msghdr+0x70/0x70
[  757.628846][T12736]  ? __kasan_check_read+0x11/0x20
[  757.628865][T12736]  ? __might_fault+0x12b/0x1e0
[  757.628879][T12736]  ? find_held_lock+0x35/0x130
[  757.628894][T12736]  ? __might_fault+0x12b/0x1e0
[  757.628914][T12736]  ? do_dup2+0x4f0/0x4f0
[  757.639971][T12736]  ? lock_downgrade+0x920/0x920
[  757.640000][T12736]  ? ___might_sleep+0x163/0x2c0
[  757.640019][T12736]  __sys_sendmmsg+0x1bf/0x4d0
[  757.640044][T12736]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  757.640081][T12736]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  757.650843][T12736]  ? fput_many+0x12c/0x1a0
[  757.650862][T12736]  ? fput+0x1b/0x20
[  757.650878][T12736]  ? ksys_write+0x1cf/0x290
[  757.650900][T12736]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  757.650915][T12736]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  757.650930][T12736]  ? do_syscall_64+0x26/0x790
[  757.650944][T12736]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
20:02:40 executing program 2:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  757.650957][T12736]  ? do_syscall_64+0x26/0x790
[  757.650979][T12736]  __x64_sys_sendmmsg+0x9d/0x100
[  757.650998][T12736]  do_syscall_64+0xfa/0x790
[  757.651015][T12736]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  757.651026][T12736] RIP: 0033:0x45a919
[  757.651042][T12736] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  757.651049][T12736] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  757.662299][T12736] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  757.662307][T12736] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  757.662315][T12736] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  757.662325][T12736] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  757.662333][T12736] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
[  757.795958][T12741] FAULT_INJECTION: forcing a failure.
20:02:40 executing program 2:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  757.795958][T12741] name failslab, interval 1, probability 0, space 0, times 0
[  758.014860][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  758.014905][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  758.045554][T12741] CPU: 0 PID: 12741 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  758.056102][T12741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  758.066261][T12741] Call Trace:
[  758.066284][T12741]  dump_stack+0x197/0x210
[  758.066309][T12741]  should_fail.cold+0xa/0x10
[  758.066326][T12741]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  758.066341][T12741]  ? setup_fault_attr+0x220/0x220
[  758.066361][T12741]  ? ipv6_chk_mcast_addr+0x2cb/0x6e0
[  758.088865][T12741]  __should_failslab+0x121/0x190
[  758.088888][T12741]  should_failslab+0x9/0x14
[  758.088909][T12741]  kmem_cache_alloc+0x47/0x710
[  758.088924][T12741]  ? __kasan_check_read+0x11/0x20
[  758.088945][T12741]  skb_clone+0x154/0x3d0
[  758.088966][T12741]  ip6_finish_output2+0x18be/0x25c0
[  758.122884][T12741]  ? ip6_mtu+0x2e6/0x450
[  758.127155][T12741]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  758.132720][T12741]  ? lock_downgrade+0x920/0x920
[  758.137602][T12741]  ? rcu_read_lock_held+0x9c/0xb0
[  758.142659][T12741]  ? __kasan_check_read+0x11/0x20
[  758.147708][T12741]  __ip6_finish_output+0x444/0xaa0
[  758.157964][T12741]  ? __ip6_finish_output+0x444/0xaa0
[  758.163286][T12741]  ip6_finish_output+0x38/0x1f0
[  758.168177][T12741]  ip6_output+0x25e/0x880
[  758.172603][T12741]  ? ip6_finish_output+0x1f0/0x1f0
[  758.177743][T12741]  ? __ip6_finish_output+0xaa0/0xaa0
[  758.183035][T12741]  ? ip6_make_skb+0x370/0x570
[  758.187715][T12741]  ? ip_reply_glue_bits+0xc0/0xc0
[  758.192766][T12741]  ip6_local_out+0xbb/0x1b0
[  758.197289][T12741]  ip6_send_skb+0xbb/0x350
[  758.201730][T12741]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  758.207211][T12741]  ? ip6_forward_finish+0x570/0x570
[  758.212446][T12741]  udpv6_sendmsg+0x22f3/0x2b30
[  758.217234][T12741]  ? __kasan_check_write+0x14/0x20
[  758.222369][T12741]  ? ip_reply_glue_bits+0xc0/0xc0
[  758.227422][T12741]  ? udp_v6_get_port+0x6b0/0x6b0
[  758.232408][T12741]  ? __kasan_check_read+0x11/0x20
[  758.237554][T12741]  ? mark_lock+0xc2/0x1220
[  758.242003][T12741]  ? __kasan_check_read+0x11/0x20
[  758.247039][T12741]  ? mark_lock+0xc2/0x1220
[  758.251559][T12741]  ? __kasan_check_read+0x11/0x20
[  758.256781][T12741]  ? ___might_sleep+0x163/0x2c0
[  758.261709][T12741]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  758.268071][T12741]  ? aa_sk_perm+0x346/0xb00
[  758.272703][T12741]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  758.278280][T12741]  inet6_sendmsg+0x9e/0xe0
[  758.282812][T12741]  ? inet6_sendmsg+0x9e/0xe0
[  758.287421][T12741]  ? inet6_ioctl+0x1c0/0x1c0
[  758.292029][T12741]  sock_sendmsg+0xd7/0x130
[  758.296830][T12741]  ____sys_sendmsg+0x358/0x880
[  758.301662][T12741]  ? kernel_sendmsg+0x50/0x50
[  758.306351][T12741]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  758.311928][T12741]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  758.317943][T12741]  ? find_held_lock+0x35/0x130
[  758.322737][T12741]  ___sys_sendmsg+0x100/0x170
[  758.327449][T12741]  ? sendmsg_copy_msghdr+0x70/0x70
[  758.332771][T12741]  ? __kasan_check_read+0x11/0x20
[  758.337818][T12741]  ? __might_fault+0x12b/0x1e0
[  758.342592][T12741]  ? find_held_lock+0x35/0x130
[  758.347372][T12741]  ? __might_fault+0x12b/0x1e0
[  758.352152][T12741]  ? do_dup2+0x4f0/0x4f0
[  758.356409][T12741]  ? lock_downgrade+0x920/0x920
[  758.361285][T12741]  ? ___might_sleep+0x163/0x2c0
[  758.366153][T12741]  __sys_sendmmsg+0x1bf/0x4d0
[  758.370875][T12741]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  758.375933][T12741]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  758.382193][T12741]  ? fput_many+0x12c/0x1a0
[  758.386626][T12741]  ? fput+0x1b/0x20
[  758.390481][T12741]  ? ksys_write+0x1cf/0x290
[  758.395017][T12741]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  758.400798][T12741]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  758.406540][T12741]  ? do_syscall_64+0x26/0x790
[  758.411323][T12741]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  758.417410][T12741]  ? do_syscall_64+0x26/0x790
[  758.422109][T12741]  __x64_sys_sendmmsg+0x9d/0x100
[  758.427239][T12741]  do_syscall_64+0xfa/0x790
[  758.431782][T12741]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  758.437688][T12741] RIP: 0033:0x45a919
[  758.441620][T12741] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
20:02:40 executing program 2:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  758.461256][T12741] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  758.469686][T12741] RAX: ffffffffffffffda RBX: 00007f160d5e3c90 RCX: 000000000045a919
[  758.477892][T12741] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  758.486422][T12741] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  758.494408][T12741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f160d5e46d4
[  758.502407][T12741] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 0000000000000004
20:02:40 executing program 4:
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="8da4363ac0ed02000a0000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0)
syz_mount_image$cifs(&(0x7f0000000080)='cifs\x00', &(0x7f00000000c0)='./file0\x00', 0x100000001, 0x3, &(0x7f0000000480)=[{&(0x7f0000000500)="f870cb00eef43c0bc1cb0b636d57ec7dfc75bd9f25223550d28dc3117f01d2d31b62e311e631a84c6c69e4597dc05c9ff08007cde7174d480645671df2680eede0b9a001645b7fb4d8c38bf461f99b92a9ac0e63439aa4facb20daa321564ebe266b5c709b07eaa9ce3de537b744bc83aba03c831ef77f2475960996fb343c11e443939ade97839c062fd23e2f6ee161aae08f087e89ba64b22c7e07627f486cc29a5ad2a9f2c4550de992a79d8d2fef00000000000000", 0xb7, 0xe}, {&(0x7f00000002c0)="a5e597f224188db15c780eaca101d1748acefdc1c109e3b9947556c912e81e84a62f58acc365d6ef14eb6e201b3faf1ba4b918930e39885ffeaf420e3d9b81009aef8e0cc5d545ae03cb32515646f3d472d40deb337126c95df53bafba1ab5efae05743106210b1faa4f800ee54d4431a2188f9540ba9b272eed84c5550fa7a0ed3806f480c1a1379e3de7b793c846ef3ba342fe2b79e5300d64297e5a45257556e08ffc2cffb8529d8a683c23ef0688b4161f620beac906319c057159de9c8348d5792d3ccd482d9023df1eeaf4ae2d095d17125455fb0186ae5c4da52f46d716", 0xe1, 0x4}, {&(0x7f00000003c0)="ed1bc85e15168369782c8d202939f4da2fd974ed4eea0d35e5b0db980f136489086c5c5d14e68d2bc4a3e611cf0210197bd9c9ca3e3bcdf16b41f69866bdd171d2623149120379bad25a246e4a1eaa41bbc2411711e1bc0a135a68d0571c0908e35f2e43ff6754936a995f7482fd64e3164ae82f36cf50218ad5dcf5beae989ffe3938f1223c7b1fb7698c7781313ff84d8feb20f60686d5d51560bb9d363aec0227a809b2a5", 0xa6, 0x8}], 0x40000, &(0x7f00000005c0)='/%\x00\x88\xfe\xbb1#\x9e')

[  763.728637][    C0] net_ratelimit: 20 callbacks suppressed
[  763.728644][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  763.740880][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  763.746953][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  763.752863][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  763.758867][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  763.764781][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  763.808709][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  763.814578][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  764.208636][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  764.214606][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:02:48 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x0)

20:02:48 executing program 2:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:48 executing program 4:
perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280), 0x1}, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fb0\x00', 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000000)={0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, {}, {}, {0x6}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd})
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)
syz_mount_image$ceph(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x0, 0x0, 0x40, &(0x7f0000001880)='vmnet1vmnet0)nodev^(ppp1em0&\x00')
ptrace(0xffffffffffffffff, 0x0)
open(0x0, 0x0, 0x0)

20:02:48 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000980)='/dev/cuse\x00', 0x82, 0x0)
io_setup(0xc01, &(0x7f0000000480)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000001c0)="100000000f00"/16, 0x10}])
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
ioctl$BLKBSZSET(r2, 0x40081271, &(0x7f0000000040))
write$P9_RLERROR(r2, &(0x7f0000000100)={0x9, 0x7, 0x2}, 0x9)

20:02:48 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:02:48 executing program 5:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(0xffffffffffffffff, &(0x7f000001d000)={0x0, 0x0, &(0x7f0000024000)=[{&(0x7f0000000000)="24000000100007031dff22946fa2830020200a", 0x13}], 0x1}, 0x0)
r1 = dup(r0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = creat(&(0x7f0000000180)='./bus\x00', 0x0)
io_setup(0x83, &(0x7f00000003c0)=<r6=>0x0)
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r9, &(0x7f0000000000)=ANY=[], 0x32600)
r10 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000500)='/dev/vcs\x00', 0x200040, 0x0)
r11 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/dlm-control\x00', 0x2000, 0x0)
r12 = socket$rds(0x15, 0x5, 0x0)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r13, 0x40086602, &(0x7f0000000080))
r14 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f00000007c0)='/proc/self/attr/current\x00', 0x2, 0x0)
io_submit(r6, 0x7, &(0x7f00000008c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x6, r7, &(0x7f00000001c0)="faff1ae6f1395a665ae6bad08d7704a0385fd90ef900cece9874bceb6e7e6a79a62848e5dc7720b0da1e702b537b60838d1804dd79a2f882e9cfeb2f99d2758e01a71bf598024c6452e75483bd3436f87756ef9302609c8eefd9c377bcaffbb6a6b8abfbca98f4b9ddb98413e18fe659e91685fda4e2762e1034aea50917ee0d7811e4c955805c06c00e40daaf9c98617b3f10649c91d65a8cc1b0444892cb260ec455661773a5a679b5e404f483153ce2c4dd07ea22234706a700da2f91b0e6fb", 0xc1, 0x4, 0x0, 0x2}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x800, 0xffffffffffffffff, &(0x7f00000002c0)="7a3819fc1c24bed0a2b33de392d14f2b5b92aea8dbd1a084aea3fb34924cfe3f28d183dc99834352f23d8037e90424659912dbbf84d1bbfd3529eda3f82d0c58267215dd2a6fecdd2f21fa47a8ec24b91bd3e5f0f6f576d833ab49c70b3207a808f8ea5a793470c94bb455fb2414f639df50d6db070a1e14b432690c92de10e94d6e6f4f29134230c3601459e946121c3d6ea0480aa26dda73026460ed8bcebbaf83f918605f52237c3c33ada8de3f06344919a1dc4397da00fb65665269f2d698f11ad7c7f7d76539d53fac9b569077a6ba43093a5bfd3cd39491a61b9cb16f47d57ee2a7425c0de0d7fe", 0xeb, 0x6000000000000, 0x0, 0x3, r5}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x2, r8, &(0x7f0000000400)="dfc3e5c0fa8a93bca1c87358abaeefbf173b58dcf16b5a09e81a3cf863650de9369c16e2836343fd8aeb46d3998eaca23654d5ce1b2d960c4fb0c28d346b26f490a41393c44de7", 0x47, 0xe1d6, 0x0, 0x2, r9}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x3f, 0xffffffffffffffff, &(0x7f0000000480)="29b9c83937a0ecba870066c96a45a5a2efbe093a3ce793f0888757773f58b3a0548ddf097cfd928f2061219f6c6552f626560fafec1145d316f150a1934010800dd1b1a90520b7920241d136cef6b0d62c7e9a02fdb4bf6f6c9cea9abca89b1375a04c91e8174f", 0x67, 0x8, 0x0, 0x0, r10}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x3, 0x8001, r7, &(0x7f0000000580)="9f5b688374afff3fa7f7ff3312afc83341bf176899b58b436726e388b9994fb29ad9297a75b3deb8cd8cea0232577be8e55232ab09d755281d4e49c1aed88895f0947db88e6e161a1c4f83bf4f37babc64f0dbeb666af34b24cf23b157026591da79ba7b5fec1abee9a4fc128d8f0c400f22b5eb6419025b924a5c8b269f52ccd39156594992b3e683d3643aa6a527225db9adf298d065c7534e33a7667732a8d5c46440652ba67ff10f32644a2eafc29b", 0xb1, 0x7, 0x0, 0x3, r11}, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x2, 0x4fc, r12, &(0x7f00000006c0)="38b1f81cfd8c948b6f84f39e04f0f6206746e2722bf1e082fdce6db891ea326682fad20c1e8ab36196163ebead407287bed465c3acba678ff2d8b5e03c666121114f852c84a33ee8ee6bd670f8e45faa5853d22510614e9d785b1a9c75e9cf87af4be45f94fc747424690031ef91f88430a18b9333297e4061344e6cc731a633d5386fd4346a92e4", 0x88, 0x272cd309, 0x0, 0x3, r13}, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x3, 0x2, r14, &(0x7f0000000800)="8d0e9c3ee05c219843fc819b087e67e1b1dcb050c27388ceedf8ceaec587963564f4be020b83a48c708ccfc79d5fcd4c5e34231da2cf708ae1daf91c2a0fe364e4ed79fffac57f437b6f0f183380cb331295bef57900bc4e90849040f247d8614ef6e1c777848972c5e10f3bd6647df6aca21b2106b75ed9", 0x78, 0x404, 0x0, 0x0, r2}])
sendfile(r1, r2, 0x0, 0x8000fffffffe)
r15 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000900)='/dev/btrfs-control\x00', 0x80000, 0x0)
ioctl$SCSI_IOCTL_DOORLOCK(r15, 0x5380)

20:02:48 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:02:48 executing program 2:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:49 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x2, 0x0)

20:02:49 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r0, 0x4, 0xffffffffffffffff, 0x8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0x32600)
pidfd_send_signal(r2, 0x13, &(0x7f00000001c0)={0x2f, 0x80, 0x3}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000080)={0x0, <r3=>0x0})
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x100, 0x0)
kcmp(r0, r3, 0x0, r4, 0xffffffffffffffff)
r5 = socket(0x2000000000000021, 0x2, 0x10000000000002)
r6 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r6, &(0x7f0000000040)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(r6, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000001001000001000000770000f200000000a6e217b91c3b0d873722b41afb8ed58f2109e448e6cc4bd0f11a26f4233e3ba1ff40e062a43f80b1bae2728316e63e58afdf284732bd1e1970881ddd3c9f310f827c195f3c5d57c67a08466517ba1300000000858003ffffffffffffffff3e26b5ca26bb434dbd0e4885c214e577bb081876e63e7c2834573925db8b54b33da7b9c7aefca1f9c49c6400000008000000000000000061e2448f23a7e49736a335440c5b7681c58dc647494f0dbc811becd7c487d283b2d0574510103af981adebcd7535c0b3a3df610d9975d1d957c3b410c2ab65977da598ffa069c01b3d386c15d34a5918d6909192ec97032c320044fa934bf944d6d5ce621d91c17f1c4377a54c7febb46f83a7842816023b60417388196a22091c9f82e8e0291f4082d92d0ae76b94a18647bb44cbe9366a08fb3f0000644307c51085f7215fd44635e5967f21e8f59bd021f309d910cb5d37cb16450244ef261a37255a06c97f19fa0e68836543174745684037cc7bba99aa1cbefcdd62f799a5fb35abc5af3ab43a5fc40eb352e6ff078fad68182845f1f6b7ff6c200c103b64608404b41fce73186e55193d3d96faab588048349b35e431914bfde3c07f1419dac11995aded30b44ead7142a7b397a913f6bac2eac41c32d10863c3e6dd9e88d44842951e15d6d631995f07143416b73746d0833ff3a766a4b094bc6d5c69bd6b19e0043ba97cab8506b298a96b4707000000b77270f84d17c3d89c98aec479773696f16e5b9cd5be452742ba37ca722200d5256a04cd2ff6008bd26f1fe85d60ce476bffc936ca19e9d003"], 0x18}}], 0x1, 0x4048000)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001c00)='/dev/hwrng\x00', 0x42000, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r7, 0x119, 0x1, &(0x7f0000001c40)=0x5, 0x4)
r8 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet_sctp6_SCTP_EVENTS(r8, 0x84, 0xb, &(0x7f0000000180)={0xf0, 0x40, 0x2, 0x3, 0x20, 0x0, 0x1, 0x3, 0x0, 0x20, 0x80, 0x58, 0x79, 0x8}, 0xe)
dup3(r5, r6, 0x0)

[  766.827764][T12790] ceph: No path or : separator in source
20:02:49 executing program 4:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x1, &(0x7f0000000080)=0x3, 0x8)
mount$overlay(0x400002, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000040)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file0'}}, {@metacopy_off='metacopy=off'}]})

20:02:49 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:02:49 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x3, 0x0)

20:02:49 executing program 2:
r0 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:49 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x3c)
ptrace$cont(0x18, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

20:02:49 executing program 0:
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000f6bfe8))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f000072f000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_mount_image$minix(&(0x7f0000000000)='minix\x00', &(0x7f0000000040)='./file0\x00', 0x2, 0x1, &(0x7f0000000100)=[{&(0x7f0000000080)="6b0e11b040e2f52f783db57c243605847217d59178a171c33013fc8299717346c826f2a07ef9518e41eb5e1f9445b30b1161e58a55e60a71f8bd8899f2ea386d7c946587d7ad52c19724cff5484d8eec5cf08bfad2e11c41b8ccdd8f65ed", 0x5e, 0x1f}], 0x10, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000f6bfe8))
ioctl$UFFDIO_REGISTER(r1, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x760000}, 0x8000})

20:02:49 executing program 4:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000280))
syz_genetlink_get_family_id$devlink(&(0x7f0000000040)='devlink\x00')
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000cc000000cc000000030000000c00000000000007000000000400000005000084ffffffff0600000000000000080000000e00000003000000000000000300000002000000010000000c00000005000000b40900010f000000050000006c0000000d0000080000000e0400000001000000080000000000000e01000000010000000d00000000000008040000000500000008000006040000000e0000000300000004000000018000000f0000001c07000002000000080000000000000080000000050000000700000009000000000200000b00000005000000000000"], &(0x7f0000000180)=""/146, 0xe7, 0x92}, 0x20)
ioctl$sock_TIOCINQ(r1, 0x541b, &(0x7f0000000240))
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

[  767.488943][T12837] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop0.
[  769.968665][    C0] net_ratelimit: 20 callbacks suppressed
[  769.974862][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  769.980824][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  769.986636][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  769.992742][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  769.998659][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  770.004570][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  770.048831][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  770.054882][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  770.448678][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  770.454821][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:02:58 executing program 5:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
getpgid(0x0)
clone3(&(0x7f0000000400)={0x84100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x50)
r2 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r2, 0x4, 0xffffffffffffffff, 0x8)
pidfd_open(r2, 0x0)
r3 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r3, 0x4, 0xffffffffffffffff, 0x10)
sched_setscheduler(r3, 0x0, &(0x7f0000000000)=0x7)

20:02:58 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x3c)
ptrace$cont(0x18, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

20:02:58 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x4, 0x0)

20:02:58 executing program 2:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:58 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$iso9660(&(0x7f0000000040)='iso9660\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={[{@map_off='map=off'}, {@check_strict='check=strict'}]})
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x109580, 0x0)
ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000540)=""/52)
r2 = accept4$inet(r1, &(0x7f0000000100)={0x2, 0x0, @initdev}, &(0x7f0000000140)=0x10, 0x80000)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000500)={0x4e, 0xad, 0xc, 0x4, 0x800, 0x81})
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000007d180000fe58000000000000e53200000000000001000000000000000400000000000000000000000000000000000000000000000000000000000000600a00003f00000006000000000000001400000000000000010000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e06c6a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000033cb85d03b4075ab9cfec04624fa00"/832])

20:02:58 executing program 0:
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_ax25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000100)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, [@default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null]})
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000080)={{0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'd\x00\x00\x00\xef\f\x00\x00\x00\x06\x00\x00\x00\x00\x02\x00', 0x0, 0x2}, {@broadcast, 0x4e24, 0x1, 0x0, 0x0, 0x7}}, 0xfffffffffffffe7b)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x1000000, 0x1, &(0x7f0000000000)=[{&(0x7f0000000080)="eb3c906d6b66732e666174000204010002000270fff8", 0x268}], 0x0, 0x0)
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x7ff, 0x800)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000180)={{0x8, 0x8, 0x81, 0x0, 0x3f, 0x1f}, 0x0, 0x3, 0x8, 0x1, 0x9, "5159338792e69d641253cd8bbd721c07d5c0dda40b9f425200328ceb8e5750c68763993ceaa9aaff262d6fe86066dc8a43efec7d44522eee32bbcca17f2ea1e9e8ebe47e61291d7b84bd0eb1b3ddac288c30e96a0e34dc98c569a50d10d5d4dffaa4eacbf95e09722f78c89d5d621688948c36489a33e1d5f9b1eb44c9a68e6f"})
r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$get_security(0x11, r1, &(0x7f00000000c0), 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000040)='rxrpc_s\x00', 0x0)

20:02:58 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup2(r0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, 0x0, 0x0, 0x0)
tkill(0x0, 0x3c)
ptrace$cont(0x18, 0x0, 0x0, 0x0)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, 0x0, 0x0, 0x0)

[  776.193507][T12863] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 9294)
[  776.208672][    C0] net_ratelimit: 20 callbacks suppressed
[  776.208680][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  776.220291][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  776.225802][T12863] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start ffffffff)
[  776.226302][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  776.242723][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  776.249237][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  776.255273][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  776.277233][T12863] FAT-fs (loop0): Filesystem has been set read-only
20:02:58 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x5, 0x0)

20:02:58 executing program 2:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:02:58 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  776.288701][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  776.294549][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  776.330880][T12866] ISOFS: Unable to identify CD-ROM format.
20:02:58 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:02:58 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x6, 0x0)

[  776.688639][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  776.694495][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  782.448671][    C0] net_ratelimit: 20 callbacks suppressed
[  782.448679][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  782.460523][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  782.466545][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  782.472655][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  782.478665][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  782.484408][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  782.528717][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  782.534798][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  782.928696][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  782.934654][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:03:09 executing program 2:
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r0, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:09 executing program 4:
unshare(0x8030400)
r0 = socket$pptp(0x18, 0x1, 0x2)
getpeername(r0, 0x0, &(0x7f0000000040))
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCGISO7816(r1, 0x80285442, &(0x7f0000000000))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
r3 = openat(r2, &(0x7f0000000080)='./file0\x00', 0x2002, 0x24)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20102000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r4, 0x10, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'fo\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fff}]}, 0x54}, 0x1, 0x0, 0x0, 0x2404481b}, 0x8000)

20:03:09 executing program 0:
syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x77, 0x1)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x50c02, 0x40)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000000)=0x460)

20:03:09 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:09 executing program 5:
r0 = socket(0x18, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
bind(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e23, @broadcast}, 0x4, 0x0, 0x1, 0x1}}, 0x80)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0x7e00000}, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB="3400000010000108000000000000000000000000f2e18f213336cb7c4e00a7136b7aec9bf9e4561b06d8d2d4f06e22a2071ee7052a276dc0ea57aac8c76bd865c8242c70a6737a7d4233d0cf2f99c7140aa2888be29e2d00ccb182ee3abc0a6a5483a9fe713c81560cee6474769e9f68c5b10421d06f975af1427a1fde9b3d53f8f34fc5664735d6ab8da2cf15408b4b47fe7342714f8b751aaa81469bf1d068e30644e144e2017e48dce8e163132b1c121717c796797ec599946890d5e245d6921f71f4a90cb4046284d0158f16249da488fab3db1e779e0ba9074b32c685cc4b6ba504acd6991ed0b9c8a3eab8403ba53a113f72b3ba1a739f8ceecf987b34fc2c949291570f6afd7e01cdf342760518c8087f61f224a27759449c24ca113eb3cacf0f833e0e5414cf6f3849b9dd2dd7ef556992c8ea16e6b47dfe00a8dfa41a640429ee2d13d0b3942f1ee641f63135a2f97f5eb916e88e3ebc5e11d358608555406ebadb43e0781f203225de03ab4c73d2922d15ccf7798e3f000000000000000000000000000886c20961a5c438cab09d01efd0017f257d6a3056cdcdbbdaa5d06f90485227f60e957b5b9b107f4db1885749cabd1583c0cacbb8172ccadf4a54cbb1fda1304406c39e152c83684b2424d12fc9", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b00080003006282c6f208001b0000000000"], 0x3}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000)

20:03:09 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x7, 0x0)

20:03:09 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:09 executing program 0:
r0 = syz_open_dev$video4linux(&(0x7f0000000100)='/dev/v4l-subdev#\x00', 0x0, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x3f, 0x111403)
syz_kvm_setup_cpu$x86(r1, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000180)="2e0f01c50f01cbdb0bb9420800000f3266fd0fc76dde3e660f3a093bc90f20c035040000000f22c0d8fc8beb", 0x2c}], 0x1, 0x40, &(0x7f0000000200), 0x0)
ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000040)=""/163)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000140)={0x4})

20:03:09 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x8, 0x0)

20:03:09 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:09 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:09 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x9, 0x0)

20:03:09 executing program 4:
r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xcf)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0, 0x2812, r0, 0x0)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="c4c3f64bfc180a3ef3719156353eec5f4d625d15d17b4b6f4dbefdfe4e1b860e24a9d68b577b268bff3afb1dc482b298e1c48bfd712d8174b2eea5030de671e9ec3952e2e3f7107bf44bb887a1ab36f5b23de5deb426980d1cf43373b4cc85e38f9afc18bd32e074efdf3dd172fe1d03ece6bc4d2f37ba2d4953e17f9045a983059632b5ab3142586b752c1d6809a098c347f4e696ea184df603d600135bbea5d7a906afc8f84aeb18774d512ba9a08fa0d1cf66da58a1c8d3da08c27fb735456cd8e6588198d16a5b6abf12b06906c2845efbd7ba3dc4e266e5a92a93eb7fd8d35b0a0032954fa2289327ded7b33d"], 0x3)
perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[  787.970735][T12947] ptrace attach of "/root/syz-executor.1"[12946] was attempted by "/root/syz-executor.1"[12947]
20:03:10 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:10 executing program 1:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:10 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0xa, 0x0)

[  788.174397][T12958] ptrace attach of "/root/syz-executor.1"[12956] was attempted by "/root/syz-executor.1"[12958]
[  788.688695][    C0] net_ratelimit: 20 callbacks suppressed
[  788.688703][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  788.700423][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  788.706328][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  788.712194][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  788.718208][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  788.724164][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  788.768702][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  788.774598][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  789.168633][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  789.174482][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  794.928658][    C0] net_ratelimit: 20 callbacks suppressed
[  794.928666][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  794.940214][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  794.946016][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  794.951791][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  794.957581][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  794.963477][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  795.018742][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  795.025012][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  795.408634][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  795.415089][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:03:18 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$SCSI_IOCTL_SYNC(r0, 0x4)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000200)={0x1f, 0x21}, 0xe)

20:03:18 executing program 0:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000001840)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000001840)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r2, &(0x7f0000000240)={0x1d, r4}, 0x18)
connect$can_j1939(r2, &(0x7f0000000180)={0x1d, r1}, 0x18)
r5 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x3, 0x40)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000040)={0xfffffffffffffa4f, <r6=>0x0, 0x10001, 0x1f})
ioctl$DRM_IOCTL_AGP_ALLOC(r5, 0xc0206434, &(0x7f0000000080)={0xffffffffffffffc0, r6, 0x34cec277f1b5f995, 0x2})
r7 = dup(r2)
r8 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0)
ftruncate(r8, 0xb0bb)
sendfile(r7, r8, 0x0, 0x200800100000001)
r9 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r10 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r12=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r12, 0x0)
stat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0})
r14 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r14, 0x40086602, &(0x7f0000000080))
ioctl$TIOCGPGRP(r14, 0x540f, &(0x7f0000000800)=<r15=>0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
getsockopt$sock_cred(r16, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r17=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r17, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0})
r19 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r19, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r20 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r20, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r21 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r21, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r22 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r22, 0x40086602, &(0x7f0000000080))
r23 = ioctl$TIOCGPTPEER(r22, 0x5441, 0x9)
r24 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r24, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r25 = openat$md(0xffffffffffffff9c, &(0x7f0000000900)='/dev/md0\x00', 0x200002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r26=>0xffffffffffffffff})
getsockopt$sock_cred(r26, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r27=>0xffffffffffffffff})
getsockopt$sock_cred(r27, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r28 = syz_open_dev$dmmidi(&(0x7f0000000940)='/dev/dmmidi#\x00', 0x7f, 0x4cd80)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r29=>0xffffffffffffffff})
getsockopt$sock_cred(r29, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r30 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r30, 0x4, 0xffffffffffffffff, 0x8)
lstat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, <r31=>0x0})
fstat(r2, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r32=>0x0})
sendmmsg$unix(r7, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@abs={0x1, 0x0, 0x1}, 0x6e, &(0x7f0000000440)=[{&(0x7f00000001c0)="4fa37e757ca9c136b7e8331b13e99e", 0xf}, {&(0x7f0000000280)="aab2cede68f60e67fd2e961a90b503f1e46ea324e1257491c55f1bbd4447b71aa29da18eac1cb6243958748efbc1c3887355594c4dfd116ce9b7b108d2527725518b21fc2c67cfabf16088edc6e032937b78c5d7e64739e23d08420ab2e8aca18b52a85ad2239de4d75ed8665cc44c2aaee4913a88e0a2d67b98fbd527d18d9b6e3350921850774ffcf8861ba09ea8bf1de9b1d100a298dee7e8566545ce42bf843f6f7e18b639", 0xa7}, {&(0x7f0000000340)="829011decaa531b088256c9e86fa05a083a963d5a3fb6e2c26796bf27559d3730348bf6a63cddffc767fd156d0f2670b94691beb718c7ad24cfb4f5f2514b71513bc24434c565156ec1758b270a14028e4cab42b5173a25293adff694d0fa9431415b0b833755826f788e30d9f82edc2f726bcff08483a2b", 0x78}, {&(0x7f00000003c0)="f3081b59a0240bd8a3864846dc6edd32ceb9ae9b606271f33d2474a3c1f41d641acc2cde8f5e9b86e75c0b9b6f3fa56c34000bd2bf245864475a0694bb61baacd8f4bc21f097350511d892131d593c7ffa938051fa3162c0a25b1294e4", 0x5d}, {&(0x7f0000000200)="9382f10fbcd8643ebab59420edf46a9aba6c0bdf095f3ef3d63a84257712824969373b8bcf06a86c13f2", 0x2a}], 0x5, 0x0, 0x0, 0x80004}, {&(0x7f00000004c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000700)=[{&(0x7f0000000540)="b911f67bc57c685aabf5a5e0e7f5e5123ac400fcdcaf2fdc70aa198ad5592d44a8f449571f71d1824ec8a5b9281687717366eaa440b17a140c85e9f3a161bad4c5942b2edc836aa3eba3a439cf2ed75ccba5173dcb89451c89b3ad1b02903817d29a10195fa8d3812798969b3df1fc4856d76a58ad4594ae0f2d9e5a3b42335f", 0x80}, {&(0x7f00000005c0)="818042e0a2ea1f6ab6531c03ff47f178fcae468f06be6a4da89b7b9bfd3a68d9b40d68393e7538df42df2169ba1b3caedc7cbc2b7a30b4ac0559361fcdd8c6882d24842ace67ed3010133b006ba9c0c4aab6b6e0062042ea20d269665d6c68f6251e266ab6fceb4ff9ca824b7544cdd9b89019b47e2941249767ecd49ba0af0ef13663397096f8580fbf78ee3019b5e61d4d5317d68efb88bd315f45e10bc0dfa19b856e4cc6227c192d6d37152dff5a8f25623156c1bd", 0xb7}, {&(0x7f0000000680)="629bc1eaf6f7fc830a57abc494ab5691275bc074483d8e04807fd9d0121d102c4487abcfceedd7a82e56241900337f72d282a02266032c04d1354d547493e6fa6206b45e6a948e9cfa9be505fb44f70dace47487df336bacd2b683f47dcd6a20a02cac435c0729b4e2bbe72db5f231", 0x6f}], 0x3, &(0x7f0000000ac0)=[@rights={{0x18, 0x1, 0x1, [r9, r10]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r12, r13}}}, @cred={{0x1c, 0x1, 0x2, {r15, r17, r18}}}, @rights={{0x2c, 0x1, 0x1, [r19, r20, r8, r21, r23, r24, r25]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [r8, r26, r27, r0, r3, r28, r29]}}, @cred={{0x1c, 0x1, 0x2, {r30, r31, r32}}}], 0xf0}], 0x2, 0x64840)

20:03:18 executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000001380)=""/65, 0x41}], 0x1, 0x5)
clone(0x4000000006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='stat\x00')
exit(0x0)
preadv(r2, &(0x7f0000000500), 0x37d, 0x0)

20:03:18 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:18 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0xb, 0x0)

20:03:18 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:19 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0xc, 0x0)

20:03:19 executing program 4:
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x7, &(0x7f0000000140)=[{0x4a1, 0x1f, 0xc8, 0xffffffff}, {0x13d, 0x4, 0x69, 0x1}, {0x0, 0xe5, 0x9, 0x80000000}, {0x7, 0x2, 0x80, 0x7}, {0x1, 0x1, 0x3, 0xff08}, {0x1000, 0xe1, 0x6, 0x800}, {0x751, 0x1f, 0x0, 0x3}]}, 0x10)
write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x1}, 0x7)

20:03:19 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x0, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:19 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:19 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0xd, 0x0)

20:03:19 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  801.168675][    C0] net_ratelimit: 20 callbacks suppressed
[  801.174376][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  801.180420][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  801.186279][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  801.192091][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  801.198093][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  801.203937][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  801.248740][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  801.254562][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  801.648722][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  801.654660][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:03:28 executing program 5:
write(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x0, 0x803, 0x0)
getsockname$packet(r0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x10600)
ioctl$VIDIOC_ENUMAUDOUT(r1, 0xc0345642, &(0x7f00000001c0)={0x5, "95bb7aef64c287089d5de3e417bec6fc0f12ad40300090426323a402f80fd4f7", 0x1, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000480)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150600000fff07003506000043fe0000070600000ee60000bf050000000000001f650000000000006507000002000000270700004c0000001f75000000000000bf54000000000000070400000400f9ffad430100000000009500000000000000050000000000000095000000000000001c0a79e8169d3c2792432a4fa650c512aee994a56462712cb064ecd5615f3196e3359aceb768637e60bd5d2e4b5992de991371274fdff6e79fc722e25659a7c85615c1b88bc894123cfe2314e887efecdcb7381ef4932cb0dcebea6d90e9c1677fbefd35893d883a2c559b7a34db461b1974af360eace66cec40d92706d0bbcc5bf6fec345ae9606c3c1a348f9b395"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1}, 0x48)
exit(0x0)
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x83)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$IP_VS_SO_SET_FLUSH(r5, 0x0, 0x485, 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305615, &(0x7f0000000200)={0x0, {0x7f, 0x7}})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
dup(r6)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000100)=0x3)
r7 = dup2(r1, r6)
ioctl$PPPIOCDISCONN(r7, 0x7439)
sendmsg$TIPC_CMD_SET_LINK_PRI(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="05000000000000000000010000000000000009410000000300180000001f657623193165a211fd00000000000000000000000000000000000000000000000000000000007100"/98], 0x68}}, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2042000}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="d100ba00ec8a2bdef4b494e3066e2cf3fbe9a83af263b23253019535b881fd48454c97175f350e", @ANYRES16=r4, @ANYBLOB="00052cbd7000fddbdf2501000000000000000c41000000000014"], 0x28}, 0x1, 0x0, 0x0, 0x4050}, 0x8)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r8, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$EVIOCSABS0(r8, 0x401845c0, &(0x7f0000000180)={0x7f, 0x22f5, 0x4, 0x0, 0x4, 0x200})

20:03:28 executing program 4:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000180), &(0x7f0000000200)=0x4)
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dri/renderD128\x00', 0x3570c0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
bpf$BPF_MAP_FREEZE(0x16, &(0x7f00000003c0)=r3, 0x4)
ioctl$DRM_IOCTL_GET_UNIQUE(r2, 0xc0106401, &(0x7f0000000380)={0xc7, &(0x7f0000000280)=""/199})
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000006800030800000000a9030000020000002000000008000100575aff9fefebf9ae20ba855acbbe72f36b6744254ffe2e4173a057dcd8d2476d0479b7d4380144abbbb4bc94819c7fdd68561939066d757a3cc10ed9abb13edfc987bdd028d9a5605d1b73d76ea549e2012287087c9acc53ec20b742f7", @ANYRES32=0x0], 0x20}}, 0x0)
r4 = socket(0x10, 0x800000000080003, 0x0)
sendmmsg$alg(r4, &(0x7f0000000140)=[{0x0, 0xd2efff7f00000000, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0)

20:03:28 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0xe, 0x0)

20:03:28 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x0, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:28 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:28 executing program 0:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000534000), &(0x7f0000000080)=0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, 0x0, &(0x7f0000001600))
openat$zero(0xffffffffffffff9c, &(0x7f0000000680)='/dev/zero\x00', 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000008c0)={{{@in6=@loopback, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@remote}, 0x0, @in=@loopback}}, 0x0)
setfsuid(r4)
r5 = getpid()
sched_setscheduler(r5, 0x5, &(0x7f0000000380))
sendmsg$nl_generic(r1, &(0x7f0000001d00)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x38000021}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001d40)=ANY=[@ANYBLOB="28040000400000082abd7000fddbdf251d000000ff8d0ec5f515954747618132c2cbea11f0658437edbf34e43f805e194bb4f9d8e6a9e821b946341ae93d54521939e686723d74b32a90ce380141d6fd32c68363d93ebd1e1d814d17e614638d80d01f76b9de0aea4f10f6f80d4af4523415efd2c4d6c40220c6808aeee102abe94dffc365cc8304692178778286f8764b598453cd495e048f78883c0161007c0c0c3d07d7b8abead505355b362f73145d0df370899de1a61ac65268df80cf3c788aacbe11d1a130d2846d1945f97d1329b90dca70c09905912bb4a47ec066c4e27642ffb7ca65fb423fa476155949f95838bc93aad33163ab80f816bf24d7732d0e4a223b90a40eac667de9175b9d9a78c795577ed1b435567545575dd2bfe8baf73c7faed39661c0642e9cb78bcf1ab048517481538b0d8430799f41c137fae1ed3dc23148eea3e59faba0f1e4117d0f211b5f60600a850c1bf032d03c2855ac0784613113b6535aa7af822828cf57ebf081aa94d77f0062db41cb8876d822c77a0d9725909b65b2bf13fe91636f84ccaa31b9c60387a04db025b53c2260b07c4ad478627e29076df83cc2d61fcdcf7f04c56508e4ce04003ab8eafdfd4dfc3882591ee2ae531d4ba347224d118d128dc5b70bf7000008000200", @ANYRES32=r2, @ANYBLOB="54006a000800560026e6bf358f8f8988bb0aa0703cff8eeda0e7e14f431a001dd2f3a51c4341fa53f555222fd886cbe342f8a03c52c8e8d8e83f87fd2daccd31dac6b816182ad33455d746d37b456b944c32cff21966a02037bafc2550e29f5fc238020ffc9775b2fd4e693a0c104f59ef2e198a6dab14b28cdaba7e891772", @ANYRES32, @ANYBLOB="14003b0076626f786e6574312f766d6e657431006906cdb996a516a50891882f898127f257a5c7eac7faa399624a72c713f2fbee57dd1186c17656b277a508000f00", @ANYRES32=r4, @ANYBLOB="0000104b87cef0a0ec88cb50e5beacb44c0e74e813b0d60a9ca59616a13b409de46e70efd67ea8b30b0fbfaaffce6c8f359be3c20491bf567f0bebf7e518fb0d0552a32fe3b391713bdc8a69e1ff91ca3079fd7e0ba2be90d5d12f584387d6bbfe3648c8695733142e4aeb449450a74da40000441414ef58a3121e6f188ab70643359849701f576db5e884ce43546f4501adb19a7f18da75b8b54f9761d4e5790e861eab412752a2276bd9a6f12556e76c003500e96e77539bdb349e1bf6a1a454c3608ecfaf96e56241a8c6e262ae34c105695b692e42be85248b01e0c216010000008a9508094b6c1794c3be2b67277163b86e47da24859bc1ca9d2a871e5d753875ba391dbf87ce9e242abc698d953b6f0008200600"/288, @ANYRES32=r5, @ANYBLOB="446d67f6ff15447011c1317fcace6a19a50ad68a356ba970e89db99adf085c859054e229eaa7f3242717ab40cff745ef2cbb9d6c25d3200ebf797b45ac023de1ac900035000c005c0098030000000000002c631815e103eb5e979c0900a8f31f6a07c2fc062bc038906dc27f119b3925064b614f77d55ded9b328b05e6b05a20f4dd7592bc92984a0f5dce320cda0a58860d9cbfc821442f3f250aedf3e0753e80031a19e62d0c7b7ac80d9de98cd5b862fb3899644031403f96b81fd073e2ef3a9d06fde5c9a5ee935e8b83b171e1bf000000"], 0x428}, 0x1, 0x0, 0x0, 0x20800}, 0x5)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
semget$private(0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000540)={0x2}, 0x4)
r7 = syz_open_dev$vbi(0x0, 0x2, 0x2)
r8 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$VIDIOC_G_EXT_CTRLS(r7, 0xc0205647, &(0x7f0000000480)={0xf000000, 0x3, 0xb7, <r9=>r7, 0x0, &(0x7f0000000400)={0xc4303adec06c51cf, 0x200, [], @string=&(0x7f00000002c0)=0x40}})
getsockopt$llc_int(r9, 0x10c, 0xf1388cbce8873513, &(0x7f0000000240), &(0x7f0000000180)=0x4)
vmsplice(0xffffffffffffffff, &(0x7f0000001640)=[{&(0x7f0000000280)="440a61f251c1c4e23486312947adcce7af5edab79d00ebb855faa5a27275e95907d782f4e6f980b4ebe9c71ca91341e584", 0x31}], 0x1, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r7, 0x6, &(0x7f0000000500)={0x0, &(0x7f00000004c0)=[r0, r6, 0xffffffffffffffff, r0, 0xffffffffffffffff]}, 0x5)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10)
pipe(&(0x7f0000000080)={<r10=>0xffffffffffffffff})
close(0xffffffffffffffff)
r11 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2)
ioctl$NBD_SET_BLKSIZE(r11, 0xab01, 0x0)
splice(r10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in=@dev, @in6=@empty}}, {{@in=@remote}, 0x0, @in=@loopback}}, &(0x7f0000000040)=0xe8)
r12 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
r13 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0)
pwritev(r13, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a3", 0x1}], 0x1, 0x81003)
getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x7, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$LOOP_CHANGE_FD(r12, 0x4c00, r13)
sendfile(r6, r12, 0x0, 0x102000002)

20:03:28 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0xf, 0x0)

20:03:28 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:28 executing program 4:
creat(&(0x7f0000000080)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x0, &(0x7f0000000280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@allow_other='allow_other'}, {@max_read={'max_read'}}]}})

20:03:28 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x0, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:28 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x10, 0x0)

20:03:28 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x0, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)="6653070000053c27bc3376003639405cb4aed12f0000000000ae47a825d86800278dcff47d010000805ae64f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b16d6f2c59957ab364884b3c5d05692e664ebf68e6faa53367f05f4ad61421349f2f11e931e7d62ead037cd2157df6b2bcb47fb53455560c8ef00fca4fafa924edfe92175aaa1c4ecc7aeeb72e", 0x14a}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  806.999185][T13040] syz-executor.0 (13040) used greatest stack depth: 22008 bytes left
[  807.408695][    C0] net_ratelimit: 20 callbacks suppressed
[  807.414792][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  807.420837][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  807.426630][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  807.432377][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  807.438161][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  807.444125][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  807.488722][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  807.494591][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  807.888686][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  807.894516][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  813.648695][    C0] net_ratelimit: 20 callbacks suppressed
[  813.648701][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  813.660232][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  813.666128][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  813.671978][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  813.677808][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  813.683620][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  813.728694][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  813.734649][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  814.128620][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  814.134472][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:03:37 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x5, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x2, 0x73)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$swradio(&(0x7f0000000200)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000140)={0xf0f041})
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffa000/0x4000)=nil, 0x4000}, &(0x7f0000000080)=0x10)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TIOCCBRK(0xffffffffffffffff, 0x5428)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000000c0), 0x0)

20:03:37 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x11, 0x0)

20:03:37 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$kcm(0xa, 0x5, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:37 executing program 4:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f00000003c0)=0x40000)
syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x8}, 0x8201, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000000), &(0x7f0000000080)=0x8)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000001600)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpuset.effective_cpus\x00', 0x26e1, 0x0)
syz_open_dev$mice(0x0, 0x0, 0x8400)
ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, &(0x7f0000000000))
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000001580)={0x53d2b708009d0c60, &(0x7f0000001540), 0x1, 0xffffffffffffffff, 0xe2c1a59609f47730})
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000140)={0x0, 0x2, 0x1006, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
r3 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0)
remap_file_pages(&(0x7f00001ae000/0x3000)=nil, 0x3000, 0x2, 0x16f, 0x100020)
write$cgroup_pid(r3, &(0x7f0000000300), 0x12)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x4400, 0x0)
preadv(r4, &(0x7f0000000380)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x100000000, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000014c0)={0x0, 0x0, <r5=>0x0}, &(0x7f00000001c0)=0xc)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000002380)={{0x0, 0x0, r5, 0xffffffffffffffff}})
syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0)
lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300))
r6 = socket(0xa, 0x3, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4})
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000001400)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040), 0x0, 0xb}}, 0xf)
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r8)
r9 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r11=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r11, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
getsockopt$sock_cred(r12, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r13 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$key(r13, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001680)=ANY=[@ANYRES64, @ANYPTR64, @ANYPTR=&(0x7f0000002400)=ANY=[@ANYBLOB="de39eec890ef74c178346fc9d55a91f2f920319f375ec6328a3f9b36a89adf209fb73e5bcc8257d934ad4cd4cd8bf79f4242cfb4c66202", @ANYBLOB="ef3154c9829a6ef5671d083e5d9c81c8e0c595b98e6da5b64f64d231746c10fe0036170e3f18f845b7f981ae374fbe7e3a6d1f70f42757f83f19395bde4a03fb529c3011e670411eff93fcb251647b99cd73e40916aa24fbfbb6e55ff5096e277d88827600ba3a9ac7b2aa877f54dd211e7ec144ce71cc17ecbe4ac68951712f26df0c106e825a951bda4b7443a14e3c192f736b46597fb1b710785a38cdcbf9f05284077bf9bb2b72ae165aa653573c451f04044912a89fa9b46e664ad859a4762a1201bb51da3bbf8de5bf43d31be72513babbde3a2fb78a292da0a9aacffd459af77f26fb3622d6e9c3743e34db90e8b7b4339307ddd515cbad2025e21b66f12aaeeee1186ac317fada3da2480cc6f57e74727ef4f664e3d6bb64b355b14f57310e3c412805c8767682f15301d44bdb524baf5e02ec6a7f081ab1403a54b979dccfe5f79ffaadf58c2642017882753067935c4e7cf8f3ef229f4b6ddfe2296d2a52d242c7aef3b581c1d5e6afb9d6897bbf925c2c32be840e006bb6748e4b63ded4574faeae9294e3f646601d6eebc51ee2866f3b6e93b7986fe939d81a8a5ae7673509c05f8733f4245de048f41cdc1896ae7ba252abb1486a0dad2dc28bc12df2f8f3b8e2610cd5b8c3cba89ca99ff13b208a458fd8d146bf792f5710daedfa3c5db04a5f378aed479884d9ff92944afe12b7bdc11f82d610c003635befa0cf124ffbb014e83ab3af31fd12e5ff7d16d874506492c28bf76e9c5339dcebffe3470462f2b66f9953a091bf4547ab6f88d0469b085b900811ac2a8b3221740219ad1832b6db2117cbdde83d38d997fc49919547f9ad90f0e5bd7b0b8312f16a98859b9aac1879bccfe73405fc4d88e0bc8f2403b734bef1b6b8d8e325c8b11c40754040937bf13dbf7c1fdbab9ce544a3f70db22ef8b18de6802758478db009c4b2df38c09fe92c850b54f24f833e86559d4c95fecacdafb17da6d3e1032eb6a4cb4135faf630cdcfc62b527b9f8fa2aeeb3dbe7c0a549032b4c5d33a2af73ebacb8794cee7de15ea7632e476b0908ca40ab4b7e8182b317b40cca000d2babe06f9156d5e11195bc8f514c54d75038e498380b545896d8cb1ddc232b864bf3b3ca4be339437aea9b00b295831740ba28a0c74a50c9d866cdeee9711e6417ecd457294bada3c3620f0c9615e1f3aff4917e55b395798f78709f68cd61f51435a13436cd2ea42bf95b699d4201849076fde0a03909111fc5077349b8ab64ba4b9eef9d14d0980aa3574a70cdab871a40468f0d3422dfdfaf95771bd5a306415c21388efadaddcee3db428819fdabcbe189d21015b31b48f0cccd07933d579f069d828e01443f1804f708663568db78caa7536286e67b97b3fcd3a7da0e0c7026d77053beb6c0f9e38877915e24225f01621403ac203619e7684d3af0bfe010b77f4da147516704b2055d82114941dafd355b475b7c009c261c5d5a24287d836318042763998a696434574a86acf6203b0775d2f03c36c08f569293b80690c6105dee7bdbe05442774b47773701078d5c9cc582a517cf9bf0d31b1cdc4b90edace5b67e00c4d40d3aa373af39fbb1ece5a338794d165accdb70453ec0efc0348ebb7e36df54701aa50f009f4e1d262bb2d893495daa89988bce29f333ffb2c73beb18022891e4e15c6d740aef534c7605f54a8d0e95a3eccd4fb303404b1cb26569d39bcad74aa705ef401d575815d59adf9fc2b984802e33608486a881e3fd3cd1fb677bbe959f63bbbed16283cc50ba56584b869e41e9d85b8aed15c70f32fb4c80079fb62ec8e2382d8c6ff8e3c876015406f123fe41ffc9dfbac0217c3d3549e97ea6faef0d79128f1281ee1167be51cbd00f343ed37c8f80a47e295c7a1bd7cfef2fdeba181f36b9c0eb131f9990610939fa5d73075a2b581177343cb37dbc2e2c588629554870245761b39bd9d2451dc1d2595bbcc8487f96dac037b5a0bfef1bb280814567dc22dab1e8207a5d2f82b887a92cd6e883e871ada22503001a01eef6f17dfba798544fd5379fb758ba30cb97a2115d61ebd6316cd47782274a3c07bbb2b1ad4826dd0504c4eb93b0561a0c94dbe71fae893908b8cc1261747a7ca4a3518f33757de142222f9c2433cbdf3f8a4b9e4524eac7847478d52881f2e55326645d35c52ae3a4dac192e0bccd6c95baaaff1f95bf4fb0c9c797fa65f89f654b304c0349083005239b9a36e498bc6055229292fa4cca59108e6e384f2ea58a96d03e226be420eec8a0785ddc2feb7c1f55f8a1806c71ba70cb33c718de02408b6162250ca7bd695ab91f39e8c903799859224f71a5da587fef470ee1d66c815b6cc2bfe12f830643d0e062cd1682ef57e951109bfa7fdae152ae30d84bab5ea8dbeba4223ffb2f82b53f719fc59cb6f6b69d6eceb2a5309b76254c9d1f2831806baf4c00d58b003d2ec16d256fb3792e067f9d1d9d659de4c5096a4f2e8ce96104f69c1ebf187715dee7d54a17c3ca4f2cea1af19f711531e4f6d81f5bce07c16f3ceab2a8e5b6e7c0feeb1dcc7ff3e8da512a75782e23eff784084a8059277d0552050ed5cc9718ef9d32d9f5cb48e9db5e8f63dd8ed8970798d718eff0382efab1f64ea92e3cececef289ea77a3c18e8ca067de6d136a5c7d363aa5c278b223e2edad9adf8d1b36493a9d86ce5037489b361fedc627d8ac6f64483d237ba7477669b6200b85c468156f550bdb67bb59a303f4f71c4012fa04afc4a8cf5a2be1201704755bb5afdf0ec3ea1d18595bc1be335df7a416263cf68ad3dcde1f53d201bd5def31a16e4274ff781bad10a9aec187784807c65d064d4621d147b6609af5be76940781776154f5699d1e714929debdf100730b6193ae1e7ef4bf6bacbcd2891a355ef464cd19c4f92402755a9e2bcaec688ea428b5f43162549d42ba6aa779951528d32f8db9b445e549cedf36415008e37de85533b4111bd469a6eaa691ec40d451fb108233bcc92e81f7a83cd3fe6d1163da2a5b205711b83fa9090761e8f21518bbc0848b8803106f1e236215db48a196ec2a95b6ef99267c22033c08cfc6a3ed18609250ddaed30329ced071a60e83c59d8eaa4c9962406384d5be3bc9c2360509ca1a7fe172c36090508a6b391dcc9103c2621b7f51ca42200f71e40efdd8ce39c2b72f9416641378a5e6f7f9d8bb94b89f62b3621ddfe3c3c676dac09971786c036b0d79178aff3d4bf5abf67e1e92b596a245627a245209ff07e420e0f1b36b37b48ac81bd8bf2fd71592be74458967abc621e396eca81b7c1593ecd74519917615cbc7875e8c2f23226379526b6e07207f245ea62eb4e0df2eb008b397100e99b847410637e6a51a5ff0b5b2860efd0e9b0a7f28fc6cd1563949d233d8b77d37ae19094075f857ba38c4103108a2e7ee798265c8a56b087a2368e38ef5db0bc0b924fe0c9f907689da20c16baed686187aefd691a066946b5d9dd584d9e32413615fa3a82f4a70664851ba87343c13b4327818d4fd5aac3a0b9db8061f1b7968aaa704fbc400a6e6311c78d13adfbac01c4fad19e4405921b5d1096df8469f1d6a79ceb8b6b18a66071bd221e7e52b1e550cb074d9d44294a5662f7f927dadcbbd3a42188408d9a82d3f5ea4faf71301d9d3f0ada6e6f7aa20c69afe43fc52c93e9d0b34df0b7797c45ced99cf14ecc918e0da0d5aede66874758dfbc59ffe0abeec9103ae05cd81f4632efd7203bdca6b426177642c4b723424e9d9b4fb699b3a65f7e8b7a195864b6bac26d01b71e8de28af1e694828e574ec09f67bd7821d30c98a49468dc03b2e3583b7f79cc5b152a565d35e9ba1f9bd96e9f0eca67ec2ec785de7f47a91ef8cb4ae8dc383ec2c744a52b9c1ea0bf4f1d154cbf7535f75c90dc1ba6ae98442f0fb36de83421fb5707a6ea7e9dc6139370fca4bd563ae8b32c25e30df81cf036e4f3449d17d1c5e59333b05bdbf7ba5e6e98d95817835b6898e2a7c05dd97a4b025b7fac1b38d1fafcb381be6becb90d8c156c2b7739dfaf8d2abab425e86595d82e379e207c2c8a4fe377dac4c0fe3a53d7477990d4ae175175ef99f0f8389aed6f0b24dce9e05eedecc83b61a3c820cbc7e06bda1dad25d2ab6a600ccd8129417bad582cf777e2e263d3c024817ab5212f30ab2003f944b587b1a8d7068a809d29337ab5bb7b1bd330484b534d305eb37e81ac806367ef993ac9cb903b501ea72496fffeab41acd6ba15954c5d1cb395ee7874541bb9b457d8bc7b219a544b801025d6dde42d8f82fd566257263a8aad3892cb98e03d8da6f870d3860663b59f97b79225b7c287b0853fe9773ed2ca043d30e2cf6907ebdfcdc6b4f2d26c4f6a170c2d1942c672fa26227d6b217a242692cd6163b1b38c6b4c7fc1b8da4fdac509390a17233b949a6ec8fec9b803b2b67f0dbc081242c4272b6ed2e37b316fe775f5b5cc42c9fee258b38cde1a429efdd56832ffb995b4030f7508c8fc369c16a6179fed1a3b4a54dd75c8df776f8d82e16fed2d499b51c3a5a1d4879e0dc073fabc31f9fc958752665d50773d8dd1e97cd58d7a965759d4f36b38982b6c7681a345b1d85d1a2c05a0a11c90476e925d44bfd6b6886ee80c45458faea4c1c37e685b8a3b72999c3f49bf410dafe1931c2f87d34f0fc72a283781cf3e6ad92dd2d8a81c97e40557e4042e6a8d95a23d243e9671fa11e68a0d8f0487928637ae04fd19691192204c810b59d555a2217954b6c6716310af674f05dcd115af4079d7948af1935f18bb2345cb1d97cc6dc0c779c68f44ffd657ca8d7cb11bb9fee8a60b0c259dce07e607e7874adaadd99008c0de1d3917bb52e19a291156486554ea6d81836bc1a4926784cdd0f57209b2b172d19ec9ccb9b8651f91abb1351d47bbba7f906949d3db453b70769575c85197bb644d169813f6fd41f05e58bfd87b30f491b2775ae54546ad2edcec504c384e621f2fdf8572ecc77010adda1160a01e0aacecde2e7b414be0156a112959e2f2bf038b8e24b75f23e0f2964788307ebc4faa3d9eba1b9a5a6072d50c7eb99c9c6485387fffc39e82bddfbe95edb44951bb2e951d4bcecd44232450d4bf49dd9c8d616d74db4688254d867b6fa9edb1997a9da46580a03254a57834074029eda27a5013e1c0eccfb3a4294113fb71fd587f1bfc47078786ed0a66e3fffe740325e6eddb8e95a9e7a3de9c7a2d46ed33b704fdf7600f8aa58914179432d07c8be7a7dee5351f5e1fdee75676bb354cdebbea8cf8b1f55154273e0e5b53ccf7d3b6c97687b2bc1dfb06b41e63e1d6e5bfd79d71209fd096f65fb0cece68ab4ec640a927817c0d0ee854bbb5e7d912fc62ee66020c3a0acfd7ca4d48f02539aee3917df7ca2679803ef6fdb4acf81ef9ddedbee10d7823bc09b5713169c3d55a19eb91dd14c3f613f09dc5a90b0078f54b4fe2165d859a1bd94f33ca60060470018e1191e51d7c23cb0289b2d2f5a682b835e8179cd01e6785c1e49e842b513cf9e1215ddca42caac869d664b69ee07e0cc65a86f807e718d0c3d20ea6e6c638962bfef1060e3d919515e182097a279c88f04f400f7daee23ae30da3e22c4eb031fa7d8651080f66d9ab55f52d33834a541072a962344dda816599f4fe3318f614588269c1f8985d2bd193ef2a1542bdaddec2ef0445ba9225e28dfef901bb66ee70a5aaaa484b33789078c22516ddf02933d22c8353109f767d129cab69e2d5add5bff4cbc8e3c334e77be90a254"]], 0xfffffffffffffe81}}, 0x0)
r14 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x1e1840, 0x0)
ioctl$TIOCSSERIAL(r14, 0x541e, &(0x7f0000000240)={0x4, 0x0, 0x2e8, 0x7, 0x0, 0x0, 0x0, 0x1c200, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

20:03:37 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:37 executing program 0:
socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="440400002400070500000000"], 0x1}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000280)={0x2, 0x1000})
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0), &(0x7f0000000140)=0xe)
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000080)=""/19)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/group.stat\x00<#\xfbW*\x1f\x02\x94\xe6\xf3x\xb4\x1a\xd5KM\x9d\x9a\x1fc\xf8xZ\xd1\x88\xa7\xe1\xc8\x88u\xe0[\x18\xa4\xcb:\x9c\xd1-\xce\xa4@\xd8\x99\xc2,e+:G\x1bJ\x7f\xa2\xf3\xfd\xf6\xe04\xd8\x04\xe5\xf0\xdfK\x1d\xeeH;\x15v$\xc5\x9c\x01\x00\xe8\x9ej5|\x00\x00\x00', 0x2761, 0x0)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000180)={0x0, 0xb3fc, 0xb706})
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f00000003c0)={0x60000, 0x2, 0x2, <r2=>0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x980903, 0x7ff, [], @p_u8=&(0x7f0000000340)=0x5}})
sendmsg$nl_route(r2, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0xc000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=@ipv4_newrule={0x24, 0x20, 0x100, 0x70bd28, 0x25dfdbff, {0x2, 0x0, 0xa0, 0x80, 0x3f, 0x0, 0x0, 0x7, 0x12}, [@FRA_DST={0x8, 0x1, @rand_addr=0xfffffffc}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000800}, 0x2400c8c0)
ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000100)={0x0, 0x6ff3e968})
epoll_pwait(r1, &(0x7f00000001c0)=[{}], 0x1, 0x1ff, &(0x7f0000000300)={0xed}, 0x8)

20:03:37 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$kcm(0xa, 0x5, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:03:37 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x12, 0x0)

20:03:38 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$kcm(0xa, 0x5, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  815.920384][T13100] mmap: syz-executor.4 (13100) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
20:03:38 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x13, 0x0)

20:03:38 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, 0x0, 0x60)

20:03:38 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f00000000c0)={0x3, 0x70, 0xa8, 0xf4, 0x7f, 0xfc, 0x0, 0xfffffffffffffffd, 0x93180e5717df8002, 0x152ba3848411bac5, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x4, 0x73dffa17cfefd533, @perf_config_ext={0x400, 0x8001}, 0x8, 0xfff, 0xcaf, 0x5, 0x2, 0x3, 0x7ff})
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$bt_l2cap(r2, &(0x7f0000000000), 0xe)
r3 = accept$ax25(r1, &(0x7f0000000140)={{}, [@default, @default, @bcast, @null, @remote, @null, @remote, @netrom]}, &(0x7f00000001c0)=0x48)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000200)={0x7f, 0xc, 0x4, 0x5001000, 0x3, {}, {0x0, 0xcf1b836b9e7ab9c7, 0x4, 0x1, 0x3, 0x20, "1c663247"}, 0x4, 0x3, @userptr=0x1, 0x2, 0x0, r3})
dup3(r0, r2, 0x0)

[  816.045158][T13100] bridge0: port 3(gretap0) entered blocking state
[  816.086777][T13100] bridge0: port 3(gretap0) entered disabled state
[  816.152477][T13100] device gretap0 entered promiscuous mode
[  819.888670][    C0] net_ratelimit: 20 callbacks suppressed
[  819.888679][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  819.900299][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  819.906138][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  819.911916][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  819.917770][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  819.923615][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  819.968743][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  819.974777][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  820.368698][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  820.374610][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  826.128624][    C0] net_ratelimit: 20 callbacks suppressed
[  826.128629][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  826.140228][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  826.146055][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  826.151870][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  826.157673][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  826.163442][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  826.208678][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  826.215217][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  826.608641][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  826.614535][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:03:49 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl(r0, 0x6, &(0x7f0000000080)="0800b5055e0bcfe87b2071")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="7c0000002400070f00"/20, @ANYRES32=r2, @ANYBLOB="00000000ffffffff000000000900010067726564000000004c000200080005000000000008000500000000003800030000f10a99c12289bda40000000000000000000000170000000000000000000000000000020000000000002b5ad0dc7d790eb50e988b588e7d45bb0515f857b2b48b919d4f9d87043c0eac67a3fb6cb2b4cf9ad40984376bab97765402abf984c13b680e03100c64d7079671438d28933b655102f643f562deec5710ee76180096f711cf6754d3755f9e475d096723b55d6d298273ed5425f8f498700ad9d8692c9943de14da8b239f376d82f171e688ffd4a2e39cd4b5a7f3d0bad7d5913c2e217c0fcf867c9f3dacaf2a896c0c8495fdd018561809652dbe2bb873a8daf46848e22748b0499d99ae311562fa63cd5323eae82eef4eda6bf4c738f1e31bb74dc322faf430e9753e7da1c79e275c9b93e1da93be40e12eb836f741e596cb4620f5bcc3f36eeb9b2ed0bd13ddd95fcb665d4104d6b36744d1f26f94416087808236131f6f3046d7c9808c27df3070540473b8bd05eb9b40f531c51424870a77838d7f5d05a6d0bf2ad7a98d0f43cbe7507dd829255c66731af1e0f4d9bd0feb537f0ae76e838dc9698c598ec7029d9a39be83b85329655ab511e70d15dd061b2de2fe2a37fa3a1670b3b33d47ec1dd45e8a5f895a84dad5e8113f198657b7856a9301b99052b390970000000000000000000077f12a0c2ec23a104cd48edfa278ef3b47ce1a1718d642eda73e3ef8a5a1b916ea9918b036cdfeee3a120000"], 0x7c}}, 0x0)
r3 = socket(0x4000000000010, 0x1000000000080002, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000))
sendmmsg$alg(r3, &(0x7f0000000140), 0x42, 0x0)

20:03:49 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x14, 0x0)

20:03:49 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, 0x0, 0x60)

20:03:49 executing program 4:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = gettid()
sigaltstack(&(0x7f0000338000/0x3000)=nil, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0)
ioctl$TIOCGPTPEER(r1, 0x5441, 0x10000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xf)
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f00000000c0)=[{&(0x7f0000217f28)=""/231, 0x5df211b9}], 0x23a, 0x0)

20:03:49 executing program 0:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ion\x00', 0x0, 0x0)
r1 = syz_open_dev$dri(0x0, 0x0, 0x0)
r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000040)={0xa925, 0x2b, 0x0, <r3=>0xffffffffffffffff})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
r6 = dup(r3)
perf_event_open(&(0x7f000001d000)={0x1, 0x335, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000d06000)=0x1, 0x2)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
shutdown(0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000001c0), 0x460, 0xea225aec34b1dd0e, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_PRI(r7, &(0x7f0000000140)={0x0, 0xffffff9e, &(0x7f0000000100)={&(0x7f0000000080)={0x68, r8, 0x101, 0x0, 0x0, {{}, {0x0, 0x4109}, {0x4c, 0x18, {0x200, @link='broadcast-link\x00'}}}}, 0x68}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@local, @ipv4={[0x0, 0x0, 0x8], [], @loopback}, @initdev={0xfe, 0x88, [], 0x0, 0x0}})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000000c0)={<r9=>0x0, 0x0, r6})
ioctl$DRM_IOCTL_GEM_CLOSE(r1, 0xfff3ffb3, &(0x7f0000000100)={r9, 0x7000000})
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r10, 0x40086602, &(0x7f0000000080))
ioctl$TIOCNOTTY(r10, 0x5422)
dup3(r0, r1, 0x0)

20:03:49 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:49 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x15, 0x0)

20:03:49 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, 0x0, 0x60)

20:03:49 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x16, 0x0)

20:03:49 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x1}], 0x1}, 0x60)

20:03:49 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r2, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="c4000000190001000000000000000000ff010000000000000000000000000001e000000180000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c1151ca678c9e6d000000000000000000000000000000000000000000000c001f00080008000000000092034fa5f3441f1bce700e4ab74d7c24922641340c2151fe83984f2eded5a7a8f834d65eb81d872bb89c01e5c0ed021be506a81ae96d9c012ba8fd172aa880d6fe91df594fec862c4be9c9f4d78936d9e496b1a161a0b61b74d14c6c60f834900845e17878bdac175f0c015a69592c8ab6a9fc3be699d06ef25377e6d8afff7ae6ecaa60bcaa30ec08f16376c662e8584ae179df91698caf487397bbd87b6367a7fd2b031c72"], 0x4}}, 0x0)

20:03:49 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x17, 0x0)

[  832.368653][    C0] net_ratelimit: 20 callbacks suppressed
[  832.375056][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  832.380901][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  832.386768][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  832.392552][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  832.398452][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  832.404223][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  832.448769][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  832.454739][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  832.848676][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  832.854545][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:03:58 executing program 5:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800004000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x808480, 0x0)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000240)=""/48, &(0x7f0000000280)=0x30)
r1 = open(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000000)='./file0\x00', 0x10)

20:03:58 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x1}], 0x1}, 0x60)

20:03:58 executing program 0:
ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0)
lremovexattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=@known='user.syz\x00')
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e21, @local}, @in={0x2, 0x4e24, @multicast2}, @in6={0xa, 0x4e20, 0x3, @empty, 0xffffff03}, @in6={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x11}, 0x6}, @in={0x2, 0x4a21, @local}], 0x68)
r2 = socket(0x2000000000000021, 0x2, 0x10000000000002)
sendmmsg(r2, &(0x7f0000005c00)=[{{0x0, 0xfffffffffffffd95, 0x0, 0x0, &(0x7f0000000000)=[{0x18, 0x110, 0xa, "ec"}], 0x18}, 0xf00}], 0x1, 0x0)
connect$inet6(r1, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d36020a8447000b4e230f4e230000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e232e725839c97b910000", 0x104}], 0x1)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
setsockopt$inet6_IPV6_ADDRFORM(r3, 0x29, 0x1, &(0x7f0000000040), 0x4)

20:03:58 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x18, 0x0)

20:03:58 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
mmap$xdp(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4, 0x10010, r0, 0x100000000)
r1 = socket$l2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000100)={'dummy0\x00'})

20:03:58 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:03:58 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x19, 0x0)

20:03:58 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x1}], 0x1}, 0x60)

20:03:58 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x18, 0x0)

20:03:58 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000100)={'nlmon\t\x00\x7f\xed\xb1[\xe5\xa3\xcd\xb6\x00'})
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x809c0, 0x0)
ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000180)={0x74, 0x0, [0x10001, 0x80000001, 0x0, 0xffffffffffffffff]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = socket(0x1, 0xa, 0xfd)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
accept$inet(r4, &(0x7f0000000200)={0x2, 0x0, @initdev}, &(0x7f0000000240)=0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x32600)
ioctl$TUNGETDEVNETNS(r5, 0x54e3, 0x0)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
dup(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = dup(r7)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x4cb], 0x100000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

20:03:58 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x1a, 0x0)

20:03:58 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

[  836.807667][T13209] kvm: pic: non byte read
[  836.820446][T13209] kvm: pic: non byte read
[  836.832193][T13209] kvm: pic: non byte write
[  836.845206][T13209] kvm: pic: non byte read
[  836.878038][T13209] kvm: pic: non byte write
[  836.895656][T13209] kvm: pic: non byte read
[  836.919607][T13209] kvm: pic: non byte write
[  836.925016][T13209] kvm: pic: single mode not supported
[  836.925224][T13209] kvm: pic: non byte read
[  836.937109][T13209] kvm: pic: non byte write
[  838.618652][    C0] net_ratelimit: 20 callbacks suppressed
[  838.618659][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  838.630543][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  838.636365][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  838.642299][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  838.648662][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  838.654468][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  838.698715][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  838.704550][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  839.088681][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  839.088733][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  844.848654][    C0] net_ratelimit: 20 callbacks suppressed
[  844.848662][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  844.860377][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  844.867218][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  844.873531][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  844.879856][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  844.885831][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  844.938707][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  844.944580][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  845.328611][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  845.334584][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:04:09 executing program 5:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x89}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x19c, 0x2, 0x0, 0x0, 0x5}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(0x0)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
rmdir(0x0)
perf_event_open(0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
execve(&(0x7f0000000640)='./file0/file0\x00', &(0x7f0000000400)=[&(0x7f0000000180)='em0\x00', &(0x7f00000001c0)='\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='\x00'], &(0x7f00000005c0)=[&(0x7f0000000440)='user[\x00', &(0x7f0000000480)='user\x00', &(0x7f0000000500)='user]\x00', &(0x7f0000000580)='\x00'])
mkdir(0x0, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r2 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000000)=0xaa850ab34c804c98)
io_setup(0x8, &(0x7f00000004c0)=<r3=>0x0)
io_submit(r3, 0xc2, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x10000}])
ioctl$TCSETXF(0xffffffffffffffff, 0x5434, &(0x7f0000000100)={0x0, 0x0, [0x0, 0xaa4]})
rt_tgsigqueueinfo(0x0, 0x0, 0x38, &(0x7f0000000680)={0x2c, 0x7})

20:04:09 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x18, 0x0)

20:04:09 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:04:09 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x2)

20:04:09 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r3 = socket(0x5, 0x800, 0xfc)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r4 = socket(0x10, 0x2, 0x0)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r5, 0x8983, &(0x7f0000000000)={0x8, 'syzkaller0\x00', {'bond0\x00'}, 0x3})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0x0, 0x0, r6)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000240)=ANY=[@ANYRES64=r0, @ANYRESHEX, @ANYPTR64=&(0x7f0000000280)=ANY=[@ANYRES16=r1, @ANYPTR64=&(0x7f0000000000)=ANY=[], @ANYRES32=0x0, @ANYPTR=&(0x7f0000000640)=ANY=[@ANYBLOB="728c07ffae4f87b56886e362a5522461b32b959afa7ed430f129899358c2290a464977033b5ef7ad8b9869175473bcfb89198c9d893cef2f2d4e3c1017022501375a4ca28ac4f8a9aa35958a6eaf84aebbc0f493b7fbe0774890dc666a69f6c8c6dd6dcdcde8367edfdf0a06cce76c96956d527207dc9d2fe6bcccbe81aa2739aa35f3167f646f4ff152720399df9a6e039de4dd58006da25bb8e318ef5560ab2390232e8c51fb65d60f", @ANYRESDEC=r6, @ANYPTR64, @ANYPTR, @ANYPTR64, @ANYRES64=r2, @ANYBLOB="3747b77e12cc200069de99038ee042966954c7ad7783cbb3149b49171f395717079efcb96834387703e88e319d3c96707080127ac15d", @ANYRES32=r1, @ANYBLOB="14adfcd180bd9b9e195bb6f608cbfd562d5da51fb4794c90b38491e5bb435ef33211b2eb24c316d032f5a1576e6c7584a1cd4064367bbe1447f9387ef2a47f039b9e4c5b68dfa9e4a3a1807a1c5b2075e3235e7374c8066b0aa2e2402657eee29f892c1e1e6c1e1a3ed95e8c04fbde2b5c46e8a9927d3c582d4f2ada9a93c7b92b1de9f94adeeef1a4bab5f560309018f8c97333dcac243066f08905d43827f9ea81df9fbfe1daf3981d70a9c58b7d1a35fb9a603ddb51bcd4dd189fe17a36a3650ff9f010552049aef4d75731b6b987360a3ae5ca5f79ce526947fcdced43b7097174092921f7fc4d9506335028ea2953cc1ff3fbb15bc57e613618111f1b96b8ea33e5ee4546bef84daf390060b5618c0b19269a378e839d49854dc72bf6ef7716b6fa", @ANYPTR64], @ANYBLOB="d6ce52c573dbc9fd7c90238e5880f6ecc482cb9e1a6d9aed6f18327f41796186fa8ddab2c5d691fbb1258befb28973cc8624c09bed2de6e5862f252ae64e1662770544144d3ded7dc2286d48cae8913c7a0633a90fb0dd3ac781d3ffb37e6a787f3330f15715c6cfbf7bae87091db8eccc4cede88f3a6d63e750e706f750d353f0c5acec9c2ac7293a7c477edbf26ebc3521b32e2db02e46a3c62f9812a5e4add3535f56bc0e06cb8a52dc58d4021dad5d915493ab99e2fe36b18c5ca84af700b95c6014ee7eb1c6eddda2111046debcaf89485ae462a6ee3bc5f5473c8a080f79f0f55e50741c4ff03fc850", @ANYPTR64], @ANYRES16=r3], 0x4)

20:04:09 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:04:09 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x34000}], 0x1}, 0x60)

20:04:09 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x18, 0x0)

20:04:10 executing program 0:
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fe, 0x0, 0x0, 0x4d}, 0x10)
sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x3}, 0x80, 0x0}}], 0x2, 0x0)

20:04:10 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, 0x0}, 0x60)

20:04:10 executing program 4:
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet(0x2, 0x3, 0x29)
socket$l2tp(0x18, 0x1, 0x1)
syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f24a3aa81d36b26fbfebc41056bd8174b7960317142fa9ea41d8123741c4e345c652fbc1626cca2a21a69774e50ae0209e62f51ee988e6e06c8206ac69306c404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e9ef8f6e3968f200e011ea665c45a3449abe802f5ab3e09cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f00000000000000000100719e00000000000006a10f58fa64533500000000000000000000000031000000000000000000e75a89faff01210cce39bf405f1e846c12423a164a33e6fdeb6f26dc7add60b318778f90047f6d5bc24fef5d7d617de7a6520655a80d608df4d433623c850af895abba14f6fbd7fbad2a431ab9142f3a06d54740a46792cbf4609646b6c5c29647d2f90000000000000000000000000000000000000000000100e659599ab9522ab5b972cdec742841042266cd8c84f3af90de4d9c8b842141bad887e1f3e16a24796599c30cf72686d9b16696851a343c087085896c7faddf259e520bedc3043c5cf3a5e6c0a7f459ee90d6e526a05ed2ccf2359aaf5d38d3c178ed50fdbed374dba1ae4a2f51f4438c91dcc3e43a37facdb9"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x2, 0xe80, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xb1, 0x0, &(0x7f00000003c0)="14be1519cbadc73050e32edbd47efd676987a6716a741a33c8957714fbfe696a8930600438ca34510bd90bbd6f787f487b52d80fc15b8d41cb077ea172fbcbcd66c1278422573df982a20a9d92c21c7baeba610f9434380cbb5703e5397d6efd14fd2dfcbae47a1f2cc5cf639af66b732c89bfe97beac2d371530a12a22bc9248afd660de0e1cb6c00eeb4b58ba317790404feba733321930c9547340100ac5735542b3f99ba8a43539694db2535358281"}, 0x40)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10005, 0x0)
write$P9_RLOPEN(0xffffffffffffffff, 0x0, 0x0)

20:04:10 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x4)

[  851.088682][    C0] net_ratelimit: 20 callbacks suppressed
[  851.094569][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  851.100580][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  851.107524][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  851.113717][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  851.119729][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  851.125544][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  851.168753][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  851.176381][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  851.568667][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  851.574820][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:04:19 executing program 5:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}, 0xfffffffd}], 0x1, 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000740)={0x0, 0x0, 0x3, 0x0, [], [{0x2677, 0x3f, 0x0, 0x8, 0x0, 0x5}, {0xfffffffb, 0x10000, 0x8, 0xf5cb, 0x56b7, 0x8001}], [[], [], []]})
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='loginuid\x00')
preadv(r0, &(0x7f00000017c0), 0x1b4, 0x500000000000000)

20:04:19 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, 0x0}, 0x60)

20:04:19 executing program 0:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x400}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000580), 0x10000005c)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
getpid()
write$P9_RLCREATE(r1, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @local}, 0x10)
pipe(0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
write$P9_ROPEN(r0, &(0x7f0000000040)={0x18}, 0x18)
sendto$inet(r0, &(0x7f0000000480)="8b", 0x1, 0xfffffffffffffffd, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000005d00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

20:04:19 executing program 4:
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
socket$l2tp(0x18, 0x1, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f24a3aa81d36b26fbfebc41056bd8174b7960317142fa9ea41d8123741c4e345c652fbc1626cca2a21a69774e50ae0209e62f51ee988e6e06c8206ac69306c404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e9ef8f6e3968f200e011ea665c45a3449abe802f5ab3e09cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f00000000000000000100719e00000000000006a10f58fa64533500000000000000000000000031000000000000000000e75a89faff01210cce39bf405f1e846c12423a164a33e6fdeb6f26dc7add60b318778f90047f6d5bc24fef5d7d617de7a6520655a80d608df4d433623c850af895abba14f6fbd7fbad2a431ab9142f3a06d54740a46792cbf4609646b6c5c29647d2f90000000000000000000000000000000000000000000100e659599ab9522ab5b972cdec742841042266cd8c84f3af90de4d9c8b842141bad887e1f3e16a24796599c30cf72686d9b16696851a343c087085896c7faddf259e520bedc3043c5cf3a5e6c0a7f459ee90d6e526a05ed2ccf2359aaf5d38d3c178ed50fdbed374dba1ae4a2f51f4438c91dcc3e43a37facdb9"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x2, 0xe80, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xb1, 0x0, &(0x7f00000003c0)="14be1519cbadc73050e32edbd47efd676987a6716a741a33c8957714fbfe696a8930600438ca34510bd90bbd6f787f487b52d80fc15b8d41cb077ea172fbcbcd66c1278422573df982a20a9d92c21c7baeba610f9434380cbb5703e5397d6efd14fd2dfcbae47a1f2cc5cf639af66b732c89bfe97beac2d371530a12a22bc9248afd660de0e1cb6c00eeb4b58ba317790404feba733321930c9547340100ac5735542b3f99ba8a43539694db2535358281"}, 0x40)

20:04:19 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x7)

20:04:19 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:04:19 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, 0x0}, 0x60)

20:04:19 executing program 4:
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
socket$l2tp(0x18, 0x1, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f24a3aa81d36b26fbfebc41056bd8174b7960317142fa9ea41d8123741c4e345c652fbc1626cca2a21a69774e50ae0209e62f51ee988e6e06c8206ac69306c404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965c39e9ef8f6e3968f200e011ea665c45a3449abe802f5ab3e09cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8580218ce740068720000074e468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f00000000000000000100719e00000000000006a10f58fa64533500000000000000000000000031000000000000000000e75a89faff01210cce39bf405f1e846c12423a164a33e6fdeb6f26dc7add60b318778f90047f6d5bc24fef5d7d617de7a6520655a80d608df4d433623c850af895abba14f6fbd7fbad2a431ab9142f3a06d54740a46792cbf4609646b6c5c29647d2f90000000000000000000000000000000000000000000100e659599ab9522ab5b972cdec742841042266cd8c84f3af90de4d9c8b842141bad887e1f3e16a24796599c30cf72686d9b16696851a343c087085896c7faddf259e520bedc3043c5cf3a5e6c0a7f459ee90d6e526a05ed2ccf2359aaf5d38d3c178ed50fdbed374dba1ae4a2f51f4438c91dcc3e43a37facdb9"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r1, 0x2, 0xe80, 0x0, &(0x7f0000001140)="afa55ea5081d1dc7610da2290f9e", 0x0, 0x737, 0x0, 0x0, 0xb1, 0x0, &(0x7f00000003c0)="14be1519cbadc73050e32edbd47efd676987a6716a741a33c8957714fbfe696a8930600438ca34510bd90bbd6f787f487b52d80fc15b8d41cb077ea172fbcbcd66c1278422573df982a20a9d92c21c7baeba610f9434380cbb5703e5397d6efd14fd2dfcbae47a1f2cc5cf639af66b732c89bfe97beac2d371530a12a22bc9248afd660de0e1cb6c00eeb4b58ba317790404feba733321930c9547340100ac5735542b3f99ba8a43539694db2535358281"}, 0x40)

20:04:19 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)}, 0x60)

20:04:19 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x8)

20:04:19 executing program 4:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000300))
pipe(&(0x7f0000001280))
socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
socket$inet6(0xa, 0x6, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r1=>0x0})
perf_event_open(&(0x7f0000000180)={0x4, 0xff78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0)

[  857.328598][    C0] net_ratelimit: 20 callbacks suppressed
[  857.328607][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  857.340616][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  857.346669][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  857.352519][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  857.358576][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  857.364887][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  857.408658][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  857.414522][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:04:19 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)}, 0x60)

[  857.818615][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  857.824679][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  863.568643][    C0] net_ratelimit: 20 callbacks suppressed
[  863.568650][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  863.581348][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  863.587169][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  863.593076][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  863.598955][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  863.604723][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  863.658742][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  863.664892][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  864.048673][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  864.054979][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:04:30 executing program 5:
keyctl$KEYCTL_PKEY_SIGN(0x1b, 0x0, 0x0, &(0x7f0000001c40)="9564a3dd6bc12200b120d6b0be", 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0xffdf}], 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x40)

20:04:30 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x9)

20:04:30 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)}, 0x60)

20:04:30 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = openat$ion(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ion\x00', 0x0, 0x0)
r2 = syz_open_dev$dri(0x0, 0x0, 0x0)
r3 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f0000000040)={0xa925, 0x2b, 0x0, <r4=>0xffffffffffffffff})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x2042, 0xa)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={<r7=>0x0, 0xffffffff}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r6, 0x84, 0x1b, &(0x7f0000000280)={r7, 0xeb, "0c92394775817dfcf7ea4a85f51f74bf2425cc4415bd4f2add426801316538d8a249d2570c1773930fa633f6dbe51f66c3d7340d143d4d0c4f20145713acc1562371b47b6883a255f980e33c67d9ee2b758bb4c30114686c2d74b972f0442b60b1dbf7d27188307ae0318292d3be23c1b67743d4e14a294b7729bf2950e594525ceea8bc64c9d574dbdc18094068529b1df829c0b0439f2a4a32a65ba6bd1fa97c3751aa73f5c0aba8d06226ac9e653c413d187212e96d2eb0c9224ea5e172e0f596ad5f029cd222f0be395ad6ed2d2a426b0c7d0ebf0d7656bcd457d5e5b4bc54140762f89678da56f972"}, &(0x7f0000000380)=0xf3)
r8 = dup2(r5, r5)
r9 = semget$private(0x0, 0x8, 0x10)
semtimedop(r9, &(0x7f0000000000)=[{}], 0x1, 0x0)
semop(r9, &(0x7f00000001c0), 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x7ffffffc)
r10 = dup(r4)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f00000000c0)={<r11=>0x0, 0x0, r10})
ioctl$DRM_IOCTL_GEM_CLOSE(r2, 0xfff3ffb3, &(0x7f0000000100)={r11, 0x7000000})
openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0)
dup3(r1, r2, 0x0)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r12, 0x40086602, &(0x7f0000000080))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x2aa500, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r12, 0x80046402, &(0x7f0000000080)=0x4)
r13 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
ioctl$FS_IOC_GETFSMAP(r13, 0xc0c0583b, &(0x7f0000000440)={0x0, 0x0, 0x9, 0x0, [], [{0x6, 0xffffff1a, 0x4, 0x9, 0xf48, 0x5}, {0x3, 0x2, 0x4e, 0x8000, 0xff, 0x1}], [[], [], [], [], [], [], [], [], []]})
write(r0, &(0x7f0000000180)="8703f1911cae610923daf6f21fa7678ca8532b8df1292550455b30ff0e8f019080ac056af105f917b7a549700f33f1", 0x2f)

20:04:30 executing program 0:
r0 = socket$inet6(0x10, 0x100000000000003, 0x0)
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r1, 0x4, 0xffffffffffffffff, 0x8)
r2 = syz_open_procfs(r1, &(0x7f0000000000)='\xab\xd3\x18%@#\xb7\x14')
write$P9_RSTAT(r2, &(0x7f0000000080)={0x7f, 0x7d, 0x1, {0x0, 0x78, 0x8, 0xa4, {0x0, 0x1, 0x6}, 0x2000000, 0x5, 0x8, 0x0, 0x10, 'keyringproceth1@', 0x14, 'mime_typeeth0%vmnet1', 0x17, '%@(posix_acl_access@%-$', 0xa, ']mime_type'}}, 0x7f)
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="5500000018007fafb72d1cb2a4a2809302062c0000a84309c025244d2500080008000a00492c2095d13936af28f1c46b7b31afdc1338d54400009b84136ef75afb83de448daa7227c43ab8220000bf0cec6bab91d4", 0xb8}], 0x1}, 0x0)

20:04:30 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:04:30 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{0x0}], 0x1}, 0x60)

[  868.504208][T13335] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.0'.
20:04:30 executing program 4:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x7fff, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
io_setup(0x83, &(0x7f00000003c0)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x3, 0x1, 0x0, r1, &(0x7f0000000000), 0x3000}])
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0x32600)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000400)={{{@in6, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@remote}, 0x0, @in=@multicast1}}, &(0x7f0000000100)=0xe8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x840020, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno'}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'vfat\x00'}}, {@posixacl='posixacl'}], [{@pcr={'pcr', 0x3d, 0x9}}, {@subj_user={'subj_user', 0x3d, 'eth1&-Vvmnet1\xca[(\xd8^^#systemtrustednodev\'\'trusted'}}, {@subj_user={'subj_user', 0x3d, '-#/\'${^'}}, {@seclabel='seclabel'}, {@euid_gt={'euid>', r5}}, {@context={'context', 0x3d, 'root'}}]}})

20:04:30 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0xa)

20:04:30 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', <r2=>0x0})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_MASTER={0x8, 0xa, r2}]}, 0x28}}, 0x0)
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
sendmsg$nl_route(r5, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)=@mpls_delroute={0x148, 0x19, 0x10, 0x70bd28, 0x25dfdbfc, {0x1c, 0x402ec653e4619f90, 0x14, 0x4, 0xff, 0x2, 0x3e0ac262643e94da, 0x9, 0x7943c0433c4c5113}, [@RTA_DST={0x8, 0x1, {0xd8, 0x0, 0x1}}, @RTA_VIA={0x14, 0x12, {0x10, "0a870410db7b53ebb7204df0c923"}}, @RTA_NEWDST={0x84, 0x13, [{0x8, 0x0, 0x1}, {0x4}, {0x7fff}, {0x9}, {0x5}, {0x8}, {0x2}, {0x200, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x1f, 0x0, 0x1}, {0x1000, 0x0, 0x1}, {0x4, 0x0, 0x1}, {0x80}, {0x9, 0x0, 0x1}, {0x20, 0x0, 0x1}, {0x4}, {0x7ff, 0x0, 0x1}, {0x2d}, {0x1f}, {0xc0, 0x0, 0x1}, {0x100}, {0x9}, {0xa7cb, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x1000}, {0x1, 0x0, 0x1}, {0x6}, {0x8000}, {0x101}, {0x100}, {0x81}, {0x5}]}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0xff}, @RTA_NEWDST={0x84, 0x13, [{0x0, 0x0, 0x1}, {0x7}, {0x2000}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0x8000, 0x0, 0x1}, {0x7}, {0x3, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x10000, 0x0, 0x1}, {0x1}, {0x4a}, {0x8, 0x0, 0x1}, {0x40, 0x0, 0x1}, {0xfe, 0x0, 0x1}, {0x416}, {0x7}, {0x9}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x200}, {0x6, 0x0, 0x1}, {0x6}, {0x40}, {0x5}, {0x7}, {0x2}, {0x7ff}, {0x7f, 0x0, 0x1}, {0x1ff, 0x0, 0x1}, {0x6}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)

20:04:30 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{0x0}], 0x1}, 0x60)

[  868.744690][T13352] bond0: cannot enslave bond to itself.
[  868.813825][T13350] attempt to access beyond end of device
[  868.820002][T13350] loop4: rw=2049, want=78, limit=63
[  868.827003][T13350] Buffer I/O error on dev loop4, logical block 77, lost async page write
[  868.844949][T13350] attempt to access beyond end of device
20:04:31 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{0x0}], 0x1}, 0x60)

[  868.859660][T13361] bond0: cannot enslave bond to itself.
[  868.878576][T13350] loop4: rw=2049, want=79, limit=63
[  868.883853][T13350] Buffer I/O error on dev loop4, logical block 78, lost async page write
[  868.897237][T13350] attempt to access beyond end of device
[  868.905667][T13350] loop4: rw=2049, want=80, limit=63
[  868.916034][T13350] Buffer I/O error on dev loop4, logical block 79, lost async page write
[  868.994026][T13350] attempt to access beyond end of device
[  869.012486][T13350] loop4: rw=2049, want=81, limit=63
[  869.024399][T13350] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  869.038113][T13350] attempt to access beyond end of device
[  869.045432][T13350] loop4: rw=2049, want=130, limit=63
[  869.057873][T13350] Buffer I/O error on dev loop4, logical block 129, lost async page write
[  869.072977][T13350] attempt to access beyond end of device
[  869.078813][T13350] loop4: rw=2049, want=131, limit=63
[  869.084141][T13350] Buffer I/O error on dev loop4, logical block 130, lost async page write
[  869.097055][T13350] attempt to access beyond end of device
[  869.102845][T13350] loop4: rw=2049, want=132, limit=63
[  869.108731][T13350] Buffer I/O error on dev loop4, logical block 131, lost async page write
[  869.117531][T13350] attempt to access beyond end of device
[  869.123484][T13350] loop4: rw=2049, want=133, limit=63
[  869.129760][T13350] Buffer I/O error on dev loop4, logical block 132, lost async page write
[  869.138310][T13350] attempt to access beyond end of device
[  869.144052][T13350] loop4: rw=2049, want=142, limit=63
[  869.149534][T13350] Buffer I/O error on dev loop4, logical block 141, lost async page write
[  869.158072][T13350] attempt to access beyond end of device
[  869.164541][T13350] loop4: rw=2049, want=143, limit=63
[  869.169955][T13350] Buffer I/O error on dev loop4, logical block 142, lost async page write
[  869.178680][T13350] attempt to access beyond end of device
[  869.184351][T13350] loop4: rw=2049, want=144, limit=63
[  869.189939][T13350] attempt to access beyond end of device
[  869.195581][T13350] loop4: rw=2049, want=145, limit=63
[  869.201554][T13350] attempt to access beyond end of device
[  869.207202][T13350] loop4: rw=2049, want=153, limit=63
[  869.808619][    C0] net_ratelimit: 20 callbacks suppressed
[  869.814318][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  869.820120][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  869.825981][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  869.831980][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  869.837927][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  869.843745][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  869.891466][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  869.897490][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  870.288655][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  870.294697][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  876.048667][    C0] net_ratelimit: 20 callbacks suppressed
[  876.048675][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  876.060614][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  876.066597][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  876.072489][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  876.078728][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  876.084548][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  876.128706][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  876.134565][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  876.528627][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  876.534507][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:04:41 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)}], 0x1}, 0x60)

20:04:41 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0xb)

20:04:41 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000700)={'team0\x00\x00\x00\x00\x00\x00\x00\xf7\x00', @local})
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000080)='/dev/vhci\x00', 0x0, r1)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0x246)
write$P9_RLERRORu(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX=r1], 0x12)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
bind$netlink(r3, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfe, 0x88000001}, 0xc)

20:04:41 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84)
r1 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
bind$inet6(r0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000159000)={0x1, &(0x7f0000a7dff8)=[{0x6, 0x0, 0x0, 0x6}]}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
ioctl$TIOCMBIC(r2, 0x5417, &(0x7f0000000000)=0xf02d)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x98)

20:04:41 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:04:41 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000540)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r6, 0x0)
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r9, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r11=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r11, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRESOCT, @ANYRES32=r4, @ANYPTR=&(0x7f0000000580)=ANY=[@ANYPTR=&(0x7f00000002c0)=ANY=[@ANYRES64=0x0, @ANYRES16], @ANYRES32=r2, @ANYRESOCT, @ANYRES64, @ANYPTR=&(0x7f0000000440)=ANY=[@ANYPTR64, @ANYRESDEC=r6, @ANYRESDEC=r2, @ANYRES32=r7, @ANYBLOB="84adfe82728449cfebf2b6f3887a7ac8d505c2052ce654c1d02606c30f54ae63caa906c3daaf3dd5c15d268c2bb1b3b79747ff3dbd3d202ab95f5fbac6de9a939228eca11861947bf82831cb14d3fa587e6ca8c4081dea134341327b9ae1578a469fe7f6d736299c431107ef08648e1792a8d15051a0dfe5ea927a5962989d", @ANYPTR64], @ANYRES32=r9, @ANYRESHEX=r11, @ANYBLOB="6e57913fdca260648cee7ff645a4205b56e3d00c82dc8eb6c6fe48d1ec5b98050b3b7809dc14d8e42e0b2e0ac94c1b7eb2e8671e92ba38471547c4dba1d4323feb9aff719808757c3d3b9a2df1b50b485af75336bf414e7b2abb606ee589286f5d59bb7a3b7e2a74e5c75d783b1cc2fecb5ea92fff7e8d641605d1f4d82ef248019bc6efb29a4c24cb3d623ab78fec0000000000", @ANYRESDEC, @ANYRES64]], 0x3}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000002a001f7e0b6490881b24f20000000000", @ANYRES32=r4, @ANYBLOB="009e925b8b250000000800000000000000"], 0x24}}, 0x20000086)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@mpls_delroute={0x34, 0x19, 0x800, 0x70bd27, 0x25dfdbfe, {0x1c, 0x0, 0x10, 0x7, 0x0, 0x6, 0xfe, 0x1, 0x1800}, [@RTA_DST={0x8, 0x1, {0x0, 0x0, 0x1}}, @RTA_OIF={0x8, 0x4, r4}, @RTA_TTL_PROPAGATE={0x8, 0x1a, 0x5b}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000810}, 0x1)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="390000001300250069000007a2e407edab1d05580a000000460b8107a277001419000400d0000020000003f50000003e0000ef38bf461e59d7", 0x330}], 0x1)
r12 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000300)='/proc/capi/capi20ncci\x00', 0x181301, 0x0)
ioctl$EVIOCRMFF(r12, 0x40044581, &(0x7f0000000340)=0x4)

20:04:41 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)}], 0x1}, 0x60)

20:04:42 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x40)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000200)={0x4, 0x200, 0xd7, &(0x7f00000000c0)="5ffc82d6127b0cab64892979b77c8d0beaad39e395491741ccdd8f9c0897bd24bd6e7f8d1b65e9130069c82c45a234df27521c871f9589d14f08fa26072302040165742dcc3190f8e91ecb4387a132bc171cab385665cb075a7be8bf884ba5e3a16e312c5397cd2d3cf1dd8422432dfda295a8c2a908ba476133d51b7ce19389c2a7a6b653cf5c5d9be66c4b8e7eff151bb8ea919fddbb7bb990d028459bc5b92c6f45db831b4fea1f2aa92fa53c923b5fd32c2af7140f819fd55a1a5138a68dd4df5c502436da51b83d42533168deec096a4f36c2cd49"})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xffffffffffffffcc, 0x0, 0x0, 0x663abba741622feb)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000017000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000000)="6635000010000f22e0d70f224d17bad1040f9c930000ef260f01dfbac160b00fee0fec4600673e64660f383db31a0b0000360f01ca", 0xffffff91}], 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_mount_image$ext4(0x0, 0x0, 0x7fff, 0x23d, 0x0, 0x0, 0x0)

20:04:42 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0xe)

20:04:42 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0xb)

20:04:42 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x11)

20:04:42 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0xb)

20:04:42 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x19)

20:04:42 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0xb)

20:04:43 executing program 0:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0x40045010, &(0x7f0000000040))
read$FUSE(r0, &(0x7f00000000c0), 0x1000)
fspick(0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x1)
write$FUSE_LK(0xffffffffffffffff, &(0x7f0000001100)={0x28, 0x0, 0x6, {{0xa4, 0x6, 0x2}}}, 0x28)

20:04:43 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x1c)

[  882.298627][    C0] net_ratelimit: 20 callbacks suppressed
[  882.298634][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  882.310448][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  882.316532][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  882.323212][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  882.329869][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  882.335619][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  882.368702][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  882.374701][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:04:44 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  882.768663][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  882.774528][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  888.528672][    C0] net_ratelimit: 20 callbacks suppressed
[  888.528678][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  888.540668][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  888.546688][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  888.552714][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  888.559137][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  888.565622][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  888.608759][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  888.614644][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  889.008666][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  889.014632][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:04:55 executing program 5:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dlm_plock\x00', 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x6, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video2\x00', 0x2, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0)
openat$cgroup_subtree(r0, &(0x7f0000000000)='cgroup.subtree_control\x00', 0x2, 0x0)
ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000000300))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f00000001c0)={0x4, 0x6})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={0x0, <r3=>0x0})
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x1100000000000000}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0)

20:04:55 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

20:04:55 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000029000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x20000002)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000380)={0x10003, 0x1a778a0dd536a5, 0xf000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f00000002c0)={[0xfffffffffffffffc, 0x981, 0x0, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0xdfd]})
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x1ff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x31f}, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$P9_RWALK(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[], 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x1012, r1, 0x0)
write$P9_RWALK(r1, &(0x7f00000003c0)=ANY=[@ANYRES64], 0x8)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000440)={0xfff, 0xa, 0x4, 0x20000000, 0x0, {0x0, 0xc}, {}, 0x2})
r2 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
dup2(r1, r2)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)="8907", 0x2)
connect$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @broadcast}, 0x10)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x62)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000), 0xfea3)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000002180)=ANY=[@ANYBLOB], &(0x7f0000000f80)=0x1)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000b40)='oom_adj\x00')
ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, 0x0)
ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, &(0x7f0000000100)=0x0)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x80, 0x0, @mcast1={0xff, 0x7}, 0x1329c03}}, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x108)
socket(0x80000000000000a, 0x2, 0x0)
ioctl$VFIO_SET_IOMMU(0xffffffffffffffff, 0x3b66, 0x2)

20:04:55 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)}], 0x1}, 0x60)

20:04:55 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x30)

20:04:55 executing program 0:
mkdir(&(0x7f0000000240)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
r0 = creat(&(0x7f0000000040)='./bus/file1\x00', 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
fsetxattr$security_selinux(r0, &(0x7f00000000c0)='security.selinux\x00', &(0x7f0000000200)='system_u:object_r:etc_aliases_t:s0\x00', 0x23, 0x0)
mount$overlay(0x400000, &(0x7f0000000000)='./bus\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='lowerdir=./bus,workdir=./file1,upperdir=.Jfile0'])
sched_setscheduler(0x0, 0x0, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
pipe(0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfef0)
socket(0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x89a2, 0x0)
waitid(0x0, 0x0, 0x0, 0x2, &(0x7f0000000480))
memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
r1 = gettid()
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000080))
ioctl$VIDIOC_DECODER_CMD(r2, 0xc0485660, &(0x7f0000000300)={0x2, 0x1})
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_GET_REQUEST_TABLE(0xffffffffffffffff, 0x227d, &(0x7f0000000780))
ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0)
syz_open_dev$dmmidi(0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f0000000080)='./bus/file0\x00', &(0x7f0000000140)='./bus/file1\x00')

20:04:55 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x1}], 0x1}, 0x0)

20:04:55 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x60)

[  893.461202][T13450] overlayfs: failed to resolve '.Jfile0': -2
20:04:55 executing program 0:
perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x0, 0x0, 0x40, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000001, 0x81}, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000000200)=""/190)
open(0x0, 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="8da4363ac0ed02000a0000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x23b, 0x10000}], 0x3, 0x0)

[  893.626420][T13450] overlayfs: failed to resolve '.Jfile0': -2
20:04:55 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x65)

20:04:55 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x60)

[  893.767311][T13476] BTRFS error (device loop0): superblock checksum mismatch
[  893.809213][T13476] BTRFS error (device loop0): open_ctree failed
20:04:56 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x1f4)

[  894.768623][    C0] net_ratelimit: 20 callbacks suppressed
[  894.768631][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  894.781087][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  894.786921][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  894.792738][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  894.799102][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  894.805064][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  894.848716][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  894.854676][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  895.248643][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  895.254711][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  901.008641][    C0] net_ratelimit: 20 callbacks suppressed
[  901.008648][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  901.020269][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  901.026090][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  901.031880][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  901.037660][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  901.043415][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  901.088738][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  901.094710][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  901.488641][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  901.494736][    C0] protocol 88fb is buggy, dev hsr_slave_1
20:05:06 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000480)="8be571ccc6deb1796405faffe1ff0fa7be8b1fbab843c84e2306a8188fc30000cf00ba17c05d457952878e43711f97f2", 0x30}], 0x1}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/2, 0x2}, {&(0x7f0000000080)=""/49, 0x31}], 0x2}, 0x0)

20:05:06 executing program 0:
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000100)={0x4, 0x70, 0x0, 0x2, 0x81, 0x8, 0x0, 0x100, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x10000}, 0x10000, 0x9, 0x8001, 0x1, 0xffff, 0x4}, r0, 0x4, 0xffffffffffffffff, 0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x3ff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={[{@fat=@errors_continue='errors=continue'}]})

20:05:06 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x60)

20:05:06 executing program 3:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x3e8)

20:05:06 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x1}], 0x1}, 0x0)

20:05:06 executing program 1:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000002, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000300)}], 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup2(r1, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x20, r0, 0x0, 0x0)

[  904.792190][T13510] ==================================================================
[  904.800738][T13510] BUG: KASAN: use-after-free in __xfrm_decode_session+0x1cfb/0x2e90
[  904.808823][T13510] Read of size 1 at addr ffff88809166e75e by task syz-executor.3/13510
[  904.817064][T13510] 
[  904.819424][T13510] CPU: 1 PID: 13510 Comm: syz-executor.3 Not tainted 5.5.0-rc2-next-20191220-syzkaller #0
[  904.829924][T13510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  904.841024][T13510] Call Trace:
[  904.844310][T13510]  dump_stack+0x197/0x210
[  904.848641][T13510]  ? __xfrm_decode_session+0x1cfb/0x2e90
[  904.848684][T13510]  print_address_description.constprop.0.cold+0xd4/0x30b
[  904.848701][T13510]  ? __xfrm_decode_session+0x1cfb/0x2e90
[  904.848719][T13510]  ? __xfrm_decode_session+0x1cfb/0x2e90
[  904.848737][T13510]  __kasan_report.cold+0x1b/0x41
[  904.848756][T13510]  ? __xfrm_decode_session+0x1cfb/0x2e90
[  904.848781][T13510]  kasan_report+0x12/0x20
[  904.861869][T13510]  __asan_report_load1_noabort+0x14/0x20
[  904.861889][T13510]  __xfrm_decode_session+0x1cfb/0x2e90
[  904.861906][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  904.861921][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  904.862019][T13510]  vti_tunnel_xmit+0x277/0x17e0
[  904.876554][T13504] FAT-fs (loop0): bogus number of reserved sectors
[  904.879269][T13510]  ? vti_rcv_tunnel+0x1a0/0x1a0
[  904.879300][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  904.879316][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  904.879361][T13510]  dev_hard_start_xmit+0x1a3/0x9b0
[  904.879389][T13510]  sch_direct_xmit+0x372/0xd30
[  904.879409][T13510]  ? dev_watchdog+0xca0/0xca0
[  904.879433][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  904.886499][T13504] FAT-fs (loop0): Can't find a valid FAT filesystem
[  904.889557][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  904.889586][T13510]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  904.889604][T13510]  ? sfb_dequeue+0x421/0x4d0
[  904.889625][T13510]  __qdisc_run+0x4bf/0x1770
[  904.889656][T13510]  __dev_queue_xmit+0x1650/0x35c0
[  904.889684][T13510]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  904.889713][T13510]  ? mark_held_locks+0xf0/0xf0
[  905.004044][T13510]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  905.010297][T13510]  ? debug_smp_processor_id+0x33/0x18a
[  905.015937][T13510]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  905.022097][T13510]  ? rcu_read_lock_held_common+0xbd/0x130
[  905.027824][T13510]  dev_queue_xmit+0x18/0x20
[  905.032331][T13510]  ? dev_queue_xmit+0x18/0x20
[  905.037006][T13510]  neigh_direct_output+0x16/0x20
[  905.041943][T13510]  ip6_finish_output2+0x109a/0x25c0
[  905.047148][T13510]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  905.052693][T13510]  ? lock_downgrade+0x920/0x920
[  905.057605][T13510]  ? netif_rx_ni+0x670/0x670
[  905.062266][T13510]  ? __kasan_check_read+0x11/0x20
[  905.067327][T13510]  __ip6_finish_output+0x444/0xaa0
[  905.072451][T13510]  ? __ip6_finish_output+0x444/0xaa0
[  905.077751][T13510]  ip6_finish_output+0x38/0x1f0
[  905.082600][T13510]  ip6_output+0x25e/0x880
[  905.086952][T13510]  ? ip6_finish_output+0x1f0/0x1f0
[  905.092083][T13510]  ? __ip6_finish_output+0xaa0/0xaa0
[  905.097465][T13510]  ? ip6_make_skb+0x370/0x570
[  905.102173][T13510]  ? ip_reply_glue_bits+0xc0/0xc0
[  905.107509][T13510]  ip6_local_out+0xbb/0x1b0
[  905.112181][T13510]  ip6_send_skb+0xbb/0x350
[  905.116806][T13510]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  905.122277][T13510]  ? ip6_forward_finish+0x570/0x570
[  905.127501][T13510]  udpv6_sendmsg+0x22f3/0x2b30
[  905.132413][T13510]  ? ip_reply_glue_bits+0xc0/0xc0
[  905.137636][T13510]  ? udp_v6_get_port+0x6b0/0x6b0
[  905.142572][T13510]  ? __lock_acquire+0x16f2/0x4a00
[  905.147617][T13510]  ? __kasan_check_read+0x11/0x20
[  905.152645][T13510]  ? mark_lock+0xc2/0x1220
[  905.157066][T13510]  ? finish_task_switch+0x147/0x750
[  905.162269][T13510]  ? ___might_sleep+0x163/0x2c0
[  905.167651][T13510]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  905.173555][T13510]  ? aa_sk_perm+0x346/0xb00
[  905.178548][T13510]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  905.184172][T13510]  inet6_sendmsg+0x9e/0xe0
[  905.188674][T13510]  ? inet6_sendmsg+0x9e/0xe0
[  905.193467][T13510]  ? inet6_ioctl+0x1c0/0x1c0
[  905.198082][T13510]  sock_sendmsg+0xd7/0x130
[  905.202523][T13510]  ____sys_sendmsg+0x358/0x880
[  905.207280][T13510]  ? kernel_sendmsg+0x50/0x50
[  905.212073][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  905.217651][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  905.223758][T13510]  ? find_held_lock+0x35/0x130
[  905.228632][T13510]  ___sys_sendmsg+0x100/0x170
[  905.233815][T13510]  ? sendmsg_copy_msghdr+0x70/0x70
[  905.239019][T13510]  ? __kasan_check_read+0x11/0x20
[  905.244056][T13510]  ? __might_fault+0x12b/0x1e0
[  905.248861][T13510]  ? find_held_lock+0x35/0x130
[  905.254293][T13510]  ? __might_fault+0x12b/0x1e0
[  905.259093][T13510]  ? do_dup2+0x4f0/0x4f0
[  905.263351][T13510]  ? lock_downgrade+0x920/0x920
[  905.268234][T13510]  ? ___might_sleep+0x163/0x2c0
[  905.273103][T13510]  __sys_sendmmsg+0x1bf/0x4d0
[  905.277803][T13510]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  905.283049][T13510]  ? _copy_to_user+0x118/0x160
[  905.287821][T13510]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  905.294069][T13510]  ? put_timespec64+0xda/0x140
[  905.298862][T13510]  ? ns_to_kernel_old_timeval+0x100/0x100
[  905.304707][T13510]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  905.310301][T13510]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  905.315894][T13510]  ? do_syscall_64+0x26/0x790
[  905.320578][T13510]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  905.326762][T13510]  ? do_syscall_64+0x26/0x790
[  905.331551][T13510]  __x64_sys_sendmmsg+0x9d/0x100
[  905.336506][T13510]  do_syscall_64+0xfa/0x790
[  905.341023][T13510]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  905.347213][T13510] RIP: 0033:0x45a919
[  905.351462][T13510] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  905.371965][T13510] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  905.380391][T13510] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a919
[  905.388500][T13510] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  905.396658][T13510] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  905.404835][T13510] R10: 00000000000003e8 R11: 0000000000000246 R12: 00007f160d5e46d4
[  905.413008][T13510] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 00000000ffffffff
[  905.420994][T13510] 
[  905.423458][T13510] Allocated by task 9331:
[  905.427974][T13510]  save_stack+0x23/0x90
[  905.432245][T13510]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  905.438045][T13510]  kasan_kmalloc+0x9/0x10
[  905.442511][T13510]  __kmalloc_node_track_caller+0x4e/0x70
[  905.449483][T13510]  __kmalloc_reserve.isra.0+0x40/0xf0
[  905.454876][T13510]  __alloc_skb+0x10b/0x5e0
[  905.459481][T13510]  nsim_dev_trap_report_work+0x25c/0xaf0
[  905.465133][T13510]  process_one_work+0x9af/0x1740
[  905.470807][T13510]  worker_thread+0x98/0xe40
[  905.475510][T13510]  kthread+0x361/0x430
[  905.479705][T13510]  ret_from_fork+0x24/0x30
[  905.484128][T13510] 
[  905.486447][T13510] Freed by task 9331:
[  905.490896][T13510]  save_stack+0x23/0x90
[  905.495562][T13510]  __kasan_slab_free+0x102/0x150
[  905.500515][T13510]  kasan_slab_free+0xe/0x10
[  905.505046][T13510]  kfree+0x10a/0x2c0
[  905.508964][T13510]  skb_free_head+0x93/0xb0
[  905.513387][T13510]  skb_release_data+0x613/0x8c0
[  905.518625][T13510]  skb_release_all+0x4d/0x60
[  905.523223][T13510]  consume_skb+0xfb/0x410
[  905.527656][T13510]  nsim_dev_trap_report_work+0x7cb/0xaf0
[  905.533383][T13510]  process_one_work+0x9af/0x1740
[  905.538334][T13510]  worker_thread+0x98/0xe40
[  905.542938][T13510]  kthread+0x361/0x430
[  905.547229][T13510]  ret_from_fork+0x24/0x30
[  905.551637][T13510] 
[  905.553979][T13510] The buggy address belongs to the object at ffff88809166e000
[  905.553979][T13510]  which belongs to the cache kmalloc-4k of size 4096
[  905.568603][T13510] The buggy address is located 1886 bytes inside of
[  905.568603][T13510]  4096-byte region [ffff88809166e000, ffff88809166f000)
[  905.582451][T13510] The buggy address belongs to the page:
20:05:07 executing program 2:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0xa, 0x5, 0x0)
sendmsg(r1, &(0x7f0000000400)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @local, 0x2d}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000280)='m', 0x1}], 0x1}, 0x0)

[  905.588152][T13510] page:ffffea0002459b80 refcount:1 mapcount:0 mapping:ffff8880aa402000 index:0x0 compound_mapcount: 0
[  905.599112][T13510] raw: 00fffe0000010200 ffffea0002322108 ffffea000138ac88 ffff8880aa402000
[  905.607815][T13510] raw: 0000000000000000 ffff88809166e000 0000000100000001 0000000000000000
[  905.616671][T13510] page dumped because: kasan: bad access detected
[  905.623097][T13510] 
[  905.625528][T13510] Memory state around the buggy address:
[  905.631189][T13510]  ffff88809166e600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  905.639420][T13510]  ffff88809166e680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  905.647488][T13510] >ffff88809166e700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  905.655711][T13510]                                                     ^
[  905.662737][T13510]  ffff88809166e780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  905.671645][T13510]  ffff88809166e800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  905.679748][T13510] ==================================================================
[  905.687837][T13510] Disabling lock debugging due to kernel taint
20:05:07 executing program 4:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c)
sendmmsg(r0, &(0x7f000000ac80), 0x66, 0x60)

[  905.694920][T13510] Kernel panic - not syncing: panic_on_warn set ...
[  905.701635][T13510] CPU: 1 PID: 13510 Comm: syz-executor.3 Tainted: G    B             5.5.0-rc2-next-20191220-syzkaller #0
[  905.713633][T13510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  905.723685][T13510] Call Trace:
[  905.726979][T13510]  dump_stack+0x197/0x210
[  905.732328][T13510]  panic+0x2e3/0x75c
[  905.736224][T13510]  ? add_taint.cold+0x16/0x16
[  905.740890][T13510]  ? retint_kernel+0x2b/0x2b
[  905.745609][T13510]  ? trace_hardirqs_on+0x5e/0x240
[  905.750632][T13510]  ? __xfrm_decode_session+0x1cfb/0x2e90
[  905.756394][T13510]  end_report+0x47/0x4f
[  905.760554][T13510]  ? __xfrm_decode_session+0x1cfb/0x2e90
[  905.766191][T13510]  __kasan_report.cold+0xe/0x41
[  905.771037][T13510]  ? __xfrm_decode_session+0x1cfb/0x2e90
[  905.776657][T13510]  kasan_report+0x12/0x20
[  905.781010][T13510]  __asan_report_load1_noabort+0x14/0x20
[  905.786640][T13510]  __xfrm_decode_session+0x1cfb/0x2e90
[  905.792088][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  905.797645][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  905.803629][T13510]  vti_tunnel_xmit+0x277/0x17e0
[  905.808484][T13510]  ? vti_rcv_tunnel+0x1a0/0x1a0
[  905.813336][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  905.818879][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  905.824869][T13510]  dev_hard_start_xmit+0x1a3/0x9b0
[  905.829980][T13510]  sch_direct_xmit+0x372/0xd30
[  905.834815][T13510]  ? dev_watchdog+0xca0/0xca0
[  905.839478][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  905.845024][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  905.851170][T13510]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  905.857392][T13510]  ? sfb_dequeue+0x421/0x4d0
[  905.861980][T13510]  __qdisc_run+0x4bf/0x1770
[  905.866487][T13510]  __dev_queue_xmit+0x1650/0x35c0
[  905.871509][T13510]  ? netdev_core_pick_tx+0x2f0/0x2f0
[  905.876779][T13510]  ? mark_held_locks+0xf0/0xf0
[  905.881532][T13510]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  905.887767][T13510]  ? debug_smp_processor_id+0x33/0x18a
[  905.893221][T13510]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[  905.900662][T13510]  ? rcu_read_lock_held_common+0xbd/0x130
[  905.906455][T13510]  dev_queue_xmit+0x18/0x20
[  905.910951][T13510]  ? dev_queue_xmit+0x18/0x20
[  905.915617][T13510]  neigh_direct_output+0x16/0x20
[  905.920540][T13510]  ip6_finish_output2+0x109a/0x25c0
[  905.925738][T13510]  ? ip6_sk_dst_lookup_flow+0xb00/0xb00
[  905.931354][T13510]  ? lock_downgrade+0x920/0x920
[  905.936191][T13510]  ? netif_rx_ni+0x670/0x670
[  905.940774][T13510]  ? __kasan_check_read+0x11/0x20
[  905.945783][T13510]  __ip6_finish_output+0x444/0xaa0
[  905.950885][T13510]  ? __ip6_finish_output+0x444/0xaa0
[  905.956164][T13510]  ip6_finish_output+0x38/0x1f0
[  905.961001][T13510]  ip6_output+0x25e/0x880
[  905.965489][T13510]  ? ip6_finish_output+0x1f0/0x1f0
[  905.970613][T13510]  ? __ip6_finish_output+0xaa0/0xaa0
[  905.975986][T13510]  ? ip6_make_skb+0x370/0x570
[  905.980648][T13510]  ? ip_reply_glue_bits+0xc0/0xc0
[  905.985666][T13510]  ip6_local_out+0xbb/0x1b0
[  905.990150][T13510]  ip6_send_skb+0xbb/0x350
[  905.994551][T13510]  udp_v6_send_skb.isra.0+0x7b0/0x15b0
[  905.999989][T13510]  ? ip6_forward_finish+0x570/0x570
[  906.005196][T13510]  udpv6_sendmsg+0x22f3/0x2b30
[  906.009954][T13510]  ? ip_reply_glue_bits+0xc0/0xc0
[  906.014963][T13510]  ? udp_v6_get_port+0x6b0/0x6b0
[  906.019899][T13510]  ? __lock_acquire+0x16f2/0x4a00
[  906.024929][T13510]  ? __kasan_check_read+0x11/0x20
[  906.029968][T13510]  ? mark_lock+0xc2/0x1220
[  906.034388][T13510]  ? finish_task_switch+0x147/0x750
[  906.039579][T13510]  ? ___might_sleep+0x163/0x2c0
[  906.044420][T13510]  ? debug_lockdep_rcu_enabled+0x71/0xa0
[  906.051111][T13510]  ? aa_sk_perm+0x346/0xb00
[  906.055624][T13510]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  906.061160][T13510]  inet6_sendmsg+0x9e/0xe0
[  906.065561][T13510]  ? inet6_sendmsg+0x9e/0xe0
[  906.070136][T13510]  ? inet6_ioctl+0x1c0/0x1c0
[  906.074705][T13510]  sock_sendmsg+0xd7/0x130
[  906.079104][T13510]  ____sys_sendmsg+0x358/0x880
[  906.083853][T13510]  ? kernel_sendmsg+0x50/0x50
[  906.088528][T13510]  ? rcu_read_lock_sched_held+0x9c/0xd0
[  906.094061][T13510]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  906.100141][T13510]  ? find_held_lock+0x35/0x130
[  906.104922][T13510]  ___sys_sendmsg+0x100/0x170
[  906.109720][T13510]  ? sendmsg_copy_msghdr+0x70/0x70
[  906.114853][T13510]  ? __kasan_check_read+0x11/0x20
[  906.119954][T13510]  ? __might_fault+0x12b/0x1e0
[  906.125578][T13510]  ? find_held_lock+0x35/0x130
[  906.130332][T13510]  ? __might_fault+0x12b/0x1e0
[  906.135093][T13510]  ? do_dup2+0x4f0/0x4f0
[  906.139328][T13510]  ? lock_downgrade+0x920/0x920
[  906.144166][T13510]  ? ___might_sleep+0x163/0x2c0
[  906.148999][T13510]  __sys_sendmmsg+0x1bf/0x4d0
[  906.153669][T13510]  ? __ia32_sys_sendmsg+0xb0/0xb0
[  906.158681][T13510]  ? _copy_to_user+0x118/0x160
[  906.163431][T13510]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  906.169672][T13510]  ? put_timespec64+0xda/0x140
[  906.174419][T13510]  ? ns_to_kernel_old_timeval+0x100/0x100
[  906.180127][T13510]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  906.185569][T13510]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  906.191033][T13510]  ? do_syscall_64+0x26/0x790
[  906.195717][T13510]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  906.201799][T13510]  ? do_syscall_64+0x26/0x790
[  906.206474][T13510]  __x64_sys_sendmmsg+0x9d/0x100
[  906.211396][T13510]  do_syscall_64+0xfa/0x790
[  906.215883][T13510]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  906.221763][T13510] RIP: 0033:0x45a919
[  906.225651][T13510] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  906.245507][T13510] RSP: 002b:00007f160d5e3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  906.253900][T13510] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a919
[  906.261856][T13510] RDX: 0000000000000066 RSI: 000000002000ac80 RDI: 0000000000000003
[  906.269810][T13510] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  906.278645][T13510] R10: 00000000000003e8 R11: 0000000000000246 R12: 00007f160d5e46d4
[  906.286608][T13510] R13: 00000000004c9267 R14: 00000000004e0fa0 R15: 00000000ffffffff
[  906.295908][T13510] Kernel Offset: disabled
[  906.300371][T13510] Rebooting in 86400 seconds..